mirror of
https://github.com/sigp/lighthouse.git
synced 2026-03-11 18:04:18 +00:00
be4e261e74
## Overview
This rather extensive PR achieves two primary goals:
1. Uses the finalized/justified checkpoints of fork choice (FC), rather than that of the head state.
2. Refactors fork choice, block production and block processing to `async` functions.
Additionally, it achieves:
- Concurrent forkchoice updates to the EL and cache pruning after a new head is selected.
- Concurrent "block packing" (attestations, etc) and execution payload retrieval during block production.
- Concurrent per-block-processing and execution payload verification during block processing.
- The `Arc`-ification of `SignedBeaconBlock` during block processing (it's never mutated, so why not?):
- I had to do this to deal with sending blocks into spawned tasks.
- Previously we were cloning the beacon block at least 2 times during each block processing, these clones are either removed or turned into cheaper `Arc` clones.
- We were also `Box`-ing and un-`Box`-ing beacon blocks as they moved throughout the networking crate. This is not a big deal, but it's nice to avoid shifting things between the stack and heap.
- Avoids cloning *all the blocks* in *every chain segment* during sync.
- It also has the potential to clean up our code where we need to pass an *owned* block around so we can send it back in the case of an error (I didn't do much of this, my PR is already big enough 😅)
- The `BeaconChain::HeadSafetyStatus` struct was removed. It was an old relic from prior merge specs.
For motivation for this change, see https://github.com/sigp/lighthouse/pull/3244#issuecomment-1160963273
## Changes to `canonical_head` and `fork_choice`
Previously, the `BeaconChain` had two separate fields:
```
canonical_head: RwLock<Snapshot>,
fork_choice: RwLock<BeaconForkChoice>
```
Now, we have grouped these values under a single struct:
```
canonical_head: CanonicalHead {
cached_head: RwLock<Arc<Snapshot>>,
fork_choice: RwLock<BeaconForkChoice>
}
```
Apart from ergonomics, the only *actual* change here is wrapping the canonical head snapshot in an `Arc`. This means that we no longer need to hold the `cached_head` (`canonical_head`, in old terms) lock when we want to pull some values from it. This was done to avoid deadlock risks by preventing functions from acquiring (and holding) the `cached_head` and `fork_choice` locks simultaneously.
## Breaking Changes
### The `state` (root) field in the `finalized_checkpoint` SSE event
Consider the scenario where epoch `n` is just finalized, but `start_slot(n)` is skipped. There are two state roots we might in the `finalized_checkpoint` SSE event:
1. The state root of the finalized block, which is `get_block(finalized_checkpoint.root).state_root`.
4. The state root at slot of `start_slot(n)`, which would be the state from (1), but "skipped forward" through any skip slots.
Previously, Lighthouse would choose (2). However, we can see that when [Teku generates that event](de2b2801c8/data/beaconrestapi/src/main/java/tech/pegasys/teku/beaconrestapi/handlers/v1/events/EventSubscriptionManager.java (L171-L182)) it uses [`getStateRootFromBlockRoot`](de2b2801c8/data/provider/src/main/java/tech/pegasys/teku/api/ChainDataProvider.java (L336-L341)) which uses (1).
I have switched Lighthouse from (2) to (1). I think it's a somewhat arbitrary choice between the two, where (1) is easier to compute and is consistent with Teku.
## Notes for Reviewers
I've renamed `BeaconChain::fork_choice` to `BeaconChain::recompute_head`. Doing this helped ensure I broke all previous uses of fork choice and I also find it more descriptive. It describes an action and can't be confused with trying to get a reference to the `ForkChoice` struct.
I've changed the ordering of SSE events when a block is received. It used to be `[block, finalized, head]` and now it's `[block, head, finalized]`. It was easier this way and I don't think we were making any promises about SSE event ordering so it's not "breaking".
I've made it so fork choice will run when it's first constructed. I did this because I wanted to have a cached version of the last call to `get_head`. Ensuring `get_head` has been run *at least once* means that the cached values doesn't need to wrapped in an `Option`. This was fairly simple, it just involved passing a `slot` to the constructor so it knows *when* it's being run. When loading a fork choice from the store and a slot clock isn't handy I've just used the `slot` that was saved in the `fork_choice_store`. That seems like it would be a faithful representation of the slot when we saved it.
I added the `genesis_time: u64` to the `BeaconChain`. It's small, constant and nice to have around.
Since we're using FC for the fin/just checkpoints, we no longer get the `0x00..00` roots at genesis. You can see I had to remove a work-around in `ef-tests` here: b56be3bc2. I can't find any reason why this would be an issue, if anything I think it'll be better since the genesis-alias has caught us out a few times (0x00..00 isn't actually a real root). Edit: I did find a case where the `network` expected the 0x00..00 alias and patched it here: 3f26ac3e2.
You'll notice a lot of changes in tests. Generally, tests should be functionally equivalent. Here are the things creating the most diff-noise in tests:
- Changing tests to be `tokio::async` tests.
- Adding `.await` to fork choice, block processing and block production functions.
- Refactor of the `canonical_head` "API" provided by the `BeaconChain`. E.g., `chain.canonical_head.cached_head()` instead of `chain.canonical_head.read()`.
- Wrapping `SignedBeaconBlock` in an `Arc`.
- In the `beacon_chain/tests/block_verification`, we can't use the `lazy_static` `CHAIN_SEGMENT` variable anymore since it's generated with an async function. We just generate it in each test, not so efficient but hopefully insignificant.
I had to disable `rayon` concurrent tests in the `fork_choice` tests. This is because the use of `rayon` and `block_on` was causing a panic.
Co-authored-by: Mac L <mjladson@pm.me>
362 lines
11 KiB
Rust
362 lines
11 KiB
Rust
use super::*;
|
|
use beacon_chain::test_utils::{BeaconChainHarness, EphemeralHarnessType};
|
|
use state_processing::{
|
|
per_block_processing, per_block_processing::errors::ExitInvalid, BlockProcessingError,
|
|
BlockSignatureStrategy, VerifyBlockRoot,
|
|
};
|
|
use types::{BeaconBlock, BeaconState, Epoch, EthSpec, SignedBeaconBlock};
|
|
|
|
// Default validator index to exit.
|
|
pub const VALIDATOR_INDEX: u64 = 0;
|
|
// Epoch that the state will be transitioned to by default, equal to SHARD_COMMITTEE_PERIOD.
|
|
pub const STATE_EPOCH: Epoch = Epoch::new(256);
|
|
|
|
struct ExitTest {
|
|
validator_index: u64,
|
|
exit_epoch: Epoch,
|
|
state_epoch: Epoch,
|
|
state_modifier: Box<dyn FnOnce(&mut BeaconState<E>)>,
|
|
#[allow(clippy::type_complexity)]
|
|
block_modifier:
|
|
Box<dyn FnOnce(&BeaconChainHarness<EphemeralHarnessType<E>>, &mut BeaconBlock<E>)>,
|
|
#[allow(dead_code)]
|
|
expected: Result<(), BlockProcessingError>,
|
|
}
|
|
|
|
impl Default for ExitTest {
|
|
fn default() -> Self {
|
|
Self {
|
|
validator_index: VALIDATOR_INDEX,
|
|
exit_epoch: STATE_EPOCH,
|
|
state_epoch: STATE_EPOCH,
|
|
state_modifier: Box::new(|_| ()),
|
|
block_modifier: Box::new(|_, _| ()),
|
|
expected: Ok(()),
|
|
}
|
|
}
|
|
}
|
|
|
|
impl ExitTest {
|
|
async fn block_and_pre_state(self) -> (SignedBeaconBlock<E>, BeaconState<E>) {
|
|
let harness = get_harness::<E>(
|
|
self.state_epoch.start_slot(E::slots_per_epoch()),
|
|
VALIDATOR_COUNT,
|
|
)
|
|
.await;
|
|
let mut state = harness.get_current_state();
|
|
(self.state_modifier)(&mut state);
|
|
|
|
let block_modifier = self.block_modifier;
|
|
let validator_index = self.validator_index;
|
|
let exit_epoch = self.exit_epoch;
|
|
|
|
let (signed_block, state) = harness
|
|
.make_block_with_modifier(state.clone(), state.slot() + 1, |block| {
|
|
harness.add_voluntary_exit(block, validator_index, exit_epoch);
|
|
block_modifier(&harness, block);
|
|
})
|
|
.await;
|
|
(signed_block, state)
|
|
}
|
|
|
|
fn process(
|
|
block: &SignedBeaconBlock<E>,
|
|
state: &mut BeaconState<E>,
|
|
) -> Result<(), BlockProcessingError> {
|
|
per_block_processing(
|
|
state,
|
|
block,
|
|
None,
|
|
BlockSignatureStrategy::VerifyIndividual,
|
|
VerifyBlockRoot::True,
|
|
&E::default_spec(),
|
|
)
|
|
}
|
|
|
|
#[cfg(all(test, not(debug_assertions)))]
|
|
async fn run(self) -> BeaconState<E> {
|
|
let spec = &E::default_spec();
|
|
let expected = self.expected.clone();
|
|
assert_eq!(STATE_EPOCH, spec.shard_committee_period);
|
|
|
|
let (block, mut state) = self.block_and_pre_state().await;
|
|
|
|
let result = Self::process(&block, &mut state);
|
|
|
|
assert_eq!(result, expected);
|
|
|
|
state
|
|
}
|
|
|
|
async fn test_vector(self, title: String) -> TestVector {
|
|
let (block, pre_state) = self.block_and_pre_state().await;
|
|
let mut post_state = pre_state.clone();
|
|
let (post_state, error) = match Self::process(&block, &mut post_state) {
|
|
Ok(_) => (Some(post_state), None),
|
|
Err(e) => (None, Some(format!("{:?}", e))),
|
|
};
|
|
|
|
TestVector {
|
|
title,
|
|
pre_state,
|
|
block,
|
|
post_state,
|
|
error,
|
|
}
|
|
}
|
|
}
|
|
|
|
vectors_and_tests!(
|
|
// Ensures we can process a valid exit,
|
|
valid_single_exit,
|
|
ExitTest::default(),
|
|
// Tests three exits in the same block.
|
|
valid_three_exits,
|
|
ExitTest {
|
|
block_modifier: Box::new(|harness, block| {
|
|
harness.add_voluntary_exit(block, 1, STATE_EPOCH);
|
|
harness.add_voluntary_exit(block, 2, STATE_EPOCH);
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Ensures that a validator cannot be exited twice in the same block.
|
|
invalid_duplicate,
|
|
ExitTest {
|
|
block_modifier: Box::new(|_, block| {
|
|
// Duplicate the exit
|
|
let exit = block.body().voluntary_exits()[0].clone();
|
|
block.body_mut().voluntary_exits_mut().push(exit).unwrap();
|
|
}),
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 1,
|
|
reason: ExitInvalid::AlreadyExited(0),
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// validator = state.validators[voluntary_exit.validator_index]
|
|
// ```
|
|
invalid_validator_unknown,
|
|
ExitTest {
|
|
block_modifier: Box::new(|_, block| {
|
|
block.body_mut().voluntary_exits_mut()[0]
|
|
.message
|
|
.validator_index = VALIDATOR_COUNT as u64;
|
|
}),
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::ValidatorUnknown(VALIDATOR_COUNT as u64),
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// # Verify exit has not been initiated
|
|
// assert validator.exit_epoch == FAR_FUTURE_EPOCH
|
|
// ```
|
|
invalid_exit_already_initiated,
|
|
ExitTest {
|
|
state_modifier: Box::new(|state| {
|
|
state.validators_mut()[0].exit_epoch = STATE_EPOCH + 1;
|
|
}),
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::AlreadyExited(0),
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// # Verify the validator is active
|
|
// assert is_active_validator(validator, get_current_epoch(state))
|
|
// ```
|
|
invalid_not_active_before_activation_epoch,
|
|
ExitTest {
|
|
state_modifier: Box::new(|state| {
|
|
state.validators_mut()[0].activation_epoch = E::default_spec().far_future_epoch;
|
|
}),
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::NotActive(0),
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Also tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// # Verify the validator is active
|
|
// assert is_active_validator(validator, get_current_epoch(state))
|
|
// ```
|
|
invalid_not_active_after_exit_epoch,
|
|
ExitTest {
|
|
state_modifier: Box::new(|state| {
|
|
state.validators_mut()[0].exit_epoch = STATE_EPOCH;
|
|
}),
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::NotActive(0),
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Ensures we can process an exit from genesis.
|
|
valid_genesis_epoch,
|
|
ExitTest {
|
|
exit_epoch: Epoch::new(0),
|
|
..ExitTest::default()
|
|
},
|
|
// Ensures we can process an exit from the previous epoch.
|
|
valid_previous_epoch,
|
|
ExitTest {
|
|
exit_epoch: STATE_EPOCH - 1,
|
|
..ExitTest::default()
|
|
},
|
|
// Tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// # Exits must specify an epoch when they become valid; they are not
|
|
// # valid before then
|
|
// assert get_current_epoch(state) >= voluntary_exit.epoch
|
|
// ```
|
|
invalid_future_exit_epoch,
|
|
ExitTest {
|
|
exit_epoch: STATE_EPOCH + 1,
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::FutureEpoch {
|
|
state: STATE_EPOCH,
|
|
exit: STATE_EPOCH + 1,
|
|
},
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// # Verify the validator has been active long enough
|
|
// assert get_current_epoch(state) >= validator.activation_epoch + PERSISTENT_COMMITTEE_PERIOD
|
|
// ```
|
|
invalid_too_young_by_one_epoch,
|
|
ExitTest {
|
|
state_epoch: STATE_EPOCH - 1,
|
|
exit_epoch: STATE_EPOCH - 1,
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::TooYoungToExit {
|
|
current_epoch: STATE_EPOCH - 1,
|
|
earliest_exit_epoch: STATE_EPOCH,
|
|
},
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Also tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// # Verify the validator has been active long enough
|
|
// assert get_current_epoch(state) >= validator.activation_epoch + PERSISTENT_COMMITTEE_PERIOD
|
|
// ```
|
|
invalid_too_young_by_a_lot,
|
|
ExitTest {
|
|
state_epoch: Epoch::new(0),
|
|
exit_epoch: Epoch::new(0),
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::TooYoungToExit {
|
|
current_epoch: Epoch::new(0),
|
|
earliest_exit_epoch: STATE_EPOCH,
|
|
},
|
|
}),
|
|
..ExitTest::default()
|
|
},
|
|
// Tests the following line of the spec:
|
|
//
|
|
// Spec v0.12.1
|
|
//
|
|
// ```ignore
|
|
// # Verify signature
|
|
// domain = get_domain(state, DOMAIN_VOLUNTARY_EXIT,
|
|
// voluntary_exit.epoch)
|
|
// signing_root = compute_signing_root(voluntary_exit, domain)
|
|
// assert bls.Verify(validator.pubkey, signing_root,
|
|
// signed_voluntary_exit.signature)
|
|
// ```
|
|
invalid_bad_signature,
|
|
ExitTest {
|
|
block_modifier: Box::new(|_, block| {
|
|
// Shift the validator index by 1 so that it's mismatched from the key that was
|
|
// used to sign.
|
|
block.body_mut().voluntary_exits_mut()[0]
|
|
.message
|
|
.validator_index = VALIDATOR_INDEX + 1;
|
|
}),
|
|
expected: Err(BlockProcessingError::ExitInvalid {
|
|
index: 0,
|
|
reason: ExitInvalid::BadSignature,
|
|
}),
|
|
..ExitTest::default()
|
|
}
|
|
);
|
|
|
|
#[cfg(all(test, not(debug_assertions)))]
|
|
mod custom_tests {
|
|
use super::*;
|
|
|
|
fn assert_exited(state: &BeaconState<E>, validator_index: usize) {
|
|
let spec = E::default_spec();
|
|
|
|
let validator = &state.validators()[validator_index];
|
|
assert_eq!(
|
|
validator.exit_epoch,
|
|
// This is correct until we exceed the churn limit. If that happens, we
|
|
// need to introduce more complex logic.
|
|
state.current_epoch() + 1 + spec.max_seed_lookahead,
|
|
"exit epoch"
|
|
);
|
|
assert_eq!(
|
|
validator.withdrawable_epoch,
|
|
validator.exit_epoch + E::default_spec().min_validator_withdrawability_delay,
|
|
"withdrawable epoch"
|
|
);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn valid() {
|
|
let state = ExitTest::default().run().await;
|
|
assert_exited(&state, VALIDATOR_INDEX as usize);
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn valid_three() {
|
|
let state = ExitTest {
|
|
block_modifier: Box::new(|harness, block| {
|
|
harness.add_voluntary_exit(block, 1, STATE_EPOCH);
|
|
harness.add_voluntary_exit(block, 2, STATE_EPOCH);
|
|
}),
|
|
..ExitTest::default()
|
|
}
|
|
.run()
|
|
.await;
|
|
|
|
for i in &[VALIDATOR_INDEX, 1, 2] {
|
|
assert_exited(&state, *i as usize);
|
|
}
|
|
}
|
|
}
|