From 4250b834ca5096a9290ca1db95740a725469926a Mon Sep 17 00:00:00 2001 From: Hernando Castano Date: Thu, 21 Jan 2021 04:37:10 -0500 Subject: [PATCH] Explain why we defer signature verification (#668) --- bridges/primitives/header-chain/src/justification.rs | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/bridges/primitives/header-chain/src/justification.rs b/bridges/primitives/header-chain/src/justification.rs index 54a44d9b7ad04..3e4b9043c08a5 100644 --- a/bridges/primitives/header-chain/src/justification.rs +++ b/bridges/primitives/header-chain/src/justification.rs @@ -63,23 +63,25 @@ pub fn verify_justification( where Header::Number: finality_grandpa::BlockNumberOps, { - // decode justification first + // Decode justification first let justification = GrandpaJustification::
::decode(&mut &raw_justification[..]).map_err(|_| Error::JustificationDecode)?; - // ensure that it is justification for the expected header + // Ensure that it is justification for the expected header if (justification.commit.target_hash, justification.commit.target_number) != finalized_target { return Err(Error::InvalidJustificationTarget); } - // validate commit of the justification (it just assumes all signatures are valid) + // Validate commit of the justification. Note that `validate_commit()` assumes that all + // signatures are valid. We'll check the validity of the signatures later since they're more + // resource intensive to verify. let ancestry_chain = AncestryChain::new(&justification.votes_ancestries); match finality_grandpa::validate_commit(&justification.commit, &authorities_set, &ancestry_chain) { Ok(ref result) if result.ghost().is_some() => {} _ => return Err(Error::InvalidJustificationCommit), } - // now that we know that the commit is correct, check authorities signatures + // Now that we know that the commit is correct, check authorities signatures let mut buf = Vec::new(); let mut visited_hashes = BTreeSet::new(); for signed in &justification.commit.precommits {