Handle cases where a node sent or not sent a part of the message unexpectedly #46
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #23
The gist of the changes is that now even if a node does not send, say, a direct message, it still signs a
None
value with the corresponding metadata and sends it off in a bundle with the rest of the parts. This way the receiver can assert that the direct part or the echo part should be none, and register a provable error if they aren't.Of course the node could just not send the corresponding part at all (equivalent to sending any other malformed or mal-signed message), but as #39 suggests, we're mostly protecting against nodes with obsolete software, not actively malicious ones.
Changes:
Round::make_echo_broadcast()
,Round::make_direct_message()
,Round::receive_message()
removingOption
s there.Round::make_direct_message_with_artifact()
;Round::make_direct_message()
would be the one most used because most rounds in Synedrion don't actually create an artifact.Artifact::empty()
removed, since now we can just returnNone
.Outstanding questions:
None
leads to the same outcome as a deserialization error on aSome
payload, soDirectMessage::deserialize()
just returns aDirectMessageError
in this case as well, same for the echo broadcast.make_direct_message_with_artifact()
tomake_direct_message()
is a little tricky inRoundOverride
; if the round defines the former, but we override the latter, the override won't be effective. Not sure how to handle that; I really want to keep the artifact-creating method separate since it's not used all that much.None
for an emptyPayload
?