From ef1f89281fd0a564f4353514f256c6e2164916b1 Mon Sep 17 00:00:00 2001 From: Marco Granelli Date: Mon, 17 Apr 2023 18:09:23 +0200 Subject: [PATCH] Improves unshielding tx verification in fee specs --- documentation/specs/src/economics/fee-system.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/documentation/specs/src/economics/fee-system.md b/documentation/specs/src/economics/fee-system.md index b48adb0c0e..6b814c9a39 100644 --- a/documentation/specs/src/economics/fee-system.md +++ b/documentation/specs/src/economics/fee-system.md @@ -221,7 +221,13 @@ The first condition can be tested statically and requires that: purposes) The spending key associated with this operation could be relative to any address -as long as the signature of the transfer itself is valid. +as long as the signature of the transfer itself is valid. Verifying that the +origin of the transaction is the same as the wrapper's source would be +impossible anyway for two reasons: + +- the transaction is signed by the `masp` internal address, making it impossible + to check against the public key field of the wrapper +- transparent addresses and spending keys are unrelated If any of the checks fail, the transaction must be discarded. Once these controls have been performed, the block proposer should run the actual transfer