Currently immediately upon executing the keymanager.UpdatePolicy transaction, the new policy goes into effect. Since the key manager enclaves don't yet have the new policy, this results in the key manager committee becoming empty, making it unavailable until the next epoch transition.
This should be changed such that the policy is scheduled for activation in the next epoch transition so the key managers have time to update.
To facilitate a future upgrade, this feature should be activated via a key manager consensus parameter that can be enabled via an upgrade handler.
Currently immediately upon executing the
keymanager.UpdatePolicytransaction, the new policy goes into effect. Since the key manager enclaves don't yet have the new policy, this results in the key manager committee becoming empty, making it unavailable until the next epoch transition.This should be changed such that the policy is scheduled for activation in the next epoch transition so the key managers have time to update.
To facilitate a future upgrade, this feature should be activated via a key manager consensus parameter that can be enabled via an upgrade handler.