Follow-up from "Draft: Proper external validator initialization"
The following discussion from !8039 (merged) should be addressed:
-
@Saroupille started a discussion: It seems to me there is an hidden invariant that:
- We expect the
external_validator
between asend
and a recvit cannot fail. This invariant seems true since the last action for all the requests is a
send` and then it loops. The first thing of a loop is a receive.
It could be nice to:
- document the invariant
- Make the code more secure with respect to this invariant by having only one call to
loop
and one call tosend
This of course can be done as a follow-up.
- We expect the