Follow-up from "More robust handling of host's revision+signatures"
The following discussions from !3642 (merged) should be addressed:
-
@DavidVorick started a discussion: (+2 comments) Shouldn't it always be the case that our most recent version is signed? Won't a violation of this be an edge case from previous versions? Do we check before we get to this point that the signatures from the host are valid and include our own signatures? When this happens, we should
log.Println
as long as we expect that this shouldn't happen except with legacy renters. -
@DavidVorick started a discussion: (+2 comments) We are implicitly assuming here that everything else matches as well, such as balances. Should we double check all of the fields just to be sure?
-
@DavidVorick started a discussion: (+2 comments) we should probably return a special error here to indicate that the host appears to be acting maliciously. The response from the renter upstream (TODO) should be to immediately blacklist the host.
-
@DavidVorick started a discussion: (+5 comments) Does this variable get filled out at startup? Does it get updated as the protocol advances?