From 5384ab8d670f4fa8a7ba8460bf818b15bfc81657 Mon Sep 17 00:00:00 2001 From: Sayan Mallick Date: Fri, 1 May 2026 05:35:17 +0530 Subject: [PATCH 1/5] Update CI: warp runnner to use snapshot and use warm (#9217) Update the ci workflow to use warpbuild snapshot image and test suit uses `Swatinew/rust-cache` to utilize warpbuild cache Co-Authored-By: lemon --- .github/workflows/local-testnet.yml | 10 +-- .github/workflows/test-suite.yml | 55 +++++++++++----- .../warpbuild-ubuntu-latest-snapshot.yml | 63 +++++++++++++++++++ 3 files changed, 109 insertions(+), 19 deletions(-) create mode 100644 .github/workflows/warpbuild-ubuntu-latest-snapshot.yml diff --git a/.github/workflows/local-testnet.yml b/.github/workflows/local-testnet.yml index 308ddcf819..b79659ae3b 100644 --- a/.github/workflows/local-testnet.yml +++ b/.github/workflows/local-testnet.yml @@ -14,7 +14,7 @@ concurrency: jobs: dockerfile-ubuntu: - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} steps: - uses: actions/checkout@v5 @@ -31,7 +31,7 @@ jobs: retention-days: 3 run-local-testnet: - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} needs: dockerfile-ubuntu steps: - uses: actions/checkout@v5 @@ -173,7 +173,7 @@ jobs: # Tests checkpoint syncing to a live network (current fork) and a running devnet (usually next scheduled fork) checkpoint-sync-test: name: checkpoint-sync-test-${{ matrix.network }} - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} needs: dockerfile-ubuntu if: contains(github.event.pull_request.labels.*.name, 'syncing') continue-on-error: true @@ -216,7 +216,7 @@ jobs: # Test syncing from genesis on a local testnet. Aims to cover forward syncing both short and long distances. genesis-sync-test: name: genesis-sync-test-${{ matrix.fork }}-${{ matrix.offline_secs }}s - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} needs: dockerfile-ubuntu strategy: matrix: @@ -259,7 +259,7 @@ jobs: # a PR is safe to merge. New jobs should be added here. local-testnet-success: name: local-testnet-success - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} needs: [ 'dockerfile-ubuntu', 'run-local-testnet', diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml index c2ce6f89be..c632042351 100644 --- a/.github/workflows/test-suite.yml +++ b/.github/workflows/test-suite.yml @@ -97,15 +97,18 @@ jobs: name: release-tests-ubuntu needs: [check-labels] if: needs.check-labels.outputs.skip_ci != 'true' - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} steps: - uses: actions/checkout@v5 # Set Java version to 21. (required since Web3Signer 24.12.0). - - uses: actions/setup-java@v4 + # On sigp/lighthouse, Java 21 is baked into the snapshot. + - if: github.repository != 'sigp/lighthouse' + uses: actions/setup-java@v4 with: distribution: 'temurin' java-version: '21' - - name: Get latest version of stable Rust + - if: github.repository != 'sigp/lighthouse' + name: Get latest version of stable Rust uses: moonrepo/setup-rust@v1 with: channel: stable @@ -113,6 +116,10 @@ jobs: bins: cargo-nextest env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - if: github.repository == 'sigp/lighthouse' + uses: Swatinem/rust-cache@v2 + with: + cache-provider: warpbuild - name: Run tests in release run: make test-release - name: Show cache stats @@ -123,34 +130,44 @@ jobs: name: beacon-chain-tests needs: [check-labels] if: needs.check-labels.outputs.skip_ci != 'true' - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - uses: actions/checkout@v5 - - name: Get latest version of stable Rust + - if: github.repository != 'sigp/lighthouse' + name: Get latest version of stable Rust uses: moonrepo/setup-rust@v1 with: channel: stable cache-target: release bins: cargo-nextest + - if: github.repository == 'sigp/lighthouse' + uses: Swatinem/rust-cache@v2 + with: + cache-provider: warpbuild - name: Run beacon_chain tests for all known forks run: make test-beacon-chain http-api-tests: name: http-api-tests needs: [check-labels] if: needs.check-labels.outputs.skip_ci != 'true' - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - uses: actions/checkout@v5 - - name: Get latest version of stable Rust + - if: github.repository != 'sigp/lighthouse' + name: Get latest version of stable Rust uses: moonrepo/setup-rust@v1 with: channel: stable cache-target: release bins: cargo-nextest + - if: github.repository == 'sigp/lighthouse' + uses: Swatinem/rust-cache@v2 + with: + cache-provider: warpbuild - name: Run http_api tests for all recent forks run: make test-http-api op-pool-tests: @@ -220,16 +237,21 @@ jobs: name: debug-tests-ubuntu needs: [check-labels] if: needs.check-labels.outputs.skip_ci != 'true' - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - uses: actions/checkout@v5 - - name: Get latest version of stable Rust + - if: github.repository != 'sigp/lighthouse' + name: Get latest version of stable Rust uses: moonrepo/setup-rust@v1 with: channel: stable bins: cargo-nextest + - if: github.repository == 'sigp/lighthouse' + uses: Swatinem/rust-cache@v2 + with: + cache-provider: warpbuild - name: Run tests in debug run: make test-debug state-transition-vectors-ubuntu: @@ -250,17 +272,22 @@ jobs: name: ef-tests-ubuntu needs: [check-labels] if: needs.check-labels.outputs.skip_ci != 'true' - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - uses: actions/checkout@v5 - - name: Get latest version of stable Rust + - if: github.repository != 'sigp/lighthouse' + name: Get latest version of stable Rust uses: moonrepo/setup-rust@v1 with: channel: stable cache-target: release bins: cargo-nextest + - if: github.repository == 'sigp/lighthouse' + uses: Swatinem/rust-cache@v2 + with: + cache-provider: warpbuild - name: Run consensus-spec-tests with blst and fake_crypto run: make test-ef basic-simulator-ubuntu: @@ -311,14 +338,14 @@ jobs: name: execution-engine-integration-ubuntu needs: [check-labels] if: needs.check-labels.outputs.skip_ci != 'true' - runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x' || 'ubuntu-latest' }} + runs-on: ${{ github.repository == 'sigp/lighthouse' && 'warp-ubuntu-latest-x64-8x;snapshot.key=lighthouse-ubuntu-latest-v1' || 'ubuntu-latest' }} steps: - uses: actions/checkout@v5 - - name: Get latest version of stable Rust + - if: github.repository != 'sigp/lighthouse' + name: Get latest version of stable Rust uses: moonrepo/setup-rust@v1 with: channel: stable - cache-target: release cache: false env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/warpbuild-ubuntu-latest-snapshot.yml b/.github/workflows/warpbuild-ubuntu-latest-snapshot.yml new file mode 100644 index 0000000000..f32a0f0545 --- /dev/null +++ b/.github/workflows/warpbuild-ubuntu-latest-snapshot.yml @@ -0,0 +1,63 @@ +name: Bake warpbuild snapshot (lighthouse-ubuntu-latest) + +on: + workflow_dispatch: + schedule: + # Every week (Sunday at 00:00 UTC) + - cron: "0 0 * * 0" + pull_request: + branches: [stable, unstable] + paths: + - '.github/workflows/warpbuild-ubuntu-latest-snapshot.yml' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + bake: + runs-on: warp-ubuntu-latest-x64-8x + steps: + - name: Install system deps + run: | + set -euxo pipefail + sudo apt-get update -qq + sudo apt-get install -y --no-install-recommends \ + pkg-config \ + libssl-dev \ + build-essential \ + cmake \ + clang \ + llvm-dev \ + libclang-dev \ + protobuf-compiler \ + git \ + gcc \ + g++ \ + make + + - name: Install Rust toolchain (stable) + uses: dtolnay/rust-toolchain@stable + with: + components: rustfmt,clippy + + - name: Install cargo bins + run: | + cargo install --locked cargo-nextest + cargo install --locked cargo-audit + cargo install --locked cargo-deny + cargo install --locked cargo-sort + cargo install --locked cargo-hack + + - name: Install Java (Temurin 21) + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '21' + + - name: Save snapshot + uses: WarpBuilds/snapshot-save@v1 + with: + alias: 'lighthouse-ubuntu-latest-v1' + fail-on-error: true + wait-timeout-minutes: 60 From 8b8124d4a4d961efc89b1d804dab157380a4b495 Mon Sep 17 00:00:00 2001 From: Michael Sproul Date: Fri, 1 May 2026 19:12:11 +1000 Subject: [PATCH 2/5] Avoid 0x00 block hashes in fcU (#9233) - Avoid sending 0x00 block hashes for the safe and finalized block hashes post-Gloas. - Add code to check this inside the mock EL, which will be reached in all Gloas beacon chain tests Co-Authored-By: Michael Sproul --- .../test_utils/execution_block_generator.rs | 24 +++++++++++++++++++ consensus/fork_choice/src/fork_choice.rs | 22 ++++++++++------- 2 files changed, 37 insertions(+), 9 deletions(-) diff --git a/beacon_node/execution_layer/src/test_utils/execution_block_generator.rs b/beacon_node/execution_layer/src/test_utils/execution_block_generator.rs index 16d8c03062..4a46ce0f88 100644 --- a/beacon_node/execution_layer/src/test_utils/execution_block_generator.rs +++ b/beacon_node/execution_layer/src/test_utils/execution_block_generator.rs @@ -69,6 +69,13 @@ impl Block { } } + pub fn timestamp(&self) -> u64 { + match self { + Block::PoW(block) => block.timestamp, + Block::PoS(payload) => payload.timestamp(), + } + } + pub fn total_difficulty(&self) -> Option { match self { Block::PoW(block) => Some(block.total_difficulty), @@ -558,6 +565,23 @@ impl ExecutionBlockGenerator { self.insert_block(Block::PoS(payload))?; } + // Post-Gloas, the justified and finalized block hashes must be non-zero, since the + // CL always has a known parent_block_hash to reference. + if let Some(head_block) = self.blocks.get(&head_block_hash) + && self + .get_fork_at_timestamp(head_block.timestamp()) + .gloas_enabled() + { + assert!( + forkchoice_state.safe_block_hash != ExecutionBlockHash::zero(), + "post-Gloas safe_block_hash must not be zero" + ); + assert!( + forkchoice_state.finalized_block_hash != ExecutionBlockHash::zero(), + "post-Gloas finalized_block_hash must not be zero" + ); + } + let unknown_head_block_hash = !self.blocks.contains_key(&head_block_hash); let unknown_safe_block_hash = forkchoice_state.safe_block_hash != ExecutionBlockHash::zero() diff --git a/consensus/fork_choice/src/fork_choice.rs b/consensus/fork_choice/src/fork_choice.rs index 477d1fa3b4..593aa27915 100644 --- a/consensus/fork_choice/src/fork_choice.rs +++ b/consensus/fork_choice/src/fork_choice.rs @@ -564,9 +564,9 @@ where // For Gloas blocks, `execution_status` is Irrelevant (no embedded payload). // If the payload envelope was received (Full), use the bid's block_hash as the // execution chain head. Otherwise fall back to the parent hash (Pending) or None. - // TODO(gloas): this is a bit messy, and we probably need a similar treatment for - // justified/finalized - // Can fix as part of: https://github.com/sigp/lighthouse/issues/8957 + // For justified/finalized hashes we always use the bid's parent_block_hash, since the + // payload from the justified/finalized block is not itself justified/finalized due to + // being applied immediately prior to the next block. let head_hash = self.get_block(&head_root).and_then(|b| { b.execution_status .block_hash() @@ -579,12 +579,16 @@ where }); let justified_root = self.justified_checkpoint().root; let finalized_root = self.finalized_checkpoint().root; - let justified_hash = self - .get_block(&justified_root) - .and_then(|b| b.execution_status.block_hash()); - let finalized_hash = self - .get_block(&finalized_root) - .and_then(|b| b.execution_status.block_hash()); + let justified_hash = self.get_block(&justified_root).and_then(|b| { + b.execution_status + .block_hash() + .or(b.execution_payload_parent_hash) + }); + let finalized_hash = self.get_block(&finalized_root).and_then(|b| { + b.execution_status + .block_hash() + .or(b.execution_payload_parent_hash) + }); self.forkchoice_update_parameters = ForkchoiceUpdateParameters { head_root, head_hash, From 330348ea14bd58828564005795f99ffe874bc7c1 Mon Sep 17 00:00:00 2001 From: jking-aus <72330194+jking-aus@users.noreply.github.com> Date: Fri, 1 May 2026 14:44:25 +0200 Subject: [PATCH 3/5] fix: prevent duplicate column reconstruction dispatch (#9250) Fixes a flaky CI failure in `data_column_reconstruction_at_deadline` where 2 `column_reconstruction` events are emitted instead of the expected 1. - Change `queued_column_reconstructions` from `HashMap` to `HashMap>`, where `None` indicates reconstruction was already dispatched. - On dispatch (`ReadyColumnReconstruction`), set the entry to `None` instead of removing it. This prevents a subsequent gossip column from inserting a fresh reconstruction request into the now-vacant slot. - Prune stale `None` entries on each dispatch to keep the map bounded. Co-Authored-By: Josh King --- .../src/scheduler/work_reprocessing_queue.rs | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/beacon_node/beacon_processor/src/scheduler/work_reprocessing_queue.rs b/beacon_node/beacon_processor/src/scheduler/work_reprocessing_queue.rs index 38306b3bb6..b1fa56af01 100644 --- a/beacon_node/beacon_processor/src/scheduler/work_reprocessing_queue.rs +++ b/beacon_node/beacon_processor/src/scheduler/work_reprocessing_queue.rs @@ -280,8 +280,8 @@ struct ReprocessQueue { queued_lc_updates: FnvHashMap, /// Light Client Updates per parent_root. awaiting_lc_updates_per_parent_root: HashMap>, - /// Column reconstruction per block root. - queued_column_reconstructions: HashMap, + /// Column reconstruction per block root. `None` means reconstruction was already dispatched. + queued_column_reconstructions: HashMap>, /// Queued backfill batches queued_backfill_batches: Vec, @@ -865,20 +865,20 @@ impl ReprocessQueue { && duration_from_current_slot >= reconstruction_deadline && current_slot == request.slot { - // If we are at least `reconstruction_deadline` seconds into the current slot, - // and the reconstruction request is for the current slot, process reconstruction immediately. reconstruction_delay = Duration::from_secs(0); } match self.queued_column_reconstructions.entry(request.block_root) { - Entry::Occupied(key) => { - self.column_reconstructions_delay_queue - .reset(key.get(), reconstruction_delay); + Entry::Occupied(entry) => { + if let Some(delay_key) = entry.get() { + self.column_reconstructions_delay_queue + .reset(delay_key, reconstruction_delay); + } } Entry::Vacant(vacant) => { let delay_key = self .column_reconstructions_delay_queue .insert(request, reconstruction_delay); - vacant.insert(delay_key); + vacant.insert(Some(delay_key)); } } } @@ -1039,7 +1039,9 @@ impl ReprocessQueue { } InboundEvent::ReadyColumnReconstruction(column_reconstruction) => { self.queued_column_reconstructions - .remove(&column_reconstruction.block_root); + .retain(|_, v| v.is_some()); + self.queued_column_reconstructions + .insert(column_reconstruction.block_root, None); if self .ready_work_tx .try_send(ReadyWork::ColumnReconstruction(column_reconstruction)) @@ -1398,7 +1400,10 @@ mod tests { queue.handle_message(InboundEvent::ReadyColumnReconstruction(reconstruction)); } - assert!(queue.queued_column_reconstructions.is_empty()); + assert_eq!( + queue.queued_column_reconstructions.get(&block_root), + Some(&None) + ); } /// Tests that column reconstruction queued after the deadline is triggered immediately From ee61aee659b82432fc111d4fae5c9fe1af4938a0 Mon Sep 17 00:00:00 2001 From: Mac L Date: Sun, 3 May 2026 15:10:19 +0400 Subject: [PATCH 4/5] Unblock CI by temporarily ignoring `hickory-proto` audit failures (#9257) Two audit failures for `hickory-proto` which is used upstream in `libp2p-dns` and `libp2p-mdns` - https://rustsec.org/advisories/RUSTSEC-2026-0118.html - https://rustsec.org/advisories/RUSTSEC-2026-0119.html Tracking Issue: https://github.com/sigp/lighthouse/issues/9258 Since RUSTSEC-2026-0118 does not even have any non-patched versions available and RUSTSEC-2026-0119 requires a major version bump I think we would need to wait on a release from libp2p in both cases. So for now, add an ignore for each so we can at least unblock CI Co-Authored-By: Mac L --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 04973193ec..dd57bb038e 100644 --- a/Makefile +++ b/Makefile @@ -330,7 +330,7 @@ install-audit: cargo install --force cargo-audit audit-CI: - cargo audit --ignore RUSTSEC-2026-0049 --ignore RUSTSEC-2026-0098 --ignore RUSTSEC-2026-0099 --ignore RUSTSEC-2026-0104 + cargo audit --ignore RUSTSEC-2026-0049 --ignore RUSTSEC-2026-0098 --ignore RUSTSEC-2026-0099 --ignore RUSTSEC-2026-0104 --ignore RUSTSEC-2026-0118 --ignore RUSTSEC-2026-0119 # Runs cargo deny (check for banned crates, duplicate versions, and source restrictions) deny: install-deny deny-CI From 9cf155a0ddb5eeeb9026e8e946c1f5da5e3ba6c4 Mon Sep 17 00:00:00 2001 From: Eitan Seri-Levi Date: Mon, 4 May 2026 13:33:09 +0200 Subject: [PATCH 5/5] Implement gloas proposer preference vc duty (#9208) Allow for the vc to submit its proposer preferences to the network Co-Authored-By: Eitan Seri-Levi Co-Authored-By: Jimmy Chen --- .../src/payload_bid_verification/tests.rs | 2 +- .../gossip_verified_proposer_preferences.rs | 6 +- .../proposer_preference_cache.rs | 32 ++- .../tests.rs | 11 +- beacon_node/http_api/src/lib.rs | 22 +- beacon_node/http_api/src/validator/mod.rs | 124 +++++++++- beacon_node/http_api/tests/tests.rs | 182 ++++++++++++++- .../lighthouse_network/src/types/pubsub.rs | 4 +- .../src/network_beacon_processor/mod.rs | 8 +- common/eth2/src/lib.rs | 42 +++- .../lighthouse_validator_store/src/lib.rs | 39 +++- validator_client/signing_method/src/lib.rs | 5 + .../signing_method/src/web3signer.rs | 3 + validator_client/src/lib.rs | 18 ++ .../validator_services/src/lib.rs | 1 + .../src/proposer_preferences_service.rs | 221 ++++++++++++++++++ validator_client/validator_store/src/lib.rs | 15 +- 17 files changed, 694 insertions(+), 41 deletions(-) create mode 100644 validator_client/validator_services/src/proposer_preferences_service.rs diff --git a/beacon_node/beacon_chain/src/payload_bid_verification/tests.rs b/beacon_node/beacon_chain/src/payload_bid_verification/tests.rs index b7b77d5d2a..c68e6d9d32 100644 --- a/beacon_node/beacon_chain/src/payload_bid_verification/tests.rs +++ b/beacon_node/beacon_chain/src/payload_bid_verification/tests.rs @@ -252,11 +252,11 @@ fn make_signed_preferences( ) -> Arc { Arc::new(SignedProposerPreferences { message: ProposerPreferences { + dependent_root: Hash256::ZERO, proposal_slot, validator_index, fee_recipient, gas_limit, - ..ProposerPreferences::default() }, signature: Signature::empty(), }) diff --git a/beacon_node/beacon_chain/src/proposer_preferences_verification/gossip_verified_proposer_preferences.rs b/beacon_node/beacon_chain/src/proposer_preferences_verification/gossip_verified_proposer_preferences.rs index cc77453c49..4ba33fde72 100644 --- a/beacon_node/beacon_chain/src/proposer_preferences_verification/gossip_verified_proposer_preferences.rs +++ b/beacon_node/beacon_chain/src/proposer_preferences_verification/gossip_verified_proposer_preferences.rs @@ -154,7 +154,9 @@ impl BeaconChain { #[cfg(test)] mod tests { - use types::{Address, BeaconState, EthSpec, MinimalEthSpec, ProposerPreferences, Slot}; + use types::{ + Address, BeaconState, EthSpec, Hash256, MinimalEthSpec, ProposerPreferences, Slot, + }; use super::verify_preferences_consistency; use crate::proposer_preferences_verification::ProposerPreferencesError; @@ -163,7 +165,7 @@ mod tests { fn make_preferences(proposal_slot: Slot, validator_index: u64) -> ProposerPreferences { ProposerPreferences { - dependent_root: types::Hash256::ZERO, + dependent_root: Hash256::ZERO, proposal_slot, validator_index, fee_recipient: Address::ZERO, diff --git a/beacon_node/beacon_chain/src/proposer_preferences_verification/proposer_preference_cache.rs b/beacon_node/beacon_chain/src/proposer_preferences_verification/proposer_preference_cache.rs index 507e61dc10..7bbdf34888 100644 --- a/beacon_node/beacon_chain/src/proposer_preferences_verification/proposer_preference_cache.rs +++ b/beacon_node/beacon_chain/src/proposer_preferences_verification/proposer_preference_cache.rs @@ -70,20 +70,24 @@ mod tests { use std::sync::Arc; use bls::Signature; - use types::{Address, ProposerPreferences, SignedProposerPreferences, Slot}; + use types::{Address, Hash256, ProposerPreferences, SignedProposerPreferences, Slot}; use super::GossipVerifiedProposerPreferenceCache; use crate::proposer_preferences_verification::gossip_verified_proposer_preferences::GossipVerifiedProposerPreferences; - fn make_gossip_verified(slot: Slot, validator_index: u64) -> GossipVerifiedProposerPreferences { + fn make_gossip_verified( + slot: Slot, + validator_index: u64, + dependent_root: Hash256, + ) -> GossipVerifiedProposerPreferences { GossipVerifiedProposerPreferences { signed_preferences: Arc::new(SignedProposerPreferences { message: ProposerPreferences { + dependent_root, proposal_slot: slot, validator_index, fee_recipient: Address::ZERO, gas_limit: 30_000_000, - ..ProposerPreferences::default() }, signature: Signature::empty(), }), @@ -93,9 +97,10 @@ mod tests { #[test] fn prune_removes_old_retains_current() { let cache = GossipVerifiedProposerPreferenceCache::default(); + let root = Hash256::ZERO; for slot in [1, 2, 3, 7, 8, 9, 10] { - let verified = make_gossip_verified(Slot::new(slot), slot); + let verified = make_gossip_verified(Slot::new(slot), slot, root); cache.insert_seen_validator(&verified); cache.insert_preferences(verified); } @@ -104,11 +109,26 @@ mod tests { for slot in [1, 2, 3, 7] { assert!(cache.get_preferences(&Slot::new(slot)).is_none()); - assert!(!cache.get_seen_validator(&Slot::new(slot), types::Hash256::ZERO, slot)); + assert!(!cache.get_seen_validator(&Slot::new(slot), root, slot)); } for slot in [8, 9, 10] { assert!(cache.get_preferences(&Slot::new(slot)).is_some()); - assert!(cache.get_seen_validator(&Slot::new(slot), types::Hash256::ZERO, slot)); + assert!(cache.get_seen_validator(&Slot::new(slot), root, slot)); } } + + #[test] + fn different_dependent_roots_not_deduped() { + let cache = GossipVerifiedProposerPreferenceCache::default(); + let slot = Slot::new(5); + let root_a = Hash256::repeat_byte(0xaa); + let root_b = Hash256::repeat_byte(0xbb); + let validator_index = 42; + + let verified_a = make_gossip_verified(slot, validator_index, root_a); + cache.insert_seen_validator(&verified_a); + + assert!(cache.get_seen_validator(&slot, root_a, validator_index)); + assert!(!cache.get_seen_validator(&slot, root_b, validator_index)); + } } diff --git a/beacon_node/beacon_chain/src/proposer_preferences_verification/tests.rs b/beacon_node/beacon_chain/src/proposer_preferences_verification/tests.rs index ce2ea12bb5..468e08ff3b 100644 --- a/beacon_node/beacon_chain/src/proposer_preferences_verification/tests.rs +++ b/beacon_node/beacon_chain/src/proposer_preferences_verification/tests.rs @@ -127,11 +127,11 @@ fn make_signed_preferences( ) -> Arc { Arc::new(SignedProposerPreferences { message: ProposerPreferences { + dependent_root: Hash256::ZERO, proposal_slot, validator_index, fee_recipient: Address::ZERO, gas_limit: 30_000_000, - ..ProposerPreferences::default() }, signature: Signature::empty(), }) @@ -231,11 +231,10 @@ fn correct_proposer_bad_signature() { result, Err(ProposerPreferencesError::BadSignature) )); - assert!(!ctx.preferences_cache.get_seen_validator( - &slot, - types::Hash256::ZERO, - actual_proposer - )); + assert!( + !ctx.preferences_cache + .get_seen_validator(&slot, Hash256::ZERO, actual_proposer) + ); assert!(ctx.preferences_cache.get_preferences(&slot).is_none()); } diff --git a/beacon_node/http_api/src/lib.rs b/beacon_node/http_api/src/lib.rs index b2d069f384..f31817c5ba 100644 --- a/beacon_node/http_api/src/lib.rs +++ b/beacon_node/http_api/src/lib.rs @@ -1490,7 +1490,7 @@ pub fn serve( // POST beacon/pool/payload_attestations let post_beacon_pool_payload_attestations = post_beacon_pool_payload_attestations( &network_tx_filter, - optional_consensus_version_header_filter, + optional_consensus_version_header_filter.clone(), &beacon_pool_path, ); @@ -1510,6 +1510,22 @@ pub fn serve( let post_beacon_pool_bls_to_execution_changes = post_beacon_pool_bls_to_execution_changes(&network_tx_filter, &beacon_pool_path); + // POST validator/proposer_preferences (JSON) + let post_validator_proposer_preferences = post_validator_proposer_preferences( + eth_v1.clone(), + task_spawner_filter.clone(), + chain_filter.clone(), + network_tx_filter.clone(), + ); + + // POST validator/proposer_preferences (SSZ) + let post_validator_proposer_preferences_ssz = post_validator_proposer_preferences_ssz( + eth_v1.clone(), + task_spawner_filter.clone(), + chain_filter.clone(), + network_tx_filter.clone(), + ); + // POST beacon/execution_payload_envelope let post_beacon_execution_payload_envelope = post_beacon_execution_payload_envelope( eth_v1.clone(), @@ -3416,7 +3432,8 @@ pub fn serve( .uor(post_beacon_blinded_blocks_ssz) .uor(post_beacon_blinded_blocks_v2_ssz) .uor(post_beacon_execution_payload_envelope_ssz) - .uor(post_beacon_pool_payload_attestations_ssz), + .uor(post_beacon_pool_payload_attestations_ssz) + .uor(post_validator_proposer_preferences_ssz), ) .uor(post_beacon_blocks) .uor(post_beacon_blinded_blocks) @@ -3429,6 +3446,7 @@ pub fn serve( .uor(post_beacon_pool_sync_committees) .uor(post_beacon_pool_payload_attestations) .uor(post_beacon_pool_bls_to_execution_changes) + .uor(post_validator_proposer_preferences) .uor(post_beacon_execution_payload_envelope) .uor(post_beacon_state_validators) .uor(post_beacon_state_validator_balances) diff --git a/beacon_node/http_api/src/validator/mod.rs b/beacon_node/http_api/src/validator/mod.rs index 27fe5de6e7..044f2089ce 100644 --- a/beacon_node/http_api/src/validator/mod.rs +++ b/beacon_node/http_api/src/validator/mod.rs @@ -9,8 +9,11 @@ use crate::utils::{ use crate::version::{V1, V2, V3, unsupported_version_rejection}; use crate::{StateId, attester_duties, proposer_duties, ptc_duties, sync_committees}; use beacon_chain::attestation_verification::VerifiedAttestation; +use beacon_chain::proposer_preferences_verification::ProposerPreferencesError; use beacon_chain::{AttestationError, BeaconChain, BeaconChainError, BeaconChainTypes}; use bls::PublicKeyBytes; +use bytes::Bytes; +use eth2::CONSENSUS_VERSION_HEADER; use eth2::types::{ Accept, BeaconCommitteeSubscription, EndpointVersion, Failure, GenericResponse, StandardLivenessResponseData, StateId as CoreStateId, ValidatorAggregateAttestationQuery, @@ -20,14 +23,15 @@ use lighthouse_network::PubsubMessage; use network::{NetworkMessage, ValidatorSubscriptionMessage}; use reqwest::StatusCode; use slot_clock::SlotClock; +use ssz::Decode; use std::sync::Arc; use tokio::sync::mpsc::{Sender, UnboundedSender}; use tokio::sync::oneshot; use tracing::{debug, error, info, warn}; use types::{ - BeaconState, Epoch, EthSpec, ProposerPreparationData, SignedAggregateAndProof, - SignedContributionAndProof, SignedValidatorRegistrationData, Slot, SyncContributionData, - ValidatorSubscription, + BeaconState, Epoch, EthSpec, ForkName, ProposerPreparationData, SignedAggregateAndProof, + SignedContributionAndProof, SignedProposerPreferences, SignedValidatorRegistrationData, Slot, + SyncContributionData, ValidatorSubscription, }; use warp::{Filter, Rejection, Reply}; use warp_utils::reject::convert_rejection; @@ -1144,3 +1148,117 @@ pub fn get_validator_duties_proposer( ) .boxed() } + +/// POST validator/proposer_preferences (JSON) +pub fn post_validator_proposer_preferences( + eth_v1: EthV1Filter, + task_spawner_filter: TaskSpawnerFilter, + chain_filter: ChainFilter, + network_tx_filter: NetworkTxFilter, +) -> ResponseFilter { + eth_v1 + .and(warp::path("validator")) + .and(warp::path("proposer_preferences")) + .and(warp::path::end()) + .and(warp_utils::json::json()) + .and(warp::header::(CONSENSUS_VERSION_HEADER)) + .and(task_spawner_filter) + .and(chain_filter) + .and(network_tx_filter) + .then( + |preferences: Vec, + _fork_name: ForkName, + task_spawner: TaskSpawner, + chain: Arc>, + network_tx: UnboundedSender>| { + task_spawner.blocking_response_task(Priority::P0, move || { + publish_proposer_preferences(&chain, &network_tx, preferences)?; + Ok(warp::reply()) + }) + }, + ) + .boxed() +} + +/// POST validator/proposer_preferences (SSZ) +pub fn post_validator_proposer_preferences_ssz( + eth_v1: EthV1Filter, + task_spawner_filter: TaskSpawnerFilter, + chain_filter: ChainFilter, + network_tx_filter: NetworkTxFilter, +) -> ResponseFilter { + eth_v1 + .and(warp::path("validator")) + .and(warp::path("proposer_preferences")) + .and(warp::path::end()) + .and(warp::body::bytes()) + .and(warp::header::(CONSENSUS_VERSION_HEADER)) + .and(task_spawner_filter) + .and(chain_filter) + .and(network_tx_filter) + .then( + |body_bytes: Bytes, + _fork_name: ForkName, + task_spawner: TaskSpawner, + chain: Arc>, + network_tx: UnboundedSender>| { + task_spawner.blocking_response_task(Priority::P0, move || { + let preferences = Vec::::from_ssz_bytes(&body_bytes) + .map_err(|e| { + warp_utils::reject::custom_bad_request(format!("invalid SSZ: {e:?}")) + })?; + publish_proposer_preferences(&chain, &network_tx, preferences)?; + Ok(warp::reply()) + }) + }, + ) + .boxed() +} + +fn publish_proposer_preferences( + chain: &BeaconChain, + network_tx: &UnboundedSender>, + preferences_list: Vec, +) -> Result<(), warp::Rejection> { + let mut failures = vec![]; + let mut num_already_known = 0; + + for (index, preferences) in preferences_list.into_iter().enumerate() { + let validator_index = preferences.message.validator_index; + match chain.verify_proposer_preferences_for_gossip(Arc::new(preferences)) { + Ok(verified) => { + crate::utils::publish_pubsub_message( + network_tx, + PubsubMessage::ProposerPreferences(verified.signed_preferences), + )?; + } + Err(ProposerPreferencesError::AlreadySeen { .. }) => { + num_already_known += 1; + } + Err(e) => { + error!( + error = ?e, + %validator_index, + "Failure verifying proposer preferences for gossip" + ); + failures.push(Failure::new(index, format!("{e:?}"))); + } + } + } + + if num_already_known > 0 { + debug!( + count = num_already_known, + "Some proposer preferences already known" + ); + } + + if failures.is_empty() { + Ok(()) + } else { + Err(warp_utils::reject::indexed_bad_request( + "error processing proposer preferences".to_string(), + failures, + )) + } +} diff --git a/beacon_node/http_api/tests/tests.rs b/beacon_node/http_api/tests/tests.rs index 7d351e9331..d6c621f996 100644 --- a/beacon_node/http_api/tests/tests.rs +++ b/beacon_node/http_api/tests/tests.rs @@ -48,9 +48,10 @@ use tokio::time::Duration; use tree_hash::TreeHash; use types::ApplicationDomain; use types::{ - Domain, EthSpec, ExecutionBlockHash, Hash256, MainnetEthSpec, RelativeEpoch, SelectionProof, - SignedExecutionPayloadEnvelope, SignedRoot, SingleAttestation, Slot, - attestation::AttestationBase, consts::gloas::BUILDER_INDEX_SELF_BUILD, + Address, Domain, EthSpec, ExecutionBlockHash, Hash256, MainnetEthSpec, ProposerPreferences, + RelativeEpoch, SelectionProof, SignedExecutionPayloadEnvelope, SignedProposerPreferences, + SignedRoot, SingleAttestation, Slot, attestation::AttestationBase, + consts::gloas::BUILDER_INDEX_SELF_BUILD, }; type E = MainnetEthSpec; @@ -2898,6 +2899,162 @@ impl ApiTester { self } + fn make_valid_signed_proposer_preferences( + &self, + slot_offset: usize, + ) -> SignedProposerPreferences { + let head = self.chain.head_snapshot(); + let head_slot = head.beacon_block.slot(); + let head_state = &head.beacon_state; + let genesis_validators_root = self.chain.genesis_validators_root; + + let proposer_lookahead = head_state + .proposer_lookahead() + .expect("should get proposer_lookahead"); + + // Pick a future slot in the next epoch to ensure it's always valid. + // The lookahead covers 2 epochs: index = epoch_offset * slots_per_epoch + slot_in_epoch. + let slots_per_epoch = E::slots_per_epoch() as usize; + let next_epoch = head_slot.epoch(E::slots_per_epoch()) + 1; + let next_epoch_start = next_epoch.start_slot(E::slots_per_epoch()); + let proposal_slot = next_epoch_start + Slot::new((slot_offset % slots_per_epoch) as u64); + + let lookahead_index = slots_per_epoch + (slot_offset % slots_per_epoch); + let validator_index = *proposer_lookahead + .get(lookahead_index) + .expect("slot index should be in lookahead") as usize; + + let preferences = ProposerPreferences { + dependent_root: Hash256::ZERO, + proposal_slot, + validator_index: validator_index as u64, + fee_recipient: Address::repeat_byte(0xaa), + gas_limit: 30_000_000, + }; + + let epoch = proposal_slot.epoch(E::slots_per_epoch()); + let fork = head_state.fork(); + let domain = self.chain.spec.get_domain( + epoch, + Domain::ProposerPreferences, + &fork, + genesis_validators_root, + ); + let signing_root = preferences.signing_root(domain); + let sk = &self.validator_keypairs()[validator_index].sk; + let signature = sk.sign(signing_root); + + SignedProposerPreferences { + message: preferences, + signature, + } + } + + // Each sub-test uses a unique slot_offset (1-5) because the gossip cache deduplicates on + // (slot, dependent_root, validator_index). Reusing an offset from an earlier test would hit + // "already seen" instead of testing the intended condition. + pub async fn test_post_validator_proposer_preferences_valid(mut self) -> Self { + let signed = self.make_valid_signed_proposer_preferences(1); + let fork_name = self + .chain + .spec + .fork_name_at_slot::(signed.message.proposal_slot); + + self.client + .post_validator_proposer_preferences(&[signed], fork_name) + .await + .unwrap(); + + assert!( + self.network_rx.network_recv.recv().await.is_some(), + "valid proposer preferences should be sent to network" + ); + + self + } + + pub async fn test_post_validator_proposer_preferences_valid_ssz(mut self) -> Self { + let signed = self.make_valid_signed_proposer_preferences(2); + let fork_name = self + .chain + .spec + .fork_name_at_slot::(signed.message.proposal_slot); + + self.client + .post_validator_proposer_preferences_ssz(&vec![signed], fork_name) + .await + .unwrap(); + + assert!( + self.network_rx.network_recv.recv().await.is_some(), + "valid proposer preferences (SSZ) should be sent to network" + ); + + self + } + + pub async fn test_post_validator_proposer_preferences_invalid_sig(self) -> Self { + let mut signed = self.make_valid_signed_proposer_preferences(3); + signed.signature = Signature::empty(); + let fork_name = self + .chain + .spec + .fork_name_at_slot::(signed.message.proposal_slot); + + let result = self + .client + .post_validator_proposer_preferences(&[signed], fork_name) + .await; + + assert!(result.is_err(), "invalid signature should be rejected"); + + self + } + + pub async fn test_post_validator_proposer_preferences_invalid_sig_ssz(self) -> Self { + let mut signed = self.make_valid_signed_proposer_preferences(4); + signed.signature = Signature::empty(); + let fork_name = self + .chain + .spec + .fork_name_at_slot::(signed.message.proposal_slot); + + let result = self + .client + .post_validator_proposer_preferences_ssz(&vec![signed], fork_name) + .await; + + assert!( + result.is_err(), + "invalid signature should be rejected via SSZ route" + ); + + self + } + + pub async fn test_post_validator_proposer_preferences_duplicate(mut self) -> Self { + let signed = self.make_valid_signed_proposer_preferences(5); + let fork_name = self + .chain + .spec + .fork_name_at_slot::(signed.message.proposal_slot); + + // First submission should succeed. + self.client + .post_validator_proposer_preferences(std::slice::from_ref(&signed), fork_name) + .await + .unwrap(); + self.network_rx.network_recv.recv().await; + + // Second submission of the same preferences should return 200 (already known, not an error). + self.client + .post_validator_proposer_preferences(&[signed], fork_name) + .await + .unwrap(); + + self + } + pub async fn test_get_config_fork_schedule(self) -> Self { let result = self.client.get_config_fork_schedule().await.unwrap().data; @@ -9199,3 +9356,22 @@ async fn get_validator_blocks_v3_http_api_path() { .get_validator_blocks_v3_path_graffiti_policy() .await; } + +#[tokio::test(flavor = "multi_thread", worker_threads = 2)] +async fn post_validator_proposer_preferences() { + if !fork_name_from_env().is_some_and(|f| f.gloas_enabled()) { + return; + } + ApiTester::new_with_hard_forks() + .await + .test_post_validator_proposer_preferences_valid() + .await + .test_post_validator_proposer_preferences_valid_ssz() + .await + .test_post_validator_proposer_preferences_invalid_sig() + .await + .test_post_validator_proposer_preferences_invalid_sig_ssz() + .await + .test_post_validator_proposer_preferences_duplicate() + .await; +} diff --git a/beacon_node/lighthouse_network/src/types/pubsub.rs b/beacon_node/lighthouse_network/src/types/pubsub.rs index 9875d4b0c4..e5a703ff1e 100644 --- a/beacon_node/lighthouse_network/src/types/pubsub.rs +++ b/beacon_node/lighthouse_network/src/types/pubsub.rs @@ -51,7 +51,7 @@ pub enum PubsubMessage { /// Gossipsub message providing notification of a signed execution payload bid. ExecutionPayloadBid(Box>), /// Gossipsub message providing notification of signed proposer preferences. - ProposerPreferences(Box), + ProposerPreferences(Arc), /// Gossipsub message providing notification of a light client finality update. LightClientFinalityUpdate(Box>), /// Gossipsub message providing notification of a light client optimistic update. @@ -388,7 +388,7 @@ impl PubsubMessage { GossipKind::ProposerPreferences => { let proposer_preferences = SignedProposerPreferences::from_ssz_bytes(data) .map_err(|e| format!("{:?}", e))?; - Ok(PubsubMessage::ProposerPreferences(Box::new( + Ok(PubsubMessage::ProposerPreferences(Arc::new( proposer_preferences, ))) } diff --git a/beacon_node/network/src/network_beacon_processor/mod.rs b/beacon_node/network/src/network_beacon_processor/mod.rs index bfcff2088b..e089159eb8 100644 --- a/beacon_node/network/src/network_beacon_processor/mod.rs +++ b/beacon_node/network/src/network_beacon_processor/mod.rs @@ -526,15 +526,11 @@ impl NetworkBeaconProcessor { self: &Arc, message_id: MessageId, peer_id: PeerId, - proposer_preferences: Box, + proposer_preferences: Arc, ) -> Result<(), Error> { let processor = self.clone(); let process_fn = move || { - processor.process_gossip_proposer_preferences( - message_id, - peer_id, - Arc::new(*proposer_preferences), - ) + processor.process_gossip_proposer_preferences(message_id, peer_id, proposer_preferences) }; self.try_send(BeaconWorkEvent { diff --git a/common/eth2/src/lib.rs b/common/eth2/src/lib.rs index e866547b9f..c314825413 100644 --- a/common/eth2/src/lib.rs +++ b/common/eth2/src/lib.rs @@ -46,7 +46,7 @@ use ssz::{Decode, Encode}; use std::fmt; use std::future::Future; use std::time::Duration; -use types::{PayloadAttestationData, PayloadAttestationMessage}; +use types::{PayloadAttestationData, PayloadAttestationMessage, SignedProposerPreferences}; pub const V1: EndpointVersion = EndpointVersion(1); pub const V2: EndpointVersion = EndpointVersion(2); @@ -1849,6 +1849,46 @@ impl BeaconNodeHttpClient { Ok(()) } + /// `POST validator/proposer_preferences` + pub async fn post_validator_proposer_preferences( + &self, + signed_preferences: &[SignedProposerPreferences], + fork_name: ForkName, + ) -> Result<(), Error> { + let mut path = self.eth_path(V1)?; + + path.path_segments_mut() + .map_err(|()| Error::InvalidUrl(self.server.clone()))? + .push("validator") + .push("proposer_preferences"); + + self.post_generic_with_consensus_version(path, &signed_preferences, None, fork_name) + .await?; + + Ok(()) + } + + /// `POST validator/proposer_preferences` (SSZ) + pub async fn post_validator_proposer_preferences_ssz( + &self, + signed_preferences: &Vec, + fork_name: ForkName, + ) -> Result<(), Error> { + let mut path = self.eth_path(V1)?; + + path.path_segments_mut() + .map_err(|()| Error::InvalidUrl(self.server.clone()))? + .push("validator") + .push("proposer_preferences"); + + let ssz_body = signed_preferences.as_ssz_bytes(); + + self.post_generic_with_consensus_version_and_ssz_body(path, ssz_body, None, fork_name) + .await?; + + Ok(()) + } + /// `POST beacon/rewards/sync_committee` pub async fn post_beacon_rewards_sync_committee( &self, diff --git a/validator_client/lighthouse_validator_store/src/lib.rs b/validator_client/lighthouse_validator_store/src/lib.rs index 1b32777678..cc9729b44d 100644 --- a/validator_client/lighthouse_validator_store/src/lib.rs +++ b/validator_client/lighthouse_validator_store/src/lib.rs @@ -22,11 +22,12 @@ use types::{ AbstractExecPayload, Address, AggregateAndProof, Attestation, BeaconBlock, BlindedPayload, ChainSpec, ContributionAndProof, Domain, Epoch, EthSpec, ExecutionPayloadEnvelope, Fork, FullPayload, Graffiti, Hash256, PayloadAttestationData, PayloadAttestationMessage, - SelectionProof, SignedAggregateAndProof, SignedBeaconBlock, SignedContributionAndProof, - SignedExecutionPayloadEnvelope, SignedRoot, SignedValidatorRegistrationData, - SignedVoluntaryExit, Slot, SyncAggregatorSelectionData, SyncCommitteeContribution, - SyncCommitteeMessage, SyncSelectionProof, SyncSubnetId, ValidatorRegistrationData, - VoluntaryExit, graffiti::GraffitiString, + ProposerPreferences, SelectionProof, SignedAggregateAndProof, SignedBeaconBlock, + SignedContributionAndProof, SignedExecutionPayloadEnvelope, SignedProposerPreferences, + SignedRoot, SignedValidatorRegistrationData, SignedVoluntaryExit, Slot, + SyncAggregatorSelectionData, SyncCommitteeContribution, SyncCommitteeMessage, + SyncSelectionProof, SyncSubnetId, ValidatorRegistrationData, VoluntaryExit, + graffiti::GraffitiString, }; use validator_store::{ AggregateToSign, AttestationToSign, ContributionToSign, DoppelgangerStatus, @@ -1485,4 +1486,32 @@ impl ValidatorStore for LighthouseValidatorS signature, }) } + + async fn sign_proposer_preferences( + &self, + validator_pubkey: PublicKeyBytes, + preferences: ProposerPreferences, + ) -> Result { + let signing_context = self.signing_context( + Domain::ProposerPreferences, + preferences.proposal_slot.epoch(E::slots_per_epoch()), + ); + + let signing_method = self.doppelganger_bypassed_signing_method(validator_pubkey)?; + + let signature = signing_method + .get_signature::>( + SignableMessage::ProposerPreferences(&preferences), + signing_context, + &self.spec, + &self.task_executor, + ) + .await + .map_err(Error::SpecificError)?; + + Ok(SignedProposerPreferences { + message: preferences, + signature, + }) + } } diff --git a/validator_client/signing_method/src/lib.rs b/validator_client/signing_method/src/lib.rs index 2f80fa5761..0dfde98946 100644 --- a/validator_client/signing_method/src/lib.rs +++ b/validator_client/signing_method/src/lib.rs @@ -51,6 +51,7 @@ pub enum SignableMessage<'a, E: EthSpec, Payload: AbstractExecPayload = FullP VoluntaryExit(&'a VoluntaryExit), ExecutionPayloadEnvelope(&'a ExecutionPayloadEnvelope), PayloadAttestationData(&'a PayloadAttestationData), + ProposerPreferences(&'a ProposerPreferences), } impl> SignableMessage<'_, E, Payload> { @@ -74,6 +75,7 @@ impl> SignableMessage<'_, E, Payload SignableMessage::VoluntaryExit(exit) => exit.signing_root(domain), SignableMessage::ExecutionPayloadEnvelope(e) => e.signing_root(domain), SignableMessage::PayloadAttestationData(d) => d.signing_root(domain), + SignableMessage::ProposerPreferences(p) => p.signing_root(domain), } } } @@ -243,6 +245,9 @@ impl SigningMethod { SignableMessage::PayloadAttestationData(d) => { Web3SignerObject::PayloadAttestationData(d) } + SignableMessage::ProposerPreferences(p) => { + Web3SignerObject::ProposerPreferences(p) + } }; // Determine the Web3Signer message type. diff --git a/validator_client/signing_method/src/web3signer.rs b/validator_client/signing_method/src/web3signer.rs index c2b7e06f92..baabb37947 100644 --- a/validator_client/signing_method/src/web3signer.rs +++ b/validator_client/signing_method/src/web3signer.rs @@ -22,6 +22,7 @@ pub enum MessageType { // TODO(gloas) verify w/ web3signer specs ExecutionPayloadEnvelope, PayloadAttestation, + ProposerPreferences, } #[derive(Debug, PartialEq, Copy, Clone, Serialize)] @@ -80,6 +81,7 @@ pub enum Web3SignerObject<'a, E: EthSpec, Payload: AbstractExecPayload> { ValidatorRegistration(&'a ValidatorRegistrationData), ExecutionPayloadEnvelope(&'a ExecutionPayloadEnvelope), PayloadAttestationData(&'a PayloadAttestationData), + ProposerPreferences(&'a ProposerPreferences), } impl<'a, E: EthSpec, Payload: AbstractExecPayload> Web3SignerObject<'a, E, Payload> { @@ -147,6 +149,7 @@ impl<'a, E: EthSpec, Payload: AbstractExecPayload> Web3SignerObject<'a, E, Pa Web3SignerObject::ValidatorRegistration(_) => MessageType::ValidatorRegistration, Web3SignerObject::ExecutionPayloadEnvelope(_) => MessageType::ExecutionPayloadEnvelope, Web3SignerObject::PayloadAttestationData(_) => MessageType::PayloadAttestation, + Web3SignerObject::ProposerPreferences(_) => MessageType::ProposerPreferences, } } } diff --git a/validator_client/src/lib.rs b/validator_client/src/lib.rs index b412db45f6..71d9333493 100644 --- a/validator_client/src/lib.rs +++ b/validator_client/src/lib.rs @@ -47,6 +47,7 @@ use validator_services::{ latency_service, payload_attestation_service::PayloadAttestationService, preparation_service::{PreparationService, PreparationServiceBuilder}, + proposer_preferences_service::ProposerPreferencesService, sync_committee_service::SyncCommitteeService, }; use validator_store::ValidatorStore as ValidatorStoreTrait; @@ -85,6 +86,8 @@ pub struct ProductionValidatorClient { attestation_service: AttestationService, SystemTimeSlotClock>, sync_committee_service: SyncCommitteeService, SystemTimeSlotClock>, payload_attestation_service: PayloadAttestationService, SystemTimeSlotClock>, + proposer_preferences_service: + ProposerPreferencesService, SystemTimeSlotClock>, doppelganger_service: Option>, preparation_service: PreparationService, SystemTimeSlotClock>, validator_store: Arc>, @@ -563,6 +566,15 @@ impl ProductionValidatorClient { context.eth2_config.spec.clone(), ); + let proposer_preferences_service = ProposerPreferencesService::new( + duties_service.clone(), + validator_store.clone(), + slot_clock.clone(), + beacon_nodes.clone(), + context.executor.clone(), + context.eth2_config.spec.clone(), + ); + Ok(Self { context, duties_service, @@ -570,6 +582,7 @@ impl ProductionValidatorClient { attestation_service, sync_committee_service, payload_attestation_service, + proposer_preferences_service, doppelganger_service, preparation_service, validator_store, @@ -646,6 +659,11 @@ impl ProductionValidatorClient { .clone() .start_update_service() .map_err(|e| format!("Unable to start payload attestation service: {}", e))?; + + self.proposer_preferences_service + .clone() + .start_update_service() + .map_err(|e| format!("Unable to start proposer preferences service: {}", e))?; } self.preparation_service diff --git a/validator_client/validator_services/src/lib.rs b/validator_client/validator_services/src/lib.rs index 0169335a7f..c39ef4499b 100644 --- a/validator_client/validator_services/src/lib.rs +++ b/validator_client/validator_services/src/lib.rs @@ -5,5 +5,6 @@ pub mod latency_service; pub mod notifier_service; pub mod payload_attestation_service; pub mod preparation_service; +pub mod proposer_preferences_service; pub mod sync; pub mod sync_committee_service; diff --git a/validator_client/validator_services/src/proposer_preferences_service.rs b/validator_client/validator_services/src/proposer_preferences_service.rs new file mode 100644 index 0000000000..fbefdf5d96 --- /dev/null +++ b/validator_client/validator_services/src/proposer_preferences_service.rs @@ -0,0 +1,221 @@ +use crate::duties_service::DutiesService; +use beacon_node_fallback::BeaconNodeFallback; +use slot_clock::SlotClock; +use std::ops::Deref; +use std::sync::Arc; +use task_executor::TaskExecutor; +use tokio::time::sleep; +use tracing::{debug, error, info, warn}; +use types::{ChainSpec, Epoch, EthSpec, ForkName, ProposerPreferences}; +use validator_store::ValidatorStore; + +pub struct Inner { + duties_service: Arc>, + validator_store: Arc, + slot_clock: T, + beacon_nodes: Arc>, + executor: TaskExecutor, + chain_spec: Arc, +} + +pub struct ProposerPreferencesService { + inner: Arc>, +} + +impl Clone for ProposerPreferencesService { + fn clone(&self) -> Self { + Self { + inner: self.inner.clone(), + } + } +} + +impl Deref for ProposerPreferencesService { + type Target = Inner; + + fn deref(&self) -> &Self::Target { + self.inner.deref() + } +} + +impl ProposerPreferencesService { + pub fn new( + duties_service: Arc>, + validator_store: Arc, + slot_clock: T, + beacon_nodes: Arc>, + executor: TaskExecutor, + chain_spec: Arc, + ) -> Self { + Self { + inner: Arc::new(Inner { + duties_service, + validator_store, + slot_clock, + beacon_nodes, + executor, + chain_spec, + }), + } + } + + pub fn start_update_service(self) -> Result<(), String> { + let slot_duration = self.chain_spec.get_slot_duration(); + info!("Proposer preferences service started"); + + let executor = self.executor.clone(); + + let interval_fut = async move { + loop { + let Some(current_slot) = self.slot_clock.now() else { + error!("Failed to read slot clock"); + sleep(slot_duration).await; + continue; + }; + + if !self + .chain_spec + .fork_name_at_slot::(current_slot) + .gloas_enabled() + { + let duration_to_next_epoch = self + .slot_clock + .duration_to_next_epoch(S::E::slots_per_epoch()) + .unwrap_or_else(|| slot_duration * S::E::slots_per_epoch() as u32); + sleep(duration_to_next_epoch).await; + continue; + } + + let current_epoch = current_slot.epoch(S::E::slots_per_epoch()); + let fork_name = self.chain_spec.fork_name_at_slot::(current_slot); + self.publish_proposer_preferences(current_epoch, fork_name) + .await; + + let duration_to_next_epoch = self + .slot_clock + .duration_to_next_epoch(S::E::slots_per_epoch()) + .unwrap_or_else(|| slot_duration * S::E::slots_per_epoch() as u32); + sleep(duration_to_next_epoch).await; + } + }; + + executor.spawn(interval_fut, "proposer_preferences_service"); + Ok(()) + } + + async fn publish_proposer_preferences(&self, current_epoch: Epoch, fork_name: ForkName) { + let (dependent_root, duties) = { + let proposers = self.duties_service.proposers.read(); + match proposers.get(¤t_epoch) { + Some((root, duties)) => (*root, duties.clone()), + None => return, + } + }; + + let preferences_to_sign: Vec<_> = { + let mut result = vec![]; + for duty in &duties { + let Some(proposal_data) = self.validator_store.proposal_data(&duty.pubkey) else { + warn!( + validator = ?duty.pubkey, + "Missing proposal data for proposer preferences" + ); + continue; + }; + let Some(fee_recipient) = proposal_data.fee_recipient else { + warn!( + validator = ?duty.pubkey, + "Missing fee recipient for proposer preferences" + ); + continue; + }; + result.push(( + duty.pubkey, + ProposerPreferences { + dependent_root, + proposal_slot: duty.slot, + validator_index: duty.validator_index, + fee_recipient, + gas_limit: proposal_data.gas_limit, + }, + )); + } + result + }; + + if preferences_to_sign.is_empty() { + return; + } + + debug!( + %current_epoch, + count = preferences_to_sign.len(), + "Signing proposer preferences" + ); + + let mut signed = Vec::with_capacity(preferences_to_sign.len()); + for (pubkey, preferences) in preferences_to_sign { + match self + .validator_store + .sign_proposer_preferences(pubkey, preferences) + .await + { + Ok(signed_prefs) => signed.push(signed_prefs), + Err(e) => { + error!( + error = ?e, + validator = ?pubkey, + "Failed to sign proposer preferences" + ); + } + } + } + + if signed.is_empty() { + return; + } + + let count = signed.len(); + let signed = Arc::new(signed); + let result = self + .beacon_nodes + .first_success(|beacon_node| { + let signed = signed.clone(); + async move { + match beacon_node + .post_validator_proposer_preferences_ssz(&signed, fork_name) + .await + { + Ok(()) => Ok(()), + Err(ssz_err) => { + debug!(error = ?ssz_err, "SSZ publish failed, falling back to JSON"); + beacon_node + .post_validator_proposer_preferences(&signed, fork_name) + .await + .map_err(|e| { + format!("Failed to publish proposer preferences: {e:?}") + }) + } + } + } + }) + .await; + + match result { + Ok(()) => { + info!( + %current_epoch, + %count, + "Successfully published proposer preferences" + ); + } + Err(e) => { + error!( + error = %e, + %current_epoch, + "Failed to publish proposer preferences" + ); + } + } + } +} diff --git a/validator_client/validator_store/src/lib.rs b/validator_client/validator_store/src/lib.rs index 4e5b415a41..d40c7994f1 100644 --- a/validator_client/validator_store/src/lib.rs +++ b/validator_client/validator_store/src/lib.rs @@ -8,10 +8,10 @@ use std::sync::Arc; use types::{ Address, Attestation, AttestationError, BlindedBeaconBlock, Epoch, EthSpec, ExecutionPayloadEnvelope, Graffiti, Hash256, PayloadAttestationData, PayloadAttestationMessage, - SelectionProof, SignedAggregateAndProof, SignedBlindedBeaconBlock, SignedContributionAndProof, - SignedExecutionPayloadEnvelope, SignedValidatorRegistrationData, Slot, - SyncCommitteeContribution, SyncCommitteeMessage, SyncSelectionProof, SyncSubnetId, - ValidatorRegistrationData, + ProposerPreferences, SelectionProof, SignedAggregateAndProof, SignedBlindedBeaconBlock, + SignedContributionAndProof, SignedExecutionPayloadEnvelope, SignedProposerPreferences, + SignedValidatorRegistrationData, Slot, SyncCommitteeContribution, SyncCommitteeMessage, + SyncSelectionProof, SyncSubnetId, ValidatorRegistrationData, }; #[derive(Debug, PartialEq, Clone)] @@ -213,6 +213,13 @@ pub trait ValidatorStore: Send + Sync { data: PayloadAttestationData, ) -> impl Future>> + Send; + /// Sign a `ProposerPreferences` message. + fn sign_proposer_preferences( + &self, + validator_pubkey: PublicKeyBytes, + preferences: ProposerPreferences, + ) -> impl Future>> + Send; + /// Returns `ProposalData` for the provided `pubkey` if it exists in `InitializedValidators`. /// `ProposalData` fields include defaulting logic described in `get_fee_recipient_defaulting`, /// `get_gas_limit_defaulting`, and `get_builder_proposals_defaulting`.