-
Notifications
You must be signed in to change notification settings - Fork 307
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Mutlisignature protocol amelioration #120
Comments
This is particular true when a transaction has multiple operations (and/or using channels). Example
I can't think of actual use case of the above scenario yet, but it seems the system deemed the 1st operation invalid. |
Reason we did this was because of the quadratic nature of signature verification (which is the most CPU intensive thing we deal with before accepting transactions in consensus - the hints help but they don't help making the worst case). I agree this may be more burden than what it's worth. |
@cesarmak your example should get executed if only P and Q signed this transaction. |
@vogel yes, I've tested a bit on the marginal case; just wanted to point out that some possible scenarios could be rejected. So, is it the proper way to query Horizon on the Account Endpoint, and do a weight checking with the "threshold" & "signers", before trying to submit the transaction? |
Yes, that is the proper way. |
@MonsieurNicolas is it worth reviving this discussion? I agree it's a weird behavior that affects usability, but it feels mildly painful as opposed to detrimental (especially if changing the behavior would hurt performance a good bit). @graydon do you have any thoughts? If we'd be open to discussing this further, I'd like to push this to be an official draft and put it on the docket. |
I have nothing else to add to this thread at this point |
@MonsieurNicolas do you mean "yes, I think this should be revisited but I don't have the bandwidth to look into it/write a CAP" or "no, I don't think the cost of implementation is worth the benefits, and we should close this out and do a better job documenting this." |
Current behavior
When a transaction is signed by more legit signers than required, it will be rejected with 'tx_bad_auth_extra' error.
Proposed behavior
The transaction should be validated and each legit signer should be recorded into the blockchain; Or at least the transaction should get validaded.
Rationale
There's two distinct propositions here:
The text was updated successfully, but these errors were encountered: