From b6f8870401dfa540ce3f1a77339a98da6219d202 Mon Sep 17 00:00:00 2001
From: Martin Raszyk <martin.raszyk@dfinity.org>
Date: Wed, 18 Oct 2023 18:24:22 +0200
Subject: [PATCH] fix: bound delegation depth in verify_response

---
 spec/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/index.md b/spec/index.md
index 98351b512..abf0950f0 100644
--- a/spec/index.md
+++ b/spec/index.md
@@ -802,7 +802,7 @@ Given a query (the `content` map from the request body) `Q`, a response `R`, and
     verify_response(Q, R, Cert)
       = verify_cert(Cert) ∧
         ((Cert.delegation = NoDelegation ∧ SubnetId = RootSubnetId ∧ lookup(["subnet",SubnetId,"canister_ranges"], Cert) = Found Ranges) ∨
-         (SubnetId = Cert.delegation.subnet_id ∧ lookup(["subnet",SubnetId,"canister_ranges"], Cert.delegation.certificate) = Found Ranges)) ∧
+         (SubnetId = Cert.delegation.subnet_id ∧ Cert.delegation.certificate.delegation = NoDelegation ∧ lookup(["subnet",SubnetId,"canister_ranges"], Cert.delegation.certificate) = Found Ranges)) ∧
         effective_canister_id ∈ Ranges ∧
         ∀ {timestamp: T, signature: Sig, identity: NodeId} ∈ R.signatures.
           lookup(["subnet",SubnetId,"node",NodeId,"public_key"], Cert) = Found PK ∧