Skip to content

Allow witness signature collection to fail open #634

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
AlCutter merged 3 commits into from
May 12, 2025
Merged

Allow witness signature collection to fail open #634

AlCutter merged 3 commits into from
May 12, 2025

Conversation

@AlCutter
Copy link
Collaborator

@AlCutter AlCutter commented May 9, 2025

This PR provides what's intended to be a temporary mechanism to enable logs to interact with the witness network in a fail open fashion, whereby they will publish checkpoints & whatever valid witness signatures were obtained for it, regardless of whether the obtained signatures satisfy the specified witness policy.

With this option enabled logs and their clients can start to interact with the witness network in a safe "fail open" fashion as it develops and matures.

AlCutter added 2 commits May 9, 2025 17:35
@AlCutter
Remove unnecessary getter for Witnesses.
5b0ddc8 
This field is now only used within the package, and not by storage
implementations, so no need for a getter anymore.
@AlCutter
Pass FailOpen via a new WitnessOptions arg
1aab8a7
@AlCutter AlCutter added this to the beta milestone May 9, 2025
@AlCutter AlCutter requested a review from mhutchinson May 9, 2025 16:51
@AlCutter AlCutter added the enhancement New feature or request label May 9, 2025
@AlCutter AlCutter requested a review from a team as a code owner May 9, 2025 16:51
mhutchinson
mhutchinson approved these changes May 12, 2025
View reviewed changes
append_lifecycle.go
cp, err = wg.Witness(ctx, cp)
if err != nil {
return nil, err
if !o.witnessOpts.FailOpen {
Copy link
Contributor

@mhutchinson mhutchinson May 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should have metrics so that operators can safely determine when they are able to switch modes.

Copy link
Collaborator Author

@AlCutter AlCutter May 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good idea, done

@AlCutter AlCutter force-pushed the witness_fail_open branch 5 times, most recently from d214fa6 to 788cab2 Compare May 12, 2025 10:35
@AlCutter AlCutter force-pushed the witness_fail_open branch from 788cab2 to db837d2 Compare May 12, 2025 10:38
@AlCutter AlCutter merged commit 7d603eb into transparency-dev:main May 12, 2025
15 checks passed
@AlCutter AlCutter deleted the witness_fail_open branch May 12, 2025 10:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mhutchinson mhutchinson mhutchinson approved these changes

Assignees

@mhutchinson mhutchinson

Labels

enhancement New feature or request

Projects

Trillian Tessera
Status: Done

Milestone

beta

Development

Successfully merging this pull request may close these issues.

2 participants

@AlCutter @mhutchinson