-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Problem: anyone can call request batch txs #166
Problem: anyone can call request batch txs #166
Conversation
f3c7726
to
3e3f637
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
likely ok, but not sure how the delegate keys are managed internally.
if it's expected to be increasing, many this could be indexed, so one can just do one lookup k.isAuthorized(msg.Signer)
?
delegateKeys := k.getDelegateKeys(ctx) | ||
for _, delegateKey := range delegateKeys { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will there be many delegate keys / keep increasing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm wondering if we should clean up the delegatekeys
for every block at BeginBlocker
so that we could correctly update the valset in gravity module. I didn't see any method for gravity module to delete delegatekeys
.
gravity-bridge/module/x/gravity/abci.go
Lines 19 to 25 in f1b1ef0
func BeginBlocker(ctx sdk.Context, k keeper.Keeper) { | |
cleanupTimedOutBatchTxs(ctx, k) | |
cleanupTimedOutContractCallTxs(ctx, k) | |
createSignerSetTxs(ctx, k) | |
createBatchTxs(ctx, k) | |
pruneSignerSetTxs(ctx, k) | |
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah but it should be fine in our case, for the time being, as we are not planning to have many update in our validator set.
It goes along with the ability to update the delegateKeys once set which is a pending issue
#111
Solution limit this endpoints to only orchestrators and validators