lighthouse-pulse/account_manager
Michael Sproul 0a77d783a4 Make slashing protection import more resilient (#2598)
## Issue Addressed

Closes #2419

## Proposed Changes

Address a long-standing issue with the import of slashing protection data where the import would fail due to the data appearing slashable w.r.t the existing database. Importing is now idempotent, and will have no issues importing data that has been handed back and forth between different validator clients, or different implementations.

The implementation works by updating the high and low watermarks if they need updating, and not attempting to check if the input is slashable w.r.t itself or the database. This is a strengthening of the minification that we started to do by default since #2380, and what Teku has been doing since the beginning.

## Additional Info

The only feature we lose by doing this is the ability to do non-minified imports of clock drifted messages (cf. Prysm on Medalla). In theory, with the previous implementation we could import all the messages in case of clock drift and be aware of the "gap" between the real present time and the messages signed in the far future. _However_ for attestations this is close to useless, as the source epoch will advance as soon as justification occurs, which will require us to make slashable attestations with respect to our bogus attestation(s). E.g. if I sign an attestation 100=>200 when the current epoch is 101, then I won't be able to vote in any epochs prior to 101 becoming justified because 101=>102, 101=>103, etc are all surrounded by 100=>200. Seeing as signing attestations gets blocked almost immediately in this case regardless of our import behaviour, there's no point trying to handle it. For blocks the situation is more hopeful due to the lack of surrounds, but losing block proposals from validators who by definition can't attest doesn't seem like an issue (the other block proposers can pick up the slack).
2021-10-13 01:49:51 +00:00
..
src Make slashing protection import more resilient (#2598) 2021-10-13 01:49:51 +00:00
Cargo.toml Remove unused deps (#2592) 2021-09-30 04:31:42 +00:00
README.md Added deterministic keypair generation. 2019-04-08 15:02:11 +10:00

Lighthouse Account Manager

The account manager (AM) is a stand-alone binary which allows users to generate and manage the cryptographic keys necessary to interact with Ethereum Serenity.

Roles

The AM is responsible for the following tasks:

  • Generation of cryptographic key pairs
    • Must acquire sufficient entropy to ensure keys are generated securely (TBD)
  • Secure storage of private keys
    • Keys must be encrypted while at rest on the disk (TBD)
    • The format is compatible with the validator client
  • Produces messages and transactions necessary to initiate staking on Ethereum 1.x (TPD)

Implementation

The AM is not a service, and does not run continuously, nor does it interact with any running services. It is intended to be executed separately from other Lighthouse binaries and produce files which can be consumed by them.&

Usage

Simply run ./account_manager generate to generate a new random private key, which will be automatically saved to the correct directory.

If you prefer to use our "deterministic" keys for testing purposes, simply run ./accounts_manager generate_deterministic -i <index>, where index is the validator index for the key. This will reliably produce the same key each time and save it to the directory.