Reject close of active vote accounts#22651
Reject close of active vote accounts#22651willhickey merged 18 commits intosolana-labs:masterfrom willhickey:whickey/10461_withdraw_vote_account
Conversation
Codecov Report
@@ Coverage Diff @@
## master #22651 +/- ##
=========================================
- Coverage 81.5% 81.5% -0.1%
=========================================
Files 558 558
Lines 149898 150122 +224
=========================================
+ Hits 122266 122447 +181
- Misses 27632 27675 +43 |
CriesofCarrots
left a comment
CriesofCarrots
left a comment
There was a problem hiding this comment.
Looking good, just one substantive question from me.
Test duplication lgtm. Will be tons easier to clean when either/both features are removed.
|
@CriesofCarrots Thanks for the feedback! I'm making changes now. Does the checked math rule apply to tests and test helper functions too? |
Nope, just the program code itself. Feel free to do whatever's easiest or easiest to read for tests |
Co-authored-by: Tyera Eulberg <teulberg@gmail.com>
Co-authored-by: Tyera Eulberg <teulberg@gmail.com>
… that has credits in vote_state
CriesofCarrots
left a comment
CriesofCarrots
left a comment
There was a problem hiding this comment.
lgtm! Thanks for all the iterations and polish.
@t-nelson , can you give this a quick sanity check? 🙏
mergify
Bot
dismissed
CriesofCarrots’s stale review
Pull request has been modified.
CriesofCarrots
left a comment
CriesofCarrots
left a comment
There was a problem hiding this comment.
oh, nit: we should probably update the error msgs. One possibility suggested below; wordsmithing welcome.
Co-authored-by: Tyera Eulberg <teulberg@gmail.com>
Co-authored-by: Tyera Eulberg <teulberg@gmail.com>
t-nelson
left a comment
t-nelson
left a comment
There was a problem hiding this comment.
looks great! I love the test coverage. All I have is one logical simplification suggestion and a comment from Tyera's review.
If vote_state.epoch_credits.is_empty(), it should mean the vote account hasn't received any credits ever.
Yes, the VoteState is what is stored in a Vote account on chain, so part of the accounts state on all validators.
There's probably a small race condition here if (a) a validator has submitted it's first votes which haven't landed yet and (b) empties its vote account, but that shouldn't matter for the protection we're trying to add.
Since stake can't be delegated to a validator that hasn't voted, I don't think the race even exists in any meaningful way
Co-authored-by: Trent Nelson <trent.a.b.nelson@gmail.com>
mergify
Bot
dismissed
t-nelson’s stale review
Pull request has been modified.
|
@t-nelson I hadn't encountered zip before... thanks for the handy new tool! Should I backport this to 1.9 or just merge it to master? |
I say v1.9 for sure. @t-nelson, do you foresee any more v1.8 releases? If so, I'd like to have this there too. |
|
Yeah we're definitely going to see more 1.8.x. Let's take it all the way back |
* 10461 Reject close of vote accounts unless it earned no credits in the previous epoch. This is checked by comparing current epoch (from clock sysvar) with the most recent epoch with credits in vote state. (cherry picked from commit 75563f6) # Conflicts: # programs/vote/src/vote_processor.rs # programs/vote/src/vote_state/mod.rs # runtime/src/bank.rs # sdk/program/src/instruction.rs # sdk/program/src/program_error.rs # storage-proto/proto/transaction_by_addr.proto # storage-proto/src/convert.rs
* 10461 Reject close of vote accounts unless it earned no credits in the previous epoch. This is checked by comparing current epoch (from clock sysvar) with the most recent epoch with credits in vote state. (cherry picked from commit 75563f6) # Conflicts: # programs/vote/src/vote_processor.rs # sdk/src/feature_set.rs
* Reject close of active vote accounts (#22651) * 10461 Reject close of vote accounts unless it earned no credits in the previous epoch. This is checked by comparing current epoch (from clock sysvar) with the most recent epoch with credits in vote state. (cherry picked from commit 75563f6) # Conflicts: # programs/vote/src/vote_processor.rs # sdk/src/feature_set.rs * Resolve merge conflicts Co-authored-by: Will Hickey <csu_hickey@yahoo.com> Co-authored-by: Will Hickey <will.hickey@solana.com>
* Reject close of active vote accounts (#22651) * 10461 Reject close of vote accounts unless it earned no credits in the previous epoch. This is checked by comparing current epoch (from clock sysvar) with the most recent epoch with credits in vote state. (cherry picked from commit 75563f6) # Conflicts: # programs/vote/src/vote_processor.rs # programs/vote/src/vote_state/mod.rs # runtime/src/bank.rs # sdk/program/src/instruction.rs # sdk/program/src/program_error.rs # storage-proto/proto/transaction_by_addr.proto # storage-proto/src/convert.rs * Resolve merge conflicts * lint * Clippy cleanup * Add import to test module * remove vote processor * Update test_abi_digest hash * cleanup Co-authored-by: Will Hickey <csu_hickey@yahoo.com> Co-authored-by: Will Hickey <will.hickey@solana.com>
* 10461 Reject close of vote accounts unless it earned no credits in the previous epoch. This is checked by comparing current epoch (from clock sysvar) with the most recent epoch with credits in vote state.
jstarry
added
the
feature-gate
4 participants
Issue 10461
Problem
Withdrawing the rent exempt reserve from a vote account will close the account. This shouldn't be allowed for active vote accounts.
Summary of Changes
Attempted withdraws of the rent exempt reserve check whether the vote account received any credits in the most recent completed epoch. If they did, the withdraw is rejected with an error.
Note: This change is feature gated, and PR 21639 also created a feature in the same function, so the unit test matrix has ballooned and includes a lot of duplicated code. The duplication could be factored out but I choose to leave most of it unrolled to simplify cleanup once both features are activated.
Feature Gate Issue: #24488