tomtau
commented
4 years ago One extra sanity check could be in Info: https://tendermint.com/docs/spec/abci/abci.html#messages -- the info request contains the Tendermint versioning information; this could be checked against some constant in the ABCI server implementation (currently, we maintain this file: https://github.com/tendermint/rust-abci/blob/develop/version.txt but afaik it's not used in runtime)
There are a few protocol assumptions that are currently unchecked / trusted, e.g. the block execution state machine:
This could be encoded in session types: https://github.com/Munksgaard/session-types