You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
#3292 partitions ECDSA triples per t in DBCol::TripleV2 while dual-writing to the legacy DBCol::Triple (unprefixed key) for downgrade safety until #3298 drops the legacy column. If, during this transition window, a single node ever runs with two TripleStorages — i.e. two CaitSith domains whose reconstruction_threshold values differ — their dual-writes to the
unprefixed legacy mirror can collide and silently overwrite each other. The consequence is data loss rather than nonce reuse, but it's a real liveness hazard.
The cleanest way to keep that scenario unreachable in 3.11 is for the contract to refuse any operation that would introduce a second CaitSith threshold on the network. Once #3298 lands and the legacy column is gone,
the restriction can be relaxed.
Acceptance Criteria
vote_add_domains rejects a CaitSith DomainConfig whose reconstruction_threshold differs from the network's current CaitSith threshold (i.e. from any already-registered CaitSith domain.
Resharing votes are rejected if they would allow CaitSith domain with different reconstruction_threshold
Background
#3292 partitions ECDSA triples per
tinDBCol::TripleV2while dual-writing to the legacyDBCol::Triple(unprefixed key) for downgrade safety until #3298 drops the legacy column. If, during this transition window, a single node ever runs with twoTripleStorages — i.e. two CaitSith domains whosereconstruction_thresholdvalues differ — their dual-writes to theunprefixed legacy mirror can collide and silently overwrite each other. The consequence is data loss rather than nonce reuse, but it's a real liveness hazard.
The cleanest way to keep that scenario unreachable in 3.11 is for the contract to refuse any operation that would introduce a second CaitSith threshold on the network. Once #3298 lands and the legacy column is gone,
the restriction can be relaxed.
Acceptance Criteria
vote_add_domainsrejects a CaitSithDomainConfigwhosereconstruction_thresholddiffers from the network's current CaitSith threshold (i.e. from any already-registered CaitSith domain.reconstruction_threshold