Grcov report - equivocation.rs

1

// This file is part of Substrate.

2

3

// Copyright (C) Parity Technologies (UK) Ltd.

4

// SPDX-License-Identifier: Apache-2.0

5

6

// Licensed under the Apache License, Version 2.0 (the "License");

7

// you may not use this file except in compliance with the License.

8

// You may obtain a copy of the License at

9

//

10

// 	http://www.apache.org/licenses/LICENSE-2.0

11

//

12

// Unless required by applicable law or agreed to in writing, software

13

// distributed under the License is distributed on an "AS IS" BASIS,

14

// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

15

// See the License for the specific language governing permissions and

16

// limitations under the License.

17

18

//! An opt-in utility module for reporting equivocations.

19

//!

20

//! This module defines an offence type for BEEFY equivocations

21

//! and some utility traits to wire together:

22

//! - a key ownership proof system (e.g. to prove that a given authority was part of a session);

23

//! - a system for reporting offences;

24

//! - a system for signing and submitting transactions;

25

//! - a way to get the current block author;

26

//!

27

//! These can be used in an offchain context in order to submit equivocation

28

//! reporting extrinsics (from the client that's running the BEEFY protocol).

29

//! And in a runtime context, so that the BEEFY pallet can validate the

30

//! equivocation proofs in the extrinsic and report the offences.

31

//!

32

//! IMPORTANT:

33

//! When using this module for enabling equivocation reporting it is required

34

//! that the `ValidateUnsigned` for the BEEFY pallet is used in the runtime

35

//! definition.

36

37

use alloc::{vec, vec::Vec};

38

use codec::{self as codec, Decode, Encode};

39

use frame_support::traits::{Get, KeyOwnerProofSystem};

40

use frame_system::pallet_prelude::{BlockNumberFor, HeaderFor};

41

use log::{error, info};

42

use sp_consensus_beefy::{

43

	check_commitment_signature, AncestryHelper, DoubleVotingProof, ForkVotingProof,

44

	FutureBlockVotingProof, ValidatorSetId, KEY_TYPE as BEEFY_KEY_TYPE,

45

};

46

use sp_runtime::{

47

	transaction_validity::{

48

		InvalidTransaction, TransactionPriority, TransactionSource, TransactionValidity,

49

		TransactionValidityError, ValidTransaction,

50

},

51

	DispatchError, KeyTypeId, Perbill, RuntimeAppPublic,

52

};

53

use sp_session::{GetSessionNumber, GetValidatorCount};

54

use sp_staking::{

55

	offence::{Kind, Offence, OffenceReportSystem, ReportOffence},

56

	SessionIndex,

57

};

58

59

use super::{Call, Config, Error, Pallet, LOG_TARGET};

60

61

/// A round number and set id which point on the time of an offence.

62

#[derive(Copy, Clone, PartialOrd, Ord, Eq, PartialEq, Encode, Decode)]

63

pub struct TimeSlot<N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode> {

64

	// The order of these matters for `derive(Ord)`.

65

	/// BEEFY Set ID.

66

	pub set_id: ValidatorSetId,

67

	/// Round number.

68

	pub round: N,

69

70

71

/// BEEFY equivocation offence report.

72

pub struct EquivocationOffence<Offender, N>

73

where

74

	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,

75

76

	/// Time slot at which this incident happened.

77

	pub time_slot: TimeSlot<N>,

78

	/// The session index in which the incident happened.

79

	pub session_index: SessionIndex,

80

	/// The size of the validator set at the time of the offence.

81

	pub validator_set_count: u32,

82

	/// The authority which produced this equivocation.

83

	pub offender: Offender,

84

85

86

impl<Offender: Clone, N> Offence<Offender> for EquivocationOffence<Offender, N>

87

where

88

	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,

89

90

	const ID: Kind = *b"beefy:equivocati";

91

	type TimeSlot = TimeSlot<N>;

92

93

	fn offenders(&self) -> Vec<Offender> {

94

		vec![self.offender.clone()]

95

96

97

	fn session_index(&self) -> SessionIndex {

98

		self.session_index

99

100

101

	fn validator_set_count(&self) -> u32 {

102

		self.validator_set_count

103

104

105

	fn time_slot(&self) -> Self::TimeSlot {

106

		self.time_slot

107

108

109

	// The formula is min((3k / n)^2, 1)

110

	// where k = offenders_number and n = validators_number

111

	fn slash_fraction(&self, offenders_count: u32) -> Perbill {

112

		// Perbill type domain is [0, 1] by definition

113

		Perbill::from_rational(3 * offenders_count, self.validator_set_count).square()

114

115

116

117

/// BEEFY equivocation offence report system.

118

///

119

/// This type implements `OffenceReportSystem` such that:

120

/// - Equivocation reports are published on-chain as unsigned extrinsic via

121

///   `offchain::SendTransactionTypes`.

122

/// - On-chain validity checks and processing are mostly delegated to the user provided generic

123

///   types implementing `KeyOwnerProofSystem` and `ReportOffence` traits.

124

/// - Offence reporter for unsigned transactions is fetched via the authorship pallet.

125

pub struct EquivocationReportSystem<T, R, P, L>(core::marker::PhantomData<(T, R, P, L)>);

126

127

/// Equivocation evidence convenience alias.

128

pub enum EquivocationEvidenceFor<T: Config> {

129

	DoubleVotingProof(

130

		DoubleVotingProof<

131

			BlockNumberFor<T>,

132

			T::BeefyId,

133

			<T::BeefyId as RuntimeAppPublic>::Signature,

134

>,

135

		T::KeyOwnerProof,

136

),

137

	ForkVotingProof(

138

		ForkVotingProof<

139

			HeaderFor<T>,

140

			T::BeefyId,

141

			<T::AncestryHelper as AncestryHelper<HeaderFor<T>>>::Proof,

142

>,

143

		T::KeyOwnerProof,

144

),

145

	FutureBlockVotingProof(FutureBlockVotingProof<BlockNumberFor<T>, T::BeefyId>, T::KeyOwnerProof),

146

147

148

impl<T: Config> EquivocationEvidenceFor<T> {

149

	/// Returns the authority id of the equivocator.

150

417

	fn offender_id(&self) -> &T::BeefyId {

151

417

		match self {

152

288

			EquivocationEvidenceFor::DoubleVotingProof(equivocation_proof, _) =>

153

288

				equivocation_proof.offender_id(),

154

			EquivocationEvidenceFor::ForkVotingProof(equivocation_proof, _) =>

155

				&equivocation_proof.vote.id,

156

129

			EquivocationEvidenceFor::FutureBlockVotingProof(equivocation_proof, _) =>

157

129

				&equivocation_proof.vote.id,

158

159

417

160

161

	/// Returns the round number at which the equivocation occurred.

162

771

	fn round_number(&self) -> &BlockNumberFor<T> {

163

771

		match self {

164

546

			EquivocationEvidenceFor::DoubleVotingProof(equivocation_proof, _) =>

165

546

				equivocation_proof.round_number(),

166

			EquivocationEvidenceFor::ForkVotingProof(equivocation_proof, _) =>

167

				&equivocation_proof.vote.commitment.block_number,

168

225

			EquivocationEvidenceFor::FutureBlockVotingProof(equivocation_proof, _) =>

169

225

				&equivocation_proof.vote.commitment.block_number,

170

171

771

172

173

	/// Returns the set id at which the equivocation occurred.

174

771

	fn set_id(&self) -> ValidatorSetId {

175

771

		match self {

176

546

			EquivocationEvidenceFor::DoubleVotingProof(equivocation_proof, _) =>

177

546

				equivocation_proof.set_id(),

178

			EquivocationEvidenceFor::ForkVotingProof(equivocation_proof, _) =>

179

				equivocation_proof.vote.commitment.validator_set_id,

180

225

			EquivocationEvidenceFor::FutureBlockVotingProof(equivocation_proof, _) =>

181

225

				equivocation_proof.vote.commitment.validator_set_id,

182

183

771

184

185

	/// Returns the set id at which the equivocation occurred.

186

975

	fn key_owner_proof(&self) -> &T::KeyOwnerProof {

187

975

		match self {

188

678

			EquivocationEvidenceFor::DoubleVotingProof(_, key_owner_proof) => key_owner_proof,

189

			EquivocationEvidenceFor::ForkVotingProof(_, key_owner_proof) => key_owner_proof,

190

297

			EquivocationEvidenceFor::FutureBlockVotingProof(_, key_owner_proof) => key_owner_proof,

191

192

975

193

194

417

	fn checked_offender<P>(&self) -> Option<P::IdentificationTuple>

195

417

	where

196

417

		P: KeyOwnerProofSystem<(KeyTypeId, T::BeefyId), Proof = T::KeyOwnerProof>,

197

417

198

417

		let key = (BEEFY_KEY_TYPE, self.offender_id().clone());

199

417

		P::check_proof(key, self.key_owner_proof().clone())

200

417

201

202

	fn check_equivocation_proof(self) -> Result<(), Error<T>> {

203

		match self {

204

			EquivocationEvidenceFor::DoubleVotingProof(equivocation_proof, _) => {

205

				// Validate equivocation proof (check votes are different and signatures are valid).

206

				if !sp_consensus_beefy::check_double_voting_proof(&equivocation_proof) {

207

					return Err(Error::<T>::InvalidDoubleVotingProof);

208

209

210

				return Ok(())

211

},

212

			EquivocationEvidenceFor::ForkVotingProof(equivocation_proof, _) => {

213

				let ForkVotingProof { vote, ancestry_proof, header } = equivocation_proof;

214

215

				let maybe_validation_context = <T::AncestryHelper as AncestryHelper<

216

					HeaderFor<T>,

217

				>>::extract_validation_context(header);

218

				let validation_context = match maybe_validation_context {

219

					Some(validation_context) => validation_context,

220

					None => {

221

						return Err(Error::<T>::InvalidForkVotingProof);

222

},

223

};

224

225

				let is_non_canonical =

226

					<T::AncestryHelper as AncestryHelper<HeaderFor<T>>>::is_non_canonical(

227

						&vote.commitment,

228

						ancestry_proof,

229

						validation_context,

230

);

231

				if !is_non_canonical {

232

					return Err(Error::<T>::InvalidForkVotingProof);

233

234

235

				let is_signature_valid =

236

					check_commitment_signature(&vote.commitment, &vote.id, &vote.signature);

237

				if !is_signature_valid {

238

					return Err(Error::<T>::InvalidForkVotingProof);

239

240

241

				Ok(())

242

},

243

			EquivocationEvidenceFor::FutureBlockVotingProof(equivocation_proof, _) => {

244

				let FutureBlockVotingProof { vote } = equivocation_proof;

245

				// Check if the commitment actually targets a future block

246

				if vote.commitment.block_number < frame_system::Pallet::<T>::block_number() {

247

					return Err(Error::<T>::InvalidFutureBlockVotingProof);

248

249

250

				let is_signature_valid =

251

					check_commitment_signature(&vote.commitment, &vote.id, &vote.signature);

252

				if !is_signature_valid {

253

					return Err(Error::<T>::InvalidForkVotingProof);

254

255

256

				Ok(())

257

},

258

259

260

261

262

impl<T, R, P, L> OffenceReportSystem<Option<T::AccountId>, EquivocationEvidenceFor<T>>

263

	for EquivocationReportSystem<T, R, P, L>

264

where

265

	T: Config + pallet_authorship::Config + frame_system::offchain::SendTransactionTypes<Call<T>>,

266

	R: ReportOffence<

267

		T::AccountId,

268

		P::IdentificationTuple,

269

		EquivocationOffence<P::IdentificationTuple, BlockNumberFor<T>>,

270

>,

271

	P: KeyOwnerProofSystem<(KeyTypeId, T::BeefyId), Proof = T::KeyOwnerProof>,

272

	P::IdentificationTuple: Clone,

273

	L: Get<u64>,

274

275

	type Longevity = L;

276

277

	fn publish_evidence(evidence: EquivocationEvidenceFor<T>) -> Result<(), ()> {

278

		use frame_system::offchain::SubmitTransaction;

279

280

		let call: Call<T> = evidence.into();

281

		let res = SubmitTransaction::<T, Call<T>>::submit_unsigned_transaction(call.into());

282

		match res {

283

			Ok(_) => info!(target: LOG_TARGET, "Submitted equivocation report."),

284

			Err(e) => error!(target: LOG_TARGET, "Error submitting equivocation report: {:?}", e),

285

286

res

287

288

289

	fn check_evidence(

290

		evidence: EquivocationEvidenceFor<T>,

291

	) -> Result<(), TransactionValidityError> {

292

		let offender = evidence.checked_offender::<P>().ok_or(InvalidTransaction::BadProof)?;

293

294

		// Check if the offence has already been reported, and if so then we can discard the report.

295

		let time_slot = TimeSlot { set_id: evidence.set_id(), round: *evidence.round_number() };

296

		if R::is_known_offence(&[offender], &time_slot) {

297

			Err(InvalidTransaction::Stale.into())

298

		} else {

299

			Ok(())

300

301

302

303

771

	fn process_evidence(

304

771

		reporter: Option<T::AccountId>,

305

771

		evidence: EquivocationEvidenceFor<T>,

306

771

	) -> Result<(), DispatchError> {

307

771

		let reporter = reporter.or_else(|| pallet_authorship::Pallet::<T>::author());

308

771

309

771

		// We check the equivocation within the context of its set id (and associated session).

310

771

		let set_id = evidence.set_id();

311

771

		let round = *evidence.round_number();

312

771

		let set_id_session_index = crate::SetIdSession::<T>::get(set_id)

313

771

			.ok_or(Error::<T>::InvalidEquivocationProofSession)?;

314

315

		// Check that the session id for the membership proof is within the bounds

316

		// of the set id reported in the equivocation.

317

558

		let key_owner_proof = evidence.key_owner_proof();

318

558

		let validator_count = key_owner_proof.validator_count();

319

558

		let session_index = key_owner_proof.session();

320

558

		if session_index != set_id_session_index {

321

141

			return Err(Error::<T>::InvalidEquivocationProofSession.into())

322

417

323

324

		// Validate the key ownership proof extracting the id of the offender.

325

		let offender =

326

417

			evidence.checked_offender::<P>().ok_or(Error::<T>::InvalidKeyOwnershipProof)?;

327

328

		evidence.check_equivocation_proof()?;

329

330

		let offence = EquivocationOffence {

331

			time_slot: TimeSlot { set_id, round },

332

			session_index,

333

			validator_set_count: validator_count,

334

			offender,

335

};

336

		R::report_offence(reporter.into_iter().collect(), offence)

337

			.map_err(|_| Error::<T>::DuplicateOffenceReport.into())

338

771

339

340

341

/// Methods for the `ValidateUnsigned` implementation:

342

/// It restricts calls to `report_equivocation_unsigned` to local calls (i.e. extrinsics generated

343

/// on this node) or that already in a block. This guarantees that only block authors can include

344

/// unsigned equivocation reports.

345

impl<T: Config> Pallet<T> {

346

	pub fn validate_unsigned(source: TransactionSource, call: &Call<T>) -> TransactionValidity {

347

		// discard equivocation report not coming from the local node

348

		match source {

349

			TransactionSource::Local | TransactionSource::InBlock => { /* allowed */ },

350

			_ => {

351

				log::warn!(

352

					target: LOG_TARGET,

353

					"rejecting unsigned report equivocation transaction because it is not local/in-block."

354

);

355

				return InvalidTransaction::Call.into()

356

},

357

358

359

		let evidence = call.to_equivocation_evidence_for().ok_or(InvalidTransaction::Call)?;

360

		let tag = (evidence.offender_id().clone(), evidence.set_id(), *evidence.round_number());

361

		T::EquivocationReportSystem::check_evidence(evidence)?;

362

363

		let longevity =

364

			<T::EquivocationReportSystem as OffenceReportSystem<_, _>>::Longevity::get();

365

		ValidTransaction::with_tag_prefix("BeefyEquivocation")

366

			// We assign the maximum priority for any equivocation report.

367

			.priority(TransactionPriority::MAX)

368

			// Only one equivocation report for the same offender at the same slot.

369

			.and_provides(tag)

370

			.longevity(longevity)

371

			// We don't propagate this. This can never be included on a remote node.

372

			.propagate(false)

373

			.build()

374

375

376

	pub fn pre_dispatch(call: &Call<T>) -> Result<(), TransactionValidityError> {

377

		let evidence = call.to_equivocation_evidence_for().ok_or(InvalidTransaction::Call)?;

378

		T::EquivocationReportSystem::check_evidence(evidence)

379

380