ADR 007: Solo machine sign bytes
- 2022-08-02: Initial draft
Accepted, applied in v7
06-solomachine implemention up until ibc-go v7 constructed sign bytes using a
DataType which described what type of data was being signed.
This design decision arose from a misunderstanding of the security implications.
It was noted that the proto definitions do not provide uniqueness which is a necessity for ensuring two signatures over different data types can never be the same.
What was missed is that the uniqueness is not provided by the proto definition, but by the usage of the proto definition.
The path provided by core IBC will be unique and is already encoded into the signature data.
Thus two different paths with the same data values will encode differently which provides signature uniqueness.
Furthermore, the current construction does not support the proposed changes in the spec repo to support Generic Verification functions.
This is because in order to verify a new path, a new
DataType must be added for that path.
DataType and change the
DataType in the
SignatureAndData to be
Path field should be bytes.
...Data proto definitions except for
...Data definitions were created previously for each
The proto version of the solo machine proto definitions should be bumped to
This removes an extra layer of complexity from signature construction and allows for support of generic verification.
- Simplification of solo machine signature construction
- Support for generic verification
- Breaks existing signature construction in a non-backwards compatible way
- Solo machines must update to handle the new format
- Migration required for solo machine client and consensus states
No notable consequences