How is an auditor initialized?
masomel opened this issue · 2 comments
Specifically: how does an auditor obtain the initial STR, the directory's prior history and the directory's signing key?
Potential solution: Assuming a directory d
has a list of running auditors, whenever d
generates a new STR(t)
, it broadcasts STR(t)
to all auditors in the list. If an auditor a
observes an STR for d
for the first time, a
sends a request to d
to obtain d
's prior STR history [STR(0), STR(t-1)]
and d
's signing key. a
then verifies d
's prior history, as well as the STR(t) it observed. If these verifications pass, a
stores d
's STR history. At the next epoch when d
broadcasts STR(t+1)
, a
then verifies the STR hash chain as usual.
For now, we have made the decision to pin each tracked server's keys (and initial STRs) in the auditor. This will require manual updating of auditor configurations, but we can enhance this feature once there are more auditors in the system.