Skip to content

Enforce Session and Operation Timeouts [HIGH] #1633

Description

@HayimShaul

Description
Every blocking call in the endorsement flow -- waiting for a signer reply, an auditor signature, or a distribution acknowledgement -- must be bounded by a hard deadline. Implement per-session and per-phase timeouts (e.g., via context.WithTimeout or equivalent FSC session deadline APIs) so that a slow, silent, or malicious remote party cannot hold a goroutine and its associated resources indefinitely. When a deadline expires the session must be torn down and its resources released immediately, preventing accumulation of zombie sessions.

Short Summary
Today there is a timeout in the view level and there is no timeout in the lower level (e.g., accessing the DB). Also, check whether all resources are freed on a view timeout.

Metadata

Metadata

Assignees

Labels

Type

Fields

No fields configured for Task.

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions