There are two areas where we can be more tolerant of delegate namespaces being missing or not validating:
- Calculating the canonical HEAD
- Fetching from a remote
In 1. the protocol is tolerant in that if the local node does not have the default branch for a delegate, it will still attempt to use any of the delegates it does have to reach the threshold.
This is made safe by ensuring that if the threshold is being updated then the node performing the update must have a threshold of delegates locally in their storage. It also made safe by 2.
In 2. the protocol is tolerant by allowing delegates to be missing from the serving side, as long as they can still meet a threshold of delegates. This is further tolerant, when validating the received data, a threshold of delegates are valid to consider the fetch successful – otherwise it will fail.
There are two areas where we can be more tolerant of delegate namespaces being missing or not validating:
- Calculating the canonical HEAD
- Fetching from a remote
In 1. the protocol is tolerant in that if the local node does not have the default branch for a delegate, it will still attempt to use any of the delegates it does have to reach the threshold.
This is made safe by ensuring that if the threshold is being updated then the node performing the update must have a threshold of delegates locally in their storage. It also made safe by 2.
In 2. the protocol is tolerant by allowing delegates to be missing from the serving side, as long as they can still meet a threshold of delegates. This is further tolerant, when validating the received data, a threshold of delegates are valid to consider the fetch successful – otherwise it will fail.
Changes:
- rebased on latest
- fix documentation
- fix error naming and display message
- rename warnings/failures to validations
Rebase.