mirror of
https://gitlab.com/pulsechaincom/prysm-pulse.git
synced 2024-12-25 21:07:18 +00:00
92932ae58e
* Change LowestSignedProposal to Also Return a Boolean for Slashing Protection (#8020) * amend to use bools * ineff assign * comment * Update `LowestSignedTargetEpoch` to include exists (#8004) * Replace highest with lowerest * Update validator/db/kv/attestation_history_v2.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update validator/db/kv/attestation_history_v2.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Invert equality for saveLowestSourceTargetToDB * Add eip checks to ensure epochs cant be lower than db ones * Should be less than equal to * Check if epoch exists in DB getters * Revert run time checks Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> * Export Attesting History for Slashing Interchange Standard (#8027) * added in att history checks * logic for export * export return nil * test for export atts * round trip passes first try! * rem println * fix up tests * pass test * Validate Proposers Are Not Slashable With Regard to Data Within Slasher Interchange JSON (#8031) * filter slashable blocks and atts in same json stub * add filter blocks func * add test for filtering out the bad public keys * Export Slashing Protection History Via CLI (#8040) * include cli entrypoint for history exports * builds properly * test to confirm we export the data as expected * abstract helpers properly * full test suite * gaz * better errors * marshal ident * Add the additional eip-3076 attestation checks (#7966) * Replace highest with lowerest * Update validator/db/kv/attestation_history_v2.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Update validator/db/kv/attestation_history_v2.go Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Invert equality for saveLowestSourceTargetToDB * Add eip checks to ensure epochs cant be lower than db ones * Should be less than equal to * Check if epoch exists in DB getters Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Add EIP-3076 Invariants for Proposer Slashing Protection (#8067) * add invariant for proposer protection * write different test cases * pass tests * Add EIP-3076 Interchange JSON CLI command to validator (#7880) * Import JSON CLI * CLI impotr * f * Begin adding new commands in slashing protection * Move testing helpers to separate packae * Add command for importing slashing protection JSONs * fix import cycle * fix test * Undo cleaning changes * Improvements * Add better prompts * Fix prompt * Fix * Fix * Fix * Fix conflict * Fix * Fixes * Fixes * Fix exported func * test func * Fixes * fix test * simplify import and standardize with export * add round trip test * true integration test works * fix up comments * logrus * better error * fix build * build fix * Update validator/slashing-protection/cli_export.go Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * Update validator/slashing-protection/cli_import.go Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * fmt Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * Filter Slashable Attester Public Keys in Slashing Interchange Import (#8051) * filter slashable attesters from the same JSON * builds * fix up initially broken test * circular dep * import fix * giz * added in attesting history package * add test for filter slashable attester keys * pass tests * Save Slashable Keys to Disk in the Validator Client (#8082) * begin db funcs * add in test and bucket * gaz * rem changes to import * ineff assign * add godoc * Properly Handle Duplicate Public Key Entries in Slashing Interchange Imports (#8089) * Prevent Blacklisted Public Keys from Slashing Protection Imports from Having Duties at Runtime (#8084) * tests on update duties * ensure the slashable public keys are filtered out from update duties via test * begin test * attempt test * rename for better context * pass tests * deep source * ensure tests pass * Check for Signing Root Mismatch When Submitting Proposals and Importing Proposals in Slashing Interchange (#8085) * flexible signing root * add test * add tests * fix test * Preston's comments * res tests * ensure we consider the case for minimum proposals * pass test * tests passing * rem unused code * Set Empty Epochs in Between Attestations as FAR_FUTURE_EPOCH in Attesting History (#8113) * set target data * all tests passing * ineff assign * signing root * Add Slashing Interchange, EIP-3076, Spec Tests to Prysm (#7858) * Add interchange test framework * add checks for attestations * Import genesis root if necessary * flexible signing root * add test * Sync * fix up test build * only 3 failing tests now * two failing * attempting to debug problems in conformity tests * include latest changes * protect test in validator/client passing * pass tests * imports * spec tests passing with bazel * gh archive link to spectests using tar.gz suffix * rev * rev more comment changes * fix sha * godoc * add back save Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * Implement Migration for Unattested Epochs in Attesting History Database (#8121) * migrate attesting history backbone done * begin migration logic * implement migration logic * migration test * add test * migration logic * bazel * migration to its own file * Handle empty blocks and attestations in interchange json and sort interchange json by public key (#8132) * Handle empty blocks and attestations in interchange json * add test * sort json * easier empty arrays * pass test Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> * builds * more tests finally build * Align Slashing Interchange With Optimized Slashing Protection (#8268) * attestation history should account for multiple targets per source * attempt at some fixes * attempt some test fixes * experimenting with sorting * only one more failing test * tests now pass * slash protect tests passing * only few tests now failing * only spec tests failing now * spec tests passing * all tests passing * helper function for verifying double votes * use helper * gaz * deep source * tests fixed * expect specific number of times for domain data calls * final comments * Batch Save Imported EIP-3076 Attestations (#8304) * optimize save * test added * add test for sad path Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> * revert bad find replace * add comment to db func Co-authored-by: terence tsao <terence@prysmaticlabs.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Ivan Martinez <ivanthegreatdev@gmail.com> Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> Co-authored-by: Shay Zluf <thezluf@gmail.com>
120 lines
4.1 KiB
Go
120 lines
4.1 KiB
Go
package client
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/pkg/errors"
|
|
ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"
|
|
"github.com/prysmaticlabs/prysm/shared/blockutil"
|
|
"github.com/prysmaticlabs/prysm/shared/featureconfig"
|
|
"github.com/prysmaticlabs/prysm/shared/params"
|
|
"github.com/sirupsen/logrus"
|
|
)
|
|
|
|
var failedPreBlockSignLocalErr = "attempted to sign a double proposal, block rejected by local protection"
|
|
var failedPreBlockSignExternalErr = "attempted a double proposal, block rejected by remote slashing protection"
|
|
var failedPostBlockSignErr = "made a double proposal, considered slashable by remote slashing protection"
|
|
|
|
func (v *validator) preBlockSignValidations(
|
|
ctx context.Context, pubKey [48]byte, block *ethpb.BeaconBlock, signingRoot [32]byte,
|
|
) error {
|
|
fmtKey := fmt.Sprintf("%#x", pubKey[:])
|
|
|
|
prevSigningRoot, proposalAtSlotExists, err := v.db.ProposalHistoryForSlot(ctx, pubKey, block.Slot)
|
|
if err != nil {
|
|
if v.emitAccountMetrics {
|
|
ValidatorProposeFailVec.WithLabelValues(fmtKey).Inc()
|
|
}
|
|
return errors.Wrap(err, "failed to get proposal history")
|
|
}
|
|
|
|
lowestSignedProposalSlot, lowestProposalExists, err := v.db.LowestSignedProposal(ctx, pubKey)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
// If a proposal exists in our history for the slot, we check the following:
|
|
// If the signing root is empty (zero hash), then we consider it slashable. If signing root is not empty,
|
|
// we check if it is different than the incoming block's signing root. If that is the case,
|
|
// we consider that proposal slashable.
|
|
signingRootIsDifferent := prevSigningRoot == params.BeaconConfig().ZeroHash || prevSigningRoot != signingRoot
|
|
if proposalAtSlotExists && signingRootIsDifferent {
|
|
if v.emitAccountMetrics {
|
|
ValidatorProposeFailVec.WithLabelValues(fmtKey).Inc()
|
|
}
|
|
return errors.New(failedPreBlockSignLocalErr)
|
|
}
|
|
|
|
// Based on EIP3076, validator should refuse to sign any proposal with slot less
|
|
// than or equal to the minimum signed proposal present in the DB for that public key.
|
|
// In the case the slot of the incoming block is equal to the minimum signed proposal, we
|
|
// then also check the signing root is different.
|
|
if lowestProposalExists && signingRootIsDifferent && lowestSignedProposalSlot >= block.Slot {
|
|
return fmt.Errorf(
|
|
"could not sign block with slot <= lowest signed slot in db, lowest signed slot: %d >= block slot: %d",
|
|
lowestSignedProposalSlot,
|
|
block.Slot,
|
|
)
|
|
}
|
|
|
|
if featureconfig.Get().SlasherProtection && v.protector != nil {
|
|
blockHdr, err := blockutil.BeaconBlockHeaderFromBlock(block)
|
|
if err != nil {
|
|
return errors.Wrap(err, "failed to get block header from block")
|
|
}
|
|
if !v.protector.CheckBlockSafety(ctx, blockHdr) {
|
|
if v.emitAccountMetrics {
|
|
ValidatorProposeFailVecSlasher.WithLabelValues(fmtKey).Inc()
|
|
}
|
|
return errors.New(failedPreBlockSignExternalErr)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (v *validator) postBlockSignUpdate(
|
|
ctx context.Context,
|
|
pubKey [48]byte,
|
|
block *ethpb.SignedBeaconBlock,
|
|
signingRoot [32]byte,
|
|
) error {
|
|
fmtKey := fmt.Sprintf("%#x", pubKey[:])
|
|
if featureconfig.Get().SlasherProtection && v.protector != nil {
|
|
sbh, err := blockutil.SignedBeaconBlockHeaderFromBlock(block)
|
|
if err != nil {
|
|
return errors.Wrap(err, "failed to get block header from block")
|
|
}
|
|
valid, err := v.protector.CommitBlock(ctx, sbh)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !valid {
|
|
if v.emitAccountMetrics {
|
|
ValidatorProposeFailVecSlasher.WithLabelValues(fmtKey).Inc()
|
|
}
|
|
return fmt.Errorf(failedPostBlockSignErr)
|
|
}
|
|
}
|
|
if err := v.db.SaveProposalHistoryForSlot(ctx, pubKey, block.Block.Slot, signingRoot[:]); err != nil {
|
|
if v.emitAccountMetrics {
|
|
ValidatorProposeFailVec.WithLabelValues(fmtKey).Inc()
|
|
}
|
|
return errors.Wrap(err, "failed to save updated proposal history")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func blockLogFields(pubKey [48]byte, blk *ethpb.BeaconBlock, sig []byte) logrus.Fields {
|
|
fields := logrus.Fields{
|
|
"proposerPublicKey": fmt.Sprintf("%#x", pubKey),
|
|
"proposerIndex": blk.ProposerIndex,
|
|
"blockSlot": blk.Slot,
|
|
}
|
|
if sig != nil {
|
|
fields["signature"] = fmt.Sprintf("%#x", sig)
|
|
}
|
|
return fields
|
|
}
|