diff --git a/crates/sp-domains-fraud-proof/src/fraud_proof.rs b/crates/sp-domains-fraud-proof/src/fraud_proof.rs index 646d0e7fe7..757e4d5dc5 100644 --- a/crates/sp-domains-fraud-proof/src/fraud_proof.rs +++ b/crates/sp-domains-fraud-proof/src/fraud_proof.rs @@ -493,10 +493,12 @@ pub struct ValidBundleProof { pub struct InvalidExtrinsicsRootProof { /// Valid Bundle digests pub valid_bundle_digests: Vec, - /// Block randomness storage proof - pub block_randomness_proof: BlockRandomnessProof, + /// The storage proof used during verification - pub domain_inherent_extrinsic_data_proof: DomainInherentExtrinsicDataProof, + pub invalid_extrinsics_data_proof: InvalidExtrinsicsDataProof, + + /// Optional sudo extrinsic call storage proof + pub domain_sudo_call_proof: DomainSudoCallStorageProof, } #[derive(Clone, Debug, Decode, Encode, Eq, PartialEq, TypeInfo)] diff --git a/crates/sp-domains-fraud-proof/src/host_functions.rs b/crates/sp-domains-fraud-proof/src/host_functions.rs index eede593383..21add775b0 100644 --- a/crates/sp-domains-fraud-proof/src/host_functions.rs +++ b/crates/sp-domains-fraud-proof/src/host_functions.rs @@ -262,6 +262,8 @@ where domain_inherent_extrinsic_data: DomainInherentExtrinsicData, ) -> Option { let DomainInherentExtrinsicData { + // Used by caller + block_randomness: _, timestamp, maybe_domain_runtime_upgrade, consensus_transaction_byte_fee, diff --git a/crates/sp-domains-fraud-proof/src/lib.rs b/crates/sp-domains-fraud-proof/src/lib.rs index f061c28796..24f30cfa7c 100644 --- a/crates/sp-domains-fraud-proof/src/lib.rs +++ b/crates/sp-domains-fraud-proof/src/lib.rs @@ -54,7 +54,7 @@ use sp_runtime::transaction_validity::{InvalidTransaction, TransactionValidity}; use sp_runtime::OpaqueExtrinsic; use sp_runtime_interface::pass_by; use sp_runtime_interface::pass_by::PassBy; -use subspace_core_primitives::U256; +use subspace_core_primitives::{Randomness, U256}; use subspace_runtime_primitives::{Balance, Moment}; /// Custom invalid validity code for the extrinsics in pallet-domains. @@ -108,6 +108,7 @@ pub enum DomainChainAllowlistUpdateExtrinsic { #[derive(Debug, Decode, Encode, TypeInfo, PartialEq, Eq, Clone)] pub struct DomainInherentExtrinsicData { + pub block_randomness: Randomness, pub timestamp: Moment, pub maybe_domain_runtime_upgrade: Option>, pub consensus_transaction_byte_fee: Balance, diff --git a/crates/sp-domains-fraud-proof/src/storage_proof.rs b/crates/sp-domains-fraud-proof/src/storage_proof.rs index cda26cfd54..a3ccefe6c3 100644 --- a/crates/sp-domains-fraud-proof/src/storage_proof.rs +++ b/crates/sp-domains-fraud-proof/src/storage_proof.rs @@ -414,16 +414,27 @@ impl MaybeDomainRuntimeUpgradedProof { } #[derive(Clone, Debug, Decode, Encode, Eq, PartialEq, TypeInfo)] -pub struct DomainInherentExtrinsicDataProof { +pub struct InvalidExtrinsicsDataProof { + /// Block randomness storage proof + pub block_randomness_proof: BlockRandomnessProof, + + /// Block timestamp storage proof pub timestamp_proof: TimestampStorageProof, + + /// Optional domain runtime code upgrade storage proof pub maybe_domain_runtime_upgrade_proof: MaybeDomainRuntimeUpgradedProof, + + /// Boolean indicating if dynamic cost of storage was used (but as a storage proof) pub dynamic_cost_of_storage_proof: DynamicCostOfStorageProof, + + /// Transaction fee storage proof pub consensus_chain_byte_fee_proof: ConsensusTransactionByteFeeProof, + + /// Change in the allowed chains storage proof pub domain_chain_allowlist_proof: DomainChainsAllowlistUpdateStorageProof, - pub domain_sudo_call_proof: DomainSudoCallStorageProof, } -impl DomainInherentExtrinsicDataProof { +impl InvalidExtrinsicsDataProof { #[cfg(feature = "std")] #[allow(clippy::let_and_return)] pub fn generate< @@ -437,6 +448,8 @@ impl DomainInherentExtrinsicDataProof { block_hash: Block::Hash, maybe_runtime_id: Option, ) -> Result { + let block_randomness_proof = + BlockRandomnessProof::generate(proof_provider, block_hash, (), storage_key_provider)?; let timestamp_proof = TimestampStorageProof::generate(proof_provider, block_hash, (), storage_key_provider)?; let maybe_domain_runtime_upgrade_proof = MaybeDomainRuntimeUpgradedProof::generate( @@ -464,20 +477,13 @@ impl DomainInherentExtrinsicDataProof { storage_key_provider, )?; - let domain_sudo_call_proof = DomainSudoCallStorageProof::generate( - proof_provider, - block_hash, - domain_id, - storage_key_provider, - )?; - Ok(Self { + block_randomness_proof, timestamp_proof, maybe_domain_runtime_upgrade_proof, dynamic_cost_of_storage_proof, consensus_chain_byte_fee_proof, domain_chain_allowlist_proof, - domain_sudo_call_proof, }) } @@ -487,6 +493,12 @@ impl DomainInherentExtrinsicDataProof { runtime_id: RuntimeId, state_root: &Block::Hash, ) -> Result { + let block_randomness = >::verify::( + self.block_randomness_proof.clone(), + (), + state_root, + )?; + let timestamp = >::verify::( self.timestamp_proof.clone(), (), @@ -523,18 +535,14 @@ impl DomainInherentExtrinsicDataProof { state_root, )?; - let domain_sudo_call = >::verify::< - SKP, - >( - self.domain_sudo_call_proof.clone(), domain_id, state_root - )?; - Ok(DomainInherentExtrinsicData { + block_randomness, timestamp, maybe_domain_runtime_upgrade, consensus_transaction_byte_fee, domain_chain_allowlist, - maybe_sudo_runtime_call: domain_sudo_call.maybe_call, + // Populated by caller + maybe_sudo_runtime_call: None, }) } } diff --git a/crates/sp-domains-fraud-proof/src/verification.rs b/crates/sp-domains-fraud-proof/src/verification.rs index 4baaffef68..bf149d2b43 100644 --- a/crates/sp-domains-fraud-proof/src/verification.rs +++ b/crates/sp-domains-fraud-proof/src/verification.rs @@ -65,19 +65,24 @@ where { let InvalidExtrinsicsRootProof { valid_bundle_digests, - block_randomness_proof, - domain_inherent_extrinsic_data_proof, - .. + invalid_extrinsics_data_proof, + domain_sudo_call_proof, } = fraud_proof; - let domain_inherent_extrinsic_data = domain_inherent_extrinsic_data_proof - .verify::(domain_id, runtime_id, &state_root)?; + let mut domain_inherent_extrinsic_data = + invalid_extrinsics_data_proof.verify::(domain_id, runtime_id, &state_root)?; - let block_randomness = >::verify::( - block_randomness_proof.clone(), - (), + let domain_sudo_call = >::verify::( + domain_sudo_call_proof.clone(), + domain_id, &state_root, )?; + domain_inherent_extrinsic_data.maybe_sudo_runtime_call = domain_sudo_call.maybe_call; + + let shuffling_seed = H256::from_slice( + extrinsics_shuffling_seed::(domain_inherent_extrinsic_data.block_randomness) + .as_ref(), + ); let DomainInherentExtrinsic { domain_timestamp_extrinsic, @@ -110,9 +115,6 @@ where bundle_extrinsics_digests.extend(bundle_digest.bundle_digest.clone()); } - let shuffling_seed = - H256::from_slice(extrinsics_shuffling_seed::(block_randomness).as_ref()); - let mut ordered_extrinsics = deduplicate_and_shuffle_extrinsics( bundle_extrinsics_digests, Randomness::from(shuffling_seed.to_fixed_bytes()), diff --git a/domains/client/domain-operator/src/fraud_proof.rs b/domains/client/domain-operator/src/fraud_proof.rs index 3402e69735..b20b4578ac 100644 --- a/domains/client/domain-operator/src/fraud_proof.rs +++ b/domains/client/domain-operator/src/fraud_proof.rs @@ -379,17 +379,10 @@ where let maybe_domain_runtime_code_proof = self.maybe_generate_domain_runtime_code_proof_for_receipt(domain_id, local_receipt)?; - let block_randomness_proof = BlockRandomnessProof::generate( - self.consensus_client.as_ref(), - consensus_block_hash, - (), - &self.storage_key_provider, - )?; - let maybe_runtime_id = self.is_domain_runtime_updraded_at(domain_id, consensus_block_hash)?; - let domain_inherent_extrinsic_data_proof = DomainInherentExtrinsicDataProof::generate( + let invalid_extrinsics_data_proof = InvalidExtrinsicsDataProof::generate( &self.storage_key_provider, self.consensus_client.as_ref(), domain_id, @@ -397,6 +390,13 @@ where maybe_runtime_id, )?; + let domain_sudo_call_proof = DomainSudoCallStorageProof::generate( + self.consensus_client.as_ref(), + consensus_block_hash, + domain_id, + &self.storage_key_provider, + )?; + let invalid_domain_extrinsics_root_proof = FraudProof { domain_id, bad_receipt_hash, @@ -404,8 +404,8 @@ where maybe_domain_runtime_code_proof, proof: FraudProofVariant::InvalidExtrinsicsRoot(InvalidExtrinsicsRootProof { valid_bundle_digests, - block_randomness_proof, - domain_inherent_extrinsic_data_proof, + invalid_extrinsics_data_proof, + domain_sudo_call_proof, }), };