|
|
|
package chain
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"math/big"
|
|
|
|
"sort"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/harmony-one/harmony/internal/params"
|
|
|
|
|
|
|
|
bls2 "github.com/harmony-one/bls/ffi/go/bls"
|
|
|
|
blsvrf "github.com/harmony-one/harmony/crypto/vrf/bls"
|
|
|
|
|
|
|
|
"github.com/ethereum/go-ethereum/common"
|
|
|
|
lru "github.com/hashicorp/golang-lru"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
|
|
|
|
"github.com/harmony-one/harmony/block"
|
|
|
|
"github.com/harmony-one/harmony/consensus/engine"
|
|
|
|
"github.com/harmony-one/harmony/consensus/quorum"
|
|
|
|
"github.com/harmony-one/harmony/consensus/reward"
|
|
|
|
"github.com/harmony-one/harmony/consensus/signature"
|
|
|
|
"github.com/harmony-one/harmony/core/state"
|
|
|
|
"github.com/harmony-one/harmony/core/types"
|
|
|
|
"github.com/harmony-one/harmony/crypto/bls"
|
|
|
|
bls_cosi "github.com/harmony-one/harmony/crypto/bls"
|
|
|
|
"github.com/harmony-one/harmony/internal/utils"
|
|
|
|
"github.com/harmony-one/harmony/shard"
|
|
|
|
"github.com/harmony-one/harmony/shard/committee"
|
|
|
|
"github.com/harmony-one/harmony/staking/availability"
|
|
|
|
"github.com/harmony-one/harmony/staking/slash"
|
|
|
|
staking "github.com/harmony-one/harmony/staking/types"
|
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
verifiedSigCache = 100
|
|
|
|
epochCtxCache = 20
|
|
|
|
vrfBeta = 32 // 32 bytes randomness
|
|
|
|
vrfProof = 96 // 96 bytes proof (bls sig)
|
|
|
|
)
|
|
|
|
|
|
|
|
type engineImpl struct {
|
|
|
|
beacon engine.ChainReader
|
|
|
|
|
|
|
|
// Caching field
|
|
|
|
epochCtxCache *lru.Cache // epochCtxKey -> epochCtx
|
|
|
|
verifiedSigCache *lru.Cache // verifiedSigKey -> struct{}{}
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewEngine creates Engine with some cache
|
|
|
|
func NewEngine() *engineImpl {
|
|
|
|
sigCache, _ := lru.New(verifiedSigCache)
|
|
|
|
epochCtxCache, _ := lru.New(epochCtxCache)
|
|
|
|
return &engineImpl{
|
|
|
|
beacon: nil,
|
|
|
|
epochCtxCache: epochCtxCache,
|
|
|
|
verifiedSigCache: sigCache,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *engineImpl) Beaconchain() engine.ChainReader {
|
|
|
|
return e.beacon
|
|
|
|
}
|
|
|
|
|
[slash][consensus] Notice double sign & broadcast, factor out tech debt of consensus (#2152)
* [slash] Remove dead interface, associated piping
* [slash] Expand out structs
* [consensus] Write to a chan when find a case of double-signing, remove dead code
* [slash] Broadcast the noticing of a double signing
* [rawdb] CRUD for slashing candidates
* [slashing][node][proto] Broadcast the slash record after receive from consensus, handle received proto message, persist in off-chain db while pending
* [slash][node][propose-block] Add verified slashes proposed into the header in block proposal
* [slash][shard] Factor out external validator as method on shard state, add double-signature field
* [slash][engine] Apply slash, name boolean expression for sorts, use stable sort
* [slash] Abstract Ballot results so keep track of both pre and post double sign event
* [slash] Fix type errors on test code
* [slash] Read from correct rawdb
* [slash] Add epoch based guards in CRUD of slashing
* [slash] Write to correct cache for slashing candidates
* [shard] Use explicit named type of BLS Signature, use convention
* [slash] Fix mistake done in refactor, improper header used. Factor out fromSlice to set
* [slash][node] Restore newblock to master, try again minimial change
* [cx-receipts] Break up one-liner, use SliceStable, not Slice
* [network] Finish refactor that makes network message headers once
* [network] Simplify creation further of headers write
* [slash] Adjust data structure of slash after offline discussion with RJ, Chao
* [slash] Still did need signature of the double signature
* [consensus] Prepare message does not have block header
* [consensus] Soft reset three files to 968517d~1
* [consensus] Begin factor consensus network intended message out with prepare first
* [consensus] Factor out Prepared message
* [consensus] Factor out announce message creation
* [consensus] Committed Message, branch on verify sender key for clearer log
* [consensus] Committed Message Factor out
* [consensus] Do jenkins MVP of signatures adjustment
* [main][slash] Provide YAML config as webhook config for double sign event
* [consensus] Adjust signatures, whitespace, lessen GC pressure
* [consensus] Remove dead code
* [consensus] Factor out commit overloaded message, give commit payload override in construct
* [consensus] Fix travis tests
* [consensus] Provide block bytes in SubmitVote(quorum.Commit)
* [consensus] Factor out noisy sanity checks in BFT, move existing commit check earlier as was before
* [quorum] Adjust signatures in quorum
* [staking] Adjust after merge from master
* [consensus] Finish refactor of consensus
* [node] Fix import
* [consensus] Fix travis
* [consensus] Use origin/master copy of block, fix mistake of pointer to empty byte
* [consensus] Less verbose bools
* [consensus] Remove unused trailing mutation hook in message construct
* [consensus] Address some TODOs on err, comment out double sign
5 years ago
|
|
|
// SetBeaconchain assigns the beaconchain handle used
|
|
|
|
func (e *engineImpl) SetBeaconchain(beaconchain engine.ChainReader) {
|
|
|
|
e.beacon = beaconchain
|
|
|
|
}
|
|
|
|
|
|
|
|
// VerifyHeader checks whether a header conforms to the consensus rules of the bft engine.
|
|
|
|
// Note that each block header contains the bls signature of the parent block
|
|
|
|
func (e *engineImpl) VerifyHeader(chain engine.ChainReader, header *block.Header, seal bool) error {
|
|
|
|
parentHeader := chain.GetHeader(header.ParentHash(), header.Number().Uint64()-1)
|
|
|
|
if parentHeader == nil {
|
|
|
|
return engine.ErrUnknownAncestor
|
|
|
|
}
|
|
|
|
if seal {
|
|
|
|
if err := e.VerifySeal(chain, header); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// VerifyHeaders is similar to VerifyHeader, but verifies a batch of headers
|
|
|
|
// concurrently. The method returns a quit channel to abort the operations and
|
|
|
|
// a results channel to retrieve the async verifications.
|
|
|
|
// WARN: Do not use VerifyHeaders for now. Currently a header verification can only
|
|
|
|
// success when the previous header is written to block chain
|
|
|
|
// TODO: Revisit and correct this function when adding epochChain
|
|
|
|
func (e *engineImpl) VerifyHeaders(chain engine.ChainReader, headers []*block.Header, seals []bool) (chan<- struct{}, <-chan error) {
|
|
|
|
abort, results := make(chan struct{}), make(chan error, len(headers))
|
|
|
|
|
|
|
|
go func() {
|
|
|
|
for i, header := range headers {
|
|
|
|
err := e.VerifyHeader(chain, header, seals[i])
|
|
|
|
|
|
|
|
select {
|
|
|
|
case <-abort:
|
|
|
|
return
|
|
|
|
case results <- err:
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
|
|
|
|
|
|
|
return abort, results
|
|
|
|
}
|
|
|
|
|
|
|
|
// VerifyShardState implements Engine, checking the shardstate is valid at epoch transition
|
|
|
|
func (e *engineImpl) VerifyShardState(
|
|
|
|
bc engine.ChainReader, beacon engine.ChainReader, header *block.Header,
|
|
|
|
) error {
|
|
|
|
if bc.ShardID() != header.ShardID() {
|
|
|
|
return errors.Errorf(
|
|
|
|
"[VerifyShardState] shardID not match %d %d", bc.ShardID(), header.ShardID(),
|
|
|
|
)
|
|
|
|
}
|
|
|
|
headerShardStateBytes := header.ShardState()
|
|
|
|
// TODO: figure out leader withhold shardState
|
|
|
|
if len(headerShardStateBytes) == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
shardState, err := bc.SuperCommitteeForNextEpoch(beacon, header, true)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
isStaking := false
|
|
|
|
if shardState.Epoch != nil && bc.Config().IsStaking(shardState.Epoch) {
|
|
|
|
isStaking = true
|
|
|
|
}
|
|
|
|
shardStateBytes, err := shard.EncodeWrapper(*shardState, isStaking)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrapf(
|
|
|
|
err, "[VerifyShardState] ShardState Encoding had error",
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
if !bytes.Equal(shardStateBytes, headerShardStateBytes) {
|
|
|
|
return errors.New("shard state header did not match as expected")
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// VerifyVRF implements Engine, checking the vrf is valid
|
|
|
|
func (e *engineImpl) VerifyVRF(
|
|
|
|
bc engine.ChainReader, header *block.Header,
|
|
|
|
) error {
|
|
|
|
if bc.ShardID() != header.ShardID() {
|
|
|
|
return errors.Errorf(
|
|
|
|
"[VerifyVRF] shardID not match %d %d", bc.ShardID(), header.ShardID(),
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
if bc.Config().IsVRF(header.Epoch()) && len(header.Vrf()) != vrfBeta+vrfProof {
|
|
|
|
return errors.Errorf(
|
|
|
|
"[VerifyVRF] invalid vrf data format or no vrf proposed %x", header.Vrf(),
|
|
|
|
)
|
|
|
|
}
|
|
|
|
if !bc.Config().IsVRF(header.Epoch()) {
|
|
|
|
if len(header.Vrf()) != 0 {
|
|
|
|
return errors.Errorf(
|
|
|
|
"[VerifyVRF] vrf data present in pre-vrf epoch %x", header.Vrf(),
|
|
|
|
)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
leaderPubKey, err := GetLeaderPubKeyFromCoinbase(bc, header)
|
|
|
|
|
|
|
|
if leaderPubKey == nil || err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
vrfPk := blsvrf.NewVRFVerifier(leaderPubKey.Object)
|
|
|
|
|
|
|
|
previousHeader := bc.GetHeaderByNumber(
|
|
|
|
header.Number().Uint64() - 1,
|
|
|
|
)
|
|
|
|
if previousHeader == nil {
|
|
|
|
return errors.New("[VerifyVRF] no parent header found")
|
|
|
|
}
|
|
|
|
|
|
|
|
previousHash := previousHeader.Hash()
|
|
|
|
vrfProof := [vrfProof]byte{}
|
|
|
|
copy(vrfProof[:], header.Vrf()[vrfBeta:])
|
|
|
|
hash, err := vrfPk.ProofToHash(previousHash[:], vrfProof[:])
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return errors.New("[VerifyVRF] Failed VRF verification")
|
|
|
|
}
|
|
|
|
|
|
|
|
if !bytes.Equal(hash[:], header.Vrf()[:vrfBeta]) {
|
|
|
|
return errors.New("[VerifyVRF] VRF proof is not valid")
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// retrieve corresponding blsPublicKey from Coinbase Address
|
|
|
|
func GetLeaderPubKeyFromCoinbase(
|
|
|
|
blockchain engine.ChainReader, h *block.Header,
|
|
|
|
) (*bls.PublicKeyWrapper, error) {
|
|
|
|
shardState, err := blockchain.ReadShardState(h.Epoch())
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "cannot read shard state %v %s",
|
|
|
|
h.Epoch(),
|
|
|
|
h.Coinbase().Hash().Hex(),
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
committee, err := shardState.FindCommitteeByID(h.ShardID())
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
committerKey := new(bls2.PublicKey)
|
|
|
|
isStaking := blockchain.Config().IsStaking(h.Epoch())
|
|
|
|
for _, member := range committee.Slots {
|
|
|
|
if isStaking {
|
|
|
|
// After staking the coinbase address will be the address of bls public key
|
|
|
|
if utils.GetAddressFromBLSPubKeyBytes(member.BLSPublicKey[:]) == h.Coinbase() {
|
|
|
|
if committerKey, err = bls.BytesToBLSPublicKey(member.BLSPublicKey[:]); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &bls.PublicKeyWrapper{Object: committerKey, Bytes: member.BLSPublicKey}, nil
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if member.EcdsaAddress == h.Coinbase() {
|
|
|
|
if committerKey, err = bls.BytesToBLSPublicKey(member.BLSPublicKey[:]); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &bls.PublicKeyWrapper{Object: committerKey, Bytes: member.BLSPublicKey}, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil, errors.Errorf(
|
|
|
|
"cannot find corresponding BLS Public Key coinbase %s",
|
|
|
|
h.Coinbase().Hex(),
|
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
// VerifySeal implements Engine, checking whether the given block's parent block satisfies
|
|
|
|
// the PoS difficulty requirements, i.e. >= 2f+1 valid signatures from the committee
|
|
|
|
// Note that each block header contains the bls signature of the parent block
|
|
|
|
func (e *engineImpl) VerifySeal(chain engine.ChainReader, header *block.Header) error {
|
|
|
|
if chain.CurrentHeader().Number().Uint64() <= uint64(1) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
if header == nil {
|
|
|
|
return errors.New("[VerifySeal] nil block header")
|
|
|
|
}
|
|
|
|
|
|
|
|
parentHash := header.ParentHash()
|
|
|
|
parentHeader := chain.GetHeader(parentHash, header.Number().Uint64()-1)
|
|
|
|
if parentHeader == nil {
|
|
|
|
return errors.New("[VerifySeal] no parent header found")
|
|
|
|
}
|
[rpc][availability][apr] Richer validator information, implement APR, unify EPoS computation, remove fall 2019 tech debt (#2484)
* [rpc][validator] Extend hmy blockchain validator information
* [availability] Optimize bump count
* [staking][validator][rpc] Remove validator stats rpc, fold into validator information, make existing pattern default behavior
* [slash] Reimplement SetDifference
* [reward][engine][network] Remove bad API from fall, begin setup for Per validator awards
* [header] Custom Marshal header for downstream, remove dev code
* [effective][committee] Factor out EPoS round of computation thereby unification in codebase of EPoS
* [unit-test] Fix semantically wrong validator unit tests, punt on maxBLS key wrt tx-pool test
* [reward] Use excellent singleflight package for caching lookup of subcommittees
* [apr][reward] Begin APR package itself, iterate on iterface signatures
* [reward] Handle possible error from singleflight
* [rpc][validator][reward] Adjust RPC committees, singleflight on votingPower, foldStats into Validator Information
* [apr] Stub out computation of APR
* [effective][committee] Upgrade SlotPurchase with named fields, provide marshal
* [effective] Update Tests
* [blockchain] TODO Remove the validators no longer in committee
* [validator][effective] More expressive string representation of eligibilty, ValidatorRPC explicit say if in committee now
* [rpc] Median-stake more semantic meaningful
* [validator] Iterate on semantic meaning of JSON representation
* [offchain] Make validator stats return explicit error
* [availability] Small typo
* [rpc] Quick visual hack until fix delete out kicked out validators
* [offchain] Delete validator from offchain that lost their slot
* [apr] Forgot to update interface signature
* [apr] Mul instead of Div
* [protocol][validator] Fold block reward accum per vaidator into validator-wrapper, off-chain => on-chain
* [votepower] Refactor votepower Roster, simplify aggregation of network wide rosters
* [votepower][shard] Adjust roster, optimize usage of BLSPublicKey as key, use MarshalText trick
* [shard] Granular errors
* [votepower][validator] Unify votepower data structure with off-chain usage
* [votepower][consensus][validator] Further simplify and unify votepower with off-chain, validator stats
* [votepower] Use RJs naming convention group,overall
* [votepower] Remove Println, do keep enforcing order
* [effective][reward] Expand semantics of eligibility as it was overloaded and confusing, evict old voting power computations
* [apr] Adjust json field name
* [votepower] Only aggregate on external validator
* [votepower] Mistake on aggregation, custom presentation network-wide
* [rpc][validator][availability] Remove parameter, take into account empty snapshot
* [apr] Use snapshots from two, one epochs ago. Still have question on header
* [apr] Use GetHeaderByNumber for the header needed for time stamp
* [chain] Evict > 3 epoch old voting power
* [blockchain] Leave Delete Validator snapshot as TODO
* [validator][rpc][effective] Undo changes to Protocol field, use virtual construct at RPC layer for meaning
* [project] Address PR comments
* [committee][rpc] Move +1 to computation of epos round rather than hack mutation
* [reward] Remove entire unnecessary loop, hook on AddReward. Remove unnecessary new big int
* [votepower][rpc][validator] Stick with numeric.Dec for token involved with computation, expose accumulate block-reward in RPC
* [effective][committee] Track the candidates for the EPoS auction, RPC median-stake benefits
* [node] Add hack way to get real error reason of why cannot load shardchain
* [consensus] Expand log on current issue on nil block
* [apr] Do the actual call to compute for validator's APR
* [committee] Wrap SlotOrder with validator address, manifests in median-stake RPC
* [apr] Incorrect error handle order
* [quorum] Remove incorrect compare on bls Key, (typo), remove redundant error check
* [shard] Add log if stakedSlots is 0
* [apr] More sanity check on div by zero, more lenient on error when dont have historical data yet
* [committee] Remove + 1 on seat count
* [apr] Use int64() directly
* [apr] Log when odd empty nil header
* [apr] Do not crash on empty header, figure out later
5 years ago
|
|
|
|
|
|
|
pas := payloadArgsFromHeader(parentHeader)
|
|
|
|
sas := sigArgs{
|
|
|
|
sig: header.LastCommitSignature(),
|
|
|
|
bitmap: header.LastCommitBitmap(),
|
|
|
|
}
|
|
|
|
|
|
|
|
if err := e.verifySignatureCached(chain, pas, sas); err != nil {
|
|
|
|
return errors.Wrapf(err, "verify signature for parent %s", parentHash.String())
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Finalize implements Engine, accumulating the block rewards,
|
|
|
|
// setting the final state and assembling the block.
|
|
|
|
// sigsReady signal indicates whether the commit sigs are populated in the header object.
|
|
|
|
func (e *engineImpl) Finalize(
|
|
|
|
chain engine.ChainReader, header *block.Header,
|
|
|
|
state *state.DB, txs []*types.Transaction,
|
|
|
|
receipts []*types.Receipt, outcxs []*types.CXReceipt,
|
[rpc][availability][apr] Richer validator information, implement APR, unify EPoS computation, remove fall 2019 tech debt (#2484)
* [rpc][validator] Extend hmy blockchain validator information
* [availability] Optimize bump count
* [staking][validator][rpc] Remove validator stats rpc, fold into validator information, make existing pattern default behavior
* [slash] Reimplement SetDifference
* [reward][engine][network] Remove bad API from fall, begin setup for Per validator awards
* [header] Custom Marshal header for downstream, remove dev code
* [effective][committee] Factor out EPoS round of computation thereby unification in codebase of EPoS
* [unit-test] Fix semantically wrong validator unit tests, punt on maxBLS key wrt tx-pool test
* [reward] Use excellent singleflight package for caching lookup of subcommittees
* [apr][reward] Begin APR package itself, iterate on iterface signatures
* [reward] Handle possible error from singleflight
* [rpc][validator][reward] Adjust RPC committees, singleflight on votingPower, foldStats into Validator Information
* [apr] Stub out computation of APR
* [effective][committee] Upgrade SlotPurchase with named fields, provide marshal
* [effective] Update Tests
* [blockchain] TODO Remove the validators no longer in committee
* [validator][effective] More expressive string representation of eligibilty, ValidatorRPC explicit say if in committee now
* [rpc] Median-stake more semantic meaningful
* [validator] Iterate on semantic meaning of JSON representation
* [offchain] Make validator stats return explicit error
* [availability] Small typo
* [rpc] Quick visual hack until fix delete out kicked out validators
* [offchain] Delete validator from offchain that lost their slot
* [apr] Forgot to update interface signature
* [apr] Mul instead of Div
* [protocol][validator] Fold block reward accum per vaidator into validator-wrapper, off-chain => on-chain
* [votepower] Refactor votepower Roster, simplify aggregation of network wide rosters
* [votepower][shard] Adjust roster, optimize usage of BLSPublicKey as key, use MarshalText trick
* [shard] Granular errors
* [votepower][validator] Unify votepower data structure with off-chain usage
* [votepower][consensus][validator] Further simplify and unify votepower with off-chain, validator stats
* [votepower] Use RJs naming convention group,overall
* [votepower] Remove Println, do keep enforcing order
* [effective][reward] Expand semantics of eligibility as it was overloaded and confusing, evict old voting power computations
* [apr] Adjust json field name
* [votepower] Only aggregate on external validator
* [votepower] Mistake on aggregation, custom presentation network-wide
* [rpc][validator][availability] Remove parameter, take into account empty snapshot
* [apr] Use snapshots from two, one epochs ago. Still have question on header
* [apr] Use GetHeaderByNumber for the header needed for time stamp
* [chain] Evict > 3 epoch old voting power
* [blockchain] Leave Delete Validator snapshot as TODO
* [validator][rpc][effective] Undo changes to Protocol field, use virtual construct at RPC layer for meaning
* [project] Address PR comments
* [committee][rpc] Move +1 to computation of epos round rather than hack mutation
* [reward] Remove entire unnecessary loop, hook on AddReward. Remove unnecessary new big int
* [votepower][rpc][validator] Stick with numeric.Dec for token involved with computation, expose accumulate block-reward in RPC
* [effective][committee] Track the candidates for the EPoS auction, RPC median-stake benefits
* [node] Add hack way to get real error reason of why cannot load shardchain
* [consensus] Expand log on current issue on nil block
* [apr] Do the actual call to compute for validator's APR
* [committee] Wrap SlotOrder with validator address, manifests in median-stake RPC
* [apr] Incorrect error handle order
* [quorum] Remove incorrect compare on bls Key, (typo), remove redundant error check
* [shard] Add log if stakedSlots is 0
* [apr] More sanity check on div by zero, more lenient on error when dont have historical data yet
* [committee] Remove + 1 on seat count
* [apr] Use int64() directly
* [apr] Log when odd empty nil header
* [apr] Do not crash on empty header, figure out later
5 years ago
|
|
|
incxs []*types.CXReceiptsProof, stks staking.StakingTransactions,
|
|
|
|
doubleSigners slash.Records, sigsReady chan bool, viewID func() uint64,
|
[rpc][availability][apr] Richer validator information, implement APR, unify EPoS computation, remove fall 2019 tech debt (#2484)
* [rpc][validator] Extend hmy blockchain validator information
* [availability] Optimize bump count
* [staking][validator][rpc] Remove validator stats rpc, fold into validator information, make existing pattern default behavior
* [slash] Reimplement SetDifference
* [reward][engine][network] Remove bad API from fall, begin setup for Per validator awards
* [header] Custom Marshal header for downstream, remove dev code
* [effective][committee] Factor out EPoS round of computation thereby unification in codebase of EPoS
* [unit-test] Fix semantically wrong validator unit tests, punt on maxBLS key wrt tx-pool test
* [reward] Use excellent singleflight package for caching lookup of subcommittees
* [apr][reward] Begin APR package itself, iterate on iterface signatures
* [reward] Handle possible error from singleflight
* [rpc][validator][reward] Adjust RPC committees, singleflight on votingPower, foldStats into Validator Information
* [apr] Stub out computation of APR
* [effective][committee] Upgrade SlotPurchase with named fields, provide marshal
* [effective] Update Tests
* [blockchain] TODO Remove the validators no longer in committee
* [validator][effective] More expressive string representation of eligibilty, ValidatorRPC explicit say if in committee now
* [rpc] Median-stake more semantic meaningful
* [validator] Iterate on semantic meaning of JSON representation
* [offchain] Make validator stats return explicit error
* [availability] Small typo
* [rpc] Quick visual hack until fix delete out kicked out validators
* [offchain] Delete validator from offchain that lost their slot
* [apr] Forgot to update interface signature
* [apr] Mul instead of Div
* [protocol][validator] Fold block reward accum per vaidator into validator-wrapper, off-chain => on-chain
* [votepower] Refactor votepower Roster, simplify aggregation of network wide rosters
* [votepower][shard] Adjust roster, optimize usage of BLSPublicKey as key, use MarshalText trick
* [shard] Granular errors
* [votepower][validator] Unify votepower data structure with off-chain usage
* [votepower][consensus][validator] Further simplify and unify votepower with off-chain, validator stats
* [votepower] Use RJs naming convention group,overall
* [votepower] Remove Println, do keep enforcing order
* [effective][reward] Expand semantics of eligibility as it was overloaded and confusing, evict old voting power computations
* [apr] Adjust json field name
* [votepower] Only aggregate on external validator
* [votepower] Mistake on aggregation, custom presentation network-wide
* [rpc][validator][availability] Remove parameter, take into account empty snapshot
* [apr] Use snapshots from two, one epochs ago. Still have question on header
* [apr] Use GetHeaderByNumber for the header needed for time stamp
* [chain] Evict > 3 epoch old voting power
* [blockchain] Leave Delete Validator snapshot as TODO
* [validator][rpc][effective] Undo changes to Protocol field, use virtual construct at RPC layer for meaning
* [project] Address PR comments
* [committee][rpc] Move +1 to computation of epos round rather than hack mutation
* [reward] Remove entire unnecessary loop, hook on AddReward. Remove unnecessary new big int
* [votepower][rpc][validator] Stick with numeric.Dec for token involved with computation, expose accumulate block-reward in RPC
* [effective][committee] Track the candidates for the EPoS auction, RPC median-stake benefits
* [node] Add hack way to get real error reason of why cannot load shardchain
* [consensus] Expand log on current issue on nil block
* [apr] Do the actual call to compute for validator's APR
* [committee] Wrap SlotOrder with validator address, manifests in median-stake RPC
* [apr] Incorrect error handle order
* [quorum] Remove incorrect compare on bls Key, (typo), remove redundant error check
* [shard] Add log if stakedSlots is 0
* [apr] More sanity check on div by zero, more lenient on error when dont have historical data yet
* [committee] Remove + 1 on seat count
* [apr] Use int64() directly
* [apr] Log when odd empty nil header
* [apr] Do not crash on empty header, figure out later
5 years ago
|
|
|
) (*types.Block, reward.Reader, error) {
|
|
|
|
|
|
|
|
isBeaconChain := header.ShardID() == shard.BeaconChainShardID
|
|
|
|
inStakingEra := chain.Config().IsStaking(header.Epoch())
|
[slash][consensus] Notice double sign & broadcast, factor out tech debt of consensus (#2152)
* [slash] Remove dead interface, associated piping
* [slash] Expand out structs
* [consensus] Write to a chan when find a case of double-signing, remove dead code
* [slash] Broadcast the noticing of a double signing
* [rawdb] CRUD for slashing candidates
* [slashing][node][proto] Broadcast the slash record after receive from consensus, handle received proto message, persist in off-chain db while pending
* [slash][node][propose-block] Add verified slashes proposed into the header in block proposal
* [slash][shard] Factor out external validator as method on shard state, add double-signature field
* [slash][engine] Apply slash, name boolean expression for sorts, use stable sort
* [slash] Abstract Ballot results so keep track of both pre and post double sign event
* [slash] Fix type errors on test code
* [slash] Read from correct rawdb
* [slash] Add epoch based guards in CRUD of slashing
* [slash] Write to correct cache for slashing candidates
* [shard] Use explicit named type of BLS Signature, use convention
* [slash] Fix mistake done in refactor, improper header used. Factor out fromSlice to set
* [slash][node] Restore newblock to master, try again minimial change
* [cx-receipts] Break up one-liner, use SliceStable, not Slice
* [network] Finish refactor that makes network message headers once
* [network] Simplify creation further of headers write
* [slash] Adjust data structure of slash after offline discussion with RJ, Chao
* [slash] Still did need signature of the double signature
* [consensus] Prepare message does not have block header
* [consensus] Soft reset three files to 968517d~1
* [consensus] Begin factor consensus network intended message out with prepare first
* [consensus] Factor out Prepared message
* [consensus] Factor out announce message creation
* [consensus] Committed Message, branch on verify sender key for clearer log
* [consensus] Committed Message Factor out
* [consensus] Do jenkins MVP of signatures adjustment
* [main][slash] Provide YAML config as webhook config for double sign event
* [consensus] Adjust signatures, whitespace, lessen GC pressure
* [consensus] Remove dead code
* [consensus] Factor out commit overloaded message, give commit payload override in construct
* [consensus] Fix travis tests
* [consensus] Provide block bytes in SubmitVote(quorum.Commit)
* [consensus] Factor out noisy sanity checks in BFT, move existing commit check earlier as was before
* [quorum] Adjust signatures in quorum
* [staking] Adjust after merge from master
* [consensus] Finish refactor of consensus
* [node] Fix import
* [consensus] Fix travis
* [consensus] Use origin/master copy of block, fix mistake of pointer to empty byte
* [consensus] Less verbose bools
* [consensus] Remove unused trailing mutation hook in message construct
* [consensus] Address some TODOs on err, comment out double sign
5 years ago
|
|
|
|
|
|
|
// Process Undelegations, set LastEpochInCommittee and set EPoS status
|
|
|
|
// Needs to be before AccumulateRewardsAndCountSigs
|
|
|
|
if IsCommitteeSelectionBlock(chain, header) {
|
|
|
|
startTime := time.Now()
|
|
|
|
if err := payoutUndelegations(chain, header, state); err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
utils.Logger().Debug().Int64("elapsed time", time.Now().Sub(startTime).Milliseconds()).Msg("PayoutUndelegations")
|
|
|
|
|
|
|
|
// Needs to be after payoutUndelegations because payoutUndelegations
|
|
|
|
// depends on the old LastEpochInCommittee
|
|
|
|
|
|
|
|
startTime = time.Now()
|
|
|
|
if err := setElectionEpochAndMinFee(header, state, chain.Config()); err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
utils.Logger().Debug().Int64("elapsed time", time.Now().Sub(startTime).Milliseconds()).Msg("SetElectionEpochAndMinFee")
|
|
|
|
|
|
|
|
curShardState, err := chain.ReadShardState(chain.CurrentBlock().Epoch())
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
startTime = time.Now()
|
|
|
|
// Needs to be before AccumulateRewardsAndCountSigs because
|
|
|
|
// ComputeAndMutateEPOSStatus depends on the signing counts that's
|
|
|
|
// consistent with the counts when the new shardState was proposed.
|
|
|
|
// Refer to committee.IsEligibleForEPoSAuction()
|
|
|
|
for _, addr := range curShardState.StakedValidators().Addrs {
|
|
|
|
if err := availability.ComputeAndMutateEPOSStatus(
|
|
|
|
chain, state, addr,
|
|
|
|
); err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
utils.Logger().Debug().Int64("elapsed time", time.Now().Sub(startTime).Milliseconds()).Msg("ComputeAndMutateEPOSStatus")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Accumulate block rewards and commit the final state root
|
|
|
|
// Header seems complete, assemble into a block and return
|
|
|
|
payout, err := AccumulateRewardsAndCountSigs(
|
|
|
|
chain, state, header, e.Beaconchain(), sigsReady,
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// Apply slashes
|
|
|
|
if isBeaconChain && inStakingEra && len(doubleSigners) > 0 {
|
|
|
|
if err := applySlashes(chain, header, state, doubleSigners); err != nil {
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
} else if len(doubleSigners) > 0 {
|
|
|
|
return nil, nil, errors.New("slashes proposed in non-beacon chain or non-staking epoch")
|
|
|
|
}
|
|
|
|
|
|
|
|
// ViewID setting needs to happen after commig sig reward logic for pipelining reason.
|
|
|
|
// TODO: make the viewID fetch from caller of the block proposal.
|
|
|
|
header.SetViewID(new(big.Int).SetUint64(viewID()))
|
|
|
|
|
|
|
|
// Finalize the state root
|
|
|
|
header.SetRoot(state.IntermediateRoot(chain.Config().IsS3(header.Epoch())))
|
|
|
|
return types.NewBlock(header, txs, receipts, outcxs, incxs, stks), payout, nil
|
|
|
|
}
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
|
|
|
|
// Withdraw unlocked tokens to the delegators' accounts
|
|
|
|
func payoutUndelegations(
|
|
|
|
chain engine.ChainReader, header *block.Header, state *state.DB,
|
|
|
|
) error {
|
|
|
|
currentHeader := chain.CurrentHeader()
|
|
|
|
nowEpoch, blockNow := currentHeader.Epoch(), currentHeader.Number()
|
|
|
|
utils.AnalysisStart("payoutUndelegations", nowEpoch, blockNow)
|
|
|
|
defer utils.AnalysisEnd("payoutUndelegations", nowEpoch, blockNow)
|
|
|
|
|
|
|
|
validators, err := chain.ReadValidatorList()
|
|
|
|
countTrack := map[common.Address]int{}
|
|
|
|
if err != nil {
|
|
|
|
const msg = "[Finalize] failed to read all validators"
|
|
|
|
return errors.New(msg)
|
|
|
|
}
|
|
|
|
// Payout undelegated/unlocked tokens
|
|
|
|
lockPeriod := GetLockPeriodInEpoch(chain, header.Epoch())
|
|
|
|
noEarlyUnlock := chain.Config().IsNoEarlyUnlock(header.Epoch())
|
|
|
|
for _, validator := range validators {
|
Resolve harmony-one/bounties#90: Add revert mechanism for UpdateValidatorWrapper (#3939)
* Add revert mechanism for UpdateValidatorWrapper
Closes harmony-one/bounties#90
(1) Use LRU for ValidatorWrapper objects in stateDB to plug a potential
memory leak
(2) Merge ValidatorWrapper and ValidatorWrapperCopy to let callers ask
for either a copy, or a pointer to the cached object. Additionally,
give callers the option to not deep copy delegations (which is a
heavy process). Copies need to be explicitly committed (and thus
can be reverted), while the pointers are committed when Finalise
is called.
(3) Add a UpdateValidatorWrapperWithRevert function, which is used by
staking txs `Delegate`, `Undelegate`, and `CollectRewards`. Other
2 types of staking txs and `db.Finalize` continue to use
UpdateValidateWrapper without revert, again, to save memoery
(4) Add unit tests which check
a) Revert goes through
b) Wrapper is as expected after revert
c) State is as expected after revert
* Change back to dictionary for stateValidators
Since the memory / CPU usage saved is not significantly different when
using an LRU + map structure, go back to the original dictionary
structure to keep code easy to read and have limited modifications.
* Add tests for validator wrapper reverts
As requested by @rlan35, add tests beyond just adding and reverting a
delegation. The tests are successive in the sense that we do multiple
modifications to the wrapper, save a snapshot before each modification
and revert to each of them to confirm everything works well. This change
improves test coverage of statedb.go to 66.7% from 64.8% and that of
core/state to 71.9% from 70.8%, and covers all the code that has been
modified by this PR in statedb.go.
For clarity, the modifications to the wrapper include (1) creation of
wrapper in state, (2) adding a delegation to the wrapper, (3)
increasing the blocks signed, and (4) a change in the validator Name and
the BlockReward. Two additional tests have been added to cover the
`panic` and the `GetCode` cases.
3 years ago
|
|
|
wrapper, err := state.ValidatorWrapper(validator, true, false)
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
if err != nil {
|
|
|
|
return errors.New(
|
|
|
|
"[Finalize] failed to get validator from state to finalize",
|
|
|
|
)
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
}
|
|
|
|
for i := range wrapper.Delegations {
|
|
|
|
delegation := &wrapper.Delegations[i]
|
|
|
|
totalWithdraw := delegation.RemoveUnlockedUndelegations(
|
|
|
|
header.Epoch(), wrapper.LastEpochInCommittee, lockPeriod, noEarlyUnlock,
|
|
|
|
)
|
|
|
|
if totalWithdraw.Sign() != 0 {
|
|
|
|
state.AddBalance(delegation.DelegatorAddress, totalWithdraw)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
countTrack[validator] = len(wrapper.Delegations)
|
|
|
|
}
|
|
|
|
|
|
|
|
utils.Logger().Debug().
|
|
|
|
Uint64("epoch", header.Epoch().Uint64()).
|
|
|
|
Uint64("block-number", header.Number().Uint64()).
|
|
|
|
Interface("count-track", countTrack).
|
|
|
|
Msg("paid out delegations")
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
|
|
|
|
// IsCommitteeSelectionBlock checks if the given header is for the committee selection block
|
|
|
|
// which can only occur on beacon chain and if epoch > pre-staking epoch.
|
|
|
|
func IsCommitteeSelectionBlock(chain engine.ChainReader, header *block.Header) bool {
|
|
|
|
isBeaconChain := header.ShardID() == shard.BeaconChainShardID
|
|
|
|
inPreStakingEra := chain.Config().IsPreStaking(header.Epoch())
|
|
|
|
return isBeaconChain && header.IsLastBlockInEpoch() && inPreStakingEra
|
|
|
|
}
|
|
|
|
|
|
|
|
func setElectionEpochAndMinFee(header *block.Header, state *state.DB, config *params.ChainConfig) error {
|
|
|
|
newShardState, err := header.GetShardState()
|
|
|
|
if err != nil {
|
|
|
|
const msg = "[Finalize] failed to read shard state"
|
|
|
|
return errors.New(msg)
|
|
|
|
}
|
|
|
|
for _, addr := range newShardState.StakedValidators().Addrs {
|
Resolve harmony-one/bounties#90: Add revert mechanism for UpdateValidatorWrapper (#3939)
* Add revert mechanism for UpdateValidatorWrapper
Closes harmony-one/bounties#90
(1) Use LRU for ValidatorWrapper objects in stateDB to plug a potential
memory leak
(2) Merge ValidatorWrapper and ValidatorWrapperCopy to let callers ask
for either a copy, or a pointer to the cached object. Additionally,
give callers the option to not deep copy delegations (which is a
heavy process). Copies need to be explicitly committed (and thus
can be reverted), while the pointers are committed when Finalise
is called.
(3) Add a UpdateValidatorWrapperWithRevert function, which is used by
staking txs `Delegate`, `Undelegate`, and `CollectRewards`. Other
2 types of staking txs and `db.Finalize` continue to use
UpdateValidateWrapper without revert, again, to save memoery
(4) Add unit tests which check
a) Revert goes through
b) Wrapper is as expected after revert
c) State is as expected after revert
* Change back to dictionary for stateValidators
Since the memory / CPU usage saved is not significantly different when
using an LRU + map structure, go back to the original dictionary
structure to keep code easy to read and have limited modifications.
* Add tests for validator wrapper reverts
As requested by @rlan35, add tests beyond just adding and reverting a
delegation. The tests are successive in the sense that we do multiple
modifications to the wrapper, save a snapshot before each modification
and revert to each of them to confirm everything works well. This change
improves test coverage of statedb.go to 66.7% from 64.8% and that of
core/state to 71.9% from 70.8%, and covers all the code that has been
modified by this PR in statedb.go.
For clarity, the modifications to the wrapper include (1) creation of
wrapper in state, (2) adding a delegation to the wrapper, (3)
increasing the blocks signed, and (4) a change in the validator Name and
the BlockReward. Two additional tests have been added to cover the
`panic` and the `GetCode` cases.
3 years ago
|
|
|
wrapper, err := state.ValidatorWrapper(addr, true, false)
|
|
|
|
if err != nil {
|
|
|
|
return errors.New(
|
|
|
|
"[Finalize] failed to get validator from state to finalize",
|
|
|
|
)
|
|
|
|
}
|
|
|
|
// Set last epoch in committee
|
|
|
|
wrapper.LastEpochInCommittee = newShardState.Epoch
|
|
|
|
|
|
|
|
if config.IsMinCommissionRate(newShardState.Epoch) {
|
|
|
|
// Set first election epoch
|
|
|
|
state.SetValidatorFirstElectionEpoch(addr, newShardState.Epoch)
|
|
|
|
|
|
|
|
// Update minimum commission fee
|
|
|
|
if err := availability.UpdateMinimumCommissionFee(
|
|
|
|
newShardState.Epoch, state, addr, config.MinCommissionPromoPeriod.Int64(),
|
|
|
|
); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func applySlashes(
|
|
|
|
chain engine.ChainReader,
|
|
|
|
header *block.Header,
|
|
|
|
state *state.DB,
|
|
|
|
doubleSigners slash.Records,
|
|
|
|
) error {
|
|
|
|
type keyStruct struct {
|
|
|
|
height uint64
|
|
|
|
viewID uint64
|
|
|
|
shardID uint32
|
|
|
|
epoch uint64
|
|
|
|
}
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
|
|
|
|
groupedRecords := map[keyStruct]slash.Records{}
|
|
|
|
|
|
|
|
// First group slashes by same signed blocks
|
|
|
|
for i := range doubleSigners {
|
|
|
|
thisKey := keyStruct{
|
|
|
|
height: doubleSigners[i].Evidence.Height,
|
|
|
|
viewID: doubleSigners[i].Evidence.ViewID,
|
|
|
|
shardID: doubleSigners[i].Evidence.Moment.ShardID,
|
|
|
|
epoch: doubleSigners[i].Evidence.Moment.Epoch.Uint64(),
|
|
|
|
}
|
|
|
|
groupedRecords[thisKey] = append(groupedRecords[thisKey], doubleSigners[i])
|
[double-sign] Provide proof of double sign in slash record sent to beaconchain (#2253)
* [double-sign] Commit changes in consensus needed for double-sign
* [double-sign] Leader captures when valdator double signs, broadcasts to beaconchain
* [slash] Add quick iteration tool for testing double-signing
* [slash] Add webhook example
* [slash] Add http server for hook to trigger double sign behavior
* [double-sign] Use bin/trigger-double-sign to cause a double-sign
* [double-sign] Full feedback loop working
* [slash] Thread through the slash records in the block proposal step
* [slash] Compute the slashing rate
* [double-sign] Generalize yaml malicious for many keys
* [double-sign][slash] Modify data structures, verify via webhook handler
* [slash][double-sign] Find one address of bls public key signer, seemingly settle on data structures
* [slash] Apply to state slashing for double signing
* [slash][double-sign] Checkpoint for working code that slashes on beaconchain
* [slash] Keep track of the total slash and total reporters reward
* [slash] Dump account state before and after the slash
* [slash] Satisfy Travis
* [slash][state] Apply slash to the snapshot at beginning of epoch, now need to capture also the new delegates
* [slash] Capture the unique new delegations since snapshot as well
* [slash] Filter undelegation by epoch of double sign
* [slash] Add TODO of correctness needed in slash needs on off-chain data
* [rpc] Fix closure issue on shardID
* [slash] Add delegator to double-sign testing script
* [slash] Expand crt-validator.sh with commenting printfs and make delegation
* [slash] Finish track payment of leftover slash debt after undelegation runs out
* [slash] Now be explicit about error wrt delegatorSlashApply
* [slash] Capture specific sanity check on slash paidoff
* [slash] Track slash from undelegation piecemeal
* [slash][delegation] Named slice types, .String()
* [slash] Do no RLP encode twice, once is enough
* [slash] Remove special case of validators own delegation
* [slash] Refactor approach to slash state application
* [slash] Begin expanding out Verify
* [slash] Slash on snapshot delegations, not current
* [slash] Fix Epoch Cmp
* [slash] Third iteration on slash logic
* [slash] Use full slash amount
* [slash] More log, whitespace
* [slash] Remove Println, add log
* [slash] Remove debug Println
* [slash] Add record in unit test
* [slash] Build Validator snapshot, current. Fill out slash record
* [slash] Need to get RLP dump of a header to use in test
* [slash] Factor out double sign test constants
* [slash] Factor out common for validator, stub out slash application, finish out deserialization setup
* [slash] Factor out data structure creation because of var lexical scoping
* [slash] Seem to have pipeline of unit test e2e executing
* [slash] Add expected snitch, slash amounts
* [slash] Checkpoint
* [slash] Unit test correctly checks case of validator own stake which could drop below 1 ONE in slashing
* [config] add double-sign testnet config (#1)
Signed-off-by: Leo Chen <leo@harmony.one>
* [slash] Commit for as is code & data of current dump.json
* [slash] Order of state operation not correct in test, hence bad results, thank you dlv
* [slash] Add snapshot state dump
* [slash] Pay off slash of validator own delegation correctly
* [slash] Pay off slash debt with special case for min-self
* [slash] Pass first scenario conclusively
* [slash] 2% slash passes unit test for own delegation and external
* [slash] Parameterize unit test to easily test .02 vs .80 slash
* [slash] Handle own delegation correctly at 80% slash
* [slash] Have 80% slash working with external delegator
* [slash] Remove debug code from slash
* [slash] Adjust Apply signature, test again for 2% slash
* [slash] Factor out scenario in testing so can test 2% and 80% at same time
* [slash] Correct balance deduction on plan delegation
* [slash] Mock out ChainReader for TestVerify
* [slash] Small surface area interface, now feedback loop for verify
* [slash] Remove development json
* [slash] trigger-double-sign consumes yaml
* [slash] Remove dead code
* [slash][test] Factor ValidatorWrapper into scenario
* [slash][test] Add example from local-testing dump - caution might be off
* [slash] Factor out mutation of slashDebt
* [slash][test] Factor out tests so can easily load test-case from bytes
* [slash] Fix payment mistake in validator own delegation wrt min-self-delgation respected
* [slash] Satisfy Travis
* [slash] Begin cleanup of PR
* [slash] Apply slash from header to Finalize via state processor
* [slash] Productionize code, Println => logs; adjust slash picked in newblock
* [slash] Need pointer for rlp.Decode
* [slash] ValidatorInformation use full wrapper
* Fix median stake
* [staking] Adjust MarshalJSON for Validator, Wrapper
* Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)
* Refactor offchain data; Add epoch to ValidatorSnapshot
* Make block onchain/offchain data commit atomically
* [slash][committee] Set .Active to false on double sign, do not consider banned or inactive for committee assignment
* [effective] VC eligible.go
* [consensus] Redundant field in printf
* [docker] import-ks for a dev account
* [slash] Create BLS key for dockerfile and crt-validator.sh
* [slash][docker] Easy deployment of double-sign testing
* [docker] Have slash work as single docker command
* [rpc] Fix median-stake RPC
* [slash] Update webhook with default docker BLS key
* [docker][slash] Fresh yaml copy for docker build, remove dev code in main.go
* [slash] Remove helper binary, commented out code, change to local config
* [params] Factor out test genesis value
* Add shard checking to Tx-Pool & correct blacklist (#2301)
* [core] Fix blacklist & add shardID check
* [staking + node + cmd] Fix blacklist & add shardID check
* [slash] Adjust to PR comments part 1
* [docker] Use different throw away funded account
* [docker] Create easier testing for delegation with private keys
* [docker] Update yaml
* [slash] Remove special case for slashing validator own delegation wrt min-self-delegate
* [docker] Install nano as well
* [slash] Early error if banned
* [quorum] Expose earning account in decider marshal json
* Revert "Refactor offchain data commit; Make block onchain/offchain commit atomic (#2279)"
This reverts commit 9ffbf682c075b49188923c65a0bbf39ac188be00.
* [slash] Add non-sanity check way to update validator
* [reward] Increase percision on percentage in schedule
* [slash] Adjust logs
* [committee] Check eligibility of validator before doing sanity check
* [slash] Update docker
* [slash] Move create validator script to test
* [slash] More log
* [param] Make things faster
* [slash][off-chain] Clear out slashes from pending in writeblockwithstate
* [cross-link] Log is not error, just info
* [blockchain] Not necessary to guard DeletePendingSlashingCandidates
* [slash][consensus] Use plain []byte for signature b/c bls.Sign has private impl fields, rlp does not encode that
* [slash][test] Use faucet as sender, assume user imported
* [slash] Test setup
* [slash] reserve error for real error in logs
* [slash][availability] Apply availability correct, bump signing count each block
* [slash][staking] Consider banned field in sanity check, pay snitch only half of what was actually slashed
* [slash] Pay as much as can
* [slash] use right nowAmt
* [slash] Take away from rewards as well
* [slash] iterate faster
* [slash] Remove dev based timing
* [slash] Add more log, sanity check incoming slash records, only count external for slash rate
* [availability][state] Adjust signature of ValidatorWrapper wrt state, filter out for staked validators, correct availaibility measure on running counters
* [availability] More log
* [slash] Simply pre slash erra slashing
* [slash] Remove development code
* [slash] Use height from recvMsg, todo on epoch
* [staking] Not necessary to touch LastEpochInCommittee in staking_verifier
* [slash] Undo ds in endpoint pattern config
* [slash] Add TODO and log when delegation becomes 0 b/c slash debt payment
* [slash] Abstract staked validators from shard.State into type, set slash rate based BLSKey count
Co-authored-by: Leo Chen <leo@harmony.one>
Co-authored-by: flicker-harmony <52401354+flicker-harmony@users.noreply.github.com>
Co-authored-by: Rongjian Lan <rongjian@harmony.one>
Co-authored-by: Daniel Van Der Maden <daniel@harmony.one>
5 years ago
|
|
|
}
|
|
|
|
|
|
|
|
sortedKeys := []keyStruct{}
|
|
|
|
|
|
|
|
for key := range groupedRecords {
|
|
|
|
sortedKeys = append(sortedKeys, key)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Sort them so the slashes are always consistent
|
|
|
|
sort.SliceStable(sortedKeys, func(i, j int) bool {
|
|
|
|
if sortedKeys[i].shardID < sortedKeys[j].shardID {
|
|
|
|
return true
|
|
|
|
} else if sortedKeys[i].height < sortedKeys[j].height {
|
|
|
|
return true
|
|
|
|
} else if sortedKeys[i].viewID < sortedKeys[j].viewID {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
return false
|
|
|
|
})
|
|
|
|
|
|
|
|
// The Leader of the block gets all slashing rewards.
|
|
|
|
slashRewardBeneficiary := header.Coinbase()
|
|
|
|
|
|
|
|
// Do the slashing by groups in the sorted order
|
|
|
|
for _, key := range sortedKeys {
|
|
|
|
records := groupedRecords[key]
|
|
|
|
superCommittee, err := chain.ReadShardState(big.NewInt(int64(key.epoch)))
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return errors.New("could not read shard state")
|
|
|
|
}
|
|
|
|
|
|
|
|
subComm, err := superCommittee.FindCommitteeByID(key.shardID)
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
return errors.New("could not find shard committee")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Apply the slashes, invariant: assume been verified as legit slash by this point
|
|
|
|
var slashApplied *slash.Application
|
|
|
|
votingPower, err := lookupVotingPower(
|
|
|
|
big.NewInt(int64(key.epoch)), subComm,
|
|
|
|
)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrapf(err, "could not lookup cached voting power in slash application")
|
|
|
|
}
|
|
|
|
rate := slash.Rate(votingPower, records)
|
|
|
|
utils.Logger().Info().
|
|
|
|
Str("rate", rate.String()).
|
|
|
|
RawJSON("records", []byte(records.String())).
|
|
|
|
Msg("now applying slash to state during block finalization")
|
|
|
|
if slashApplied, err = slash.Apply(
|
|
|
|
chain,
|
|
|
|
state,
|
|
|
|
records,
|
|
|
|
rate,
|
|
|
|
slashRewardBeneficiary,
|
|
|
|
); err != nil {
|
|
|
|
return errors.New("[Finalize] could not apply slash")
|
|
|
|
}
|
|
|
|
|
|
|
|
utils.Logger().Info().
|
|
|
|
Str("rate", rate.String()).
|
|
|
|
RawJSON("records", []byte(records.String())).
|
|
|
|
RawJSON("applied", []byte(slashApplied.String())).
|
|
|
|
Msg("slash applied successfully")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// VerifyHeaderSignature verifies the signature of the given header.
|
|
|
|
// Similiar to VerifyHeader, which is only for verifying the block headers of one's own chain, this verification
|
|
|
|
// is used for verifying "incoming" block header against commit signature and bitmap sent from the other chain cross-shard via libp2p.
|
|
|
|
// i.e. this header verification api is more flexible since the caller specifies which commit signature and bitmap to use
|
|
|
|
// for verifying the block header, which is necessary for cross-shard block header verification. Example of such is cross-shard transaction.
|
|
|
|
func (e *engineImpl) VerifyHeaderSignature(chain engine.ChainReader, header *block.Header, commitSig bls_cosi.SerializedSignature, commitBitmap []byte) error {
|
|
|
|
if chain.CurrentHeader().Number().Uint64() <= uint64(1) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
pas := payloadArgsFromHeader(header)
|
|
|
|
sas := sigArgs{commitSig, commitBitmap}
|
|
|
|
|
|
|
|
return e.verifySignatureCached(chain, pas, sas)
|
|
|
|
}
|
|
|
|
|
|
|
|
// VerifyCrossLink verifies the signature of the given CrossLink.
|
|
|
|
func (e *engineImpl) VerifyCrossLink(chain engine.ChainReader, cl types.CrossLink) error {
|
|
|
|
if cl.BlockNum() <= 1 {
|
|
|
|
return errors.New("crossLink BlockNumber should greater than 1")
|
|
|
|
}
|
|
|
|
if !chain.Config().IsCrossLink(cl.Epoch()) {
|
|
|
|
return errors.Errorf("not cross-link epoch: %v", cl.Epoch())
|
|
|
|
}
|
|
|
|
|
|
|
|
pas := payloadArgsFromCrossLink(cl)
|
|
|
|
sas := sigArgs{cl.Signature(), cl.Bitmap()}
|
|
|
|
|
|
|
|
return e.verifySignatureCached(chain, pas, sas)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *engineImpl) verifySignatureCached(chain engine.ChainReader, pas payloadArgs, sas sigArgs) error {
|
|
|
|
verifiedKey := newVerifiedSigKey(pas.blockHash, sas.sig, sas.bitmap)
|
|
|
|
if _, ok := e.verifiedSigCache.Get(verifiedKey); ok {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
// Not in cache, do verify.
|
|
|
|
if err := e.verifySignature(chain, pas, sas); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
e.verifiedSigCache.Add(verifiedKey, struct{}{})
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *engineImpl) verifySignature(chain engine.ChainReader, pas payloadArgs, sas sigArgs) error {
|
|
|
|
ec, err := e.getEpochCtxCached(chain, pas.shardID, pas.epoch.Uint64())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
var (
|
|
|
|
pubKeys = ec.pubKeys
|
|
|
|
qrVerifier = ec.qrVerifier
|
|
|
|
commitSig = sas.sig
|
|
|
|
commitBitmap = sas.bitmap
|
|
|
|
)
|
|
|
|
aggSig, mask, err := DecodeSigBitmap(commitSig, commitBitmap, pubKeys)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "deserialize signature and bitmap")
|
|
|
|
}
|
|
|
|
if !qrVerifier.IsQuorumAchievedByMask(mask) {
|
|
|
|
return errors.New("not enough signature collected")
|
|
|
|
}
|
|
|
|
commitPayload := pas.constructPayload(chain)
|
|
|
|
if !aggSig.VerifyHash(mask.AggregatePublic, commitPayload) {
|
|
|
|
return errors.New("Unable to verify aggregated signature for block")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *engineImpl) getEpochCtxCached(chain engine.ChainReader, shardID uint32, epoch uint64) (epochCtx, error) {
|
|
|
|
ecKey := epochCtxKey{
|
|
|
|
shardID: shardID,
|
|
|
|
epoch: epoch,
|
|
|
|
}
|
|
|
|
cached, ok := e.epochCtxCache.Get(ecKey)
|
|
|
|
if ok && cached != nil {
|
|
|
|
return cached.(epochCtx), nil
|
|
|
|
}
|
|
|
|
ec, err := readEpochCtxFromChain(chain, ecKey)
|
|
|
|
if err != nil {
|
|
|
|
return epochCtx{}, err
|
|
|
|
}
|
|
|
|
e.epochCtxCache.Add(ecKey, ec)
|
|
|
|
return ec, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Support 512 at most validator nodes
|
|
|
|
const bitmapKeyBytes = 64
|
|
|
|
|
|
|
|
// verifiedSigKey is the key for caching header verification results
|
|
|
|
type verifiedSigKey struct {
|
|
|
|
blockHash common.Hash
|
|
|
|
signature bls_cosi.SerializedSignature
|
|
|
|
bitmap [bitmapKeyBytes]byte
|
|
|
|
}
|
|
|
|
|
|
|
|
func newVerifiedSigKey(blockHash common.Hash, sig bls_cosi.SerializedSignature, bitmap []byte) verifiedSigKey {
|
|
|
|
var keyBM [bitmapKeyBytes]byte
|
|
|
|
copy(keyBM[:], bitmap)
|
|
|
|
|
|
|
|
return verifiedSigKey{
|
|
|
|
blockHash: blockHash,
|
|
|
|
signature: sig,
|
|
|
|
bitmap: keyBM,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// payloadArgs is the arguments for constructing the payload for signature verification.
|
|
|
|
type payloadArgs struct {
|
|
|
|
blockHash common.Hash
|
|
|
|
shardID uint32
|
|
|
|
epoch *big.Int
|
|
|
|
number uint64
|
|
|
|
viewID uint64
|
|
|
|
}
|
|
|
|
|
|
|
|
func payloadArgsFromHeader(header *block.Header) payloadArgs {
|
|
|
|
return payloadArgs{
|
|
|
|
blockHash: header.Hash(),
|
|
|
|
shardID: header.ShardID(),
|
|
|
|
epoch: header.Epoch(),
|
|
|
|
number: header.Number().Uint64(),
|
|
|
|
viewID: header.ViewID().Uint64(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func payloadArgsFromCrossLink(cl types.CrossLink) payloadArgs {
|
|
|
|
return payloadArgs{
|
|
|
|
blockHash: cl.Hash(),
|
|
|
|
shardID: cl.ShardID(),
|
|
|
|
epoch: cl.Epoch(),
|
|
|
|
number: cl.Number().Uint64(),
|
|
|
|
viewID: cl.ViewID().Uint64(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (args payloadArgs) constructPayload(chain engine.ChainReader) []byte {
|
|
|
|
return signature.ConstructCommitPayload(chain, args.epoch, args.blockHash, args.number, args.viewID)
|
|
|
|
}
|
|
|
|
|
|
|
|
type sigArgs struct {
|
|
|
|
sig bls_cosi.SerializedSignature
|
|
|
|
bitmap []byte
|
|
|
|
}
|
|
|
|
|
|
|
|
type (
|
|
|
|
// epochCtxKey is the key for caching epochCtx
|
|
|
|
epochCtxKey struct {
|
|
|
|
shardID uint32
|
|
|
|
epoch uint64
|
|
|
|
}
|
|
|
|
|
|
|
|
// epochCtx is the epoch's context used for signature verification.
|
|
|
|
// The value is fixed for each epoch and is cached in engineImpl.
|
|
|
|
epochCtx struct {
|
|
|
|
qrVerifier quorum.Verifier
|
|
|
|
pubKeys []bls.PublicKeyWrapper
|
|
|
|
}
|
|
|
|
)
|
|
|
|
|
|
|
|
func readEpochCtxFromChain(chain engine.ChainReader, key epochCtxKey) (epochCtx, error) {
|
|
|
|
var (
|
|
|
|
epoch = new(big.Int).SetUint64(key.epoch)
|
|
|
|
targetShardID = key.shardID
|
|
|
|
)
|
|
|
|
ss, err := readShardState(chain, epoch, targetShardID)
|
|
|
|
if err != nil {
|
|
|
|
return epochCtx{}, err
|
|
|
|
}
|
|
|
|
shardComm, err := ss.FindCommitteeByID(targetShardID)
|
|
|
|
if err != nil {
|
|
|
|
return epochCtx{}, err
|
|
|
|
}
|
|
|
|
pubKeys, err := shardComm.BLSPublicKeys()
|
|
|
|
if err != nil {
|
|
|
|
return epochCtx{}, err
|
|
|
|
}
|
|
|
|
isStaking := chain.Config().IsStaking(epoch)
|
|
|
|
qrVerifier, err := quorum.NewVerifier(shardComm, epoch, isStaking)
|
|
|
|
if err != nil {
|
|
|
|
return epochCtx{}, err
|
|
|
|
}
|
|
|
|
return epochCtx{
|
|
|
|
qrVerifier: qrVerifier,
|
|
|
|
pubKeys: pubKeys,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func readShardState(chain engine.ChainReader, epoch *big.Int, targetShardID uint32) (*shard.State, error) {
|
|
|
|
// When doing cross shard, we need recalculate the shard state since we don't have
|
|
|
|
// shard state of other shards
|
|
|
|
if needRecalculateStateShard(chain, epoch, targetShardID) {
|
|
|
|
shardState, err := committee.WithStakingEnabled.Compute(epoch, chain)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "compute shard state for epoch %v", epoch)
|
|
|
|
}
|
|
|
|
return shardState, nil
|
|
|
|
|
|
|
|
} else {
|
|
|
|
shardState, err := chain.ReadShardState(epoch)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "read shard state for epoch %v", epoch)
|
|
|
|
}
|
|
|
|
return shardState, nil
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// only recalculate for non-staking epoch and targetShardID is not the same
|
|
|
|
// as engine
|
|
|
|
func needRecalculateStateShard(chain engine.ChainReader, epoch *big.Int, targetShardID uint32) bool {
|
|
|
|
if chain.Config().IsStaking(epoch) {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return targetShardID != chain.ShardID()
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetLockPeriodInEpoch returns the delegation lock period for the given chain
|
|
|
|
func GetLockPeriodInEpoch(chain engine.ChainReader, epoch *big.Int) int {
|
|
|
|
lockPeriod := staking.LockPeriodInEpoch
|
|
|
|
if chain.Config().IsRedelegation(epoch) {
|
|
|
|
lockPeriod = staking.LockPeriodInEpoch
|
|
|
|
} else if chain.Config().IsQuickUnlock(epoch) {
|
|
|
|
lockPeriod = staking.LockPeriodInEpochV2
|
|
|
|
}
|
|
|
|
return lockPeriod
|
|
|
|
}
|