Runtime light client consensus verification #3952
Assignees
Labels
c:breaking/runtime
Category: breaking runtime changes
c:runtime
Category: runtime
c:security
Category: security sensitive
Comments
kostko
added
c:runtime
5 tasks
kostko
removed
the
s:needs adr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Now that we have all the infrastructure available, the runtime (when running outside the node's trust domain, e.g. as an enclave) should verify light client proofs of consensus layer state before proceeding to process runtime transactions. This should include the runtime confirming that its RAK/nonce is indeed registered in the consensus layer.
This requires the runtime to have a hardcoded trust anchor to the consensus layer which is probably a combination of the following:
One of the questions to explore in the design is how would the runtime handle a breaking consensus layer upgrade where the chain context changes.
The text was updated successfully, but these errors were encountered: