From 3b039e9fa584d2caad3425de413507e7c60cb7cd Mon Sep 17 00:00:00 2001 From: teor Date: Mon, 9 Dec 2024 17:00:56 +1000 Subject: [PATCH 1/2] Fix typos --- crates/pallet-domains/src/block_tree.rs | 2 +- crates/pallet-domains/src/tests.rs | 2 +- crates/sp-domains-fraud-proof/src/fraud_proof.rs | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crates/pallet-domains/src/block_tree.rs b/crates/pallet-domains/src/block_tree.rs index 02dbe764d3..6c0294c21f 100644 --- a/crates/pallet-domains/src/block_tree.rs +++ b/crates/pallet-domains/src/block_tree.rs @@ -598,7 +598,7 @@ pub(crate) fn prune_receipt( // If the pruned ER is the operator's `latest_submitted_er` for this domain, it means either: // // - All the ER the operator submitted for this domain are confirmed and pruned, so the operator - // can't be targetted by fraud proof later unless it submit other new ERs. + // can't be targeted by fraud proof later unless it submit other new ERs. // // - All the bad ER the operator submitted for this domain are pruned and the operator is already // slashed, so wwe don't need `LatestSubmittedER` to determine if the operator is pending slash. diff --git a/crates/pallet-domains/src/tests.rs b/crates/pallet-domains/src/tests.rs index 1a691b70f4..2459685bd7 100644 --- a/crates/pallet-domains/src/tests.rs +++ b/crates/pallet-domains/src/tests.rs @@ -777,7 +777,7 @@ fn test_basic_fraud_proof_processing() { for block_number in bad_receipt_at..=head_domain_number { if block_number == bad_receipt_at { - // The targetted ER should be removed from the block tree + // The targeted ER should be removed from the block tree assert!(BlockTree::::get(domain_id, block_number).is_none()); } else { // All the bad ER's descendants should be marked as pending to prune and the submitter diff --git a/crates/sp-domains-fraud-proof/src/fraud_proof.rs b/crates/sp-domains-fraud-proof/src/fraud_proof.rs index eb7a397e14..646d0e7fe7 100644 --- a/crates/sp-domains-fraud-proof/src/fraud_proof.rs +++ b/crates/sp-domains-fraud-proof/src/fraud_proof.rs @@ -320,13 +320,13 @@ pub struct FraudProof { pub domain_id: DomainId, /// Hash of the bad receipt this fraud proof targeted pub bad_receipt_hash: HeaderHashFor, - /// The MMR proof for the consensus state root that used to verify the storage proof + /// The MMR proof for the consensus state root that is used to verify the storage proof /// - /// It is set `None` if the specific fraud proof variant doesn't contains storage proof + /// It is set `None` if the specific fraud proof variant doesn't contain a storage proof pub maybe_mmr_proof: Option>, /// The domain runtime code storage proof /// - /// It is set `None` if the specific fraud proof variant doesn't required domain runtime code + /// It is set `None` if the specific fraud proof variant doesn't require domain runtime code /// or the required domain runtime code is available from the current runtime state. pub maybe_domain_runtime_code_proof: Option>, /// The specific fraud proof variant @@ -485,7 +485,7 @@ pub struct InvalidStateTransitionProof { /// Fraud proof for the valid bundles in `ExecutionReceipt::inboxed_bundles` #[derive(Clone, Debug, Decode, Encode, Eq, PartialEq, TypeInfo)] pub struct ValidBundleProof { - /// The targetted bundle with proof + /// The targeted bundle with proof pub bundle_with_proof: OpaqueBundleWithProof, } From 90428cccdc3c8d771ccd84f5be343b43c963941e Mon Sep 17 00:00:00 2001 From: teor Date: Mon, 9 Dec 2024 17:03:02 +1000 Subject: [PATCH 2/2] Re-arrange InvalidExtrinsicsRootProof data to make it easier to combine --- .../sp-domains-fraud-proof/src/fraud_proof.rs | 8 ++-- .../src/host_functions.rs | 2 + crates/sp-domains-fraud-proof/src/lib.rs | 3 +- .../src/storage_proof.rs | 44 +++++++++++-------- .../src/verification.rs | 24 +++++----- .../client/domain-operator/src/fraud_proof.rs | 20 ++++----- 6 files changed, 58 insertions(+), 43 deletions(-) diff --git a/crates/sp-domains-fraud-proof/src/fraud_proof.rs b/crates/sp-domains-fraud-proof/src/fraud_proof.rs index 646d0e7fe7..757e4d5dc5 100644 --- a/crates/sp-domains-fraud-proof/src/fraud_proof.rs +++ b/crates/sp-domains-fraud-proof/src/fraud_proof.rs @@ -493,10 +493,12 @@ pub struct ValidBundleProof { pub struct InvalidExtrinsicsRootProof { /// Valid Bundle digests pub valid_bundle_digests: Vec, - /// Block randomness storage proof - pub block_randomness_proof: BlockRandomnessProof, + /// The storage proof used during verification - pub domain_inherent_extrinsic_data_proof: DomainInherentExtrinsicDataProof, + pub invalid_extrinsics_data_proof: InvalidExtrinsicsDataProof, + + /// Optional sudo extrinsic call storage proof + pub domain_sudo_call_proof: DomainSudoCallStorageProof, } #[derive(Clone, Debug, Decode, Encode, Eq, PartialEq, TypeInfo)] diff --git a/crates/sp-domains-fraud-proof/src/host_functions.rs b/crates/sp-domains-fraud-proof/src/host_functions.rs index eede593383..21add775b0 100644 --- a/crates/sp-domains-fraud-proof/src/host_functions.rs +++ b/crates/sp-domains-fraud-proof/src/host_functions.rs @@ -262,6 +262,8 @@ where domain_inherent_extrinsic_data: DomainInherentExtrinsicData, ) -> Option { let DomainInherentExtrinsicData { + // Used by caller + block_randomness: _, timestamp, maybe_domain_runtime_upgrade, consensus_transaction_byte_fee, diff --git a/crates/sp-domains-fraud-proof/src/lib.rs b/crates/sp-domains-fraud-proof/src/lib.rs index f061c28796..24f30cfa7c 100644 --- a/crates/sp-domains-fraud-proof/src/lib.rs +++ b/crates/sp-domains-fraud-proof/src/lib.rs @@ -54,7 +54,7 @@ use sp_runtime::transaction_validity::{InvalidTransaction, TransactionValidity}; use sp_runtime::OpaqueExtrinsic; use sp_runtime_interface::pass_by; use sp_runtime_interface::pass_by::PassBy; -use subspace_core_primitives::U256; +use subspace_core_primitives::{Randomness, U256}; use subspace_runtime_primitives::{Balance, Moment}; /// Custom invalid validity code for the extrinsics in pallet-domains. @@ -108,6 +108,7 @@ pub enum DomainChainAllowlistUpdateExtrinsic { #[derive(Debug, Decode, Encode, TypeInfo, PartialEq, Eq, Clone)] pub struct DomainInherentExtrinsicData { + pub block_randomness: Randomness, pub timestamp: Moment, pub maybe_domain_runtime_upgrade: Option>, pub consensus_transaction_byte_fee: Balance, diff --git a/crates/sp-domains-fraud-proof/src/storage_proof.rs b/crates/sp-domains-fraud-proof/src/storage_proof.rs index cda26cfd54..a3ccefe6c3 100644 --- a/crates/sp-domains-fraud-proof/src/storage_proof.rs +++ b/crates/sp-domains-fraud-proof/src/storage_proof.rs @@ -414,16 +414,27 @@ impl MaybeDomainRuntimeUpgradedProof { } #[derive(Clone, Debug, Decode, Encode, Eq, PartialEq, TypeInfo)] -pub struct DomainInherentExtrinsicDataProof { +pub struct InvalidExtrinsicsDataProof { + /// Block randomness storage proof + pub block_randomness_proof: BlockRandomnessProof, + + /// Block timestamp storage proof pub timestamp_proof: TimestampStorageProof, + + /// Optional domain runtime code upgrade storage proof pub maybe_domain_runtime_upgrade_proof: MaybeDomainRuntimeUpgradedProof, + + /// Boolean indicating if dynamic cost of storage was used (but as a storage proof) pub dynamic_cost_of_storage_proof: DynamicCostOfStorageProof, + + /// Transaction fee storage proof pub consensus_chain_byte_fee_proof: ConsensusTransactionByteFeeProof, + + /// Change in the allowed chains storage proof pub domain_chain_allowlist_proof: DomainChainsAllowlistUpdateStorageProof, - pub domain_sudo_call_proof: DomainSudoCallStorageProof, } -impl DomainInherentExtrinsicDataProof { +impl InvalidExtrinsicsDataProof { #[cfg(feature = "std")] #[allow(clippy::let_and_return)] pub fn generate< @@ -437,6 +448,8 @@ impl DomainInherentExtrinsicDataProof { block_hash: Block::Hash, maybe_runtime_id: Option, ) -> Result { + let block_randomness_proof = + BlockRandomnessProof::generate(proof_provider, block_hash, (), storage_key_provider)?; let timestamp_proof = TimestampStorageProof::generate(proof_provider, block_hash, (), storage_key_provider)?; let maybe_domain_runtime_upgrade_proof = MaybeDomainRuntimeUpgradedProof::generate( @@ -464,20 +477,13 @@ impl DomainInherentExtrinsicDataProof { storage_key_provider, )?; - let domain_sudo_call_proof = DomainSudoCallStorageProof::generate( - proof_provider, - block_hash, - domain_id, - storage_key_provider, - )?; - Ok(Self { + block_randomness_proof, timestamp_proof, maybe_domain_runtime_upgrade_proof, dynamic_cost_of_storage_proof, consensus_chain_byte_fee_proof, domain_chain_allowlist_proof, - domain_sudo_call_proof, }) } @@ -487,6 +493,12 @@ impl DomainInherentExtrinsicDataProof { runtime_id: RuntimeId, state_root: &Block::Hash, ) -> Result { + let block_randomness = >::verify::( + self.block_randomness_proof.clone(), + (), + state_root, + )?; + let timestamp = >::verify::( self.timestamp_proof.clone(), (), @@ -523,18 +535,14 @@ impl DomainInherentExtrinsicDataProof { state_root, )?; - let domain_sudo_call = >::verify::< - SKP, - >( - self.domain_sudo_call_proof.clone(), domain_id, state_root - )?; - Ok(DomainInherentExtrinsicData { + block_randomness, timestamp, maybe_domain_runtime_upgrade, consensus_transaction_byte_fee, domain_chain_allowlist, - maybe_sudo_runtime_call: domain_sudo_call.maybe_call, + // Populated by caller + maybe_sudo_runtime_call: None, }) } } diff --git a/crates/sp-domains-fraud-proof/src/verification.rs b/crates/sp-domains-fraud-proof/src/verification.rs index 4baaffef68..bf149d2b43 100644 --- a/crates/sp-domains-fraud-proof/src/verification.rs +++ b/crates/sp-domains-fraud-proof/src/verification.rs @@ -65,19 +65,24 @@ where { let InvalidExtrinsicsRootProof { valid_bundle_digests, - block_randomness_proof, - domain_inherent_extrinsic_data_proof, - .. + invalid_extrinsics_data_proof, + domain_sudo_call_proof, } = fraud_proof; - let domain_inherent_extrinsic_data = domain_inherent_extrinsic_data_proof - .verify::(domain_id, runtime_id, &state_root)?; + let mut domain_inherent_extrinsic_data = + invalid_extrinsics_data_proof.verify::(domain_id, runtime_id, &state_root)?; - let block_randomness = >::verify::( - block_randomness_proof.clone(), - (), + let domain_sudo_call = >::verify::( + domain_sudo_call_proof.clone(), + domain_id, &state_root, )?; + domain_inherent_extrinsic_data.maybe_sudo_runtime_call = domain_sudo_call.maybe_call; + + let shuffling_seed = H256::from_slice( + extrinsics_shuffling_seed::(domain_inherent_extrinsic_data.block_randomness) + .as_ref(), + ); let DomainInherentExtrinsic { domain_timestamp_extrinsic, @@ -110,9 +115,6 @@ where bundle_extrinsics_digests.extend(bundle_digest.bundle_digest.clone()); } - let shuffling_seed = - H256::from_slice(extrinsics_shuffling_seed::(block_randomness).as_ref()); - let mut ordered_extrinsics = deduplicate_and_shuffle_extrinsics( bundle_extrinsics_digests, Randomness::from(shuffling_seed.to_fixed_bytes()), diff --git a/domains/client/domain-operator/src/fraud_proof.rs b/domains/client/domain-operator/src/fraud_proof.rs index 3402e69735..b20b4578ac 100644 --- a/domains/client/domain-operator/src/fraud_proof.rs +++ b/domains/client/domain-operator/src/fraud_proof.rs @@ -379,17 +379,10 @@ where let maybe_domain_runtime_code_proof = self.maybe_generate_domain_runtime_code_proof_for_receipt(domain_id, local_receipt)?; - let block_randomness_proof = BlockRandomnessProof::generate( - self.consensus_client.as_ref(), - consensus_block_hash, - (), - &self.storage_key_provider, - )?; - let maybe_runtime_id = self.is_domain_runtime_updraded_at(domain_id, consensus_block_hash)?; - let domain_inherent_extrinsic_data_proof = DomainInherentExtrinsicDataProof::generate( + let invalid_extrinsics_data_proof = InvalidExtrinsicsDataProof::generate( &self.storage_key_provider, self.consensus_client.as_ref(), domain_id, @@ -397,6 +390,13 @@ where maybe_runtime_id, )?; + let domain_sudo_call_proof = DomainSudoCallStorageProof::generate( + self.consensus_client.as_ref(), + consensus_block_hash, + domain_id, + &self.storage_key_provider, + )?; + let invalid_domain_extrinsics_root_proof = FraudProof { domain_id, bad_receipt_hash, @@ -404,8 +404,8 @@ where maybe_domain_runtime_code_proof, proof: FraudProofVariant::InvalidExtrinsicsRoot(InvalidExtrinsicsRootProof { valid_bundle_digests, - block_randomness_proof, - domain_inherent_extrinsic_data_proof, + invalid_extrinsics_data_proof, + domain_sudo_call_proof, }), };