Doppelganger detection (#2230)

## Issue Addressed Resolves #2069 ## Proposed Changes - Adds a `--doppelganger-detection` flag - Adds a `lighthouse/seen_validators` endpoint, which will make it so the lighthouse VC is not interopable with other client beacon nodes if the `--doppelganger-detection` flag is used, but hopefully this will become standardized. Relevant Eth2 API repo issue: https://github.com/ethereum/eth2.0-APIs/issues/64 - If the `--doppelganger-detection` flag is used, the VC will wait until the beacon node is synced, and then wait an additional 2 epochs. The reason for this is to make sure the beacon node is able to subscribe to the subnets our validators should be attesting on. I think an alternative would be to have the beacon node subscribe to all subnets for 2+ epochs on startup by default. ## Additional Info I'd like to add tests and would appreciate feedback. TODO: handle validators started via the API, potentially make this default behavior Co-authored-by: realbigsean <seananderson33@gmail.com> Co-authored-by: Michael Sproul <michael@sigmaprime.io> Co-authored-by: Paul Hauner <paul@paulhauner.com>
2026-03-15 10:52:43 +00:00 · 2021-07-31 03:50:52 +00:00
parent 834ee98bc2
commit c5786a8821
38 changed files with 2302 additions and 201 deletions
--- a/validator_client/src/http_api/mod.rs
+++ b/validator_client/src/http_api/mod.rs
@@ -50,10 +50,10 @@ impl From<String> for Error {
 /// A wrapper around all the items required to spawn the HTTP server.
 ///
 /// The server will gracefully handle the case where any fields are `None`.
-pub struct Context<T: Clone, E: EthSpec> {
+pub struct Context<T: SlotClock, E: EthSpec> {
    pub runtime: Weak<Runtime>,
    pub api_secret: ApiSecret,
-    pub validator_store: Option<ValidatorStore<T, E>>,
+    pub validator_store: Option<Arc<ValidatorStore<T, E>>>,
    pub validator_dir: Option<PathBuf>,
    pub spec: ChainSpec,
    pub config: Config,
@@ -203,7 +203,7 @@ pub fn serve<T: 'static + SlotClock + Clone, E: EthSpec>(
        .and(warp::path::end())
        .and(validator_store_filter.clone())
        .and(signer.clone())
-        .and_then(|validator_store: ValidatorStore<T, E>, signer| {
+        .and_then(|validator_store: Arc<ValidatorStore<T, E>>, signer| {
            blocking_signed_json_task(signer, move || {
                let validators = validator_store
                    .initialized_validators()
@@ -229,7 +229,7 @@ pub fn serve<T: 'static + SlotClock + Clone, E: EthSpec>(
        .and(validator_store_filter.clone())
        .and(signer.clone())
        .and_then(
-            |validator_pubkey: PublicKey, validator_store: ValidatorStore<T, E>, signer| {
+            |validator_pubkey: PublicKey, validator_store: Arc<ValidatorStore<T, E>>, signer| {
                blocking_signed_json_task(signer, move || {
                    let validator = validator_store
                        .initialized_validators()
@@ -267,7 +267,7 @@ pub fn serve<T: 'static + SlotClock + Clone, E: EthSpec>(
        .and_then(
            |body: Vec<api_types::ValidatorRequest>,
             validator_dir: PathBuf,
-             validator_store: ValidatorStore<T, E>,
+             validator_store: Arc<ValidatorStore<T, E>>,
             spec: Arc<ChainSpec>,
             signer,
             runtime: Weak<Runtime>| {
@@ -309,7 +309,7 @@ pub fn serve<T: 'static + SlotClock + Clone, E: EthSpec>(
        .and_then(
            |body: api_types::CreateValidatorsMnemonicRequest,
             validator_dir: PathBuf,
-             validator_store: ValidatorStore<T, E>,
+             validator_store: Arc<ValidatorStore<T, E>>,
             spec: Arc<ChainSpec>,
             signer,
             runtime: Weak<Runtime>| {
@@ -353,7 +353,7 @@ pub fn serve<T: 'static + SlotClock + Clone, E: EthSpec>(
        .and_then(
            |body: api_types::KeystoreValidatorsPostRequest,
             validator_dir: PathBuf,
-             validator_store: ValidatorStore<T, E>,
+             validator_store: Arc<ValidatorStore<T, E>>,
             signer,
             runtime: Weak<Runtime>| {
                blocking_signed_json_task(signer, move || {
@@ -428,7 +428,7 @@ pub fn serve<T: 'static + SlotClock + Clone, E: EthSpec>(
        .and_then(
            |validator_pubkey: PublicKey,
             body: api_types::ValidatorPatchRequest,
-             validator_store: ValidatorStore<T, E>,
+             validator_store: Arc<ValidatorStore<T, E>>,
             signer,
             runtime: Weak<Runtime>| {
                blocking_signed_json_task(signer, move || {
--- a/validator_client/src/http_api/tests.rs
+++ b/validator_client/src/http_api/tests.rs
@@ -1,6 +1,7 @@
 #![cfg(test)]
 #![cfg(not(debug_assertions))]

+use crate::doppelganger_service::DoppelgangerService;
 use crate::{
    http_api::{ApiSecret, Config as HttpConfig, Context},
    Config, ForkServiceBuilder, InitializedValidators, ValidatorDefinitions, ValidatorStore,
@@ -85,16 +86,21 @@ impl ApiTester {
            Hash256::repeat_byte(42),
            spec,
            fork_service.clone(),
+            Some(Arc::new(DoppelgangerService::new(log.clone()))),
            log.clone(),
        );

+        validator_store
+            .register_all_in_doppelganger_protection_if_enabled()
+            .expect("Should attach doppelganger service");
+
        let initialized_validators = validator_store.initialized_validators();

        let context: Arc<Context<TestingSlotClock, E>> = Arc::new(Context {
            runtime,
            api_secret,
            validator_dir: Some(validator_dir.path().into()),
-            validator_store: Some(validator_store),
+            validator_store: Some(Arc::new(validator_store)),
            spec: E::default_spec(),
            config: HttpConfig {
                enabled: true,