mirror of
https://github.com/sigp/lighthouse.git
synced 2026-03-14 18:32:42 +00:00
Batch BLS verification for attestations (#2399)
## Issue Addressed NA ## Proposed Changes Adds the ability to verify batches of aggregated/unaggregated attestations from the network. When the `BeaconProcessor` finds there are messages in the aggregated or unaggregated attestation queues, it will first check the length of the queue: - `== 1` verify the attestation individually. - `>= 2` take up to 64 of those attestations and verify them in a batch. Notably, we only perform batch verification if the queue has a backlog. We don't apply any artificial delays to attestations to try and force them into batches. ### Batching Details To assist with implementing batches we modify `beacon_chain::attestation_verification` to have two distinct categories for attestations: - *Indexed* attestations: those which have passed initial validation and were valid enough for us to derive an `IndexedAttestation`. - *Verified* attestations: those attestations which were indexed *and also* passed signature verification. These are well-formed, interesting messages which were signed by validators. The batching functions accept `n` attestations and then return `n` attestation verification `Result`s, where those `Result`s can be any combination of `Ok` or `Err`. In other words, we attempt to verify as many attestations as possible and return specific per-attestation results so peer scores can be updated, if required. When we batch verify attestations, we first try to map all those attestations to *indexed* attestations. If any of those attestations were able to be indexed, we then perform batch BLS verification on those indexed attestations. If the batch verification succeeds, we convert them into *verified* attestations, disabling individual signature checking. If the batch fails, we convert to verified attestations with individual signature checking enabled. Ultimately, we optimistically try to do a batch verification of attestation signatures and fall-back to individual verification if it fails. This opens an attach vector for "poisoning" the attestations and causing us to waste a batch verification. I argue that peer scoring should do a good-enough job of defending against this and the typical-case gains massively outweigh the worst-case losses. ## Additional Info Before this PR, attestation verification took the attestations by value (instead of by reference). It turns out that this was unnecessary and, in my opinion, resulted in some undesirable ergonomics (e.g., we had to pass the attestation back in the `Err` variant to avoid clones). In this PR I've modified attestation verification so that it now takes a reference. I refactored the `beacon_chain/tests/attestation_verification.rs` tests so they use a builder-esque "tester" struct instead of a weird macro. It made it easier for me to test individual/batch with the same set of tests and I think it was a nice tidy-up. Notably, I did this last to try and make sure my new refactors to *actual* production code would pass under the existing test suite.
This commit is contained in:
Paul Hauner
@@ -16,7 +16,7 @@ mod validator_inclusion;
|
||||
mod version;
|
||||
|
||||
use beacon_chain::{
|
||||
attestation_verification::SignatureVerifiedAttestation,
|
||||
attestation_verification::VerifiedAttestation,
|
||||
observed_operations::ObservationOutcome,
|
||||
validator_monitor::{get_block_delay_ms, timestamp_now},
|
||||
AttestationError as AttnError, BeaconChain, BeaconChainError, BeaconChainTypes,
|
||||
@@ -1066,7 +1066,7 @@ pub fn serve<T: BeaconChainTypes>(
|
||||
|
||||
for (index, attestation) in attestations.as_slice().iter().enumerate() {
|
||||
let attestation = match chain
|
||||
.verify_unaggregated_attestation_for_gossip(attestation.clone(), None)
|
||||
.verify_unaggregated_attestation_for_gossip(attestation, None)
|
||||
{
|
||||
Ok(attestation) => attestation,
|
||||
Err(e) => {
|
||||
@@ -1121,7 +1121,7 @@ pub fn serve<T: BeaconChainTypes>(
|
||||
));
|
||||
};
|
||||
|
||||
if let Err(e) = chain.add_to_naive_aggregation_pool(attestation) {
|
||||
if let Err(e) = chain.add_to_naive_aggregation_pool(&attestation) {
|
||||
error!(log,
|
||||
"Failure adding verified attestation to the naive aggregation pool";
|
||||
"error" => ?e,
|
||||
@@ -1958,7 +1958,7 @@ pub fn serve<T: BeaconChainTypes>(
|
||||
let mut failures = Vec::new();
|
||||
|
||||
// Verify that all messages in the post are valid before processing further
|
||||
for (index, aggregate) in aggregates.into_iter().enumerate() {
|
||||
for (index, aggregate) in aggregates.iter().enumerate() {
|
||||
match chain.verify_aggregated_attestation_for_gossip(aggregate) {
|
||||
Ok(verified_aggregate) => {
|
||||
messages.push(PubsubMessage::AggregateAndProofAttestation(Box::new(
|
||||
@@ -1984,8 +1984,8 @@ pub fn serve<T: BeaconChainTypes>(
|
||||
// It's reasonably likely that two different validators produce
|
||||
// identical aggregates, especially if they're using the same beacon
|
||||
// node.
|
||||
Err((AttnError::AttestationAlreadyKnown(_), _)) => continue,
|
||||
Err((e, aggregate)) => {
|
||||
Err(AttnError::AttestationAlreadyKnown(_)) => continue,
|
||||
Err(e) => {
|
||||
error!(log,
|
||||
"Failure verifying aggregate and proofs";
|
||||
"error" => format!("{:?}", e),
|
||||
@@ -2017,7 +2017,7 @@ pub fn serve<T: BeaconChainTypes>(
|
||||
);
|
||||
failures.push(api_types::Failure::new(index, format!("Fork choice: {:?}", e)));
|
||||
}
|
||||
if let Err(e) = chain.add_to_block_inclusion_pool(verified_aggregate) {
|
||||
if let Err(e) = chain.add_to_block_inclusion_pool(&verified_aggregate) {
|
||||
warn!(log,
|
||||
"Could not add verified aggregate attestation to the inclusion pool";
|
||||
"error" => format!("{:?}", e),
|
||||
|
||||
Reference in New Issue
Block a user