fix: new fork 'withdrawals' and fixes for asset unlock signature verification

[knst]

Issue being fixed or feature implemented

https://github.com/dashpay/dash-issues/issues/83

What was done?

Introduces new fork "withdrawals" which let Asset Unlock be valid for any active quorum + 1 extra inactive (in opposite of hard-coded 2 of them).

How Has This Been Tested?

See new test section test_withdrawals_fork in functional test feature_asset_locks.py

Breaking Changes

• new fork "withdrawals"
• new logic of validation of Asset Unlock transactions's signature. Even no asset-unlock is mined yet, previous version of clients will refuse blocks which is fine for current system

Checklist:

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have added or updated relevant unit/integration/functional/e2e tests
• I have made corresponding changes to the documentation
• I have assigned this pull request to a milestone

[thephez]

Start time and timeout values for each network should be updated to something more relevant before merging

[UdjinM6]

1. nStartTime should be somewhere in the (near) future
2. nStartTime and nTimeout should be 1 year apart on mainnet

[github-actions]

This pull request has conflicts, please rebase.

[PastaPastaPasta]

Needs rebase?

[knst]

Needs rebase?

it depends on #6275 (bury mn_rr) also, which is not merged yet; will rebase after

[github-actions]

This pull request has conflicts, please rebase.

[UdjinM6]

1. nStartTime should be somewhere in the (near) future
2. nStartTime and nTimeout should be 1 year apart on mainnet

[UdjinM6]

could use keepOldConnections here

Suggested change

	const int quorums_to_scan = DeploymentActiveAt(*pindexTip, Params().GetConsensus(), Consensus::DEPLOYMENT_WITHDRAWALS) ? (llmq_params_opt->signingActiveQuorumCount + 1) : 2;
	const int quorums_to_scan = DeploymentActiveAt(*pindexTip, Params().GetConsensus(), Consensus::DEPLOYMENT_WITHDRAWALS) ? llmq_params_opt->keepOldConnections : 2;

[knst]

could use keepOldConnections here

technically, yes

But logically I can't explain myself how signingActiveQuorumCount and keepOldConnections are related.

[UdjinM6]

    // Used for intra-quorum communication. This is the number of quorums for which we should keep old connections.
    // For non-rotated quorums it should be at least one more than the active quorums set.
    // For rotated quorums it should be equal to 2 x active quorums set.
    int keepOldConnections;

https://github.com/dashpay/dash/blob/develop/src/llmq/params.h#L102-L105

i.e. active set + 1 quorum that became inactive recently, exactly what you need here

[knst]

I'd still says, that in some particular cases it is matched with "+1" indeed, but I can't justify use "keep old connections" as amount of quorums which makes signature valid; also "2x active quorums" for rotating is not relevant for this situation.

[UdjinM6]

tests failed

[knst]

@knst knst force-pushed the fix-withdrawal-quorums branch from 7bc3698 to 5fd7b07

fixed test, activation date and rebased to the newer commit - base commit was pretty old

[UdjinM6]

pls see https://github.com/UdjinM6/dash/commits/pr_6279/

[knst]

int CAssetUnlockPayload::getHeightToExpiry() const
{
    const auto& llmq_params_opt = Params().GetLLMQ(Params().GetConsensus().llmqTypePlatform);
    assert(llmq_params_opt.has_value());
    return requestedHeight + llmq_params_opt->dkgInterval * (llmq_params_opt->signingActiveQuorumCount + 1);
}

@UdjinM6 no, accordingly DIP and by design, getHeightToExpire is not related to the amount of active quorums at all, it's a mechanism to refuse withdrawal in a short time (48 blocks) if it has not been mined, for example due to limits, or due to small fee; so it can be re-issued without waiting 24+ hours

[UdjinM6]

pls see 0c8b377

[UdjinM6]

invalid syntax in while attempts < 10 (missing:), also pls see below

[UdjinM6]

utACK d690309

[PastaPastaPasta]

why change this?

[knst]

because (active quorums + the latest inactive) are matched. So, quorum can be not-active, but still valid.

? (llmq_params_opt->signingActiveQuorumCount + 1)

[PastaPastaPasta]

utACK d690309