-
Notifications
You must be signed in to change notification settings - Fork 129
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check offchain for equivocations in accepted GRANDPA finality proofs #2400
Comments
There is one problem When we get the justifications via
via
and via
Basically the problem is that when we subscribe to finality notifications we get a notification for each block, or small number of blocks. And each justification has a different round, in this case And in order to check that 2 finality proofs for the same block don't contain equivocations, we need them to target the same round. For the moment I couldn't find a way to get the justification for a certain block number and a certain round. I think the only option that would cover this problem so far would be to use @andresilva do you know if there is any API for getting the GRANDPA justification for a certain block number + round number ? |
With Couple of things to think of:
|
@svyatonik thank you for the details and the comment !
Very good point ! Thank you for pointing this out ! Yes, I think we should take into consideration the possibility that the relayers could follow the wrong fork. So, maybe checking for equivocations in the relayers is not a good option.
Could you expand on this please ? You mean the bridge hub collators ? To have them subscribe to I am not familiar with collators and inherents. But I can take a look on this.
I can try to understand what happens if we gossip votes for old rounds. And try to understand gossiping in more detail in general.
Sounds right. Also I'm assuming that the gossiping logic is resilient to cases where there's a network split. If it's so, I guess gossiping would be the safest solution to catch the offenders. But another thing: I guess gossiping will catch and report individual equivocations one by one. But will we also be able to tell that the vote that we gossiped was part of a bad finalized fork, and get the right justification ? In order to send it to the bridge and make it halt or take some action |
I'd say that checking using single instance is wrong - no matter is it relay or some other process. So e.g. if we'll have relayers running at BH collator nodes then maybe it is fine.
Yes - BH collators. I do not have some final solution here - just thinking that we may explore that. I imagine that maybe collators should include some mandatory extrinsic into every block (aka inherent) - this would lead to misconsensus if hashes read by them are different. But as I said - this is just some early stage idea. Maybe if we'll be running relayers on collators (also one of early ideas for #2486) then we wouldn't need this inherent at all.
👍
Right, that's the other side of the "attack" - i.e. to halt the bridge (or do something else) if it follows the wrong fork. We may e.g. to add the separate call to the GRANDPA pallet, similar to original pallet |
It would be great to discuss this with the team.
If we decide that this is enough, I think that BEEFY + paritytech/substrate#14520 would solve this. The problem is that with GRANDPA in case of a network split a set of malicious validators would be able to sign one fork on the chain and a different fork for the bridge, without gossiping this different fork that they sent to the bridge. But if I understand correctly, with paritytech/substrate#14520, this couldn't happen with BEEFY, right ? Because this would prevent the appearance of a network parition that votes non-finalized grandpa blocks in BEEFY. |
cc @andresilva knows GRANDPA well, and may have more ideas |
According to the description in the GRANDPA gossip module and to this code I think that the nodes won't accept gossiped votes for rounds older then the current round - 1. So I don't know, maybe participating in the gossip is not the solution either. |
If #14520 checks votes only, then in a network split where a relayer is not aware of the gossiped vote, they could not report an equivocation for slashing. I'm changing it to be generic over the source of an equivocating signature on a commitment, so we could also for instance fish for equivocations detected on Ethereum (https://github.com/Snowfork/snowbridge/blob/8d01a0529270815532110d94e53d44e38c10650d/core/packages/contracts/src/BeefyClient.sol#L73). |
Yes, this could be an issue, but I don't think it's ultimately a blocker - it's unrealistic to be able to shadow all relayers for entire bonding period. To get away without slashing, attackers would have to maintain a global network attack splitting/shadowing the network for an entire (28 days) bonding period. So I think, adding "fishermen" capabilities to relayers (and making sure we run multiple relayer instances) should be enough. We can ping Jakob with this question if you think otherwise. |
Closed via all the issues linked above |
Related to #2496
We should have a process (maybe in the relayers) for checking if the GRANDPA finality proofs that were submitted via
submit_finality_proof
contain equivocations.For each accepted finality proof on the chain we should query a node for that block's finality and look for equivocations.
The text was updated successfully, but these errors were encountered: