Correct the prior documented TOCTOU

Now, if a malicious validator set publishes a malicious `Batch` at the last moment, it'll cause all future `Batch`s signed by the next validator set to require a bool being set (yet they never will set it). This will prevent the handover. The only overhead is having two distinct `batch_message` calls on-chain.
2025-12-08 12:19:24 +00:00 · 2023-10-13 04:40:59 -04:00
parent e6aa9df428
commit d50fe87801
8 changed files with 45 additions and 21 deletions
--- a/substrate/client/tests/common/in_instructions.rs
+++ b/substrate/client/tests/common/in_instructions.rs
@@ -39,7 +39,8 @@ pub async fn provide_batch(batch: Batch) -> [u8; 32] {

  let block = publish_tx(&Serai::execute_batch(SignedBatch {
    batch: batch.clone(),
-    signature: pair.sign(&batch_message(&batch)),
+    // TODO: This `batch.id == 0` line only works when session == 0
+    signature: pair.sign(&batch_message(batch.id == 0, &batch)),
  }))
  .await;