Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reminder: need to set VerifyGenesisSignatures to true on mainnet, #1104

Open
piux2 opened this issue Sep 6, 2023 · 3 comments · May be fixed by #3280
Open

Reminder: need to set VerifyGenesisSignatures to true on mainnet, #1104

piux2 opened this issue Sep 6, 2023 · 3 comments · May be fixed by #3280
Assignees
@Villaquiranm
Milestone
🚀 Mainnet beta la...

Comments

@piux2
Copy link
Contributor

piux2 commented Sep 6, 2023

We need to verifying the signatures of txs in genesis file upon mainnet launch. We might want to set default to true before the release. This could be a backdoor for production

gno/gno.land/pkg/gnoland/app.go

Line 54 in 4bd1789

VerifyGenesisSignatures: false, // for development

@piux2 piux2 added this to the 🚀 main.gno.land milestone Sep 6, 2023
@moul
Copy link
Member

moul commented Sep 6, 2023
edited
Loading

I'm considering changing gnoland start to gnoland dev to facilitate users in crafting custom genesis files for experimentation. Meanwhile, gnoland start will be tailored for production use, having fixed parameters and incorporating VerifyGenesisSignatures.

See #1050 and #1102 for more details.

@moul moul moved this to 🚀 Needed for Launch in 🚀 The Launch [DEPRECATED] Sep 7, 2023
@moul
Copy link
Member

moul commented Oct 15, 2024

This is a simple fix, but we actually want to revert it to continue development.

I suggest making this either a configuration file option that can be changed without patching the codebase or a fuse variable that can be set with a transaction. This way, we can expect a chain to start as false and then, from a specific transaction, change to true, without the ability to revert.

@Kouteki Kouteki moved this from Teritori (unconfirmed) to Teritori (confirmed) in 🍜 Seoul triage Nov 19, 2024
@zivkovicmilos
Copy link
Member

zivkovicmilos commented Nov 27, 2024
edited
Loading

@moul @piux2

Thinking about this issue a bit, I don't think having VerifyGenesisSignatures makes any sense actually.

You need a few things to generate a transaction signature in the genesis.json:

gno/tm2/pkg/std/tx.go

Lines 112 to 117 in 2093d8a

ChainID: chainID,
AccountNumber: accountNumber,
Sequence: sequence,
Fee: tx.Fee,
Msgs: tx.Msgs,
Memo: tx.Memo,

Notice that you can specify all params, apart from the account number, which is dependent on internal chain state (which doesn't exist!). This means we can't actually generate transaction signatures without the chain having state (> block 1), and us knowing what the account number actually is, which is impossible before we start the chain :)

I suggest 2 options:

  • we drop this issue entirely, genesis txs don't have signatures -> this is a valid option and doesn't introduce any security risk, since you need a 2/3+ valid majority to run the chain from the generated genesis anyways
  • we drop account number from the account state. It's a pretty radical idea, but I don't actually see what benefits having the account number gives us -> feat: remove traces of account number from the account object #3213

This was referenced Nov 27, 2024
Closed
Closed
@Kouteki Kouteki moved this from Triage to Todo in 🧙‍♂️gno.land core team Nov 27, 2024
@zxxma zxxma mentioned this issue Nov 27, 2024
Open
@Villaquiranm Villaquiranm linked a pull request Dec 5, 2024 that will close this issue
Draft
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Villaquiranm Villaquiranm

Labels
None yet
Projects
🍜 Seoul triage
Status: Teritori (confirmed)
🧙‍♂️gno.land core team
Status: Todo
🚀 main.gno.land launch 🚀
Status: TODO
Milestone
🚀 Mainnet beta launch
Development

Successfully merging a pull request may close this issue.

feat: add genesis packages with transaction signing Villaquiranm/gno
5 participants
@moul @Kouteki @zivkovicmilos @Villaquiranm @piux2