|
|
|---|
|
|
|
|---|
Transitions for certificate storage.
Here we define the system state transitions
caused by
A certificate storage event involves just one correct validator.
The event identifies, besides a validator address, also a certificate, which is moved from the buffer to the DAG. In addition, if the validator had endorsed the certificate, the author-round pair of the certificate is removed from the set of endorsed author-round pairs; see transitions-create about these pairs.
But in order for this event to happen, the signers of the certificate must form a quorum in the active committee of the certificate's round. Thid checks is needed because an equivocal certificate could be signed by faulty validators and broadcast on the network, and make it to a validator's buffer. The check on signers is critical to prevent equivocation in DAGs (equivocal certificates may be in the network and buffers, but not in DAGs).
In addition, for this event to occur, all the previous certificates referenced by the certificate must be already in the DAG. This serves to preserve the backward closure of DAGs. The rationale, and its relation with AleoBFT implementations, is explained in transitions-receive.
The storage of a certiicate into the DAG may result in advancing the current round of the validator. The rationale is to update a validator that is left behind, but this aspect of the model needs further study (it does not affect safety properties like blockchain non-forking).
A certificate storage event does not involve the network.