Skip to content
This repository has been archived by the owner on Nov 15, 2023. It is now read-only.

Bound pallet-offences #11585

Closed
wants to merge 17 commits into from
Closed

Bound pallet-offences #11585

wants to merge 17 commits into from

Conversation

ggwpez
Copy link
Member

@ggwpez ggwpez commented Jun 2, 2022

Bound the offences pallet.
Changes:

  • Introduce global MaxOffenders and MaxReportes constants with both value 100. This is necessary since the staking and offences traits would otherwise all need to be parameterized. Grandpa and BABE both only use at most 1 for these values, so 100 should be enough.
  • Introduce MaxSameKindReportsEncodedLen and MaxOpaqueTimeSlotEncodedLen to bound the storage of encoded values. There is a test which tests that these constants can encode the respective values, it would be important to run that test against the real runtime config, not just the mock.
  • Introduce MaxConcurrentReportsPerTime and MaxSameKindReports. These may or may not be necessary, I am not sure. Maybe they can be replaced with instances of MaxOffenders/MaxReporters.
  • Change the naming of Exposure/ExposureOf and ActiveExposure to avoid a name-clash
  • Replace a lot of vec![] with Default::default() to make future refactoring easier.

TODO:

  • There is one expect("todo") where I was unsure about the vector length
  • What about migrations?

Part of paritytech/polkadot-sdk#323

Signed-off-by: Oliver Tale-Yazdi <[email protected]>
@github-actions github-actions bot added the A0-please_review Pull request needs code review. label Jun 2, 2022
@ggwpez ggwpez added A3-in_progress Pull request is in progress. No review needed at this stage. and removed A0-please_review Pull request needs code review. labels Jun 2, 2022
@KiChjang
Copy link
Contributor

KiChjang commented Jun 3, 2022

Would really like @kianenigma to review this when he comes back...

@KiChjang KiChjang requested a review from kianenigma June 3, 2022 17:16
@ggwpez ggwpez requested a review from andresilva as a code owner June 17, 2022 13:05
ggwpez added 7 commits June 17, 2022 16:31
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
@ggwpez
Copy link
Member Author

ggwpez commented Jul 14, 2022

bot rebase

@paritytech-processbot
Copy link

Rebased

ggwpez added 6 commits July 18, 2022 10:13
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
Signed-off-by: Oliver Tale-Yazdi <[email protected]>
@ggwpez ggwpez added A0-please_review Pull request needs code review. B0-silent Changes should not be mentioned in any release notes E1-runtimemigration and removed A3-in_progress Pull request is in progress. No review needed at this stage. labels Jul 18, 2022
@ggwpez ggwpez added C1-low PR touches the given topic and has a low impact on builders. D5-nicetohaveaudit ⚠️ PR contains trivial changes to logic that should be properly reviewed. labels Jul 18, 2022
};
}
.try_into()
.defensive_proof("MaxReporters must be at least 1;")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we have defensive_expect? we should :D

None => vec![],
}
.try_into()
.expect("MaxReporters must be at least 1;");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where is this ensured? Should be in integrity_checks

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Its a constant, not a configuration variable, so we only have to ensure it once.
But yea, could add it to the integrity checks.

/// A handler called for every offence report.
type OnOffenceHandler: OnOffenceHandler<Self::AccountId, Self::IdentificationTuple, Weight>;

/// Maximum number of reports of the same kind that happened at a specific time slot.
#[pallet::constant]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do all of these really need to be in metadata? harmless, but I wonder if you had thought about each.

where
AccountId: Debug + Encode + Decode + MaxEncodedLen + Clone + Eq + PartialEq,
Balance: Debug + HasCompact + Encode + Decode + MaxEncodedLen + Clone + Eq + PartialEq,
MaxNominations: Get<u32>,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not a good name -- we use this term to determine the number of nominations that a single nominator can have. i.e. 16.

I suggest using MaxBackers here instead.

/// The total balance backing this validator.
#[codec(compact)]
pub total: Balance,
/// The validator's own stash that is exposed.
#[codec(compact)]
pub own: Balance,
/// The portions of nominators stashes that are exposed.
pub others: Vec<IndividualExposure<AccountId, Balance>>,
pub others: BoundedVec<IndividualExposure<AccountId, Balance>, MaxNominations>,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a great direction that you started here: we certainly want to bound this. Problem is that there is nothing in the ElectionProvider trait explicitly guarantees that this is the case.

What we want to do is:

  1. Staking tells ElectionProvider how many MaxBackers it accepts.
  2. Staking miner respects this when generating solution, and automatically sorts the backings of each validator, and throws away the smaller ones. (currently we area doing onchain, which is horrible)
  3. ElectionProvider checks this for submitted solutions and ensures it is the case.
  4. Staking can just do a defensive truncate when it receives a solution from ElectionProvider.
  5. This new MaxBackers should also replace MaxRewardableNominatorsPerValidator, and entirely replace the notion of oversubscribed validators.

If interested in doing more steps in this path, I will be happy to do a better writeup about it.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Without these steps, we should set MaxBackers to MaxElectingVoters, because in principle it is possible that in an election everyone nominates one validator, and that single validators ends up having the whole e.g. 22500 backers backing them.

/// A typed conversion from stash account ID to the active exposure of nominators
/// on that account.
///
/// Active exposure is the exposure of the validator set currently validating, i.e. in
/// `active_era`. It can differ from the latest planned exposure in `current_era`.
pub struct ExposureOf<T>(sp_std::marker::PhantomData<T>);
pub struct ActiveExposure<T>(sp_std::marker::PhantomData<T>);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

better name now, but still not quite happy with it.

@@ -553,10 +552,10 @@ impl<T: Config> Pallet<T> {
total = total.saturating_add(stake);
});

let exposure = Exposure { own, others, total };
let exposure = Exposure { own, others: others.try_into().expect("TODO"), total };
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@stale
Copy link

stale bot commented Aug 31, 2022

Hey, is anyone still working on this? Due to the inactivity this issue has been automatically marked as stale. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. label Aug 31, 2022
@ggwpez ggwpez removed the A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. label Aug 31, 2022
@stale
Copy link

stale bot commented Sep 30, 2022

Hey, is anyone still working on this? Due to the inactivity this issue has been automatically marked as stale. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. label Sep 30, 2022
@kianenigma
Copy link
Contributor

This will someday be done by @Ank4n, but a long chain of other work is needed.

@stale stale bot removed the A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. label Sep 30, 2022
@stale stale bot added the A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. label Oct 30, 2022
@paritytech paritytech deleted a comment from stale bot Oct 30, 2022
@ggwpez ggwpez removed the A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. label Oct 30, 2022
@stale
Copy link

stale bot commented Nov 29, 2022

Hey, is anyone still working on this? Due to the inactivity this issue has been automatically marked as stale. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. label Nov 29, 2022
@stale stale bot closed this Dec 14, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
A0-please_review Pull request needs code review. A5-stale Pull request did not receive any updates in a long time. No review needed at this stage. Close it. B0-silent Changes should not be mentioned in any release notes C1-low PR touches the given topic and has a low impact on builders. D5-nicetohaveaudit ⚠️ PR contains trivial changes to logic that should be properly reviewed.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants