|
|
|
|
package committee
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"math/big"
|
|
|
|
|
|
|
|
|
|
"github.com/ethereum/go-ethereum/common"
|
|
|
|
|
"github.com/harmony-one/bls/ffi/go/bls"
|
|
|
|
|
"github.com/harmony-one/harmony/block"
|
|
|
|
|
common2 "github.com/harmony-one/harmony/internal/common"
|
|
|
|
|
shardingconfig "github.com/harmony-one/harmony/internal/configs/sharding"
|
|
|
|
|
"github.com/harmony-one/harmony/internal/params"
|
|
|
|
|
"github.com/harmony-one/harmony/internal/utils"
|
|
|
|
|
"github.com/harmony-one/harmony/numeric"
|
|
|
|
|
"github.com/harmony-one/harmony/shard"
|
|
|
|
|
"github.com/harmony-one/harmony/staking/effective"
|
|
|
|
|
staking "github.com/harmony-one/harmony/staking/types"
|
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// ValidatorListProvider ..
|
|
|
|
|
type ValidatorListProvider interface {
|
|
|
|
|
Compute(
|
|
|
|
|
epoch *big.Int, reader DataProvider,
|
|
|
|
|
) (*shard.State, error)
|
|
|
|
|
ReadFromDB(epoch *big.Int, reader DataProvider) (*shard.State, error)
|
|
|
|
|
GetCommitteePublicKeys(
|
|
|
|
|
committee *shard.Committee,
|
|
|
|
|
) ([]*bls.PublicKey, error)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Reader is committee.Reader and it is the API that committee membership assignment needs
|
|
|
|
|
type Reader interface {
|
|
|
|
|
ValidatorListProvider
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// StakingCandidatesReader ..
|
|
|
|
|
type StakingCandidatesReader interface {
|
|
|
|
|
ReadValidatorInformation(addr common.Address) (*staking.ValidatorWrapper, error)
|
|
|
|
|
ReadValidatorSnapshot(addr common.Address) (*staking.ValidatorWrapper, error)
|
|
|
|
|
ValidatorCandidates() []common.Address
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ChainReader is a subset of Engine.ChainReader, just enough to do assignment
|
|
|
|
|
type ChainReader interface {
|
|
|
|
|
// ReadShardState retrieves sharding state given the epoch number.
|
|
|
|
|
// This api reads the shard state cached or saved on the chaindb.
|
|
|
|
|
// Thus, only should be used to read the shard state of the current chain.
|
|
|
|
|
ReadShardState(epoch *big.Int) (*shard.State, error)
|
|
|
|
|
// GetHeader retrieves a block header from the database by hash and number.
|
|
|
|
|
GetHeaderByHash(common.Hash) *block.Header
|
|
|
|
|
// Config retrieves the blockchain's chain configuration.
|
|
|
|
|
Config() *params.ChainConfig
|
|
|
|
|
// CurrentHeader retrieves the current header from the local chain.
|
|
|
|
|
CurrentHeader() *block.Header
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DataProvider ..
|
|
|
|
|
type DataProvider interface {
|
|
|
|
|
StakingCandidatesReader
|
|
|
|
|
ChainReader
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type partialStakingEnabled struct{}
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
// WithStakingEnabled ..
|
|
|
|
|
WithStakingEnabled Reader = partialStakingEnabled{}
|
|
|
|
|
// ErrComputeForEpochInPast ..
|
|
|
|
|
ErrComputeForEpochInPast = errors.New("cannot compute for epoch in past")
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func preStakingEnabledCommittee(s shardingconfig.Instance) *shard.State {
|
|
|
|
|
shardNum := int(s.NumShards())
|
|
|
|
|
shardHarmonyNodes := s.NumHarmonyOperatedNodesPerShard()
|
|
|
|
|
shardSize := s.NumNodesPerShard()
|
|
|
|
|
hmyAccounts := s.HmyAccounts()
|
|
|
|
|
fnAccounts := s.FnAccounts()
|
|
|
|
|
shardState := &shard.State{}
|
|
|
|
|
// Shard state needs to be sorted by shard ID
|
|
|
|
|
for i := 0; i < shardNum; i++ {
|
|
|
|
|
com := shard.Committee{ShardID: uint32(i)}
|
|
|
|
|
for j := 0; j < shardHarmonyNodes; j++ {
|
|
|
|
|
index := i + j*shardNum // The initial account to use for genesis nodes
|
|
|
|
|
pub := &bls.PublicKey{}
|
|
|
|
|
pub.DeserializeHexStr(hmyAccounts[index].BlsPublicKey)
|
|
|
|
|
pubKey := shard.BlsPublicKey{}
|
|
|
|
|
pubKey.FromLibBLSPublicKey(pub)
|
|
|
|
|
// TODO: directly read address for bls too
|
|
|
|
|
curNodeID := shard.Slot{
|
|
|
|
|
common2.ParseAddr(hmyAccounts[index].Address),
|
|
|
|
|
pubKey,
|
|
|
|
|
nil,
|
|
|
|
|
}
|
|
|
|
|
com.Slots = append(com.Slots, curNodeID)
|
|
|
|
|
}
|
|
|
|
|
// add FN runner's key
|
|
|
|
|
for j := shardHarmonyNodes; j < shardSize; j++ {
|
|
|
|
|
index := i + (j-shardHarmonyNodes)*shardNum
|
|
|
|
|
pub := &bls.PublicKey{}
|
|
|
|
|
pub.DeserializeHexStr(fnAccounts[index].BlsPublicKey)
|
|
|
|
|
pubKey := shard.BlsPublicKey{}
|
|
|
|
|
pubKey.FromLibBLSPublicKey(pub)
|
|
|
|
|
// TODO: directly read address for bls too
|
|
|
|
|
curNodeID := shard.Slot{
|
|
|
|
|
common2.ParseAddr(fnAccounts[index].Address),
|
|
|
|
|
pubKey,
|
|
|
|
|
nil,
|
|
|
|
|
}
|
|
|
|
|
com.Slots = append(com.Slots, curNodeID)
|
|
|
|
|
}
|
|
|
|
|
shardState.Shards = append(shardState.Shards, com)
|
|
|
|
|
}
|
|
|
|
|
return shardState
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func eposStakedCommittee(
|
|
|
|
|
s shardingconfig.Instance, stakerReader DataProvider, stakedSlotsCount int,
|
|
|
|
|
) (*shard.State, error) {
|
|
|
|
|
// TODO Nervous about this because overtime the list will become quite large
|
|
|
|
|
candidates := stakerReader.ValidatorCandidates()
|
|
|
|
|
essentials, blsKeys :=
|
|
|
|
|
map[common.Address]effective.SlotOrder{}, map[shard.BlsPublicKey]struct{}{}
|
|
|
|
|
|
|
|
|
|
utils.Logger().Info().
|
|
|
|
|
Int("staked-candidates", len(candidates)).
|
|
|
|
|
Msg("preparing epos staked committee")
|
|
|
|
|
|
|
|
|
|
shardCount := int(s.NumShards())
|
|
|
|
|
shardState := &shard.State{}
|
|
|
|
|
shardState.Shards = make([]shard.Committee, shardCount)
|
|
|
|
|
hAccounts := s.HmyAccounts()
|
|
|
|
|
shardHarmonyNodes := s.NumHarmonyOperatedNodesPerShard()
|
|
|
|
|
|
|
|
|
|
for i := 0; i < shardCount; i++ {
|
|
|
|
|
shardState.Shards[i] = shard.Committee{uint32(i), shard.SlotList{}}
|
|
|
|
|
for j := 0; j < shardHarmonyNodes; j++ {
|
|
|
|
|
index := i + j*shardCount
|
|
|
|
|
pub := &bls.PublicKey{}
|
|
|
|
|
if err := pub.DeserializeHexStr(hAccounts[index].BlsPublicKey); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
pubKey := shard.BlsPublicKey{}
|
|
|
|
|
if err := pubKey.FromLibBLSPublicKey(pub); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
shardState.Shards[i].Slots = append(shardState.Shards[i].Slots, shard.Slot{
|
|
|
|
|
common2.ParseAddr(hAccounts[index].Address),
|
|
|
|
|
pubKey,
|
|
|
|
|
nil,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if stakedSlotsCount == 0 {
|
|
|
|
|
utils.Logger().Info().
|
|
|
|
|
Int("staked-candidates", len(candidates)).
|
|
|
|
|
Int("slots-for-epos", stakedSlotsCount).
|
|
|
|
|
Msg("committe composed only of harmony node")
|
|
|
|
|
return shardState, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maxBLSKey := stakedSlotsCount / 3
|
|
|
|
|
|
|
|
|
|
// TODO benchmark difference if went with data structure that sorts on insert
|
|
|
|
|
for i := range candidates {
|
|
|
|
|
validator, err := stakerReader.ReadValidatorInformation(candidates[i])
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if validator.EPOSStatus != effective.Active {
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
// TODO(audit): remove the sanity check here; do the sanity check with maxBLSKey before validator change
|
|
|
|
|
if err := validator.SanityCheck(maxBLSKey); err != nil {
|
|
|
|
|
utils.Logger().Info().
|
|
|
|
|
Int("staked-candidates", len(candidates)).
|
|
|
|
|
Err(err).
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
Msg("validator sanity check failed")
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
totalStake := validator.TotalDelegation()
|
|
|
|
|
|
|
|
|
|
found := false
|
|
|
|
|
dupKey := shard.BlsPublicKey{}
|
|
|
|
|
for _, key := range validator.SlotPubKeys {
|
|
|
|
|
if _, ok := blsKeys[key]; ok {
|
|
|
|
|
found = true
|
|
|
|
|
dupKey = key
|
|
|
|
|
} else {
|
|
|
|
|
blsKeys[key] = struct{}{}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if found {
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
const m = "Duplicate bls key found %x, in validator %+v. Ignoring"
|
|
|
|
|
utils.Logger().Info().
|
|
|
|
|
Int("staked-candidates", len(candidates)).
|
|
|
|
|
Msgf(m, dupKey, validator)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
essentials[validator.Address] = effective.SlotOrder{
|
|
|
|
|
totalStake,
|
|
|
|
|
validator.SlotPubKeys,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
electedSlots := effective.Apply(essentials, stakedSlotsCount)
|
|
|
|
|
shardBig := big.NewInt(int64(shardCount))
|
|
|
|
|
|
|
|
|
|
totalEffectiveStake := numeric.ZeroDec()
|
|
|
|
|
|
|
|
|
|
for i := 0; i < len(electedSlots); i++ {
|
|
|
|
|
slot := electedSlots[i]
|
|
|
|
|
shardID := int(new(big.Int).Mod(slot.BlsPublicKey.Big(), shardBig).Int64())
|
|
|
|
|
totalEffectiveStake = totalEffectiveStake.Add(slot.Dec)
|
|
|
|
|
shardState.Shards[shardID].Slots = append(shardState.Shards[shardID].Slots, shard.Slot{
|
|
|
|
|
slot.Address,
|
|
|
|
|
slot.BlsPublicKey,
|
|
|
|
|
&slot.Dec,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if c := len(candidates); c != 0 {
|
|
|
|
|
utils.Logger().Info().
|
|
|
|
|
Int("staked-candidates", c).
|
|
|
|
|
Str("sum-all-effective-stake-by-validators", totalEffectiveStake.String()).
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
Msg("epos based super-committe")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return shardState, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GetCommitteePublicKeys returns the public keys of a shard
|
|
|
|
|
func (def partialStakingEnabled) GetCommitteePublicKeys(
|
|
|
|
|
committee *shard.Committee,
|
|
|
|
|
) ([]*bls.PublicKey, error) {
|
|
|
|
|
if committee == nil {
|
|
|
|
|
return []*bls.PublicKey{}, nil
|
|
|
|
|
}
|
|
|
|
|
allIdentities := make([]*bls.PublicKey, len(committee.Slots))
|
|
|
|
|
for i := range committee.Slots {
|
|
|
|
|
identity := &bls.PublicKey{}
|
|
|
|
|
if err := committee.Slots[i].BlsPublicKey.ToLibBLSPublicKey(
|
|
|
|
|
identity,
|
|
|
|
|
); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
allIdentities[i] = identity
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return allIdentities, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ReadFromDB is a wrapper on ReadShardState
|
|
|
|
|
func (def partialStakingEnabled) ReadFromDB(
|
|
|
|
|
epoch *big.Int, reader DataProvider,
|
|
|
|
|
) (newSuperComm *shard.State, err error) {
|
|
|
|
|
return reader.ReadShardState(epoch)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Compute is single entry point for
|
|
|
|
|
// computing a new super committee, aka new shard state
|
|
|
|
|
func (def partialStakingEnabled) Compute(
|
|
|
|
|
epoch *big.Int, stakerReader DataProvider,
|
|
|
|
|
) (newSuperComm *shard.State, err error) {
|
|
|
|
|
preStaking := true
|
|
|
|
|
if stakerReader != nil {
|
|
|
|
|
config := stakerReader.Config()
|
|
|
|
|
if config.IsStaking(epoch) {
|
|
|
|
|
preStaking = false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
instance := shard.Schedule.InstanceForEpoch(epoch)
|
|
|
|
|
if preStaking {
|
|
|
|
|
// Pre-staking shard state doesn't need to set epoch (backward compatible)
|
|
|
|
|
return preStakingEnabledCommittee(instance), nil
|
|
|
|
|
}
|
|
|
|
|
// Sanity check, can't compute against epochs in past
|
|
|
|
|
if e := stakerReader.CurrentHeader().Epoch(); epoch.Cmp(e) == -1 {
|
|
|
|
|
utils.Logger().Error().Uint64("header-epoch", e.Uint64()).
|
|
|
|
|
Uint64("compute-epoch", epoch.Uint64()).
|
|
|
|
|
Msg("Tried to compute committee for epoch in past")
|
|
|
|
|
return nil, ErrComputeForEpochInPast
|
|
|
|
|
}
|
|
|
|
|
stakedSlots :=
|
|
|
|
|
(instance.NumNodesPerShard() - instance.NumHarmonyOperatedNodesPerShard()) *
|
|
|
|
|
int(instance.NumShards())
|
|
|
|
|
shardState, err := eposStakedCommittee(instance, stakerReader, stakedSlots)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
// Set the epoch of shard state
|
|
|
|
|
shardState.Epoch = big.NewInt(0).Set(epoch)
|
|
|
|
|
staked := shardState.StakedValidators()
|
|
|
|
|
utils.Logger().Info().
|
|
|
|
|
Int("bls-key-count", staked.CountStakedBLSKey).
|
|
|
|
|
Int("validator-one-addr-count", staked.CountStakedValidator).
|
|
|
|
|
Int("max-staked-slots-count", stakedSlots).
|
|
|
|
|
Uint64("computed-for-epoch", epoch.Uint64()).
|
|
|
|
|
Msg("computed new super committee")
|
|
|
|
|
return shardState, nil
|
|
|
|
|
}
|
