You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently in Oracle.sol within the newOracleClaim() function, the signature from the validator is verified but the message itself is signed by the same address already. This is redundant verification. As @denalimarsh pointed out in #140 :
The signature is used to validate that the validator signed a message containing the prophecy's information, but since the message isn't compared to the prophecy's actual information the check looks to be redundant. Therefore the message and signature could be removed entirely, with the address alone denoting that this validator agrees with the prophecy claim information in event LogNewProphecyClaim. However, retaining the message/signature and parameterizing the validator's address would allow for the aggregation and submission of oracle claims by another party (such as the relayer or the intended recipient).
This issue is to discuss what would be needed to utilize just the signature and whether the benefit of using a third party to execute these transactions on behalf of the validator is worth doing so. The biggest benefit i see is the responsibility of gas payment becomes that of the message executor and not of the validator. This would prevent spamming validators, which would be possible when they were responsible for footing the bill.
Are there other reasons for or against it?
The text was updated successfully, but these errors were encountered:
Currently in
Oracle.sol
within thenewOracleClaim()
function, the signature from the validator is verified but the message itself is signed by the same address already. This is redundant verification. As @denalimarsh pointed out in #140 :This issue is to discuss what would be needed to utilize just the signature and whether the benefit of using a third party to execute these transactions on behalf of the validator is worth doing so. The biggest benefit i see is the responsibility of gas payment becomes that of the message executor and not of the validator. This would prevent spamming validators, which would be possible when they were responsible for footing the bill.
Are there other reasons for or against it?
The text was updated successfully, but these errors were encountered: