You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've observed that validators sign a vote header, which differs from the standard header by excluding certain fields like AppHash. Thus, AppHash isn't included in the validator-signed fields.
Given the light client's inability to replay transactions to calculate AppHash, I assumed this critical value would be part of the vote header's signed fields. However, it appears not to be included, raising concerns about the potential ease of forging the AppHash field by modifying this value alone. Could someone clarify this issue for me? Thanks!
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi team,
I've observed that validators sign a vote header, which differs from the standard header by excluding certain fields like AppHash. Thus, AppHash isn't included in the validator-signed fields.
Given the light client's inability to replay transactions to calculate AppHash, I assumed this critical value would be part of the vote header's signed fields. However, it appears not to be included, raising concerns about the potential ease of forging the AppHash field by modifying this value alone. Could someone clarify this issue for me? Thanks!
Beta Was this translation helpful? Give feedback.
All reactions