Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify (ir-)recoverability of complete slashing #292

Open
anorth opened this issue May 27, 2019 · 5 comments
Open

Clarify (ir-)recoverability of complete slashing #292

anorth opened this issue May 27, 2019 · 5 comments

Comments

@anorth
Copy link
Member

anorth commented May 27, 2019
edited by pooja
Loading

The faults spec for a consensus fault states that

All of the miner's pledge collateral and all of their power is irrevocably slashed

For an unreported storage fault, it doesn't use the word "irrecoverable" but does remove all collateral and power.

Please clarify what "irrecoverable" means in this context. Is it just emphasising that the offender can't get their pledge collateral back, or is it implying that the miner can no longer participate in consensus block mining (and/or other functions), even if it posts new collateral. Are both faults irrecoverable or is the storage fault intentionally recoverable?

Pseudocode in https://github.com/filecoin-project/specs/blob/master/actors.md#slashconsensusfault and https://github.com/filecoin-project/specs/blob/master/actors.md#slashstoragefault both seem to imply the latter, but both have very different "implementations" of that. If this really is intended, then other methods which might recover (such as pledging new collateral) must check the SlashedAt or whatever state change is implied by SelfDestruct().
@anorth
Copy link
Member Author

anorth commented May 27, 2019

This paragraph in the mining spec talks about a reinstatement mechanism (since the miner hasn't lost their storage collateral, assuming it's distinct from pledge collateral). That may be out of date, though, failing to account for generation attack window.

@pooja pooja added the P1 label May 28, 2019
@anorth
Copy link
Member Author

anorth commented May 29, 2019

The go-filecoin team are designing and implementing this in the immediate future, as part of our efforts to complete storage protocol implementation. An indicative response here ahead of the actual spec would be helpful.

@whyrusleeping
Copy link
Member

Consensus slashing is irrevocable. the miner is ejected from the storage market and can no longer mine blocks (the current spec also has the miner actor deleted entirely).

Storage faults are recoverable, intentionally. If you go offline for some time due to an emergency, or hardware failure, you should still be able to continue providing your services to the network.

whyrusleeping added a commit that referenced this issue May 30, 2019
@whyrusleeping
a few misc fixes, towards #292
cb781f2
@anorth anorth mentioned this issue Jun 3, 2019
Closed
@anorth
Copy link
Member Author

anorth commented Jun 3, 2019
edited
Loading

Thanks, makes sense.

In SlashStorageFault:

	if self.SlashedAt > 0 {
		Fatal("miner already slashed")
	}

... is probably incorrect, unless something will reset SlashedAt. The subsequent test for an empty proving set probably covers it.

whyrusleeping added a commit that referenced this issue Jun 3, 2019
@whyrusleeping
Merge pull request #317 from filecoin-project/fix/misc-fixes-2
a104054 
a few misc fixes, towards #292
@whyrusleeping
Copy link
Member

Yeah, there isnt yet a way in the spec for a storage miner to recover. we need to figure out a way for that to happen

@nicola nicola added the faults label Jul 1, 2019
@pooja pooja mentioned this issue Jul 3, 2019
Closed
19 tasks
@pooja pooja mentioned this issue Jul 30, 2019
Closed
18 tasks
@pooja pooja mentioned this issue Aug 27, 2019
Closed
22 tasks
@pooja pooja removed P1 labels Sep 12, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@hugomrdias @anorth @whyrusleeping @nicola @pooja @zixuanzh