(DNM) Prevent users from both directly staking and joining pool #4804
Conversation
Ank4n
force-pushed
the
ankan/mutually-exclusive-pool-stakers
branch
from
54db650
to
f77ddfc
Compare
|
The CI pipeline was cancelled due to failure one of the required jobs. |
There was a problem hiding this comment.
sgtm
How much is the stake behind the 27 who are now double staked?
probably they will figure it out, but would be good to think as much as we can about how we can help them find their way out of this maze (without eg. talking to the extrinsics tab of PJS 🤭). Maybe a polkadot wiki page about pools can be updated about this.
|
My dirty script to count number of accounts doing both staking and pool was totally off. The number is much larger and yeah we will need to do a better communication about it (such as putting this info on polkadot wiki). There are 648 accounts on Polkadot and 321 accounts on Kusama that are taking part in both. |
Related: #4804. Fixes the try state error in Westend: https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6564522. Passes here: https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6580393 ## Context Currently in Kusama and Polkadot, an account can do both, directly stake, and join a pool. With the migration of pools to `DelegateStake` (See #3905), the funds of pool members are locked in a different way than for direct stakers. - Pool member funds uses `holds`. - `pallet-staking` uses deprecated locks (analogous to freeze) which can overlap with holds. An existing delegator can stake directly since pallet-staking only uses free balance. But once an account becomes staker, we cannot allow them to be delegator as this risks an account to use already staked (frozen) funds in pools. When an account gets into a situation where it is participating in both pools and staking, it would no longer would be able to add any extra bond to the pool but they can still withdraw funds. ## Changes - Add test for the above scenario. - Removes the assumption that a delegator cannot be a staker.
Ank4n
changed the title
…#4904) Related: paritytech#4804. Fixes the try state error in Westend: https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6564522. Passes here: https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6580393 ## Context Currently in Kusama and Polkadot, an account can do both, directly stake, and join a pool. With the migration of pools to `DelegateStake` (See paritytech#3905), the funds of pool members are locked in a different way than for direct stakers. - Pool member funds uses `holds`. - `pallet-staking` uses deprecated locks (analogous to freeze) which can overlap with holds. An existing delegator can stake directly since pallet-staking only uses free balance. But once an account becomes staker, we cannot allow them to be delegator as this risks an account to use already staked (frozen) funds in pools. When an account gets into a situation where it is participating in both pools and staking, it would no longer would be able to add any extra bond to the pool but they can still withdraw funds. ## Changes - Add test for the above scenario. - Removes the assumption that a delegator cannot be a staker.
| // alice cannot directly stake. | ||
| assert_noop!( | ||
| Staking::bond(RuntimeOrigin::signed(alice), 300, RewardDestination::Account(alice)), | ||
| StakingError::<T>::Blacklisted |
There was a problem hiding this comment.
I find this error too dramatic. If I was a user and didn't know what Blacklisted meant in this context, I'd probably panic. Maybe we could rename it to Error::UnableToBond instead or something else?
| @@ -1946,6 +1949,9 @@ pub mod pallet { | |||
| NotMigrated, | |||
| /// This call is not allowed in the current state of the pallet. | |||
| NotSupported, | |||
| /// Account is blacklisted from participation in pools. This may happen if the account is | |||
| /// staking in another way already. | |||
| Blacklisted, | |||
There was a problem hiding this comment.
As mentioned above, I think "BlackListed" may be too overwhelming for a end-user as it seems it's excluding the user from bonding/staking for malicious reasons. Maybe we could rename it to UnableToStake or something similar?
OTOH naming the config types as Blacklisted seems ok since that's internal to devs.
| /// pools account and immediately increases the pools bond. | ||
| /// Stake funds with a pool. The amount to bond is delegated (or transferred based on | ||
| /// [`adapter::StakeStrategyType`]) from the member to the pool account and immediately | ||
| /// increases the pools bond. |
There was a problem hiding this comment.
| /// increases the pools bond. | |
| /// increases the pool's bond. |
| @@ -3948,3 +3963,10 @@ impl<T: Config> sp_staking::OnStakingUpdate<T::AccountId, BalanceOf<T>> for Pall | |||
| } | |||
| } | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
Maybe add some rustdoc to this struct?
| @@ -1341,3 +1342,10 @@ impl<T: Config, const DISABLING_LIMIT_FACTOR: usize> DisablingStrategy<T> | |||
| Some(offender_idx) | |||
| } | |||
| } | |||
|
|
|||
There was a problem hiding this comment.
Maybe add rustdoc to this struct?
| @@ -934,6 +946,9 @@ pub mod pallet { | |||
| NotEnoughFunds, | |||
| /// Operation not allowed for virtual stakers. | |||
| VirtualStakerNotAllowed, | |||
| /// Account is blacklisted and is only allowed to withdraw existing funds. This may happen | |||
| /// if the account is participating in staking in another way already. | |||
| Blacklisted, | |||
There was a problem hiding this comment.
Same as in comment above.
|
Closing this as will go ahead with this. Instead we will look to migrate staking pallet to use Fungible::holds. |
…#4904) Related: paritytech#4804. Fixes the try state error in Westend: https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6564522. Passes here: https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6580393 ## Context Currently in Kusama and Polkadot, an account can do both, directly stake, and join a pool. With the migration of pools to `DelegateStake` (See paritytech#3905), the funds of pool members are locked in a different way than for direct stakers. - Pool member funds uses `holds`. - `pallet-staking` uses deprecated locks (analogous to freeze) which can overlap with holds. An existing delegator can stake directly since pallet-staking only uses free balance. But once an account becomes staker, we cannot allow them to be delegator as this risks an account to use already staked (frozen) funds in pools. When an account gets into a situation where it is participating in both pools and staking, it would no longer would be able to add any extra bond to the pool but they can still withdraw funds. ## Changes - Add test for the above scenario. - Removes the assumption that a delegator cannot be a staker.
Context
Currently, an account can do both, directly stake, and join a pool.
With the migration of pools to
DelegateStake(See #3905), the funds of pool members are locked in a different way than for direct stakers.holdsafter migration.pallet-stakinguses deprecated locks (analogous to freeze) but they can overlap with holds.Note that once we migrate
pallet-stakingto use fungibles, it will also start using non-overlapping holds.Risk
This makes it possible for a direct staker to reuse the staked (frozen) funds to be used for participating in a pool (hold) as well. Essentially double staking with the same funds.
This is prevented currently by
pallet-delegated-stakingnot allowing direct stakers to delegate, as well as bypallet-stakingonly taking free balance into account. But this is not documented well and a bit fragile.Changes
A better way would be to make pool and staking mutually exclusive. This PR introduces a new config type
Blacklisttopallet-nomination-poolsandpallet-stakingthat can be configured to blacklist some accounts from participating in respective pallets. We then blacklist allpallet-stakingstakers from participating in pools, and all pool members from participating inpallet-staking.Note that there are 648 accounts in Polkadot and 321 accounts in Kusama who are both pool member and a staker. After this change, these accounts would not be able to bond extra funds to their stake but can still withdraw. Once they have withdrawn all their funds from pool, they would be able to bond additional funds to staking and vice versa.