|
|
|
|
|
|
by im3w1l
2082 days ago
|
|
|
> In consensus systems, however, any difference in behaviour can be a fatal vulnerability. Another issue can come if you have code like this, and different validations are used. if (signature_valid()) {
// Safe because we already verified signature.
use_signed_message_or_die();
}
In practice the check and usage could be very far apart in the code (maybe using the type system to keep track of verified signatures), or even in different programs. |
|
|