Key history proofs should check that previous versions were retired when they should be
Jasleen1 opened this issue · comments
Jasleen1 commented
https://github.com/novifinancial/akd/blob/89da4370094e46234924e1efedfcb01633cfb11c/akd/src/client.rs#L347 includes a check for membership of the stale label but do not check that this label was inserted when the newer version was added. This is a fairly minor change adding lines such as:
if !(H::merge_with_int(H::hash(&crate::EMPTY_VALUE).as_bytes(), proof.epoch)
== previous_val_stale_at_ep.hash_val) {
// Throw error
}
Kevin Lewi commented
Closed by #224