Process exits and slashings off the network (#1253)

* Process exits and slashings off the network * Fix rest_api tests * Add op verification tests * Add tests for pruning of slashings in the op pool * Address Paul's review comments
2026-03-14 18:32:42 +00:00 · 2020-06-18 21:06:34 +10:00
parent 3199b1a6f2
commit bcb6afa0aa
27 changed files with 956 additions and 273 deletions
--- a/beacon_node/beacon_chain/src/beacon_chain.rs
+++ b/beacon_node/beacon_chain/src/beacon_chain.rs
@@ -16,6 +16,7 @@ use crate::naive_aggregation_pool::{Error as NaiveAggregationError, NaiveAggrega
 use crate::observed_attestations::{Error as AttestationObservationError, ObservedAttestations};
 use crate::observed_attesters::{ObservedAggregators, ObservedAttesters};
 use crate::observed_block_producers::ObservedBlockProducers;
+use crate::observed_operations::{ObservationOutcome, ObservedOperations};
 use crate::persisted_beacon_chain::PersistedBeaconChain;
 use crate::persisted_fork_choice::PersistedForkChoice;
 use crate::shuffling_cache::ShufflingCache;
@@ -31,13 +32,10 @@ use parking_lot::RwLock;
 use slog::{crit, debug, error, info, trace, warn, Logger};
 use slot_clock::SlotClock;
 use state_processing::{
-    common::get_indexed_attestation,
-    per_block_processing::errors::{
-        AttestationValidationError, AttesterSlashingValidationError, ExitValidationError,
-        ProposerSlashingValidationError,
-    },
+    common::get_indexed_attestation, per_block_processing,
+    per_block_processing::errors::AttestationValidationError, per_slot_processing,
+    BlockSignatureStrategy, SigVerifiedOp,
 };
-use state_processing::{per_block_processing, per_slot_processing, BlockSignatureStrategy};
 use std::borrow::Cow;
 use std::cmp::Ordering;
 use std::collections::HashMap;
@@ -193,6 +191,12 @@ pub struct BeaconChain<T: BeaconChainTypes> {
    pub observed_aggregators: ObservedAggregators<T::EthSpec>,
    /// Maintains a record of which validators have proposed blocks for each slot.
    pub observed_block_producers: ObservedBlockProducers<T::EthSpec>,
+    /// Maintains a record of which validators have submitted voluntary exits.
+    pub observed_voluntary_exits: ObservedOperations<SignedVoluntaryExit, T::EthSpec>,
+    /// Maintains a record of which validators we've seen proposer slashings for.
+    pub observed_proposer_slashings: ObservedOperations<ProposerSlashing, T::EthSpec>,
+    /// Maintains a record of which validators we've seen attester slashings for.
+    pub observed_attester_slashings: ObservedOperations<AttesterSlashing<T::EthSpec>, T::EthSpec>,
    /// Provides information from the Ethereum 1 (PoW) chain.
    pub eth1_chain: Option<Eth1Chain<T::Eth1Chain, T::EthSpec>>,
    /// Stores a "snapshot" of the chain at the time the head-of-the-chain block was received.
@@ -1075,81 +1079,68 @@ impl<T: BeaconChainTypes> BeaconChain<T> {
        }
    }

-    /// Accept some exit and queue it for inclusion in an appropriate block.
-    pub fn process_voluntary_exit(
+    /// Verify a voluntary exit before allowing it to propagate on the gossip network.
+    pub fn verify_voluntary_exit_for_gossip(
        &self,
        exit: SignedVoluntaryExit,
-    ) -> Result<(), ExitValidationError> {
-        match self.wall_clock_state() {
-            Ok(state) => {
-                if self.eth1_chain.is_some() {
-                    self.op_pool.insert_voluntary_exit(exit, &state, &self.spec)
-                } else {
-                    Ok(())
-                }
-            }
-            Err(e) => {
-                error!(
-                    &self.log,
-                    "Unable to process voluntary exit";
-                    "error" => format!("{:?}", e),
-                    "reason" => "no state"
-                );
-                Ok(())
-            }
+    ) -> Result<ObservationOutcome<SignedVoluntaryExit>, Error> {
+        // NOTE: this could be more efficient if it avoided cloning the head state
+        let wall_clock_state = self.wall_clock_state()?;
+        Ok(self
+            .observed_voluntary_exits
+            .verify_and_observe(exit, &wall_clock_state, &self.spec)?)
+    }
+
+    /// Accept a pre-verified exit and queue it for inclusion in an appropriate block.
+    pub fn import_voluntary_exit(&self, exit: SigVerifiedOp<SignedVoluntaryExit>) {
+        if self.eth1_chain.is_some() {
+            self.op_pool.insert_voluntary_exit(exit)
        }
    }

+    /// Verify a proposer slashing before allowing it to propagate on the gossip network.
+    pub fn verify_proposer_slashing_for_gossip(
+        &self,
+        proposer_slashing: ProposerSlashing,
+    ) -> Result<ObservationOutcome<ProposerSlashing>, Error> {
+        let wall_clock_state = self.wall_clock_state()?;
+        Ok(self.observed_proposer_slashings.verify_and_observe(
+            proposer_slashing,
+            &wall_clock_state,
+            &self.spec,
+        )?)
+    }
+
    /// Accept some proposer slashing and queue it for inclusion in an appropriate block.
-    pub fn process_proposer_slashing(
-        &self,
-        proposer_slashing: ProposerSlashing,
-    ) -> Result<(), ProposerSlashingValidationError> {
-        match self.wall_clock_state() {
-            Ok(state) => {
-                if self.eth1_chain.is_some() {
-                    self.op_pool
-                        .insert_proposer_slashing(proposer_slashing, &state, &self.spec)
-                } else {
-                    Ok(())
-                }
-            }
-            Err(e) => {
-                error!(
-                    &self.log,
-                    "Unable to process proposer slashing";
-                    "error" => format!("{:?}", e),
-                    "reason" => "no state"
-                );
-                Ok(())
-            }
+    pub fn import_proposer_slashing(&self, proposer_slashing: SigVerifiedOp<ProposerSlashing>) {
+        if self.eth1_chain.is_some() {
+            self.op_pool.insert_proposer_slashing(proposer_slashing)
        }
    }

-    /// Accept some attester slashing and queue it for inclusion in an appropriate block.
-    pub fn process_attester_slashing(
+    /// Verify an attester slashing before allowing it to propagate on the gossip network.
+    pub fn verify_attester_slashing_for_gossip(
        &self,
        attester_slashing: AttesterSlashing<T::EthSpec>,
-    ) -> Result<(), AttesterSlashingValidationError> {
-        match self.wall_clock_state() {
-            Ok(state) => {
-                if self.eth1_chain.is_some() {
-                    self.op_pool
-                        .insert_attester_slashing(attester_slashing, &state, &self.spec)
-                } else {
-                    Ok(())
-                }
-            }
-            Err(e) => {
-                error!(
-                    &self.log,
-                    "Unable to process attester slashing";
-                    "error" => format!("{:?}", e),
-                    "reason" => "no state"
-                );
-                Ok(())
-            }
+    ) -> Result<ObservationOutcome<AttesterSlashing<T::EthSpec>>, Error> {
+        let wall_clock_state = self.wall_clock_state()?;
+        Ok(self.observed_attester_slashings.verify_and_observe(
+            attester_slashing,
+            &wall_clock_state,
+            &self.spec,
+        )?)
+    }
+
+    /// Accept some attester slashing and queue it for inclusion in an appropriate block.
+    pub fn import_attester_slashing(
+        &self,
+        attester_slashing: SigVerifiedOp<AttesterSlashing<T::EthSpec>>,
+    ) -> Result<(), Error> {
+        if self.eth1_chain.is_some() {
+            self.op_pool
+                .insert_attester_slashing(attester_slashing, self.head_info()?.fork)
        }
+        Ok(())
    }

    /// Attempt to verify and import a chain of blocks to `self`.
@@ -1637,8 +1628,7 @@ impl<T: BeaconChainTypes> BeaconChain<T> {
        let mut graffiti: [u8; 32] = [0; 32];
        graffiti.copy_from_slice(GRAFFITI.as_bytes());

-        let (proposer_slashings, attester_slashings) =
-            self.op_pool.get_slashings(&state, &self.spec);
+        let (proposer_slashings, attester_slashings) = self.op_pool.get_slashings(&state);

        let eth1_data = eth1_chain.eth1_data_for_block_production(&state, &self.spec)?;
        let deposits = eth1_chain
@@ -1930,7 +1920,8 @@ impl<T: BeaconChainTypes> BeaconChain<T> {
                .get_state(&finalized_block.state_root, Some(finalized_block.slot))?
                .ok_or_else(|| Error::MissingBeaconState(finalized_block.state_root))?;

-            self.op_pool.prune_all(&finalized_state, &self.spec);
+            self.op_pool
+                .prune_all(&finalized_state, self.head_info()?.fork);

            // TODO: configurable max finality distance
            let max_finality_distance = 0;
--- a/beacon_node/beacon_chain/src/builder.rs
+++ b/beacon_node/beacon_chain/src/builder.rs
@@ -283,8 +283,8 @@ where
            store
                .get_item::<PersistedOperationPool<TEthSpec>>(&Hash256::from_slice(&OP_POOL_DB_KEY))
                .map_err(|e| format!("DB error whilst reading persisted op pool: {:?}", e))?
-                .map(|persisted| persisted.into_operation_pool(&head_state, &self.spec))
-                .unwrap_or_else(|| OperationPool::new()),
+                .map(PersistedOperationPool::into_operation_pool)
+                .unwrap_or_else(OperationPool::new),
        );

        let finalized_block_root = head_state.finalized_checkpoint.root;
@@ -500,6 +500,10 @@ where
            observed_aggregators: <_>::default(),
            // TODO: allow for persisting and loading the pool from disk.
            observed_block_producers: <_>::default(),
+            // TODO: allow for persisting and loading the pool from disk.
+            observed_voluntary_exits: <_>::default(),
+            observed_proposer_slashings: <_>::default(),
+            observed_attester_slashings: <_>::default(),
            eth1_chain: self.eth1_chain,
            genesis_validators_root: canonical_head.beacon_state.genesis_validators_root,
            canonical_head: TimeoutRwLock::new(canonical_head.clone()),
--- a/beacon_node/beacon_chain/src/errors.rs
+++ b/beacon_node/beacon_chain/src/errors.rs
@@ -10,8 +10,12 @@ use ssz::DecodeError;
 use ssz_types::Error as SszTypesError;
 use state_processing::{
    block_signature_verifier::Error as BlockSignatureVerifierError,
-    per_block_processing::errors::AttestationValidationError,
-    signature_sets::Error as SignatureSetError, BlockProcessingError, SlotProcessingError,
+    per_block_processing::errors::{
+        AttestationValidationError, AttesterSlashingValidationError, ExitValidationError,
+        ProposerSlashingValidationError,
+    },
+    signature_sets::Error as SignatureSetError,
+    BlockProcessingError, SlotProcessingError,
 };
 use std::time::Duration;
 use types::*;
@@ -50,6 +54,9 @@ pub enum BeaconChainError {
    },
    CannotAttestToFutureState,
    AttestationValidationError(AttestationValidationError),
+    ExitValidationError(ExitValidationError),
+    ProposerSlashingValidationError(ProposerSlashingValidationError),
+    AttesterSlashingValidationError(AttesterSlashingValidationError),
    StateSkipTooLarge {
        start_slot: Slot,
        requested_slot: Slot,
@@ -78,6 +85,9 @@ pub enum BeaconChainError {

 easy_from_to!(SlotProcessingError, BeaconChainError);
 easy_from_to!(AttestationValidationError, BeaconChainError);
+easy_from_to!(ExitValidationError, BeaconChainError);
+easy_from_to!(ProposerSlashingValidationError, BeaconChainError);
+easy_from_to!(AttesterSlashingValidationError, BeaconChainError);
 easy_from_to!(SszTypesError, BeaconChainError);
 easy_from_to!(OpPoolError, BeaconChainError);
 easy_from_to!(NaiveAggregationError, BeaconChainError);
--- a/beacon_node/beacon_chain/src/lib.rs
+++ b/beacon_node/beacon_chain/src/lib.rs
@@ -18,6 +18,7 @@ mod naive_aggregation_pool;
 mod observed_attestations;
 mod observed_attesters;
 mod observed_block_producers;
+pub mod observed_operations;
 mod persisted_beacon_chain;
 mod persisted_fork_choice;
 mod shuffling_cache;
--- a/beacon_node/beacon_chain/src/observed_operations.rs
+++ b/beacon_node/beacon_chain/src/observed_operations.rs
@@ -0,0 +1,104 @@
+use derivative::Derivative;
+use parking_lot::Mutex;
+use smallvec::SmallVec;
+use state_processing::{SigVerifiedOp, VerifyOperation};
+use std::collections::HashSet;
+use std::iter::FromIterator;
+use std::marker::PhantomData;
+use types::{
+    AttesterSlashing, BeaconState, ChainSpec, EthSpec, ProposerSlashing, SignedVoluntaryExit,
+};
+
+/// Number of validator indices to store on the stack in `observed_validators`.
+pub const SMALL_VEC_SIZE: usize = 8;
+
+/// Stateful tracker for exit/slashing operations seen on the network.
+///
+/// Implements the conditions for gossip verification of exits and slashings from the P2P spec.
+#[derive(Debug, Derivative)]
+#[derivative(Default(bound = "T: ObservableOperation<E>, E: EthSpec"))]
+pub struct ObservedOperations<T: ObservableOperation<E>, E: EthSpec> {
+    /// Indices of validators for whom we have already seen an instance of an operation `T`.
+    ///
+    /// For voluntary exits, this is the set of all `signed_voluntary_exit.message.validator_index`.
+    /// For proposer slashings, this is the set of all `proposer_slashing.index`.
+    /// For attester slashings, this is the set of all validators who would be slashed by
+    /// previously seen attester slashings, i.e. those validators in the intersection of
+    /// `attestation_1.attester_indices` and `attestation_2.attester_indices`.
+    observed_validator_indices: Mutex<HashSet<u64>>,
+    _phantom: PhantomData<(T, E)>,
+}
+
+/// Was the observed operation new and valid for further processing, or a useless duplicate?
+#[derive(Debug, PartialEq, Eq, Clone)]
+pub enum ObservationOutcome<T> {
+    New(SigVerifiedOp<T>),
+    AlreadyKnown,
+}
+
+/// Trait for exits and slashings which can be observed using `ObservedOperations`.
+pub trait ObservableOperation<E: EthSpec>: VerifyOperation<E> + Sized {
+    /// The set of validator indices involved in this operation.
+    ///
+    /// See the comment on `observed_validator_indices` above for detail.
+    fn observed_validators(&self) -> SmallVec<[u64; SMALL_VEC_SIZE]>;
+}
+
+impl<E: EthSpec> ObservableOperation<E> for SignedVoluntaryExit {
+    fn observed_validators(&self) -> SmallVec<[u64; SMALL_VEC_SIZE]> {
+        std::iter::once(self.message.validator_index).collect()
+    }
+}
+
+impl<E: EthSpec> ObservableOperation<E> for ProposerSlashing {
+    fn observed_validators(&self) -> SmallVec<[u64; SMALL_VEC_SIZE]> {
+        std::iter::once(self.signed_header_1.message.proposer_index).collect()
+    }
+}
+
+impl<E: EthSpec> ObservableOperation<E> for AttesterSlashing<E> {
+    fn observed_validators(&self) -> SmallVec<[u64; SMALL_VEC_SIZE]> {
+        let attestation_1_indices =
+            HashSet::<u64>::from_iter(self.attestation_1.attesting_indices.iter().copied());
+        let attestation_2_indices =
+            HashSet::<u64>::from_iter(self.attestation_2.attesting_indices.iter().copied());
+        attestation_1_indices
+            .intersection(&attestation_2_indices)
+            .copied()
+            .collect()
+    }
+}
+
+impl<T: ObservableOperation<E>, E: EthSpec> ObservedOperations<T, E> {
+    pub fn verify_and_observe(
+        &self,
+        op: T,
+        head_state: &BeaconState<E>,
+        spec: &ChainSpec,
+    ) -> Result<ObservationOutcome<T>, T::Error> {
+        let mut observed_validator_indices = self.observed_validator_indices.lock();
+        let new_validator_indices = op.observed_validators();
+
+        // If all of the new validator indices have been previously observed, short-circuit
+        // the validation. This implements the uniqueness check part of the spec, which for attester
+        // slashings reads:
+        //
+        // At least one index in the intersection of the attesting indices of each attestation has
+        // not yet been seen in any prior attester_slashing.
+        if new_validator_indices
+            .iter()
+            .all(|index| observed_validator_indices.contains(index))
+        {
+            return Ok(ObservationOutcome::AlreadyKnown);
+        }
+
+        // Validate the op using operation-specific logic (`verify_attester_slashing`, etc).
+        let verified_op = op.validate(head_state, spec)?;
+
+        // Add the relevant indices to the set of known indices to prevent processing of duplicates
+        // in the future.
+        observed_validator_indices.extend(new_validator_indices);
+
+        Ok(ObservationOutcome::New(verified_op))
+    }
+}