Revamp invalid state transition proof #2072
Conversation
6c1be67 to
2f92af4
Compare
8b93038 to
c500f7d
Compare
Signed-off-by: linning <linningde25@gmail.com>
It is used to construct the domain block header during the verification of the invalid state transtion in the upcoming commits, this commit also removed the DomainNumber config item since it can be derived from DomainBlock, but the DomainHash is still needed for converting DomainHash to/from H256. Signed-off-by: linning <linningde25@gmail.com>
… execution proof They are used in the verification of the invalid state transition fraud proof Signed-off-by: linning <linningde25@gmail.com>
Mainly remove fields that already exist in the bad receipt Signed-off-by: linning <linningde25@gmail.com>
…nsus runtime Signed-off-by: linning <linningde25@gmail.com>
Since we don't need to verify this fraud proof in the client side anymore Signed-off-by: linning <linningde25@gmail.com>
Signed-off-by: linning <linningde25@gmail.com>
c500f7d to
cb77a6f
Compare
|
This PR is updated according to the host function approach, PTAL thanks! |
Signed-off-by: linning <linningde25@gmail.com>
bd1398b to
bc81164
Compare
| /// Gnenerate a proof-of-inclusion of the value at the given `input[index]` | ||
| /// | ||
| /// Return `None` if the given `index` out of range or fail to generate the proof | ||
| pub fn generate_proof<Layout: TrieLayout>(input: &[Vec<u8>], index: u32) -> Option<Vec<Vec<u8>>> { |
There was a problem hiding this comment.
I missed this earlier. Shouldn't this return a Storage Proof type instead. It would be nice to have that instead of returning some bare vectors.
There was a problem hiding this comment.
Vec<Vec<u8>> is what returned by trie_db::proof::generate_proof, we can't use StorageProof unless they can be verified in the same way.
| } | ||
|
|
||
| /// Verify the proof-of-inclusion of the `data` at the `index` of the merkle root `root` | ||
| pub fn verify_proof<Layout>( |
There was a problem hiding this comment.
There is already a storage proof verification in the verification module. We should use that instead. Ideally, we should call it Storage Proof Provider that can generate proofs and verify proofs
There was a problem hiding this comment.
I have explored this direction a bit but verify_and_get_value doesn't work directly, while both approaches use trie-db under the hook, there must be some differences between generating StorageProof and trie_db::proof::generate_proof (the later is used to generating proof-of-inclusion specifically).
I will leave a TODO for now, let me if you have a better idea.
There was a problem hiding this comment.
I think it should be generated something similart to - https://github.com/subspace/subspace/blob/main/crates/pallet-domains/src/tests.rs#L829
Anyway leave a TODO and we can revisit this
| .map_err(|_| FraudProofError::InvalidStateRootType)?; | ||
|
|
||
| let digest = Digest::default(); | ||
| let digest = self.client.runtime_api().block_digest(block_hash)?; |
There was a problem hiding this comment.
I'm sorry to confuse you on the digests. I have a question here. The digest you are fetching here is the post block digest. So it includes all the digest items that were added during the state transition and on_finalization. So the digests might not the same digests that were passed during the new block initialization then, correct ? So we may be adding the digest logs that will added in the later execution in the intialization itself. Thoughts @NingLin-P
There was a problem hiding this comment.
Okay, I took a closer look. I think the first version of this PR is fine, namely only including the consensus_block_info digest which is the only inherent digest and doesn't need the digest storage proof at all.
For ApplyExtrinsic and FinalizeBlock, the necessary extrinsic will be executed before generating the execution proof (see prepare_storage_changes_before and prepare_storage_changes_before_finalize_block) so the digests emitted during block execution/finalization will be included in the proof properly.
One last question about "there are digests from frontier we should consider here that are missing", do you mean the digest emitted during block execution/finalization or the inherent digest?
…nd some cleanup Signed-off-by: linning <linningde25@gmail.com>
| } | ||
|
|
||
| /// Verify the proof-of-inclusion of the `data` at the `index` of the merkle root `root` | ||
| pub fn verify_proof<Layout>( |
There was a problem hiding this comment.
I think it should be generated something similart to - https://github.com/subspace/subspace/blob/main/crates/pallet-domains/src/tests.rs#L829
Anyway leave a TODO and we can revisit this
close #1890
The first 2 commits are picked from #1983, depends on which PRs merge first, the latter one should remove these commits.This PR revamps the invalid state transition proof based on the v2 design, notable changes compared to v1:
InvalidStateTransitionProofare replaced by the fieldbad_receipt_hash, the bad receipt is retrieved from the consensus chain and its data is used instead during the verificationAdd theruntime_code_with_prooffield to the fraud proof which contains the domain runtime code along with the storage proofDomainBlockconfig item to pallet-domains, which is used to construct the domain block header during the invalid state transition fraud proofCode contributor checklist: