-
Notifications
You must be signed in to change notification settings - Fork 137
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Outdated SlashPackets
are not dropped
#544
Comments
Nice! This logic can be added to |
If we add it to |
Reading the new
I'd prefer not to worry about SlashAcks, infraction heights, etc. in these validations, as I believe it can create more weird edge cases where spamming is still possible. See this comment as an example |
This issue is a subtask of solving #594, and I think we need to be considering the big picture of what 594 is trying to achieve. My comment above could easily have flaws, and maybe we just need to brainstorm a wholistic solution that checks all the boxes but doesn't introduce a large amount of validation complexity or edge cases. The |
Problem
A corrupt consumer chain could sendSlashPackets
withdata.vscId
after sending aVSCMaturedPacket
for the samevscId
. These packets should be dropped.After discussions with @MSalopek, we realized that it's correct behavior to send
SlashPackets
withdata.vscId
after sending aVSCMaturedPacket
for the samevscId
. This is because thedata.vscId
in aSlashPacket
is thevscId
of theVSCPacket
that last updated the validator set of the block when the infraction was committed. The misbehaving validator must be punished regardless of the infraction height.data.vscId
is mapped on a height on the provider that is used to determined what undelegations and redelegations should be slashed (seeSlash
in the staking module).Thus, this issue is about reducing as much as possible the scenarios in which a corrupt consumer chain ends up slashing a validator without following the rules. A more complete solution will be added as part of future versions, i.e., the provider can verify the evidence for all the
SlashPackets
.Closing criteria
DropSlashPackets
for which a correspondingVSCMaturedPacket
was already received.SlashPackets
for downtime infraction for the same validator that were received from the same consumer without the validator having the chance to Unjail itself.DropSlashPackets
for downtime infraction were received from the same consumer for infraction heights smaller than the latest downtime infraction height received from that consumer.SlashPacketData.ValidateBasic
on receivingSlashPackets
TODOs
The text was updated successfully, but these errors were encountered: