Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

F/slashing #126

Merged
merged 50 commits into from
Oct 4, 2023
Merged

F/slashing #126

merged 50 commits into from
Oct 4, 2023

Conversation

maurolacy
Copy link
Collaborator

@maurolacy maurolacy commented Sep 19, 2023
edited
Loading

Closes #11. WIP. Publishing as draft for review / feedback.

TODO:

  • Cross slashing spec.
  • Cross slashing routing.
  • Validator tombstoning during slashing.
  • Slash users associated to validator.
  • Cross slashing propagation. Maintain mesh security invariants:
    • Total slashable amounts.
    • Liens.
  • Document slashing in detail. Scenarios / examples. (Slashing docs rewrite #127)
  • Slashing related messages / handlers. (Slashing-related messages #128)
    • burn. Like unstake but without releasing funds.
    • slash_adjust. For smart contracts accounting, but no blockchain calls (funds already slashed at blockchain level). (wip)
    • slashing of the (unreleased) unbonding claims.
  • Native slashing propagation. Similar to cross-slashing. (Native slashing accounting #129)
  • Scenario tests.
  • Integration / multi-contract tests.

@maurolacy maurolacy added this to the TODO V1 milestone Sep 19, 2023
@maurolacy maurolacy self-assigned this Sep 19, 2023
uint
uint reviewed Sep 20, 2023
View reviewed changes
Copy link
Contributor

@uint uint left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can't comment on the business logic/design part of this, but I looked through the code and it looks fine!

contracts/consumer/converter/src/contract.rs Outdated Show resolved Hide resolved
@maurolacy maurolacy force-pushed the f/slashing branch 3 times, most recently from 4c1c418 to 8803670 Compare September 24, 2023 09:35
@maurolacy maurolacy mentioned this pull request Sep 25, 2023
Closed
2 tasks
@maurolacy maurolacy force-pushed the f/slashing branch 4 times, most recently from d4c95f5 to 4a7bffb Compare September 27, 2023 09:53
@maurolacy maurolacy marked this pull request as ready for review September 27, 2023 09:54
@maurolacy
Copy link
Collaborator Author

maurolacy commented Sep 27, 2023
edited
Loading

OK, that took a while, but I think we now have a correct slashing implementation, at the (vault's) accounting level. Both for slashing and slashing propagation.

Just set this as ready for review. Please take a look!

#127 is also relevant, for the general overview of the process, and testing scenario definitions.

@maurolacy maurolacy force-pushed the f/slashing branch 2 times, most recently from 5e7e334 to 15ac523 Compare September 28, 2023 07:37
@maurolacy
Refactor slashing tests to use helpers
21fe609
@maurolacy
Add slashing propagation slashing test (scenario 4)
ea9e087
@maurolacy
Make slashing percentage configurable
0c48ccc
@maurolacy
Add (failing) (modified) scenario 5
de61454
@maurolacy
Fix: don't always slash native stake
aa7e3e7
@maurolacy
Fix: (failing) scenario 5 native stake after slashing
6785cf1
@maurolacy
Add slashing propagation for total slashable invariance breaking
4e5912b
@maurolacy
Fix: Add rounding down
14f6ae8
@maurolacy
Add TODO / remove FIXME
c94b627
@maurolacy
Add no native staking slashing test
efed295
@maurolacy
Add ensure_authorized helper
caf5b11
@maurolacy
Fix rebase error
c345ff5
@maurolacy
Revert "Add cross slashing spec"
093be5d 
This reverts commit fef8045.
@maurolacy
Revert "Cross slashing event routing"
fc5e812 
This reverts commit 7b55125.
@maurolacy
Revert "Add IBC handler on the Provider"
dea63cc 
This reverts commit 1a82b8c.
@maurolacy
Fix typo
95b01c1
@maurolacy
Add TODO
81f6b58
@maurolacy
Handle slashing as part of validator tombstoning
4e1dc25
@maurolacy
Adapt external-staking test methods
d0a2b33
@maurolacy
Adapt vault slashing tests
15e8f44
JakeHartnell
JakeHartnell approved these changes Oct 3, 2023
View reviewed changes
Copy link
Collaborator

@JakeHartnell JakeHartnell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Looking forward to this coming together. 🥳

@maurolacy
Copy link
Collaborator Author

k, merging due to popular demand. ;-) I understand this is something that can be used for integration tests, etc.

Still, I would very much like a review here, even post-merge.

@maurolacy maurolacy merged commit da31de2 into main Oct 4, 2023
2 checks passed
uint
uint reviewed Oct 4, 2023
View reviewed changes
Copy link
Contributor

@uint uint left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM as far as I can tell, but I still don't understand this fully.

contracts/provider/vault/src/msg.rs Show resolved Hide resolved
contracts/provider/external-staking/src/ibc.rs
end_time: _end_time,
} in to_remove
{
// Check that the validator is active at height and slash it if that is the case
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure I understand this. It looks like virtual-staking informs external-staking that the validator has been tombstoned, but this triggers a slashing event for users staking on that validator?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, both tombstoning and jailing always imply slashing.

uint
uint reviewed Oct 4, 2023
View reviewed changes
contracts/provider/external-staking/src/contract.rs
/// Slashes a validator.
///
/// In test code, this is called from `test_handle_slashing`.
/// In non-test code, this is being called from `ibc_packet_receive` (in the `ConsumerPacket::RemoveValidators`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm probably missing something, but should user slashing not get triggered when a validator itself is slashed?

Copy link
Collaborator Author

@maurolacy maurolacy Oct 5, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's no specific slashing event. As mentioned, slashing is part of validator tombstone, because of double signing; or of validator jailing, because of being offline.

@maurolacy maurolacy deleted the f/slashing branch October 5, 2023 17:30
@maurolacy maurolacy mentioned this pull request Oct 19, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@uint uint uint left review comments

@JakeHartnell JakeHartnell JakeHartnell approved these changes

@alpe alpe Awaiting requested review from alpe

@ethanfrey ethanfrey Awaiting requested review from ethanfrey

@hashedone hashedone Awaiting requested review from hashedone

@jawoznia jawoznia Awaiting requested review from jawoznia

Assignees

@maurolacy maurolacy

Labels
None yet
Projects
None yet
Milestone
TODO V1
Development

Successfully merging this pull request may close these issues.

Implement Slashing
3 participants
@maurolacy @uint @JakeHartnell