Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change PublicKey on Bid #4566

Merged
merged 32 commits into from
May 2, 2024
Merged

Change PublicKey on Bid #4566

merged 32 commits into from
May 2, 2024

Conversation

wojcik91
Copy link
Collaborator

EdHastingsCasperAssociation
EdHastingsCasperAssociation requested changes Feb 27, 2024
View reviewed changes
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The implementation looks good overall. Assuming my two requests for change are addressed, I will approve.

@EdHastingsCasperAssociation EdHastingsCasperAssociation changed the title Validator transfer Change PublicKey on Bid Mar 6, 2024
@wojcik91
Copy link
Collaborator Author

@EdHastingsCasperAssociation I reworked the implementation to use the new BidKind variant.

In the GS update tool I took a bit of a shortcut and assumed that Bridge records can be ignored, since they don't represent a stake that would need to be overwritten.

@wojcik91
Copy link
Collaborator Author

@mpapierski ping

@wojcik91 wojcik91 marked this pull request as ready for review March 20, 2024 13:32
@mpapierski mpapierski self-requested a review March 21, 2024 12:01
mpapierski
mpapierski reviewed Mar 21, 2024
View reviewed changes
storage/src/system/auction.rs Outdated Show resolved Hide resolved
storage/src/system/auction/detail.rs Outdated
if !bid_key.is_bid_addr_key() {
return Err(Error::InvalidKeyVariant);
}
match provider.read_bid(bid_key)? {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we change this logic to a loop with a fixed upper bound of iteration count instead of recursion (this, and the other place that uses loop)? Even with the guard rails in place at the entry point, I believe you could still potentially abuse this: create a long enough chain of validator entries that point at each other. I.e. A has a bridge record to B, B has a bridge record to C, etc.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think would be a reasonable iteration limit?
I expect we can safely assume that actual bids won't form very long chains, so there's no need for additional validation when creating the bridge record. Is that ok?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think would be a reasonable iteration limit?

Considering that's just so we don't do possibly unbounded computation, I think 10 should be more than enough. If there's a legitimate use case that you have to change the keys multiple times within an era then it should serve the purpose

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the longest possible chain could happen when processing unbonds (due to the length of time between creating and processing the UnbondingPurse), but I guess it's hard to see a valid use-case for transfering a bid record that often, so 10 iterations should suffice. We'll just have to be clear about this limitation in the documentation.
On the other hand I'm a bit worried about allowing the user to create an unprocessable entity. Is there a precedent for this in the codebase?

While figuring out if it's possible to create a loop in bridge records I also realized there's another issue with our approach - since bridge records are meant to reuse the same address as ValidatorBid it's currently not possible to transfer a bid back to the original address unless the bridge record is pruned. Is this something we should consider as a bug or leave it as a known limitation?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @mpapierski.
I've introduced the changes we've discussed:

  • bumped the cost of the new entrypoint (to twice the cost of add_bid for now)
  • removed recursion in favor of a for loop with a limited number of iterations

types/src/system/auction.rs Outdated Show resolved Hide resolved
types/src/system/auction/bridge.rs Outdated Show resolved Hide resolved
storage/src/system/auction.rs Outdated Show resolved Hide resolved
@wojcik91 wojcik91 force-pushed the validator_transfer branch 2 times, most recently from 5ca329c to fbf23ce Compare April 4, 2024 16:32
@EdHastingsCasperAssociation
Copy link
Collaborator

bors r+

casperlabs-bors-ng bot added a commit that referenced this pull request Apr 23, 2024
@casperlabs-bors-ng @fizyk20
Merge #4566 #4657
b5ea88e 
4566: Change PublicKey on Bid r=EdHastingsCasperAssociation a=wojcik91

Implements casper-network/ceps#91

4657: Prevent stray `accounts.toml` files from breaking upgrades r=EdHastingsCasperAssociation a=fizyk20

The rewards calculation used to take the validators from `accounts.toml` when writing zero rewards to validators at genesis or at an upgrade point. This is now just replaced with an empty map, which has the same effect and doesn't depend on external data.

Co-authored-by: Maciej Wójcik <[email protected]>
Co-authored-by: Bartłomiej Kamiński <[email protected]>
@casperlabs-bors-ng CasperLabs bors-ng
Copy link
Contributor

Build failed (retrying...):

casperlabs-bors-ng bot added a commit that referenced this pull request Apr 23, 2024
@casperlabs-bors-ng
Merge #4566
8972f3d 
4566: Change PublicKey on Bid r=EdHastingsCasperAssociation a=wojcik91

Implements casper-network/ceps#91

Co-authored-by: Maciej Wójcik <[email protected]>
@casperlabs-bors-ng CasperLabs bors-ng
Copy link
Contributor

Build failed:

EdHastingsCasperAssociation
EdHastingsCasperAssociation reviewed May 2, 2024
View reviewed changes
utils/global-state-update-gen/src/generic/testing.rs
Comment on lines +784 to +785
update.assert_written_purse_is_unit(bid_write.bonding_purse().unwrap());
update.assert_written_balance(bid_write.bonding_purse().unwrap(), 102);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as a side note, in tests we prefer to use .expect("message of what was expected") instead of .unwrap()

@EdHastingsCasperAssociation
Copy link
Collaborator

bors r+

@casperlabs-bors-ng CasperLabs bors-ng
Copy link
Contributor

Build succeeded:

@casperlabs-bors-ng casperlabs-bors-ng bot merged commit 8a56be6 into casper-network:feat-2.0 May 2, 2024
3 checks passed
@EdHastingsCasperAssociation
Copy link
Collaborator

Congrats!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@EdHastingsCasperAssociation EdHastingsCasperAssociation EdHastingsCasperAssociation approved these changes

@mpapierski mpapierski mpapierski approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@wojcik91 @EdHastingsCasperAssociation @mpapierski