grandpa: report equivocations (#3868)

* session: runtime api for generating session membership proofs * grandpa: add runtime api for creating equivocation report txs * grandpa: submit signed equivocation report transactions * grandpa: use proper equivocation report type * grandpa: report equivocations * grandpa: validate equivocation proof * grandpa: update to finality-grandpa 0.9.1 * grandpa: fix encoding of session membership proof * grandpa: initialize set id session mapping for genesis session * grandpa: fix bug in set_id session validation * fix compilation * cleanup from merge conflicts * cleanup crate tomls * grandpa: refactor equivocation handling to separate trait * node-template: fix compilation * fix test compilation * bump finality-grandpa to v0.10.2 * rpc: fix runtime version test * CHERRY-PICK #4200: Add documentation to SubmitSignedTransaction and actually make it work Squashed commit of the following: commit 4f2cb0b1c588a06f2f3b478bb4b28b5cb29d54b9 Author: Tomasz Drwięga <tomasz@parity.io> Date: Tue Dec 3 16:29:33 2019 +0100 Split the method to avoid confusing type error message. commit c5bf24eeaaf902add89ed1b046b22c4a4aaeb2cd Author: Tomasz Drwięga <tomasz@parity.io> Date: Tue Dec 3 16:19:55 2019 +0100 Make accounts optional, fix logic. commit 97db1ef556e023cf6847e5ffdb036c0e3ea6fb0a Author: Tomasz Drwięga <tomasz@parity.io> Date: Tue Dec 3 10:06:20 2019 +0100 Remove warning. commit 535f5c116d1a2e826eaf90c3f7e6798e443d61d8 Merge: 516257217 0f1a5f651 Author: Tomasz Drwięga <tomasz@parity.io> Date: Tue Dec 3 07:08:05 2019 +0100 Merge branch 'master' into td-signed-transactions commit 516257217bac89fcebd083712f4ea68b7b23b55a Merge: ac98248c6 2e68c80c2 Author: Tomasz Drwięga <tomasz@parity.io> Date: Mon Dec 2 13:57:25 2019 +0100 Merge branch 'master' into td-signed-transactions commit ac98248c6c56cff381130645a82a13d29933cf83 Author: Tomasz Drwięga <tomasz@parity.io> Date: Mon Nov 25 17:34:52 2019 +0100 Forgotten import. commit 67a3c19031506c28e31c6bc4a90fff62d467dd58 Author: Tomasz Drwięga <tomasz@parity.io> Date: Mon Nov 25 17:32:10 2019 +0100 Fix naming and bounds. commit 93e768ea9df97a4629fca1f9bc4b108fdb33f876 Author: Tomasz Drwięga <tomasz@parity.io> Date: Mon Nov 25 17:01:05 2019 +0100 Add documentation to signed transactions and actually make them work. * grandpa: skip block initialization on report submission method * primitives: allow transaction pool access by default for offchain calls * grandpa: unused parameters * grandpa: remove unused method * grandpa: enable equivocation reporting * grandpa: add workaround for parameter encoding * grandpa: fix localized_payload calls in tests * fix submit_report_equivocation_extrinsic in runtimes * node: fix submit transaction test compilation * node: bump spec_version * rpc: fix api version test * grandpa: allow custom equivocation offence type * grandpa: add test for authorities::next_change_height * grandpa: cleanup report_equivocation function * node: move reporting app crypto to node-primitives * grandpa: move equivocation traits to own module * grandpa: rename app-crypto crate import * grandpa: export equivocation types * node: bump spec_version * grandpa: rename EquivocationReport to EquivocationProof * grandpa: add missing docs to primitives * grandpa: add missing docs to equivocation * node: fix compilation * grandpa: add missing docs to pallet * node: bump spec_version * fix whitespace * grandpa: return error on offence reporting * grandpa: expose session and validator count in proofs through traits * grandpa: use strong key in module KeyOwnerProofSystem * grandpa: move key ownership proof to grandpa runtime api * grandpa: remove unnecessary cloning when checking equivocation proof * grandpa: make report_equivocation a method in Environment * support: implement KeyOwnerProofSystem for () * grandpa: move KeyOwnerProofSystem to module trait * test-utils: fix runtime compilation * grandpa: fix test compilation * grandpa: fix test compilation after merge * grandpa: simplify transaction submission types * grandpa: validate equivocation report in signed extension * client: fix test * node: use ValidateEquivocationReport signed extension * grandpa: expose key ownership proof under opaque type * grandpa: better docs on key ownership proofs * grandpa: add note about signed extension * grandpa: add ValidateEquivocationReport::new * grandpa: remove skip_initialize_block from runtime api * grandpa: use new offchain transaction submission API * grandpa: take set_id in generate_key_ownership_proof * grandpa: update to finality-grandpa v0.12.2 * grandpa: cleanup usages of AuthoritySet::current * grandpa: fix test * grandpa: add mocking utilities for equivocation reporting * grandpa: add test for equivocation reporting * grandpa: move SetIdSession initialization * grandpa: add more tests * node: enable historical session manager * node: bump spec_version * node: use strong key types in KeyOwnerProofSystem definitions * grandpa: export GrandpaEquivocationOffence type
2026-06-01 03:21:02 +00:00 · 2020-05-06 17:25:51 +01:00
parent a1127f8f9d
commit fbd2ac8f3b
38 changed files with 2249 additions and 296 deletions
@@ -814,7 +814,7 @@ impl<Block: BlockT> Inner<Block> {
 			return Action::Discard(cost::UNKNOWN_VOTER);
 		}

-		if let Err(()) = super::check_message_sig::<Block>(
+		if let Err(()) = sp_finality_grandpa::check_message_signature(
 			&full.message.message,
 			&full.message.id,
 			&full.message.signature,
@@ -610,30 +610,6 @@ impl<B: BlockT, N: Network<B>> Clone for NetworkBridge<B, N> {
 	}
 }

-/// Encode round message localized to a given round and set id.
-pub(crate) fn localized_payload<E: Encode>(
-	round: RoundNumber,
-	set_id: SetIdNumber,
-	message: &E,
-) -> Vec<u8> {
-	let mut buf = Vec::new();
-	localized_payload_with_buffer(round, set_id, message, &mut buf);
-	buf
-}
-
-/// Encode round message localized to a given round and set id using the given
-/// buffer. The given buffer will be cleared and the resulting encoded payload
-/// will always be written to the start of the buffer.
-pub(crate) fn localized_payload_with_buffer<E: Encode>(
-	round: RoundNumber,
-	set_id: SetIdNumber,
-	message: &E,
-	buf: &mut Vec<u8>,
-) {
-	buf.clear();
-	(message, round, set_id).encode_to(buf)
-}
-
 /// Type-safe wrapper around a round number.
 #[derive(Debug, Clone, Copy, Eq, PartialEq, PartialOrd, Ord, Encode, Decode)]
 pub struct Round(pub RoundNumber);
@@ -642,48 +618,6 @@ pub struct Round(pub RoundNumber);
 #[derive(Debug, Clone, Copy, Eq, PartialEq, PartialOrd, Ord, Encode, Decode)]
 pub struct SetId(pub SetIdNumber);

-/// Check a message signature by encoding the message as a localized payload and
-/// verifying the provided signature using the expected authority id.
-pub(crate) fn check_message_sig<Block: BlockT>(
-	message: &Message<Block>,
-	id: &AuthorityId,
-	signature: &AuthoritySignature,
-	round: RoundNumber,
-	set_id: SetIdNumber,
-) -> Result<(), ()> {
-	check_message_sig_with_buffer::<Block>(
-		message,
-		id,
-		signature,
-		round,
-		set_id,
-		&mut Vec::new(),
-	)
-}
-
-/// Check a message signature by encoding the message as a localized payload and
-/// verifying the provided signature using the expected authority id.
-/// The encoding necessary to verify the signature will be done using the given
-/// buffer, the original content of the buffer will be cleared.
-pub(crate) fn check_message_sig_with_buffer<Block: BlockT>(
-	message: &Message<Block>,
-	id: &AuthorityId,
-	signature: &AuthoritySignature,
-	round: RoundNumber,
-	set_id: SetIdNumber,
-	buf: &mut Vec<u8>,
-) -> Result<(), ()> {
-	let as_public = id.clone();
-	localized_payload_with_buffer(round, set_id, message, buf);
-
-	if AuthorityPair::verify(signature, buf, &as_public) {
-		Ok(())
-	} else {
-		debug!(target: "afg", "Bad signature on message from {:?}", id);
-		Err(())
-	}
-}
-
 /// A sink for outgoing messages to the network. Any messages that are sent will
 /// be replaced, as appropriate, according to the given `HasVoted`.
 /// NOTE: The votes are stored unsigned, which means that the signatures need to
@@ -731,16 +665,14 @@ impl<Block: BlockT> Sink<Message<Block>> for OutgoingMessages<Block>
 		}

 		// when locals exist, sign messages on import
-		if let Some((ref pair, ref local_id)) = self.locals {
-			let encoded = localized_payload(self.round, self.set_id, &msg);
-			let signature = pair.sign(&encoded[..]);
-
+		if let Some((ref pair, _)) = self.locals {
 			let target_hash = msg.target().0.clone();
-			let signed = SignedMessage::<Block> {
-				message: msg,
-				signature,
-				id: local_id.clone(),
-			};
+			let signed = sp_finality_grandpa::sign_message(
+				msg,
+				pair,
+				self.round,
+				self.set_id,
+			);

 			let message = GossipMessage::Vote(VoteMessage::<Block> {
 				message: signed.clone(),
@@ -828,7 +760,7 @@ fn check_compact_commit<Block: BlockT>(
 		use crate::communication::gossip::Misbehavior;
 		use finality_grandpa::Message as GrandpaMessage;

-		if let Err(()) = check_message_sig_with_buffer::<Block>(
+		if let Err(()) = sp_finality_grandpa::check_message_signature_with_buffer(
 			&GrandpaMessage::Precommit(precommit.clone()),
 			id,
 			sig,
@@ -916,7 +848,7 @@ fn check_catch_up<Block: BlockT>(
 		for (msg, id, sig) in messages {
 			signatures_checked += 1;

-			if let Err(()) = check_message_sig_with_buffer::<B>(
+			if let Err(()) = sp_finality_grandpa::check_message_signature_with_buffer(
 				&msg,
 				id,
 				sig,
@@ -226,7 +226,7 @@ fn good_commit_leads_to_relay() {
 		let target_number = 500;

 		let precommit = finality_grandpa::Precommit { target_hash: target_hash.clone(), target_number };
-		let payload = super::localized_payload(
+		let payload = sp_finality_grandpa::localized_payload(
 			round, set_id, &finality_grandpa::Message::Precommit(precommit.clone())
 		);

@@ -374,7 +374,7 @@ fn bad_commit_leads_to_report() {
 		let target_number = 500;

 		let precommit = finality_grandpa::Precommit { target_hash: target_hash.clone(), target_number };
-		let payload = super::localized_payload(
+		let payload = sp_finality_grandpa::localized_payload(
 			round, set_id, &finality_grandpa::Message::Precommit(precommit.clone())
 		);