-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix no trusted certificates #523
base: develop
Are you sure you want to change the base?
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## develop #523 +/- ##
=======================================
Coverage 80.6% 80.6%
=======================================
Files 27 27
Lines 1868 1869 +1
=======================================
+ Hits 1506 1507 +1
Misses 231 231
Partials 131 131 ☔ View full report in Codecov by Sentry. |
If it happens at startup, then poet will shutdown with an error. If it happens on a GRPC, I think the whole call should be ineffective - the keys should remain as they were before the call. That's why the |
I'm not sure this is true, e2e tests in spacemeshos/go-spacemesh#6313 got stuck when verifying certificates and just kept re-trying to submit challenges to a poet that would always respond with certificate invalid (because it had 0 trusted certificates in the I still think this should be fixed, or failing to reload certificates will disable PoET to validate any submission even the ones using the certifier that is set in the config. |
Poet should shutdown because an error is bubbled up here: poet/registration/registration.go Lines 165 to 167 in ae0594a
That's not the case. If reloading certificates from a directory goes wrong, the existing list of keys remains untouched. This change actually makes the situation worse by removing all keys but the main one. |
But in the scenario I'm talking about EDIT: and that means my fix isn't complete |
While fixing failing tests in spacemeshos/go-spacemesh#6313 I noticed this issue.
If
filepath.Walk
inLoadTrustedPublicKeys
failsr.trustedCertifierKeys
will not be updated. This means that if this happens during startup no certifier keys will be trusted, not even the one defined in the config.This updates the code in a way such that if loading keys from disk fails at least the certifier key from the config will still be valid to be used for submissions.