Slashing v2 #1278
Slashing v2 #1278
Conversation
cwgoes
dismissed
rigelrozanski’s stale review
Addressed comments & added an extra test in x/stake/handler_test.go
cwgoes
force-pushed
the
cwgoes/slashing-version-two
branch
2 times, most recently
from
d0a7017
to
68406dd
Compare
cwgoes
force-pushed
the
cwgoes/slashing-version-two
branch
from
68406dd
to
c1987da
Compare
cwgoes
force-pushed
the
cwgoes/slashing-version-two
branch
from
200a8b0
to
9bc99f1
Compare
cwgoes
force-pushed
the
cwgoes/slashing-version-two
branch
from
b88f82c
to
30d9d90
Compare
| defer cleanup() | ||
|
|
||
| signingInfo := getSigningInfo(t, port, pks[0].Address()) | ||
| tests.WaitForHeight(4, port) |
There was a problem hiding this comment.
Would be better to use tests.WaitForNextNBlocksTM
| @@ -38,6 +38,11 @@ func (v Validator) GetDelegatorShares() sdk.Rat { | |||
| return sdk.ZeroRat() | |||
| } | |||
|
|
|||
| // Implements sdk.Validator | |||
There was a problem hiding this comment.
Is this sdk.Validator, or x/stake/types.Validator?`
There was a problem hiding this comment.
It is sdk.Validator (types/stake.go), to which GetRevoked() was added.
x/slashing/tick.go
Outdated
| // Iterate over all the validators which *should* have signed this block | ||
| for _, signingValidator := range req.Validators { | ||
| present := signingValidator.SignedLastBlock | ||
| pubkey, err := tmtypes.PB2TM.PubKey(signingValidator.Validator.PubKey) |
There was a problem hiding this comment.
Can there be a comment here regarding what the goal of this loop is? Is it just to figure out which validators signed the block? (wasn't clear to me) If so, is this for liveness slashing?
There was a problem hiding this comment.
Yes; for downtime slashing, added a comment.
x/stake/keeper/slash.go
Outdated
| // slash a validator | ||
| func (k Keeper) Slash(ctx sdk.Context, pubkey crypto.PubKey, height int64, fraction sdk.Rat) { | ||
| // slash an unbonding delegation and update the pool | ||
| func (k Keeper) slashUnbondingDelegation(ctx sdk.Context, unbondingDelegation types.UnbondingDelegation, infractionHeight int64, fraction sdk.Rat) (slashAmount sdk.Int) { |
There was a problem hiding this comment.
can fraction be renamed to something more descriptive, perhaps slashFactor?
There was a problem hiding this comment.
Changed to slashFraction.
x/stake/keeper/slash.go
Outdated
| // Calculate slash amount proportional to stake contributing to infraction | ||
| slashAmount = sdk.NewRatFromInt(unbondingDelegation.InitialBalance.Amount, sdk.OneInt()).Mul(fraction).EvaluateInt() | ||
|
|
||
| // Don't slash more tokens than held |
There was a problem hiding this comment.
Write a note here, that this is a concern since this unbonding delegation may have already been slashed once, and we slash based on initial balance.
There was a problem hiding this comment.
Added comment, here and for the same check on redelegation.
x/stake/keeper/slash.go
Outdated
| } | ||
|
|
||
| // Calculate slash amount proportional to stake contributing to infraction | ||
| slashAmount = sdk.NewRatFromInt(unbondingDelegation.InitialBalance.Amount, sdk.OneInt()).Mul(fraction).EvaluateInt() |
There was a problem hiding this comment.
Do we want a sanity check that this is a non-negative number? I think that would improve overall safety, and it shouldn't be an expensive check.
There was a problem hiding this comment.
Added a sanity check for the sign of slashFraction.
x/stake/keeper/slash.go
Outdated
| // Calculate slash amount proportional to stake contributing to infraction | ||
| slashAmount = sdk.NewRatFromInt(redelegation.InitialBalance.Amount, sdk.OneInt()).Mul(fraction).EvaluateInt() | ||
|
|
||
| // Don't slash more tokens than held |
There was a problem hiding this comment.
Same two comments as above. (sanity check for positive slashAmount, indicate why slashing more tokens than held would be a concern)
There was a problem hiding this comment.
Added comment, added sanity check in the top-level Slash() function.
x/stake/keeper/slash.go
Outdated
| slashAmount = sdk.NewRatFromInt(redelegation.InitialBalance.Amount, sdk.OneInt()).Mul(fraction).EvaluateInt() | ||
|
|
||
| // Don't slash more tokens than held | ||
| redelegationSlashAmount := slashAmount |
There was a problem hiding this comment.
Can more indication be given as to the justification for this rename?
x/stake/keeper/slash.go
Outdated
| } | ||
|
|
||
| // slash a redelegation and update the pool | ||
| func (k Keeper) slashRedelegation(ctx sdk.Context, validator types.Validator, redelegation types.Redelegation, infractionHeight int64, fraction sdk.Rat) (slashAmount sdk.Int) { |
There was a problem hiding this comment.
Can fraction be renamed to slashFactor
There was a problem hiding this comment.
Changed to slashFraction.
x/stake/keeper/slash.go
Outdated
| // CONTRACT: | ||
| // Infraction committed at the current height or at a past height, | ||
| // not at a height in the future | ||
| func (k Keeper) Slash(ctx sdk.Context, pubkey crypto.PubKey, infractionHeight int64, power int64, fraction sdk.Rat) { |
There was a problem hiding this comment.
Could this function be placed above the previous two? (Sorry for the extremely minor nitpick here. I think it would be useful structurally to see the contract first though)
Also can fraction be renamed to slashFactor
There was a problem hiding this comment.
Moved, now slashFactor.
x/stake/keeper/slash.go
Outdated
| logger.Info(fmt.Sprintf("Validator %s slashed by fraction %v, removed %v shares and burned %d tokens", pubkey.Address(), fraction, sharesToRemove, burned)) | ||
|
|
There was a problem hiding this comment.
Can there be a sanity check that that the remaining slash amount = 0?
There was a problem hiding this comment.
It's not necessarily zero; most of the stake may still be bonded.
cwgoes
force-pushed
the
cwgoes/slashing-version-two
branch
from
bbe1ea2
to
e46e687
Compare
* Update reproducible build command to use latest reproducible build docker image from https://github.com/tendermint/images which is published on the tendermintdev dockerhub account * Update RELEASING.md * Update RELEASING.md * Update join-mainnet.md
Implement semifinal Gaia slashing spec (#1263), less #1348, #1378, and #1440 which are TBD.
Closes #1117
Mostly blocked on finalization of #1119Merged!Wants tendermint/tendermint#1803, but doesn't need to block merge