WiP: Double Publish and double Marry Malfeasance Proofs for ATX v2 #6043
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## develop #6043 +/- ##
=========================================
- Coverage 81.5% 81.4% -0.2%
=========================================
Files 301 302 +1
Lines 32257 32396 +139
=========================================
+ Hits 26319 26387 +68
- Misses 4219 4289 +70
- Partials 1719 1720 +1 ☔ View full report in Codecov by Sentry. |
| // the one proven to be malfeasant. Up to 1024 can be put into a single proof, since by repeatedly marrying other | ||
| // identities there can be much more than 256 in a malfeasant marriage set. Beyond that a second proof could be | ||
| // provided to show that additional identities are part of the same malfeasant marriage set. | ||
| Certificates []ProofCertificate `scale:"max=1024"` |
There was a problem hiding this comment.
Maybe name it
| Certificates []ProofCertificate `scale:"max=1024"` | |
| Certificates []MarriageCertificate `scale:"max=1024"` |
There was a problem hiding this comment.
MarriageCertificate already exists as a type in the wire package (for v2 ATXs) but this is a different type it not only contains the signature and the payload but also the signer (which isn't needed for ATXs).
| type ProofCertificate struct { | ||
| // Target of the certificate, i.e. the identity that signed the ATX containing the original certificate. | ||
| Target types.NodeID | ||
| // ID is the identity that signed the certificate. | ||
| ID types.NodeID | ||
| // Signature is the signature of the certificate, i.e. ID signed with the key of SmesherID. | ||
| Signature types.EdSignature | ||
| } |
There was a problem hiding this comment.
Having Target in each certificate is quite redundant as in most cases, all certs will share it. How about structure like this:
type MarriageCertificates {
Target types.NodeID
Certificates []MarriageCertificate `scale:"max=256"`
}
type ATXProof struct {
ProofType ProofType
Certificates []MarriageCertificates `scale:"max=2"`
Proof []byte `scale:"max=1048576"`
}
fasmat
force-pushed
the
malfeasance-v2
branch
2 times, most recently
from
0cbe462
to
4076706
Compare
|
superseded by #6043 |
Motivation
This adds the first two malfeasance proofs for ATXv2: double publish and double marry.
Description
Double Publish
If an identity publishes two ATXs with the same publish epoch they become malfeasant. This proof verifies that a given ATX was created by the same identity and targets the same epoch. It works basically the same as the previous double publish proof, except that merkle trees are used instead of a signature where the payloads first 4 bytes are the publish epoch.
Double Marry
If an identity is part of more than one marriage it is considered malfeasant. This Proof shows that two ATXs containing marriage certificates contain certificates signed by the same identity.
To simplify this proof the main identity (the one that signs the ATX) has to include a marriage certificate marrying themselves, otherwise we would need additional proofs: i.e. 2 ATXs signed by the same identity containing marriage certificates and one for the case where one ATX containing marriage certificates is signed by identity A and another ATX signed by B contains a marriage certificate of A.
Creating and verifying proofs
Both types of proofs have a
New...Prooffunction that creates them. This function does some basic checks to prevent creating an invalid malfeasance proof if two ATXs that do not show malfeasant behavior are passed as arguments.The wire types for the malfeasance proofs have a
Validmethod that can be called to check if the malfeasance proof is valid. It returns anerrorthat is notnilwhen the proof is invalid and explains why it is invalid.Test Plan
For both malfeasance proofs multiple tests have been added to verify they are working correctly.
TODO