Statement store (#13701)

* WIP Statement store

* Sync with networking changes in master

* WIP statement pallet

* Statement validation

* pallet tests

* Validation queue

* Store maintenance

* Basic statement refactoring + tests + docs

* Store metrics

* Store tests

* Store maintenance test

* cargo fmt

* Build fix

* OCW Api

* Offchain worker

* Enable host functions

* fmt

* Minor tweaks

* Fixed a warning

* Removed tracing

* Manual expiration

* Reworked constraint management

* Updated pallet constraint calculation

* Added small test

* Added remove function to the APIs

* Copy-paste spec into readme

* Comments

* Made the store optional

* Removed network protocol controller

* fmt

* Clippy fixes

* fmt

* fmt

* More clippy fixes

* More clippy fixes

* More clippy fixes

* Update client/statement-store/README.md

Co-authored-by: cheme <emericchevalier.pro@gmail.com>

* Apply suggestions from code review

Co-authored-by: Bastian Köcher <git@kchr.de>

* Removed sstore from node-template

* Sort out data path

* Added offline check

* Removed dispatch_statement

* Renamed into_generic

* Fixed commit placement

* Use HashSet for tracking peers/statements

* fmt

* Use ExtendedHostFunctions

* Fixed benches

* Tweaks

* Apply suggestions from code review

Co-authored-by: cheme <emericchevalier.pro@gmail.com>

* Fixed priority mixup

* Rename

* newtypes for priorities

* Added MAX_TOPICS

* Fixed key filtering logic

* Remove empty entrie

* Removed prefix from signing

* More documentation

* fmt

* Moved store setup from sc-service to node

* Handle maintenance task in sc-statement-store

* Use statement iterator

* Renamed runtime API mod

* fmt

* Remove dump_encoded

* fmt

* Apply suggestions from code review

Co-authored-by: Bastian Köcher <git@kchr.de>

* Apply suggestions from code review

Co-authored-by: Bastian Köcher <git@kchr.de>

* Fixed build after applying review suggestions

* License exceptions

* fmt

* Store options

* Moved pallet consts to config trait

* Removed global priority

* Validate fields when decoding

* Limit validation channel size

* Made a comment into module doc

* Removed submit_encoded

---------

Co-authored-by: cheme <emericchevalier.pro@gmail.com>
Co-authored-by: Bastian Köcher <git@kchr.de>

substrate/frame/statement/src/lib.rs

@@ -0,0 +1,222 @@
+// This file is part of Substrate.
+
+// Copyright (C) Parity Technologies (UK) Ltd.
+// SPDX-License-Identifier: Apache-2.0
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// 	http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Supporting pallet for the statement store.
+//!
+//! - [`Pallet`]
+//!
+//! ## Overview
+//!
+//! The Statement pallet provides means to create and validate statements for the statement store.
+//!
+//! For each statement validation function calculates the following three values based on the
+//! statement author balance:
+//! `max_count`: Maximum number of statements allowed for the author (signer) of this statement.
+//! `max_size`: Maximum total size of statements allowed for the author (signer) of this statement.
+//!
+//! This pallet also contains an offchain worker that turns on-chain statement events into
+//! statements. These statements are placed in the store and propagated over the network.
+
+#![cfg_attr(not(feature = "std"), no_std)]
+
+use frame_support::{
+	pallet_prelude::*,
+	sp_runtime::{traits::CheckedDiv, SaturatedConversion},
+	traits::fungible::Inspect,
+};
+use frame_system::pallet_prelude::*;
+use sp_statement_store::{
+	runtime_api::{InvalidStatement, StatementSource, ValidStatement},
+	Proof, SignatureVerificationResult, Statement,
+};
+
+#[cfg(test)]
+mod mock;
+#[cfg(test)]
+mod tests;
+
+pub use pallet::*;
+
+const LOG_TARGET: &str = "runtime::statement";
+
+#[frame_support::pallet]
+pub mod pallet {
+	use super::*;
+
+	pub type BalanceOf<T> =
+		<<T as Config>::Currency as Inspect<<T as frame_system::Config>::AccountId>>::Balance;
+
+	pub type AccountIdOf<T> = <T as frame_system::Config>::AccountId;
+
+	#[pallet::config]
+	pub trait Config: frame_system::Config
+	where
+		<Self as frame_system::Config>::AccountId: From<sp_statement_store::AccountId>,
+	{
+		/// The overarching event type.
+		type RuntimeEvent: From<Event<Self>> + IsType<<Self as frame_system::Config>::RuntimeEvent>;
+		/// The currency which is used to calculate account limits.
+		type Currency: Inspect<Self::AccountId>;
+		/// Min balance for priority statements.
+		#[pallet::constant]
+		type StatementCost: Get<BalanceOf<Self>>;
+		/// Cost of data byte used for priority calculation.
+		#[pallet::constant]
+		type ByteCost: Get<BalanceOf<Self>>;
+		/// Minimum number of statements allowed per account.
+		#[pallet::constant]
+		type MinAllowedStatements: Get<u32>;
+		/// Maximum number of statements allowed per account.
+		#[pallet::constant]
+		type MaxAllowedStatements: Get<u32>;
+		/// Minimum data bytes allowed per account.
+		#[pallet::constant]
+		type MinAllowedBytes: Get<u32>;
+		/// Maximum data bytes allowed per account.
+		#[pallet::constant]
+		type MaxAllowedBytes: Get<u32>;
+	}
+
+	#[pallet::pallet]
+	pub struct Pallet<T>(sp_std::marker::PhantomData<T>);
+
+	#[pallet::event]
+	#[pallet::generate_deposit(pub(super) fn deposit_event)]
+	pub enum Event<T: Config>
+	where
+		<T as frame_system::Config>::AccountId: From<sp_statement_store::AccountId>,
+	{
+		/// A new statement is submitted
+		NewStatement { account: T::AccountId, statement: Statement },
+	}
+
+	#[pallet::hooks]
+	impl<T: Config> Hooks<BlockNumberFor<T>> for Pallet<T>
+	where
+		<T as frame_system::Config>::AccountId: From<sp_statement_store::AccountId>,
+		sp_statement_store::AccountId: From<<T as frame_system::Config>::AccountId>,
+		<T as frame_system::Config>::RuntimeEvent: From<pallet::Event<T>>,
+		<T as frame_system::Config>::RuntimeEvent: TryInto<pallet::Event<T>>,
+		sp_statement_store::BlockHash: From<<T as frame_system::Config>::Hash>,
+	{
+		fn offchain_worker(now: BlockNumberFor<T>) {
+			log::trace!(target: LOG_TARGET, "Collecting statements at #{:?}", now);
+			Pallet::<T>::collect_statements();
+		}
+	}
+}
+
+impl<T: Config> Pallet<T>
+where
+	<T as frame_system::Config>::AccountId: From<sp_statement_store::AccountId>,
+	sp_statement_store::AccountId: From<<T as frame_system::Config>::AccountId>,
+	<T as frame_system::Config>::RuntimeEvent: From<pallet::Event<T>>,
+	<T as frame_system::Config>::RuntimeEvent: TryInto<pallet::Event<T>>,
+	sp_statement_store::BlockHash: From<<T as frame_system::Config>::Hash>,
+{
+	/// Validate a statement against current state. This is supposed to be called by the statement
+	/// store on the host side.
+	pub fn validate_statement(
+		_source: StatementSource,
+		mut statement: Statement,
+	) -> Result<ValidStatement, InvalidStatement> {
+		sp_io::init_tracing();
+		log::debug!(target: LOG_TARGET, "Validating statement {:?}", statement);
+		let account: T::AccountId = match statement.proof() {
+			Some(Proof::OnChain { who, block_hash, event_index }) => {
+				if frame_system::Pallet::<T>::parent_hash().as_ref() != block_hash.as_slice() {
+					log::debug!(target: LOG_TARGET, "Bad block hash.");
+					return Err(InvalidStatement::BadProof)
+				}
+				let account: T::AccountId = (*who).into();
+				match frame_system::Pallet::<T>::event_no_consensus(*event_index as usize) {
+					Some(e) => {
+						statement.remove_proof();
+						if let Ok(Event::NewStatement { account: a, statement: s }) = e.try_into() {
+							if a != account || s != statement {
+								log::debug!(target: LOG_TARGET, "Event data mismatch");
+								return Err(InvalidStatement::BadProof)
+							}
+						} else {
+							log::debug!(target: LOG_TARGET, "Event type mismatch");
+							return Err(InvalidStatement::BadProof)
+						}
+					},
+					_ => {
+						log::debug!(target: LOG_TARGET, "Bad event index");
+						return Err(InvalidStatement::BadProof)
+					},
+				}
+				account
+			},
+			_ => match statement.verify_signature() {
+				SignatureVerificationResult::Valid(account) => account.into(),
+				SignatureVerificationResult::Invalid => {
+					log::debug!(target: LOG_TARGET, "Bad statement signature.");
+					return Err(InvalidStatement::BadProof)
+				},
+				SignatureVerificationResult::NoSignature => {
+					log::debug!(target: LOG_TARGET, "Missing statement signature.");
+					return Err(InvalidStatement::NoProof)
+				},
+			},
+		};
+		let statement_cost = T::StatementCost::get();
+		let byte_cost = T::ByteCost::get();
+		let balance = <T::Currency as Inspect<AccountIdOf<T>>>::balance(&account);
+		let min_allowed_statements = T::MinAllowedStatements::get();
+		let max_allowed_statements = T::MaxAllowedStatements::get();
+		let min_allowed_bytes = T::MinAllowedBytes::get();
+		let max_allowed_bytes = T::MaxAllowedBytes::get();
+		let max_count = balance
+			.checked_div(&statement_cost)
+			.unwrap_or_default()
+			.saturated_into::<u32>()
+			.clamp(min_allowed_statements, max_allowed_statements);
+		let max_size = balance
+			.checked_div(&byte_cost)
+			.unwrap_or_default()
+			.saturated_into::<u32>()
+			.clamp(min_allowed_bytes, max_allowed_bytes);
+
+		Ok(ValidStatement { max_count, max_size })
+	}
+
+	/// Submit a statement event. The statement will be picked up by the offchain worker and
+	/// broadcast to the network.
+	pub fn submit_statement(account: T::AccountId, statement: Statement) {
+		Self::deposit_event(Event::NewStatement { account, statement });
+	}
+
+	fn collect_statements() {
+		// Find `NewStatement` events and submit them to the store
+		for (index, event) in frame_system::Pallet::<T>::read_events_no_consensus().enumerate() {
+			if let Ok(Event::<T>::NewStatement { account, mut statement }) = event.event.try_into()
+			{
+				if statement.proof().is_none() {
+					let proof = Proof::OnChain {
+						who: account.into(),
+						block_hash: frame_system::Pallet::<T>::parent_hash().into(),
+						event_index: index as u64,
+					};
+					statement.set_proof(proof);
+				}
+				sp_statement_store::runtime_api::statement_store::submit_statement(statement);
+			}
+		}
+	}
+}

substrate/frame/statement/src/mock.rs

@@ -0,0 +1,126 @@
+// This file is part of Substrate.
+
+// Copyright (C) Parity Technologies (UK) Ltd.
+// SPDX-License-Identifier: Apache-2.0
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// 	http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! # Statement pallet test environment.
+
+use super::*;
+
+use crate as pallet_statement;
+use frame_support::{
+	ord_parameter_types,
+	traits::{ConstU32, ConstU64, Everything},
+	weights::constants::RocksDbWeight,
+};
+use sp_core::{Pair, H256};
+use sp_runtime::{
+	testing::Header,
+	traits::{BlakeTwo256, IdentityLookup},
+	AccountId32,
+};
+
+type UncheckedExtrinsic = frame_system::mocking::MockUncheckedExtrinsic<Test>;
+type Block = frame_system::mocking::MockBlock<Test>;
+
+pub const MIN_ALLOWED_STATEMENTS: u32 = 4;
+pub const MAX_ALLOWED_STATEMENTS: u32 = 10;
+pub const MIN_ALLOWED_BYTES: u32 = 1024;
+pub const MAX_ALLOWED_BYTES: u32 = 4096;
+
+frame_support::construct_runtime!(
+	pub enum Test where
+		Block = Block,
+		NodeBlock = Block,
+		UncheckedExtrinsic = UncheckedExtrinsic,
+	{
+		System: frame_system,
+		Balances: pallet_balances,
+		Statement: pallet_statement,
+	}
+);
+
+impl frame_system::Config for Test {
+	type BaseCallFilter = Everything;
+	type BlockWeights = ();
+	type BlockLength = ();
+	type DbWeight = RocksDbWeight;
+	type RuntimeOrigin = RuntimeOrigin;
+	type RuntimeCall = RuntimeCall;
+	type Index = u64;
+	type BlockNumber = u64;
+	type Hash = H256;
+	type Hashing = BlakeTwo256;
+	type AccountId = AccountId32;
+	type Lookup = IdentityLookup<Self::AccountId>;
+	type Header = Header;
+	type RuntimeEvent = RuntimeEvent;
+	type BlockHashCount = ConstU64<250>;
+	type Version = ();
+	type PalletInfo = PalletInfo;
+	type AccountData = pallet_balances::AccountData<u64>;
+	type OnNewAccount = ();
+	type OnKilledAccount = ();
+	type SystemWeightInfo = ();
+	type SS58Prefix = ();
+	type OnSetCode = ();
+	type MaxConsumers = ConstU32<16>;
+}
+
+impl pallet_balances::Config for Test {
+	type Balance = u64;
+	type RuntimeEvent = RuntimeEvent;
+	type DustRemoval = ();
+	type ExistentialDeposit = ConstU64<5>;
+	type AccountStore = System;
+	type WeightInfo = ();
+	type MaxLocks = ();
+	type MaxReserves = ConstU32<50>;
+	type ReserveIdentifier = [u8; 8];
+	type FreezeIdentifier = ();
+	type MaxFreezes = ();
+	type HoldIdentifier = ();
+	type MaxHolds = ();
+}
+
+ord_parameter_types! {
+	pub const One: u64 = 1;
+}
+
+impl Config for Test {
+	type RuntimeEvent = RuntimeEvent;
+	type Currency = Balances;
+	type StatementCost = ConstU64<1000>;
+	type ByteCost = ConstU64<2>;
+	type MinAllowedStatements = ConstU32<MIN_ALLOWED_STATEMENTS>;
+	type MaxAllowedStatements = ConstU32<MAX_ALLOWED_STATEMENTS>;
+	type MinAllowedBytes = ConstU32<MIN_ALLOWED_BYTES>;
+	type MaxAllowedBytes = ConstU32<MAX_ALLOWED_BYTES>;
+}
+
+pub fn new_test_ext() -> sp_io::TestExternalities {
+	let mut t = frame_system::GenesisConfig::default().build_storage::<Test>().unwrap();
+	let balances = pallet_balances::GenesisConfig::<Test> {
+		balances: vec![
+			(sp_core::sr25519::Pair::from_string("//Alice", None).unwrap().public().into(), 6000),
+			(
+				sp_core::sr25519::Pair::from_string("//Charlie", None).unwrap().public().into(),
+				500000,
+			),
+		],
+	};
+	balances.assimilate_storage(&mut t).unwrap();
+	t.into()
+}

substrate/frame/statement/src/tests.rs

@@ -0,0 +1,159 @@
+// This file is part of Substrate.
+
+// Copyright (C) Parity Technologies (UK) Ltd.
+// SPDX-License-Identifier: Apache-2.0
+
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// 	http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! # Statement runtime support tests.
+
+#![cfg(test)]
+
+use super::*;
+use crate::mock::*;
+use sp_core::Pair;
+use sp_runtime::AccountId32;
+use sp_statement_store::{
+	runtime_api::{InvalidStatement, StatementSource, ValidStatement},
+	Proof, Statement,
+};
+
+#[test]
+fn sign_and_validate_no_balance() {
+	new_test_ext().execute_with(|| {
+		let pair = sp_core::sr25519::Pair::from_string("//Bob", None).unwrap();
+		let mut statement = Statement::new();
+		statement.sign_sr25519_private(&pair);
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(
+			Ok(ValidStatement { max_count: MIN_ALLOWED_STATEMENTS, max_size: MIN_ALLOWED_BYTES }),
+			result
+		);
+
+		let pair = sp_core::ed25519::Pair::from_string("//Bob", None).unwrap();
+		let mut statement = Statement::new();
+		statement.sign_ed25519_private(&pair);
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(
+			Ok(ValidStatement { max_count: MIN_ALLOWED_STATEMENTS, max_size: MIN_ALLOWED_BYTES }),
+			result
+		);
+
+		let pair = sp_core::ecdsa::Pair::from_string("//Bob", None).unwrap();
+		let mut statement = Statement::new();
+		statement.sign_ecdsa_private(&pair);
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(
+			Ok(ValidStatement { max_count: MIN_ALLOWED_STATEMENTS, max_size: MIN_ALLOWED_BYTES }),
+			result
+		);
+	});
+}
+
+#[test]
+fn validate_with_balance() {
+	new_test_ext().execute_with(|| {
+		let pair = sp_core::sr25519::Pair::from_string("//Alice", None).unwrap();
+		let mut statement = Statement::new();
+		statement.sign_sr25519_private(&pair);
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(Ok(ValidStatement { max_count: 6, max_size: 3000 }), result);
+
+		let pair = sp_core::sr25519::Pair::from_string("//Charlie", None).unwrap();
+		let mut statement = Statement::new();
+		statement.sign_sr25519_private(&pair);
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(
+			Ok(ValidStatement { max_count: MAX_ALLOWED_STATEMENTS, max_size: MAX_ALLOWED_BYTES }),
+			result
+		);
+	});
+}
+
+#[test]
+fn validate_no_proof_fails() {
+	new_test_ext().execute_with(|| {
+		let statement = Statement::new();
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(Err(InvalidStatement::NoProof), result);
+	});
+}
+
+#[test]
+fn validate_bad_signature_fails() {
+	new_test_ext().execute_with(|| {
+		let statement = Statement::new_with_proof(Proof::Sr25519 {
+			signature: [0u8; 64],
+			signer: Default::default(),
+		});
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(Err(InvalidStatement::BadProof), result);
+	});
+}
+
+#[test]
+fn validate_event() {
+	new_test_ext().execute_with(|| {
+		let parent_hash = sp_core::H256::random();
+		System::reset_events();
+		System::initialize(&1, &parent_hash, &Default::default());
+		let mut statement = Statement::new();
+		let pair = sp_core::sr25519::Pair::from_string("//Alice", None).unwrap();
+		let account: AccountId32 = pair.public().into();
+		Pallet::<Test>::submit_statement(account.clone(), statement.clone());
+		statement.set_proof(Proof::OnChain {
+			who: account.clone().into(),
+			event_index: 0,
+			block_hash: parent_hash.into(),
+		});
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement.clone());
+		assert_eq!(Ok(ValidStatement { max_count: 6, max_size: 3000 }), result);
+
+		// Use wrong event index
+		statement.set_proof(Proof::OnChain {
+			who: account.clone().into(),
+			event_index: 1,
+			block_hash: parent_hash.into(),
+		});
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement.clone());
+		assert_eq!(Err(InvalidStatement::BadProof), result);
+
+		// Use wrong block hash
+		statement.set_proof(Proof::OnChain {
+			who: account.clone().into(),
+			event_index: 0,
+			block_hash: sp_core::H256::random().into(),
+		});
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement.clone());
+		assert_eq!(Err(InvalidStatement::BadProof), result);
+	});
+}
+
+#[test]
+fn validate_no_event_fails() {
+	new_test_ext().execute_with(|| {
+		let parent_hash = sp_core::H256::random();
+		System::reset_events();
+		System::initialize(&1, &parent_hash, &Default::default());
+		let mut statement = Statement::new();
+		let pair = sp_core::sr25519::Pair::from_string("//Alice", None).unwrap();
+		let account: AccountId32 = pair.public().into();
+		statement.set_proof(Proof::OnChain {
+			who: account.into(),
+			event_index: 0,
+			block_hash: parent_hash.into(),
+		});
+		let result = Pallet::<Test>::validate_statement(StatementSource::Chain, statement);
+		assert_eq!(Err(InvalidStatement::BadProof), result);
+	});
+}