-
Notifications
You must be signed in to change notification settings - Fork 981
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce baseline types required to implement validator set updates #273
Introduce baseline types required to implement validator set updates #273
Conversation
I haven't added unit tests to these yet. I might leave that to the next PR (PrepareProposal), since I'll write the validation code then. idk, what do you think? |
There is one more
|
Co-authored-by: James <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
#[derive( | ||
Clone, Debug, BorshSerialize, BorshDeserialize, Serialize, Deserialize, | ||
)] | ||
pub struct Signed<T: BorshSerialize + BorshDeserialize> { | ||
pub struct Signed<T, S = SerializeWithBorsh> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'd be good if we could bound S
here (if it's possible?) so that it's impossible to construct a Signed
with an invalid tag, something like
pub struct Signed<T, S: SignedSerialize<T> = SerializeWithBorsh>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we already tighten Signed
at the impl block starting on line 148. you can only verify signatures of Signed
instances with a tag which implements SignedSerialize
. you can't use the struct itself to instantiate new values, since it has a private field, but you can use Signed::new_from
instead. regardless, we hit the same wall, this instance can't do jack if S
does not implement SignedSerialize
.
tl;dr I don't think this is an issue
Implements the second item of issue #242