mirror of
https://github.com/serai-dex/serai.git
synced 2025-12-08 12:19:24 +00:00
Support multiple key shares per validator (#416)
* Update the coordinator to give key shares based on weight, not based on existence Participants are now identified by their starting index. While this compiles, the following is unimplemented: 1) A conversion for DKG `i` values. It assumes the threshold `i` values used will be identical for the MuSig signature used to confirm the DKG. 2) Expansion from compressed values to full values before forwarding to the processor. * Add a fn to the DkgConfirmer to convert `i` values as needed Also removes TODOs regarding Serai ensuring validator key uniqueness + validity. The current infra achieves both. * Have the Tributary DB track participation by shares, not by count * Prevent a node from obtaining 34% of the maximum amount of key shares This is actually mainly intended to set a bound on message sizes in the coordinator. Message sizes are amplified by the amount of key shares held, so setting an upper bound on said amount lets it determine constants. While that upper bound could be 150, that'd be unreasonable and increase the potential for DoS attacks. * Correct the mechanism to detect if sufficient accumulation has occured It used to check if the latest accumulation hit the required threshold. Now, accumulations may jump past the required threshold. The required mechanism is to check the threshold wasn't prior met and is now met. * Finish updating the coordinator to handle a multiple key share per validator environment * Adjust stategy re: preventing noce reuse in DKG Confirmer * Add TODOs regarding dropped transactions, add possible TODO fix * Update tests/coordinator This doesn't add new multi-key-share tests, it solely updates the existing single key-share tests to compile and run, with the necessary fixes to the coordinator. * Update processor key_gen to handle generating multiple key shares at once * Update SubstrateSigner * Update signer, clippy * Update processor tests * Update processor docker tests
This commit is contained in:
Luke Parker
GitHub
@@ -101,19 +101,16 @@ async fn add_tributary<D: Db, Pro: Processors, P: P2p>(
|
||||
// If we're rebooting, we'll re-fire this message
|
||||
// This is safe due to the message-queue deduplicating based off the intent system
|
||||
let set = spec.set();
|
||||
let our_i = spec
|
||||
.i(Ristretto::generator() * key.deref())
|
||||
.expect("adding a tributary for a set we aren't in set for");
|
||||
processors
|
||||
.send(
|
||||
set.network,
|
||||
processor_messages::key_gen::CoordinatorMessage::GenerateKey {
|
||||
id: processor_messages::key_gen::KeyGenId { set, attempt: 0 },
|
||||
params: frost::ThresholdParams::new(
|
||||
spec.t(),
|
||||
spec.n(),
|
||||
spec
|
||||
.i(Ristretto::generator() * key.deref())
|
||||
.expect("adding a tributary for a set we aren't in set for"),
|
||||
)
|
||||
.unwrap(),
|
||||
params: frost::ThresholdParams::new(spec.t(), spec.n(), our_i.start).unwrap(),
|
||||
shares: u16::from(our_i.end) - u16::from(our_i.start),
|
||||
},
|
||||
)
|
||||
.await;
|
||||
@@ -426,18 +423,29 @@ async fn handle_processor_message<D: Db, P: P2p>(
|
||||
// Create a MuSig-based machine to inform Substrate of this key generation
|
||||
let nonces = crate::tributary::dkg_confirmation_nonces(key, spec, id.attempt);
|
||||
|
||||
let our_i = spec
|
||||
.i(pub_key)
|
||||
.expect("processor message to DKG for a session we aren't a validator in");
|
||||
|
||||
// `tx_shares` needs to be done here as while it can be serialized from the HashMap
|
||||
// without further context, it can't be deserialized without context
|
||||
let mut tx_shares = Vec::with_capacity(shares.len());
|
||||
for i in 1 ..= spec.n() {
|
||||
let i = Participant::new(i).unwrap();
|
||||
if i ==
|
||||
spec
|
||||
.i(pub_key)
|
||||
.expect("processor message to DKG for a session we aren't a validator in")
|
||||
{
|
||||
if our_i.contains(&i) {
|
||||
for shares in &shares {
|
||||
if shares.contains_key(&i) {
|
||||
panic!("processor sent us our own shares");
|
||||
}
|
||||
}
|
||||
continue;
|
||||
}
|
||||
tx_shares
|
||||
.push(shares.remove(&i).expect("processor didn't send share for another validator"));
|
||||
tx_shares.push(vec![]);
|
||||
for shares in &mut shares {
|
||||
tx_shares.last_mut().unwrap().push(
|
||||
shares.remove(&i).expect("processor didn't send share for another validator"),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
vec![Transaction::DkgShares {
|
||||
@@ -474,14 +482,14 @@ async fn handle_processor_message<D: Db, P: P2p>(
|
||||
}
|
||||
},
|
||||
ProcessorMessage::Sign(msg) => match msg {
|
||||
sign::ProcessorMessage::Preprocess { id, preprocess } => {
|
||||
sign::ProcessorMessage::Preprocess { id, preprocesses } => {
|
||||
if id.attempt == 0 {
|
||||
MainDb::<D>::save_first_preprocess(
|
||||
&mut txn,
|
||||
network,
|
||||
RecognizedIdType::Plan,
|
||||
id.id,
|
||||
preprocess,
|
||||
preprocesses,
|
||||
);
|
||||
|
||||
vec![]
|
||||
@@ -489,17 +497,19 @@ async fn handle_processor_message<D: Db, P: P2p>(
|
||||
vec![Transaction::SignPreprocess(SignData {
|
||||
plan: id.id,
|
||||
attempt: id.attempt,
|
||||
data: preprocess,
|
||||
data: preprocesses,
|
||||
signed: Transaction::empty_signed(),
|
||||
})]
|
||||
}
|
||||
}
|
||||
sign::ProcessorMessage::Share { id, share } => vec![Transaction::SignShare(SignData {
|
||||
plan: id.id,
|
||||
attempt: id.attempt,
|
||||
data: share,
|
||||
signed: Transaction::empty_signed(),
|
||||
})],
|
||||
sign::ProcessorMessage::Share { id, shares } => {
|
||||
vec![Transaction::SignShare(SignData {
|
||||
plan: id.id,
|
||||
attempt: id.attempt,
|
||||
data: shares,
|
||||
signed: Transaction::empty_signed(),
|
||||
})]
|
||||
}
|
||||
sign::ProcessorMessage::Completed { key: _, id, tx } => {
|
||||
let r = Zeroizing::new(<Ristretto as Ciphersuite>::F::random(&mut OsRng));
|
||||
#[allow(non_snake_case)]
|
||||
@@ -522,7 +532,7 @@ async fn handle_processor_message<D: Db, P: P2p>(
|
||||
},
|
||||
ProcessorMessage::Coordinator(inner_msg) => match inner_msg {
|
||||
coordinator::ProcessorMessage::SubstrateBlockAck { .. } => unreachable!(),
|
||||
coordinator::ProcessorMessage::BatchPreprocess { id, block, preprocess } => {
|
||||
coordinator::ProcessorMessage::BatchPreprocess { id, block, preprocesses } => {
|
||||
log::info!(
|
||||
"informed of batch (sign ID {}, attempt {}) for block {}",
|
||||
hex::encode(id.id),
|
||||
@@ -538,7 +548,7 @@ async fn handle_processor_message<D: Db, P: P2p>(
|
||||
spec.set().network,
|
||||
RecognizedIdType::Batch,
|
||||
id.id,
|
||||
preprocess,
|
||||
preprocesses,
|
||||
);
|
||||
|
||||
// If this is the new key's first Batch, only create this TX once we verify all
|
||||
@@ -550,6 +560,10 @@ async fn handle_processor_message<D: Db, P: P2p>(
|
||||
if last_received != 0 {
|
||||
// Decrease by 1, to get the ID of the Batch prior to this Batch
|
||||
let prior_sets_last_batch = last_received - 1;
|
||||
// TODO: If we're looping here, we're not handling the messages we need to in order
|
||||
// to create the Batch we're looking for
|
||||
// Don't have the processor yield the handover batch untill the batch before is
|
||||
// acknowledged on-chain?
|
||||
loop {
|
||||
let successfully_verified = substrate::verify_published_batches::<D>(
|
||||
&mut txn,
|
||||
@@ -598,16 +612,16 @@ async fn handle_processor_message<D: Db, P: P2p>(
|
||||
vec![Transaction::BatchPreprocess(SignData {
|
||||
plan: id.id,
|
||||
attempt: id.attempt,
|
||||
data: preprocess,
|
||||
data: preprocesses,
|
||||
signed: Transaction::empty_signed(),
|
||||
})]
|
||||
}
|
||||
}
|
||||
coordinator::ProcessorMessage::BatchShare { id, share } => {
|
||||
coordinator::ProcessorMessage::BatchShare { id, shares } => {
|
||||
vec![Transaction::BatchShare(SignData {
|
||||
plan: id.id,
|
||||
attempt: id.attempt,
|
||||
data: share.to_vec(),
|
||||
data: shares.into_iter().map(|share| share.to_vec()).collect(),
|
||||
signed: Transaction::empty_signed(),
|
||||
})]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user