mirror/prysm-pulse
1
0
Fork 0
mirror of https://gitlab.com/pulsechaincom/prysm-pulse.git synced 2024-12-22 19:40:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
61ab4bf7ca
prysm-pulse/validator/client/slashing_protection_interchange_test.go
Manu NALEPA 1112e01c06
Make Prysm VC compatible with the version v5.3.0 of the slashing protections interchange tests. (#13232) 
* `TestStore_GenesisValidatorsRoot_ReadAndWrite`: Make all test cases independents.

In a test with multiple test cases, each test case should be independents.
(aka: Removing test case `A` should not impact test case `B`)

* `SaveGenesisValidatorsRoot`: Allow to overwrite the genesis validator root if the root is the same.

* `ProposalHistoryForSlot`: Add `signingRootExists`

Currently, it is not possible with `ProposalHistoryForSlot` to know if a
proposal is stored with and `0x00000....` signing root or with an empty
signing root. Both cases result to `proposalExists == true` and
`signingRoot == 0x00000`.

This commit adds a new return boolean: `signingRootExists`.

If a proposal has been saved with a `0x00000...` signing root, then:
- `proposalExists` is set to `true`, and
- `signingRootExists` is set to `true`, and
- `signingRoot` is set to `0x00000...`

If a proposal has been saved with an empty signing root, then:
- `proposalExists` is set to `true`, and
- `signingRootExists` is set to `false`, and
- (`signingRoot` is set to `0x00000...`)

* `ImportStandardProtectionJSON`: When importing EIP-3076 Slashing Protection Interchange Format, do not filter any more slashable keys.
Note: Those keys are still saved into the black-listed public keys list.

There is two reason not to do so:
- The EIP-3076 test cases do not know about Prysm's internal black-listed public keys list.
  Tests will expect, without looking into this internal black-listed public keys list,
  to deny a further signature. If we filter these keys from the DB (even if we keep them
  into the black-listed keys list), then some tests will fail.
- If we import a interchange file containing slashable keys and we filter them, then,
  if we re-export the DB, those slashing offences won't appear in the exported interchange
  file.

* `transformSignedBlocks`: Store an 0-len byte slice

When importing an EIP-3076 interchange format, and when no
signing root is specified into the file, we currently store a
`0x00000.....` signing root.

In such a case, instead storing `0x00000...`, this commit stores
a 0-len byte array, so we can differentiate real `0x000.....` signing
root and no signing-root at all.

* `slashableProposalCheck`: Manage lack of sign root

Currently, `slashableProposalCheck` does not really make a difference
between a `0x0000.....` signing root and a missing signing root.

(Signing roots can be missing when importing an EIP-3076 interchange
file.)

This commit differentiate, for  `slashableProposalCheck`, `0x0000....`
signing root and a missing signing root.

* `AttestationRecord.SigningRoot`: ==> `[]byte`

When importing attestations from EIP-3076 interchange format,
the signing root of an attestation may be missing.

Currently, Prysm consider any missing attestation signing root as
`0x000...`.
However, it may conflict with signing root which really are equal to
`0x000...`.

This commit transforms `AttestationRecord.SigningRoot` from `[32]byte` to
`[]byte`, and change the minimal set of functions (sic) to support this
new type.

* `CheckSlashableAttestation`: Empty signing root

Regarding slashing roots, 2 attestations are slashable, if:
- both signing roots are defined and differs, or
- one attestation exists, but without a signing root

* `filterSlashablePubKeysFromAttestations`: Err sort

Rergarding `CheckSlashableAttestation`, we consider that:
- If slashable == NotSlashable and err != nil, then CheckSlashableAttestation
failed.
- If slashable != NotSlashable, then err contains the reason why the attestation
is slashable.

* `setupEIP3076SpecTests`: Update to `v5.3.0`

This commit:
- Updates the version of EIP-3076 tests to `v.5.2.1`.
- Setups on anti-slashing DB per test case, instead per step.

* `ImportStandardProtectionJSON`: Reduce cycl cmplxt

* `AttestationHistoryForPubKey`: copy signing root

BoltDB documentation specifies:
| Byte slices returned from Bolt are only valid during a transaction.
| Once the transaction has been committed or rolled back then the memory
| they point to can be reused by a new page or can be unmapped
| from virtual memory and you'll see an unexpected fault address panic
| when accessing it.
2023-12-04 17:10:32 +00:00

175 lines
6.1 KiB
Go
Raw Blame History

package client
import (
"bytes"
"context"
"encoding/hex"
"encoding/json"
"strings"
"testing"
"github.com/bazelbuild/rules_go/go/tools/bazel"
fieldparams "github.com/prysmaticlabs/prysm/v4/config/fieldparams"
"github.com/prysmaticlabs/prysm/v4/consensus-types/blocks"
"github.com/prysmaticlabs/prysm/v4/io/file"
ethpb "github.com/prysmaticlabs/prysm/v4/proto/prysm/v1alpha1"
"github.com/prysmaticlabs/prysm/v4/testing/require"
"github.com/prysmaticlabs/prysm/v4/testing/util"
history "github.com/prysmaticlabs/prysm/v4/validator/slashing-protection-history"
)
type eip3076TestCase struct {
Name string `json:"name"`
GenesisValidatorsRoot string `json:"genesis_validators_root"`
Steps []struct {
ShouldSucceed bool `json:"should_succeed"`
AllowPartialImport bool `json:"allow_partial_import"`
Interchange struct {
Metadata struct {
InterchangeFormatVersion string `json:"interchange_format_version"`
GenesisValidatorsRoot string `json:"genesis_validators_root"`
} `json:"metadata"`
Data []struct {
Pubkey string `json:"pubkey"`
SignedBlocks []struct {
Slot string `json:"slot"`
SigningRoot string `json:"signing_root"`
} `json:"signed_blocks"`
SignedAttestations []struct {
SourceEpoch string `json:"source_epoch"`
TargetEpoch string `json:"target_epoch"`
SigningRoot string `json:"signing_root"`
} `json:"signed_attestations"`
} `json:"data"`
} `json:"interchange"`
Blocks []struct {
Pubkey string `json:"pubkey"`
Slot string `json:"slot"`
SigningRoot string `json:"signing_root"`
ShouldSucceedComplete bool `json:"should_succeed_complete"`
} `json:"blocks"`
Attestations []struct {
Pubkey string `json:"pubkey"`
SourceEpoch string `json:"source_epoch"`
TargetEpoch string `json:"target_epoch"`
SigningRoot string `json:"signing_root"`
ShouldSucceedComplete bool `json:"should_succeed_complete"`
} `json:"attestations"`
} `json:"steps"`
}
func setupEIP3076SpecTests(t *testing.T) []*eip3076TestCase {
testFolders, err := bazel.ListRunfiles()
require.NoError(t, err)
testCases := make([]*eip3076TestCase, 0)
for _, ff := range testFolders {
if strings.Contains(ff.ShortPath, "eip3076_spec_tests") &&
strings.Contains(ff.ShortPath, "generated/") {
enc, err := file.ReadFileAsBytes(ff.Path)
require.NoError(t, err)
testCase := &eip3076TestCase{}
require.NoError(t, json.Unmarshal(enc, testCase))
testCases = append(testCases, testCase)
}
}
return testCases
}
func TestEIP3076SpecTests(t *testing.T) {
testCases := setupEIP3076SpecTests(t)
for _, tt := range testCases {
t.Run(tt.Name, func(t *testing.T) {
if tt.Name == "" {
t.Skip("Skipping eip3076TestCase with empty name")
}
// Set up validator client, one new validator client per eip3076TestCase.
// This ensures we initialize a new (empty) slashing protection database.
validator, _, _, _ := setup(t)
for _, step := range tt.Steps {
if tt.GenesisValidatorsRoot != "" {
r, err := history.RootFromHex(tt.GenesisValidatorsRoot)
require.NoError(t, validator.db.SaveGenesisValidatorsRoot(context.Background(), r[:]))
require.NoError(t, err)
}
// The eip3076TestCase config contains the interchange config in json.
// This loads the interchange data via ImportStandardProtectionJSON.
interchangeBytes, err := json.Marshal(step.Interchange)
if err != nil {
t.Fatal(err)
}
b := bytes.NewBuffer(interchangeBytes)
if err := history.ImportStandardProtectionJSON(context.Background(), validator.db, b); err != nil {
if step.ShouldSucceed {
t.Fatal(err)
}
} else if !step.ShouldSucceed {
require.NotNil(t, err, "import standard protection json should have failed")
}
// This loops through a list of block signings to attempt after importing the interchange data above.
for _, sb := range step.Blocks {
bSlot, err := history.SlotFromString(sb.Slot)
require.NoError(t, err)
pk, err := history.PubKeyFromHex(sb.Pubkey)
require.NoError(t, err)
b := util.NewBeaconBlock()
b.Block.Slot = bSlot
var signingRoot [32]byte
if sb.SigningRoot != "" {
signingRootBytes, err := hex.DecodeString(strings.TrimPrefix(sb.SigningRoot, "0x"))
require.NoError(t, err)
copy(signingRoot[:], signingRootBytes)
}
wsb, err := blocks.NewSignedBeaconBlock(b)
require.NoError(t, err)
err = validator.slashableProposalCheck(context.Background(), pk, wsb, signingRoot)
if sb.ShouldSucceedComplete {
require.NoError(t, err)
} else {
require.NotEqual(t, nil, err, "pre validation should have failed for block")
}
}
// This loops through a list of attestation signings to attempt after importing the interchange data above.
for _, sa := range step.Attestations {
target, err := history.EpochFromString(sa.TargetEpoch)
require.NoError(t, err)
source, err := history.EpochFromString(sa.SourceEpoch)
require.NoError(t, err)
pk, err := history.PubKeyFromHex(sa.Pubkey)
require.NoError(t, err)
ia := &ethpb.IndexedAttestation{
Data: &ethpb.AttestationData{
BeaconBlockRoot: make([]byte, 32),
Target: &ethpb.Checkpoint{Epoch: target, Root: make([]byte, 32)},
Source: &ethpb.Checkpoint{Epoch: source, Root: make([]byte, 32)},
},
Signature: make([]byte, fieldparams.BLSSignatureLength),
}
var signingRoot [32]byte
if sa.SigningRoot != "" {
signingRootBytes, err := hex.DecodeString(strings.TrimPrefix(sa.SigningRoot, "0x"))
require.NoError(t, err)
copy(signingRoot[:], signingRootBytes)
}
err = validator.slashableAttestationCheck(context.Background(), ia, pk, signingRoot)
if sa.ShouldSucceedComplete {
require.NoError(t, err)
} else {
require.NotNil(t, err, "pre validation should have failed for attestation")
}
}
}
require.NoError(t, validator.db.Close(), "failed to close slashing protection database")
})
}
}
Reference in New Issue View Git Blame Copy Permalink