-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feat: Mark invalid shares #1313
Open
AKorpusenko
wants to merge
10
commits into
stage
Choose a base branch
from
feat/mark-invalid-shares-stage-fix
base: stage
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from 8 commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
1889b38
mark invalid shares adapted to be compatible with the fixed stage ver…
AKorpusenko 361f64b
fixed max share size. fixed max size share generation func
AKorpusenko e70a11b
removed random change
AKorpusenko bc35ed7
removed extra complexity from MalformedError and its usage
AKorpusenko 775df26
minor bugfixes and pr review comments fixes
AKorpusenko 1400653
fixed malformed error logging
AKorpusenko 94493ac
removed resetting default value
AKorpusenko 02f7287
added debug loggin on malformed share case handling
AKorpusenko ec7286c
Merge branch 'stage' of github.com:bloxapp/ssv into feat/mark-invalid…
AKorpusenko be64685
Merge branch 'stage' of github.com:bloxapp/ssv into feat/mark-invalid…
AKorpusenko File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -211,8 +211,13 @@ func (eh *EventHandler) handleValidatorAdded(txn basedb.Txn, event *contract.Con | |
isOperatorShare := validatorShare.BelongsToOperator(eh.operatorData.GetOperatorData().ID) | ||
if isOperatorShare { | ||
eh.metrics.ValidatorInactive(event.PublicKey) | ||
ownShare = validatorShare | ||
logger = logger.With(zap.Bool("own_validator", isOperatorShare)) | ||
if validatorShare.InvalidSecret { | ||
logger = logger.With(zap.Bool("invalid_secret", true)) | ||
logger.Debug("registered validator has an invalid share secret, it will not be started") | ||
} else { | ||
ownShare = validatorShare | ||
} | ||
} | ||
|
||
logger.Debug("processed event") | ||
|
@@ -233,11 +238,12 @@ func (eh *EventHandler) handleShareCreation( | |
sharePublicKeys, | ||
encryptedKeys, | ||
) | ||
if err != nil { | ||
return nil, fmt.Errorf("could not extract validator share from event: %w", err) | ||
|
||
if err != nil && !share.Metadata.InvalidSecret { | ||
return share, err | ||
} | ||
|
||
if share.BelongsToOperator(eh.operatorData.GetOperatorData().ID) { | ||
if !share.Metadata.InvalidSecret && share.BelongsToOperator(eh.operatorData.GetOperatorData().ID) { | ||
if shareSecret == nil { | ||
return nil, errors.New("could not decode shareSecret") | ||
} | ||
|
@@ -253,7 +259,11 @@ func (eh *EventHandler) handleShareCreation( | |
return nil, fmt.Errorf("could not save validator share: %w", err) | ||
} | ||
|
||
return share, nil | ||
if !share.Metadata.InvalidSecret { | ||
return share, nil | ||
} | ||
|
||
return share, err | ||
} | ||
|
||
func (eh *EventHandler) validatorAddedEventToShare( | ||
|
@@ -263,16 +273,17 @@ func (eh *EventHandler) validatorAddedEventToShare( | |
sharePublicKeys [][]byte, | ||
encryptedKeys [][]byte, | ||
) (*ssvtypes.SSVShare, *bls.SecretKey, error) { | ||
validatorShare := ssvtypes.SSVShare{} | ||
validatorShare := &ssvtypes.SSVShare{} | ||
|
||
publicKey, err := ssvtypes.DeserializeBLSPublicKey(event.PublicKey) | ||
if err != nil { | ||
return nil, nil, &MalformedEventError{ | ||
return validatorShare, nil, &MalformedEventError{ | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. why did we do this change? is returning an empty share anything better or different than returning nil? |
||
Err: fmt.Errorf("failed to deserialize validator public key: %w", err), | ||
} | ||
} | ||
validatorShare.ValidatorPubKey = publicKey.Serialize() | ||
validatorShare.OwnerAddress = event.Owner | ||
|
||
var shareSecret *bls.SecretKey | ||
|
||
committee := make([]*spectypes.Operator, 0) | ||
|
@@ -300,29 +311,33 @@ func (eh *EventHandler) validatorAddedEventToShare( | |
|
||
shareSecret = &bls.SecretKey{} | ||
decryptedSharePrivateKey, err := rsaencryption.DecodeKey(operatorPrivateKey, encryptedKeys[i]) | ||
|
||
validatorShare.Metadata.InvalidSecret = true | ||
|
||
if err != nil { | ||
return nil, nil, &MalformedEventError{ | ||
return validatorShare, nil, &MalformedEventError{ | ||
Err: fmt.Errorf("could not decrypt share private key: %w", err), | ||
} | ||
} | ||
if err = shareSecret.SetHexString(string(decryptedSharePrivateKey)); err != nil { | ||
return nil, nil, &MalformedEventError{ | ||
return validatorShare, nil, &MalformedEventError{ | ||
Err: fmt.Errorf("could not set decrypted share private key: %w", err), | ||
} | ||
} | ||
if !bytes.Equal(shareSecret.GetPublicKey().Serialize(), validatorShare.SharePubKey) { | ||
return nil, nil, &MalformedEventError{ | ||
return validatorShare, nil, &MalformedEventError{ | ||
Err: errors.New("share private key does not match public key"), | ||
} | ||
} | ||
validatorShare.Metadata.InvalidSecret = false | ||
MatusKysel marked this conversation as resolved.
Show resolved
Hide resolved
|
||
} | ||
|
||
validatorShare.Quorum, validatorShare.PartialQuorum = ssvtypes.ComputeQuorumAndPartialQuorum(len(committee)) | ||
validatorShare.DomainType = eh.networkConfig.Domain | ||
validatorShare.Committee = committee | ||
validatorShare.Graffiti = []byte("ssv.network") | ||
|
||
return &validatorShare, shareSecret, nil | ||
return validatorShare, shareSecret, nil | ||
} | ||
|
||
func (eh *EventHandler) handleValidatorRemoved(txn basedb.Txn, event *contract.ContractValidatorRemoved) (spectypes.ValidatorPK, error) { | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is the 2nd check needed? as far as i can see that method returns no error when the secret is invalid
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@moshe-blox, No we can't remove the 2nd check because we have to check that there is no error and share is valid.
Next, in case the share contains invalid secret, then we have to save it and mark as invalid what we do on this line
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oh sry, i thought that we're not returning error in
validatorAddedEventToShare
when only the share is invalid, thats what i previously meant in my comment therecan we try this?
i'm interested to see how it would look, we can just log the reason for invalid secret instead of returning it as error (for example
logger.Debug("invalid secret error: could not decrypt share private")
)then this check becomes just a simple
err != nil
and naturally theres no error that keeps going upstream (back to high level funcs who called us)