Add MinSetKeysBond check in rc_client::set_keys#11168
Merged
Merged
Conversation
…n storage spam With minValidatorBond = 0, an attacker can bond ED then loop validate → set_keys → chill to store unlimited session keys on the relay chain at negligible cost. Add a configurable MinSetKeysBond threshold (hardcoded to 10k DOT/WND on asset-hub-westend) that rejects set_keys when active bond is insufficient. Set to 0 to disable (useful e.g. for asset-hub-kusama).
sigurpol
added
T2-pallets
Contributor
Author
|
/cmd prdoc --audience runtime_dev --bump major |
…time_dev --bump major'
sigurpol
commented
Feb 25, 2026
Ank4n
reviewed
Feb 25, 2026
Ank4n
reviewed
Feb 25, 2026
sigurpol
changed the title
kianenigma
approved these changes
Feb 25, 2026
ggwpez
approved these changes
Feb 25, 2026
|
Created backport PR for
Please cherry-pick the changes locally and resolve any conflicts. git fetch origin backport-11168-to-stable2512
git worktree add --checkout .worktree/backport-11168-to-stable2512 backport-11168-to-stable2512
cd .worktree/backport-11168-to-stable2512
git reset --hard HEAD^
git cherry-pick -x 79bc8a968a2eda1ae127740ee1a20ff10e375950
git push --force-with-lease |
paritytech-release-backport-bot Bot
pushed a commit
that referenced
this pull request
Feb 25, 2026
Add a configurable MinSetKeysBond threshold that rejects set_keys when active bond is insufficient. --------- Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com> (cherry picked from commit 79bc8a9)
|
Successfully created backport PR for |
sigurpol
added a commit
that referenced
this pull request
Feb 25, 2026
Backport #11168 into `stable2512` from sigurpol. See the [documentation](https://github.com/paritytech/polkadot-sdk/blob/master/docs/BACKPORT.md) on how to use this bot. <!-- # To be used by other automation, do not modify: original-pr-number: #${pull_number} --> --------- Co-authored-by: Paolo La Camera <paolo@parity.io>
sigurpol
added a commit
that referenced
this pull request
Feb 25, 2026
Backport #11168 into `stable2603` from sigurpol. See the [documentation](https://github.com/paritytech/polkadot-sdk/blob/master/docs/BACKPORT.md) on how to use this bot. <!-- # To be used by other automation, do not modify: original-pr-number: #${pull_number} --> --------- Co-authored-by: Paolo La Camera <paolo@parity.io> Co-authored-by: cmd[bot] <41898282+github-actions[bot]@users.noreply.github.com>
EgorPopelyaev
added a commit
that referenced
this pull request
Feb 25, 2026
fellowship-merge-bot Bot
pushed a commit
to polkadot-fellows/runtimes
that referenced
this pull request
Feb 26, 2026
- Bump election provider multiblock to include [SDK PR#11156](paritytech/polkadot-sdk#11156) : reduce overclaimed proof_size during Signed phase - Bump staking pallets to include [SDK PR#11168](paritytech/polkadot-sdk#11168): add a configurable MinSetKeysBond threshold that rejects set_keys when active bond is insufficient.
arturgontijo
pushed a commit
to moonbeam-foundation/polkadot-sdk
that referenced
this pull request
Apr 1, 2026
Backport paritytech#11168 into `stable2512` from sigurpol. See the [documentation](https://github.com/paritytech/polkadot-sdk/blob/master/docs/BACKPORT.md) on how to use this bot. <!-- # To be used by other automation, do not modify: original-pr-number: #${pull_number} --> --------- Co-authored-by: Paolo La Camera <paolo@parity.io>
arturgontijo
pushed a commit
to moonbeam-foundation/polkadot-sdk
that referenced
this pull request
Apr 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add a configurable MinSetKeysBond threshold that rejects set_keys when active bond is insufficient.