BEEFY: introduce offence report system (#13564)

* Trivial adjustments to beefy and grandpa pallets * Introduce offence report system to beefy pallet * Minor adjustments * Fix beefy-mmr mock * Apply suggestions from code review Co-authored-by: Anton <anton.kalyaev@gmail.com> --------- Co-authored-by: Anton <anton.kalyaev@gmail.com>
2026-06-12 07:41:08 +00:00 · 2023-03-11 19:05:55 +01:00
parent 7401383252
commit 66f3d9e237
10 changed files with 243 additions and 414 deletions
@@ -34,179 +34,205 @@
 //! that the `ValidateUnsigned` for the BEEFY pallet is used in the runtime
 //! definition.

-use sp_std::prelude::*;
-
 use codec::{self as codec, Decode, Encode};
 use frame_support::{
 	log,
 	traits::{Get, KeyOwnerProofSystem},
 };
-use frame_system::pallet_prelude::BlockNumberFor;
-use sp_consensus_beefy::{EquivocationProof, ValidatorSetId};
+use log::{error, info};
+use sp_consensus_beefy::{EquivocationProof, ValidatorSetId, KEY_TYPE};
 use sp_runtime::{
 	transaction_validity::{
 		InvalidTransaction, TransactionPriority, TransactionSource, TransactionValidity,
 		TransactionValidityError, ValidTransaction,
 	},
-	DispatchResult, Perbill, RuntimeAppPublic,
+	DispatchError, KeyTypeId, Perbill, RuntimeAppPublic,
 };
+use sp_session::{GetSessionNumber, GetValidatorCount};
 use sp_staking::{
-	offence::{Kind, Offence, OffenceError, ReportOffence},
+	offence::{Kind, Offence, OffenceReportSystem, ReportOffence},
 	SessionIndex,
 };
+use sp_std::prelude::*;

-use super::{Call, Config, Pallet, LOG_TARGET};
+use super::{Call, Config, Error, Pallet, LOG_TARGET};

-/// A trait with utility methods for handling equivocation reports in BEEFY.
-/// The offence type is generic, and the trait provides, reporting an offence
-/// triggered by a valid equivocation report, and also for creating and
-/// submitting equivocation report extrinsics (useful only in offchain context).
-pub trait HandleEquivocation<T: Config> {
-	/// The offence type used for reporting offences on valid equivocation reports.
-	type Offence: BeefyOffence<BlockNumberFor<T>, T::KeyOwnerIdentification>;
-
-	/// The longevity, in blocks, that the equivocation report is valid for. When using the staking
-	/// pallet this should be equal to the bonding duration (in blocks, not eras).
-	type ReportLongevity: Get<u64>;
-
-	/// Report an offence proved by the given reporters.
-	fn report_offence(
-		reporters: Vec<T::AccountId>,
-		offence: Self::Offence,
-	) -> Result<(), OffenceError>;
-
-	/// Returns true if all of the offenders at the given time slot have already been reported.
-	fn is_known_offence(
-		offenders: &[T::KeyOwnerIdentification],
-		time_slot: &<Self::Offence as Offence<T::KeyOwnerIdentification>>::TimeSlot,
-	) -> bool;
-
-	/// Create and dispatch an equivocation report extrinsic.
-	fn submit_unsigned_equivocation_report(
-		equivocation_proof: EquivocationProof<
-			BlockNumberFor<T>,
-			T::BeefyId,
-			<T::BeefyId as RuntimeAppPublic>::Signature,
-		>,
-		key_owner_proof: T::KeyOwnerProof,
-	) -> DispatchResult;
-
-	/// Fetch the current block author id, if defined.
-	fn block_author() -> Option<T::AccountId>;
+/// A round number and set id which point on the time of an offence.
+#[derive(Copy, Clone, PartialOrd, Ord, Eq, PartialEq, Encode, Decode)]
+pub struct TimeSlot<N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode> {
+	// The order of these matters for `derive(Ord)`.
+	/// BEEFY Set ID.
+	pub set_id: ValidatorSetId,
+	/// Round number.
+	pub round: N,
 }

-impl<T: Config> HandleEquivocation<T> for () {
-	type Offence = BeefyEquivocationOffence<BlockNumberFor<T>, T::KeyOwnerIdentification>;
-	type ReportLongevity = ();
-
-	fn report_offence(
-		_reporters: Vec<T::AccountId>,
-		_offence: BeefyEquivocationOffence<BlockNumberFor<T>, T::KeyOwnerIdentification>,
-	) -> Result<(), OffenceError> {
-		Ok(())
-	}
-
-	fn is_known_offence(
-		_offenders: &[T::KeyOwnerIdentification],
-		_time_slot: &BeefyTimeSlot<BlockNumberFor<T>>,
-	) -> bool {
-		true
-	}
-
-	fn submit_unsigned_equivocation_report(
-		_equivocation_proof: EquivocationProof<
-			BlockNumberFor<T>,
-			T::BeefyId,
-			<T::BeefyId as RuntimeAppPublic>::Signature,
-		>,
-		_key_owner_proof: T::KeyOwnerProof,
-	) -> DispatchResult {
-		Ok(())
-	}
-
-	fn block_author() -> Option<T::AccountId> {
-		None
-	}
-}
-
-/// Generic equivocation handler. This type implements `HandleEquivocation`
-/// using existing subsystems that are part of frame (type bounds described
-/// below) and will dispatch to them directly, it's only purpose is to wire all
-/// subsystems together.
-pub struct EquivocationHandler<N, I, R, L, O = BeefyEquivocationOffence<N, I>> {
-	_phantom: sp_std::marker::PhantomData<(N, I, R, L, O)>,
-}
-
-impl<N, I, R, L, O> Default for EquivocationHandler<N, I, R, L, O> {
-	fn default() -> Self {
-		Self { _phantom: Default::default() }
-	}
-}
-
-impl<T, R, L, O> HandleEquivocation<T>
-	for EquivocationHandler<BlockNumberFor<T>, T::KeyOwnerIdentification, R, L, O>
+/// BEEFY equivocation offence report.
+pub struct EquivocationOffence<Offender, N>
 where
-	// We use the authorship pallet to fetch the current block author and use
-	// `offchain::SendTransactionTypes` for unsigned extrinsic creation and
-	// submission.
-	T: Config + pallet_authorship::Config + frame_system::offchain::SendTransactionTypes<Call<T>>,
-	// A system for reporting offences after valid equivocation reports are
-	// processed.
-	R: ReportOffence<T::AccountId, T::KeyOwnerIdentification, O>,
-	// The longevity (in blocks) that the equivocation report is valid for. When using the staking
-	// pallet this should be the bonding duration.
-	L: Get<u64>,
-	// The offence type that should be used when reporting.
-	O: BeefyOffence<BlockNumberFor<T>, T::KeyOwnerIdentification>,
+	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,
 {
-	type Offence = O;
-	type ReportLongevity = L;
+	/// Time slot at which this incident happened.
+	pub time_slot: TimeSlot<N>,
+	/// The session index in which the incident happened.
+	pub session_index: SessionIndex,
+	/// The size of the validator set at the time of the offence.
+	pub validator_set_count: u32,
+	/// The authority which produced this equivocation.
+	pub offender: Offender,
+}

-	fn report_offence(reporters: Vec<T::AccountId>, offence: O) -> Result<(), OffenceError> {
-		R::report_offence(reporters, offence)
+impl<Offender: Clone, N> Offence<Offender> for EquivocationOffence<Offender, N>
+where
+	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,
+{
+	const ID: Kind = *b"beefy:equivocati";
+	type TimeSlot = TimeSlot<N>;
+
+	fn offenders(&self) -> Vec<Offender> {
+		vec![self.offender.clone()]
 	}

-	fn is_known_offence(offenders: &[T::KeyOwnerIdentification], time_slot: &O::TimeSlot) -> bool {
-		R::is_known_offence(offenders, time_slot)
+	fn session_index(&self) -> SessionIndex {
+		self.session_index
 	}

-	fn submit_unsigned_equivocation_report(
-		equivocation_proof: EquivocationProof<
-			BlockNumberFor<T>,
-			T::BeefyId,
-			<T::BeefyId as RuntimeAppPublic>::Signature,
-		>,
-		key_owner_proof: T::KeyOwnerProof,
-	) -> DispatchResult {
+	fn validator_set_count(&self) -> u32 {
+		self.validator_set_count
+	}
+
+	fn time_slot(&self) -> Self::TimeSlot {
+		self.time_slot
+	}
+
+	// The formula is min((3k / n)^2, 1)
+	// where k = offenders_number and n = validators_number
+	fn slash_fraction(&self, offenders_count: u32) -> Perbill {
+		// Perbill type domain is [0, 1] by definition
+		Perbill::from_rational(3 * offenders_count, self.validator_set_count).square()
+	}
+}
+
+/// BEEFY equivocation offence report system.
+///
+/// This type implements `OffenceReportSystem` such that:
+/// - Equivocation reports are published on-chain as unsigned extrinsic via
+///   `offchain::SendTransactioinsTypes`.
+/// - On-chain validity checks and processing are mostly delegated to the user provided generic
+///   types implementing `KeyOwnerProofSystem` and `ReportOffence` traits.
+/// - Offence reporter for unsigned transactions is fetched via the the authorship pallet.
+pub struct EquivocationReportSystem<T, R, P, L>(sp_std::marker::PhantomData<(T, R, P, L)>);
+
+/// Equivocation evidence convenience alias.
+pub type EquivocationEvidenceFor<T> = (
+	EquivocationProof<
+		<T as frame_system::Config>::BlockNumber,
+		<T as Config>::BeefyId,
+		<<T as Config>::BeefyId as RuntimeAppPublic>::Signature,
+	>,
+	<T as Config>::KeyOwnerProof,
+);
+
+impl<T, R, P, L> OffenceReportSystem<Option<T::AccountId>, EquivocationEvidenceFor<T>>
+	for EquivocationReportSystem<T, R, P, L>
+where
+	T: Config + pallet_authorship::Config + frame_system::offchain::SendTransactionTypes<Call<T>>,
+	R: ReportOffence<
+		T::AccountId,
+		P::IdentificationTuple,
+		EquivocationOffence<P::IdentificationTuple, T::BlockNumber>,
+	>,
+	P: KeyOwnerProofSystem<(KeyTypeId, T::BeefyId), Proof = T::KeyOwnerProof>,
+	P::IdentificationTuple: Clone,
+	L: Get<u64>,
+{
+	type Longevity = L;
+
+	fn publish_evidence(evidence: EquivocationEvidenceFor<T>) -> Result<(), ()> {
 		use frame_system::offchain::SubmitTransaction;
+		let (equivocation_proof, key_owner_proof) = evidence;

 		let call = Call::report_equivocation_unsigned {
 			equivocation_proof: Box::new(equivocation_proof),
 			key_owner_proof,
 		};

-		match SubmitTransaction::<T, Call<T>>::submit_unsigned_transaction(call.into()) {
-			Ok(()) => log::info!(target: LOG_TARGET, "Submitted BEEFY equivocation report.",),
-			Err(e) =>
-				log::error!(target: LOG_TARGET, "Error submitting equivocation report: {:?}", e,),
+		let res = SubmitTransaction::<T, Call<T>>::submit_unsigned_transaction(call.into());
+		match res {
+			Ok(_) => info!(target: LOG_TARGET, "Submitted equivocation report."),
+			Err(e) => error!(target: LOG_TARGET, "Error submitting equivocation report: {:?}", e),
 		}
+		res
+	}
+
+	fn check_evidence(
+		evidence: EquivocationEvidenceFor<T>,
+	) -> Result<(), TransactionValidityError> {
+		let (equivocation_proof, key_owner_proof) = evidence;
+
+		// Check the membership proof to extract the offender's id
+		let key = (KEY_TYPE, equivocation_proof.offender_id().clone());
+		let offender = P::check_proof(key, key_owner_proof).ok_or(InvalidTransaction::BadProof)?;
+
+		// Check if the offence has already been reported, and if so then we can discard the report.
+		let time_slot = TimeSlot {
+			set_id: equivocation_proof.set_id(),
+			round: *equivocation_proof.round_number(),
+		};
+
+		if R::is_known_offence(&[offender], &time_slot) {
+			Err(InvalidTransaction::Stale.into())
+		} else {
+			Ok(())
+		}
+	}
+
+	fn process_evidence(
+		reporter: Option<T::AccountId>,
+		evidence: EquivocationEvidenceFor<T>,
+	) -> Result<(), DispatchError> {
+		let (equivocation_proof, key_owner_proof) = evidence;
+		let reporter = reporter.or_else(|| <pallet_authorship::Pallet<T>>::author());
+		let offender = equivocation_proof.offender_id().clone();
+
+		// We check the equivocation within the context of its set id (and
+		// associated session) and round. We also need to know the validator
+		// set count at the time of the offence since it is required to calculate
+		// the slash amount.
+		let set_id = equivocation_proof.set_id();
+		let round = *equivocation_proof.round_number();
+		let session_index = key_owner_proof.session();
+		let validator_set_count = key_owner_proof.validator_count();
+
+		// Validate the key ownership proof extracting the id of the offender.
+		let offender = P::check_proof((KEY_TYPE, offender), key_owner_proof)
+			.ok_or(Error::<T>::InvalidKeyOwnershipProof)?;
+
+		// Validate equivocation proof (check votes are different and signatures are valid).
+		if !sp_consensus_beefy::check_equivocation_proof(&equivocation_proof) {
+			return Err(Error::<T>::InvalidEquivocationProof.into())
+		}
+
+		// Check that the session id for the membership proof is within the
+		// bounds of the set id reported in the equivocation.
+		let set_id_session_index =
+			crate::SetIdSession::<T>::get(set_id).ok_or(Error::<T>::InvalidEquivocationProof)?;
+		if session_index != set_id_session_index {
+			return Err(Error::<T>::InvalidEquivocationProof.into())
+		}
+
+		let offence = EquivocationOffence {
+			time_slot: TimeSlot { set_id, round },
+			session_index,
+			validator_set_count,
+			offender,
+		};
+
+		R::report_offence(reporter.into_iter().collect(), offence)
+			.map_err(|_| Error::<T>::DuplicateOffenceReport)?;

 		Ok(())
 	}
-
-	fn block_author() -> Option<T::AccountId> {
-		<pallet_authorship::Pallet<T>>::author()
-	}
-}
-
-/// A round number and set id which point on the time of an offence.
-#[derive(Copy, Clone, PartialOrd, Ord, Eq, PartialEq, Encode, Decode)]
-pub struct BeefyTimeSlot<N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode> {
-	// The order of these matters for `derive(Ord)`.
-	/// BEEFY Set ID.
-	pub set_id: ValidatorSetId,
-	/// Round number.
-	pub round: N,
 }

 /// Methods for the `ValidateUnsigned` implementation:
@@ -228,11 +254,11 @@ impl<T: Config> Pallet<T> {
 				},
 			}

-			// check report staleness
-			is_known_offence::<T>(equivocation_proof, key_owner_proof)?;
+			let evidence = (*equivocation_proof.clone(), key_owner_proof.clone());
+			T::EquivocationReportSystem::check_evidence(evidence)?;

 			let longevity =
-				<T::HandleEquivocation as HandleEquivocation<T>>::ReportLongevity::get();
+				<T::EquivocationReportSystem as OffenceReportSystem<_, _>>::Longevity::get();

 			ValidTransaction::with_tag_prefix("BeefyEquivocation")
 				// We assign the maximum priority for any equivocation report.
@@ -254,132 +280,10 @@ impl<T: Config> Pallet<T> {

 	pub fn pre_dispatch(call: &Call<T>) -> Result<(), TransactionValidityError> {
 		if let Call::report_equivocation_unsigned { equivocation_proof, key_owner_proof } = call {
-			is_known_offence::<T>(equivocation_proof, key_owner_proof)
+			let evidence = (*equivocation_proof.clone(), key_owner_proof.clone());
+			T::EquivocationReportSystem::check_evidence(evidence)
 		} else {
 			Err(InvalidTransaction::Call.into())
 		}
 	}
 }
-
-fn is_known_offence<T: Config>(
-	equivocation_proof: &EquivocationProof<
-		BlockNumberFor<T>,
-		T::BeefyId,
-		<T::BeefyId as RuntimeAppPublic>::Signature,
-	>,
-	key_owner_proof: &T::KeyOwnerProof,
-) -> Result<(), TransactionValidityError> {
-	// check the membership proof to extract the offender's id,
-	// equivocation validity will be fully checked during the call.
-	let key = (sp_consensus_beefy::KEY_TYPE, equivocation_proof.offender_id().clone());
-
-	let offender = T::KeyOwnerProofSystem::check_proof(key, key_owner_proof.clone())
-		.ok_or(InvalidTransaction::BadProof)?;
-
-	// check if the offence has already been reported,
-	// and if so then we can discard the report.
-	let time_slot = <T::HandleEquivocation as HandleEquivocation<T>>::Offence::new_time_slot(
-		equivocation_proof.set_id(),
-		*equivocation_proof.round_number(),
-	);
-
-	let is_known_offence = T::HandleEquivocation::is_known_offence(&[offender], &time_slot);
-
-	if is_known_offence {
-		Err(InvalidTransaction::Stale.into())
-	} else {
-		Ok(())
-	}
-}
-
-/// A BEEFY equivocation offence report.
-pub struct BeefyEquivocationOffence<N, FullIdentification>
-where
-	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,
-{
-	/// Time slot at which this incident happened.
-	pub time_slot: BeefyTimeSlot<N>,
-	/// The session index in which the incident happened.
-	pub session_index: SessionIndex,
-	/// The size of the validator set at the time of the offence.
-	pub validator_set_count: u32,
-	/// The authority which produced this equivocation.
-	pub offender: FullIdentification,
-}
-
-/// An interface for types that will be used as BEEFY offences and must also
-/// implement the `Offence` trait. This trait provides a constructor that is
-/// provided all available data during processing of BEEFY equivocations.
-pub trait BeefyOffence<N, FullIdentification>: Offence<FullIdentification>
-where
-	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,
-{
-	/// Create a new BEEFY offence using the given equivocation details.
-	fn new(
-		session_index: SessionIndex,
-		validator_set_count: u32,
-		offender: FullIdentification,
-		set_id: ValidatorSetId,
-		round: N,
-	) -> Self;
-
-	/// Create a new BEEFY offence time slot.
-	fn new_time_slot(set_id: ValidatorSetId, round: N) -> Self::TimeSlot;
-}
-
-impl<N, FullIdentification: Clone> BeefyOffence<N, FullIdentification>
-	for BeefyEquivocationOffence<N, FullIdentification>
-where
-	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,
-{
-	fn new(
-		session_index: SessionIndex,
-		validator_set_count: u32,
-		offender: FullIdentification,
-		set_id: ValidatorSetId,
-		round: N,
-	) -> Self {
-		BeefyEquivocationOffence {
-			session_index,
-			validator_set_count,
-			offender,
-			time_slot: BeefyTimeSlot { set_id, round },
-		}
-	}
-
-	fn new_time_slot(set_id: ValidatorSetId, round: N) -> Self::TimeSlot {
-		BeefyTimeSlot { set_id, round }
-	}
-}
-
-impl<N, FullIdentification: Clone> Offence<FullIdentification>
-	for BeefyEquivocationOffence<N, FullIdentification>
-where
-	N: Copy + Clone + PartialOrd + Ord + Eq + PartialEq + Encode + Decode,
-{
-	const ID: Kind = *b"beefy:equivocati";
-	type TimeSlot = BeefyTimeSlot<N>;
-
-	fn offenders(&self) -> Vec<FullIdentification> {
-		vec![self.offender.clone()]
-	}
-
-	fn session_index(&self) -> SessionIndex {
-		self.session_index
-	}
-
-	fn validator_set_count(&self) -> u32 {
-		self.validator_set_count
-	}
-
-	fn time_slot(&self) -> Self::TimeSlot {
-		self.time_slot
-	}
-
-	fn slash_fraction(&self, offenders_count: u32) -> Perbill {
-		// the formula is min((3k / n)^2, 1)
-		let x = Perbill::from_rational(3 * offenders_count, self.validator_set_count);
-		// _ ^ 2
-		x.square()
-	}
-}