Merge commit '392447f5c8f986ded2559a78457f4cd87942f393' into update-bridges-subtree-r/w

2026-05-30 14:01:02 +00:00 · 2021-12-01 09:46:14 +01:00
parent e16f71b7b6 392447f5c8
commit 5228731ae8
321 changed files with 28385 additions and 10466 deletions
@@ -8,10 +8,10 @@ license = "GPL-3.0-or-later WITH Classpath-exception-2.0"

 [dependencies]
 bitvec = { version = "0.20", default-features = false, features = ["alloc"] }
-codec = { package = "parity-scale-codec", version = "2.0.0", default-features = false, features = ["derive", "bit-vec"] }
+codec = { package = "parity-scale-codec", version = "2.2.0", default-features = false, features = ["derive", "bit-vec"] }
 impl-trait-for-tuples = "0.2"
-scale-info = { version = "1.0", default-features = false, features = ["derive"] }
-serde = { version = "1.0.101", optional = true, features = ["derive"] }
+scale-info = { version = "1.0", default-features = false, features = ["bit-vec", "derive"] }
+serde = { version = "1.0", optional = true, features = ["derive"] }

 # Bridge dependencies

@@ -19,9 +19,9 @@ bp-runtime = { path = "../runtime", default-features = false }

 # Substrate Dependencies

-frame-support = { git = "https://github.com/paritytech/substrate", branch = "master" , default-features = false }
-frame-system = { git = "https://github.com/paritytech/substrate", branch = "master" , default-features = false }
-sp-std = { git = "https://github.com/paritytech/substrate", branch = "master" , default-features = false }
+frame-support = { git = "https://github.com/paritytech/substrate", branch = "master", default-features = false }
+frame-system = { git = "https://github.com/paritytech/substrate", branch = "master", default-features = false }
+sp-std = { git = "https://github.com/paritytech/substrate", branch = "master", default-features = false }

 [features]
 default = ["std"]
@@ -76,7 +76,7 @@ pub type LaneId = [u8; 4];
 pub type MessageNonce = u64;

 /// Message id as a tuple.
-pub type MessageId = (LaneId, MessageNonce);
+pub type BridgeMessageId = (LaneId, MessageNonce);

 /// Opaque message payload. We only decode this payload when it is dispatched.
 pub type MessagePayload = Vec<u8>;
@@ -111,22 +111,23 @@ pub struct Message<Fee> {
 /// Inbound lane data.
 #[derive(Encode, Decode, Clone, RuntimeDebug, PartialEq, Eq, TypeInfo)]
 pub struct InboundLaneData<RelayerId> {
-	/// Identifiers of relayers and messages that they have delivered to this lane (ordered by message nonce).
+	/// Identifiers of relayers and messages that they have delivered to this lane (ordered by
+	/// message nonce).
 	///
 	/// This serves as a helper storage item, to allow the source chain to easily pay rewards
-	/// to the relayers who succesfuly delivered messages to the target chain (inbound lane).
+	/// to the relayers who successfully delivered messages to the target chain (inbound lane).
 	///
 	/// It is guaranteed to have at most N entries, where N is configured at the module level.
 	/// If there are N entries in this vec, then:
-	/// 1) all incoming messages are rejected if they're missing corresponding `proof-of(outbound-lane.state)`;
-	/// 2) all incoming messages are rejected if `proof-of(outbound-lane.state).last_delivered_nonce` is
-	///    equal to `self.last_confirmed_nonce`.
-	/// Given what is said above, all nonces in this queue are in range:
-	/// `(self.last_confirmed_nonce; self.last_delivered_nonce()]`.
+	/// 1) all incoming messages are rejected if they're missing corresponding
+	/// `proof-of(outbound-lane.state)`; 2) all incoming messages are rejected if
+	/// `proof-of(outbound-lane.state).last_delivered_nonce` is    equal to
+	/// `self.last_confirmed_nonce`. Given what is said above, all nonces in this queue are in
+	/// range: `(self.last_confirmed_nonce; self.last_delivered_nonce()]`.
 	///
 	/// When a relayer sends a single message, both of MessageNonces are the same.
-	/// When relayer sends messages in a batch, the first arg is the lowest nonce, second arg the highest nonce.
-	/// Multiple dispatches from the same relayer are allowed.
+	/// When relayer sends messages in a batch, the first arg is the lowest nonce, second arg the
+	/// highest nonce. Multiple dispatches from the same relayer are allowed.
 	pub relayers: VecDeque<UnrewardedRelayer<RelayerId>>,

 	/// Nonce of the last message that
@@ -142,24 +143,26 @@ pub struct InboundLaneData<RelayerId> {

 impl<RelayerId> Default for InboundLaneData<RelayerId> {
 	fn default() -> Self {
-		InboundLaneData {
-			relayers: VecDeque::new(),
-			last_confirmed_nonce: 0,
-		}
+		InboundLaneData { relayers: VecDeque::new(), last_confirmed_nonce: 0 }
 	}
 }

 impl<RelayerId> InboundLaneData<RelayerId> {
-	/// Returns approximate size of the struct, given number of entries in the `relayers` set and
+	/// Returns approximate size of the struct, given a number of entries in the `relayers` set and
 	/// size of each entry.
 	///
 	/// Returns `None` if size overflows `u32` limits.
-	pub fn encoded_size_hint(relayer_id_encoded_size: u32, relayers_entries: u32, messages_count: u32) -> Option<u32> {
+	pub fn encoded_size_hint(
+		relayer_id_encoded_size: u32,
+		relayers_entries: u32,
+		messages_count: u32,
+	) -> Option<u32> {
 		let message_nonce_size = 8;
 		let relayers_entry_size = relayer_id_encoded_size.checked_add(2 * message_nonce_size)?;
 		let relayers_size = relayers_entries.checked_mul(relayers_entry_size)?;
 		let dispatch_results_per_byte = 8;
-		let dispatch_result_size = sp_std::cmp::max(relayers_entries, messages_count / dispatch_results_per_byte);
+		let dispatch_result_size =
+			sp_std::cmp::max(relayers_entries, messages_count / dispatch_results_per_byte);
 		relayers_size
 			.checked_add(message_nonce_size)
 			.and_then(|result| result.checked_add(dispatch_result_size))
@@ -194,8 +197,8 @@ pub type DispatchResultsBitVec = BitVec<Msb0, u8>;

 /// Unrewarded relayer entry stored in the inbound lane data.
 ///
-/// This struct represents a continuous range of messages that have been delivered by the same relayer
-/// and whose confirmations are still pending.
+/// This struct represents a continuous range of messages that have been delivered by the same
+/// relayer and whose confirmations are still pending.
 #[derive(Encode, Decode, Clone, RuntimeDebug, PartialEq, Eq, TypeInfo)]
 pub struct UnrewardedRelayer<RelayerId> {
 	/// Identifier of the relayer.
@@ -218,7 +221,8 @@ pub struct DeliveredMessages {
 }

 impl DeliveredMessages {
-	/// Create new `DeliveredMessages` struct that confirms delivery of single nonce with given dispatch result.
+	/// Create new `DeliveredMessages` struct that confirms delivery of single nonce with given
+	/// dispatch result.
 	pub fn new(nonce: MessageNonce, dispatch_result: bool) -> Self {
 		DeliveredMessages {
 			begin: nonce,
@@ -227,6 +231,15 @@ impl DeliveredMessages {
 		}
 	}

+	/// Return total count of delivered messages.
+	pub fn total_messages(&self) -> MessageNonce {
+		if self.end >= self.begin {
+			self.end - self.begin + 1
+		} else {
+			0
+		}
+	}
+
 	/// Note new dispatched message.
 	pub fn note_dispatched_message(&mut self, dispatch_result: bool) {
 		self.end += 1;
@@ -269,19 +282,20 @@ pub struct UnrewardedRelayersState {
 /// Outbound lane data.
 #[derive(Encode, Decode, Clone, RuntimeDebug, PartialEq, Eq, TypeInfo)]
 pub struct OutboundLaneData {
-	/// Nonce of oldest message that we haven't yet pruned. May point to not-yet-generated message if
-	/// all sent messages are already pruned.
+	/// Nonce of the oldest message that we haven't yet pruned. May point to not-yet-generated
+	/// message if all sent messages are already pruned.
 	pub oldest_unpruned_nonce: MessageNonce,
-	/// Nonce of latest message, received by bridged chain.
+	/// Nonce of the latest message, received by bridged chain.
 	pub latest_received_nonce: MessageNonce,
-	/// Nonce of latest message, generated by us.
+	/// Nonce of the latest message, generated by us.
 	pub latest_generated_nonce: MessageNonce,
 }

 impl Default for OutboundLaneData {
 	fn default() -> Self {
 		OutboundLaneData {
-			// it is 1 because we're pruning everything in [oldest_unpruned_nonce; latest_received_nonce]
+			// it is 1 because we're pruning everything in [oldest_unpruned_nonce;
+			// latest_received_nonce]
 			oldest_unpruned_nonce: 1,
 			latest_received_nonce: 0,
 			latest_generated_nonce: 0,
@@ -292,7 +306,9 @@ impl Default for OutboundLaneData {
 /// Returns total number of messages in the `InboundLaneData::relayers` vector.
 ///
 /// Returns `None` if there are more messages that `MessageNonce` may fit (i.e. `MessageNonce + 1`).
-pub fn total_unrewarded_messages<RelayerId>(relayers: &VecDeque<UnrewardedRelayer<RelayerId>>) -> Option<MessageNonce> {
+pub fn total_unrewarded_messages<RelayerId>(
+	relayers: &VecDeque<UnrewardedRelayer<RelayerId>>,
+) -> Option<MessageNonce> {
 	match (relayers.front(), relayers.back()) {
 		(Some(front), Some(back)) => {
 			if let Some(difference) = back.messages.end.checked_sub(front.messages.begin) {
@@ -300,7 +316,7 @@ pub fn total_unrewarded_messages<RelayerId>(relayers: &VecDeque<UnrewardedRelaye
 			} else {
 				Some(0)
 			}
-		}
+		},
 		_ => Some(0),
 	}
 }
@@ -314,10 +330,7 @@ mod tests {
 		assert_eq!(
 			total_unrewarded_messages(
 				&vec![
-					UnrewardedRelayer {
-						relayer: 1,
-						messages: DeliveredMessages::new(0, true)
-					},
+					UnrewardedRelayer { relayer: 1, messages: DeliveredMessages::new(0, true) },
 					UnrewardedRelayer {
 						relayer: 2,
 						messages: DeliveredMessages::new(MessageNonce::MAX, true)
@@ -341,7 +354,11 @@ mod tests {
 			(13u8, 128u8),
 		];
 		for (relayer_entries, messages_count) in test_cases {
-			let expected_size = InboundLaneData::<u8>::encoded_size_hint(1, relayer_entries as _, messages_count as _);
+			let expected_size = InboundLaneData::<u8>::encoded_size_hint(
+				1,
+				relayer_entries as _,
+				messages_count as _,
+			);
 			let actual_size = InboundLaneData {
 				relayers: (1u8..=relayer_entries)
 					.map(|i| {
@@ -375,11 +392,8 @@ mod tests {

 	#[test]
 	fn message_dispatch_result_works() {
-		let delivered_messages = DeliveredMessages {
-			begin: 100,
-			end: 150,
-			dispatch_results: bitvec![Msb0, u8; 1; 151],
-		};
+		let delivered_messages =
+			DeliveredMessages { begin: 100, end: 150, dispatch_results: bitvec![Msb0, u8; 1; 151] };

 		assert!(!delivered_messages.contains_message(99));
 		assert!(delivered_messages.contains_message(100));
@@ -18,9 +18,14 @@

 use crate::{DeliveredMessages, InboundLaneData, LaneId, MessageNonce, OutboundLaneData};

+use crate::UnrewardedRelayer;
 use bp_runtime::Size;
-use frame_support::{Parameter, RuntimeDebug};
-use sp_std::{collections::btree_map::BTreeMap, fmt::Debug};
+use frame_support::{weights::Weight, Parameter, RuntimeDebug};
+use sp_std::{
+	collections::{btree_map::BTreeMap, vec_deque::VecDeque},
+	fmt::Debug,
+	ops::RangeInclusive,
+};

 /// The sender of the message on the source chain.
 pub type Sender<AccountId> = frame_system::RawOrigin<AccountId>;
@@ -56,14 +61,14 @@ pub trait TargetHeaderChain<Payload, AccountId> {
 	///
 	/// The proper implementation must ensure that the delivery-transaction with this
 	/// payload would (at least) be accepted into target chain transaction pool AND
-	/// eventually will be successfully 'mined'. The most obvious incorrect implementation
+	/// eventually will be successfully mined. The most obvious incorrect implementation
 	/// example would be implementation for BTC chain that accepts payloads larger than
 	/// 1MB. BTC nodes aren't accepting transactions that are larger than 1MB, so relayer
 	/// will be unable to craft valid transaction => this (and all subsequent) messages will
 	/// never be delivered.
 	fn verify_message(payload: &Payload) -> Result<(), Self::Error>;

-	/// Verify messages delivery proof and return lane && nonce of the latest recevied message.
+	/// Verify messages delivery proof and return lane && nonce of the latest received message.
 	fn verify_messages_delivery_proof(
 		proof: Self::MessagesDeliveryProof,
 	) -> Result<(LaneId, InboundLaneData<AccountId>), Self::Error>;
@@ -81,7 +86,8 @@ pub trait LaneMessageVerifier<Submitter, Payload, Fee> {
 	/// Error type.
 	type Error: Debug + Into<&'static str>;

-	/// Verify message payload and return Ok(()) if message is valid and allowed to be sent over the lane.
+	/// Verify message payload and return Ok(()) if message is valid and allowed to be sent over the
+	/// lane.
 	fn verify_message(
 		submitter: &Sender<Submitter>,
 		delivery_and_dispatch_fee: &Fee,
@@ -95,14 +101,14 @@ pub trait LaneMessageVerifier<Submitter, Payload, Fee> {
 /// submitter is paying (in source chain tokens/assets) for:
 ///
 /// 1) submit-message-transaction-fee itself. This fee is not included in the
-/// `delivery_and_dispatch_fee` and is witheld by the regular transaction payment mechanism;
+/// `delivery_and_dispatch_fee` and is withheld by the regular transaction payment mechanism;
 /// 2) message-delivery-transaction-fee. It is submitted to the target node by relayer;
 /// 3) message-dispatch fee. It is paid by relayer for processing message by target chain;
 /// 4) message-receiving-delivery-transaction-fee. It is submitted to the source node
 /// by relayer.
 ///
 /// So to be sure that any non-altruist relayer would agree to deliver message, submitter
-/// should set `delivery_and_dispatch_fee` to at least (equialent of): sum of fees from (2)
+/// should set `delivery_and_dispatch_fee` to at least (equivalent of): sum of fees from (2)
 /// to (4) above, plus some interest for the relayer.
 pub trait MessageDeliveryAndDispatchPayment<AccountId, Balance> {
 	/// Error type.
@@ -121,27 +127,98 @@ pub trait MessageDeliveryAndDispatchPayment<AccountId, Balance> {
 	/// The implementation may also choose to pay reward to the `confirmation_relayer`, which is
 	/// a relayer that has submitted delivery confirmation transaction.
 	fn pay_relayers_rewards(
+		lane_id: LaneId,
+		messages_relayers: VecDeque<UnrewardedRelayer<AccountId>>,
 		confirmation_relayer: &AccountId,
-		relayers_rewards: RelayersRewards<AccountId, Balance>,
+		received_range: &RangeInclusive<MessageNonce>,
 		relayer_fund_account: &AccountId,
 	);
+}

-	/// Perform some initialization in externalities-provided environment.
+/// Send message artifacts.
+#[derive(RuntimeDebug, PartialEq)]
+pub struct SendMessageArtifacts {
+	/// Nonce of the message.
+	pub nonce: MessageNonce,
+	/// Actual weight of send message call.
+	pub weight: Weight,
+}
+
+/// Messages bridge API to be used from other pallets.
+pub trait MessagesBridge<AccountId, Balance, Payload> {
+	/// Error type.
+	type Error: Debug;
+
+	/// Send message over the bridge.
 	///
-	/// For instance you may ensure that particular required accounts or storage items are present.
-	/// Returns the number of storage reads performed.
-	fn initialize(_relayer_fund_account: &AccountId) -> usize {
-		0
+	/// Returns unique message nonce or error if send has failed.
+	fn send_message(
+		sender: Sender<AccountId>,
+		lane: LaneId,
+		message: Payload,
+		delivery_and_dispatch_fee: Balance,
+	) -> Result<SendMessageArtifacts, Self::Error>;
+}
+
+/// Bridge that does nothing when message is being sent.
+#[derive(RuntimeDebug, PartialEq)]
+pub struct NoopMessagesBridge;
+
+impl<AccountId, Balance, Payload> MessagesBridge<AccountId, Balance, Payload>
+	for NoopMessagesBridge
+{
+	type Error = &'static str;
+
+	fn send_message(
+		_sender: Sender<AccountId>,
+		_lane: LaneId,
+		_message: Payload,
+		_delivery_and_dispatch_fee: Balance,
+	) -> Result<SendMessageArtifacts, Self::Error> {
+		Ok(SendMessageArtifacts { nonce: 0, weight: 0 })
 	}
 }

 /// Handler for messages delivery confirmation.
-#[impl_trait_for_tuples::impl_for_tuples(30)]
 pub trait OnDeliveryConfirmed {
 	/// Called when we receive confirmation that our messages have been delivered to the
 	/// target chain. The confirmation also has single bit dispatch result for every
-	/// confirmed message (see `DeliveredMessages` for details).
-	fn on_messages_delivered(_lane: &LaneId, _messages: &DeliveredMessages) {}
+	/// confirmed message (see `DeliveredMessages` for details). Guaranteed to be called
+	/// only when at least one message is delivered.
+	///
+	/// Should return total weight consumed by the call.
+	///
+	/// NOTE: messages pallet assumes that maximal weight that may be spent on processing
+	/// single message is single DB read + single DB write. So this function shall never
+	/// return weight that is larger than total number of messages * (db read + db write).
+	/// If your pallet needs more time for processing single message, please do it
+	/// from `on_initialize` call(s) of the next block(s).
+	fn on_messages_delivered(_lane: &LaneId, _messages: &DeliveredMessages) -> Weight;
+}
+
+#[impl_trait_for_tuples::impl_for_tuples(30)]
+impl OnDeliveryConfirmed for Tuple {
+	fn on_messages_delivered(lane: &LaneId, messages: &DeliveredMessages) -> Weight {
+		let mut total_weight: Weight = 0;
+		for_tuples!(
+			#(
+				total_weight = total_weight.saturating_add(Tuple::on_messages_delivered(lane, messages));
+			)*
+		);
+		total_weight
+	}
+}
+
+/// Handler for messages have been accepted
+pub trait OnMessageAccepted {
+	/// Called when a message has been accepted by message pallet.
+	fn on_messages_accepted(lane: &LaneId, message: &MessageNonce) -> Weight;
+}
+
+impl OnMessageAccepted for () {
+	fn on_messages_accepted(_lane: &LaneId, _message: &MessageNonce) -> Weight {
+		0
+	}
 }

 /// Structure that may be used in place of `TargetHeaderChain`, `LaneMessageVerifier` and
@@ -149,7 +226,8 @@ pub trait OnDeliveryConfirmed {
 pub struct ForbidOutboundMessages;

 /// Error message that is used in `ForbidOutboundMessages` implementation.
-const ALL_OUTBOUND_MESSAGES_REJECTED: &str = "This chain is configured to reject all outbound messages";
+const ALL_OUTBOUND_MESSAGES_REJECTED: &str =
+	"This chain is configured to reject all outbound messages";

 impl<Payload, AccountId> TargetHeaderChain<Payload, AccountId> for ForbidOutboundMessages {
 	type Error = &'static str;
@@ -167,7 +245,9 @@ impl<Payload, AccountId> TargetHeaderChain<Payload, AccountId> for ForbidOutboun
 	}
 }

-impl<Submitter, Payload, Fee> LaneMessageVerifier<Submitter, Payload, Fee> for ForbidOutboundMessages {
+impl<Submitter, Payload, Fee> LaneMessageVerifier<Submitter, Payload, Fee>
+	for ForbidOutboundMessages
+{
 	type Error = &'static str;

 	fn verify_message(
@@ -181,7 +261,9 @@ impl<Submitter, Payload, Fee> LaneMessageVerifier<Submitter, Payload, Fee> for F
 	}
 }

-impl<AccountId, Balance> MessageDeliveryAndDispatchPayment<AccountId, Balance> for ForbidOutboundMessages {
+impl<AccountId, Balance> MessageDeliveryAndDispatchPayment<AccountId, Balance>
+	for ForbidOutboundMessages
+{
 	type Error = &'static str;

 	fn pay_delivery_and_dispatch_fee(
@@ -193,8 +275,10 @@ impl<AccountId, Balance> MessageDeliveryAndDispatchPayment<AccountId, Balance> f
 	}

 	fn pay_relayers_rewards(
+		_lane_id: LaneId,
+		_messages_relayers: VecDeque<UnrewardedRelayer<AccountId>>,
 		_confirmation_relayer: &AccountId,
-		_relayers_rewards: RelayersRewards<AccountId, Balance>,
+		_received_range: &RangeInclusive<MessageNonce>,
 		_relayer_fund_account: &AccountId,
 	) {
 	}
@@ -76,7 +76,7 @@ pub trait SourceHeaderChain<Fee> {
 	/// messages will be rejected.
 	///
 	/// The `messages_count` argument verification (sane limits) is supposed to be made
-	/// outside of this function. This function only verifies that the proof declares exactly
+	/// outside this function. This function only verifies that the proof declares exactly
 	/// `messages_count` messages.
 	fn verify_messages_proof(
 		proof: Self::MessagesProof,
@@ -112,23 +112,19 @@ pub trait MessageDispatch<AccountId, Fee> {

 impl<Message> Default for ProvedLaneMessages<Message> {
 	fn default() -> Self {
-		ProvedLaneMessages {
-			lane_state: None,
-			messages: Vec::new(),
-		}
+		ProvedLaneMessages { lane_state: None, messages: Vec::new() }
 	}
 }

 impl<DispatchPayload: Decode, Fee> From<Message<Fee>> for DispatchMessage<DispatchPayload, Fee> {
 	fn from(message: Message<Fee>) -> Self {
-		DispatchMessage {
-			key: message.key,
-			data: message.data.into(),
-		}
+		DispatchMessage { key: message.key, data: message.data.into() }
 	}
 }

-impl<DispatchPayload: Decode, Fee> From<MessageData<Fee>> for DispatchMessageData<DispatchPayload, Fee> {
+impl<DispatchPayload: Decode, Fee> From<MessageData<Fee>>
+	for DispatchMessageData<DispatchPayload, Fee>
+{
 	fn from(data: MessageData<Fee>) -> Self {
 		DispatchMessageData {
 			payload: DispatchPayload::decode(&mut &data.payload[..]),
@@ -142,7 +138,8 @@ impl<DispatchPayload: Decode, Fee> From<MessageData<Fee>> for DispatchMessageDat
 pub struct ForbidInboundMessages;

 /// Error message that is used in `ForbidOutboundMessages` implementation.
-const ALL_INBOUND_MESSAGES_REJECTED: &str = "This chain is configured to reject all inbound messages";
+const ALL_INBOUND_MESSAGES_REJECTED: &str =
+	"This chain is configured to reject all inbound messages";

 impl<Fee> SourceHeaderChain<Fee> for ForbidInboundMessages {
 	type Error = &'static str;
@@ -163,7 +160,10 @@ impl<AccountId, Fee> MessageDispatch<AccountId, Fee> for ForbidInboundMessages {
 		Weight::MAX
 	}

-	fn dispatch(_: &AccountId, _: DispatchMessage<Self::DispatchPayload, Fee>) -> MessageDispatchResult {
+	fn dispatch(
+		_: &AccountId,
+		_: DispatchMessage<Self::DispatchPayload, Fee>,
+	) -> MessageDispatchResult {
 		MessageDispatchResult {
 			dispatch_result: false,
 			unspent_weight: 0,