Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pseudo slashing for invalid signers #4269

Merged
merged 38 commits into from Oct 21, 2022
Merged

Pseudo slashing for invalid signers #4269

merged 38 commits into from Oct 21, 2022

Conversation

ssd04
Copy link
Contributor

@ssd04 ssd04 commented Jul 6, 2022
edited

Pseudo slashing for invalid signers:

  • added one more field for consensus Message invalidSigners
  • if there are invalid signers, broadcast the info via a new consensus message type
  • handle p2p message verification based on a separate component

@ssd04 ssd04 self-assigned this Jul 7, 2022
@codecov-commenter
Copy link

codecov-commenter commented Jul 13, 2022
edited

Codecov Report

❗ No coverage uploaded for pull request base (feat/optimise-consensus-sigcheck@edf2344). Click here to learn what that means.
Patch has no changes to coverable lines.

❗ Current head d08c136 differs from pull request most recent head 4272475. Consider uploading reports for the commit 4272475 to get more accurate results

Additional details and impacted files 
@@                         Coverage Diff                         @@
##             feat/optimise-consensus-sigcheck    #4269   +/-   ##
===================================================================
  Coverage                                    ?   71.21%           
===================================================================
  Files                                       ?      663           
  Lines                                       ?    86210           
  Branches                                    ?        0           
===================================================================
  Hits                                        ?    61392           
  Misses                                      ?    20302           
  Partials                                    ?     4516

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@ssd04 ssd04 marked this pull request as ready for review July 13, 2022 10:35
@AdoAdoAdo AdoAdoAdo self-requested a review July 19, 2022 13:46
@ssd04
consensus state: rlock for get message with signature
4f3b53f
@ssd04
Merge branch 'feat/optimise-consensus-sigcheck' into pseudo-slashing-…
984ac90 
…for-invalid-signers
@ssd04
spos endround: comments and log updates
67f385a
@ssd04
consensus worker: remove TODO comment
e6609d0
@ssd04
Merge branch 'feat/optimise-consensus-sigcheck' into merge-optimize-c…
d759b60 
…onsensus-sig-into-pseudo-slashing
@ssd04
Merge pull request #4509 from ElrondNetwork/merge-optimize-consensus-…
33334b0 
…sig-into-pseudo-slashing

Merge optimize consensus sig into pseudo slashing
@ssd04
Merge branch 'feat/optimise-consensus-sigcheck' into merge-optimize-c…
f850519 
…onsensus-sig-into-pseudo-slashing
@ssd04
Merge pull request #4557 from ElrondNetwork/merge-optimize-consensus-…
f60633f 
…sig-into-pseudo-slashing

Merge optimize consensus sig into pseudo slashing
AdoAdoAdo
AdoAdoAdo requested changes Oct 18, 2022
View reviewed changes
consensus/spos/bls/subroundEndRound_test.go Outdated Show resolved Hide resolved
consensus/spos/bls/subroundEndRound.go Outdated Show resolved Hide resolved
consensus/spos/bls/subroundEndRound.go Outdated Show resolved Hide resolved
consensus/spos/bls/subroundEndRound.go Show resolved Hide resolved
consensus/spos/bls/subroundEndRound.go Show resolved Hide resolved
SebastianMarian
SebastianMarian reviewed Oct 18, 2022
View reviewed changes
consensus/spos/bls/subroundEndRound.go

return false
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will also add here the following checks, just to avoid some edge case situations, exactly as they are used in the receivedFinalInfo method:

	if sr.IsSelfLeaderInCurrentRound() {
		return false
	}

	if !sr.IsConsensusDataEqual(cnsDta.BlockHeaderHash) {
		return false
	}

	if !sr.CanProcessReceivedMessage(cnsDta, sr.RoundHandler().Index(), sr.Current()) {
		return false
	}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

consensus/spos/bls/subroundEndRound.go Show resolved Hide resolved
consensus/spos/bls/subroundEndRound.go Outdated Show resolved Hide resolved
consensus/spos/bls/subroundEndRound.go
log.Debug("doEndRoundJobByLeader.getFullMessagesForInvalidSigners", "error", err.Error())
return false
}

bitmap, sig, err = sr.computeAggSigOnValidNodes()
if err != nil {
log.Debug("doEndRoundJobByLeader.computeAggSigOnValidNodes", "error", err.Error())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also in the case of insufficient threshold of valid signatures I think we should call sr.createAndBroadcastInvalidSigners(invalidSigners). I think this method should be called mandatory if we have invalidSigners set, no matter if we will exit from the current method earlier.

One suggestion is to replace L313-L317 with the code below and remove L365-L367 and L300-L301 as method getFullMessagesForInvalidSigners could return only two parameters, not needed the middle one.

		invalidSigners, err := sr.getFullMessagesForInvalidSigners(invalidPubKeys)
		if err != nil {
			log.Debug("doEndRoundJobByLeader.getFullMessagesForInvalidSigners", "error", err.Error())
			return false
		}

		if len(invalidSigners) > 0 {
			sr.createAndBroadcastInvalidSigners(invalidSigners)
		}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

consensus/spos/bls/subroundEndRound.go
@@ -337,7 +438,7 @@ func (sr *subroundEndRound) verifyNodesOnAggSigVerificationFail() error {

err = sr.SetJobDone(pk, SrSignature, false)
if err != nil {
return err
return nil, err
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

L445 should be like this I think, as we should punish the validator who sent this, not just to revert things to his last honesty level:
decreaseFactor := -spos.ValidatorPeerHonestyIncreaseFactor + spos.ValidatorPeerHonestyDecreaseFactor

Exactly as we do in subRoundSignature -> receivedSignature method, for nodes who are not in consensus but they are sending signatures. Anyway the invalid signatures are much worse than valid ones which are sent when is not necessary:

	if !sr.IsNodeInConsensusGroup(node) {
		sr.PeerHonestyHandler().ChangeScore(
			node,
			spos.GetConsensusTopicID(sr.ShardCoordinator()),
			spos.ValidatorPeerHonestyDecreaseFactor,
		)

		return false
	}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

consensus/spos/consensusState.go
@@ -63,6 +67,7 @@ func (cns *ConsensusState) ResetConsensusState() {
cns.Data = nil

cns.initReceivedHeaders()
cns.initReceivedMessagesWithSig()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

...WithInvalidSigners ?

consensus/spos/consensusState.go
@@ -94,6 +105,22 @@ func (cns *ConsensusState) GetReceivedHeaders() []data.HeaderHandler {
return receivedHeaders
}

// AddMessageWithSignature will add the p2p message to received list of messages
func (cns *ConsensusState) AddMessageWithSignature(key string, message p2p.MessageP2P) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

...WithInvalidSigners ?

consensus/spos/consensusState.go
}

// GetMessageWithSignature will get the p2p message based on key
func (cns *ConsensusState) GetMessageWithSignature(key string) (p2p.MessageP2P, bool) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

...WithInvalidSigners ?

consensus/spos/interface.go Outdated
@@ -53,6 +53,8 @@ type ConsensusCoreHandler interface {
PrivateKey() crypto.PrivateKey
// SingleSigner returns the single signer stored in the ConsensusStore used for randomness and leader's signature generation
SingleSigner() crypto.SingleSigner
// KeyGenerator returns the key generator stored in the ConsensusStore
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ConsensusCore instead ConsensusStore in the whole file and also in some other files (2 files)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

consensus/spos/interface.go Outdated
@@ -63,6 +65,8 @@ type ConsensusCoreHandler interface {
NodeRedundancyHandler() consensus.NodeRedundancyHandler
// ScheduledProcessor returns the scheduled txs processor
ScheduledProcessor() consensus.ScheduledProcessor
// MessageSignerHandler
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Finalize this comment

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

SebastianMarian
SebastianMarian reviewed Oct 18, 2022
View reviewed changes
consensus/mock/consensusDataContainerMock.go
@@ -191,6 +193,11 @@ func (ccm *ConsensusCoreMock) SingleSigner() crypto.SingleSigner {
return ccm.blsSingleSigner
}

// KeyGenerator -
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

L191: ConsensusCore instead ConsensusStore and also in some other files (2 more files)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

SebastianMarian
SebastianMarian reviewed Oct 20, 2022
View reviewed changes
consensus/spos/interface.go Outdated
@@ -65,7 +65,7 @@ type ConsensusCoreHandler interface {
NodeRedundancyHandler() consensus.NodeRedundancyHandler
// ScheduledProcessor returns the scheduled txs processor
ScheduledProcessor() consensus.ScheduledProcessor
// MessageSignerHandler
// MessageSignerHandler return the p2p signing handler
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

returns

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

AdoAdoAdo
AdoAdoAdo approved these changes Oct 21, 2022
View reviewed changes
consensus/spos/bls/subroundEndRound.go
@@ -442,7 +456,7 @@ func (sr *subroundEndRound) verifyNodesOnAggSigVerificationFail() ([]string, err
}

// use increase factor since it was added optimistically, and it proved to be wrong
decreaseFactor := -spos.ValidatorPeerHonestyIncreaseFactor
decreaseFactor := -spos.ValidatorPeerHonestyIncreaseFactor + spos.ValidatorPeerHonestyDecreaseFactor
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@AdoAdoAdo AdoAdoAdo merged commit 405148c into feat/optimise-consensus-sigcheck Oct 21, 2022
@AdoAdoAdo AdoAdoAdo deleted the pseudo-slashing-for-invalid-signers branch October 21, 2022 07:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AdoAdoAdo AdoAdoAdo AdoAdoAdo approved these changes

@SebastianMarian SebastianMarian SebastianMarian approved these changes

Assignees

@ssd04 ssd04

Labels
type:improvement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@ssd04 @codecov-commenter @AdoAdoAdo @SebastianMarian @schimih