Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ICS-06: Solomachine Refactor #821

Merged
merged 13 commits into from
Jan 9, 2023
Merged

Conversation

AdityaSripal
Copy link
Member

@AdityaSripal AdityaSripal commented Aug 16, 2022

Closes: #811
Closes: #812

spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
Co-authored-by: Damian Nolan <damiannolan@gmail.com>
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
clientState.consensusState.diversifier = header.newDiversifier
clientState.consensusState.timestamp = header.timestamp
clientState.consensusState.sequence++
function verifyClientMessage(clientMsg: ClientMessage) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this PR (assuming it gets merged) we are changing the signature of 07-tendermint's verifyClientMessage to return a boolean. Should we do a similar update here then?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I actually prefer the error at least in implementations, since it bubbles up more information to user

Copy link
Contributor

@colin-axner colin-axner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for updating the spec! I think it'll be much easier for other IBC implementations to support the solo machine now. Left mostly questions/comments

spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
Co-authored-by: Carlos Rodriguez <carlos@interchain.io>
Co-authored-by: colin axnér <25233464+colin-axner@users.noreply.github.com>
Copy link
Member

@damiannolan damiannolan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome, looks great. I left some nits and suggestions/questions.

spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
### Validity predicate

The solo machine client `checkValidityAndUpdateState` function checks that the currently registered public key has signed over the new public key with the correct sequence.
The solo machine client `verifyClientMessage` function checks that the currently registered public key and diversifier signed over the client message at the expected sequence. If the client message is an update, then it must be the current sequence. If the client message is misbehaviour then it must be the sequence of the misbehaviour.
Copy link
Member

@damiannolan damiannolan Dec 14, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit on the wording here, what about something like:

The solo machine client verifyClientMessage function checks that the private key associated with the current public key has signed over the client message using the current diversifier and expected sequence.

The diversifier is part of the client message sign bytes which we verify using the pub key, right?
I think it should also be clear that the private key does the actual signing

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the wording with public key is consistent with other documentation regarding public-private key cryptography. Reworded to clarify the diversifier part

spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
spec/client/ics-006-solo-machine-client/README.md Outdated Show resolved Hide resolved
Comment on lines 232 to 238
function updateState(clientMessage: ClientMessage) {
clientState.consensusState.publicKey = header.newPubKey
clientState.consensusState.diversifier = header.newDiversifier
clientState.consensusState.timestamp = header.timestamp
clientState.consensusState.sequence++
clientState.consensusState.timestamp = proof.timestamp
set("clients/{identifier}/clientState", clientState)
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder do we need: abortTransactionUnless(clientMessage instanceof header)

Similarly we could add below for UpdateStateOnMisbehaviour: abortTransactionUnless(clientMessage instanceof misbehaviour)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are called earlier by VerifyClientMessage which does a switch statement on type. They should not be called by any other caller.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ah yes! you're right, nice!


All solo machine client state verification functions simply check a signature, which must be provided by the solo machine.

Note that value concatenation should be implemented in a state-machine-specific escaped fashion.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what is meant by this exactly?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry this was from before. Now that we standardized how signbytes should look it is no longer relevant

AdityaSripal and others added 3 commits December 14, 2022 16:47
Copy link
Contributor

@colin-axner colin-axner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work! LGTM

Path: s2.path,
Data: s2.data
)
// either the path or data must be different in order for the misbehaviour to be valid
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we note that it is not misbehaviour if only the timestamp is different?

@AdityaSripal AdityaSripal merged commit 1a5efad into main Jan 9, 2023
@AdityaSripal AdityaSripal deleted the aditya/solomachine-refactor branch January 9, 2023 19:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Backlog
Development

Successfully merging this pull request may close these issues.

ICS-06: Generic verification functions are missing ICS-06: Remove sequence in Header
5 participants