From 6cd3d5e79bac993857d4707428907f92c6c360aa Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Tue, 22 Aug 2023 10:42:47 +0200 Subject: [PATCH 01/29] create new endpoint for consumer double voting --- .../ccv/provider/v1/tx.proto | 19 + .../proto/tendermint/types/evidence.proto | 38 ++ x/ccv/provider/client/cli/tx.go | 47 ++ x/ccv/provider/handler.go | 3 + x/ccv/provider/keeper/doube_vote.go | 39 ++ x/ccv/provider/keeper/msg_server.go | 18 + x/ccv/provider/types/msg.go | 49 ++ x/ccv/provider/types/tx.pb.go | 512 ++++++++++++++++-- x/ccv/types/events.go | 2 + 9 files changed, 690 insertions(+), 37 deletions(-) create mode 100644 third_party/proto/tendermint/types/evidence.proto create mode 100644 x/ccv/provider/keeper/doube_vote.go diff --git a/proto/interchain_security/ccv/provider/v1/tx.proto b/proto/interchain_security/ccv/provider/v1/tx.proto index 61be3064ea..e3aa8aeea5 100644 --- a/proto/interchain_security/ccv/provider/v1/tx.proto +++ b/proto/interchain_security/ccv/provider/v1/tx.proto @@ -8,12 +8,15 @@ import "gogoproto/gogo.proto"; import "cosmos_proto/cosmos.proto"; import "google/protobuf/any.proto"; import "ibc/lightclients/tendermint/v1/tendermint.proto"; +import "tendermint/types/evidence.proto"; + // Msg defines the Msg service. service Msg { rpc AssignConsumerKey(MsgAssignConsumerKey) returns (MsgAssignConsumerKeyResponse); rpc RegisterConsumerRewardDenom(MsgRegisterConsumerRewardDenom) returns (MsgRegisterConsumerRewardDenomResponse); rpc SubmitConsumerMisbehaviour(MsgSubmitConsumerMisbehaviour) returns (MsgSubmitConsumerMisbehaviourResponse); + rpc SubmitConsumerDoubleVoting(MsgSubmitConsumerDoubleVoting) returns (MsgSubmitConsumerDoubleVotingResponse); } message MsgAssignConsumerKey { @@ -59,3 +62,19 @@ message MsgSubmitConsumerMisbehaviour { } message MsgSubmitConsumerMisbehaviourResponse {} + + +// MsgSubmitConsumerDoubleVoting defines a message that reports an equivocation +// observed on a consumer chain +message MsgSubmitConsumerDoubleVoting { + option (gogoproto.equal) = false; + option (gogoproto.goproto_getters) = false; + string submitter = 1; + // The equivocation of the consumer chain wrapping + // an evidence of a validator that signed two conflicting votes + tendermint.types.DuplicateVoteEvidence duplicate_vote_evidence = 2; + // Unused but still here to not break the wire + ibc.lightclients.tendermint.v1.Header infraction_block_header = 3; +} + +message MsgSubmitConsumerDoubleVotingResponse {} \ No newline at end of file diff --git a/third_party/proto/tendermint/types/evidence.proto b/third_party/proto/tendermint/types/evidence.proto new file mode 100644 index 0000000000..451b8dca3c --- /dev/null +++ b/third_party/proto/tendermint/types/evidence.proto @@ -0,0 +1,38 @@ +syntax = "proto3"; +package tendermint.types; + +option go_package = "github.com/tendermint/tendermint/proto/tendermint/types"; + +import "gogoproto/gogo.proto"; +import "google/protobuf/timestamp.proto"; +import "tendermint/types/types.proto"; +import "tendermint/types/validator.proto"; + +message Evidence { + oneof sum { + DuplicateVoteEvidence duplicate_vote_evidence = 1; + LightClientAttackEvidence light_client_attack_evidence = 2; + } +} + +// DuplicateVoteEvidence contains evidence of a validator signed two conflicting votes. +message DuplicateVoteEvidence { + tendermint.types.Vote vote_a = 1; + tendermint.types.Vote vote_b = 2; + int64 total_voting_power = 3; + int64 validator_power = 4; + google.protobuf.Timestamp timestamp = 5 [(gogoproto.nullable) = false, (gogoproto.stdtime) = true]; +} + +// LightClientAttackEvidence contains evidence of a set of validators attempting to mislead a light client. +message LightClientAttackEvidence { + tendermint.types.LightBlock conflicting_block = 1; + int64 common_height = 2; + repeated tendermint.types.Validator byzantine_validators = 3; + int64 total_voting_power = 4; + google.protobuf.Timestamp timestamp = 5 [(gogoproto.nullable) = false, (gogoproto.stdtime) = true]; +} + +message EvidenceList { + repeated Evidence evidence = 1 [(gogoproto.nullable) = false]; +} diff --git a/x/ccv/provider/client/cli/tx.go b/x/ccv/provider/client/cli/tx.go index 1cad8b38ce..7b5f3ec79f 100644 --- a/x/ccv/provider/client/cli/tx.go +++ b/x/ccv/provider/client/cli/tx.go @@ -11,6 +11,7 @@ import ( "github.com/cosmos/cosmos-sdk/client/tx" "github.com/cosmos/cosmos-sdk/version" ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" + tmproto "github.com/tendermint/tendermint/proto/tendermint/types" sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" @@ -29,6 +30,7 @@ func GetTxCmd() *cobra.Command { cmd.AddCommand(NewAssignConsumerKeyCmd()) cmd.AddCommand(NewRegisterConsumerRewardDenomCmd()) cmd.AddCommand(NewSubmitConsumerMisbehaviourCmd()) + cmd.AddCommand(NewSubmitConsumerDoubleVotingCmd()) return cmd } @@ -148,3 +150,48 @@ Examples: return cmd } + +func NewSubmitConsumerDoubleVotingCmd() *cobra.Command { + cmd := &cobra.Command{ + Use: "submit-consumer-double-voting [evidence]", + Short: "submit a double-vote evidence for a consumer chain", + Args: cobra.ExactArgs(1), + RunE: func(cmd *cobra.Command, args []string) error { + clientCtx, err := client.GetClientTxContext(cmd) + if err != nil { + return err + } + + txf := tx.NewFactoryCLI(clientCtx, cmd.Flags()). + WithTxConfig(clientCtx.TxConfig).WithAccountRetriever(clientCtx.AccountRetriever) + + submitter := clientCtx.GetFromAddress() + var ev *tmproto.DuplicateVoteEvidence + if err := clientCtx.Codec.UnmarshalInterfaceJSON([]byte(args[1]), &ev); err != nil { + return err + } + + // TODO: uncomment this when the infraction header is used + // var header ibctmtypes.Header + // if err := clientCtx.Codec.UnmarshalInterfaceJSON([]byte(args[2]), &header); err != nil { + // return err + // } + + msg, err := types.NewMsgSubmitConsumerDoubleVoting(submitter, ev, nil) + if err != nil { + return err + } + if err := msg.ValidateBasic(); err != nil { + return err + } + + return tx.GenerateOrBroadcastTxWithFactory(clientCtx, txf, msg) + }, + } + + flags.AddTxFlagsToCmd(cmd) + + _ = cmd.MarkFlagRequired(flags.FlagFrom) + + return cmd +} diff --git a/x/ccv/provider/handler.go b/x/ccv/provider/handler.go index 6fa38b5ddf..8dca550732 100644 --- a/x/ccv/provider/handler.go +++ b/x/ccv/provider/handler.go @@ -24,6 +24,9 @@ func NewHandler(k *keeper.Keeper) sdk.Handler { case *types.MsgSubmitConsumerMisbehaviour: res, err := msgServer.SubmitConsumerMisbehaviour(sdk.WrapSDKContext(ctx), msg) return sdk.WrapServiceResult(ctx, res, err) + case *types.MsgSubmitConsumerDoubleVoting: + res, err := msgServer.SubmitConsumerDoubleVoting(sdk.WrapSDKContext(ctx), msg) + return sdk.WrapServiceResult(ctx, res, err) default: return nil, errorsmod.Wrapf(sdkerrors.ErrUnknownRequest, "unrecognized %s message type: %T", types.ModuleName, msg) } diff --git a/x/ccv/provider/keeper/doube_vote.go b/x/ccv/provider/keeper/doube_vote.go new file mode 100644 index 0000000000..f18461c06f --- /dev/null +++ b/x/ccv/provider/keeper/doube_vote.go @@ -0,0 +1,39 @@ +package keeper + +import ( + sdk "github.com/cosmos/cosmos-sdk/types" + ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" + tmproto "github.com/tendermint/tendermint/proto/tendermint/types" +) + +// header infraction heaader +func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmproto.DuplicateVoteEvidence, _ *ibctmtypes.Header) error { + // TODO: check header against consumer chain client states + + // ev, err := tmtypes.DuplicateVoteEvidenceFromProto(evidence) + // if err != nil { + // return err + // } + + // TODO: figure out if the evidence age must be checked + // if err := tmev.VerifyDuplicateVote(ev, header.Header.ChainID, valset); err != nil { + // return err + // } + + // CONVERT CONSUMER ADDRESS TO PROVIDER ADDRESS + + // consuAddress := sdk.ConsAddress(evidence.VoteA.GetValidatorAddress()) + // chainID := header.Header.ChainID + + // k.JailConsumerValidator(ctx, chainID, consuAddress) + + // provAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consuAddress) + + // logger := ctx.Logger() + // logger.Info( + // "confirmed equivocation", + // "byzantine validator address", provAddr, + // ) + + return nil +} diff --git a/x/ccv/provider/keeper/msg_server.go b/x/ccv/provider/keeper/msg_server.go index 80f325cc1b..a4adc36b5b 100644 --- a/x/ccv/provider/keeper/msg_server.go +++ b/x/ccv/provider/keeper/msg_server.go @@ -146,3 +146,21 @@ func (k msgServer) SubmitConsumerMisbehaviour(goCtx context.Context, msg *types. return &types.MsgSubmitConsumerMisbehaviourResponse{}, nil } + +func (k msgServer) SubmitConsumerDoubleVoting(goCtx context.Context, msg *types.MsgSubmitConsumerDoubleVoting) (*types.MsgSubmitConsumerDoubleVotingResponse, error) { + ctx := sdk.UnwrapSDKContext(goCtx) + if err := k.Keeper.HandleConsumerDoubleVoting(ctx, msg.DuplicateVoteEvidence, msg.InfractionBlockHeader); err != nil { + return &types.MsgSubmitConsumerDoubleVotingResponse{}, err + } + + ctx.EventManager().EmitEvents(sdk.Events{ + sdk.NewEvent( + ccvtypes.EventTypeSubmitConsumerMisbehaviour, + sdk.NewAttribute(ccvtypes.AttributeConsumerDoubleVoting, msg.DuplicateVoteEvidence.String()), + sdk.NewAttribute(ccvtypes.AttributeInfractionBlockHeader, msg.InfractionBlockHeader.String()), + sdk.NewAttribute(ccvtypes.AttributeSubmitterAddress, msg.Submitter), + ), + }) + + return &types.MsgSubmitConsumerDoubleVotingResponse{}, nil +} diff --git a/x/ccv/provider/types/msg.go b/x/ccv/provider/types/msg.go index 5c217f53b8..854876c56a 100644 --- a/x/ccv/provider/types/msg.go +++ b/x/ccv/provider/types/msg.go @@ -2,11 +2,13 @@ package types import ( "encoding/json" + "fmt" "strings" sdk "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" + tmtypes "github.com/tendermint/tendermint/proto/tendermint/types" ) // provider message types @@ -14,6 +16,7 @@ const ( TypeMsgAssignConsumerKey = "assign_consumer_key" TypeMsgRegisterConsumerRewardDenom = "register_consumer_reward_denom" TypeMsgSubmitConsumerMisbehaviour = "submit_consumer_misbehaviour" + TypeMsgSubmitConsumerDoubleVoting = "submit_consumer_double_vote" ) var ( @@ -185,3 +188,49 @@ func (msg MsgSubmitConsumerMisbehaviour) GetSigners() []sdk.AccAddress { } return []sdk.AccAddress{addr} } + +func NewMsgSubmitConsumerDoubleVoting(submitter sdk.AccAddress, ev *tmtypes.DuplicateVoteEvidence, header *ibctmtypes.Header) (*MsgSubmitConsumerDoubleVoting, error) { + return &MsgSubmitConsumerDoubleVoting{Submitter: submitter.String(), DuplicateVoteEvidence: ev, InfractionBlockHeader: header}, nil +} + +// Route implements the sdk.Msg interface. +func (msg MsgSubmitConsumerDoubleVoting) Route() string { return RouterKey } + +// Type implements the sdk.Msg interface. +func (msg MsgSubmitConsumerDoubleVoting) Type() string { + return TypeMsgSubmitConsumerDoubleVoting +} + +// Type implements the sdk.Msg interface. +func (msg MsgSubmitConsumerDoubleVoting) ValidateBasic() error { + if msg.Submitter == "" { + return sdkerrors.Wrap(sdkerrors.ErrInvalidAddress, msg.Submitter) + + } + if msg.DuplicateVoteEvidence == nil { + return fmt.Errorf("duplicate evidence cannot be nil") + } + + // TODO: uncomment this when the infraction header is used + // if msg.InfractionBlockHeader.Header == nil { + // return fmt.Errorf("double-vote evidence header cannot be nil") + // } + + return nil +} + +// Type implements the sdk.Msg interface. +func (msg MsgSubmitConsumerDoubleVoting) GetSignBytes() []byte { + bz := ModuleCdc.MustMarshalJSON(&msg) + return sdk.MustSortJSON(bz) +} + +// Type implements the sdk.Msg interface. +func (msg MsgSubmitConsumerDoubleVoting) GetSigners() []sdk.AccAddress { + addr, err := sdk.AccAddressFromBech32(msg.Submitter) + if err != nil { + // same behavior as in cosmos-sdk + panic(err) + } + return []sdk.AccAddress{addr} +} diff --git a/x/ccv/provider/types/tx.pb.go b/x/ccv/provider/types/tx.pb.go index f27ab52533..1fb9649ad3 100644 --- a/x/ccv/provider/types/tx.pb.go +++ b/x/ccv/provider/types/tx.pb.go @@ -12,6 +12,7 @@ import ( grpc1 "github.com/gogo/protobuf/grpc" proto "github.com/gogo/protobuf/proto" _ "github.com/regen-network/cosmos-proto" + types1 "github.com/tendermint/tendermint/proto/tendermint/types" _ "google.golang.org/genproto/googleapis/api/annotations" grpc "google.golang.org/grpc" codes "google.golang.org/grpc/codes" @@ -271,6 +272,86 @@ func (m *MsgSubmitConsumerMisbehaviourResponse) XXX_DiscardUnknown() { var xxx_messageInfo_MsgSubmitConsumerMisbehaviourResponse proto.InternalMessageInfo +// MsgSubmitConsumerDoubleVoting defines a message that reports an equivocation +// observed on a consumer chain +type MsgSubmitConsumerDoubleVoting struct { + Submitter string `protobuf:"bytes,1,opt,name=submitter,proto3" json:"submitter,omitempty"` + // The equivocation of the consumer chain wrapping + // an evidence of a validator that signed two conflicting votes + DuplicateVoteEvidence *types1.DuplicateVoteEvidence `protobuf:"bytes,2,opt,name=duplicate_vote_evidence,json=duplicateVoteEvidence,proto3" json:"duplicate_vote_evidence,omitempty"` + // Unused but still here to not break the wire + InfractionBlockHeader *types.Header `protobuf:"bytes,3,opt,name=infraction_block_header,json=infractionBlockHeader,proto3" json:"infraction_block_header,omitempty"` +} + +func (m *MsgSubmitConsumerDoubleVoting) Reset() { *m = MsgSubmitConsumerDoubleVoting{} } +func (m *MsgSubmitConsumerDoubleVoting) String() string { return proto.CompactTextString(m) } +func (*MsgSubmitConsumerDoubleVoting) ProtoMessage() {} +func (*MsgSubmitConsumerDoubleVoting) Descriptor() ([]byte, []int) { + return fileDescriptor_43221a4391e9fbf4, []int{6} +} +func (m *MsgSubmitConsumerDoubleVoting) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *MsgSubmitConsumerDoubleVoting) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_MsgSubmitConsumerDoubleVoting.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *MsgSubmitConsumerDoubleVoting) XXX_Merge(src proto.Message) { + xxx_messageInfo_MsgSubmitConsumerDoubleVoting.Merge(m, src) +} +func (m *MsgSubmitConsumerDoubleVoting) XXX_Size() int { + return m.Size() +} +func (m *MsgSubmitConsumerDoubleVoting) XXX_DiscardUnknown() { + xxx_messageInfo_MsgSubmitConsumerDoubleVoting.DiscardUnknown(m) +} + +var xxx_messageInfo_MsgSubmitConsumerDoubleVoting proto.InternalMessageInfo + +type MsgSubmitConsumerDoubleVotingResponse struct { +} + +func (m *MsgSubmitConsumerDoubleVotingResponse) Reset() { *m = MsgSubmitConsumerDoubleVotingResponse{} } +func (m *MsgSubmitConsumerDoubleVotingResponse) String() string { return proto.CompactTextString(m) } +func (*MsgSubmitConsumerDoubleVotingResponse) ProtoMessage() {} +func (*MsgSubmitConsumerDoubleVotingResponse) Descriptor() ([]byte, []int) { + return fileDescriptor_43221a4391e9fbf4, []int{7} +} +func (m *MsgSubmitConsumerDoubleVotingResponse) XXX_Unmarshal(b []byte) error { + return m.Unmarshal(b) +} +func (m *MsgSubmitConsumerDoubleVotingResponse) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + if deterministic { + return xxx_messageInfo_MsgSubmitConsumerDoubleVotingResponse.Marshal(b, m, deterministic) + } else { + b = b[:cap(b)] + n, err := m.MarshalToSizedBuffer(b) + if err != nil { + return nil, err + } + return b[:n], nil + } +} +func (m *MsgSubmitConsumerDoubleVotingResponse) XXX_Merge(src proto.Message) { + xxx_messageInfo_MsgSubmitConsumerDoubleVotingResponse.Merge(m, src) +} +func (m *MsgSubmitConsumerDoubleVotingResponse) XXX_Size() int { + return m.Size() +} +func (m *MsgSubmitConsumerDoubleVotingResponse) XXX_DiscardUnknown() { + xxx_messageInfo_MsgSubmitConsumerDoubleVotingResponse.DiscardUnknown(m) +} + +var xxx_messageInfo_MsgSubmitConsumerDoubleVotingResponse proto.InternalMessageInfo + func init() { proto.RegisterType((*MsgAssignConsumerKey)(nil), "interchain_security.ccv.provider.v1.MsgAssignConsumerKey") proto.RegisterType((*MsgAssignConsumerKeyResponse)(nil), "interchain_security.ccv.provider.v1.MsgAssignConsumerKeyResponse") @@ -278,6 +359,8 @@ func init() { proto.RegisterType((*MsgRegisterConsumerRewardDenomResponse)(nil), "interchain_security.ccv.provider.v1.MsgRegisterConsumerRewardDenomResponse") proto.RegisterType((*MsgSubmitConsumerMisbehaviour)(nil), "interchain_security.ccv.provider.v1.MsgSubmitConsumerMisbehaviour") proto.RegisterType((*MsgSubmitConsumerMisbehaviourResponse)(nil), "interchain_security.ccv.provider.v1.MsgSubmitConsumerMisbehaviourResponse") + proto.RegisterType((*MsgSubmitConsumerDoubleVoting)(nil), "interchain_security.ccv.provider.v1.MsgSubmitConsumerDoubleVoting") + proto.RegisterType((*MsgSubmitConsumerDoubleVotingResponse)(nil), "interchain_security.ccv.provider.v1.MsgSubmitConsumerDoubleVotingResponse") } func init() { @@ -285,43 +368,51 @@ func init() { } var fileDescriptor_43221a4391e9fbf4 = []byte{ - // 568 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x54, 0x3f, 0x6f, 0x13, 0x4f, - 0x10, 0xf5, 0xfd, 0xa2, 0x1f, 0x24, 0x9b, 0x80, 0xc4, 0xc9, 0x85, 0x73, 0x98, 0x33, 0x18, 0x01, - 0x29, 0xc2, 0xae, 0x6c, 0x0a, 0x44, 0x24, 0x0a, 0x3b, 0x34, 0x10, 0x59, 0x42, 0x47, 0x81, 0x44, - 0x81, 0x75, 0xb7, 0xbb, 0xac, 0x57, 0xf8, 0x76, 0x4f, 0xbb, 0x7b, 0x47, 0xee, 0x1b, 0x50, 0x42, - 0x85, 0xe8, 0xf2, 0x01, 0x90, 0xf8, 0x1a, 0x94, 0x29, 0xa9, 0x10, 0xb2, 0x1b, 0x6a, 0x4a, 0x2a, - 0xe4, 0xfb, 0x63, 0x5f, 0x84, 0xb1, 0x2c, 0xa0, 0xdb, 0x99, 0x79, 0xfb, 0xde, 0x1b, 0xcd, 0x68, - 0xc0, 0x3e, 0x17, 0x86, 0x2a, 0x3c, 0xf2, 0xb9, 0x18, 0x6a, 0x8a, 0x63, 0xc5, 0x4d, 0x8a, 0x30, - 0x4e, 0x50, 0xa4, 0x64, 0xc2, 0x09, 0x55, 0x28, 0xe9, 0x20, 0x73, 0x0c, 0x23, 0x25, 0x8d, 0xb4, - 0xaf, 0x2f, 0x41, 0x43, 0x8c, 0x13, 0x58, 0xa2, 0x61, 0xd2, 0x71, 0x9a, 0x4c, 0x4a, 0x36, 0xa6, - 0xc8, 0x8f, 0x38, 0xf2, 0x85, 0x90, 0xc6, 0x37, 0x5c, 0x0a, 0x9d, 0x53, 0x38, 0x75, 0x26, 0x99, - 0xcc, 0x9e, 0x68, 0xf6, 0x2a, 0xb2, 0xbb, 0x58, 0xea, 0x50, 0xea, 0x61, 0x5e, 0xc8, 0x83, 0xb2, - 0x54, 0xd0, 0x65, 0x51, 0x10, 0xbf, 0x40, 0xbe, 0x48, 0x8b, 0x12, 0xe2, 0x01, 0x46, 0x63, 0xce, - 0x46, 0x06, 0x8f, 0x39, 0x15, 0x46, 0x23, 0x43, 0x05, 0xa1, 0x2a, 0xe4, 0xc2, 0x64, 0xbe, 0xe7, - 0x51, 0xfe, 0xa1, 0xfd, 0xce, 0x02, 0xf5, 0x81, 0x66, 0x3d, 0xad, 0x39, 0x13, 0x87, 0x52, 0xe8, - 0x38, 0xa4, 0xea, 0x88, 0xa6, 0xf6, 0x2e, 0xd8, 0xcc, 0xbb, 0xe2, 0xa4, 0x61, 0x5d, 0xb5, 0xf6, - 0xb6, 0xbc, 0xf3, 0x59, 0xfc, 0x90, 0xd8, 0x77, 0xc1, 0x85, 0xb2, 0xbb, 0xa1, 0x4f, 0x88, 0x6a, - 0xfc, 0x37, 0xab, 0xf7, 0xed, 0xef, 0x5f, 0x5a, 0x17, 0x53, 0x3f, 0x1c, 0x1f, 0xb4, 0x67, 0x59, - 0xaa, 0x75, 0xdb, 0xdb, 0x29, 0x81, 0x3d, 0x42, 0x94, 0x7d, 0x0d, 0xec, 0xe0, 0x42, 0x62, 0xf8, - 0x92, 0xa6, 0x8d, 0x8d, 0x8c, 0x77, 0x1b, 0x2f, 0x64, 0x0f, 0x36, 0x5f, 0x9f, 0xb4, 0x6a, 0xdf, - 0x4e, 0x5a, 0xb5, 0xb6, 0x0b, 0x9a, 0xcb, 0x8c, 0x79, 0x54, 0x47, 0x52, 0x68, 0xda, 0x7e, 0x0e, - 0xdc, 0x81, 0x66, 0x1e, 0x65, 0x5c, 0x1b, 0xaa, 0x4a, 0x84, 0x47, 0x5f, 0xf9, 0x8a, 0x3c, 0xa0, - 0x42, 0x86, 0x76, 0x1d, 0xfc, 0x4f, 0x66, 0x8f, 0xc2, 0x7f, 0x1e, 0xd8, 0x4d, 0xb0, 0x45, 0x68, - 0x24, 0x35, 0x37, 0xb2, 0x70, 0xee, 0x2d, 0x12, 0x15, 0xfd, 0x3d, 0x70, 0x73, 0x35, 0xff, 0xdc, - 0xc9, 0x7b, 0x0b, 0x5c, 0x19, 0x68, 0xf6, 0x24, 0x0e, 0x42, 0x6e, 0x4a, 0xe0, 0x80, 0xeb, 0x80, - 0x8e, 0xfc, 0x84, 0xcb, 0x58, 0xcd, 0x34, 0x75, 0x56, 0x35, 0x54, 0x15, 0x6e, 0x16, 0x09, 0xfb, - 0x31, 0xd8, 0x09, 0x2b, 0xe8, 0xcc, 0xd4, 0x76, 0x77, 0x1f, 0xf2, 0x00, 0xc3, 0xea, 0x2c, 0x61, - 0x65, 0x7a, 0x49, 0x07, 0x56, 0x15, 0xbc, 0x33, 0x0c, 0x95, 0x2e, 0x6e, 0x81, 0x1b, 0x2b, 0xad, - 0x95, 0x4d, 0x74, 0x7f, 0x6c, 0x80, 0x8d, 0x81, 0x66, 0xf6, 0x5b, 0x0b, 0x5c, 0xfa, 0x75, 0x1b, - 0xee, 0xc1, 0x35, 0xf6, 0x1c, 0x2e, 0x9b, 0x97, 0xd3, 0xfb, 0xe3, 0xaf, 0xa5, 0x37, 0xfb, 0xa3, - 0x05, 0x2e, 0xaf, 0x1a, 0xf4, 0xe1, 0xba, 0x12, 0x2b, 0x48, 0x9c, 0xa3, 0x7f, 0x40, 0x32, 0x77, - 0xfc, 0xc1, 0x02, 0xce, 0x8a, 0x7d, 0xe8, 0xaf, 0xab, 0xf5, 0x7b, 0x0e, 0xe7, 0xd1, 0xdf, 0x73, - 0x94, 0x76, 0xfb, 0x4f, 0x3f, 0x4d, 0x5c, 0xeb, 0x74, 0xe2, 0x5a, 0x5f, 0x27, 0xae, 0xf5, 0x66, - 0xea, 0xd6, 0x4e, 0xa7, 0x6e, 0xed, 0xf3, 0xd4, 0xad, 0x3d, 0xbb, 0xcf, 0xb8, 0x19, 0xc5, 0x01, - 0xc4, 0x32, 0x2c, 0x8e, 0x10, 0x5a, 0xc8, 0xde, 0x9e, 0xdf, 0xc7, 0xa4, 0x8b, 0x8e, 0xcf, 0x1e, - 0x49, 0x93, 0x46, 0x54, 0x07, 0xe7, 0xb2, 0x2b, 0x73, 0xe7, 0x67, 0x00, 0x00, 0x00, 0xff, 0xff, - 0xe3, 0x4f, 0x57, 0x26, 0x55, 0x05, 0x00, 0x00, + // 694 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x55, 0xcf, 0x4e, 0x14, 0x4f, + 0x10, 0xde, 0x81, 0xf0, 0xfb, 0x41, 0x83, 0x26, 0x4e, 0x20, 0xc0, 0x8a, 0xb3, 0xba, 0x46, 0xe0, + 0x80, 0xd3, 0x61, 0x3d, 0x18, 0x49, 0x3c, 0xb0, 0x60, 0xa2, 0x92, 0x4d, 0xcc, 0x98, 0x60, 0xe2, + 0x81, 0xc9, 0x4c, 0x77, 0x31, 0xdb, 0x61, 0xa7, 0x7b, 0xd3, 0xdd, 0x33, 0xb2, 0x6f, 0xc0, 0x51, + 0x4f, 0xc6, 0x1b, 0x57, 0x13, 0x13, 0x5f, 0xc3, 0x23, 0x47, 0x4f, 0xc6, 0xc0, 0xc5, 0xb3, 0x4f, + 0x60, 0xe6, 0xdf, 0xee, 0x10, 0xd7, 0x85, 0xa0, 0xb7, 0xae, 0xaa, 0xaf, 0xbf, 0xfa, 0xaa, 0xa7, + 0x6a, 0x0a, 0xad, 0x31, 0xae, 0x41, 0x92, 0xb6, 0xc7, 0xb8, 0xab, 0x80, 0x44, 0x92, 0xe9, 0x1e, + 0x26, 0x24, 0xc6, 0x5d, 0x29, 0x62, 0x46, 0x41, 0xe2, 0x78, 0x1d, 0xeb, 0x43, 0xbb, 0x2b, 0x85, + 0x16, 0xe6, 0xdd, 0x21, 0x68, 0x9b, 0x90, 0xd8, 0x2e, 0xd0, 0x76, 0xbc, 0x5e, 0x5d, 0x0a, 0x84, + 0x08, 0x3a, 0x80, 0xbd, 0x2e, 0xc3, 0x1e, 0xe7, 0x42, 0x7b, 0x9a, 0x09, 0xae, 0x32, 0x8a, 0xea, + 0x6c, 0x20, 0x02, 0x91, 0x1e, 0x71, 0x72, 0xca, 0xbd, 0x8b, 0x44, 0xa8, 0x50, 0x28, 0x37, 0x0b, + 0x64, 0x46, 0x11, 0xca, 0xe9, 0x52, 0xcb, 0x8f, 0xf6, 0xb1, 0xc7, 0x7b, 0x79, 0x08, 0x33, 0x9f, + 0xe0, 0x0e, 0x0b, 0xda, 0x9a, 0x74, 0x18, 0x70, 0xad, 0xb0, 0x06, 0x4e, 0x41, 0x86, 0x8c, 0xeb, + 0x54, 0x77, 0xdf, 0xca, 0x2f, 0xd4, 0x4a, 0x71, 0xdd, 0xeb, 0x82, 0xc2, 0x90, 0xc8, 0xe6, 0x04, + 0x32, 0x40, 0xfd, 0xbd, 0x81, 0x66, 0x5b, 0x2a, 0xd8, 0x54, 0x8a, 0x05, 0x7c, 0x4b, 0x70, 0x15, + 0x85, 0x20, 0x77, 0xa0, 0x67, 0x2e, 0xa2, 0xc9, 0xac, 0x6c, 0x46, 0x17, 0x8c, 0xdb, 0xc6, 0xea, + 0x94, 0xf3, 0x7f, 0x6a, 0x3f, 0xa3, 0xe6, 0x43, 0x74, 0xad, 0x28, 0xdf, 0xf5, 0x28, 0x95, 0x0b, + 0x63, 0x49, 0xbc, 0x69, 0xfe, 0xfc, 0x56, 0xbb, 0xde, 0xf3, 0xc2, 0xce, 0x46, 0x3d, 0xf1, 0x82, + 0x52, 0x75, 0x67, 0xa6, 0x00, 0x6e, 0x52, 0x2a, 0xcd, 0x3b, 0x68, 0x86, 0xe4, 0x29, 0xdc, 0x03, + 0xe8, 0x2d, 0x8c, 0xa7, 0xbc, 0xd3, 0x64, 0x90, 0x76, 0x63, 0xf2, 0xe8, 0xb8, 0x56, 0xf9, 0x71, + 0x5c, 0xab, 0xd4, 0x2d, 0xb4, 0x34, 0x4c, 0x98, 0x03, 0xaa, 0x2b, 0xb8, 0x82, 0xfa, 0x1e, 0xb2, + 0x5a, 0x2a, 0x70, 0x20, 0x60, 0x4a, 0x83, 0x2c, 0x10, 0x0e, 0xbc, 0xf1, 0x24, 0xdd, 0x06, 0x2e, + 0x42, 0x73, 0x16, 0x4d, 0xd0, 0xe4, 0x90, 0xeb, 0xcf, 0x0c, 0x73, 0x09, 0x4d, 0x51, 0xe8, 0x0a, + 0xc5, 0xb4, 0xc8, 0x95, 0x3b, 0x03, 0x47, 0x29, 0xff, 0x2a, 0x5a, 0x1e, 0xcd, 0xdf, 0x57, 0xf2, + 0xc1, 0x40, 0xb7, 0x5a, 0x2a, 0x78, 0x19, 0xf9, 0x21, 0xd3, 0x05, 0xb0, 0xc5, 0x94, 0x0f, 0x6d, + 0x2f, 0x66, 0x22, 0x92, 0x49, 0x4e, 0x95, 0x46, 0x35, 0xc8, 0x5c, 0xcd, 0xc0, 0x61, 0xbe, 0x40, + 0x33, 0x61, 0x09, 0x9d, 0x8a, 0x9a, 0x6e, 0xac, 0xd9, 0xcc, 0x27, 0x76, 0xf9, 0x63, 0xdb, 0xa5, + 0xcf, 0x1b, 0xaf, 0xdb, 0xe5, 0x0c, 0xce, 0x39, 0x86, 0x52, 0x15, 0x2b, 0xe8, 0xde, 0x48, 0x69, + 0xfd, 0x22, 0x8e, 0xc6, 0x86, 0x14, 0xb1, 0x2d, 0x22, 0xbf, 0x03, 0xbb, 0x42, 0x33, 0x1e, 0x5c, + 0x50, 0x84, 0x8b, 0xe6, 0x69, 0xd4, 0xed, 0x30, 0xe2, 0x69, 0x70, 0x63, 0xa1, 0xc1, 0x2d, 0x3a, + 0x2d, 0xaf, 0x67, 0xa5, 0x2c, 0x3f, 0xed, 0x45, 0x7b, 0xbb, 0xb8, 0xb0, 0x2b, 0x34, 0x3c, 0xc9, + 0xe1, 0xce, 0x1c, 0x1d, 0xe6, 0x36, 0xf7, 0xd0, 0x3c, 0xe3, 0xfb, 0xd2, 0x23, 0xc9, 0x70, 0xb9, + 0x7e, 0x47, 0x90, 0x03, 0xb7, 0x0d, 0x1e, 0x05, 0x99, 0xf6, 0xd1, 0x74, 0x63, 0xf9, 0xa2, 0x07, + 0x7b, 0x9a, 0xa2, 0x9d, 0xb9, 0x01, 0x4d, 0x33, 0x61, 0xc9, 0xdc, 0x17, 0xbc, 0x59, 0xf9, 0x25, + 0x8a, 0x37, 0x6b, 0x7c, 0x9c, 0x40, 0xe3, 0x2d, 0x15, 0x98, 0xef, 0x0c, 0x74, 0xe3, 0xf7, 0x09, + 0x7a, 0x64, 0x5f, 0xe2, 0xe7, 0x61, 0x0f, 0xeb, 0xf1, 0xea, 0xe6, 0x95, 0xaf, 0x16, 0xda, 0xcc, + 0xcf, 0x06, 0xba, 0x39, 0x6a, 0x38, 0xb6, 0x2e, 0x9b, 0x62, 0x04, 0x49, 0x75, 0xe7, 0x1f, 0x90, + 0xf4, 0x15, 0x7f, 0x32, 0x50, 0x75, 0xc4, 0x0c, 0x35, 0x2f, 0x9b, 0xeb, 0xcf, 0x1c, 0xd5, 0xe7, + 0x7f, 0xcf, 0x31, 0x42, 0xee, 0xb9, 0x69, 0xb9, 0xa2, 0xdc, 0x32, 0xc7, 0x55, 0xe5, 0x0e, 0xeb, + 0xd5, 0xe6, 0xab, 0x2f, 0xa7, 0x96, 0x71, 0x72, 0x6a, 0x19, 0xdf, 0x4f, 0x2d, 0xe3, 0xed, 0x99, + 0x55, 0x39, 0x39, 0xb3, 0x2a, 0x5f, 0xcf, 0xac, 0xca, 0xeb, 0xc7, 0x01, 0xd3, 0xed, 0xc8, 0xb7, + 0x89, 0x08, 0xf3, 0x45, 0x84, 0x07, 0x69, 0xef, 0xf7, 0x77, 0x64, 0xdc, 0xc0, 0x87, 0xe7, 0x17, + 0x65, 0x3a, 0xc4, 0xfe, 0x7f, 0xe9, 0x22, 0x79, 0xf0, 0x2b, 0x00, 0x00, 0xff, 0xff, 0xe9, 0x25, + 0x43, 0x02, 0x59, 0x07, 0x00, 0x00, } // Reference imports to suppress errors if they are not otherwise used. @@ -339,6 +430,7 @@ type MsgClient interface { AssignConsumerKey(ctx context.Context, in *MsgAssignConsumerKey, opts ...grpc.CallOption) (*MsgAssignConsumerKeyResponse, error) RegisterConsumerRewardDenom(ctx context.Context, in *MsgRegisterConsumerRewardDenom, opts ...grpc.CallOption) (*MsgRegisterConsumerRewardDenomResponse, error) SubmitConsumerMisbehaviour(ctx context.Context, in *MsgSubmitConsumerMisbehaviour, opts ...grpc.CallOption) (*MsgSubmitConsumerMisbehaviourResponse, error) + SubmitConsumerDoubleVoting(ctx context.Context, in *MsgSubmitConsumerDoubleVoting, opts ...grpc.CallOption) (*MsgSubmitConsumerDoubleVotingResponse, error) } type msgClient struct { @@ -376,11 +468,21 @@ func (c *msgClient) SubmitConsumerMisbehaviour(ctx context.Context, in *MsgSubmi return out, nil } +func (c *msgClient) SubmitConsumerDoubleVoting(ctx context.Context, in *MsgSubmitConsumerDoubleVoting, opts ...grpc.CallOption) (*MsgSubmitConsumerDoubleVotingResponse, error) { + out := new(MsgSubmitConsumerDoubleVotingResponse) + err := c.cc.Invoke(ctx, "/interchain_security.ccv.provider.v1.Msg/SubmitConsumerDoubleVoting", in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // MsgServer is the server API for Msg service. type MsgServer interface { AssignConsumerKey(context.Context, *MsgAssignConsumerKey) (*MsgAssignConsumerKeyResponse, error) RegisterConsumerRewardDenom(context.Context, *MsgRegisterConsumerRewardDenom) (*MsgRegisterConsumerRewardDenomResponse, error) SubmitConsumerMisbehaviour(context.Context, *MsgSubmitConsumerMisbehaviour) (*MsgSubmitConsumerMisbehaviourResponse, error) + SubmitConsumerDoubleVoting(context.Context, *MsgSubmitConsumerDoubleVoting) (*MsgSubmitConsumerDoubleVotingResponse, error) } // UnimplementedMsgServer can be embedded to have forward compatible implementations. @@ -396,6 +498,9 @@ func (*UnimplementedMsgServer) RegisterConsumerRewardDenom(ctx context.Context, func (*UnimplementedMsgServer) SubmitConsumerMisbehaviour(ctx context.Context, req *MsgSubmitConsumerMisbehaviour) (*MsgSubmitConsumerMisbehaviourResponse, error) { return nil, status.Errorf(codes.Unimplemented, "method SubmitConsumerMisbehaviour not implemented") } +func (*UnimplementedMsgServer) SubmitConsumerDoubleVoting(ctx context.Context, req *MsgSubmitConsumerDoubleVoting) (*MsgSubmitConsumerDoubleVotingResponse, error) { + return nil, status.Errorf(codes.Unimplemented, "method SubmitConsumerDoubleVoting not implemented") +} func RegisterMsgServer(s grpc1.Server, srv MsgServer) { s.RegisterService(&_Msg_serviceDesc, srv) @@ -455,6 +560,24 @@ func _Msg_SubmitConsumerMisbehaviour_Handler(srv interface{}, ctx context.Contex return interceptor(ctx, in, info, handler) } +func _Msg_SubmitConsumerDoubleVoting_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(MsgSubmitConsumerDoubleVoting) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(MsgServer).SubmitConsumerDoubleVoting(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: "/interchain_security.ccv.provider.v1.Msg/SubmitConsumerDoubleVoting", + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(MsgServer).SubmitConsumerDoubleVoting(ctx, req.(*MsgSubmitConsumerDoubleVoting)) + } + return interceptor(ctx, in, info, handler) +} + var _Msg_serviceDesc = grpc.ServiceDesc{ ServiceName: "interchain_security.ccv.provider.v1.Msg", HandlerType: (*MsgServer)(nil), @@ -471,6 +594,10 @@ var _Msg_serviceDesc = grpc.ServiceDesc{ MethodName: "SubmitConsumerMisbehaviour", Handler: _Msg_SubmitConsumerMisbehaviour_Handler, }, + { + MethodName: "SubmitConsumerDoubleVoting", + Handler: _Msg_SubmitConsumerDoubleVoting_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "interchain_security/ccv/provider/v1/tx.proto", @@ -668,6 +795,83 @@ func (m *MsgSubmitConsumerMisbehaviourResponse) MarshalToSizedBuffer(dAtA []byte return len(dAtA) - i, nil } +func (m *MsgSubmitConsumerDoubleVoting) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *MsgSubmitConsumerDoubleVoting) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *MsgSubmitConsumerDoubleVoting) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + if m.InfractionBlockHeader != nil { + { + size, err := m.InfractionBlockHeader.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintTx(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x1a + } + if m.DuplicateVoteEvidence != nil { + { + size, err := m.DuplicateVoteEvidence.MarshalToSizedBuffer(dAtA[:i]) + if err != nil { + return 0, err + } + i -= size + i = encodeVarintTx(dAtA, i, uint64(size)) + } + i-- + dAtA[i] = 0x12 + } + if len(m.Submitter) > 0 { + i -= len(m.Submitter) + copy(dAtA[i:], m.Submitter) + i = encodeVarintTx(dAtA, i, uint64(len(m.Submitter))) + i-- + dAtA[i] = 0xa + } + return len(dAtA) - i, nil +} + +func (m *MsgSubmitConsumerDoubleVotingResponse) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalToSizedBuffer(dAtA[:size]) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *MsgSubmitConsumerDoubleVotingResponse) MarshalTo(dAtA []byte) (int, error) { + size := m.Size() + return m.MarshalToSizedBuffer(dAtA[:size]) +} + +func (m *MsgSubmitConsumerDoubleVotingResponse) MarshalToSizedBuffer(dAtA []byte) (int, error) { + i := len(dAtA) + _ = i + var l int + _ = l + return len(dAtA) - i, nil +} + func encodeVarintTx(dAtA []byte, offset int, v uint64) int { offset -= sovTx(v) base := offset @@ -761,6 +965,36 @@ func (m *MsgSubmitConsumerMisbehaviourResponse) Size() (n int) { return n } +func (m *MsgSubmitConsumerDoubleVoting) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + l = len(m.Submitter) + if l > 0 { + n += 1 + l + sovTx(uint64(l)) + } + if m.DuplicateVoteEvidence != nil { + l = m.DuplicateVoteEvidence.Size() + n += 1 + l + sovTx(uint64(l)) + } + if m.InfractionBlockHeader != nil { + l = m.InfractionBlockHeader.Size() + n += 1 + l + sovTx(uint64(l)) + } + return n +} + +func (m *MsgSubmitConsumerDoubleVotingResponse) Size() (n int) { + if m == nil { + return 0 + } + var l int + _ = l + return n +} + func sovTx(x uint64) (n int) { return (math_bits.Len64(x|1) + 6) / 7 } @@ -1295,6 +1529,210 @@ func (m *MsgSubmitConsumerMisbehaviourResponse) Unmarshal(dAtA []byte) error { } return nil } +func (m *MsgSubmitConsumerDoubleVoting) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: MsgSubmitConsumerDoubleVoting: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: MsgSubmitConsumerDoubleVoting: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Submitter", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + intStringLen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Submitter = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field DuplicateVoteEvidence", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.DuplicateVoteEvidence == nil { + m.DuplicateVoteEvidence = &types1.DuplicateVoteEvidence{} + } + if err := m.DuplicateVoteEvidence.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + case 3: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field InfractionBlockHeader", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= int(b&0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthTx + } + postIndex := iNdEx + msglen + if postIndex < 0 { + return ErrInvalidLengthTx + } + if postIndex > l { + return io.ErrUnexpectedEOF + } + if m.InfractionBlockHeader == nil { + m.InfractionBlockHeader = &types.Header{} + } + if err := m.InfractionBlockHeader.Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipTx(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthTx + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} +func (m *MsgSubmitConsumerDoubleVotingResponse) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowTx + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= uint64(b&0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: MsgSubmitConsumerDoubleVotingResponse: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: MsgSubmitConsumerDoubleVotingResponse: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + default: + iNdEx = preIndex + skippy, err := skipTx(dAtA[iNdEx:]) + if err != nil { + return err + } + if (skippy < 0) || (iNdEx+skippy) < 0 { + return ErrInvalidLengthTx + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipTx(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 diff --git a/x/ccv/types/events.go b/x/ccv/types/events.go index df91333fa0..e38300dcb9 100644 --- a/x/ccv/types/events.go +++ b/x/ccv/types/events.go @@ -38,6 +38,8 @@ const ( AttributeMisbehaviourClientId = "misbehaviour_client_id" AttributeMisbehaviourHeight1 = "misbehaviour_height_1" AttributeMisbehaviourHeight2 = "misbehaviour_height_2" + AttributeConsumerDoubleVoting = "consumer_double_voting" + AttributeInfractionBlockHeader = "infraction_block_header" AttributeDistributionCurrentHeight = "current_distribution_height" AttributeDistributionNextHeight = "next_distribution_height" From 890e8b2df66a4e6e3fcb4b2a0f8914294a990ded Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Tue, 22 Aug 2023 11:27:42 +0200 Subject: [PATCH 02/29] add first draft handling logic --- .../ccv/provider/v1/tx.proto | 2 +- x/ccv/provider/client/cli/tx.go | 9 +- x/ccv/provider/keeper/doube_vote.go | 91 ++++++++++++++++++- x/ccv/provider/types/msg.go | 7 +- x/ccv/types/errors.go | 1 + 5 files changed, 99 insertions(+), 11 deletions(-) diff --git a/proto/interchain_security/ccv/provider/v1/tx.proto b/proto/interchain_security/ccv/provider/v1/tx.proto index e3aa8aeea5..42f642fa74 100644 --- a/proto/interchain_security/ccv/provider/v1/tx.proto +++ b/proto/interchain_security/ccv/provider/v1/tx.proto @@ -73,7 +73,7 @@ message MsgSubmitConsumerDoubleVoting { // The equivocation of the consumer chain wrapping // an evidence of a validator that signed two conflicting votes tendermint.types.DuplicateVoteEvidence duplicate_vote_evidence = 2; - // Unused but still here to not break the wire + // The light client header of the infraction block ibc.lightclients.tendermint.v1.Header infraction_block_header = 3; } diff --git a/x/ccv/provider/client/cli/tx.go b/x/ccv/provider/client/cli/tx.go index 7b5f3ec79f..58ddec4bd8 100644 --- a/x/ccv/provider/client/cli/tx.go +++ b/x/ccv/provider/client/cli/tx.go @@ -171,11 +171,10 @@ func NewSubmitConsumerDoubleVotingCmd() *cobra.Command { return err } - // TODO: uncomment this when the infraction header is used - // var header ibctmtypes.Header - // if err := clientCtx.Codec.UnmarshalInterfaceJSON([]byte(args[2]), &header); err != nil { - // return err - // } + var header ibctmtypes.Header + if err := clientCtx.Codec.UnmarshalInterfaceJSON([]byte(args[2]), &header); err != nil { + return err + } msg, err := types.NewMsgSubmitConsumerDoubleVoting(submitter, ev, nil) if err != nil { diff --git a/x/ccv/provider/keeper/doube_vote.go b/x/ccv/provider/keeper/doube_vote.go index f18461c06f..83c41df4e5 100644 --- a/x/ccv/provider/keeper/doube_vote.go +++ b/x/ccv/provider/keeper/doube_vote.go @@ -1,13 +1,22 @@ package keeper import ( + "bytes" + "fmt" + "time" + sdk "github.com/cosmos/cosmos-sdk/types" + sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" + "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" + ccvtypes "github.com/cosmos/interchain-security/v2/x/ccv/types" tmproto "github.com/tendermint/tendermint/proto/tendermint/types" + tmtypes "github.com/tendermint/tendermint/types" ) // header infraction heaader -func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmproto.DuplicateVoteEvidence, _ *ibctmtypes.Header) error { +func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmproto.DuplicateVoteEvidence, h *ibctmtypes.Header) error { + h.Header.ChainID // TODO: check header against consumer chain client states // ev, err := tmtypes.DuplicateVoteEvidenceFromProto(evidence) @@ -37,3 +46,83 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmproto.Du return nil } + +func (k Keeper) HandleConsensusEquivocation(ctx sdk.Context, evidence tmtypes.DuplicateVoteEvidence, chainID string) error { + // default evidence params in CometBFT see https://github.com/cometbft/cometbft/blob/main/types/params.go#L107 + MAX_AGE_NUM_BLOCKS := int64(1000000) + MAX_AGE_DURATION := 48 * time.Hour + + height := ctx.BlockHeight() + blockTime := ctx.BlockTime() + ageNumBlocks := height - evidence.Height() + + // check that the evidence hasn't expired + if ageNumBlocks > MAX_AGE_NUM_BLOCKS { + return sdkerrors.Wrapf( + ccvtypes.ErrInvalidEvidence, + "evidence from height %d (created at: %v) is too old; min height is %d and evidence can not be older than %v", + evidence.Height(), + evidence.Time(), + height-MAX_AGE_NUM_BLOCKS, + height, + blockTime.Add(MAX_AGE_DURATION), + ) + } + + // H/R/S must be the same + if evidence.VoteA.Height != evidence.VoteB.Height || + evidence.VoteA.Round != evidence.VoteB.Round || + evidence.VoteA.Type != evidence.VoteB.Type { + return sdkerrors.Wrapf( + ccvtypes.ErrInvalidEvidence, + "h/r/s does not match: %d/%d/%v vs %d/%d/%v", + evidence.VoteA.Height, evidence.VoteA.Round, evidence.VoteA.Type, + evidence.VoteB.Height, evidence.VoteB.Round, evidence.VoteB.Type) + } + + // Address must be the same + if !bytes.Equal(evidence.VoteA.ValidatorAddress, evidence.VoteB.ValidatorAddress) { + return sdkerrors.Wrapf( + ccvtypes.ErrInvalidEvidence, + "validator addresses do not match: %X vs %X", + evidence.VoteA.ValidatorAddress, + evidence.VoteB.ValidatorAddress, + ) + } + + // BlockIDs must be different + if evidence.VoteA.BlockID.Equals(evidence.VoteB.BlockID) { + return sdkerrors.Wrapf( + ccvtypes.ErrInvalidEvidence, + "block IDs are the same (%v) - not a real duplicate vote", + evidence.VoteA.BlockID, + ) + } + + // convert consumer validator address to provider adddress + consumerAddr := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress.Bytes())) + providerAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consumerAddr) + val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) + + logger := k.Logger(ctx) + + if !ok || val.IsUnbonded() { + logger.Error("validator not found or is unbonded", providerAddr.String()) + return nil + } + + pubkey, err := val.ConsPubKey() + + va := evidence.VoteA.ToProto() + vb := evidence.VoteB.ToProto() + // Signatures must be valid + // RELAYER SEND EVIDENCE + CHAINID + if !pubKey.VerifySignature(tmtypes.VoteSignBytes(chainID, va), evidence.VoteA.Signature) { + return fmt.Errorf("verifying VoteA: %w", tmtypes.ErrVoteInvalidSignature) + } + if !pubKey.VerifySignature(tmtypes.VoteSignBytes(chainID, vb), evidence.VoteB.Signature) { + return fmt.Errorf("verifying VoteB: %w", tmtypes.ErrVoteInvalidSignature) + } + + return nil +} diff --git a/x/ccv/provider/types/msg.go b/x/ccv/provider/types/msg.go index 854876c56a..54588a0153 100644 --- a/x/ccv/provider/types/msg.go +++ b/x/ccv/provider/types/msg.go @@ -211,10 +211,9 @@ func (msg MsgSubmitConsumerDoubleVoting) ValidateBasic() error { return fmt.Errorf("duplicate evidence cannot be nil") } - // TODO: uncomment this when the infraction header is used - // if msg.InfractionBlockHeader.Header == nil { - // return fmt.Errorf("double-vote evidence header cannot be nil") - // } + if msg.InfractionBlockHeader.Header == nil { + return fmt.Errorf("double-vote evidence header cannot be nil") + } return nil } diff --git a/x/ccv/types/errors.go b/x/ccv/types/errors.go index 79c0e1e31c..310383afa9 100644 --- a/x/ccv/types/errors.go +++ b/x/ccv/types/errors.go @@ -25,4 +25,5 @@ var ( ErrClientNotFound = errorsmod.Register(ModuleName, 18, "client not found") ErrDuplicateConsumerChain = errorsmod.Register(ModuleName, 19, "consumer chain already exists") ErrConsumerChainNotFound = errorsmod.Register(ModuleName, 20, "consumer chain not found") + ErrInvalidEvidence = errorsmod.Register(ModuleName, 21, "invalid consumer double vote evidence") ) From 5446088cc7caaa295fad60c9b74631301f87b83e Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Tue, 22 Aug 2023 16:30:52 +0200 Subject: [PATCH 03/29] first iteration of double voting --- x/ccv/provider/keeper/doube_vote.go | 60 ++++++++++------------ x/ccv/provider/keeper/misbehaviour.go | 32 +++--------- x/ccv/provider/keeper/msg_server.go | 9 +++- x/ccv/provider/keeper/punish_validators.go | 36 +++++++++++++ 4 files changed, 78 insertions(+), 59 deletions(-) create mode 100644 x/ccv/provider/keeper/punish_validators.go diff --git a/x/ccv/provider/keeper/doube_vote.go b/x/ccv/provider/keeper/doube_vote.go index 83c41df4e5..f7986e31ea 100644 --- a/x/ccv/provider/keeper/doube_vote.go +++ b/x/ccv/provider/keeper/doube_vote.go @@ -10,44 +10,33 @@ import ( ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ccvtypes "github.com/cosmos/interchain-security/v2/x/ccv/types" - tmproto "github.com/tendermint/tendermint/proto/tendermint/types" tmtypes "github.com/tendermint/tendermint/types" ) -// header infraction heaader -func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmproto.DuplicateVoteEvidence, h *ibctmtypes.Header) error { - h.Header.ChainID - // TODO: check header against consumer chain client states +// HandleConsumerDoubleVoting verifies a double voting evidence for a given a consumer chain and, +// if successful, executes the the jailing and the tombstoning of the malicious validator +func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, h *ibctmtypes.Header) error { + chainID := h.Header.ChainID - // ev, err := tmtypes.DuplicateVoteEvidenceFromProto(evidence) - // if err != nil { - // return err - // } - - // TODO: figure out if the evidence age must be checked - // if err := tmev.VerifyDuplicateVote(ev, header.Header.ChainID, valset); err != nil { - // return err - // } - - // CONVERT CONSUMER ADDRESS TO PROVIDER ADDRESS - - // consuAddress := sdk.ConsAddress(evidence.VoteA.GetValidatorAddress()) - // chainID := header.Header.ChainID - - // k.JailConsumerValidator(ctx, chainID, consuAddress) + if err := k.VerifyDoubleVoting(ctx, *evidence, chainID); err != nil { + return nil + } - // provAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consuAddress) + consuAddress := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress)) + k.JailAndTombstoneByConsumerAddress(ctx, consuAddress, chainID) + provAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consuAddress) - // logger := ctx.Logger() - // logger.Info( - // "confirmed equivocation", - // "byzantine validator address", provAddr, - // ) + logger := ctx.Logger() + logger.Info( + "confirmed equivocation", + "byzantine validator address", provAddr, + ) return nil } -func (k Keeper) HandleConsensusEquivocation(ctx sdk.Context, evidence tmtypes.DuplicateVoteEvidence, chainID string) error { +// VerifyEquivocation verifies the equivocation for the given chain id +func (k Keeper) VerifyDoubleVoting(ctx sdk.Context, evidence tmtypes.DuplicateVoteEvidence, chainID string) error { // default evidence params in CometBFT see https://github.com/cometbft/cometbft/blob/main/types/params.go#L107 MAX_AGE_NUM_BLOCKS := int64(1000000) MAX_AGE_DURATION := 48 * time.Hour @@ -64,7 +53,6 @@ func (k Keeper) HandleConsensusEquivocation(ctx sdk.Context, evidence tmtypes.Du evidence.Height(), evidence.Time(), height-MAX_AGE_NUM_BLOCKS, - height, blockTime.Add(MAX_AGE_DURATION), ) } @@ -106,21 +94,27 @@ func (k Keeper) HandleConsensusEquivocation(ctx sdk.Context, evidence tmtypes.Du logger := k.Logger(ctx) + // why aren't we returning an error here ? if !ok || val.IsUnbonded() { logger.Error("validator not found or is unbonded", providerAddr.String()) return nil } + // use the validator consumer validator pubkeys to verify the signatures pubkey, err := val.ConsPubKey() + if err != nil { + logger.Error(err.Error()) // why aren't we returning an error here ? + return nil + } va := evidence.VoteA.ToProto() vb := evidence.VoteB.ToProto() - // Signatures must be valid - // RELAYER SEND EVIDENCE + CHAINID - if !pubKey.VerifySignature(tmtypes.VoteSignBytes(chainID, va), evidence.VoteA.Signature) { + + // signatures must be valid + if !pubkey.VerifySignature(tmtypes.VoteSignBytes(chainID, va), evidence.VoteA.Signature) { return fmt.Errorf("verifying VoteA: %w", tmtypes.ErrVoteInvalidSignature) } - if !pubKey.VerifySignature(tmtypes.VoteSignBytes(chainID, vb), evidence.VoteB.Signature) { + if !pubkey.VerifySignature(tmtypes.VoteSignBytes(chainID, vb), evidence.VoteB.Signature) { return fmt.Errorf("verifying VoteB: %w", tmtypes.ErrVoteInvalidSignature) } diff --git a/x/ccv/provider/keeper/misbehaviour.go b/x/ccv/provider/keeper/misbehaviour.go index 4d8f517e95..efdcf7562c 100644 --- a/x/ccv/provider/keeper/misbehaviour.go +++ b/x/ccv/provider/keeper/misbehaviour.go @@ -7,7 +7,6 @@ import ( sdk "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" - evidencetypes "github.com/cosmos/cosmos-sdk/x/evidence/types" ibcclienttypes "github.com/cosmos/ibc-go/v4/modules/core/02-client/types" ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" tmtypes "github.com/tendermint/tendermint/types" @@ -35,36 +34,19 @@ func (k Keeper) HandleConsumerMisbehaviour(ctx sdk.Context, misbehaviour ibctmty return err } + chainID := misbehaviour.Header1.Header.ChainID + provAddrs := make([]types.ProviderConsAddress, len(byzantineValidators)) + // jail and tombstone the Byzantine validators for _, v := range byzantineValidators { - // convert consumer consensus address - consumerAddr := types.NewConsumerConsAddress(sdk.ConsAddress(v.Address.Bytes())) - providerAddr := k.GetProviderAddrFromConsumerAddr(ctx, misbehaviour.Header1.Header.ChainID, consumerAddr) - val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) - - if !ok || val.IsUnbonded() { - logger.Error("validator not found or is unbonded", providerAddr.String()) - continue - } - - // jail validator if not already - if !val.IsJailed() { - k.stakingKeeper.Jail(ctx, providerAddr.ToSdkConsAddr()) - } - - // tombstone validator if not already - if !k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { - k.slashingKeeper.Tombstone(ctx, providerAddr.ToSdkConsAddr()) - k.Logger(ctx).Info("validator tombstoned", "provider cons addr", providerAddr.String()) - } - - // update jail time to end after double sign jail duration - k.slashingKeeper.JailUntil(ctx, providerAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime) + consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(v.Address.Bytes())) + k.JailAndTombstoneByConsumerAddress(ctx, consuAddr, chainID) + provAddrs = append(provAddrs, k.GetProviderAddrFromConsumerAddr(ctx, chainID, consuAddr)) } logger.Info( "confirmed equivocation light client attack", - "byzantine validators", byzantineValidators, + "byzantine validators", provAddrs, ) return nil diff --git a/x/ccv/provider/keeper/msg_server.go b/x/ccv/provider/keeper/msg_server.go index a4adc36b5b..5863ff8b2c 100644 --- a/x/ccv/provider/keeper/msg_server.go +++ b/x/ccv/provider/keeper/msg_server.go @@ -10,6 +10,7 @@ import ( "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ccvtypes "github.com/cosmos/interchain-security/v2/x/ccv/types" tmprotocrypto "github.com/tendermint/tendermint/proto/tendermint/crypto" + tmtypes "github.com/tendermint/tendermint/types" ) type msgServer struct { @@ -149,7 +150,13 @@ func (k msgServer) SubmitConsumerMisbehaviour(goCtx context.Context, msg *types. func (k msgServer) SubmitConsumerDoubleVoting(goCtx context.Context, msg *types.MsgSubmitConsumerDoubleVoting) (*types.MsgSubmitConsumerDoubleVotingResponse, error) { ctx := sdk.UnwrapSDKContext(goCtx) - if err := k.Keeper.HandleConsumerDoubleVoting(ctx, msg.DuplicateVoteEvidence, msg.InfractionBlockHeader); err != nil { + + evidence, err := tmtypes.DuplicateVoteEvidenceFromProto(msg.DuplicateVoteEvidence) + if err != nil { + return nil, err + } + + if err := k.Keeper.HandleConsumerDoubleVoting(ctx, evidence, msg.InfractionBlockHeader); err != nil { return &types.MsgSubmitConsumerDoubleVotingResponse{}, err } diff --git a/x/ccv/provider/keeper/punish_validators.go b/x/ccv/provider/keeper/punish_validators.go new file mode 100644 index 0000000000..901867a346 --- /dev/null +++ b/x/ccv/provider/keeper/punish_validators.go @@ -0,0 +1,36 @@ +package keeper + +import ( + sdk "github.com/cosmos/cosmos-sdk/types" + evidencetypes "github.com/cosmos/cosmos-sdk/x/evidence/types" + "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" +) + +// JailAndTombstoneByConsumerAddress jails and tombstones the validator assigned to the given consumer chain address +func (k Keeper) JailAndTombstoneByConsumerAddress(ctx sdk.Context, consumerAddr types.ConsumerConsAddress, chainID string) error { + logger := k.Logger(ctx) + + // jail and tombstone the Byzantine validators + providerAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consumerAddr) + val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) + + if !ok || val.IsUnbonded() { + logger.Error("validator not found or is unbonded", providerAddr.String()) + } + + // jail validator if not already + if !val.IsJailed() { + k.stakingKeeper.Jail(ctx, providerAddr.ToSdkConsAddr()) + } + + // tombstone validator if not already + if !k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { + k.slashingKeeper.Tombstone(ctx, providerAddr.ToSdkConsAddr()) + k.Logger(ctx).Info("validator tombstoned", "provider cons addr", providerAddr.String()) + } + + // update jail time to end after double sign jail duration + k.slashingKeeper.JailUntil(ctx, providerAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime) + + return nil +} From 0d564d1c1d40ca0179db798e6bcd5b7ff9c7582b Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Wed, 23 Aug 2023 09:00:37 +0200 Subject: [PATCH 04/29] draft first mem test --- tests/integration/double_vote.go | 84 +++++++++++++++++++ testutil/integration/debug_test.go | 10 ++- .../keeper/{doube_vote.go => double_vote.go} | 16 ++-- 3 files changed, 104 insertions(+), 6 deletions(-) create mode 100644 tests/integration/double_vote.go rename x/ccv/provider/keeper/{doube_vote.go => double_vote.go} (93%) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go new file mode 100644 index 0000000000..d3619de3df --- /dev/null +++ b/tests/integration/double_vote.go @@ -0,0 +1,84 @@ +package integration + +import ( + "github.com/tendermint/tendermint/crypto/tmhash" + tmtypes "github.com/tendermint/tendermint/types" +) + +func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { + s.SetupCCVChannel(s.path) + // required to have the consumer client revision height greater than 0 + s.SendEmptyVSCPacket() + + // create signing info for all validators + for _, v := range s.providerChain.Vals.Validators { + s.setDefaultValSigningInfo(*v) + } + + valSet, err := tmtypes.ValidatorSetFromProto(s.consumerChain.LastHeader.ValidatorSet) + s.Require().NoError(err) + + val := valSet.Validators[0] + signer := s.consumerChain.Signers[val.Address.String()] + + blockID1 := makeBlockID([]byte("blockhash"), 1000, []byte("partshash")) + blockID2 := makeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) + + vote1, err := tmtypes.MakeVote( + s.consumerCtx().BlockHeight(), + blockID1, + valSet, + signer, + s.consumerChain.ChainID, + s.consumerCtx().BlockTime(), + ) + + s.Require().NoError(err) + + v1 := vote1.ToProto() + err = signer.SignVote(s.consumerChain.ChainID, v1) + s.Require().NoError(err) + + badVote, err := tmtypes.MakeVote( + s.consumerCtx().BlockHeight(), + blockID2, + valSet, + signer, + s.consumerChain.ChainID, + s.consumerCtx().BlockTime(), + ) + + s.Require().NoError(err) + + bv := badVote.ToProto() + err = signer.SignVote(s.consumerChain.ChainID, bv) + s.Require().NoError(err) + + evidence := &tmtypes.DuplicateVoteEvidence{ + VoteA: vote1, + VoteB: badVote, + ValidatorPower: val.ProposerPriority, + TotalVotingPower: val.ProposerPriority, + Timestamp: s.consumerCtx().BlockTime(), + } + + err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting(s.providerCtx(), evidence, s.consumerChain.LastHeader) + s.Require().NoError(err) + +} + +func makeBlockID(hash []byte, partSetSize uint32, partSetHash []byte) tmtypes.BlockID { + var ( + h = make([]byte, tmhash.Size) + psH = make([]byte, tmhash.Size) + ) + copy(h, hash) + copy(psH, partSetHash) + return tmtypes.BlockID{ + Hash: h, + PartSetHeader: tmtypes.PartSetHeader{ + Total: partSetSize, + Hash: psH, + }, + } +} diff --git a/testutil/integration/debug_test.go b/testutil/integration/debug_test.go index 2d9421300b..916b8fd9e8 100644 --- a/testutil/integration/debug_test.go +++ b/testutil/integration/debug_test.go @@ -258,7 +258,7 @@ func TestRecycleTransferChannel(t *testing.T) { } // -// Misbehaviour test +// Misbehaviour tests // func TestHandleConsumerMisbehaviour(t *testing.T) { @@ -272,3 +272,11 @@ func TestGetByzantineValidators(t *testing.T) { func TestCheckMisbehaviour(t *testing.T) { runCCVTestByName(t, "TestCheckMisbehaviour") } + +// +// Equivocation tests +// + +func TestHandleConsumerDoubleVoting(t *testing.T) { + runCCVTestByName(t, "TestHandleConsumerDoubleVoting") +} diff --git a/x/ccv/provider/keeper/doube_vote.go b/x/ccv/provider/keeper/double_vote.go similarity index 93% rename from x/ccv/provider/keeper/doube_vote.go rename to x/ccv/provider/keeper/double_vote.go index f7986e31ea..0407af6d67 100644 --- a/x/ccv/provider/keeper/doube_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -19,11 +19,17 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.Du chainID := h.Header.ChainID if err := k.VerifyDoubleVoting(ctx, *evidence, chainID); err != nil { - return nil + return err } + // TODO optimize this to convert consumer address only once + // but also remember that the jailing method is called in misbehaviour also consuAddress := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress)) - k.JailAndTombstoneByConsumerAddress(ctx, consuAddress, chainID) + + // catch errors + if err := k.JailAndTombstoneByConsumerAddress(ctx, consuAddress, chainID); err != nil { + return err + } provAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consuAddress) logger := ctx.Logger() @@ -87,13 +93,13 @@ func (k Keeper) VerifyDoubleVoting(ctx sdk.Context, evidence tmtypes.DuplicateVo ) } + logger := k.Logger(ctx) + // convert consumer validator address to provider adddress consumerAddr := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress.Bytes())) providerAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consumerAddr) val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) - logger := k.Logger(ctx) - // why aren't we returning an error here ? if !ok || val.IsUnbonded() { logger.Error("validator not found or is unbonded", providerAddr.String()) @@ -103,7 +109,7 @@ func (k Keeper) VerifyDoubleVoting(ctx sdk.Context, evidence tmtypes.DuplicateVo // use the validator consumer validator pubkeys to verify the signatures pubkey, err := val.ConsPubKey() if err != nil { - logger.Error(err.Error()) // why aren't we returning an error here ? + logger.Error(err.Error()) // why aren't we returning an error here ? RETURN ERRORS return nil } From 2d16ede5992df8b4e90d68500e0a1fbe11f1fc60 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Wed, 23 Aug 2023 10:45:32 +0200 Subject: [PATCH 05/29] error handling --- x/ccv/provider/keeper/double_vote.go | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 0407af6d67..592411f184 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -5,6 +5,7 @@ import ( "fmt" "time" + cryptocodec "github.com/cosmos/cosmos-sdk/crypto/codec" sdk "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" @@ -25,8 +26,6 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.Du // TODO optimize this to convert consumer address only once // but also remember that the jailing method is called in misbehaviour also consuAddress := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress)) - - // catch errors if err := k.JailAndTombstoneByConsumerAddress(ctx, consuAddress, chainID); err != nil { return err } @@ -93,26 +92,32 @@ func (k Keeper) VerifyDoubleVoting(ctx sdk.Context, evidence tmtypes.DuplicateVo ) } - logger := k.Logger(ctx) - // convert consumer validator address to provider adddress consumerAddr := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress.Bytes())) providerAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consumerAddr) val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) - // why aren't we returning an error here ? if !ok || val.IsUnbonded() { - logger.Error("validator not found or is unbonded", providerAddr.String()) - return nil + return fmt.Errorf("validator not found or is unbonded: %s", providerAddr.String()) + } + + // use the validator consumer chain public key to verify the signature + tmpk, ok := k.GetValidatorConsumerPubKey(ctx, chainID, providerAddr) + if !ok { + return fmt.Errorf("cannot find public key for validator %s and consumer chain %s", providerAddr.String(), chainID) } - // use the validator consumer validator pubkeys to verify the signatures - pubkey, err := val.ConsPubKey() + pubkey, err := cryptocodec.FromTmProtoPublicKey(tmpk) if err != nil { - logger.Error(err.Error()) // why aren't we returning an error here ? RETURN ERRORS - return nil + return err } + // pubkey, err := val.ConsPubKey() + // if err != nil { + // logger.Error(err.Error()) // why aren't we returning an error here ? RETURN ERRORS + // return nil + // } + va := evidence.VoteA.ToProto() vb := evidence.VoteB.ToProto() From e723911943992990eaecd00bc90501fbeac22da6 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Wed, 23 Aug 2023 14:37:29 +0200 Subject: [PATCH 06/29] refactor --- x/ccv/provider/keeper/double_vote.go | 42 +++++++++++----------- x/ccv/provider/keeper/misbehaviour.go | 10 ++++-- x/ccv/provider/keeper/punish_validators.go | 25 +++++++------ 3 files changed, 40 insertions(+), 37 deletions(-) diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 592411f184..b8dc16318b 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -19,29 +19,33 @@ import ( func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, h *ibctmtypes.Header) error { chainID := h.Header.ChainID - if err := k.VerifyDoubleVoting(ctx, *evidence, chainID); err != nil { - return err - } + providerAddr := k.GetProviderAddrFromConsumerAddr( + ctx, + chainID, + types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress.Bytes())), + ) - // TODO optimize this to convert consumer address only once - // but also remember that the jailing method is called in misbehaviour also - consuAddress := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress)) - if err := k.JailAndTombstoneByConsumerAddress(ctx, consuAddress, chainID); err != nil { + if err := k.VerifyDoubleVoting(ctx, *evidence, chainID, providerAddr); err != nil { return err } - provAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consuAddress) - logger := ctx.Logger() - logger.Info( + k.JailAndTombstoneValidator(ctx, providerAddr, chainID) + + k.Logger(ctx).Info( "confirmed equivocation", - "byzantine validator address", provAddr, + "byzantine validator address", providerAddr, ) return nil } // VerifyEquivocation verifies the equivocation for the given chain id -func (k Keeper) VerifyDoubleVoting(ctx sdk.Context, evidence tmtypes.DuplicateVoteEvidence, chainID string) error { +func (k Keeper) VerifyDoubleVoting( + ctx sdk.Context, + evidence tmtypes.DuplicateVoteEvidence, + chainID string, + providerAddr types.ProviderConsAddress, +) error { // default evidence params in CometBFT see https://github.com/cometbft/cometbft/blob/main/types/params.go#L107 MAX_AGE_NUM_BLOCKS := int64(1000000) MAX_AGE_DURATION := 48 * time.Hour @@ -92,16 +96,12 @@ func (k Keeper) VerifyDoubleVoting(ctx sdk.Context, evidence tmtypes.DuplicateVo ) } - // convert consumer validator address to provider adddress - consumerAddr := types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress.Bytes())) - providerAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consumerAddr) - val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) - - if !ok || val.IsUnbonded() { - return fmt.Errorf("validator not found or is unbonded: %s", providerAddr.String()) - } + // val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) + // if !ok || val.IsUnbonded() { + // return fmt.Errorf("validator not found or is unbonded: %s", providerAddr.String()) + // } - // use the validator consumer chain public key to verify the signature + // get the public key assigned to the validator for the consumer chain tmpk, ok := k.GetValidatorConsumerPubKey(ctx, chainID, providerAddr) if !ok { return fmt.Errorf("cannot find public key for validator %s and consumer chain %s", providerAddr.String(), chainID) diff --git a/x/ccv/provider/keeper/misbehaviour.go b/x/ccv/provider/keeper/misbehaviour.go index efdcf7562c..5cafa49bd6 100644 --- a/x/ccv/provider/keeper/misbehaviour.go +++ b/x/ccv/provider/keeper/misbehaviour.go @@ -39,9 +39,13 @@ func (k Keeper) HandleConsumerMisbehaviour(ctx sdk.Context, misbehaviour ibctmty // jail and tombstone the Byzantine validators for _, v := range byzantineValidators { - consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(v.Address.Bytes())) - k.JailAndTombstoneByConsumerAddress(ctx, consuAddr, chainID) - provAddrs = append(provAddrs, k.GetProviderAddrFromConsumerAddr(ctx, chainID, consuAddr)) + providerAddr := k.GetProviderAddrFromConsumerAddr( + ctx, + chainID, + types.NewConsumerConsAddress(sdk.ConsAddress(v.Address.Bytes())), + ) + k.JailAndTombstoneValidator(ctx, providerAddr, chainID) + provAddrs = append(provAddrs, providerAddr) } logger.Info( diff --git a/x/ccv/provider/keeper/punish_validators.go b/x/ccv/provider/keeper/punish_validators.go index 901867a346..4fe8cf13eb 100644 --- a/x/ccv/provider/keeper/punish_validators.go +++ b/x/ccv/provider/keeper/punish_validators.go @@ -6,16 +6,21 @@ import ( "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ) -// JailAndTombstoneByConsumerAddress jails and tombstones the validator assigned to the given consumer chain address -func (k Keeper) JailAndTombstoneByConsumerAddress(ctx sdk.Context, consumerAddr types.ConsumerConsAddress, chainID string) error { +// JailAndTombstoneValidator jails and tombstones the validator for the given provider consensus chain address +func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.ProviderConsAddress, chainID string) { logger := k.Logger(ctx) - // jail and tombstone the Byzantine validators - providerAddr := k.GetProviderAddrFromConsumerAddr(ctx, chainID, consumerAddr) + // get validator val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) - if !ok || val.IsUnbonded() { logger.Error("validator not found or is unbonded", providerAddr.String()) + return + } + + // tombstone validator if not already + if k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { + k.Logger(ctx).Info("validator is already tombstoned", "provider cons addr", providerAddr.String()) + return } // jail validator if not already @@ -23,14 +28,8 @@ func (k Keeper) JailAndTombstoneByConsumerAddress(ctx sdk.Context, consumerAddr k.stakingKeeper.Jail(ctx, providerAddr.ToSdkConsAddr()) } - // tombstone validator if not already - if !k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { - k.slashingKeeper.Tombstone(ctx, providerAddr.ToSdkConsAddr()) - k.Logger(ctx).Info("validator tombstoned", "provider cons addr", providerAddr.String()) - } - // update jail time to end after double sign jail duration k.slashingKeeper.JailUntil(ctx, providerAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime) - - return nil + // tombstone validator + k.slashingKeeper.Tombstone(ctx, providerAddr.ToSdkConsAddr()) } From 8551d9e64018d4045486129d02a0a8714888b8f9 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Wed, 23 Aug 2023 16:35:47 +0200 Subject: [PATCH 07/29] add unit test of double voting verification --- tests/integration/double_vote.go | 309 ++++++++++++++++++++- testutil/integration/debug_test.go | 4 + x/ccv/provider/keeper/double_vote.go | 16 +- x/ccv/provider/keeper/punish_validators.go | 2 +- 4 files changed, 315 insertions(+), 16 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index d3619de3df..a327826c1d 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -1,6 +1,10 @@ package integration import ( + "time" + + sdk "github.com/cosmos/cosmos-sdk/types" + "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" "github.com/tendermint/tendermint/crypto/tmhash" tmtypes "github.com/tendermint/tendermint/types" ) @@ -57,16 +61,287 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { evidence := &tmtypes.DuplicateVoteEvidence{ VoteA: vote1, VoteB: badVote, - ValidatorPower: val.ProposerPriority, - TotalVotingPower: val.ProposerPriority, + ValidatorPower: val.VotingPower, + TotalVotingPower: val.VotingPower, Timestamp: s.consumerCtx().BlockTime(), } + vote1.Signature = v1.Signature + badVote.Signature = bv.Signature + err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting(s.providerCtx(), evidence, s.consumerChain.LastHeader) s.Require().NoError(err) + consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(val.Address.Bytes())) + provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) + s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) + s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) +} + +func (s *CCVTestSuite) TestVerifyDoubleVoting() { + s.SetupCCVChannel(s.path) + // required to have the consumer client revision height greater than 0 + s.SendEmptyVSCPacket() + + valSet, err := tmtypes.ValidatorSetFromProto(s.consumerChain.LastHeader.ValidatorSet) + s.Require().NoError(err) + + val := valSet.Validators[0] + signer := s.consumerChain.Signers[val.Address.String()] + val2 := valSet.Validators[1] + signer2 := s.consumerChain.Signers[val2.Address.String()] + + blockID1 := makeBlockID([]byte("blockhash"), 1000, []byte("partshash")) + blockID2 := makeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) + + consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(val.Address.Bytes())) + provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) + + testCases := []struct { + name string + currBlockHeight int64 + providerAddr types.ProviderConsAddress + evTimestamp time.Time + votes []*tmtypes.Vote + chainID string + expPass bool + }{ + { + "expired evidence - shouldn't pass", + s.consumerCtx().BlockHeight() + 10000001, + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + }, + s.consumerChain.ChainID, + false, + }, + { + "votes with different block height - shouldn't pass", + s.consumerCtx().BlockHeight(), + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight()+1, + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + }, + s.consumerChain.ChainID, + false, + }, + { + "votes with different validator address - shouldn't pass", + s.consumerCtx().BlockHeight(), + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer2, + s.consumerChain.ChainID, + ), + }, + s.consumerChain.ChainID, + false, + }, + { + "votes with same block IDs - shouldn't pass", + s.consumerCtx().BlockHeight(), + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + }, + s.consumerChain.ChainID, + false, + }, + { + "no consumer chain for given chain ID - shouldn't pass", + s.consumerCtx().BlockHeight(), + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + }, + "WrongChainID", + false, + }, + { + "voteA signed with wrong chain ID doesn't exist - shouldn't pass", + s.consumerCtx().BlockHeight(), + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + "WrongChainID", + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + }, + s.consumerChain.ChainID, + false, + }, + { + "voteB signed with wrong chain ID - shouldn't pass", + s.consumerCtx().BlockHeight(), + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + "WrongChainID", + ), + }, + s.consumerChain.ChainID, + false, + }, + { + "valid evidence should pass", + s.consumerCtx().BlockHeight(), + provAddr, + s.consumerCtx().BlockTime(), + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + }, + s.consumerChain.ChainID, + true, + }, + } + + for _, tc := range testCases { + s.Run(tc.name, func() { + ctx := s.providerCtx().WithBlockHeight(tc.currBlockHeight) + err := s.providerApp.GetProviderKeeper().VerifyDoubleVoting( + ctx, + tmtypes.DuplicateVoteEvidence{ + VoteA: tc.votes[0], + VoteB: tc.votes[1], + ValidatorPower: val.VotingPower, + TotalVotingPower: val.VotingPower, + Timestamp: s.consumerCtx().BlockTime(), + }, + tc.chainID, + tc.providerAddr, + ) + if tc.expPass { + s.Require().NoError(err) + } else { + s.Require().Error(err) + } + }) + } } +// utility function duplicated from CometBFT +// see https://github.com/cometbft/cometbft/blob/main/evidence/verify_test.go#L554 func makeBlockID(hash []byte, partSetSize uint32, partSetHash []byte) tmtypes.BlockID { var ( h = make([]byte, tmhash.Size) @@ -82,3 +357,33 @@ func makeBlockID(hash []byte, partSetSize uint32, partSetHash []byte) tmtypes.Bl }, } } + +func makeAndSignVote( + blockID tmtypes.BlockID, + blockHeight int64, + blockTime time.Time, + valSet *tmtypes.ValidatorSet, + signer tmtypes.PrivValidator, + chainID string, +) *tmtypes.Vote { + vote, err := tmtypes.MakeVote( + blockHeight, + blockID, + valSet, + signer, + chainID, + blockTime, + ) + if err != nil { + panic(err) + } + + v := vote.ToProto() + err = signer.SignVote(chainID, v) + if err != nil { + panic(err) + } + + vote.Signature = v.Signature + return vote +} diff --git a/testutil/integration/debug_test.go b/testutil/integration/debug_test.go index 916b8fd9e8..6e78618fa4 100644 --- a/testutil/integration/debug_test.go +++ b/testutil/integration/debug_test.go @@ -280,3 +280,7 @@ func TestCheckMisbehaviour(t *testing.T) { func TestHandleConsumerDoubleVoting(t *testing.T) { runCCVTestByName(t, "TestHandleConsumerDoubleVoting") } + +func TestVerifyDoubleVoting(t *testing.T) { + runCCVTestByName(t, "TestVerifyDoubleVoting") +} diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index b8dc16318b..40d068a082 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -39,7 +39,8 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.Du return nil } -// VerifyEquivocation verifies the equivocation for the given chain id +// VerifyEquivocation verifies the equivocation for the given chain id and +// provider consensus address func (k Keeper) VerifyDoubleVoting( ctx sdk.Context, evidence tmtypes.DuplicateVoteEvidence, @@ -96,12 +97,7 @@ func (k Keeper) VerifyDoubleVoting( ) } - // val, ok := k.stakingKeeper.GetValidatorByConsAddr(ctx, providerAddr.ToSdkConsAddr()) - // if !ok || val.IsUnbonded() { - // return fmt.Errorf("validator not found or is unbonded: %s", providerAddr.String()) - // } - - // get the public key assigned to the validator for the consumer chain + // get the consumer chain public key assigned to the validator tmpk, ok := k.GetValidatorConsumerPubKey(ctx, chainID, providerAddr) if !ok { return fmt.Errorf("cannot find public key for validator %s and consumer chain %s", providerAddr.String(), chainID) @@ -112,12 +108,6 @@ func (k Keeper) VerifyDoubleVoting( return err } - // pubkey, err := val.ConsPubKey() - // if err != nil { - // logger.Error(err.Error()) // why aren't we returning an error here ? RETURN ERRORS - // return nil - // } - va := evidence.VoteA.ToProto() vb := evidence.VoteB.ToProto() diff --git a/x/ccv/provider/keeper/punish_validators.go b/x/ccv/provider/keeper/punish_validators.go index 4fe8cf13eb..94199d0156 100644 --- a/x/ccv/provider/keeper/punish_validators.go +++ b/x/ccv/provider/keeper/punish_validators.go @@ -17,7 +17,7 @@ func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.Pr return } - // tombstone validator if not already + // check that validator isn't already tombstoned if k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { k.Logger(ctx).Info("validator is already tombstoned", "provider cons addr", providerAddr.String()) return From 2ce34de43641a67ef03388d2f521edd6a91df680 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Wed, 23 Aug 2023 18:23:08 +0200 Subject: [PATCH 08/29] remove evidence age checks --- tests/integration/double_vote.go | 55 +++------------------------- x/ccv/provider/keeper/double_vote.go | 20 +--------- 2 files changed, 7 insertions(+), 68 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index a327826c1d..28b60d0516 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -98,45 +98,15 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) testCases := []struct { - name string - currBlockHeight int64 - providerAddr types.ProviderConsAddress - evTimestamp time.Time - votes []*tmtypes.Vote - chainID string - expPass bool + name string + providerAddr types.ProviderConsAddress + votes []*tmtypes.Vote + chainID string + expPass bool }{ - { - "expired evidence - shouldn't pass", - s.consumerCtx().BlockHeight() + 10000001, - provAddr, - s.consumerCtx().BlockTime(), - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - }, - s.consumerChain.ChainID, - false, - }, { "votes with different block height - shouldn't pass", - s.consumerCtx().BlockHeight(), provAddr, - s.consumerCtx().BlockTime(), []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -160,9 +130,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "votes with different validator address - shouldn't pass", - s.consumerCtx().BlockHeight(), provAddr, - s.consumerCtx().BlockTime(), []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -186,9 +154,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "votes with same block IDs - shouldn't pass", - s.consumerCtx().BlockHeight(), provAddr, - s.consumerCtx().BlockTime(), []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -212,9 +178,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "no consumer chain for given chain ID - shouldn't pass", - s.consumerCtx().BlockHeight(), provAddr, - s.consumerCtx().BlockTime(), []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -238,9 +202,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "voteA signed with wrong chain ID doesn't exist - shouldn't pass", - s.consumerCtx().BlockHeight(), provAddr, - s.consumerCtx().BlockTime(), []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -264,9 +226,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "voteB signed with wrong chain ID - shouldn't pass", - s.consumerCtx().BlockHeight(), provAddr, - s.consumerCtx().BlockTime(), []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -290,9 +250,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "valid evidence should pass", - s.consumerCtx().BlockHeight(), provAddr, - s.consumerCtx().BlockTime(), []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -318,9 +276,8 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { for _, tc := range testCases { s.Run(tc.name, func() { - ctx := s.providerCtx().WithBlockHeight(tc.currBlockHeight) err := s.providerApp.GetProviderKeeper().VerifyDoubleVoting( - ctx, + s.providerCtx(), tmtypes.DuplicateVoteEvidence{ VoteA: tc.votes[0], VoteB: tc.votes[1], diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 40d068a082..68a09ba1f7 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -3,7 +3,6 @@ package keeper import ( "bytes" "fmt" - "time" cryptocodec "github.com/cosmos/cosmos-sdk/crypto/codec" sdk "github.com/cosmos/cosmos-sdk/types" @@ -47,25 +46,8 @@ func (k Keeper) VerifyDoubleVoting( chainID string, providerAddr types.ProviderConsAddress, ) error { - // default evidence params in CometBFT see https://github.com/cometbft/cometbft/blob/main/types/params.go#L107 - MAX_AGE_NUM_BLOCKS := int64(1000000) - MAX_AGE_DURATION := 48 * time.Hour - height := ctx.BlockHeight() - blockTime := ctx.BlockTime() - ageNumBlocks := height - evidence.Height() - - // check that the evidence hasn't expired - if ageNumBlocks > MAX_AGE_NUM_BLOCKS { - return sdkerrors.Wrapf( - ccvtypes.ErrInvalidEvidence, - "evidence from height %d (created at: %v) is too old; min height is %d and evidence can not be older than %v", - evidence.Height(), - evidence.Time(), - height-MAX_AGE_NUM_BLOCKS, - blockTime.Add(MAX_AGE_DURATION), - ) - } + // TODO: check the evidence age once we agreed on the infraction height mapping // H/R/S must be the same if evidence.VoteA.Height != evidence.VoteB.Height || From 13c82cc089e8a8e98cf6c33eda4e8bf2a27d5420 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Wed, 23 Aug 2023 19:05:22 +0200 Subject: [PATCH 09/29] document --- tests/integration/double_vote.go | 78 ++++++++++++++------------------ x/ccv/provider/client/cli/tx.go | 4 +- x/ccv/provider/types/msg.go | 4 +- x/ccv/types/errors.go | 2 +- 4 files changed, 40 insertions(+), 48 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index 28b60d0516..f8b6f44362 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -9,7 +9,11 @@ import ( tmtypes "github.com/tendermint/tendermint/types" ) +// TestHandleConsumerDoubleVoting tests that handling double voting evidence +// that occurred on a consumer chain results in the jailing and tombstoning +// of the malicious validators func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { + // Setup a consumer chain s.SetupCCVChannel(s.path) // required to have the consumer client revision height greater than 0 s.SendEmptyVSCPacket() @@ -28,48 +32,36 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { blockID1 := makeBlockID([]byte("blockhash"), 1000, []byte("partshash")) blockID2 := makeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) - vote1, err := tmtypes.MakeVote( - s.consumerCtx().BlockHeight(), - blockID1, - valSet, - signer, - s.consumerChain.ChainID, - s.consumerCtx().BlockTime(), - ) - - s.Require().NoError(err) - - v1 := vote1.ToProto() - err = signer.SignVote(s.consumerChain.ChainID, v1) - s.Require().NoError(err) - - badVote, err := tmtypes.MakeVote( - s.consumerCtx().BlockHeight(), - blockID2, - valSet, - signer, - s.consumerChain.ChainID, - s.consumerCtx().BlockTime(), - ) - - s.Require().NoError(err) - - bv := badVote.ToProto() - err = signer.SignVote(s.consumerChain.ChainID, bv) - s.Require().NoError(err) - + // In order to create an evidence for the configured consumer chain above, + // we create two votes that only differs by their BlockIDs and + // signed them using the same validator and the chain ID of the consumer chain evidence := &tmtypes.DuplicateVoteEvidence{ - VoteA: vote1, - VoteB: badVote, + VoteA: makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), + VoteB: makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ), ValidatorPower: val.VotingPower, TotalVotingPower: val.VotingPower, Timestamp: s.consumerCtx().BlockTime(), } - vote1.Signature = v1.Signature - badVote.Signature = bv.Signature - - err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting(s.providerCtx(), evidence, s.consumerChain.LastHeader) + err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( + s.providerCtx(), + evidence, + s.consumerChain.LastHeader, + ) s.Require().NoError(err) consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(val.Address.Bytes())) @@ -105,7 +97,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { expPass bool }{ { - "votes with different block height - shouldn't pass", + "evidence has votes with different block height - shouldn't pass", provAddr, []*tmtypes.Vote{ makeAndSignVote( @@ -129,7 +121,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "votes with different validator address - shouldn't pass", + "evidence has votes with different validator address - shouldn't pass", provAddr, []*tmtypes.Vote{ makeAndSignVote( @@ -153,7 +145,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "votes with same block IDs - shouldn't pass", + "evidence has votes with same block IDs - shouldn't pass", provAddr, []*tmtypes.Vote{ makeAndSignVote( @@ -177,7 +169,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "no consumer chain for given chain ID - shouldn't pass", + "no consumer chain exists for given chain ID - shouldn't pass", provAddr, []*tmtypes.Vote{ makeAndSignVote( @@ -201,7 +193,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "voteA signed with wrong chain ID doesn't exist - shouldn't pass", + "voteA is signed with the wrong chain ID and is invalid - shouldn't pass", provAddr, []*tmtypes.Vote{ makeAndSignVote( @@ -225,7 +217,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "voteB signed with wrong chain ID - shouldn't pass", + "voteB is signed with the wrong chain ID and is invalid - shouldn't pass", provAddr, []*tmtypes.Vote{ makeAndSignVote( @@ -249,7 +241,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "valid evidence should pass", + "valid double voting evidence should pass", provAddr, []*tmtypes.Vote{ makeAndSignVote( diff --git a/x/ccv/provider/client/cli/tx.go b/x/ccv/provider/client/cli/tx.go index 58ddec4bd8..fbffdd2d72 100644 --- a/x/ccv/provider/client/cli/tx.go +++ b/x/ccv/provider/client/cli/tx.go @@ -153,9 +153,9 @@ Examples: func NewSubmitConsumerDoubleVotingCmd() *cobra.Command { cmd := &cobra.Command{ - Use: "submit-consumer-double-voting [evidence]", + Use: "submit-consumer-double-voting [evidence] [infraction_header]", Short: "submit a double-vote evidence for a consumer chain", - Args: cobra.ExactArgs(1), + Args: cobra.ExactArgs(2), RunE: func(cmd *cobra.Command, args []string) error { clientCtx, err := client.GetClientTxContext(cmd) if err != nil { diff --git a/x/ccv/provider/types/msg.go b/x/ccv/provider/types/msg.go index 54588a0153..a4b2326118 100644 --- a/x/ccv/provider/types/msg.go +++ b/x/ccv/provider/types/msg.go @@ -208,11 +208,11 @@ func (msg MsgSubmitConsumerDoubleVoting) ValidateBasic() error { } if msg.DuplicateVoteEvidence == nil { - return fmt.Errorf("duplicate evidence cannot be nil") + return fmt.Errorf("double voting evidence cannot be nil") } if msg.InfractionBlockHeader.Header == nil { - return fmt.Errorf("double-vote evidence header cannot be nil") + return fmt.Errorf("infraction header cannot be nil") } return nil diff --git a/x/ccv/types/errors.go b/x/ccv/types/errors.go index 310383afa9..e0cb663219 100644 --- a/x/ccv/types/errors.go +++ b/x/ccv/types/errors.go @@ -25,5 +25,5 @@ var ( ErrClientNotFound = errorsmod.Register(ModuleName, 18, "client not found") ErrDuplicateConsumerChain = errorsmod.Register(ModuleName, 19, "consumer chain already exists") ErrConsumerChainNotFound = errorsmod.Register(ModuleName, 20, "consumer chain not found") - ErrInvalidEvidence = errorsmod.Register(ModuleName, 21, "invalid consumer double vote evidence") + ErrInvalidEvidence = errorsmod.Register(ModuleName, 21, "invalid consumer double voting evidence") ) From 5a6ac16afed612bdd5531ec8d6e7f9e784812d20 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 09:50:40 +0200 Subject: [PATCH 10/29] doc --- tests/integration/double_vote.go | 87 +++++++++++++++------- x/ccv/provider/keeper/double_vote.go | 6 +- x/ccv/provider/keeper/misbehaviour.go | 5 +- x/ccv/provider/keeper/punish_validators.go | 4 +- 4 files changed, 66 insertions(+), 36 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index f8b6f44362..3b95ce91f2 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -9,9 +9,8 @@ import ( tmtypes "github.com/tendermint/tendermint/types" ) -// TestHandleConsumerDoubleVoting tests that handling double voting evidence -// that occurred on a consumer chain results in the jailing and tombstoning -// of the malicious validators +// TestHandleConsumerDoubleVoting verifies that handling a double voting evidence +// of a consumer chain results in the expected jailing and tombstoning of the malicious validator func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { // Setup a consumer chain s.SetupCCVChannel(s.path) @@ -32,40 +31,72 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { blockID1 := makeBlockID([]byte("blockhash"), 1000, []byte("partshash")) blockID2 := makeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) - // In order to create an evidence for the configured consumer chain above, - // we create two votes that only differs by their BlockIDs and - // signed them using the same validator and the chain ID of the consumer chain - evidence := &tmtypes.DuplicateVoteEvidence{ - VoteA: makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - VoteB: makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - ValidatorPower: val.VotingPower, - TotalVotingPower: val.VotingPower, - Timestamp: s.consumerCtx().BlockTime(), + vote1 := makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ) + + badVote := makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + s.consumerCtx().BlockTime(), + valSet, + signer, + s.consumerChain.ChainID, + ) + + testCases := []struct { + name string + ev *tmtypes.DuplicateVoteEvidence + }{ + { + // an evidence containing two identical votes + "invalid double voting evidence - shouldn't pass", + &tmtypes.DuplicateVoteEvidence{ + VoteA: vote1, + VoteB: vote1, + ValidatorPower: val.VotingPower, + TotalVotingPower: val.VotingPower, + Timestamp: s.consumerCtx().BlockTime(), + }, + }, { + // In order to create an evidence for a consumer chain, + // we create two votes that only differs by their Block IDs and + // signed them using the same validator and chain ID of the consumer chain + "valid double voting evidence - should pass", + &tmtypes.DuplicateVoteEvidence{ + VoteA: vote1, + VoteB: badVote, + ValidatorPower: val.VotingPower, + TotalVotingPower: val.VotingPower, + Timestamp: s.consumerCtx().BlockTime(), + }, + }, } err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( s.providerCtx(), - evidence, + testCases[0].ev, s.consumerChain.LastHeader, ) - s.Require().NoError(err) + s.Require().Error(err) + // verifies that no jailing and tombstoning has occurred consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(val.Address.Bytes())) provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) + s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) + s.Require().False(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) + + err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( + s.providerCtx(), + testCases[1].ev, + s.consumerChain.LastHeader, + ) + s.Require().NoError(err) s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) } diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 68a09ba1f7..9cc931f05b 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -14,7 +14,8 @@ import ( ) // HandleConsumerDoubleVoting verifies a double voting evidence for a given a consumer chain and, -// if successful, executes the the jailing and the tombstoning of the malicious validator +// if successful, executes the the jailing and the tombstoning of the malicious validator. +// Note that the infraction header argument is temporarily only used to get the consumer chain ID. func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, h *ibctmtypes.Header) error { chainID := h.Header.ChainID @@ -28,7 +29,7 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.Du return err } - k.JailAndTombstoneValidator(ctx, providerAddr, chainID) + k.JailAndTombstoneValidator(ctx, providerAddr) k.Logger(ctx).Info( "confirmed equivocation", @@ -46,7 +47,6 @@ func (k Keeper) VerifyDoubleVoting( chainID string, providerAddr types.ProviderConsAddress, ) error { - // TODO: check the evidence age once we agreed on the infraction height mapping // H/R/S must be the same diff --git a/x/ccv/provider/keeper/misbehaviour.go b/x/ccv/provider/keeper/misbehaviour.go index 5cafa49bd6..91bd4e8535 100644 --- a/x/ccv/provider/keeper/misbehaviour.go +++ b/x/ccv/provider/keeper/misbehaviour.go @@ -34,17 +34,16 @@ func (k Keeper) HandleConsumerMisbehaviour(ctx sdk.Context, misbehaviour ibctmty return err } - chainID := misbehaviour.Header1.Header.ChainID provAddrs := make([]types.ProviderConsAddress, len(byzantineValidators)) // jail and tombstone the Byzantine validators for _, v := range byzantineValidators { providerAddr := k.GetProviderAddrFromConsumerAddr( ctx, - chainID, + misbehaviour.Header1.Header.ChainID, types.NewConsumerConsAddress(sdk.ConsAddress(v.Address.Bytes())), ) - k.JailAndTombstoneValidator(ctx, providerAddr, chainID) + k.JailAndTombstoneValidator(ctx, providerAddr) provAddrs = append(provAddrs, providerAddr) } diff --git a/x/ccv/provider/keeper/punish_validators.go b/x/ccv/provider/keeper/punish_validators.go index 94199d0156..c5a14fc4be 100644 --- a/x/ccv/provider/keeper/punish_validators.go +++ b/x/ccv/provider/keeper/punish_validators.go @@ -6,8 +6,8 @@ import ( "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ) -// JailAndTombstoneValidator jails and tombstones the validator for the given provider consensus chain address -func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.ProviderConsAddress, chainID string) { +// JailAndTombstoneValidator jails and tombstones the validator for the given validator consensus address +func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.ProviderConsAddress) { logger := k.Logger(ctx) // get validator From 1a2ac784012db548e764f58b3355b21aeb687bab Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 10:00:21 +0200 Subject: [PATCH 11/29] protogen --- x/ccv/provider/types/msg.go | 1 - x/ccv/provider/types/tx.pb.go | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/x/ccv/provider/types/msg.go b/x/ccv/provider/types/msg.go index a4b2326118..e5dbb16697 100644 --- a/x/ccv/provider/types/msg.go +++ b/x/ccv/provider/types/msg.go @@ -205,7 +205,6 @@ func (msg MsgSubmitConsumerDoubleVoting) Type() string { func (msg MsgSubmitConsumerDoubleVoting) ValidateBasic() error { if msg.Submitter == "" { return sdkerrors.Wrap(sdkerrors.ErrInvalidAddress, msg.Submitter) - } if msg.DuplicateVoteEvidence == nil { return fmt.Errorf("double voting evidence cannot be nil") diff --git a/x/ccv/provider/types/tx.pb.go b/x/ccv/provider/types/tx.pb.go index 1fb9649ad3..9182d546b5 100644 --- a/x/ccv/provider/types/tx.pb.go +++ b/x/ccv/provider/types/tx.pb.go @@ -279,7 +279,7 @@ type MsgSubmitConsumerDoubleVoting struct { // The equivocation of the consumer chain wrapping // an evidence of a validator that signed two conflicting votes DuplicateVoteEvidence *types1.DuplicateVoteEvidence `protobuf:"bytes,2,opt,name=duplicate_vote_evidence,json=duplicateVoteEvidence,proto3" json:"duplicate_vote_evidence,omitempty"` - // Unused but still here to not break the wire + // The light client header of the infraction block InfractionBlockHeader *types.Header `protobuf:"bytes,3,opt,name=infraction_block_header,json=infractionBlockHeader,proto3" json:"infraction_block_header,omitempty"` } From 7273ed4e3e91f8265b1db26cbfcd133c7aa8c848 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 11:09:58 +0200 Subject: [PATCH 12/29] reformat double voting handling --- .../ccv/provider/v1/tx.proto | 2 +- tests/integration/double_vote.go | 113 +++++++++++------- testutil/integration/debug_test.go | 4 +- x/ccv/provider/client/cli/tx.go | 4 +- x/ccv/provider/keeper/double_vote.go | 32 ++--- 5 files changed, 95 insertions(+), 60 deletions(-) diff --git a/proto/interchain_security/ccv/provider/v1/tx.proto b/proto/interchain_security/ccv/provider/v1/tx.proto index 42f642fa74..64e4c88b70 100644 --- a/proto/interchain_security/ccv/provider/v1/tx.proto +++ b/proto/interchain_security/ccv/provider/v1/tx.proto @@ -73,7 +73,7 @@ message MsgSubmitConsumerDoubleVoting { // The equivocation of the consumer chain wrapping // an evidence of a validator that signed two conflicting votes tendermint.types.DuplicateVoteEvidence duplicate_vote_evidence = 2; - // The light client header of the infraction block + // The light client header of the infraction block ibc.lightclients.tendermint.v1.Header infraction_block_header = 3; } diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index 3b95ce91f2..ee0e313fdf 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -4,15 +4,16 @@ import ( "time" sdk "github.com/cosmos/cosmos-sdk/types" + ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" "github.com/tendermint/tendermint/crypto/tmhash" + tmproto "github.com/tendermint/tendermint/proto/tendermint/types" tmtypes "github.com/tendermint/tendermint/types" ) // TestHandleConsumerDoubleVoting verifies that handling a double voting evidence // of a consumer chain results in the expected jailing and tombstoning of the malicious validator func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { - // Setup a consumer chain s.SetupCCVChannel(s.path) // required to have the consumer client revision height greater than 0 s.SendEmptyVSCPacket() @@ -50,11 +51,31 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { ) testCases := []struct { - name string - ev *tmtypes.DuplicateVoteEvidence + name string + ev *tmtypes.DuplicateVoteEvidence + header *ibctmtypes.Header + expPass bool }{ { - // an evidence containing two identical votes + "create infraction header using an invalid consumer chain id - shouldn't pass", + &tmtypes.DuplicateVoteEvidence{ + VoteA: vote1, + VoteB: badVote, + ValidatorPower: val.VotingPower, + TotalVotingPower: val.VotingPower, + Timestamp: s.consumerCtx().BlockTime(), + }, + &ibctmtypes.Header{ + SignedHeader: &tmproto.SignedHeader{ + Header: &tmproto.Header{ + ChainID: "chainID", + }, + }, + }, + false, + }, + { + // create an invalid evidence containing two identical votes "invalid double voting evidence - shouldn't pass", &tmtypes.DuplicateVoteEvidence{ VoteA: vote1, @@ -63,7 +84,10 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { TotalVotingPower: val.VotingPower, Timestamp: s.consumerCtx().BlockTime(), }, - }, { + s.consumerChain.LastHeader, + false, + }, + { // In order to create an evidence for a consumer chain, // we create two votes that only differs by their Block IDs and // signed them using the same validator and chain ID of the consumer chain @@ -75,33 +99,40 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { TotalVotingPower: val.VotingPower, Timestamp: s.consumerCtx().BlockTime(), }, + s.consumerChain.LastHeader, + true, }, } - err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( - s.providerCtx(), - testCases[0].ev, - s.consumerChain.LastHeader, - ) - s.Require().Error(err) - - // verifies that no jailing and tombstoning has occurred consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(val.Address.Bytes())) provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) - s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) - s.Require().False(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) - err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( - s.providerCtx(), - testCases[1].ev, - s.consumerChain.LastHeader, - ) - s.Require().NoError(err) - s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) - s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) + for _, tc := range testCases { + s.Run(tc.name, func() { + err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( + s.providerCtx(), + tc.ev, + tc.header, + ) + if tc.expPass { + s.Require().NoError(err) + + // verifies that the jailing and tombstoning has occurred + s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) + s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) + } else { + s.Require().Error(err) + + // verifies that no jailing and tombstoning has occurred + + s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) + s.Require().False(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) + } + }) + } } -func (s *CCVTestSuite) TestVerifyDoubleVoting() { +func (s *CCVTestSuite) TestVerifyDoubleVotingEvidence() { s.SetupCCVChannel(s.path) // required to have the consumer client revision height greater than 0 s.SendEmptyVSCPacket() @@ -121,15 +152,13 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) testCases := []struct { - name string - providerAddr types.ProviderConsAddress - votes []*tmtypes.Vote - chainID string - expPass bool + name string + votes []*tmtypes.Vote + chainID string + expPass bool }{ { "evidence has votes with different block height - shouldn't pass", - provAddr, []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -153,7 +182,6 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "evidence has votes with different validator address - shouldn't pass", - provAddr, []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -177,7 +205,6 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "evidence has votes with same block IDs - shouldn't pass", - provAddr, []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -200,8 +227,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "no consumer chain exists for given chain ID - shouldn't pass", - provAddr, + "no consumer chain exists for the given chain ID - shouldn't pass", []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -224,8 +250,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "voteA is signed with the wrong chain ID and is invalid - shouldn't pass", - provAddr, + "voteA is signed using the wrong chain ID - shouldn't pass", []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -248,8 +273,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { false, }, { - "voteB is signed with the wrong chain ID and is invalid - shouldn't pass", - provAddr, + "voteB is signed using the wrong chain ID - shouldn't pass", []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -273,7 +297,6 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { }, { "valid double voting evidence should pass", - provAddr, []*tmtypes.Vote{ makeAndSignVote( blockID1, @@ -299,7 +322,15 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { for _, tc := range testCases { s.Run(tc.name, func() { - err := s.providerApp.GetProviderKeeper().VerifyDoubleVoting( + // get the consumer chain public key assigned to the validator + consuPubkey, ok := s.providerApp.GetProviderKeeper().GetValidatorConsumerPubKey( + s.providerCtx(), + s.consumerChain.ChainID, + provAddr, + ) + s.Require().True(ok) + + err := s.providerApp.GetProviderKeeper().VerifyDoubleVotingEvidence( s.providerCtx(), tmtypes.DuplicateVoteEvidence{ VoteA: tc.votes[0], @@ -309,7 +340,7 @@ func (s *CCVTestSuite) TestVerifyDoubleVoting() { Timestamp: s.consumerCtx().BlockTime(), }, tc.chainID, - tc.providerAddr, + consuPubkey, ) if tc.expPass { s.Require().NoError(err) diff --git a/testutil/integration/debug_test.go b/testutil/integration/debug_test.go index 6e78618fa4..19795939a0 100644 --- a/testutil/integration/debug_test.go +++ b/testutil/integration/debug_test.go @@ -281,6 +281,6 @@ func TestHandleConsumerDoubleVoting(t *testing.T) { runCCVTestByName(t, "TestHandleConsumerDoubleVoting") } -func TestVerifyDoubleVoting(t *testing.T) { - runCCVTestByName(t, "TestVerifyDoubleVoting") +func TestVerifyDoubleVotingEvidence(t *testing.T) { + runCCVTestByName(t, "TestVerifyDoubleVotingEvidence") } diff --git a/x/ccv/provider/client/cli/tx.go b/x/ccv/provider/client/cli/tx.go index fbffdd2d72..1d3ccc0011 100644 --- a/x/ccv/provider/client/cli/tx.go +++ b/x/ccv/provider/client/cli/tx.go @@ -153,8 +153,8 @@ Examples: func NewSubmitConsumerDoubleVotingCmd() *cobra.Command { cmd := &cobra.Command{ - Use: "submit-consumer-double-voting [evidence] [infraction_header]", - Short: "submit a double-vote evidence for a consumer chain", + Use: "submit consumer-double-voting [evidence] [infraction_header]", + Short: "submit a double voting evidence for a consumer chain", Args: cobra.ExactArgs(2), RunE: func(cmd *cobra.Command, args []string) error { clientCtx, err := client.GetClientTxContext(cmd) diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 9cc931f05b..bb39af2d77 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -10,6 +10,7 @@ import ( ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ccvtypes "github.com/cosmos/interchain-security/v2/x/ccv/types" + tmprotocrypto "github.com/tendermint/tendermint/proto/tendermint/crypto" tmtypes "github.com/tendermint/tendermint/types" ) @@ -19,16 +20,25 @@ import ( func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, h *ibctmtypes.Header) error { chainID := h.Header.ChainID + // get the validator's consensus address on the provider providerAddr := k.GetProviderAddrFromConsumerAddr( ctx, chainID, types.NewConsumerConsAddress(sdk.ConsAddress(evidence.VoteA.ValidatorAddress.Bytes())), ) - if err := k.VerifyDoubleVoting(ctx, *evidence, chainID, providerAddr); err != nil { + // get the consumer chain public key assigned to the validator + consuPubkey, ok := k.GetValidatorConsumerPubKey(ctx, chainID, providerAddr) + if !ok { + return fmt.Errorf("cannot find public key for validator %s and consumer chain %s", providerAddr.String(), chainID) + } + + // verifies the double voting evidence using the consumer chain public key + if err := k.VerifyDoubleVotingEvidence(ctx, *evidence, chainID, consuPubkey); err != nil { return err } + // execute the jailing and tombstoning k.JailAndTombstoneValidator(ctx, providerAddr) k.Logger(ctx).Info( @@ -39,13 +49,13 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.Du return nil } -// VerifyEquivocation verifies the equivocation for the given chain id and -// provider consensus address -func (k Keeper) VerifyDoubleVoting( +// VerifyDoubleVotingEvidence verifies a double voting evidence +// for a given chain id and validator public key +func (k Keeper) VerifyDoubleVotingEvidence( ctx sdk.Context, evidence tmtypes.DuplicateVoteEvidence, chainID string, - providerAddr types.ProviderConsAddress, + pubkey tmprotocrypto.PublicKey, ) error { // TODO: check the evidence age once we agreed on the infraction height mapping @@ -79,13 +89,7 @@ func (k Keeper) VerifyDoubleVoting( ) } - // get the consumer chain public key assigned to the validator - tmpk, ok := k.GetValidatorConsumerPubKey(ctx, chainID, providerAddr) - if !ok { - return fmt.Errorf("cannot find public key for validator %s and consumer chain %s", providerAddr.String(), chainID) - } - - pubkey, err := cryptocodec.FromTmProtoPublicKey(tmpk) + pk, err := cryptocodec.FromTmProtoPublicKey(pubkey) if err != nil { return err } @@ -94,10 +98,10 @@ func (k Keeper) VerifyDoubleVoting( vb := evidence.VoteB.ToProto() // signatures must be valid - if !pubkey.VerifySignature(tmtypes.VoteSignBytes(chainID, va), evidence.VoteA.Signature) { + if !pk.VerifySignature(tmtypes.VoteSignBytes(chainID, va), evidence.VoteA.Signature) { return fmt.Errorf("verifying VoteA: %w", tmtypes.ErrVoteInvalidSignature) } - if !pubkey.VerifySignature(tmtypes.VoteSignBytes(chainID, vb), evidence.VoteB.Signature) { + if !pk.VerifySignature(tmtypes.VoteSignBytes(chainID, vb), evidence.VoteB.Signature) { return fmt.Errorf("verifying VoteB: %w", tmtypes.ErrVoteInvalidSignature) } From 34b7ddaf0bd739ed2d3389e60840bd852d662d6d Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 14:39:58 +0200 Subject: [PATCH 13/29] logger nit --- Dockerfile | 2 +- tests/e2e/main.go | 2 +- tests/e2e/steps.go | 16 ++++++++-------- x/ccv/provider/keeper/punish_validators.go | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 03939617be..ba351f2e78 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,7 +36,7 @@ FROM informalofftermatt/cometmock:latest as cometmock-builder # Get GoRelayer FROM informalofftermatt/gorelayer:nogas AS gorelayer-builder -FROM --platform=linux/amd64 fedora:36 +FROM --platform=linux/arm64 fedora:36 RUN dnf update -y RUN dnf install -y which iproute iputils procps-ng vim-minimal tmux net-tools htop jq USER root diff --git a/tests/e2e/main.go b/tests/e2e/main.go index 406a015e63..a74e155c97 100644 --- a/tests/e2e/main.go +++ b/tests/e2e/main.go @@ -102,7 +102,7 @@ func (tr *TestRun) Run(steps []Step, localSdkPath string, useGaia bool, gaiaTag tr.validateStringLiterals() tr.startDocker() tr.executeSteps(steps) - tr.teardownDocker() + // tr.teardownDocker() } type testRunWithSteps struct { diff --git a/tests/e2e/steps.go b/tests/e2e/steps.go index 78a56654e6..b300c1a74c 100644 --- a/tests/e2e/steps.go +++ b/tests/e2e/steps.go @@ -17,17 +17,17 @@ var happyPathSteps = concatSteps( stepsStartChains([]string{"consu"}, false), stepsDelegate("consu"), stepsAssignConsumerKeyOnStartedChain("consu", "bob"), - stepsUnbond("consu"), - stepsRedelegateForOptOut("consu"), - stepsDowntimeWithOptOut("consu"), - stepsRedelegate("consu"), - stepsDowntime("consu"), + // stepsUnbond("consu"), + // stepsRedelegateForOptOut("consu"), + // stepsDowntimeWithOptOut("consu"), + // stepsRedelegate("consu"), + // stepsDowntime("consu"), stepsRejectEquivocationProposal("consu", 2), // prop to tombstone bob is rejected stepsDoubleSignOnProviderAndConsumer("consu"), // carol double signs on provider, bob double signs on consumer stepsSubmitEquivocationProposal("consu", 2), // now prop to tombstone bob is submitted and accepted - stepsStartRelayer(), - stepsConsumerRemovalPropNotPassing("consu", 3), // submit removal prop but vote no on it - chain should stay - stepsStopChain("consu", 4), // stop chain + // stepsStartRelayer(), + // stepsConsumerRemovalPropNotPassing("consu", 3), // submit removal prop but vote no on it - chain should stay + // stepsStopChain("consu", 4), // stop chain ) var shortHappyPathSteps = concatSteps( diff --git a/x/ccv/provider/keeper/punish_validators.go b/x/ccv/provider/keeper/punish_validators.go index c5a14fc4be..3510483363 100644 --- a/x/ccv/provider/keeper/punish_validators.go +++ b/x/ccv/provider/keeper/punish_validators.go @@ -19,7 +19,7 @@ func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.Pr // check that validator isn't already tombstoned if k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { - k.Logger(ctx).Info("validator is already tombstoned", "provider cons addr", providerAddr.String()) + logger.Info("validator is already tombstoned", "provider cons addr", providerAddr.String()) return } From 1e301d560f6f2fdff6fa61b009fdd7cd4040d951 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 14:50:52 +0200 Subject: [PATCH 14/29] nits --- tests/integration/double_vote.go | 18 +++++------------- x/ccv/provider/keeper/double_vote.go | 6 +----- x/ccv/provider/keeper/msg_server.go | 4 ++-- x/ccv/types/events.go | 1 - 4 files changed, 8 insertions(+), 21 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index ee0e313fdf..7970c7b654 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -4,10 +4,8 @@ import ( "time" sdk "github.com/cosmos/cosmos-sdk/types" - ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" "github.com/tendermint/tendermint/crypto/tmhash" - tmproto "github.com/tendermint/tendermint/proto/tendermint/types" tmtypes "github.com/tendermint/tendermint/types" ) @@ -53,7 +51,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { testCases := []struct { name string ev *tmtypes.DuplicateVoteEvidence - header *ibctmtypes.Header + chainID string expPass bool }{ { @@ -65,13 +63,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { TotalVotingPower: val.VotingPower, Timestamp: s.consumerCtx().BlockTime(), }, - &ibctmtypes.Header{ - SignedHeader: &tmproto.SignedHeader{ - Header: &tmproto.Header{ - ChainID: "chainID", - }, - }, - }, + "chainID", false, }, { @@ -84,7 +76,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { TotalVotingPower: val.VotingPower, Timestamp: s.consumerCtx().BlockTime(), }, - s.consumerChain.LastHeader, + s.consumerChain.ChainID, false, }, { @@ -99,7 +91,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { TotalVotingPower: val.VotingPower, Timestamp: s.consumerCtx().BlockTime(), }, - s.consumerChain.LastHeader, + s.consumerChain.ChainID, true, }, } @@ -112,7 +104,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( s.providerCtx(), tc.ev, - tc.header, + tc.chainID, ) if tc.expPass { s.Require().NoError(err) diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index bb39af2d77..1ac8408758 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -7,7 +7,6 @@ import ( cryptocodec "github.com/cosmos/cosmos-sdk/crypto/codec" sdk "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" - ibctmtypes "github.com/cosmos/ibc-go/v4/modules/light-clients/07-tendermint/types" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ccvtypes "github.com/cosmos/interchain-security/v2/x/ccv/types" tmprotocrypto "github.com/tendermint/tendermint/proto/tendermint/crypto" @@ -16,10 +15,7 @@ import ( // HandleConsumerDoubleVoting verifies a double voting evidence for a given a consumer chain and, // if successful, executes the the jailing and the tombstoning of the malicious validator. -// Note that the infraction header argument is temporarily only used to get the consumer chain ID. -func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, h *ibctmtypes.Header) error { - chainID := h.Header.ChainID - +func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, chainID string) error { // get the validator's consensus address on the provider providerAddr := k.GetProviderAddrFromConsumerAddr( ctx, diff --git a/x/ccv/provider/keeper/msg_server.go b/x/ccv/provider/keeper/msg_server.go index 5863ff8b2c..b6b96bb010 100644 --- a/x/ccv/provider/keeper/msg_server.go +++ b/x/ccv/provider/keeper/msg_server.go @@ -156,7 +156,7 @@ func (k msgServer) SubmitConsumerDoubleVoting(goCtx context.Context, msg *types. return nil, err } - if err := k.Keeper.HandleConsumerDoubleVoting(ctx, evidence, msg.InfractionBlockHeader); err != nil { + if err := k.Keeper.HandleConsumerDoubleVoting(ctx, evidence, msg.InfractionBlockHeader.Header.ChainID); err != nil { return &types.MsgSubmitConsumerDoubleVotingResponse{}, err } @@ -164,7 +164,7 @@ func (k msgServer) SubmitConsumerDoubleVoting(goCtx context.Context, msg *types. sdk.NewEvent( ccvtypes.EventTypeSubmitConsumerMisbehaviour, sdk.NewAttribute(ccvtypes.AttributeConsumerDoubleVoting, msg.DuplicateVoteEvidence.String()), - sdk.NewAttribute(ccvtypes.AttributeInfractionBlockHeader, msg.InfractionBlockHeader.String()), + sdk.NewAttribute(ccvtypes.AttributeChainID, msg.InfractionBlockHeader.Header.ChainID), sdk.NewAttribute(ccvtypes.AttributeSubmitterAddress, msg.Submitter), ), }) diff --git a/x/ccv/types/events.go b/x/ccv/types/events.go index e38300dcb9..28796144fe 100644 --- a/x/ccv/types/events.go +++ b/x/ccv/types/events.go @@ -39,7 +39,6 @@ const ( AttributeMisbehaviourHeight1 = "misbehaviour_height_1" AttributeMisbehaviourHeight2 = "misbehaviour_height_2" AttributeConsumerDoubleVoting = "consumer_double_voting" - AttributeInfractionBlockHeader = "infraction_block_header" AttributeDistributionCurrentHeight = "current_distribution_height" AttributeDistributionNextHeight = "next_distribution_height" From 0b2665e45dfbee750f7f05b740046139c760aef0 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 15:51:12 +0200 Subject: [PATCH 15/29] check evidence age duration --- tests/integration/double_vote.go | 58 ++++++++++++++++++++++++---- x/ccv/provider/keeper/double_vote.go | 12 +++++- 2 files changed, 61 insertions(+), 9 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index 7970c7b654..48ae40969c 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -3,6 +3,9 @@ package integration import ( "time" + abci "github.com/tendermint/tendermint/abci/types" + tmproto "github.com/tendermint/tendermint/proto/tendermint/types" + sdk "github.com/cosmos/cosmos-sdk/types" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" "github.com/tendermint/tendermint/crypto/tmhash" @@ -100,9 +103,10 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) for _, tc := range testCases { + ctx := setDefaultConsensusEvidenceParams(s.providerCtx()) s.Run(tc.name, func() { err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( - s.providerCtx(), + ctx, tc.ev, tc.chainID, ) @@ -110,15 +114,15 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { s.Require().NoError(err) // verifies that the jailing and tombstoning has occurred - s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) - s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) + s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(ctx, provAddr.ToSdkConsAddr())) + s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(ctx, provAddr.ToSdkConsAddr())) } else { s.Require().Error(err) // verifies that no jailing and tombstoning has occurred - s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) - s.Require().False(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.ToSdkConsAddr())) + s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(ctx, provAddr.ToSdkConsAddr())) + s.Require().False(s.providerApp.GetTestSlashingKeeper().IsTombstoned(ctx, provAddr.ToSdkConsAddr())) } }) } @@ -140,6 +144,8 @@ func (s *CCVTestSuite) TestVerifyDoubleVotingEvidence() { blockID1 := makeBlockID([]byte("blockhash"), 1000, []byte("partshash")) blockID2 := makeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) + oldTime := s.consumerCtx().BlockTime().Add(-505 * time.Hour) + consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(val.Address.Bytes())) provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) @@ -149,6 +155,29 @@ func (s *CCVTestSuite) TestVerifyDoubleVotingEvidence() { chainID string expPass bool }{ + { + "evidence is too old - shouldn't pass", + []*tmtypes.Vote{ + makeAndSignVote( + blockID1, + s.consumerCtx().BlockHeight(), + oldTime, + valSet, + signer, + s.consumerChain.ChainID, + ), + makeAndSignVote( + blockID2, + s.consumerCtx().BlockHeight(), + oldTime, + valSet, + signer, + s.consumerChain.ChainID, + ), + }, + s.consumerChain.ChainID, + false, + }, { "evidence has votes with different block height - shouldn't pass", []*tmtypes.Vote{ @@ -313,23 +342,24 @@ func (s *CCVTestSuite) TestVerifyDoubleVotingEvidence() { } for _, tc := range testCases { + ctx := setDefaultConsensusEvidenceParams(s.providerCtx()) s.Run(tc.name, func() { // get the consumer chain public key assigned to the validator consuPubkey, ok := s.providerApp.GetProviderKeeper().GetValidatorConsumerPubKey( - s.providerCtx(), + ctx, s.consumerChain.ChainID, provAddr, ) s.Require().True(ok) err := s.providerApp.GetProviderKeeper().VerifyDoubleVotingEvidence( - s.providerCtx(), + ctx, tmtypes.DuplicateVoteEvidence{ VoteA: tc.votes[0], VoteB: tc.votes[1], ValidatorPower: val.VotingPower, TotalVotingPower: val.VotingPower, - Timestamp: s.consumerCtx().BlockTime(), + Timestamp: tc.votes[0].Timestamp, }, tc.chainID, consuPubkey, @@ -390,3 +420,15 @@ func makeAndSignVote( vote.Signature = v.Signature return vote } + +func setDefaultConsensusEvidenceParams(ctx sdk.Context) sdk.Context { + return ctx.WithConsensusParams( + &abci.ConsensusParams{ + Evidence: &tmproto.EvidenceParams{ + MaxAgeNumBlocks: 302400, + MaxAgeDuration: 504 * time.Hour, // 3 weeks is the max duration + MaxBytes: 10000, + }, + }, + ) +} diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 1ac8408758..4026b63415 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -53,7 +53,17 @@ func (k Keeper) VerifyDoubleVotingEvidence( chainID string, pubkey tmprotocrypto.PublicKey, ) error { - // TODO: check the evidence age once we agreed on the infraction height mapping + // check evidence age duration + maxAgeDuration := ctx.ConsensusParams().Evidence.MaxAgeDuration + ageDuration := ctx.BlockHeader().Time.Sub(evidence.Time()) + + if ageDuration > maxAgeDuration { + return fmt.Errorf( + "evidence from created at: %v is too old; evidence can not be older than %v", + evidence.Time(), + ctx.BlockHeader().Time.Add(maxAgeDuration), + ) + } // H/R/S must be the same if evidence.VoteA.Height != evidence.VoteB.Height || From 6e83b8fa5b7fe8ffd1b0550770d750bbf8f52c9e Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 16:32:45 +0200 Subject: [PATCH 16/29] move verify double voting evidence to ut --- tests/integration/double_vote.go | 320 +--------------------- testutil/crypto/evidence.go | 71 +++++ x/ccv/provider/keeper/double_vote_test.go | 260 ++++++++++++++++++ 3 files changed, 336 insertions(+), 315 deletions(-) create mode 100644 testutil/crypto/evidence.go create mode 100644 x/ccv/provider/keeper/double_vote_test.go diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index 48ae40969c..c1ce1a6753 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -1,14 +1,9 @@ package integration import ( - "time" - - abci "github.com/tendermint/tendermint/abci/types" - tmproto "github.com/tendermint/tendermint/proto/tendermint/types" - sdk "github.com/cosmos/cosmos-sdk/types" + testutil "github.com/cosmos/interchain-security/v2/testutil/crypto" "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" - "github.com/tendermint/tendermint/crypto/tmhash" tmtypes "github.com/tendermint/tendermint/types" ) @@ -30,10 +25,10 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { val := valSet.Validators[0] signer := s.consumerChain.Signers[val.Address.String()] - blockID1 := makeBlockID([]byte("blockhash"), 1000, []byte("partshash")) - blockID2 := makeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) + blockID1 := testutil.MakeBlockID([]byte("blockhash"), 1000, []byte("partshash")) + blockID2 := testutil.MakeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) - vote1 := makeAndSignVote( + vote1 := testutil.MakeAndSignVote( blockID1, s.consumerCtx().BlockHeight(), s.consumerCtx().BlockTime(), @@ -42,7 +37,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { s.consumerChain.ChainID, ) - badVote := makeAndSignVote( + badVote := testutil.MakeAndSignVote( blockID2, s.consumerCtx().BlockHeight(), s.consumerCtx().BlockTime(), @@ -127,308 +122,3 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { }) } } - -func (s *CCVTestSuite) TestVerifyDoubleVotingEvidence() { - s.SetupCCVChannel(s.path) - // required to have the consumer client revision height greater than 0 - s.SendEmptyVSCPacket() - - valSet, err := tmtypes.ValidatorSetFromProto(s.consumerChain.LastHeader.ValidatorSet) - s.Require().NoError(err) - - val := valSet.Validators[0] - signer := s.consumerChain.Signers[val.Address.String()] - val2 := valSet.Validators[1] - signer2 := s.consumerChain.Signers[val2.Address.String()] - - blockID1 := makeBlockID([]byte("blockhash"), 1000, []byte("partshash")) - blockID2 := makeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) - - oldTime := s.consumerCtx().BlockTime().Add(-505 * time.Hour) - - consuAddr := types.NewConsumerConsAddress(sdk.ConsAddress(val.Address.Bytes())) - provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) - - testCases := []struct { - name string - votes []*tmtypes.Vote - chainID string - expPass bool - }{ - { - "evidence is too old - shouldn't pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - oldTime, - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - oldTime, - valSet, - signer, - s.consumerChain.ChainID, - ), - }, - s.consumerChain.ChainID, - false, - }, - { - "evidence has votes with different block height - shouldn't pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight()+1, - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - }, - s.consumerChain.ChainID, - false, - }, - { - "evidence has votes with different validator address - shouldn't pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer2, - s.consumerChain.ChainID, - ), - }, - s.consumerChain.ChainID, - false, - }, - { - "evidence has votes with same block IDs - shouldn't pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - }, - s.consumerChain.ChainID, - false, - }, - { - "no consumer chain exists for the given chain ID - shouldn't pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - }, - "WrongChainID", - false, - }, - { - "voteA is signed using the wrong chain ID - shouldn't pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - "WrongChainID", - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - }, - s.consumerChain.ChainID, - false, - }, - { - "voteB is signed using the wrong chain ID - shouldn't pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - "WrongChainID", - ), - }, - s.consumerChain.ChainID, - false, - }, - { - "valid double voting evidence should pass", - []*tmtypes.Vote{ - makeAndSignVote( - blockID1, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - makeAndSignVote( - blockID2, - s.consumerCtx().BlockHeight(), - s.consumerCtx().BlockTime(), - valSet, - signer, - s.consumerChain.ChainID, - ), - }, - s.consumerChain.ChainID, - true, - }, - } - - for _, tc := range testCases { - ctx := setDefaultConsensusEvidenceParams(s.providerCtx()) - s.Run(tc.name, func() { - // get the consumer chain public key assigned to the validator - consuPubkey, ok := s.providerApp.GetProviderKeeper().GetValidatorConsumerPubKey( - ctx, - s.consumerChain.ChainID, - provAddr, - ) - s.Require().True(ok) - - err := s.providerApp.GetProviderKeeper().VerifyDoubleVotingEvidence( - ctx, - tmtypes.DuplicateVoteEvidence{ - VoteA: tc.votes[0], - VoteB: tc.votes[1], - ValidatorPower: val.VotingPower, - TotalVotingPower: val.VotingPower, - Timestamp: tc.votes[0].Timestamp, - }, - tc.chainID, - consuPubkey, - ) - if tc.expPass { - s.Require().NoError(err) - } else { - s.Require().Error(err) - } - }) - } -} - -// utility function duplicated from CometBFT -// see https://github.com/cometbft/cometbft/blob/main/evidence/verify_test.go#L554 -func makeBlockID(hash []byte, partSetSize uint32, partSetHash []byte) tmtypes.BlockID { - var ( - h = make([]byte, tmhash.Size) - psH = make([]byte, tmhash.Size) - ) - copy(h, hash) - copy(psH, partSetHash) - return tmtypes.BlockID{ - Hash: h, - PartSetHeader: tmtypes.PartSetHeader{ - Total: partSetSize, - Hash: psH, - }, - } -} - -func makeAndSignVote( - blockID tmtypes.BlockID, - blockHeight int64, - blockTime time.Time, - valSet *tmtypes.ValidatorSet, - signer tmtypes.PrivValidator, - chainID string, -) *tmtypes.Vote { - vote, err := tmtypes.MakeVote( - blockHeight, - blockID, - valSet, - signer, - chainID, - blockTime, - ) - if err != nil { - panic(err) - } - - v := vote.ToProto() - err = signer.SignVote(chainID, v) - if err != nil { - panic(err) - } - - vote.Signature = v.Signature - return vote -} - -func setDefaultConsensusEvidenceParams(ctx sdk.Context) sdk.Context { - return ctx.WithConsensusParams( - &abci.ConsensusParams{ - Evidence: &tmproto.EvidenceParams{ - MaxAgeNumBlocks: 302400, - MaxAgeDuration: 504 * time.Hour, // 3 weeks is the max duration - MaxBytes: 10000, - }, - }, - ) -} diff --git a/testutil/crypto/evidence.go b/testutil/crypto/evidence.go new file mode 100644 index 0000000000..0c9efe5c6e --- /dev/null +++ b/testutil/crypto/evidence.go @@ -0,0 +1,71 @@ +package crypto + +import ( + "time" + + sdk "github.com/cosmos/cosmos-sdk/types" + abci "github.com/tendermint/tendermint/abci/types" + "github.com/tendermint/tendermint/crypto/tmhash" + tmproto "github.com/tendermint/tendermint/proto/tendermint/types" + tmtypes "github.com/tendermint/tendermint/types" +) + +// utility function duplicated from CometBFT +// see https://github.com/cometbft/cometbft/blob/main/evidence/verify_test.go#L554 +func MakeBlockID(hash []byte, partSetSize uint32, partSetHash []byte) tmtypes.BlockID { + var ( + h = make([]byte, tmhash.Size) + psH = make([]byte, tmhash.Size) + ) + copy(h, hash) + copy(psH, partSetHash) + return tmtypes.BlockID{ + Hash: h, + PartSetHeader: tmtypes.PartSetHeader{ + Total: partSetSize, + Hash: psH, + }, + } +} + +func MakeAndSignVote( + blockID tmtypes.BlockID, + blockHeight int64, + blockTime time.Time, + valSet *tmtypes.ValidatorSet, + signer tmtypes.PrivValidator, + chainID string, +) *tmtypes.Vote { + vote, err := tmtypes.MakeVote( + blockHeight, + blockID, + valSet, + signer, + chainID, + blockTime, + ) + if err != nil { + panic(err) + } + + v := vote.ToProto() + err = signer.SignVote(chainID, v) + if err != nil { + panic(err) + } + + vote.Signature = v.Signature + return vote +} + +func SetDefaultConsensusEvidenceParams(ctx sdk.Context) sdk.Context { + return ctx.WithConsensusParams( + &abci.ConsensusParams{ + Evidence: &tmproto.EvidenceParams{ + MaxAgeNumBlocks: 302400, + MaxAgeDuration: 504 * time.Hour, // 3 weeks is the max duration + MaxBytes: 10000, + }, + }, + ) +} diff --git a/x/ccv/provider/keeper/double_vote_test.go b/x/ccv/provider/keeper/double_vote_test.go new file mode 100644 index 0000000000..271a328888 --- /dev/null +++ b/x/ccv/provider/keeper/double_vote_test.go @@ -0,0 +1,260 @@ +package keeper_test + +import ( + "testing" + "time" + + testutil "github.com/cosmos/interchain-security/v2/testutil/crypto" + testkeeper "github.com/cosmos/interchain-security/v2/testutil/keeper" + "github.com/stretchr/testify/require" + tmencoding "github.com/tendermint/tendermint/crypto/encoding" + tmtypes "github.com/tendermint/tendermint/types" +) + +func TestVerifyDoubleVotingEvidence(t *testing.T) { + keeper, ctx, ctrl, _ := testkeeper.GetProviderKeeperAndCtx(t, testkeeper.NewInMemKeeperParams(t)) + defer ctrl.Finish() + + chainID := consumer + + signer1 := tmtypes.NewMockPV() + signer2 := tmtypes.NewMockPV() + + val1 := tmtypes.NewValidator(signer1.PrivKey.PubKey(), 1) + val2 := tmtypes.NewValidator(signer2.PrivKey.PubKey(), 1) + + valSet := tmtypes.NewValidatorSet([]*tmtypes.Validator{val1, val2}) + + // valSet, err := tmtypes.ValidatorSetFromProto(s.consumerChain.LastHeader.ValidatorSet) + // require.NoError(t, err) + + // val := valSet.Validators[0] + // signer := s.consumerChain.Signers[val.Address.String()] + // val2 := valSet.Validators[1] + // signer2 := s.consumerChain.Signers[val2.Address.String()] + + blockID1 := testutil.MakeBlockID([]byte("blockhash"), 1000, []byte("partshash")) + blockID2 := testutil.MakeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) + + ctx = ctx.WithBlockTime(time.Now()) + oldTime := ctx.BlockTime().Add(-505 * time.Hour) + + testCases := []struct { + name string + votes []*tmtypes.Vote + chainID string + expPass bool + }{ + { + "evidence is too old - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + oldTime, + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + oldTime, + valSet, + signer1, + chainID, + ), + }, + chainID, + false, + }, + { + "evidence has votes with different block height - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight()+1, + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + }, + chainID, + false, + }, + { + "evidence has votes with different validator address - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer2, + chainID, + ), + }, + chainID, + false, + }, + { + "evidence has votes with same block IDs - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + }, + chainID, + false, + }, + { + "no consumer chain exists for the given chain ID - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + }, + "WrongChainID", + false, + }, + { + "voteA is signed using the wrong chain ID - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + "WrongChainID", + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + }, + chainID, + false, + }, + { + "voteB is signed using the wrong chain ID - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + "WrongChainID", + ), + }, + chainID, + false, + }, + { + "valid double voting evidence should pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + }, + chainID, + true, + }, + } + + ctx = testutil.SetDefaultConsensusEvidenceParams(ctx) + + for _, tc := range testCases { + // TODO: add test case when pukey is invalid + consuPubkey, err := tmencoding.PubKeyToProto(val1.PubKey) + require.NoError(t, err) + + err = keeper.VerifyDoubleVotingEvidence( + ctx, + tmtypes.DuplicateVoteEvidence{ + VoteA: tc.votes[0], + VoteB: tc.votes[1], + ValidatorPower: val1.VotingPower, + TotalVotingPower: val1.VotingPower, + Timestamp: tc.votes[0].Timestamp, + }, + tc.chainID, + consuPubkey, + ) + if tc.expPass { + require.NoError(t, err) + } else { + require.Error(t, err) + } + } + +} From 5023b69e3c17cec2b739fb0cc63be9917e7aefd7 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 16:33:36 +0200 Subject: [PATCH 17/29] fix nit --- tests/integration/double_vote.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index c1ce1a6753..10e6d63039 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -98,7 +98,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) for _, tc := range testCases { - ctx := setDefaultConsensusEvidenceParams(s.providerCtx()) + ctx := testutil.SetDefaultConsensusEvidenceParams(s.providerCtx()) s.Run(tc.name, func() { err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( ctx, From 8075132db66df099e85f095fb9e063a7ead6bc1c Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 16:59:07 +0200 Subject: [PATCH 18/29] nits --- tests/integration/double_vote.go | 1 - testutil/integration/debug_test.go | 6 +----- x/ccv/provider/keeper/double_vote_test.go | 9 --------- 3 files changed, 1 insertion(+), 15 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index 10e6d63039..92b12e978b 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -115,7 +115,6 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { s.Require().Error(err) // verifies that no jailing and tombstoning has occurred - s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(ctx, provAddr.ToSdkConsAddr())) s.Require().False(s.providerApp.GetTestSlashingKeeper().IsTombstoned(ctx, provAddr.ToSdkConsAddr())) } diff --git a/testutil/integration/debug_test.go b/testutil/integration/debug_test.go index 19795939a0..fcb19d5255 100644 --- a/testutil/integration/debug_test.go +++ b/testutil/integration/debug_test.go @@ -274,13 +274,9 @@ func TestCheckMisbehaviour(t *testing.T) { } // -// Equivocation tests +// Equivocation test // func TestHandleConsumerDoubleVoting(t *testing.T) { runCCVTestByName(t, "TestHandleConsumerDoubleVoting") } - -func TestVerifyDoubleVotingEvidence(t *testing.T) { - runCCVTestByName(t, "TestVerifyDoubleVotingEvidence") -} diff --git a/x/ccv/provider/keeper/double_vote_test.go b/x/ccv/provider/keeper/double_vote_test.go index 271a328888..7d71d0ea0d 100644 --- a/x/ccv/provider/keeper/double_vote_test.go +++ b/x/ccv/provider/keeper/double_vote_test.go @@ -25,14 +25,6 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { valSet := tmtypes.NewValidatorSet([]*tmtypes.Validator{val1, val2}) - // valSet, err := tmtypes.ValidatorSetFromProto(s.consumerChain.LastHeader.ValidatorSet) - // require.NoError(t, err) - - // val := valSet.Validators[0] - // signer := s.consumerChain.Signers[val.Address.String()] - // val2 := valSet.Validators[1] - // signer2 := s.consumerChain.Signers[val2.Address.String()] - blockID1 := testutil.MakeBlockID([]byte("blockhash"), 1000, []byte("partshash")) blockID2 := testutil.MakeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) @@ -256,5 +248,4 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { require.Error(t, err) } } - } From e8097bd0d6cc5d2350a336c5b5d1d7f4a7e8fe26 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 17:19:32 +0200 Subject: [PATCH 19/29] fix e2e tests --- Dockerfile | 2 +- tests/e2e/main.go | 2 +- tests/e2e/steps.go | 16 ++++++++-------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index ba351f2e78..03939617be 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,7 +36,7 @@ FROM informalofftermatt/cometmock:latest as cometmock-builder # Get GoRelayer FROM informalofftermatt/gorelayer:nogas AS gorelayer-builder -FROM --platform=linux/arm64 fedora:36 +FROM --platform=linux/amd64 fedora:36 RUN dnf update -y RUN dnf install -y which iproute iputils procps-ng vim-minimal tmux net-tools htop jq USER root diff --git a/tests/e2e/main.go b/tests/e2e/main.go index a74e155c97..406a015e63 100644 --- a/tests/e2e/main.go +++ b/tests/e2e/main.go @@ -102,7 +102,7 @@ func (tr *TestRun) Run(steps []Step, localSdkPath string, useGaia bool, gaiaTag tr.validateStringLiterals() tr.startDocker() tr.executeSteps(steps) - // tr.teardownDocker() + tr.teardownDocker() } type testRunWithSteps struct { diff --git a/tests/e2e/steps.go b/tests/e2e/steps.go index b300c1a74c..78a56654e6 100644 --- a/tests/e2e/steps.go +++ b/tests/e2e/steps.go @@ -17,17 +17,17 @@ var happyPathSteps = concatSteps( stepsStartChains([]string{"consu"}, false), stepsDelegate("consu"), stepsAssignConsumerKeyOnStartedChain("consu", "bob"), - // stepsUnbond("consu"), - // stepsRedelegateForOptOut("consu"), - // stepsDowntimeWithOptOut("consu"), - // stepsRedelegate("consu"), - // stepsDowntime("consu"), + stepsUnbond("consu"), + stepsRedelegateForOptOut("consu"), + stepsDowntimeWithOptOut("consu"), + stepsRedelegate("consu"), + stepsDowntime("consu"), stepsRejectEquivocationProposal("consu", 2), // prop to tombstone bob is rejected stepsDoubleSignOnProviderAndConsumer("consu"), // carol double signs on provider, bob double signs on consumer stepsSubmitEquivocationProposal("consu", 2), // now prop to tombstone bob is submitted and accepted - // stepsStartRelayer(), - // stepsConsumerRemovalPropNotPassing("consu", 3), // submit removal prop but vote no on it - chain should stay - // stepsStopChain("consu", 4), // stop chain + stepsStartRelayer(), + stepsConsumerRemovalPropNotPassing("consu", 3), // submit removal prop but vote no on it - chain should stay + stepsStopChain("consu", 4), // stop chain ) var shortHappyPathSteps = concatSteps( From 7052ec9bfe470d5f6c41f23a50f14921644d972b Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 17:54:17 +0200 Subject: [PATCH 20/29] improve double vote testing coverage --- x/ccv/provider/keeper/double_vote_test.go | 69 +++++++++++++++++++++-- 1 file changed, 65 insertions(+), 4 deletions(-) diff --git a/x/ccv/provider/keeper/double_vote_test.go b/x/ccv/provider/keeper/double_vote_test.go index 7d71d0ea0d..3498214629 100644 --- a/x/ccv/provider/keeper/double_vote_test.go +++ b/x/ccv/provider/keeper/double_vote_test.go @@ -8,6 +8,7 @@ import ( testkeeper "github.com/cosmos/interchain-security/v2/testutil/keeper" "github.com/stretchr/testify/require" tmencoding "github.com/tendermint/tendermint/crypto/encoding" + tmprotocrypto "github.com/tendermint/tendermint/proto/tendermint/crypto" tmtypes "github.com/tendermint/tendermint/types" ) @@ -31,10 +32,17 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ctx = ctx.WithBlockTime(time.Now()) oldTime := ctx.BlockTime().Add(-505 * time.Hour) + valPubkey1, err := tmencoding.PubKeyToProto(val1.PubKey) + require.NoError(t, err) + + valPubkey2, err := tmencoding.PubKeyToProto(val2.PubKey) + require.NoError(t, err) + testCases := []struct { name string votes []*tmtypes.Vote chainID string + pubkey tmprotocrypto.PublicKey expPass bool }{ { @@ -58,6 +66,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, chainID, + valPubkey1, false, }, { @@ -81,6 +90,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, chainID, + valPubkey1, false, }, { @@ -104,6 +114,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, chainID, + valPubkey1, false, }, { @@ -127,10 +138,11 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, chainID, + valPubkey1, false, }, { - "no consumer chain exists for the given chain ID - shouldn't pass", + "given chain ID isn't the same that the one used to sign the votes - shouldn't pass", []*tmtypes.Vote{ testutil.MakeAndSignVote( blockID1, @@ -150,6 +162,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, "WrongChainID", + valPubkey1, false, }, { @@ -173,6 +186,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, chainID, + valPubkey1, false, }, { @@ -196,6 +210,54 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, chainID, + valPubkey1, + false, + }, { + "invalid public key - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + }, + chainID, + tmprotocrypto.PublicKey{}, + false, + }, + { + "wrong public key - shouldn't pass", + []*tmtypes.Vote{ + testutil.MakeAndSignVote( + blockID1, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + testutil.MakeAndSignVote( + blockID2, + ctx.BlockHeight(), + ctx.BlockTime(), + valSet, + signer1, + chainID, + ), + }, + chainID, + valPubkey2, false, }, { @@ -219,6 +281,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ), }, chainID, + valPubkey1, true, }, } @@ -227,8 +290,6 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { for _, tc := range testCases { // TODO: add test case when pukey is invalid - consuPubkey, err := tmencoding.PubKeyToProto(val1.PubKey) - require.NoError(t, err) err = keeper.VerifyDoubleVotingEvidence( ctx, @@ -240,7 +301,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { Timestamp: tc.votes[0].Timestamp, }, tc.chainID, - consuPubkey, + tc.pubkey, ) if tc.expPass { require.NoError(t, err) From f58ccad20324ef19cef7ec7513969c5b08687320 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 17:57:00 +0200 Subject: [PATCH 21/29] remove TODO --- x/ccv/provider/keeper/double_vote_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/x/ccv/provider/keeper/double_vote_test.go b/x/ccv/provider/keeper/double_vote_test.go index 3498214629..f418f64f8d 100644 --- a/x/ccv/provider/keeper/double_vote_test.go +++ b/x/ccv/provider/keeper/double_vote_test.go @@ -289,8 +289,6 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { ctx = testutil.SetDefaultConsensusEvidenceParams(ctx) for _, tc := range testCases { - // TODO: add test case when pukey is invalid - err = keeper.VerifyDoubleVotingEvidence( ctx, tmtypes.DuplicateVoteEvidence{ From cce27b0122cda8fd94bacd2721e1c53ed5772b26 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Thu, 24 Aug 2023 18:05:05 +0200 Subject: [PATCH 22/29] lint --- x/ccv/provider/keeper/double_vote_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/x/ccv/provider/keeper/double_vote_test.go b/x/ccv/provider/keeper/double_vote_test.go index f418f64f8d..4a1d84b4d0 100644 --- a/x/ccv/provider/keeper/double_vote_test.go +++ b/x/ccv/provider/keeper/double_vote_test.go @@ -212,7 +212,8 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { chainID, valPubkey1, false, - }, { + }, + { "invalid public key - shouldn't pass", []*tmtypes.Vote{ testutil.MakeAndSignVote( From c38398fafcad5213f0254c6d136665d18af12b8c Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Fri, 25 Aug 2023 09:37:57 +0200 Subject: [PATCH 23/29] add UT for JailAndTombstoneValidator --- .../provider/keeper/punish_validators_test.go | 136 ++++++++++++++++++ 1 file changed, 136 insertions(+) create mode 100644 x/ccv/provider/keeper/punish_validators_test.go diff --git a/x/ccv/provider/keeper/punish_validators_test.go b/x/ccv/provider/keeper/punish_validators_test.go new file mode 100644 index 0000000000..f768f8ee1b --- /dev/null +++ b/x/ccv/provider/keeper/punish_validators_test.go @@ -0,0 +1,136 @@ +package keeper_test + +import ( + "testing" + + sdk "github.com/cosmos/cosmos-sdk/types" + evidencetypes "github.com/cosmos/cosmos-sdk/x/evidence/types" + stakingtypes "github.com/cosmos/cosmos-sdk/x/staking/types" + cryptotestutil "github.com/cosmos/interchain-security/v2/testutil/crypto" + testkeeper "github.com/cosmos/interchain-security/v2/testutil/keeper" + "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" + "github.com/golang/mock/gomock" +) + +func TestJailAndTombstoneValidator(t *testing.T) { + providerConsAddr := cryptotestutil.NewCryptoIdentityFromIntSeed(7842334).ProviderConsAddress() + testCases := []struct { + name string + provAddr types.ProviderConsAddress + expectedCalls func(sdk.Context, testkeeper.MockedKeepers, types.ProviderConsAddress) []*gomock.Call + }{ + { + "unfound validator", + providerConsAddr, + func(ctx sdk.Context, mocks testkeeper.MockedKeepers, + provAddr types.ProviderConsAddress, + ) []*gomock.Call { + return []*gomock.Call{ + // We only expect a single call to GetValidatorByConsAddr. + // Method will return once validator is not found. + mocks.MockStakingKeeper.EXPECT().GetValidatorByConsAddr( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + stakingtypes.Validator{}, false, // false = Not found. + ).Times(1), + } + }, + }, + { + "unbonded validator", + providerConsAddr, + func(ctx sdk.Context, mocks testkeeper.MockedKeepers, + provAddr types.ProviderConsAddress, + ) []*gomock.Call { + return []*gomock.Call{ + // We only expect a single call to GetValidatorByConsAddr. + mocks.MockStakingKeeper.EXPECT().GetValidatorByConsAddr( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + stakingtypes.Validator{Status: stakingtypes.Unbonded}, true, + ).Times(1), + } + }, + }, + { + "tombstoned validator", + providerConsAddr, + func(ctx sdk.Context, mocks testkeeper.MockedKeepers, + provAddr types.ProviderConsAddress, + ) []*gomock.Call { + return []*gomock.Call{ + mocks.MockStakingKeeper.EXPECT().GetValidatorByConsAddr( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + stakingtypes.Validator{}, true, + ).Times(1), + mocks.MockSlashingKeeper.EXPECT().IsTombstoned( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + true, + ).Times(1), + } + }, + }, + { + "jailed validator", + providerConsAddr, + func(ctx sdk.Context, mocks testkeeper.MockedKeepers, + provAddr types.ProviderConsAddress, + ) []*gomock.Call { + return []*gomock.Call{ + mocks.MockStakingKeeper.EXPECT().GetValidatorByConsAddr( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + stakingtypes.Validator{Jailed: true}, true, + ).Times(1), + mocks.MockSlashingKeeper.EXPECT().IsTombstoned( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + false, + ).Times(1), + mocks.MockSlashingKeeper.EXPECT().JailUntil( + ctx, providerConsAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime). + Times(1), + mocks.MockSlashingKeeper.EXPECT().Tombstone( + ctx, providerConsAddr.ToSdkConsAddr()). + Times(1), + } + }, + }, + { + "bonded validator", + providerConsAddr, + func(ctx sdk.Context, mocks testkeeper.MockedKeepers, + provAddr types.ProviderConsAddress, + ) []*gomock.Call { + return []*gomock.Call{ + mocks.MockStakingKeeper.EXPECT().GetValidatorByConsAddr( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + stakingtypes.Validator{Status: stakingtypes.Bonded}, true, + ).Times(1), + mocks.MockSlashingKeeper.EXPECT().IsTombstoned( + ctx, providerConsAddr.ToSdkConsAddr()).Return( + false, + ).Times(1), + mocks.MockStakingKeeper.EXPECT().Jail( + ctx, providerConsAddr.ToSdkConsAddr()). + Times(1), + mocks.MockSlashingKeeper.EXPECT().JailUntil( + ctx, providerConsAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime). + Times(1), + mocks.MockSlashingKeeper.EXPECT().Tombstone( + ctx, providerConsAddr.ToSdkConsAddr()). + Times(1), + } + }, + }, + } + + for _, tc := range testCases { + providerKeeper, ctx, ctrl, mocks := testkeeper.GetProviderKeeperAndCtx( + t, testkeeper.NewInMemKeeperParams(t)) + + // Setup expected mock calls + gomock.InOrder(tc.expectedCalls(ctx, mocks, tc.provAddr)...) + + // Execute method and assert expected mock calls + providerKeeper.JailAndTombstoneValidator(ctx, tc.provAddr) + + ctrl.Finish() + } +} From fc8f97e03c10d6074b76bfd3bcacaa8178f7e6f8 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Fri, 25 Aug 2023 09:45:32 +0200 Subject: [PATCH 24/29] nits --- tests/integration/double_vote.go | 2 +- x/ccv/provider/keeper/double_vote.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index 92b12e978b..c87327311a 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -53,7 +53,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { expPass bool }{ { - "create infraction header using an invalid consumer chain id - shouldn't pass", + "invalid consumer chain id - shouldn't pass", &tmtypes.DuplicateVoteEvidence{ VoteA: vote1, VoteB: badVote, diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 4026b63415..a398c02316 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -59,7 +59,7 @@ func (k Keeper) VerifyDoubleVotingEvidence( if ageDuration > maxAgeDuration { return fmt.Errorf( - "evidence from created at: %v is too old; evidence can not be older than %v", + "evidence created at: %v is too old; evidence can not be older than %v", evidence.Time(), ctx.BlockHeader().Time.Add(maxAgeDuration), ) From f0b44c2f1fd7aa46a8da9b06f9faf2b82c4b9b92 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Fri, 25 Aug 2023 15:56:46 +0200 Subject: [PATCH 25/29] nits --- tests/integration/double_vote.go | 4 ++-- testutil/crypto/evidence.go | 17 +++++++---------- x/ccv/provider/keeper/double_vote_test.go | 10 ++++++---- ...punish_validators.go => punish_validator.go} | 0 ...idators_test.go => punish_validator_test.go} | 0 5 files changed, 15 insertions(+), 16 deletions(-) rename x/ccv/provider/keeper/{punish_validators.go => punish_validator.go} (100%) rename x/ccv/provider/keeper/{punish_validators_test.go => punish_validator_test.go} (100%) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index c87327311a..112671ec67 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -79,7 +79,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { }, { // In order to create an evidence for a consumer chain, - // we create two votes that only differs by their Block IDs and + // we create two votes that only differ by their Block IDs and // signed them using the same validator and chain ID of the consumer chain "valid double voting evidence - should pass", &tmtypes.DuplicateVoteEvidence{ @@ -98,7 +98,7 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) for _, tc := range testCases { - ctx := testutil.SetDefaultConsensusEvidenceParams(s.providerCtx()) + ctx := s.providerCtx().WithConsensusParams(testutil.GetDefaultConsensusEvidenceParams()) s.Run(tc.name, func() { err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( ctx, diff --git a/testutil/crypto/evidence.go b/testutil/crypto/evidence.go index 0c9efe5c6e..544210a218 100644 --- a/testutil/crypto/evidence.go +++ b/testutil/crypto/evidence.go @@ -3,7 +3,6 @@ package crypto import ( "time" - sdk "github.com/cosmos/cosmos-sdk/types" abci "github.com/tendermint/tendermint/abci/types" "github.com/tendermint/tendermint/crypto/tmhash" tmproto "github.com/tendermint/tendermint/proto/tendermint/types" @@ -58,14 +57,12 @@ func MakeAndSignVote( return vote } -func SetDefaultConsensusEvidenceParams(ctx sdk.Context) sdk.Context { - return ctx.WithConsensusParams( - &abci.ConsensusParams{ - Evidence: &tmproto.EvidenceParams{ - MaxAgeNumBlocks: 302400, - MaxAgeDuration: 504 * time.Hour, // 3 weeks is the max duration - MaxBytes: 10000, - }, +func GetDefaultConsensusEvidenceParams() *abci.ConsensusParams { + return &abci.ConsensusParams{ + Evidence: &tmproto.EvidenceParams{ + MaxAgeNumBlocks: 302400, + MaxAgeDuration: 504 * time.Hour, // 3 weeks is the max duration + MaxBytes: 10000, }, - ) + } } diff --git a/x/ccv/provider/keeper/double_vote_test.go b/x/ccv/provider/keeper/double_vote_test.go index 4a1d84b4d0..2d15ed4be6 100644 --- a/x/ccv/provider/keeper/double_vote_test.go +++ b/x/ccv/provider/keeper/double_vote_test.go @@ -16,7 +16,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { keeper, ctx, ctrl, _ := testkeeper.GetProviderKeeperAndCtx(t, testkeeper.NewInMemKeeperParams(t)) defer ctrl.Finish() - chainID := consumer + chainID := "consumer" signer1 := tmtypes.NewMockPV() signer2 := tmtypes.NewMockPV() @@ -30,7 +30,9 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { blockID2 := testutil.MakeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) ctx = ctx.WithBlockTime(time.Now()) - oldTime := ctx.BlockTime().Add(-505 * time.Hour) + oldTime := ctx.BlockTime(). + Add(-testutil.GetDefaultConsensusEvidenceParams().Evidence.MaxAgeDuration). + Add(-1 * time.Hour) valPubkey1, err := tmencoding.PubKeyToProto(val1.PubKey) require.NoError(t, err) @@ -142,7 +144,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { false, }, { - "given chain ID isn't the same that the one used to sign the votes - shouldn't pass", + "given chain ID isn't the same as the one used to sign the votes - shouldn't pass", []*tmtypes.Vote{ testutil.MakeAndSignVote( blockID1, @@ -287,7 +289,7 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { }, } - ctx = testutil.SetDefaultConsensusEvidenceParams(ctx) + ctx = ctx.WithConsensusParams(testutil.GetDefaultConsensusEvidenceParams()) for _, tc := range testCases { err = keeper.VerifyDoubleVotingEvidence( diff --git a/x/ccv/provider/keeper/punish_validators.go b/x/ccv/provider/keeper/punish_validator.go similarity index 100% rename from x/ccv/provider/keeper/punish_validators.go rename to x/ccv/provider/keeper/punish_validator.go diff --git a/x/ccv/provider/keeper/punish_validators_test.go b/x/ccv/provider/keeper/punish_validator_test.go similarity index 100% rename from x/ccv/provider/keeper/punish_validators_test.go rename to x/ccv/provider/keeper/punish_validator_test.go From 18ae1363cffe649d591706cb729d740ce407e5ff Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Fri, 25 Aug 2023 17:57:00 +0200 Subject: [PATCH 26/29] remove tombstoning and evidence age check --- tests/integration/double_vote.go | 15 ++++------ tests/integration/misbehaviour.go | 3 +- testutil/crypto/evidence.go | 12 -------- x/ccv/provider/keeper/double_vote.go | 23 ++++++--------- x/ccv/provider/keeper/double_vote_test.go | 29 ------------------- x/ccv/provider/keeper/misbehaviour.go | 2 +- x/ccv/provider/keeper/punish_validator.go | 13 +++++---- .../provider/keeper/punish_validator_test.go | 10 ++----- 8 files changed, 27 insertions(+), 80 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index 112671ec67..afdd0894a0 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -8,7 +8,7 @@ import ( ) // TestHandleConsumerDoubleVoting verifies that handling a double voting evidence -// of a consumer chain results in the expected jailing and tombstoning of the malicious validator +// of a consumer chain results in the expected jailing of the malicious validator func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { s.SetupCCVChannel(s.path) // required to have the consumer client revision height greater than 0 @@ -98,25 +98,22 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { provAddr := s.providerApp.GetProviderKeeper().GetProviderAddrFromConsumerAddr(s.providerCtx(), s.consumerChain.ChainID, consuAddr) for _, tc := range testCases { - ctx := s.providerCtx().WithConsensusParams(testutil.GetDefaultConsensusEvidenceParams()) s.Run(tc.name, func() { err = s.providerApp.GetProviderKeeper().HandleConsumerDoubleVoting( - ctx, + s.providerCtx(), tc.ev, tc.chainID, ) if tc.expPass { s.Require().NoError(err) - // verifies that the jailing and tombstoning has occurred - s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(ctx, provAddr.ToSdkConsAddr())) - s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(ctx, provAddr.ToSdkConsAddr())) + // verifies that the jailing has occurred + s.Require().True(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) } else { s.Require().Error(err) - // verifies that no jailing and tombstoning has occurred - s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(ctx, provAddr.ToSdkConsAddr())) - s.Require().False(s.providerApp.GetTestSlashingKeeper().IsTombstoned(ctx, provAddr.ToSdkConsAddr())) + // verifies that no jailing and has occurred + s.Require().False(s.providerApp.GetTestStakingKeeper().IsValidatorJailed(s.providerCtx(), provAddr.ToSdkConsAddr())) } }) } diff --git a/tests/integration/misbehaviour.go b/tests/integration/misbehaviour.go index c3b590d5c1..f7cebc84c0 100644 --- a/tests/integration/misbehaviour.go +++ b/tests/integration/misbehaviour.go @@ -11,7 +11,7 @@ import ( ) // TestHandleConsumerMisbehaviour tests that handling a valid misbehaviour, -// with conflicting headers forming an equivocation, results in the jailing and tombstoning of the validators +// with conflicting headers forming an equivocation, results in the jailing of the validators func (s *CCVTestSuite) TestHandleConsumerMisbehaviour() { s.SetupCCVChannel(s.path) // required to have the consumer client revision height greater than 0 @@ -63,7 +63,6 @@ func (s *CCVTestSuite) TestHandleConsumerMisbehaviour() { val, ok := s.providerApp.GetTestStakingKeeper().GetValidatorByConsAddr(s.providerCtx(), provAddr.Address) s.Require().True(ok) s.Require().True(val.Jailed) - s.Require().True(s.providerApp.GetTestSlashingKeeper().IsTombstoned(s.providerCtx(), provAddr.Address)) } } diff --git a/testutil/crypto/evidence.go b/testutil/crypto/evidence.go index 544210a218..050c17331a 100644 --- a/testutil/crypto/evidence.go +++ b/testutil/crypto/evidence.go @@ -3,9 +3,7 @@ package crypto import ( "time" - abci "github.com/tendermint/tendermint/abci/types" "github.com/tendermint/tendermint/crypto/tmhash" - tmproto "github.com/tendermint/tendermint/proto/tendermint/types" tmtypes "github.com/tendermint/tendermint/types" ) @@ -56,13 +54,3 @@ func MakeAndSignVote( vote.Signature = v.Signature return vote } - -func GetDefaultConsensusEvidenceParams() *abci.ConsensusParams { - return &abci.ConsensusParams{ - Evidence: &tmproto.EvidenceParams{ - MaxAgeNumBlocks: 302400, - MaxAgeDuration: 504 * time.Hour, // 3 weeks is the max duration - MaxBytes: 10000, - }, - } -} diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index a398c02316..1f18de8e54 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -14,7 +14,7 @@ import ( ) // HandleConsumerDoubleVoting verifies a double voting evidence for a given a consumer chain and, -// if successful, executes the the jailing and the tombstoning of the malicious validator. +// if successful, executes the jailing and of the malicious validator. func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, chainID string) error { // get the validator's consensus address on the provider providerAddr := k.GetProviderAddrFromConsumerAddr( @@ -34,8 +34,8 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.Du return err } - // execute the jailing and tombstoning - k.JailAndTombstoneValidator(ctx, providerAddr) + // execute the jailing + k.JailValidator(ctx, providerAddr) k.Logger(ctx).Info( "confirmed equivocation", @@ -53,17 +53,12 @@ func (k Keeper) VerifyDoubleVotingEvidence( chainID string, pubkey tmprotocrypto.PublicKey, ) error { - // check evidence age duration - maxAgeDuration := ctx.ConsensusParams().Evidence.MaxAgeDuration - ageDuration := ctx.BlockHeader().Time.Sub(evidence.Time()) - - if ageDuration > maxAgeDuration { - return fmt.Errorf( - "evidence created at: %v is too old; evidence can not be older than %v", - evidence.Time(), - ctx.BlockHeader().Time.Add(maxAgeDuration), - ) - } + + // Note that since we don't slash validators for double signing + // on a consumer chain, we don't need to check the age of the evidence + + // TODO: check the age of the evidence once we integrate + // the slashing to HandleConsumerDoubleVoting // H/R/S must be the same if evidence.VoteA.Height != evidence.VoteB.Height || diff --git a/x/ccv/provider/keeper/double_vote_test.go b/x/ccv/provider/keeper/double_vote_test.go index 2d15ed4be6..9bb789c381 100644 --- a/x/ccv/provider/keeper/double_vote_test.go +++ b/x/ccv/provider/keeper/double_vote_test.go @@ -30,9 +30,6 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { blockID2 := testutil.MakeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) ctx = ctx.WithBlockTime(time.Now()) - oldTime := ctx.BlockTime(). - Add(-testutil.GetDefaultConsensusEvidenceParams().Evidence.MaxAgeDuration). - Add(-1 * time.Hour) valPubkey1, err := tmencoding.PubKeyToProto(val1.PubKey) require.NoError(t, err) @@ -47,30 +44,6 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { pubkey tmprotocrypto.PublicKey expPass bool }{ - { - "evidence is too old - shouldn't pass", - []*tmtypes.Vote{ - testutil.MakeAndSignVote( - blockID1, - ctx.BlockHeight(), - oldTime, - valSet, - signer1, - chainID, - ), - testutil.MakeAndSignVote( - blockID2, - ctx.BlockHeight(), - oldTime, - valSet, - signer1, - chainID, - ), - }, - chainID, - valPubkey1, - false, - }, { "evidence has votes with different block height - shouldn't pass", []*tmtypes.Vote{ @@ -289,8 +262,6 @@ func TestVerifyDoubleVotingEvidence(t *testing.T) { }, } - ctx = ctx.WithConsensusParams(testutil.GetDefaultConsensusEvidenceParams()) - for _, tc := range testCases { err = keeper.VerifyDoubleVotingEvidence( ctx, diff --git a/x/ccv/provider/keeper/misbehaviour.go b/x/ccv/provider/keeper/misbehaviour.go index 675d22c3e0..35d9219324 100644 --- a/x/ccv/provider/keeper/misbehaviour.go +++ b/x/ccv/provider/keeper/misbehaviour.go @@ -41,7 +41,7 @@ func (k Keeper) HandleConsumerMisbehaviour(ctx sdk.Context, misbehaviour ibctmty misbehaviour.Header1.Header.ChainID, types.NewConsumerConsAddress(sdk.ConsAddress(v.Address.Bytes())), ) - k.JailAndTombstoneValidator(ctx, providerAddr) + k.JailValidator(ctx, providerAddr) provAddrs = append(provAddrs, providerAddr) } diff --git a/x/ccv/provider/keeper/punish_validator.go b/x/ccv/provider/keeper/punish_validator.go index 3510483363..95dced731d 100644 --- a/x/ccv/provider/keeper/punish_validator.go +++ b/x/ccv/provider/keeper/punish_validator.go @@ -6,8 +6,11 @@ import ( "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ) -// JailAndTombstoneValidator jails and tombstones the validator for the given validator consensus address -func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.ProviderConsAddress) { +// JailValidator jails the validator for the given validator consensus address +// Note that the tombstoning is temporarily removed until we integrate the slashing +// for consumer double signing and light client attacks, +// see comments https://github.com/cosmos/interchain-security/pull/1232#issuecomment-1693127641. +func (k Keeper) JailValidator(ctx sdk.Context, providerAddr types.ProviderConsAddress) { logger := k.Logger(ctx) // get validator @@ -17,7 +20,7 @@ func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.Pr return } - // check that validator isn't already tombstoned + // check that validator isn't tombstoned if k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { logger.Info("validator is already tombstoned", "provider cons addr", providerAddr.String()) return @@ -30,6 +33,6 @@ func (k Keeper) JailAndTombstoneValidator(ctx sdk.Context, providerAddr types.Pr // update jail time to end after double sign jail duration k.slashingKeeper.JailUntil(ctx, providerAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime) - // tombstone validator - k.slashingKeeper.Tombstone(ctx, providerAddr.ToSdkConsAddr()) + + // TODO: add tombstoning back once we integrate the slashing } diff --git a/x/ccv/provider/keeper/punish_validator_test.go b/x/ccv/provider/keeper/punish_validator_test.go index f768f8ee1b..748b463b8a 100644 --- a/x/ccv/provider/keeper/punish_validator_test.go +++ b/x/ccv/provider/keeper/punish_validator_test.go @@ -12,7 +12,7 @@ import ( "github.com/golang/mock/gomock" ) -func TestJailAndTombstoneValidator(t *testing.T) { +func TestJailValidator(t *testing.T) { providerConsAddr := cryptotestutil.NewCryptoIdentityFromIntSeed(7842334).ProviderConsAddress() testCases := []struct { name string @@ -86,9 +86,6 @@ func TestJailAndTombstoneValidator(t *testing.T) { mocks.MockSlashingKeeper.EXPECT().JailUntil( ctx, providerConsAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime). Times(1), - mocks.MockSlashingKeeper.EXPECT().Tombstone( - ctx, providerConsAddr.ToSdkConsAddr()). - Times(1), } }, }, @@ -113,9 +110,6 @@ func TestJailAndTombstoneValidator(t *testing.T) { mocks.MockSlashingKeeper.EXPECT().JailUntil( ctx, providerConsAddr.ToSdkConsAddr(), evidencetypes.DoubleSignJailEndTime). Times(1), - mocks.MockSlashingKeeper.EXPECT().Tombstone( - ctx, providerConsAddr.ToSdkConsAddr()). - Times(1), } }, }, @@ -129,7 +123,7 @@ func TestJailAndTombstoneValidator(t *testing.T) { gomock.InOrder(tc.expectedCalls(ctx, mocks, tc.provAddr)...) // Execute method and assert expected mock calls - providerKeeper.JailAndTombstoneValidator(ctx, tc.provAddr) + providerKeeper.JailValidator(ctx, tc.provAddr) ctrl.Finish() } From 98dca7edff8678651354da0da4fd8074ed894a87 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Fri, 25 Aug 2023 18:02:05 +0200 Subject: [PATCH 27/29] lint --- x/ccv/provider/keeper/double_vote.go | 1 - 1 file changed, 1 deletion(-) diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 1f18de8e54..e54d1dbe24 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -53,7 +53,6 @@ func (k Keeper) VerifyDoubleVotingEvidence( chainID string, pubkey tmprotocrypto.PublicKey, ) error { - // Note that since we don't slash validators for double signing // on a consumer chain, we don't need to check the age of the evidence From 0ed960d30e422ba307d95a987703342cdc50a4a4 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Fri, 25 Aug 2023 18:35:05 +0200 Subject: [PATCH 28/29] typo --- x/ccv/provider/keeper/double_vote.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index e54d1dbe24..4ee443ea50 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -14,7 +14,7 @@ import ( ) // HandleConsumerDoubleVoting verifies a double voting evidence for a given a consumer chain and, -// if successful, executes the jailing and of the malicious validator. +// if successful, executes the jailing of the malicious validator. func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.DuplicateVoteEvidence, chainID string) error { // get the validator's consensus address on the provider providerAddr := k.GetProviderAddrFromConsumerAddr( From 0a38420c9e9db6a1865dae50f821dbd4b89a3422 Mon Sep 17 00:00:00 2001 From: Simon Noetzlin Date: Mon, 28 Aug 2023 10:15:40 +0200 Subject: [PATCH 29/29] improve godoc --- tests/integration/double_vote.go | 5 ++++- x/ccv/provider/keeper/double_vote.go | 10 +++++----- x/ccv/provider/keeper/punish_validator.go | 10 +++++----- x/ccv/provider/keeper/punish_validator_test.go | 2 ++ 4 files changed, 16 insertions(+), 11 deletions(-) diff --git a/tests/integration/double_vote.go b/tests/integration/double_vote.go index afdd0894a0..04d976ed61 100644 --- a/tests/integration/double_vote.go +++ b/tests/integration/double_vote.go @@ -28,6 +28,8 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { blockID1 := testutil.MakeBlockID([]byte("blockhash"), 1000, []byte("partshash")) blockID2 := testutil.MakeBlockID([]byte("blockhash2"), 1000, []byte("partshash")) + // Note that votes are signed along with the chain ID + // see VoteSignBytes in https://github.com/cometbft/cometbft/blob/main/types/vote.go#L139 vote1 := testutil.MakeAndSignVote( blockID1, s.consumerCtx().BlockHeight(), @@ -80,7 +82,8 @@ func (s *CCVTestSuite) TestHandleConsumerDoubleVoting() { { // In order to create an evidence for a consumer chain, // we create two votes that only differ by their Block IDs and - // signed them using the same validator and chain ID of the consumer chain + // signed them using the same validator private key and chain ID + // of the consumer chain "valid double voting evidence - should pass", &tmtypes.DuplicateVoteEvidence{ VoteA: vote1, diff --git a/x/ccv/provider/keeper/double_vote.go b/x/ccv/provider/keeper/double_vote.go index 4ee443ea50..ee47e233ee 100644 --- a/x/ccv/provider/keeper/double_vote.go +++ b/x/ccv/provider/keeper/double_vote.go @@ -46,18 +46,18 @@ func (k Keeper) HandleConsumerDoubleVoting(ctx sdk.Context, evidence *tmtypes.Du } // VerifyDoubleVotingEvidence verifies a double voting evidence -// for a given chain id and validator public key +// for a given chain id and a validator public key func (k Keeper) VerifyDoubleVotingEvidence( ctx sdk.Context, evidence tmtypes.DuplicateVoteEvidence, chainID string, pubkey tmprotocrypto.PublicKey, ) error { - // Note that since we don't slash validators for double signing - // on a consumer chain, we don't need to check the age of the evidence + // Note that since we're only jailing validators for double voting on a consumer chain, + // the age of the evidence is irrelevant and therefore isn't checked. - // TODO: check the age of the evidence once we integrate - // the slashing to HandleConsumerDoubleVoting + // TODO: check the age of the evidence once we slash + // validators for double voting on a consumer chain // H/R/S must be the same if evidence.VoteA.Height != evidence.VoteB.Height || diff --git a/x/ccv/provider/keeper/punish_validator.go b/x/ccv/provider/keeper/punish_validator.go index 95dced731d..f4648cc641 100644 --- a/x/ccv/provider/keeper/punish_validator.go +++ b/x/ccv/provider/keeper/punish_validator.go @@ -6,10 +6,10 @@ import ( "github.com/cosmos/interchain-security/v2/x/ccv/provider/types" ) -// JailValidator jails the validator for the given validator consensus address -// Note that the tombstoning is temporarily removed until we integrate the slashing -// for consumer double signing and light client attacks, -// see comments https://github.com/cosmos/interchain-security/pull/1232#issuecomment-1693127641. +// JailValidator jails the validator with the given provider consensus address +// Note that the tombstoning is temporarily removed until we slash validator +// for double signing on a consumer chain, see comment +// https://github.com/cosmos/interchain-security/pull/1232#issuecomment-1693127641. func (k Keeper) JailValidator(ctx sdk.Context, providerAddr types.ProviderConsAddress) { logger := k.Logger(ctx) @@ -20,7 +20,7 @@ func (k Keeper) JailValidator(ctx sdk.Context, providerAddr types.ProviderConsAd return } - // check that validator isn't tombstoned + // check that the validator isn't tombstoned if k.slashingKeeper.IsTombstoned(ctx, providerAddr.ToSdkConsAddr()) { logger.Info("validator is already tombstoned", "provider cons addr", providerAddr.String()) return diff --git a/x/ccv/provider/keeper/punish_validator_test.go b/x/ccv/provider/keeper/punish_validator_test.go index 748b463b8a..50da9ae4bb 100644 --- a/x/ccv/provider/keeper/punish_validator_test.go +++ b/x/ccv/provider/keeper/punish_validator_test.go @@ -12,6 +12,8 @@ import ( "github.com/golang/mock/gomock" ) +// TestJailValidator tests that the jailing of a validator is only executed +// under the conditions that the validator is neither unbonded, already jailed, nor tombstoned. func TestJailValidator(t *testing.T) { providerConsAddr := cryptotestutil.NewCryptoIdentityFromIntSeed(7842334).ProviderConsAddress() testCases := []struct {