(Feature) Notifications on new ballots #84
Comments
igorbarinov
changed the title
|
Existing work |
|
I prefer server-side Ethereum events listener to prevent any malicious actions that can be done by validator in local client code.
Two server instances to mitigate these risks:
I could take to work web push notifications server/client part. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem:
validators don't get notifications on new ballots. It may problems in governance where a malicious group of three or more validators will create series of proposals to remove other validators from consensus.
Possible solutions:
Server side or client/cloud side. I propose to implement the feature on client side first, with a combination of UI changes and hooks on deployment side.
Flow:
For deployment, we use Netlify and can reuse
Form handlingfeature which sends filled forms to email.https://www.netlify.com/docs/form-handling/
We should have separate form handlers for
CoreandSokolnetworks.Risks:
A malicious validator can deploy dapp code locally and prevent from
Mitigation: server-side ethereum event listener, subscribed to governance dapps
A malicious validator can prevent form submission. This risk we will mitigate in future
server sideversion of notification service which will subscribe to eventsMitigation: server-side ethereum event listener, subscribed to governance dapps
With server-side deployment, we have new types of risks:
The text was updated successfully, but these errors were encountered: