Merge pull request #2145 from subspace/refactor_verification

Refactor: Move fraud proof utils and verification to `sp-domains-fraud-proof`

crates/pallet-domains/src/lib.rs

@@ -46,19 +46,19 @@ pub use pallet::*;
 use scale_info::TypeInfo;
 use sp_core::H256;
 use sp_domains::bundle_producer_election::{is_below_threshold, BundleProducerElectionParams};
-use sp_domains::fraud_proof::{FraudProof, InvalidDomainBlockHashProof, InvalidTotalRewardsProof};
-use sp_domains::verification::verify_invalid_total_rewards_fraud_proof;
 use sp_domains::{
     DomainBlockLimit, DomainId, DomainInstanceData, ExecutionReceipt, OpaqueBundle, OperatorId,
     OperatorPublicKey, ProofOfElection, ReceiptHash, RuntimeId,
     DOMAIN_EXTRINSICS_SHUFFLING_SEED_SUBJECT, EMPTY_EXTRINSIC_ROOT,
 };
-use sp_domains_fraud_proof::fraud_proof_runtime_interface::get_fraud_proof_verification_info;
+use sp_domains_fraud_proof::fraud_proof::{
+    FraudProof, InvalidDomainBlockHashProof, InvalidTotalRewardsProof,
+};
 use sp_domains_fraud_proof::verification::{
     verify_invalid_domain_block_hash_fraud_proof,
     verify_invalid_domain_extrinsics_root_fraud_proof, verify_invalid_state_transition_fraud_proof,
+    verify_invalid_total_rewards_fraud_proof,
 };
-use sp_domains_fraud_proof::FraudProofVerificationInfoRequest;
 use sp_runtime::traits::{BlakeTwo256, CheckedSub, Hash, Header, One, Zero};
 use sp_runtime::{RuntimeAppPublic, SaturatedConversion, Saturating};
 use sp_std::boxed::Box;
@@ -151,12 +151,12 @@ mod pallet {
     use frame_support::{Identity, PalletError};
     use frame_system::pallet_prelude::*;
     use sp_core::H256;
-    use sp_domains::fraud_proof::FraudProof;
-    use sp_domains::transaction::InvalidTransactionCode;
     use sp_domains::{
         BundleDigest, DomainId, EpochIndex, GenesisDomain, OperatorAllowList, OperatorId,
         ReceiptHash, RuntimeId, RuntimeType,
     };
+    use sp_domains_fraud_proof::fraud_proof::FraudProof;
+    use sp_domains_fraud_proof::transaction::InvalidTransactionCode;
     use sp_runtime::traits::{
         AtLeast32BitUnsigned, BlockNumberProvider, CheckEqual, CheckedAdd, Header as HeaderT,
         MaybeDisplay, One, SimpleBitOps, Zero,
@@ -597,29 +597,23 @@ mod pallet {
 
     #[derive(TypeInfo, Encode, Decode, PalletError, Debug, PartialEq)]
     pub enum FraudProofError {
-        /// The targetted bad receipt not found which may already pruned by other
+        /// The targeted bad receipt not found which may already pruned by other
         /// fraud proof or the fraud proof is submitted to the wrong fork.
         BadReceiptNotFound,
         /// The genesis receipt is unchallengeable.
         ChallengingGenesisReceipt,
         /// The descendants of the fraudulent ER is not pruned
         DescendantsOfFraudulentERNotPruned,
         /// Invalid fraud proof since total rewards are not mismatched.
-        InvalidTotalRewardsFraudProof(sp_domains::verification::VerificationError),
+        InvalidTotalRewardsFraudProof,
         /// Invalid domain block hash fraud proof.
-        InvalidDomainBlockHashFraudProof(sp_domains::verification::VerificationError),
+        InvalidDomainBlockHashFraudProof,
         /// Invalid domain extrinsic fraud proof
-        InvalidExtrinsicRootFraudProof(sp_domains::verification::VerificationError),
+        InvalidExtrinsicRootFraudProof,
         /// Invalid state transition fraud proof
         InvalidStateTransitionFraudProof,
-        /// Failed to get block randomness.
-        FailedToGetBlockRandomness,
-        /// Failed to get domain timestamp extrinsic.
-        FailedToGetDomainTimestampExtrinsic,
         /// Parent receipt not found.
         ParentReceiptNotFound,
-        /// Failed to get domain set code extrinsic.
-        FailedToGetDomainSetCodeExtrinsic,
     }
 
     impl<T> From<FraudProofError> for Error<T> {
@@ -1543,9 +1537,15 @@ impl<T: Config> Pallet<T> {
                     DomainBlockNumberFor<T>,
                     T::DomainHash,
                     BalanceOf<T>,
-                    T::Hashing,
+                    DomainHashingFor<T>,
                 >(bad_receipt, storage_proof)
-                .map_err(FraudProofError::InvalidTotalRewardsFraudProof)?;
+                .map_err(|err| {
+                    log::error!(
+                        target: "runtime::domains",
+                        "Total rewards proof verification failed: {err:?}"
+                    );
+                    FraudProofError::InvalidTotalRewardsFraudProof
+                })?;
             }
             FraudProof::InvalidDomainBlockHash(InvalidDomainBlockHashProof {
                 digest_storage_proof,
@@ -1564,46 +1564,30 @@ impl<T: Config> Pallet<T> {
                     digest_storage_proof.clone(),
                     parent_receipt.domain_block_hash,
                 )
-                .map_err(FraudProofError::InvalidDomainBlockHashFraudProof)?;
+                .map_err(|err| {
+                    log::error!(
+                        target: "runtime::domains",
+                        "Invalid Domain block hash proof verification failed: {err:?}"
+                    );
+                    FraudProofError::InvalidDomainBlockHashFraudProof
+                })?;
             }
             FraudProof::InvalidExtrinsicsRoot(proof) => {
-                let consensus_block_hash = bad_receipt.consensus_block_hash;
-                let block_randomness = get_fraud_proof_verification_info(
-                    H256::from_slice(consensus_block_hash.as_ref()),
-                    FraudProofVerificationInfoRequest::BlockRandomness,
-                )
-                .and_then(|resp| resp.into_block_randomness())
-                .ok_or(FraudProofError::FailedToGetBlockRandomness)?;
-
-                let domain_timestamp_extrinsic = get_fraud_proof_verification_info(
-                    H256::from_slice(consensus_block_hash.as_ref()),
-                    FraudProofVerificationInfoRequest::DomainTimestampExtrinsic(proof.domain_id),
-                )
-                .and_then(|resp| resp.into_domain_timestamp_extrinsic())
-                .ok_or(FraudProofError::FailedToGetDomainTimestampExtrinsic)?;
-
-                let maybe_domain_set_code_extrinsic = get_fraud_proof_verification_info(
-                    H256::from_slice(consensus_block_hash.as_ref()),
-                    FraudProofVerificationInfoRequest::DomainSetCodeExtrinsic(proof.domain_id),
-                )
-                .map(|resp| resp.into_domain_set_code_extrinsic())
-                .ok_or(FraudProofError::FailedToGetDomainSetCodeExtrinsic)?;
-
                 verify_invalid_domain_extrinsics_root_fraud_proof::<
                     T::Block,
                     DomainBlockNumberFor<T>,
                     T::DomainHash,
                     BalanceOf<T>,
                     T::Hashing,
                     DomainHashingFor<T>,
-                >(
-                    bad_receipt,
-                    proof,
-                    block_randomness,
-                    domain_timestamp_extrinsic,
-                    maybe_domain_set_code_extrinsic,
-                )
-                .map_err(FraudProofError::InvalidExtrinsicRootFraudProof)?;
+                >(bad_receipt, proof)
+                .map_err(|err| {
+                    log::error!(
+                        target: "runtime::domains",
+                        "Invalid Domain extrinsic root proof verification failed: {err:?}"
+                    );
+                    FraudProofError::InvalidExtrinsicRootFraudProof
+                })?;
             }
             FraudProof::InvalidStateTransition(proof) => {
                 let bad_receipt_parent =
@@ -1616,7 +1600,13 @@ impl<T: Config> Pallet<T> {
                     T::DomainHeader,
                     BalanceOf<T>,
                 >(bad_receipt, bad_receipt_parent, proof)
-                .map_err(|_| FraudProofError::InvalidStateTransitionFraudProof)?;
+                .map_err(|err| {
+                    log::error!(
+                        target: "runtime::domains",
+                        "Invalid State transition proof verification failed: {err:?}"
+                    );
+                    FraudProofError::InvalidStateTransitionFraudProof
+                })?;
             }
             _ => {}
         }

crates/pallet-domains/src/tests.rs

@@ -17,17 +17,17 @@ use scale_info::TypeInfo;
 use sp_core::crypto::Pair;
 use sp_core::storage::{StateVersion, StorageKey};
 use sp_core::{Get, H256, U256};
-use sp_domains::fraud_proof::{
-    ExtrinsicDigest, FraudProof, InvalidDomainBlockHashProof, InvalidExtrinsicsRootProof,
-    InvalidTotalRewardsProof, ValidBundleDigest,
-};
 use sp_domains::merkle_tree::MerkleTree;
 use sp_domains::storage::RawGenesis;
 use sp_domains::{
     BundleHeader, DomainId, DomainsHoldIdentifier, ExecutionReceipt, InboxedBundle, OpaqueBundle,
     OperatorAllowList, OperatorId, OperatorPair, ProofOfElection, ReceiptHash, RuntimeType,
     SealedBundleHeader, StakingHoldIdentifier,
 };
+use sp_domains_fraud_proof::fraud_proof::{
+    ExtrinsicDigest, FraudProof, InvalidDomainBlockHashProof, InvalidExtrinsicsRootProof,
+    InvalidTotalRewardsProof, ValidBundleDigest,
+};
 use sp_domains_fraud_proof::{
     FraudProofExtension, FraudProofHostFunctions, FraudProofVerificationInfoRequest,
     FraudProofVerificationInfoResponse, SetCodeExtrinsic,
@@ -866,7 +866,7 @@ fn generate_invalid_total_rewards_fraud_proof<T: Config>(
     bad_receipt_hash: ReceiptHash,
     rewards: BalanceOf<T>,
 ) -> (FraudProof<BlockNumberFor<T>, T::Hash>, T::Hash) {
-    let storage_key = sp_domains::fraud_proof::operator_block_rewards_final_key();
+    let storage_key = sp_domains_fraud_proof::fraud_proof::operator_block_rewards_final_key();
     let mut root = T::Hash::default();
     let mut mdb = PrefixedMemoryDB::<T::Hashing>::default();
     {
@@ -1001,7 +1001,7 @@ fn test_invalid_domain_block_hash_fraud_proof() {
 fn generate_invalid_domain_block_hash_fraud_proof<T: Config>(
     digest: Digest,
 ) -> (T::Hash, StorageProof) {
-    let digest_storage_key = sp_domains::fraud_proof::system_digest_final_key();
+    let digest_storage_key = sp_domains_fraud_proof::fraud_proof::system_digest_final_key();
     let mut root = T::Hash::default();
     let mut mdb = PrefixedMemoryDB::<T::Hashing>::default();
     {

crates/sp-domains-fraud-proof/Cargo.toml

@@ -12,13 +12,17 @@ include = [
 
 [dependencies]
 codec = { package = "parity-scale-codec", version = "3.6.5", default-features = false, features = ["derive"] }
+domain-runtime-primitives = { version = "0.1.0", default-features = false, path = "../../domains/primitives/runtime" }
+frame-support = { version = "4.0.0-dev", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
 hash-db = { version = "0.16.0", default-features = false }
 scale-info = { version = "2.7.0", default-features = false, features = ["derive"] }
 domain-block-preprocessor = { version = "0.1.0", default-features = false, path = "../../domains/client/block-preprocessor", optional = true }
 sc-executor = { version = "0.10.0-dev", git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1", default-features = false, optional = true }
 sp-api = { version = "4.0.0-dev", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
 sp-blockchain = { version = "4.0.0-dev", git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1", optional = true }
+sp-consensus-slots = { version = "0.10.0-dev", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
 sp-core = { version = "21.0.0", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
+sp-domain-digests = { version = "0.1.0", default-features = false, path = "../../domains/primitives/digests" }
 sp-domains = { version = "0.1.0", default-features = false, path = "../sp-domains" }
 sp-externalities = { version = "0.19.0", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
 sp-runtime = { version = "24.0.0", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
@@ -27,19 +31,25 @@ sp-state-machine = { version = "0.28.0", optional = true, git = "https://github.
 sp-std = { version = "8.0.0", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
 sp-trie = { version = "22.0.0", default-features = false, git = "https://github.com/subspace/polkadot-sdk", rev = "892bf8e938c6bd2b893d3827d1093cd81baa59a1" }
 subspace-core-primitives = { version = "0.1.0", default-features = false, path = "../subspace-core-primitives" }
+subspace-runtime-primitives = { version = "0.1.0", default-features = false, path = "../subspace-runtime-primitives" }
 trie-db = { version = "0.28.0", default-features = false }
+thiserror = { version = "1.0.48", optional = true }
 
 [features]
 default = ["std"]
 std = [
     "codec/std",
+    "domain-runtime-primitives/std",
+    "frame-support/std",
     "hash-db/std",
     "scale-info/std",
     "domain-block-preprocessor",
     "sc-executor",
     "sp-api/std",
     "sp-blockchain",
+    "sp-consensus-slots/std",
     "sp-core/std",
+    "sp-domain-digests/std",
     "sp-domains/std",
     "sp-externalities/std",
     "sp-runtime/std",
@@ -48,6 +58,8 @@ std = [
     "sp-state-machine/std",
     "sp-trie/std",
     "subspace-core-primitives/std",
-    "trie-db/std"
+    "subspace-runtime-primitives/std",
+    "trie-db/std",
+    "thiserror",
 ]
 runtime-benchmarks = []