From 8147cc9ce83d50894f9eb3fee5c02d6419bf5c08 Mon Sep 17 00:00:00 2001
From: Martin Hutchinson <mhutchinson@gmail.com>
Date: Wed, 16 Oct 2024 11:22:29 +0100
Subject: [PATCH] Made gatekeeping of new checkpoints more permissive

This change has two main aspects, but they are related. The first is that we now overwrite a checkpoint from a witness even if we have previously seen one of the same size. This allows infrequently updated checkpoints to have fresh witness signature timestamps. The other change is to only check the witness note signature, and not the cosignatureV1. This is a temporary change to allow signatures from the fixed implementation of this signer (https://github.com/transparency-dev/formats/pull/153) to propagate into the distributor storage.
---
 cmd/internal/distributor/distributor.go | 6 +++---
 config/config.go                        | 3 ++-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/cmd/internal/distributor/distributor.go b/cmd/internal/distributor/distributor.go
index f4a6b3b..5912282 100644
--- a/cmd/internal/distributor/distributor.go
+++ b/cmd/internal/distributor/distributor.go
@@ -214,9 +214,9 @@ func (d *Distributor) Distribute(ctx context.Context, logID, witID string, nextR
 				reportInconsistency(oldBs, nextRaw)
 				return status.Errorf(codes.Internal, "old checkpoint for tree size %d had hash %x but new one has %x", newCP.Size, oldCP.Hash, newCP.Hash)
 			}
-			// Nothing to do; checkpoint is equivalent to the old one so avoid DB writes.
-			counterCheckpointUpdateSuccess.WithLabelValues(witID).Inc()
-			return nil
+			// This used to short-circuit here to avoid writes. However, having the most recently witnessed
+			// timestamp available is beneficial to demonstrate freshness.
+			// If there are too many equivalent writes happening, then consider implementing a throttle here.
 		}
 	}
 
diff --git a/config/config.go b/config/config.go
index ec9b99d..50709a6 100644
--- a/config/config.go
+++ b/config/config.go
@@ -81,7 +81,8 @@ func ParseWitnessesConfig(y []byte) (map[string]note.Verifier, error) {
 	}
 	ws := make(map[string]note.Verifier)
 	for _, w := range witCfg.Witnesses {
-		wSigV, err := f_note.NewVerifierForCosignatureV1(w)
+		// TODO(mhutchinson): Upgrade this to f_note.NewVerifierForCosignatureV1
+		wSigV, err := note.NewVerifier(w)
 		if err != nil {
 			return nil, fmt.Errorf("invalid witness public key: %v", err)
 		}