Review witness handling of empty log states #265
Assignees
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The checkpoint for an empty log (size 0) is a known special case. Consistency proofs from this size don't make sense because the empty hash is not actually a prefix. In essence, anyone that takes a Checkpoint of size 0 must TOFU the next tree size they receive for this log.
transparency-dev/merkle#140 makes a change to make this more explicit. It's likely that when this witness library is updated to pull in that change that witnesses that see a log first at size 0 will fail to verify consistency, based on my reading of the code.
TODO:
Note that this really is an edge case as witnesses are very unlikely to see a log starting in the empty state. By the time logs are added to a witness network, they have always had contents, and this is likely to continue. That said, having a case where the witness can fail to progress for a log is not good and should be fixed.
The text was updated successfully, but these errors were encountered: