Update schnorrkel to 0.9, remove deprecated api usage #5138
Conversation
| @@ -776,6 +780,7 @@ mod test { | |||
| } | |||
|
|
|||
| #[test] | |||
| #[ignore = "sr25519 signatures from 1.1 version are no longer supported"] | |||
There was a problem hiding this comment.
what can be used instead?
| ).is_ok(), | ||
| Err(_) => false, | ||
| } | ||
| let signature = match schnorrkel::Signature::from_bytes(sig) { |
There was a problem hiding this comment.
Maybe we should try to sync kusama with this, not sure if there's txs signed with schnorrkel 0.1.1 that we won't be able to verify anymore. cc @burdges
There was a problem hiding this comment.
Or BABE blocks for that matter.
There was a problem hiding this comment.
We never supported VRFs from 0.1.1 because BABE did not work until after the audit. ;)
Just send schnorrkel a PR reverting w3f/schnorrkel@8f37065 if you really need it, but if these exist then we maybe we could keep that pain isolated to kusama, and disable the preaudit_deprecated feature for polkadot.
There was a problem hiding this comment.
There will be old txs (old blocks) signed with 0.1.1 - the JS side only moved to 0.8.5 in Jan once Alex was dropped.
| @@ -776,6 +780,7 @@ mod test { | |||
| } | |||
|
|
|||
| #[test] | |||
| #[ignore = "sr25519 signatures from 1.1 version are no longer supported"] | |||
| @@ -609,6 +612,7 @@ mod compatibility_test { | |||
| } | |||
|
|
|||
| #[test] | |||
| #[ignore = "sr25519 signatures from version 1.1 are no longer supported"] | |||
NikVolf
added
the
A3-in_progress
NikVolf
force-pushed
the
nv-update-schnorrkel
branch
from
b062614
to
3819350
Compare
got error in block 3876 Also can confirm that concerns in #5112 are valid. |
|
Any thoughts? I've temporarily pushed f4447cd7eb0c793905aa85af4d32c71a78ea020a that reverts 8f3706591dcf0648086b5dfb4bd832970483ac03 and restores the preaudit_deprecated feature, but.. We should avoid support for preaudit_deprecated in polkadot because allowing it screws up batch verification for ed25519 without adding a key type field. We actually have some key type field I suppose, so maybe we could leverage that for kusama somehow. |
|
I've an idea: Could kusama verify these old signature entirely from the runtime? We'd drop support for them from in the host in this case. Is that too annoying? |
No, the problem is that we can not modify the old runtimes anymore. However, we could probably workaround and only accept from now on the new signatures when building a block but still support verifying the old ones. |
|
I'll need to publish schnorrkel 0.9.1 with w3f/schnorrkel@f4447cd included I suppose?
|
Yeah, if it is an improvement on 0.8.*, we can update to it |
|
I've published 0.9.1 that brings back the preaudit_deprecated feature. We cannot do a logical or in a batch verification, so #5023 requires the old and new signatures be distinguished. We need not distinguish them on-chain however. Instead, we expose both old and new verification mechanisms to the runtime, so the runtime could switch at some block height or whatever. |
Will we be able to get rid of the cruft at some point, once a certain block hash becomes hard-coded in the client? |
Yes and no. We'll ignore this entirely on Polkadot, so we can drop it from substrate builds that only support Polkadot. We cannot drop it from substrate builds that support Kusama, at least not until some consensus upgrade forces some "harder" fork. We should've gone through this pain for alexandre vs kusama, but we took the more relaxed approach there so we pay for it now. |
Can this signatures be distinguished at runtime, at runtime? |
Yes I think this works, so no fancy checks. Signatures by 0.1.1 should fail I published 0.2-0.7 in June-July, but yanked them all before Kusama's launch. We kept support for 0.1.1 for the alexandre testnet and only screwed up by not supporting 0.1.1 in Kusama. I'd still prefer if polkadot avoided any support 0.1.1. ;) |
|
Was done by: #5316 |
|
It was not done by #5316, doing it properly (with disabling generation of deprecated signatures) requires runtime api versioning I'm working on now |
|
I know, but I see this as a new pr with a different scope. |
|
I'll amend my comment above: We'll separate proper schnorrkel signatures from these deprecated signatures for batch verification using |
|
Batch verification will require runtime changes and when this comes we will have support for disabling the old signature verification. |
|
Tldr, we should get this working. |
|
@bkchr is there a tracking issue for this task somewhere? Or any other way of monitoring the progress (and, more importantly, of ensuring that we don't leave |
|
The proper solution was implemented here: #5358 The problem is that we will never be able to disable |
|
@bkchr we can (and probably should) switch to separate environments instead. We can also hardcode the hash of every block made on Kusama with the old signature. We then don’t need to validate the signatures any more. |
|
Why should we do this? We can not call this implementation anymore from newer runtimes. (it would work, but you would need to have control over the build process and get this runtime as the canonical one) |
|
@bkchr to remove cruft, reduce code size, and to ensure that this does not wind up in Polkadot. |
No description provided.