[pallet-staking] Additional check for virtual stakers (#5985) (be26d628) · Commits · parity / Mirrored projects / polkadot-sdk

Unverified Commit be26d628 authored Nov 05, 2024 by

Ankan Committed by GitHub Nov 05, 2024

[pallet-staking] Additional check for virtual stakers (#5985)



closes https://github.com/paritytech/polkadot-sdk/issues/5791.

This is not strictly necessary but serves as a defensive check.

The staking pallet exposes
[apis](https://paritytech.github.io/polkadot-sdk/master/sp_staking/trait.StakingUnchecked.html#tymethod.virtual_bond)
that other runtime pallets (pallet-delegated-staking) can use to create
virtual stakers. However, there’s no way for pallet-staking to ensure
that the staker is truly keyless. If the caller (this is a trusted
caller so this would only happen due to a bug) registers an account with
a private key as a virtual_staker, these accounts could later interact
directly with pallet-staking dispatchables (such as
[bond_extra](https://paritytech.github.io/polkadot-sdk/master/pallet_staking/dispatchables/fn.bond_extra.html))
and bypass any locking mechanism. The check above ensures this scenario
can never occur by performing an integrity check.

---------

Co-authored-by: Bastian Köcher <[email protected]>
Co-authored-by: command-bot <>

parent 3c6ea86a

Pipeline #504257 waiting for manual action with stages

in 31 minutes and 24 seconds

Hide whitespace changes

Inline Side-by-side

Please register or to comment