From c581c6132e148050314da2799c43592b21c7602c Mon Sep 17 00:00:00 2001 From: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> Date: Tue, 11 Dec 2018 10:12:18 +0000 Subject: [PATCH] Update proposals/1442-state-resolution.md Co-Authored-By: erikjohnston --- proposals/1442-state-resolution.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proposals/1442-state-resolution.md b/proposals/1442-state-resolution.md index 540285ca..ed789215 100644 --- a/proposals/1442-state-resolution.md +++ b/proposals/1442-state-resolution.md @@ -469,7 +469,7 @@ Intuitively using rejected events feels dangerous, however: 2. For a previously rejected event to pass auth there must be a set of state that allows said event. A malicious server could therefore produce a fork where it claims the state is that particular set of state, duplicate the - rejected event to point to that fork, and send the event. At which point the + rejected event to point to that fork, and send the event. The duplicated event will pass auth. Therefore ignoring rejected events wouldn't reduce any potential attack vectors