Expose functions to do preliminary slashing checks #7783
Conversation
michaelsproul
added
val-client
AgeManning
left a comment
AgeManning
left a comment
There was a problem hiding this comment.
I support these changes.
@michaelsproul suggested a good modification.
We probably should disallow these functions in lighthouse by doing something like this:
https://github.com/sigp/lighthouse/blob/stable/consensus/types/clippy.toml
dknopik
left a comment
dknopik
left a comment
There was a problem hiding this comment.
@michaelsproul good idea, done :)
| *.tar.gz | ||
| /bin | ||
| genesis.ssz | ||
| /clippy.toml |
There was a problem hiding this comment.
Not sure why this was here
| block_header: &BeaconBlockHeader, | ||
| domain: Hash256, | ||
| ) -> Result<Safe, NotSafe> { | ||
| #[allow(clippy::disallowed_methods)] |
There was a problem hiding this comment.
needed, as even disallowed methods may not call disallowed methods
|
CI should pass now, we've bumped the HTTP test timeout on unstable |
|
This pull request has been removed from the queue for the following reason: The merge conditions cannot be satisfied due to failing checks: You may have to fix your CI before adding the pull request to the queue again. |
|
@mergify requeue |
✅ The queue state of this pull request has been cleaned. It can be re-embarked automatically |
|
This pull request has been removed from the queue for the following reason: The merge conditions cannot be satisfied due to failing checks: You may have to fix your CI before adding the pull request to the queue again. |
Co-Authored-By: Daniel Knopik <[email protected]> Co-Authored-By: Michael Sproul <[email protected]>
Co-Authored-By: Daniel Knopik <[email protected]> Co-Authored-By: Michael Sproul <[email protected]>
Co-Authored-By: Daniel Knopik <[email protected]> Co-Authored-By: Michael Sproul <[email protected]>
3 participants
Thiiiis one is a bit spicy:
Currently, the slashing database only exposes functions to atomically check slashability of an attestation/block and then insert the corresponding data into the database. As this is done atomically, we can fearlessly sign the thing as other threads will definitely see the inserted data.
In Anchor, we first decide with the SSV committee which attestation/block we should sign, and then create a partial signature and broadcast it. Until now, we did the slashing check-and-insert right before creating the partial signature, and will continue to do so. However, we want to be able to check whether a thing is slashable in the first step, in order to not decide on a invalid value and then sign nothing, as the the slashing check fails.
Basically, we want to move from:
flowchart LR A@{ shape: sm-circ, label: "Small start" } --> Z[Wait for block] Z --> B[Decide block] B --> C{Is safe?} C -->|Yes| D[Create partial sig] C -->|No| E[Sign nothing]to
flowchart LR A@{ shape: sm-circ, label: "Small start" } --> Z[Wait for block] Z --> C{"Is safe?<br>(check only)"} C -->|Yes| B[Decide block] C -->|No| Z B --> D{"Is safe?<br>(check and insert)"} D -->|Yes| H[Create partial sig] D -->|No| I[Sign nothing]For this, we need to expose check only functions in the slashing database. This introduces a way for the user of the slashing database to shoot themselves in the foot.