Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ADR-25): Remove voting power from jailed finality providers #65

Merged
merged 13 commits into from
Sep 16, 2024
8 changes: 4 additions & 4 deletions proto/babylon/btcstaking/v1/btcstaking.proto
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,8 @@ message FinalityProvider {
// the finality provider is slashed.
// if it's 0 then the finality provider is not slashed
uint64 slashed_btc_height = 7;
// sluggish defines whether the finality provider is detected sluggish
bool sluggish = 8;
// jailed defines whether the finality provider is jailed
bool jailed = 8;
}

// FinalityProviderWithMeta wraps the FinalityProvider with metadata.
Expand All @@ -54,8 +54,8 @@ message FinalityProviderWithMeta {
// the finality provider is slashed.
// if it's 0 then the finality provider is not slashed
uint64 slashed_btc_height = 5;
// sluggish defines whether the finality provider is detected sluggish
bool sluggish = 6;
// jailed defines whether the finality provider is detected jailed
bool jailed = 6;
}

// BTCDelegation defines a BTC delegation
Expand Down
10 changes: 9 additions & 1 deletion proto/babylon/btcstaking/v1/events.proto
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,19 @@ message EventPowerDistUpdate {
bytes pk = 1 [ (gogoproto.customtype) = "github.com/babylonlabs-io/babylon/types.BIP340PubKey" ];
}

// EventJailedFinalityProvider defines an event that a finality provider
// is jailed after being detected sluggish
message EventJailedFinalityProvider {
RafilxTenfen marked this conversation as resolved.
Show resolved Hide resolved
bytes pk = 1 [ (gogoproto.customtype) = "github.com/babylonlabs-io/babylon/types.BIP340PubKey" ];
}

// ev is the event that affects voting power distribution
oneof ev {
// slashed_fp means a finality provider is slashed
EventSlashedFinalityProvider slashed_fp = 1;
// jailed_fp means a finality provider is jailed
EventJailedFinalityProvider jailed_fp = 2;
SebastianElvis marked this conversation as resolved.
Show resolved Hide resolved
// btc_del_state_update means a BTC delegation's state is updated
EventBTCDelegationStateUpdate btc_del_state_update = 2;
EventBTCDelegationStateUpdate btc_del_state_update = 3;
}
}
4 changes: 2 additions & 2 deletions proto/babylon/btcstaking/v1/query.proto
Original file line number Diff line number Diff line change
Expand Up @@ -349,6 +349,6 @@ message FinalityProviderResponse {
uint64 height = 8;
// voting_power is the voting power of this finality provider at the given height
uint64 voting_power = 9;
// sluggish defines whether the finality provider is detected sluggish
bool sluggish = 10;
// jailed defines whether the finality provider is jailed
bool jailed = 10;
}
13 changes: 3 additions & 10 deletions proto/babylon/finality/v1/events.proto
Original file line number Diff line number Diff line change
Expand Up @@ -12,16 +12,9 @@ message EventSlashedFinalityProvider {
Evidence evidence = 1;
}

// EventSluggishFinalityProviderDetected is the event emitted when a finality provider is
// detected as sluggish
message EventSluggishFinalityProviderDetected {
// public_key is the BTC public key of the finality provider
string public_key = 1;
}

// EventSluggishFinalityProviderReverted is the event emitted when a sluggish finality
// provider is no longer considered sluggish
message EventSluggishFinalityProviderReverted {
// EventJailedFinalityProvider is the event emitted when a finality provider is
// jailed due to inactivity
message EventJailedFinalityProvider {
// public_key is the BTC public key of the finality provider
string public_key = 1;
}
5 changes: 5 additions & 0 deletions proto/babylon/finality/v1/finality.proto
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ package babylon.finality.v1;
option go_package = "github.com/babylonlabs-io/babylon/x/finality/types";

import "gogoproto/gogo.proto";
import "amino/amino.proto";
import "google/protobuf/timestamp.proto";

// IndexedBlock is the necessary metadata and finalization status of a block
message IndexedBlock {
Expand Down Expand Up @@ -64,4 +66,7 @@ message FinalityProviderSigningInfo {
// missed_blocks_counter defines a counter to avoid unnecessary array reads.
// Note that `Sum(MissedBlocksBitArray)` always equals `MissedBlocksCounter`.
int64 missed_blocks_counter = 3;
// Timestamp until which the validator is jailed due to liveness downtime.
google.protobuf.Timestamp jailed_until = 4
[(gogoproto.stdtime) = true, (gogoproto.nullable) = false, (amino.dont_omitempty) = true];
RafilxTenfen marked this conversation as resolved.
Show resolved Hide resolved
}
6 changes: 5 additions & 1 deletion proto/babylon/finality/v1/params.proto
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ package babylon.finality.v1;
import "gogoproto/gogo.proto";
import "amino/amino.proto";
import "cosmos_proto/cosmos.proto";
import "google/protobuf/duration.proto";

option go_package = "github.com/babylonlabs-io/babylon/x/finality/types";

Expand All @@ -16,7 +17,7 @@ message Params {
// vote before being judged as missing their voting turn on the given block
int64 finality_sig_timeout = 2;
// min_signed_per_window defines the minimum number of blocks that a finality provider is required to sign
// within the sliding window to avoid being detected as sluggish
// within the sliding window to avoid being jailed
bytes min_signed_per_window = 3 [
(cosmos_proto.scalar) = "cosmos.Dec",
(gogoproto.customtype) = "cosmossdk.io/math.LegacyDec",
Expand All @@ -26,4 +27,7 @@ message Params {
// min_pub_rand is the minimum number of public randomness each
// message should commit
uint64 min_pub_rand = 4;
// jail_duration is the minimum period of time that a finality provider remains jailed
google.protobuf.Duration jail_duration = 5
[(gogoproto.nullable) = false, (amino.dont_omitempty) = true, (gogoproto.stdduration) = true];
}
32 changes: 24 additions & 8 deletions x/btcstaking/keeper/finality_providers.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,24 +102,40 @@ func (k Keeper) SlashFinalityProvider(ctx context.Context, fpBTCPK []byte) error
return nil
}

// RevertSluggishFinalityProvider sets the Sluggish flag of the given finality provider
// to false
func (k Keeper) RevertSluggishFinalityProvider(ctx context.Context, fpBTCPK []byte) error {
// JailFinalityProvider jails a finality provider with the given PK
// A jailed finality provider will not have voting power until it is
// unjailed (assuming it still ranks top N and has timestamped pub rand)
func (k Keeper) JailFinalityProvider(ctx context.Context, fpBTCPK []byte) error {
// ensure finality provider exists
fp, err := k.GetFinalityProvider(ctx, fpBTCPK)
if err != nil {
return err
}

// ignore the finality provider is already slashed
// or detected as sluggish
if fp.IsSlashed() || fp.IsSluggish() {
return nil
// ensure finality provider is not slashed yet
if fp.IsSlashed() {
return types.ErrFpAlreadySlashed
}

fp.Sluggish = false
// ensure finality provider is not jailed yet
if fp.IsJailed() {
return types.ErrFpAlreadyJailed
}

// set finality provider to be jailed
fp.Jailed = true
k.setFinalityProvider(ctx, fp)

btcTip := k.btclcKeeper.GetTipInfo(ctx)
if btcTip == nil {
return fmt.Errorf("failed to get current BTC tip")
}

// record jailed event. The next `BeginBlock` will consume this
// event for updating the finality provider set
powerUpdateEvent := types.NewEventPowerDistUpdateWithJailedFP(fp.BtcPk)
k.addPowerDistUpdateEvent(ctx, btcTip.Height, powerUpdateEvent)

return nil
}

Expand Down
16 changes: 1 addition & 15 deletions x/btcstaking/keeper/hooks.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ package keeper

import (
"context"
"fmt"

bbntypes "github.com/babylonlabs-io/babylon/types"
"github.com/babylonlabs-io/babylon/x/finality/types"
Expand All @@ -22,18 +21,5 @@ func (k Keeper) Hooks() Hooks {

// AfterSluggishFinalityProviderDetected updates the status of the given finality provider to `sluggish`
func (h Hooks) AfterSluggishFinalityProviderDetected(ctx context.Context, fpPk *bbntypes.BIP340PubKey) error {
SebastianElvis marked this conversation as resolved.
Show resolved Hide resolved
fp, err := h.k.GetFinalityProvider(ctx, fpPk.MustMarshal())
if err != nil {
return err
}

if fp.IsSluggish() {
return fmt.Errorf("the finality provider %s is already detected as sluggish", fpPk.MarshalHex())
}

fp.Sluggish = true

h.k.setFinalityProvider(ctx, fp)

return nil
return h.k.JailFinalityProvider(ctx, fpPk.MustMarshal())
}
19 changes: 11 additions & 8 deletions x/btcstaking/keeper/power_dist_change.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ func (k Keeper) UpdatePowerDist(ctx context.Context) {

// reconcile old voting power distribution cache and new events
// to construct the new distribution
newDc := k.ProcessAllPowerDistUpdateEvents(ctx, dc, events, maxActiveFps)
newDc := k.ProcessAllPowerDistUpdateEvents(ctx, dc, events)

// record voting power and cache for this height
k.recordVotingPowerAndCache(ctx, dc, newDc, maxActiveFps)
Expand Down Expand Up @@ -150,15 +150,14 @@ func (k Keeper) ProcessAllPowerDistUpdateEvents(
ctx context.Context,
dc *types.VotingPowerDistCache,
events []*types.EventPowerDistUpdate,
maxActiveFps uint32,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this max being enforced somewhere else? Just curious.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, here

k.recordVotingPowerAndCache(ctx, dc, newDc, maxActiveFps)
.

) *types.VotingPowerDistCache {
// a map where key is finality provider's BTC PK hex and value is a list
// of BTC delegations that newly become active under this provider
activeBTCDels := map[string][]*types.BTCDelegation{}
// a map where key is unbonded BTC delegation's staking tx hash
unbondedBTCDels := map[string]struct{}{}
// a map where key is slashed finality providers' BTC PK
slashedFPs := map[string]struct{}{}
// a map where key is slashed or jailed finality providers' BTC PK
slashedOrJailedFPs := map[string]struct{}{}

/*
filter and classify all events into new/expired BTC delegations and slashed FPs
Expand All @@ -183,8 +182,11 @@ func (k Keeper) ProcessAllPowerDistUpdateEvents(
unbondedBTCDels[delEvent.StakingTxHash] = struct{}{}
}
case *types.EventPowerDistUpdate_SlashedFp:
// slashed finality providers
slashedFPs[typedEvent.SlashedFp.Pk.MarshalHex()] = struct{}{}
// record slashed fps
slashedOrJailedFPs[typedEvent.SlashedFp.Pk.MarshalHex()] = struct{}{}
case *types.EventPowerDistUpdate_JailedFp:
// record jailed fps
slashedOrJailedFPs[typedEvent.JailedFp.Pk.MarshalHex()] = struct{}{}
}
}

Expand All @@ -208,8 +210,9 @@ func (k Keeper) ProcessAllPowerDistUpdateEvents(

fpBTCPKHex := fp.BtcPk.MarshalHex()

// if this finality provider is slashed, continue to avoid recording it
if _, ok := slashedFPs[fpBTCPKHex]; ok {
// if this finality provider is slashed or jailed, continue to avoid
// assigning voting power to it
if _, ok := slashedOrJailedFPs[fpBTCPKHex]; ok {
continue
}

Expand Down
103 changes: 100 additions & 3 deletions x/btcstaking/keeper/power_dist_change_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,15 +58,15 @@ func FuzzProcessAllPowerDistUpdateEvents_Determinism(f *testing.F) {
}
}

newDc := h.BTCStakingKeeper.ProcessAllPowerDistUpdateEvents(h.Ctx, dc, events, 100)
newDc := h.BTCStakingKeeper.ProcessAllPowerDistUpdateEvents(h.Ctx, dc, events)
for i := 0; i < 10; i++ {
newDc2 := h.BTCStakingKeeper.ProcessAllPowerDistUpdateEvents(h.Ctx, dc, events, 100)
newDc2 := h.BTCStakingKeeper.ProcessAllPowerDistUpdateEvents(h.Ctx, dc, events)
require.Equal(t, newDc, newDc2)
}
})
}

func FuzzFinalityProviderEvents(f *testing.F) {
func FuzzSlashFinalityProviderEvent(f *testing.F) {
datagen.AddRandomSeedsToFuzzer(f, 10)

f.Fuzz(func(t *testing.T, seed int64) {
Expand Down Expand Up @@ -125,6 +125,12 @@ func FuzzFinalityProviderEvents(f *testing.F) {
err = h.BTCStakingKeeper.SlashFinalityProvider(h.Ctx, fp.BtcPk.MustMarshal())
h.NoError(err)

err = h.BTCStakingKeeper.SlashFinalityProvider(h.Ctx, fp.BtcPk.MustMarshal())
require.ErrorIs(t, err, types.ErrFpAlreadySlashed)

err = h.BTCStakingKeeper.JailFinalityProvider(h.Ctx, fp.BtcPk.MustMarshal())
require.ErrorIs(t, err, types.ErrFpAlreadySlashed)

// at this point, there should be only 1 event that the finality provider is slashed
btcTipHeight := btclcKeeper.GetTipInfo(h.Ctx).Height
h.BTCStakingKeeper.IteratePowerDistUpdateEvents(h.Ctx, btcTipHeight, func(ev *types.EventPowerDistUpdate) bool {
Expand All @@ -145,6 +151,97 @@ func FuzzFinalityProviderEvents(f *testing.F) {
})
}

func FuzzJailFinalityProviderEvents(f *testing.F) {
datagen.AddRandomSeedsToFuzzer(f, 10)

f.Fuzz(func(t *testing.T, seed int64) {
r := rand.New(rand.NewSource(seed))
ctrl := gomock.NewController(t)
defer ctrl.Finish()

// mock BTC light client and BTC checkpoint modules
btclcKeeper := types.NewMockBTCLightClientKeeper(ctrl)
btccKeeper := types.NewMockBtcCheckpointKeeper(ctrl)
finalityKeeper := types.NewMockFinalityKeeper(ctrl)
finalityKeeper.EXPECT().HasTimestampedPubRand(gomock.Any(), gomock.Any(), gomock.Any()).Return(true).AnyTimes()
h := NewHelper(t, btclcKeeper, btccKeeper, finalityKeeper)

// set all parameters
covenantSKs, _ := h.GenAndApplyParams(r)
changeAddress, err := datagen.GenRandomBTCAddress(r, h.Net)
require.NoError(t, err)

// generate and insert new finality provider
_, fpPK, fp := h.CreateFinalityProvider(r)

/*
insert new BTC delegation and give it covenant quorum
ensure that it has voting power
*/
stakingValue := int64(2 * 10e8)
_, _, _, msgCreateBTCDel, actualDel := h.CreateDelegation(
r,
fpPK,
changeAddress.EncodeAddress(),
stakingValue,
1000,
)
// give it a quorum number of covenant signatures
msgs := h.GenerateCovenantSignaturesMessages(r, covenantSKs, msgCreateBTCDel, actualDel)
for i := 0; i < int(h.BTCStakingKeeper.GetParams(h.Ctx).CovenantQuorum); i++ {
_, err = h.MsgServer.AddCovenantSigs(h.Ctx, msgs[i])
h.NoError(err)
}

// execute BeginBlock
btcTip := btclcKeeper.GetTipInfo(h.Ctx)
babylonHeight := datagen.RandomInt(r, 10) + 1
h.SetCtxHeight(babylonHeight)
h.BTCLightClientKeeper.EXPECT().GetTipInfo(gomock.Eq(h.Ctx)).Return(btcTip).AnyTimes()
err = h.BTCStakingKeeper.BeginBlocker(h.Ctx)
h.NoError(err)
// ensure the finality provider is not jailed and has voting power at this height

fpBeforeJailing, err := h.BTCStakingKeeper.GetFinalityProvider(h.Ctx, fp.BtcPk.MustMarshal())
h.NoError(err)
require.False(t, fpBeforeJailing.IsJailed())
require.Equal(t, uint64(stakingValue), h.BTCStakingKeeper.GetVotingPower(h.Ctx, *fp.BtcPk, babylonHeight))

/*
Jail the finality provider and execute BeginBlock
Then, ensure the finality provider does not have voting power anymore
*/
err = h.BTCStakingKeeper.JailFinalityProvider(h.Ctx, fp.BtcPk.MustMarshal())
h.NoError(err)

err = h.BTCStakingKeeper.JailFinalityProvider(h.Ctx, fp.BtcPk.MustMarshal())
require.ErrorIs(t, err, types.ErrFpAlreadyJailed)

// ensure the jailed label is set
fpAfter, err := h.BTCStakingKeeper.GetFinalityProvider(h.Ctx, fp.BtcPk.MustMarshal())
h.NoError(err)
require.True(t, fpAfter.IsJailed())

// at this point, there should be only 1 event that the finality provider is jailed
btcTipHeight := btclcKeeper.GetTipInfo(h.Ctx).Height
h.BTCStakingKeeper.IteratePowerDistUpdateEvents(h.Ctx, btcTipHeight, func(ev *types.EventPowerDistUpdate) bool {
jailedFPEvent := ev.GetJailedFp()
require.NotNil(t, jailedFPEvent)
require.Equal(t, fp.BtcPk.MustMarshal(), jailedFPEvent.Pk.MustMarshal())
return true
})

// execute BeginBlock
babylonHeight += 1
h.SetCtxHeight(babylonHeight)
h.BTCLightClientKeeper.EXPECT().GetTipInfo(gomock.Eq(h.Ctx)).Return(btcTip).AnyTimes()
err = h.BTCStakingKeeper.BeginBlocker(h.Ctx)
h.NoError(err)
// ensure the finality provider does not have voting power anymore
require.Zero(t, h.BTCStakingKeeper.GetVotingPower(h.Ctx, *fp.BtcPk, babylonHeight))
})
}

func FuzzBTCDelegationEvents(f *testing.F) {
datagen.AddRandomSeedsToFuzzer(f, 10)

Expand Down
4 changes: 2 additions & 2 deletions x/btcstaking/types/btcstaking.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,8 @@ func (fp *FinalityProvider) IsSlashed() bool {
return fp.SlashedBabylonHeight > 0
}

func (fp *FinalityProvider) IsSluggish() bool {
return fp.Sluggish
func (fp *FinalityProvider) IsJailed() bool {
return fp.Jailed
}

func (fp *FinalityProvider) ValidateBasic() error {
Expand Down
Loading
Loading