FM-173: Separate BottomUpResolve and BottomUpExec

fendermint/vm/interpreter/src/chain.rs

@@ -95,12 +95,14 @@ where
 
                 Ok((state, Ok(ret)))
             }
-            ChainMessage::Ipc(IpcMessage::BottomUp(_msg)) => {
+            ChainMessage::Ipc(IpcMessage::BottomUpResolve(_msg)) => {
                 // TODO: Check the relayer signature and nonce. Don't have to check the quorum certificate, if it's invalid, make the relayer pay.
-                // This is currently sperad out over the `Signed` and the `FvmMessage` interpreters, so think about a way to reuse.
+                // For `ChainMessage::Signed` this is currently sperad out over the `SignedMessageInterpreter` and the `FvmMessageInterpreter`,
+                // so think about a way to reuse. For now returning illegal as a placeholder.
                 Ok((state, Err(IllegalMessage)))
             }
-            ChainMessage::Ipc(IpcMessage::TopDown) => {
+            ChainMessage::Ipc(IpcMessage::TopDown)
+            | ChainMessage::Ipc(IpcMessage::BottomUpExec(_)) => {
                 // Users cannot send some of these messages, only validators can propose them in blocks.
                 Ok((state, Err(IllegalMessage)))
             }

fendermint/vm/message/golden/chain/ipc_bottom_up_exec.cbor

@@ -0,0 +1 @@
+a163497063a16c426f74746f6d557045786563a2676d657373616765a4697375626e65745f6964821ba1656b9a6ab736e08156040a888c4e06372e45158764a4a11d1ce500f820527a666865696768741a6f9a42ea756e6578745f76616c696461746f725f7365745f69641bbc4d488f39d39de672626f74746f6d5f75705f6d65737361676573d82a583e0001bb1890e30a36e50c4b971c3b52ec39ea0c120cc36c6214347e5b4f3428218d54bbfb42a5cf602e01aff7cfd8ac07f856dccec3275ca245e676ed16ae6b6365727469666963617465a16a7369676e61747572657385a26976616c696461746f724a00d2a4e297d084abea14697369676e61747572654101a26976616c696461746f724a00d8d3eac7c4afefcb61697369676e61747572654102a26976616c696461746f724a00eefad6e88299a7ae46697369676e617475726546020101ffa8f6a26976616c696461746f7255020a01ce813bce190139aef784736d2800e38b3d9c697369676e6174757265420277a26976616c696461746f725501a1c9bf8d8cb7568dc5f50cff4d9a4facd855d0de697369676e617475726543020172

fendermint/vm/message/golden/chain/ipc_bottom_up_exec.txt

@@ -0,0 +1 @@
+Ipc(BottomUpExec(CertifiedMessage { message: BottomUpCheckpoint { subnet_id: SubnetID { root: 11629819923713701600, children: [Address { payload: Delegated(DelegatedAddress { namespace: 10, length: 20, buffer: [136, 140, 78, 6, 55, 46, 69, 21, 135, 100, 164, 161, 29, 28, 229, 0, 248, 32, 82, 122, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] }) }] }, height: 1872380650, next_validator_set_id: 13568581032324865510, bottom_up_messages: Cid(bag5rrehdbi3okdcls4odwuxmhhvayeqmynwgefbupznu6nbieggvjo73iks46yboagx7pt6yvqd7qvw4z3bsoxfcixthn3iwvy) }, certificate: MultiSig { signatures: [ValidatorSignature { validator: Address { payload: ID(1501013850784830034) }, signature: Signature { sig_type: Secp256k1, bytes: [] } }, ValidatorSignature { validator: Address { payload: ID(7032297684660300248) }, signature: Signature { sig_type: BLS, bytes: [] } }, ValidatorSignature { validator: Address { payload: ID(5070099664076127598) }, signature: Signature { sig_type: BLS, bytes: [1, 1, 255, 168, 246] } }, ValidatorSignature { validator: Address { payload: Actor([10, 1, 206, 129, 59, 206, 25, 1, 57, 174, 247, 132, 115, 109, 40, 0, 227, 139, 61, 156]) }, signature: Signature { sig_type: BLS, bytes: [119] } }, ValidatorSignature { validator: Address { payload: Secp256k1([161, 201, 191, 141, 140, 183, 86, 141, 197, 245, 12, 255, 77, 154, 79, 172, 216, 85, 208, 222]) }, signature: Signature { sig_type: BLS, bytes: [1, 114] } }] } }))

fendermint/vm/message/golden/chain/ipc_bottom_up_resolve.cbor

@@ -0,0 +1 @@
+a163497063a16f426f74746f6d55705265736f6c7665a2676d657373616765a3676d657373616765a2676d657373616765a4697375626e65745f6964821b072a749d4e007b3d8256040a0c499bb8f71bfa8a7dc89b21be0050fe01dff50556040a03e75800cbbea43532cc0f8bf76a2f51c23b7d0a666865696768741a550feaaf756e6578745f76616c696461746f725f7365745f69641b01b536ec9cea9bd472626f74746f6d5f75705f6d65737361676573d82a5823001220a73b8d52b312e2e993235783dea2635a70f158f91e5cf1290e1798176ace66416b6365727469666963617465a16a7369676e61747572657381a26976616c696461746f724b00a78594e6f295fcc6f201697369676e61747572654501f9910bec6772656c61796572583103074f77fe3354fbdbc4d846007201386134cca1e7907d85010238c6fb67eceb687ad3017587aa0d9db170c0620089752f6873657175656e63651bf0f091093de904c5697369676e61747572654702bbcafcff3d42

fendermint/vm/message/golden/chain/ipc_bottom_up_resolve.txt

@@ -0,0 +1 @@
+Ipc(BottomUpResolve(SignedRelayedMessage { message: RelayedMessage { message: CertifiedMessage { message: BottomUpCheckpoint { subnet_id: SubnetID { root: 516353326254684989, children: [Address { payload: Delegated(DelegatedAddress { namespace: 10, length: 20, buffer: [12, 73, 155, 184, 247, 27, 250, 138, 125, 200, 155, 33, 190, 0, 80, 254, 1, 223, 245, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] }) }, Address { payload: Delegated(DelegatedAddress { namespace: 10, length: 20, buffer: [3, 231, 88, 0, 203, 190, 164, 53, 50, 204, 15, 139, 247, 106, 47, 81, 194, 59, 125, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] }) }] }, height: 1427106479, next_validator_set_id: 123064954695359444, bottom_up_messages: Cid(QmZbTTpS83pTiqyaUNTWBZotqDcin9p8j434qRVNQX2Z5r) }, certificate: MultiSig { signatures: [ValidatorSignature { validator: Address { payload: ID(17477890364055814823) }, signature: Signature { sig_type: Secp256k1, bytes: [249, 145, 11, 236] } }] } }, relayer: Address { payload: BLS([7, 79, 119, 254, 51, 84, 251, 219, 196, 216, 70, 0, 114, 1, 56, 97, 52, 204, 161, 231, 144, 125, 133, 1, 2, 56, 198, 251, 103, 236, 235, 104, 122, 211, 1, 117, 135, 170, 13, 157, 177, 112, 192, 98, 0, 137, 117, 47]) }, sequence: 17361536032392676549 }, signature: Signature { sig_type: BLS, bytes: [187, 202, 252, 255, 61, 66] } }))

fendermint/vm/message/src/ipc.rs

@@ -10,11 +10,18 @@ use serde::{Deserialize, Serialize};
 #[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
 #[allow(clippy::large_enum_variant)]
 pub enum IpcMessage {
-    /// A bottom-up checkpoint coming from a child subnet, relayed by a user of the parent subnet for a reward.
+    /// A bottom-up checkpoint coming from a child subnet "for resolution", relayed by a user of the parent subnet for a reward.
     ///
     /// The reward can be given immediately upon the validation of the quorum certificate in the checkpoint,
     /// or later during execution, once data availability has been confirmed.
-    BottomUp(SignedRelayedMessage<SignedBottomUpCheckpoint>),
+    BottomUpResolve(SignedRelayedMessage<CertifiedMessage<BottomUpCheckpoint>>),
+
+    /// A bottom-up checkpoint proposed "for execution" by the parent subnet validators, provided that the majority of them
+    /// have the data available to them, already resolved.
+    ///
+    /// To prove that the data is available, we can either use the ABCI++ "process proposal" mechanism,
+    /// or we can gossip votes using the _IPLD Resolver_ and attach them as a quorum certificate.
+    BottomUpExec(CertifiedMessage<BottomUpCheckpoint>),
 
     // TODO
     TopDown,
@@ -43,6 +50,27 @@ pub struct SignedRelayedMessage<T> {
     pub signature: Signature,
 }
 
+/// A message with a quorum certificate from a group of validators.
+#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
+pub struct CertifiedMessage<T> {
+    /// The message the validators signed.
+    pub message: T,
+    /// The quorum certificate.
+    pub certificate: MultiSig,
+}
+
+/// A quorum certificate consisting of a simple multi-sig.
+#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
+pub struct MultiSig {
+    pub signatures: Vec<ValidatorSignature>,
+}
+
+#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
+pub struct ValidatorSignature {
+    pub validator: Address,
+    pub signature: Signature,
+}
+
 /// A periodic bottom-up checkpoints contains the source subnet ID (to protect against replay attacks),
 /// a block height (for sequencing), any potential handover to the next validator set, and a pointer
 /// to the messages that need to be resolved and executed by the parent validators.
@@ -59,19 +87,6 @@ pub struct BottomUpCheckpoint {
     pub bottom_up_messages: Cid, // TODO: Use TCid
 }
 
-/// A bottom-up checkpoint with a quroum certificate.
-#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
-pub struct SignedBottomUpCheckpoint {
-    pub checkpoint: BottomUpCheckpoint,
-    pub signatures: Vec<ValidatorSignature>,
-}
-
-#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq)]
-pub struct ValidatorSignature {
-    pub validator: Address,
-    pub signature: Signature,
-}
-
 #[cfg(feature = "arb")]
 mod arb {
 
@@ -80,14 +95,15 @@ mod arb {
     use quickcheck::{Arbitrary, Gen};
 
     use super::{
-        BottomUpCheckpoint, IpcMessage, RelayedMessage, SignedBottomUpCheckpoint,
+        BottomUpCheckpoint, CertifiedMessage, IpcMessage, MultiSig, RelayedMessage,
         SignedRelayedMessage, ValidatorSignature,
     };
 
     impl Arbitrary for IpcMessage {
         fn arbitrary(g: &mut Gen) -> Self {
-            match u8::arbitrary(g) % 2 {
-                0 => IpcMessage::BottomUp(Arbitrary::arbitrary(g)),
+            match u8::arbitrary(g) % 3 {
+                0 => IpcMessage::BottomUpResolve(Arbitrary::arbitrary(g)),
+                1 => IpcMessage::BottomUpExec(Arbitrary::arbitrary(g)),
                 _ => IpcMessage::TopDown,
             }
         }
@@ -112,15 +128,11 @@ mod arb {
         }
     }
 
-    impl Arbitrary for SignedBottomUpCheckpoint {
+    impl<T: Arbitrary> Arbitrary for CertifiedMessage<T> {
         fn arbitrary(g: &mut Gen) -> Self {
-            let mut signatures = Vec::new();
-            for _ in 0..*g.choose(&[1, 3, 5]).unwrap() {
-                signatures.push(ValidatorSignature::arbitrary(g));
-            }
             Self {
-                checkpoint: BottomUpCheckpoint::arbitrary(g),
-                signatures,
+                message: T::arbitrary(g),
+                certificate: Arbitrary::arbitrary(g),
             }
         }
     }
@@ -134,6 +146,16 @@ mod arb {
         }
     }
 
+    impl Arbitrary for MultiSig {
+        fn arbitrary(g: &mut Gen) -> Self {
+            let mut signatures = Vec::new();
+            for _ in 0..*g.choose(&[1, 3, 5]).unwrap() {
+                signatures.push(ValidatorSignature::arbitrary(g));
+            }
+            Self { signatures }
+        }
+    }
+
     impl Arbitrary for BottomUpCheckpoint {
         fn arbitrary(g: &mut Gen) -> Self {
             Self {

fendermint/vm/message/tests/golden.rs

@@ -17,9 +17,18 @@ mod chain {
       }
     }
 
-    golden_cbor! { "chain", ipc_bottom_up, |g| {
+    golden_cbor! { "chain", ipc_bottom_up_resolve, |g| {
         loop {
-            if let msg @ ChainMessage::Ipc(IpcMessage::BottomUp(_)) = ChainMessage::arbitrary(g) {
+            if let msg @ ChainMessage::Ipc(IpcMessage::BottomUpResolve(_)) = ChainMessage::arbitrary(g) {
+                return msg
+            }
+        }
+      }
+    }
+
+    golden_cbor! { "chain", ipc_bottom_up_exec, |g| {
+        loop {
+            if let msg @ ChainMessage::Ipc(IpcMessage::BottomUpExec(_)) = ChainMessage::arbitrary(g) {
                 return msg
             }
         }