Are receipts a potential security risk for the platform?

From the docs:

The important feature of Receipts is that they don’t contain a signature. All receipts are valid by default. This means if a chunk receives a Receipt that contains token transfer, it will deposit tokens without a need to verify the source of the transfer, because all receipts are considered valid.

If receipts are the primary method for communicating state changes across the network (from one shard to another), wouldn't it be possible for a man-in-the-middle attack to inject invalid receipts and so force unsigned transactions to be applied to the blockchain?

Or am I missing something?

Solution

That would be impossible because all receipts are merklized and the merkle root is contained in the chunk header. Before applying a chunk, the validator first verify that the receipt merkle root matches the one the in chunk header. If it doesn't match then the chunk is invalid and will be challenged.

How to get the account ID for a delegate action in a Near protocol contract?
What warrants an account deletion on the NEAR Protocol
Is there any way to inspect the contents of the RocksDB instance used by NEAR Protocol?
How to get all transaction and user information from bigquery Near and indexer-lake-framework?
How to get all validators in near blockchain through bigQuery?
near-api-js: Contract connection with no sender account
How to delete NEAR account with large state?
Is the block of "genesis_height" a special one in NEAR Protocol?
How to create an account on NEAR protocol?
Command 'near' not found
How to Borsh serialize (in Typescript) arguments to interact with Aurora contract from Near?
Smart contract panicked: cannot read property 'prefix' of undefined\n
How to get all accounts from near protocol blockchain?
Smart Contract in NEAR
Missing blocks in Near Mainnet
How to fix ActionNoPermission
How does NEAR asynchronous actually works?
"gas_burnt" and "tokens_burnt" values in the refund receipt are not zero and are not the same
How to verify ed25519 signature in NEAR Smart contract?
How named accounts works in NEAR
Register and Near smart contracts
Get block height of transaction create account with account id NEAR Protocol
How to transfer non-native token on NEAR blockchain
NEAR-sdk #[near_bindgen] colliding with other macros
how do I verify NEAR login was successful?
Is there a way to list all the subaccounts my account have?
unable to get near protocol transaction status via RPC
Handling exception for invalid json format for `assemblyscript-json` in `JSON.parse`
What is the maximum account name length in NEAR blockchain?
Unable to transfer NEAR tokens between accounts using near-api-js