From 360a1dd598c046aa400a87e69ec81919525fcb51 Mon Sep 17 00:00:00 2001 From: Alex Stokes Date: Tue, 13 Apr 2021 14:33:07 -0700 Subject: [PATCH 1/5] Respect subcommittees in gossip validations for Altair --- specs/altair/p2p-interface.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/specs/altair/p2p-interface.md b/specs/altair/p2p-interface.md index a32137d1f..e12b8e01d 100644 --- a/specs/altair/p2p-interface.md +++ b/specs/altair/p2p-interface.md @@ -83,15 +83,23 @@ See the [state transition document](./beacon-chain.md#beaconblockbody) for Altai This topic is used to propagate partially aggregated sync committee signatures to be included in future blocks. -The following validations MUST pass before forwarding the `signed_contribution_and_proof` on the network; define `contribution_and_proof = signed_contribution_and_proof.message` and `contribution = contribution_and_proof.contribution` for convenience: +The following validations MUST pass before forwarding the `signed_contribution_and_proof` on the network; define `contribution_and_proof = signed_contribution_and_proof.message`, `contribution = contribution_and_proof.contribution`, and the following function `get_sync_subcommittee_pubkeys` for convenience: + +```python +SYNC_SUBCOMMITTEE_SIZE = SYNC_COMMITTEE_SIZE // SYNC_COMMITTEE_SUBNET_COUNT + +def get_sync_subcommittee_pubkeys(state: BeaconState, subcommittee_index: uint64) -> Sequence[BLSPubkey]: + i = subcommittee_index * SYNC_SUBCOMMITTEE_SIZE + return state.current_sync_committee.pubkeys[i:i+SYNC_SUBCOMMITTEE_SIZE] +``` - _[IGNORE]_ The contribution's slot is for the current slot, i.e. `contribution.slot == current_slot`. - _[IGNORE]_ The block being signed over (`contribution.beacon_block_root`) has been seen (via both gossip and non-gossip sources). - _[REJECT]_ The subcommittee index is in the allowed range, i.e. `contribution.subcommittee_index < SYNC_COMMITTEE_SUBNET_COUNT`. -- _[IGNORE]_ The sync committee contribution is the first valid contribution received for the aggregator with index `contribution_and_proof.aggregator_index` for the slot `contribution.slot`. -- _[REJECT]_ `contribution_and_proof.selection_proof` selects the validator as an aggregator for the slot -- i.e. `is_sync_committee_aggregator(state, contribution.slot, contribution_and_proof.selection_proof)` returns `True`. -- _[REJECT]_ The aggregator's validator index is within the current sync committee -- - i.e. `state.validators[contribution_and_proof.aggregator_index].pubkey in state.current_sync_committee.pubkeys`. +- _[IGNORE]_ The sync committee contribution is the first valid contribution received for the aggregator with index `contribution_and_proof.aggregator_index` for the slot `contribution.slot` and subcommittee index `contribution.subcommittee_index`. +- _[REJECT]_ `contribution_and_proof.selection_proof` selects the validator as an aggregator for the slot -- i.e. `is_sync_committee_aggregator(contribution_and_proof.selection_proof)` returns `True`. +- _[REJECT]_ The aggregator's validator index is in the declared subcommittee of the current sync committee -- + i.e. `state.validators[contribution_and_proof.aggregator_index].pubkey in get_sync_subcommittee_pubkeys(state, contribution.subcommittee_index)`. - _[REJECT]_ The `contribution_and_proof.selection_proof` is a valid signature of the `SyncCommitteeSigningData` derived from the `contribution` by the validator with index `contribution_and_proof.aggregator_index`. - _[REJECT]_ The aggregator signature, `signed_contribution_and_proof.signature`, is valid. - _[REJECT]_ The aggregate signature is valid for the message `beacon_block_root` and aggregate pubkey derived from the participation info in `aggregation_bits` for the subcommittee specified by the `subcommittee_index`. From f992a9ae651cdb03722f7368ee62d2c8dc74f058 Mon Sep 17 00:00:00 2001 From: Alex Stokes Date: Tue, 13 Apr 2021 14:45:04 -0700 Subject: [PATCH 2/5] Remove duplicate validation --- specs/altair/p2p-interface.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/specs/altair/p2p-interface.md b/specs/altair/p2p-interface.md index e12b8e01d..08c1682f2 100644 --- a/specs/altair/p2p-interface.md +++ b/specs/altair/p2p-interface.md @@ -117,8 +117,8 @@ The following validations MUST pass before forwarding the `sync_committee_signat - _[IGNORE]_ The signature's slot is for the current slot, i.e. `sync_committee_signature.slot == current_slot`. - _[IGNORE]_ The block being signed over (`sync_committee_signature.beacon_block_root`) has been seen (via both gossip and non-gossip sources). - _[IGNORE]_ There has been no other valid sync committee signature for the declared `slot` for the validator referenced by `sync_committee_signature.validator_index`. -- _[REJECT]_ The validator producing this `sync_committee_signature` is in the current sync committee, i.e. `state.validators[sync_committee_signature.validator_index].pubkey in state.current_sync_committee.pubkeys`. -- _[REJECT]_ The `subnet_id` is correct, i.e. `subnet_id in compute_subnets_for_sync_committee(state, sync_committee_signature.validator_index)`. +- _[REJECT]_ The `subnet_id` is correct, i.e. `subnet_id in compute_subnets_for_sync_committee(state, sync_committee_signature.validator_index)`. + Note this validation implies the validator is part of the broader current sync committee along with the correct subcommittee. - _[REJECT]_ The `signature` is valid for the message `beacon_block_root` for the validator referenced by `validator_index`. #### Sync committees and aggregation From 99b2cc2f3ec01387eea010e6f4c530381e176fd4 Mon Sep 17 00:00:00 2001 From: Alex Stokes Date: Tue, 13 Apr 2021 14:51:20 -0700 Subject: [PATCH 3/5] Clarify usage of field in data --- specs/altair/p2p-interface.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specs/altair/p2p-interface.md b/specs/altair/p2p-interface.md index 08c1682f2..738260cff 100644 --- a/specs/altair/p2p-interface.md +++ b/specs/altair/p2p-interface.md @@ -102,7 +102,7 @@ def get_sync_subcommittee_pubkeys(state: BeaconState, subcommittee_index: uint64 i.e. `state.validators[contribution_and_proof.aggregator_index].pubkey in get_sync_subcommittee_pubkeys(state, contribution.subcommittee_index)`. - _[REJECT]_ The `contribution_and_proof.selection_proof` is a valid signature of the `SyncCommitteeSigningData` derived from the `contribution` by the validator with index `contribution_and_proof.aggregator_index`. - _[REJECT]_ The aggregator signature, `signed_contribution_and_proof.signature`, is valid. -- _[REJECT]_ The aggregate signature is valid for the message `beacon_block_root` and aggregate pubkey derived from the participation info in `aggregation_bits` for the subcommittee specified by the `subcommittee_index`. +- _[REJECT]_ The aggregate signature is valid for the message `beacon_block_root` and aggregate pubkey derived from the participation info in `aggregation_bits` for the subcommittee specified by the `contribution.subcommittee_index`. #### Sync committee subnets From 3c07303c5caee4d21619231a74bd561224d869b2 Mon Sep 17 00:00:00 2001 From: Alex Stokes Date: Thu, 15 Apr 2021 11:28:13 -0700 Subject: [PATCH 4/5] Update specs/altair/p2p-interface.md Co-authored-by: Danny Ryan --- specs/altair/p2p-interface.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specs/altair/p2p-interface.md b/specs/altair/p2p-interface.md index 738260cff..47a5826c5 100644 --- a/specs/altair/p2p-interface.md +++ b/specs/altair/p2p-interface.md @@ -117,7 +117,7 @@ The following validations MUST pass before forwarding the `sync_committee_signat - _[IGNORE]_ The signature's slot is for the current slot, i.e. `sync_committee_signature.slot == current_slot`. - _[IGNORE]_ The block being signed over (`sync_committee_signature.beacon_block_root`) has been seen (via both gossip and non-gossip sources). - _[IGNORE]_ There has been no other valid sync committee signature for the declared `slot` for the validator referenced by `sync_committee_signature.validator_index`. -- _[REJECT]_ The `subnet_id` is correct, i.e. `subnet_id in compute_subnets_for_sync_committee(state, sync_committee_signature.validator_index)`. +- _[REJECT]_ The `subnet_id` is valid for the given validator, i.e. `subnet_id in compute_subnets_for_sync_committee(state, sync_committee_signature.validator_index)`. Note this validation implies the validator is part of the broader current sync committee along with the correct subcommittee. - _[REJECT]_ The `signature` is valid for the message `beacon_block_root` for the validator referenced by `validator_index`. From ebd16e1b799aad5242283652d822700fe3b0584d Mon Sep 17 00:00:00 2001 From: Alex Stokes Date: Thu, 15 Apr 2021 11:46:44 -0700 Subject: [PATCH 5/5] add helper in p2p document to executable spec --- specs/altair/p2p-interface.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/specs/altair/p2p-interface.md b/specs/altair/p2p-interface.md index 47a5826c5..bcd366c66 100644 --- a/specs/altair/p2p-interface.md +++ b/specs/altair/p2p-interface.md @@ -86,11 +86,10 @@ This topic is used to propagate partially aggregated sync committee signatures t The following validations MUST pass before forwarding the `signed_contribution_and_proof` on the network; define `contribution_and_proof = signed_contribution_and_proof.message`, `contribution = contribution_and_proof.contribution`, and the following function `get_sync_subcommittee_pubkeys` for convenience: ```python -SYNC_SUBCOMMITTEE_SIZE = SYNC_COMMITTEE_SIZE // SYNC_COMMITTEE_SUBNET_COUNT - def get_sync_subcommittee_pubkeys(state: BeaconState, subcommittee_index: uint64) -> Sequence[BLSPubkey]: - i = subcommittee_index * SYNC_SUBCOMMITTEE_SIZE - return state.current_sync_committee.pubkeys[i:i+SYNC_SUBCOMMITTEE_SIZE] + sync_subcommittee_size = SYNC_COMMITTEE_SIZE // SYNC_COMMITTEE_SUBNET_COUNT + i = subcommittee_index * sync_subcommittee_size + return state.current_sync_committee.pubkeys[i:i + sync_subcommittee_size] ``` - _[IGNORE]_ The contribution's slot is for the current slot, i.e. `contribution.slot == current_slot`.