[BEEFY] Add runtime support for reporting fork voting #4522
Conversation
serban300
added
R0-silent
| } | ||
|
|
||
| let evidence = call.to_equivocation_evidence_for().ok_or(InvalidTransaction::Call)?; | ||
| let tag = (evidence.offender_id().clone(), evidence.set_id(), *evidence.round_number()); |
There was a problem hiding this comment.
Do we need to accept two different types of equivocation reports (double voting and fork voting) at a single slot? If so, we maybe need to add that type to the tag
There was a problem hiding this comment.
I don't think we can accept 2 equivocation reports from the same offender in the same round. I think check_evidence will fail:
fn check_evidence(
evidence: EquivocationEvidenceFor<T>,
) -> Result<(), TransactionValidityError> {
let offender = evidence.checked_offender::<P>().ok_or(InvalidTransaction::BadProof)?;
// Check if the offence has already been reported, and if so then we can discard the report.
let time_slot = TimeSlot { set_id: evidence.set_id(), round: *evidence.round_number() };
if R::is_known_offence(&[offender], &time_slot) {
Err(InvalidTransaction::Stale.into())
} else {
Ok(())
}
}
There was a problem hiding this comment.
Sorry, we could change check_evidence. I don't know what would be best. I would lean towards staying consistent with the current approach where we accept one equivocation per (offender, set_id, round).
There was a problem hiding this comment.
I don't see anywhere in this PR the extrinsic used to report these ForkEquivocations..
I am thinking since you only allow single offender per report does that mean that for a slashable fork equivocation we need to report all the offenders across multiple blocks?
There was a problem hiding this comment.
I don't see anywhere in this PR the extrinsic used to report these ForkEquivocations..
The extrinsic is here .
I am thinking since you only allow single offender per report does that mean that for a slashable fork equivocation we need to report all the offenders across multiple blocks?
Hmmm good point. Could be. I can try to implement the solution that was discussed here. It's good to have it anyway.
There was a problem hiding this comment.
The extrinsic is here .
Right, I got confused. I had noticed we don't have runtime APIs for the "unsigned" version of the call. Should we add it?
There was a problem hiding this comment.
Yes, missed that. Will add it.
There was a problem hiding this comment.
I am thinking since you only allow single offender per report does that mean that for a slashable fork equivocation we need to report all the offenders across multiple blocks?
Hmmm good point. Could be. I can try to implement the solution that was discussed here. It's good to have it anyway.
Done. PTAL ! Relevant commit: f709cef
Right, I got confused. I had noticed we don't have runtime APIs for the "unsigned" version of the call. Should we add it?
Yes, missed that. Will add it.
On a second thought, I think it's better to do this in a separate PR together with the logic for generating the ancestry proofs since the type of the ancestry proof will depend on that (it could either be AncestryProof or OpaqueValue, depending on how we generate it). WDYT ?
acatangiu
removed
the
R0-silent
When you state "at once in the future": |
Discussed offline. I am not sure if we should support a batch of votes, since it will complicate things, but if we do, we can do any of the 2 options. They both seem ok to me. |
Define `OpaqueValue` and use it instead of `grandpa::OpaqueKeyOwnershipProof` and `beefy:OpaqueKeyOwnershipProof` Related to #4522 (comment) We'll need to introduce a runtime API method that calls the `report_fork_voting_unsigned()` extrinsic. This method will need to receive the ancestry proof as a paramater. I'm still not sure, but there is a chance that we'll send the ancestry proof as an opaque type. So let's introduce this `OpaqueValue`. We can already use it to replace `grandpa::OpaqueKeyOwnershipProof` and `beefy:OpaqueKeyOwnershipProof` and maybe we'll need it for the ancestry proof as well. --------- Co-authored-by: Bastian Köcher <git@kchr.de>
Define `OpaqueValue` and use it instead of `grandpa::OpaqueKeyOwnershipProof` and `beefy:OpaqueKeyOwnershipProof` Related to paritytech#4522 (comment) We'll need to introduce a runtime API method that calls the `report_fork_voting_unsigned()` extrinsic. This method will need to receive the ancestry proof as a paramater. I'm still not sure, but there is a chance that we'll send the ancestry proof as an opaque type. So let's introduce this `OpaqueValue`. We can already use it to replace `grandpa::OpaqueKeyOwnershipProof` and `beefy:OpaqueKeyOwnershipProof` and maybe we'll need it for the ancestry proof as well. --------- Co-authored-by: Bastian Köcher <git@kchr.de>
Co-authored-by: Adrian Catangiu <adrian@parity.io>
| @@ -50,6 +57,11 @@ impl crate::WeightInfo for () { | |||
| .saturating_add(DbWeight::get().reads(2)) | |||
| } | |||
|
|
|||
| // TODO: Calculate | |||
There was a problem hiding this comment.
@serban300 what about this TODO?
There was a problem hiding this comment.
I plan to do this in a separate PR, as mentioned in the description. Also keeping track of it in the issue: #4523 to make sure we don't forget.
| doc: | ||
| - audience: | ||
| - Runtime Dev | ||
| - Runtime User |
There was a problem hiding this comment.
Is this description relevant to runtime users?
There was a problem hiding this comment.
I'm thinking it might be helpful for them to know of the new extrinsics.
b6f1823
Related to paritytech#4523 Extracting part of paritytech#1903 (credits to @Lederstrumpf for the high-level strategy), but also introducing significant adjustments both to the approach and to the code. The main adjustment is the fact that the `ForkVotingProof` accepts only one vote, compared to the original version which accepted a `vec![]`. With this approach more calls are needed in order to report multiple equivocated votes on the same commit, but it simplifies a lot the checking logic. We can add support for reporting multiple signatures at once in the future. There are 2 things that are missing in order to consider this issue done, but I would propose to do them in a separate PR since this one is already pretty big: - benchmarks/computing a weight for the new extrinsic (this wasn't present in paritytech#1903 either) - exposing an API for generating the ancestry proof. I'm not sure if we should do this in the Mmr pallet or in the Beefy pallet Co-authored-by: Robert Hambrock <roberthambrock@gmail.com> --------- Co-authored-by: Adrian Catangiu <adrian@parity.io>
Define `OpaqueValue` and use it instead of `grandpa::OpaqueKeyOwnershipProof` and `beefy:OpaqueKeyOwnershipProof` Related to paritytech#4522 (comment) We'll need to introduce a runtime API method that calls the `report_fork_voting_unsigned()` extrinsic. This method will need to receive the ancestry proof as a paramater. I'm still not sure, but there is a chance that we'll send the ancestry proof as an opaque type. So let's introduce this `OpaqueValue`. We can already use it to replace `grandpa::OpaqueKeyOwnershipProof` and `beefy:OpaqueKeyOwnershipProof` and maybe we'll need it for the ancestry proof as well. --------- Co-authored-by: Bastian Köcher <git@kchr.de>
Related to paritytech#4523 Extracting part of paritytech#1903 (credits to @Lederstrumpf for the high-level strategy), but also introducing significant adjustments both to the approach and to the code. The main adjustment is the fact that the `ForkVotingProof` accepts only one vote, compared to the original version which accepted a `vec![]`. With this approach more calls are needed in order to report multiple equivocated votes on the same commit, but it simplifies a lot the checking logic. We can add support for reporting multiple signatures at once in the future. There are 2 things that are missing in order to consider this issue done, but I would propose to do them in a separate PR since this one is already pretty big: - benchmarks/computing a weight for the new extrinsic (this wasn't present in paritytech#1903 either) - exposing an API for generating the ancestry proof. I'm not sure if we should do this in the Mmr pallet or in the Beefy pallet Co-authored-by: Robert Hambrock <roberthambrock@gmail.com> --------- Co-authored-by: Adrian Catangiu <adrian@parity.io>
Related to #4523
Extracting part of #1903 (credits to @Lederstrumpf for the high-level strategy), but also introducing significant adjustments both to the approach and to the code. The main adjustment is the fact that the
ForkVotingProofaccepts only one vote, compared to the original version which accepted avec![]. With this approach more calls are needed in order to report multiple equivocated votes on the same commit, but it simplifies a lot the checking logic. We can add support for reporting multiple signatures at once in the future.There are 2 things that are missing in order to consider this issue done, but I would propose to do them in a separate PR since this one is already pretty big:
Co-authored-by: Robert Hambrock roberthambrock@gmail.com