Skip to content

Retain ROAST self-snapshot mutation evidence#4106

Merged
mswilkison merged 1 commit into
feat/frost-schnorr-migration-scaffoldfrom
codex/retain-roast-self-snapshot-evidence
Jun 22, 2026
Merged

Retain ROAST self-snapshot mutation evidence#4106
mswilkison merged 1 commit into
feat/frost-schnorr-migration-scaffoldfrom
codex/retain-roast-self-snapshot-evidence

Conversation

@mswilkison

@mswilkison mswilkison commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Summary

Fixes a ROAST evidence-retention gap found during the Codex Security scan of PR #3866.

VerifyBundle used to verify every bundled snapshot signature before checking whether the bundle mutated this node's own previously submitted snapshot. That meant a coordinator-signed bundle carrying a mutated self snapshot returned ErrSignatureInvalid before own_snapshot_mutated_in_bundle evidence could be emitted.

This PR moves the self-observation check immediately after the coordinator bundle signature is verified and before the generic per-snapshot signature loop. The bundle still fails closed, but the submitted-vs-bundled evidence is retained first.

Validation

  • go test ./pkg/frost/roast -run TestVerifyBundle_RetainsMutatedSelfSnapshotEvidenceBeforeSignatureFailure -count=1
  • go test ./pkg/frost/roast -count=1
  • git diff --check origin/feat/frost-schnorr-migration-scaffold...HEAD

Notes

The new regression test failed before the ordering fix with:

expected ErrCensorshipDetected, got coordinator: bundle[0]: roast: signature is invalid

After the fix, it passes and verifies that own_snapshot_mutated_in_bundle evidence is retained.

@coderabbitai

coderabbitai Bot commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: ed11a755-48a1-4e28-aabe-d82cb135f128

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch codex/retain-roast-self-snapshot-evidence

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@mswilkison mswilkison changed the title [codex] Retain ROAST self-snapshot mutation evidence Retain ROAST self-snapshot mutation evidence Jun 22, 2026
@mswilkison mswilkison marked this pull request as ready for review June 22, 2026 14:44
@mswilkison mswilkison merged commit 0878f58 into feat/frost-schnorr-migration-scaffold Jun 22, 2026
23 of 25 checks passed
@mswilkison mswilkison deleted the codex/retain-roast-self-snapshot-evidence branch June 22, 2026 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mswilkison