This document describes desired behaviour for various failure/completion cases of the DKG.
(the protocol terminates with a local result)
The node completed the DKG process locally without errors and stored its private random beacon key.
The locally computed private random beacon key is consistent with the canonical key vector.
What should we do? Proceed and use the stored key in the next epoch. This is the happy path.
The locally computed private random beacon key is inconsistent with the canonical key vector.
What should we do? Flag in DB that we failed to generate a valid random beacon key for this DKG. Do not sign using this key. Fallback to staking signatures next epoch.
What do we do now? Log a warning. We will sign with the invalid key next epoch.
(the protocol terminates with an error and no local result)
Example: we think many other nodes are malicious
What should we do? Flag in DB that we failed to generate a valid random beacon key for this DKG. Fallback to staking signatures next epoch.
The node completed the DKG process with an unexpected error.
What should we do? Flag in DB that we failed to generate a valid random beacon key for this DKG. Fallback to staking signatures next epoch. Log a warning. We don't crash because the component with an invalid state will no longer be used (this DKG instance is finished).