Proposer: Include some timestamp/expiration data #27

New Issue

Open

opened 2024-12-19 21:16:26 +00:00 by scjudd · 0 comments

scjudd commented 2024-12-19 21:16:26 +00:00

Member

Copy Link

There's already been a little discussion around this, but for tracking purposes, I'll create an issue.

For the Proposer - Create Transaction Payload docs

How do I know that I've not just been handed a signed transaction request from days/weeks/months ago, asking me to send another million dollars? Should we embed some sort of expiration time in the transaction request? Ideally icepick or whatever downstream tooling would be aware of this and prevent operating on expired, but signed, transaction requests.

There's already been a little discussion around this, but for tracking purposes, I'll create an issue. For the [Proposer - Create Transaction Payload docs](https://git.distrust.co/public/docs/src/commit/57faca72fdb54682ca119f41c3250eee8cf7c795/quorum-key-management/src/generated-documents/level-2/fixed-location/proposer/create-transaction-payload.md#proposer-create-transaction-payload) > How do I know that I've not just been handed a signed transaction request from days/weeks/months ago, asking me to send another million dollars? Should we embed some sort of expiration time in the transaction request? Ideally `icepick` or whatever downstream tooling would be aware of this and prevent operating on expired, but signed, transaction requests.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feat/tamper-proofing-chain-of-custody

coding-standards

feat/quorum-kms

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: public/docs#27

No description provided.