feat!: add cryptographic equivocation

.changelog/unreleased/features/provider/1340-cryptographic-equivocation-feature.md

@@ -0,0 +1,3 @@
+- Add the cryptographic verification of equivocation feature to the provider
+  (cf. ADR-005 & ADR-013). ([\#1340](https://github.com/cosmos/interchain-
+  security/pull/1340))

.changelog/unreleased/state-breaking/provider/1340-cryptographic-equivocation-feature.md

@@ -0,0 +1,3 @@
+- Add the cryptographic verification of equivocation feature to the provider
+  (cf. ADR-005 & ADR-013). ([\#1340](https://github.com/cosmos/interchain-
+  security/pull/1340))

CHANGELOG.md

@@ -1,5 +1,54 @@
 # CHANGELOG
 
+## [Unreleased for Provider]
+
+Add an entry to the unreleased provider section whenever merging a PR to main that is not targeted at a specific release. These entries will eventually be included in a provider release.
+
+* (feature!) [#1280](https://github.com/cosmos/interchain-security/pull/1280) provider proposal for changing reward denoms
+* (feature!) [#1244](https://github.com/cosmos/interchain-security/pull/1244) Update the default consumer unbonding period to 2 weeks.
+* (deps) [#1259](https://github.com/cosmos/interchain-security/pull/1259) Bump [cosmos-sdk](https://github.com/cosmos/cosmos-sdk) to [v0.47.5](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.5).
+* (deps!) [#1258](https://github.com/cosmos/interchain-security/pull/1258) Bump [ibc-go](https://github.com/cosmos/ibc-go) to [v7.3.0](https://github.com/cosmos/ibc-go/releases/tag/v7.3.0).
+* (deps) [#1258](https://github.com/cosmos/interchain-security/pull/1258) Bump [cosmos-sdk](https://github.com/cosmos/cosmos-sdk) to [v0.47.4](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.4).
+* (deps!) [#1196](https://github.com/cosmos/interchain-security/pull/1196) Bump [ibc-go](https://github.com/cosmos/ibc-go) to [v7.2.0](https://github.com/cosmos/ibc-go/releases/tag/v7.2.0).
+* `[x/ccv/provider]` (fix) [#1076](https://github.com/cosmos/interchain-security/pull/1076) Add `InitTimeoutTimestamps` and `ExportedVscSendTimestamps` to exported genesis.
+* (fix!) [#1422](https://github.com/cosmos/interchain-security/pull/1422) Fix the misbehaviour handling by verifying the signatures of byzantine validators.
+
+## v2.2.0-provider-lsm
+
+### Cryptographic verification of equivocation
+* New feature enabling the provider chain to verify equivocation evidence on its own instead of trusting consumer chains, see [EPIC](https://github.com/cosmos/interchain-security/issues/732).
+
+## [Unreleased for Consumer]
+
+Add an entry to the unreleased consumer section whenever merging a PR to main that is not targeted at a specific release. These entries will eventually be included in a consumer release.
+
+## v3.2.0-consumer
+
+Date September 6th, 2023
+
+A minor version upgrade to the CONSUMER CCV module. This release includes various changes involving throttling v2 functionality, validation, and bumps to deps like cosmos-sdk and ibc-go.
+
+Note:
+
+* This release is ONLY RELEVANT TO CONSUMERS. The most recent provider release is v3.1.0, and will eventually be a release postfixed with `-provider`.
+* this is the first upgrade to the consumer module with a separate semver cycle from the provider module. See [contributing.md](./CONTRIBUTING.md#semantic-versioning) and [associated ADR](docs/docs/adrs/adr-012-separate-releasing.md) for more info.
+
+Changes:
+
+* (feat) [#1295](https://github.com/cosmos/interchain-security/pull/1295) increment consumer consensus version and register consumer packet migration.
+* (fix!) [#1262](https://github.com/cosmos/interchain-security/pull/1262) Remove incorrect address validation on `ProviderFeePoolAddrStr` param.
+* (feature!) [#1244](https://github.com/cosmos/interchain-security/pull/1244) Update the default consumer unbonding period to 2 weeks.
+* (fix!) [#1244](https://github.com/cosmos/interchain-security/pull/1244) Validate token transfer messages before calling `Transfer()`.
+* (deps) [#1259](https://github.com/cosmos/interchain-security/pull/1259) Bump [cosmos-sdk](https://github.com/cosmos/cosmos-sdk) to [v0.47.5](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.5).
+* (deps!) [#1258](https://github.com/cosmos/interchain-security/pull/1258) Bump [ibc-go](https://github.com/cosmos/ibc-go) to [v7.3.0](https://github.com/cosmos/ibc-go/releases/tag/v7.3.0).
+* (deps) [#1258](https://github.com/cosmos/interchain-security/pull/1258) Bump [cosmos-sdk](https://github.com/cosmos/cosmos-sdk) to [v0.47.4](https://github.com/cosmos/cosmos-sdk/releases/tag/v0.47.4).
+* (deps!) [#1196](https://github.com/cosmos/interchain-security/pull/1196) Bump [ibc-go](https://github.com/cosmos/ibc-go) to [v7.2.0](https://github.com/cosmos/ibc-go/releases/tag/v7.2.0).
+* (feat!) [#1024](https://github.com/cosmos/interchain-security/pull/1024) Throttle with retries, consumer changes.  
+* (fix!) [#1150](https://github.com/cosmos/interchain-security/pull/1150) Revert consumer packet data changes from #1037.
+* (fix!) [#1146](https://github.com/cosmos/interchain-security/pull/1146) Proper deletion of pending packets.
+* (feat!) [#1037](https://github.com/cosmos/interchain-security/pull/1037) Optimize pending packets storage on consumer, with migration.
+* (feat) [#1164](https://github.com/cosmos/interchain-security/pull/1164) Introduce the gRPC query `/interchain_security/ccv/consumer/provider-info` and CLI command `interchain-security-cd q ccvconsumer provider-info` to retrieve provider info from the consumer chain.
+
 ## v3.1.0
 
 Date July 11th, 2023

Dockerfile

@@ -29,7 +29,7 @@ RUN go mod tidy
 RUN make install
 
 # Get Hermes build
-FROM ghcr.io/informalsystems/hermes:1.4.1 AS hermes-builder
+FROM otacrew/hermes-ics:evidence-cmd AS hermes-builder
 
 # Get CometMock
 FROM ghcr.io/informalsystems/cometmock:v0.37.x as cometmock-builder

app/provider/app.go

@@ -140,7 +140,6 @@ var (
 				ibcclientclient.UpgradeProposalHandler,
 				ibcproviderclient.ConsumerAdditionProposalHandler,
 				ibcproviderclient.ConsumerRemovalProposalHandler,
-				ibcproviderclient.EquivocationProposalHandler,
 				ibcproviderclient.ChangeRewardDenomsProposalHandler,
 			},
 		),
@@ -404,14 +403,6 @@ func New(
 		scopedIBCKeeper,
 	)
 
-	// create evidence keeper with router
-	app.EvidenceKeeper = *evidencekeeper.NewKeeper(
-		appCodec,
-		keys[evidencetypes.StoreKey],
-		app.StakingKeeper,
-		app.SlashingKeeper,
-	)
-
 	app.ProviderKeeper = ibcproviderkeeper.NewKeeper(
 		appCodec,
 		keys[providertypes.StoreKey],
@@ -424,7 +415,6 @@ func New(
 		app.StakingKeeper,
 		app.SlashingKeeper,
 		app.AccountKeeper,
-		app.EvidenceKeeper,
 		app.DistrKeeper,
 		app.BankKeeper,
 		authtypes.FeeCollectorName,
@@ -477,6 +467,16 @@ func New(
 	ibcRouter.AddRoute(providertypes.ModuleName, providerModule)
 	app.IBCKeeper.SetRouter(ibcRouter)
 
+	// create evidence keeper with router
+	evidenceKeeper := evidencekeeper.NewKeeper(
+		appCodec,
+		keys[evidencetypes.StoreKey],
+		app.StakingKeeper,
+		app.SlashingKeeper,
+	)
+
+	app.EvidenceKeeper = *evidenceKeeper
+
 	skipGenesisInvariants := cast.ToBool(appOpts.Get(crisis.FlagSkipGenesisInvariants))
 
 	// NOTE: Any module instantiated in the module manager that is later modified

docs/docs/features/proposals.md

@@ -74,37 +74,6 @@ Minimal example:
 }
 ```
 
-## `EquivocationProposal`
-:::tip
-`EquivocationProposal` will only be accepted on the provider chain if at least one of the consumer chains submits equivocation evidence to the provider.
-Sending equivocation evidence to the provider is handled automatically by the interchain security protocol when an equivocation infraction is detected on the consumer chain.
-:::
-
-Proposal type used to suggest slashing a validator for double signing on consumer chain.
-When proposals of this type are passed, the validator in question will be slashed for equivocation on the provider chain.
-
-:::warning
-Take note that an equivocation slash causes a validator to be tombstoned (can never re-enter the active set).
-Tombstoning a validator on the provider chain will remove the validator from the validator set of all consumer chains.
-:::
-
-Minimal example:
-```js
-{
-  "title": "Validator-1 double signed on consumerchain-1",
-  "description": "Here is more information about the infraction so you can verify it yourself",
-	// the list of equivocations that will be processed
-  "equivocations": [
-    {
-        "height": 14444680,
-        "time": "2023-02-28T20:40:00.000000Z",
-        "power": 5500000,
-        "consensus_address": "<consensus address ON THE PROVIDER>"
-    }
-  ]
-}
-```
-
 ## ChangeRewardDenomProposal
 :::tip
 `ChangeRewardDenomProposal` will only be accepted on the provider chain if at least one of the denomsToAdd or denomsToRemove fields is populated with at least one denom. Also, a denom cannot be repeated in both sets.
@@ -121,30 +90,3 @@ Minimal example:
   "denomsToRemove": []
 }
 ```
-
-### Notes
-When submitting equivocation evidence through an `EquivocationProposal` please take note that you need to use the consensus address (`valcons`) of the offending validator on the **provider chain**.
-Besides that, the `height` and the `time` fields should be mapped to the **provider chain** to avoid your evidence being rejected.
-
-Before submitting the proposal please check that the evidence is not outdated by comparing the infraction height with the `max_age_duration` and `max_age_num_blocks` consensus parameters of the **provider chain**.
-
-### Gaia example:
-```
-➜  ~ cat genesis.json | jq ".consensus_params"
-{
-  "block": {
-    ...
-  },
-  "evidence": {
-    "max_age_duration": "172800000000000",
-    "max_age_num_blocks": "1000000",
-    "max_bytes": "50000"
-  },
-  "validator": {
-    ...
-  },
-  "version": {}
-}
-```
-
-Any `EquivocationProposal` transactions that submit evidence with `height` older than `max_age_num_blocks` and `time` older than `max_age_duration` will be considered invalid.

docs/docs/features/slashing.md

@@ -20,17 +20,10 @@ Instead of slashing, the provider will only jail offending validator for the dur
 Slash throttling (sometimes called jail throttling) mechanism ensures that only a fraction of the validator set can be jailed at any one time to prevent malicious consumer chains from harming the provider.
 :::
 
-## Double-signing (equivocation)
-infractions are not acted upon immediately.
+# Cryptographic verification of equivocation and slashing
+The Cryptographic verification of equivocation allows external agents to submit evidences of light client and double signing attacks observed on a consumer chain. When valid evidence is received, the malicious validators will be slashed, jailed, and tombstoned on the provider.
 
-Upon receiving double signing evidence, the provider chain will take note of the evidence and allow for `EquivocationProposal` to be submitted to slash the offending validator.
-Any `EquivocationProposal`s to slash a validator that has not double signed on any of the consumer chains will be automatically rejected by the provider chain.
+The feature is outlined in [ADR-005](../adrs/adr-005-cryptographic-equivocation-verification.md) and [ADR-013](../adrs/adr-013-equivocation-slashing.md).
 
-:::info
-The offending validator will only be slashed (and tombstoned) if an `EquivocationProposal` is accepted and passed through governance.
-
-The offending validator will effectively get slashed and tombstoned on all consumer chains.
-:::
-
-<!-- markdown-link-check-disable-next-line -->
-You can find instructions on creating `EquivocationProposal`s [here](./proposals#equivocationproposal).
+By sending a `MsgSubmitConsumerMisbehaviour` or a `MsgSubmitConsumerDoubleVoting` transaction, the provider will
+ verify the reported equivocation and, if successful, slash, jail, and tombstone the malicious validator.

docs/docs/introduction/overview.md

@@ -30,10 +30,6 @@ To ensure the security of the consumer chain, provider delegators cannot unbond
 
 If downtime is initiated by a validator on a consumer chain, a downtime packet will be relayed to the provider to jail that validator for a set amount of time. The validator who committed downtime will then miss out on staking rewards for the configured jailing period.
 
-### Equivocation (Double Sign) Slashing
-
-Evidence of equivocation must be submitted to provider governance and be voted on. This behavior is an extra safeguard before a validator is slashed, and may be replaced by a more automated system in the future.
-
 ### Tokenomics and Rewards
 
 Consumer chains are free to create their own native token which can be used for fees, and can be created on the consumer chain in the form of inflationary rewards. These rewards can be used to incentivize user behavior, for example, LPing or staking. A portion of these fees and rewards will be sent to provider chain stakers, but that proportion is completely customizable by the developers, and subject to governance.

docs/docs/validators/overview.md

@@ -91,7 +91,7 @@ More information is available in [Downtime Slashing documentation](../features/s
 :::
 
 ## Double-signing Infractions
-To learn more about equivocation handling in replicated security check out the [Slashing](../features/slashing.md#double-signing-equivocation) and [EquivocationProposal](../features/proposals.md#equivocationproposal) documentation sections
+To learn more about equivocation handling in replicated security check out the [Slashing](../features/slashing.md) documentation section.
 
 ## Key assignment
 Validators can use different consensus keys on the provider and each of the consumer chains. The consumer chain consensus key must be registered on the provider before use.

proto/interchain_security/ccv/provider/v1/provider.proto

@@ -106,10 +106,13 @@ message ConsumerRemovalProposal {
 // punish a validator for equivocation on a consumer chain.
 // 
 // This type is only used internally to the consumer CCV module.  
+// WARNING: This message is deprecated now that equivocations can be submitted
+// and verified automatically on the provider. (see SubmitConsumerDoubleVoting in proto/interchain-security/ccv/provider/v1/tx.proto).
 message EquivocationProposal {
+  option deprecated = true;
   // the title of the proposal
   string title = 1;
-  // the description of the proposal
+// the description of the proposal
   string description = 2;
   // the list of equivocations that will be processed
   repeated cosmos.evidence.v1beta1.Equivocation equivocations = 3;

proto/interchain_security/ccv/provider/v1/tx.proto

@@ -4,11 +4,17 @@ package interchain_security.ccv.provider.v1;
 option go_package = "github.com/cosmos/interchain-security/v3/x/ccv/provider/types";
 
 import "gogoproto/gogo.proto";
+import "cosmos_proto/cosmos.proto";
+import "google/protobuf/any.proto";
+import "ibc/lightclients/tendermint/v1/tendermint.proto";
+import "tendermint/types/evidence.proto";
+
 
 // Msg defines the Msg service.
 service Msg {
-  rpc AssignConsumerKey(MsgAssignConsumerKey)
-      returns (MsgAssignConsumerKeyResponse);
+  rpc AssignConsumerKey(MsgAssignConsumerKey) returns (MsgAssignConsumerKeyResponse);
+  rpc SubmitConsumerMisbehaviour(MsgSubmitConsumerMisbehaviour) returns (MsgSubmitConsumerMisbehaviourResponse);
+  rpc SubmitConsumerDoubleVoting(MsgSubmitConsumerDoubleVoting) returns (MsgSubmitConsumerDoubleVotingResponse);
 }
 
 message MsgAssignConsumerKey {
@@ -25,3 +31,33 @@ message MsgAssignConsumerKey {
 }
 
 message MsgAssignConsumerKeyResponse {}
+
+
+// MsgSubmitConsumerMisbehaviour defines a message that reports a light client attack,
+// also known as a misbehaviour, observed on a consumer chain
+message MsgSubmitConsumerMisbehaviour {
+  option (gogoproto.equal) = false;
+  option (gogoproto.goproto_getters) = false;
+  string submitter = 1;
+  // The Misbehaviour of the consumer chain wrapping 
+  // two conflicting IBC headers 
+  ibc.lightclients.tendermint.v1.Misbehaviour misbehaviour = 2;
+}
+
+message MsgSubmitConsumerMisbehaviourResponse {}
+
+
+// MsgSubmitConsumerDoubleVoting defines a message that reports 
+// a double signing infraction observed on a consumer chain
+message MsgSubmitConsumerDoubleVoting {
+  option (gogoproto.equal) = false;
+  option (gogoproto.goproto_getters) = false;
+  string submitter = 1;
+  // The equivocation of the consumer chain wrapping 
+  // an evidence of a validator that signed two conflicting votes
+  tendermint.types.DuplicateVoteEvidence duplicate_vote_evidence = 2;
+  // The light client header of the infraction block
+  ibc.lightclients.tendermint.v1.Header infraction_block_header = 3;
+}
+
+message MsgSubmitConsumerDoubleVotingResponse {}

tests/e2e/action_rapid_test.go

@@ -66,7 +66,6 @@ func GetActionGen() *rapid.Generator[any] {
 		GetSubmitConsumerAdditionProposalActionGen().AsAny(),
 		GetSubmitConsumerRemovalProposalActionGen().AsAny(),
 		GetSubmitParamChangeProposalActionGen().AsAny(),
-		GetSubmitEquivocationProposalActionGen().AsAny(),
 		GetVoteGovProposalActionGen().AsAny(),
 		GetStartConsumerChainActionGen().AsAny(),
 		GetAddChainToRelayerActionGen().AsAny(),
@@ -91,6 +90,9 @@ func GetActionGen() *rapid.Generator[any] {
 		CreateLightClientEquivocationAttackActionGen().AsAny(),
 		CreateLightClientAmnesiaAttackActionGen().AsAny(),
 		CreateLightClientLunaticAttackActionGen().AsAny(),
+		GetStartConsumerEvidenceDetectorActionGen().AsAny(),
+		GetForkConsumerChainActionGen().AsAny(),
+		GetUpdateLightClientActionGen().AsAny(),
 	)
 }
 
@@ -209,7 +211,7 @@ func GetStartChainActionGen() *rapid.Generator[StartChainAction] {
 			Chain:          GetChainIDGen().Draw(t, "Chain"),
 			Validators:     GetStartChainValidatorsGen().Draw(t, "Validators"),
 			GenesisChanges: rapid.String().Draw(t, "GenesisChanges"),
-			SkipGentx:      rapid.Bool().Draw(t, "SkipGentx"),
+			IsConsumer:     rapid.Bool().Draw(t, "IsConsumer"),
 		}
 	})
 }
@@ -280,19 +282,6 @@ func GetSubmitParamChangeProposalActionGen() *rapid.Generator[submitParamChangeL
 	})
 }
 
-func GetSubmitEquivocationProposalActionGen() *rapid.Generator[submitEquivocationProposalAction] {
-	return rapid.Custom(func(t *rapid.T) submitEquivocationProposalAction {
-		return submitEquivocationProposalAction{
-			Chain:   GetChainIDGen().Draw(t, "Chain"),
-			From:    GetValidatorIDGen().Draw(t, "From"),
-			Deposit: rapid.Uint().Draw(t, "Deposit"),
-			Height:  rapid.Int64().Draw(t, "Height"),
-			Time:    GetTimeGen().Draw(t, "Time"),
-			Power:   rapid.Int64().Draw(t, "Power"),
-		}
-	})
-}
-
 func TestMarshalAndUnmarshalTime(t *testing.T) {
 	rapid.Check(t, func(t *rapid.T) {
 		time1 := GetTimeGen().Draw(t, "time")
@@ -506,3 +495,33 @@ func GetWaitTimeAction() *rapid.Generator[waitTimeAction] {
 		}
 	})
 }
+
+func GetForkConsumerChainActionGen() *rapid.Generator[forkConsumerChainAction] {
+	return rapid.Custom(func(t *rapid.T) forkConsumerChainAction {
+		return forkConsumerChainAction{
+			ConsumerChain: GetChainIDGen().Draw(t, "ConsumerChain"),
+			ProviderChain: GetChainIDGen().Draw(t, "ProviderChain"),
+			Validator:     GetValidatorIDGen().Draw(t, "Validator"),
+			RelayerConfig: rapid.String().Draw(t, "RelayerConfig"),
+		}
+	})
+}
+
+func GetStartConsumerEvidenceDetectorActionGen() *rapid.Generator[startConsumerEvidenceDetectorAction] {
+	return rapid.Custom(func(t *rapid.T) startConsumerEvidenceDetectorAction {
+		return startConsumerEvidenceDetectorAction{
+			Chain: GetChainIDGen().Draw(t, "Chain"),
+		}
+	})
+}
+
+func GetUpdateLightClientActionGen() *rapid.Generator[updateLightClientAction] {
+	return rapid.Custom(func(t *rapid.T) updateLightClientAction {
+		return updateLightClientAction{
+			Chain:         GetChainIDGen().Draw(t, "Chain"),
+			HostChain:     GetChainIDGen().Draw(t, "HostChain"),
+			RelayerConfig: rapid.String().Draw(t, "RelayerConfig"),
+			ClientID:      rapid.String().Draw(t, "ClientID"),
+		}
+	})
+}