// This file is part of Substrate.

// Copyright (C) Parity Technologies (UK) Ltd.

// SPDX-License-Identifier: Apache-2.0

// Licensed under the Apache License, Version 2.0 (the "License");

// you may not use this file except in compliance with the License.

// You may obtain a copy of the License at

//

// 	http://www.apache.org/licenses/LICENSE-2.0

//

// Unless required by applicable law or agreed to in writing, software

// distributed under the License is distributed on an "AS IS" BASIS,

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

// See the License for the specific language governing permissions and

// limitations under the License.

//! Consensus extension module for BABE consensus. Collects on-chain randomness

//! from VRF outputs and manages epoch transitions.

#![cfg_attr(not(feature = "std"), no_std)]

#![warn(unused_must_use, unsafe_code, unused_variables, unused_must_use)]

extern crate alloc;

use alloc::{boxed::Box, vec, vec::Vec};

use codec::{Decode, Encode};

use frame_support::{

	dispatch::{DispatchResultWithPostInfo, Pays},

	ensure,

	traits::{ConstU32, DisabledValidators, FindAuthor, Get, OnTimestampSet, OneSessionHandler},

	weights::Weight,

	BoundedVec, WeakBoundedVec,

};

use frame_system::pallet_prelude::{BlockNumberFor, HeaderFor};

use sp_consensus_babe::{

	digests::{NextConfigDescriptor, NextEpochDescriptor, PreDigest},

	AllowedSlots, BabeAuthorityWeight, BabeEpochConfiguration, ConsensusLog, Epoch,

	EquivocationProof, Randomness as BabeRandomness, Slot, BABE_ENGINE_ID, RANDOMNESS_LENGTH,

	RANDOMNESS_VRF_CONTEXT,

};

use sp_core::crypto::Wraps;

use sp_runtime::{

	generic::DigestItem,

	traits::{IsMember, One, SaturatedConversion, Saturating, Zero},

	ConsensusEngineId, Permill,

};

use sp_session::{GetSessionNumber, GetValidatorCount};

use sp_staking::{offence::OffenceReportSystem, SessionIndex};

pub use sp_consensus_babe::AuthorityId;

const LOG_TARGET: &str = "runtime::babe";

mod default_weights;

mod equivocation;

mod randomness;

#[cfg(any(feature = "runtime-benchmarks", test))]

mod benchmarking;

#[cfg(all(feature = "std", test))]

mod mock;

#[cfg(all(feature = "std", test))]

mod tests;

pub use equivocation::{EquivocationOffence, EquivocationReportSystem};

#[allow(deprecated)]

pub use randomness::CurrentBlockRandomness;

pub use randomness::{

	ParentBlockRandomness, RandomnessFromOneEpochAgo, RandomnessFromTwoEpochsAgo,

};

pub use pallet::*;

pub trait WeightInfo {

	fn plan_config_change() -> Weight;

	fn report_equivocation(validator_count: u32, max_nominators_per_validator: u32) -> Weight;

}

/// Trigger an epoch change, if any should take place.

pub trait EpochChangeTrigger {

	/// Trigger an epoch change, if any should take place. This should be called

	/// during every block, after initialization is done.

	fn trigger<T: Config>(now: BlockNumberFor<T>);

}

/// A type signifying to BABE that an external trigger

/// for epoch changes (e.g. pallet-session) is used.

pub struct ExternalTrigger;

impl EpochChangeTrigger for ExternalTrigger {

}

/// A type signifying to BABE that it should perform epoch changes

/// with an internal trigger, recycling the same authorities forever.

pub struct SameAuthoritiesForever;

impl EpochChangeTrigger for SameAuthoritiesForever {

}

const UNDER_CONSTRUCTION_SEGMENT_LENGTH: u32 = 256;

pub mod pallet {

	use super::*;

	use frame_support::pallet_prelude::*;

	use frame_system::pallet_prelude::*;

	/// The BABE Pallet

	pub struct Pallet<T>(_);

	#[pallet::config]

	#[pallet::disable_frame_system_supertrait_check]

	pub trait Config: pallet_timestamp::Config {

		/// The amount of time, in slots, that each epoch should last.

		/// NOTE: Currently it is not possible to change the epoch duration after

		/// the chain has started. Attempting to do so will brick block production.

		#[pallet::constant]

		type EpochDuration: Get<u64>;

		/// The expected average block time at which BABE should be creating

		/// blocks. Since BABE is probabilistic it is not trivial to figure out

		/// what the expected average block time should be based on the slot

		/// duration and the security parameter `c` (where `1 - c` represents

		/// the probability of a slot being empty).

		#[pallet::constant]

		type ExpectedBlockTime: Get<Self::Moment>;

		/// BABE requires some logic to be triggered on every block to query for whether an epoch

		/// has ended and to perform the transition to the next epoch.

		///

		/// Typically, the `ExternalTrigger` type should be used. An internal trigger should only be

		/// used when no other module is responsible for changing authority set.

		type EpochChangeTrigger: EpochChangeTrigger;

		/// A way to check whether a given validator is disabled and should not be authoring blocks.

		/// Blocks authored by a disabled validator will lead to a panic as part of this module's

		/// initialization.

		type DisabledValidators: DisabledValidators;

		/// Helper for weights computations

		type WeightInfo: WeightInfo;

		/// Max number of authorities allowed

		#[pallet::constant]

		type MaxAuthorities: Get<u32>;

		/// The maximum number of nominators for each validator.

		#[pallet::constant]

		type MaxNominators: Get<u32>;

		/// The proof of key ownership, used for validating equivocation reports.

		/// The proof must include the session index and validator count of the

		/// session at which the equivocation occurred.

		type KeyOwnerProof: Parameter + GetSessionNumber + GetValidatorCount;

		/// The equivocation handling subsystem, defines methods to check/report an

		/// offence and for submitting a transaction to report an equivocation

		/// (from an offchain context).

		type EquivocationReportSystem: OffenceReportSystem<

			Option<Self::AccountId>,

			(EquivocationProof<HeaderFor<Self>>, Self::KeyOwnerProof),

		>;

	}

	pub enum Error<T> {

	}

	/// Current epoch index.

	pub type EpochIndex<T> = StorageValue<_, u64, ValueQuery>;

	/// Current epoch authorities.

	pub type Authorities<T: Config> = StorageValue<

		_,

		WeakBoundedVec<(AuthorityId, BabeAuthorityWeight), T::MaxAuthorities>,

		ValueQuery,

	>;

	/// The slot at which the first epoch actually started. This is 0

	/// until the first block of the chain.

	pub type GenesisSlot<T> = StorageValue<_, Slot, ValueQuery>;

	/// Current slot number.

	pub type CurrentSlot<T> = StorageValue<_, Slot, ValueQuery>;

	/// The epoch randomness for the *current* epoch.

	///

	/// # Security

	///

	/// This MUST NOT be used for gambling, as it can be influenced by a

	/// malicious validator in the short term. It MAY be used in many

	/// cryptographic protocols, however, so long as one remembers that this

	/// (like everything else on-chain) it is public. For example, it can be

	/// used where a number is needed that cannot have been chosen by an

	/// adversary, for purposes such as public-coin zero-knowledge proofs.

	// NOTE: the following fields don't use the constants to define the

	// array size because the metadata API currently doesn't resolve the

	// variable to its underlying value.

	pub type Randomness<T> = StorageValue<_, BabeRandomness, ValueQuery>;

	/// Pending epoch configuration change that will be applied when the next epoch is enacted.

	pub type PendingEpochConfigChange<T> = StorageValue<_, NextConfigDescriptor>;

	/// Next epoch randomness.

	pub type NextRandomness<T> = StorageValue<_, BabeRandomness, ValueQuery>;

	/// Next epoch authorities.

	pub type NextAuthorities<T: Config> = StorageValue<

		_,

		WeakBoundedVec<(AuthorityId, BabeAuthorityWeight), T::MaxAuthorities>,

		ValueQuery,

	>;

	/// Randomness under construction.

	///

	/// We make a trade-off between storage accesses and list length.

	/// We store the under-construction randomness in segments of up to

	/// `UNDER_CONSTRUCTION_SEGMENT_LENGTH`.

	///

	/// Once a segment reaches this length, we begin the next one.

	/// We reset all segments and return to `0` at the beginning of every

	/// epoch.

	pub type SegmentIndex<T> = StorageValue<_, u32, ValueQuery>;

	/// TWOX-NOTE: `SegmentIndex` is an increasing integer, so this is okay.

	pub type UnderConstruction<T: Config> = StorageMap<

		_,

		Twox64Concat,

		u32,

		BoundedVec<BabeRandomness, ConstU32<UNDER_CONSTRUCTION_SEGMENT_LENGTH>>,

		ValueQuery,

	>;

	/// Temporary value (cleared at block finalization) which is `Some`

	/// if per-block initialization has already been called for current block.

	pub type Initialized<T> = StorageValue<_, Option<PreDigest>>;

	/// This field should always be populated during block processing unless

	/// secondary plain slots are enabled (which don't contain a VRF output).

	///

	/// It is set in `on_finalize`, before it will contain the value from the last block.

	pub type AuthorVrfRandomness<T> = StorageValue<_, Option<BabeRandomness>, ValueQuery>;

	/// The block numbers when the last and current epoch have started, respectively `N-1` and

	/// `N`.

	/// NOTE: We track this is in order to annotate the block number when a given pool of

	/// entropy was fixed (i.e. it was known to chain observers). Since epochs are defined in

	/// slots, which may be skipped, the block numbers may not line up with the slot numbers.

	pub type EpochStart<T: Config> =

		StorageValue<_, (BlockNumberFor<T>, BlockNumberFor<T>), ValueQuery>;

	/// How late the current block is compared to its parent.

	///

	/// This entry is populated as part of block execution and is cleaned up

	/// on block finalization. Querying this storage entry outside of block

	/// execution context should always yield zero.

	pub type Lateness<T: Config> = StorageValue<_, BlockNumberFor<T>, ValueQuery>;

	/// The configuration for the current epoch. Should never be `None` as it is initialized in

	/// genesis.

	pub type EpochConfig<T> = StorageValue<_, BabeEpochConfiguration>;

	/// The configuration for the next epoch, `None` if the config will not change

	/// (you can fallback to `EpochConfig` instead in that case).

	pub type NextEpochConfig<T> = StorageValue<_, BabeEpochConfiguration>;

	/// A list of the last 100 skipped epochs and the corresponding session index

	/// when the epoch was skipped.

	///

	/// This is only used for validating equivocation proofs. An equivocation proof

	/// must contains a key-ownership proof for a given session, therefore we need a

	/// way to tie together sessions and epoch indices, i.e. we need to validate that

	/// a validator was the owner of a given key on a given session, and what the

	/// active epoch index was during that session.

	pub type SkippedEpochs<T> =

		StorageValue<_, BoundedVec<(u64, SessionIndex), ConstU32<100>>, ValueQuery>;

	#[derive(frame_support::DefaultNoBound)]

	#[pallet::genesis_config]

	pub struct GenesisConfig<T: Config> {

		pub authorities: Vec<(AuthorityId, BabeAuthorityWeight)>,

		pub epoch_config: BabeEpochConfiguration,

		#[serde(skip)]

		pub _config: core::marker::PhantomData<T>,

	}

	impl<T: Config> BuildGenesisConfig for GenesisConfig<T> {

	}

	impl<T: Config> Hooks<BlockNumberFor<T>> for Pallet<T> {

		/// Initialization

		/// Block finalization

			// at the end of the block, we can safely include the new VRF output

			// from this block into the under-construction randomness. If we've determined

			// that this block was the first in a new epoch, the changeover logic has

			// already occurred at this point, so the under-construction randomness

			// will only contain outputs from the right epoch.

							});

			// remove temporary "environment" entry from storage

	}

	impl<T: Config> Pallet<T> {

		/// Report authority equivocation/misbehavior. This method will verify

		/// the equivocation proof and validate the given key ownership proof

		/// against the extracted offender. If both are valid, the offence will

		/// be reported.

		#[pallet::call_index(0)]

		#[pallet::weight(<T as Config>::WeightInfo::report_equivocation(

			key_owner_proof.validator_count(),

			T::MaxNominators::get(),

		))]

		pub fn report_equivocation(

			origin: OriginFor<T>,

			equivocation_proof: Box<EquivocationProof<HeaderFor<T>>>,

			key_owner_proof: T::KeyOwnerProof,

			// Waive the fee since the report is valid and beneficial

		}

		/// Report authority equivocation/misbehavior. This method will verify

		/// the equivocation proof and validate the given key ownership proof

		/// against the extracted offender. If both are valid, the offence will

		/// be reported.

		/// This extrinsic must be called unsigned and it is expected that only

		/// block authors will call it (validated in `ValidateUnsigned`), as such

		/// if the block author is defined it will be defined as the equivocation

		/// reporter.

		#[pallet::call_index(1)]

		#[pallet::weight(<T as Config>::WeightInfo::report_equivocation(

			key_owner_proof.validator_count(),

			T::MaxNominators::get(),

		))]

		pub fn report_equivocation_unsigned(

			origin: OriginFor<T>,

			equivocation_proof: Box<EquivocationProof<HeaderFor<T>>>,

			key_owner_proof: T::KeyOwnerProof,

		}

		/// Plan an epoch config change. The epoch config change is recorded and will be enacted on

		/// the next call to `enact_epoch_change`. The config will be activated one epoch after.

		/// Multiple calls to this method will replace any existing planned config change that had

		/// not been enacted yet.

		#[pallet::call_index(2)]

		#[pallet::weight(<T as Config>::WeightInfo::plan_config_change())]

		pub fn plan_config_change(

			origin: OriginFor<T>,

			config: NextConfigDescriptor,

					);

				},

			}

		}

	}

	#[pallet::validate_unsigned]

	impl<T: Config> ValidateUnsigned for Pallet<T> {

		type Call = Call<T>;

	}

}

impl<T: Config> FindAuthor<u32> for Pallet<T> {

		}

}

impl<T: Config> IsMember<AuthorityId> for Pallet<T> {

}

impl<T: Config> pallet_session::ShouldEndSession<BlockNumberFor<T>> for Pallet<T> {

}

impl<T: Config> Pallet<T> {

	/// Public function to access epoch_index storage.

	/// Public function to access authorities storage.

	/// Public function to access genesis_slot storage.

	/// Public function to access current_slot storage.

	/// Public function to access randomness storage.

	/// Public function to access initialized storage.

	/// Public function to access author_vrf_randomness storage.

	/// Public function to access lateness storage.

	/// Public function to access epoch_config storage.

	/// Public function to access skipped_epochs storage.

	/// Determine the BABE slot duration based on the Timestamp module configuration.

	/// Determine whether an epoch change should take place at this block.

	/// Assumes that initialization has already taken place.

		}

	/// Return the _best guess_ block number, at which the next epoch change is predicted to happen.

	///

	/// Returns None if the prediction is in the past; This implies an error internally in the Babe

	/// and should not happen under normal circumstances.

	///

	/// In other word, this is only accurate if no slots are missed. Given missed slots, the slot

	/// number will grow while the block number will not. Hence, the result can be interpreted as an

	/// upper bound.

	// ## IMPORTANT NOTE

	//

	// This implementation is linked to how [`should_epoch_change`] is working. This might need to

	// be updated accordingly, if the underlying mechanics of slot and epochs change.

	//

	// WEIGHT NOTE: This function is tied to the weight of `EstimateNextSessionRotation`. If you

	// update this function, you must also update the corresponding weight.

	/// DANGEROUS: Enact an epoch change. Should be done on every block where `should_epoch_change`

	/// has returned `true`, and the caller is the only caller of this function.

	///

	/// Typically, this is not handled directly by the user, but by higher-level validator-set

	/// manager logic like `pallet-session`.

	///

	/// This doesn't do anything if `authorities` is empty.

			// we are skipping epochs therefore we need to update the mapping

			// of epochs to session

							target: LOG_TARGET,

							epoch_index,

							session_index,

						);

	/// Finds the start slot of the current epoch.

	///

	/// Only guaranteed to give correct results after `initialize` of the first

	/// block in the chain (as its result is based off of `GenesisSlot`).

	/// Produces information about the current epoch.

	/// Produces information about the next epoch (which was already previously

	/// announced).

		// deposit a log because this is the first block in epoch #0

		// we use the same values as genesis because we haven't collected any

		// randomness yet.

					} else {

					}

			// the slot number of the current block being initialized

			// how many slots were skipped between current and last block

	/// Call this function exactly once when an epoch changes, to update the

	/// randomness. Returns the new randomness.

	/// Returns the session index that was live when the given epoch happened,

	/// taking into account any skipped epochs.

	///

	/// This function is only well defined for epochs that actually existed,

	/// e.g. if we skipped from epoch 10 to 20 then a call for epoch 15 (which

	/// didn't exist) will return an incorrect session index.

			// we have an exact match so we just return the given session index

			// we haven't found any skipped epoch before the given epoch,

			// so the epoch index and session index should match

			// we have found a skipped epoch before the given epoch

			},

		}

	/// Submits an extrinsic to report an equivocation. This method will create

	/// an unsigned extrinsic with a call to `report_equivocation_unsigned` and

	/// will push the transaction to the pool. Only useful in an offchain

	/// context.

}

impl<T: Config> OnTimestampSet<T::Moment> for Pallet<T> {

			timestamp_slot,

		);

}

impl<T: Config> frame_support::traits::EstimateNextSessionRotation<BlockNumberFor<T>>

	for Pallet<T>

{

}

impl<T: Config> frame_support::traits::Lateness<BlockNumberFor<T>> for Pallet<T> {

}

impl<T: Config> sp_runtime::BoundToRuntimeAppPublic for Pallet<T> {

	type Public = AuthorityId;

}

impl<T: Config> OneSessionHandler<T::AccountId> for Pallet<T>

where

	T: pallet_session::Config,

{

	type Key = AuthorityId;

}

// compute randomness for a new epoch. rho is the concatenation of all

// VRF outputs in the prior epoch.

//

// an optional size hint as to how many VRF outputs there were may be provided.

pub mod migrations {

	use super::*;

	use frame_support::pallet_prelude::{StorageValue, ValueQuery};

	/// Something that can return the storage prefix of the `Babe` pallet.

	pub trait BabePalletPrefix: Config {

		fn pallet_prefix() -> &'static str;

	}

	struct __OldNextEpochConfig<T>(core::marker::PhantomData<T>);

	impl<T: BabePalletPrefix> frame_support::traits::StorageInstance for __OldNextEpochConfig<T> {

		const STORAGE_PREFIX: &'static str = "NextEpochConfig";

	}

	type OldNextEpochConfig<T> =

		StorageValue<__OldNextEpochConfig<T>, Option<NextConfigDescriptor>, ValueQuery>;

	/// A storage migration that adds the current epoch configuration for Babe

	/// to storage.

}