Implement EIP7805: Fork-choice enforced Inclusion Lists #14754
Conversation
| uint64 slot = 1 [(ethereum.eth.ext.cast_type) = "github.com/prysmaticlabs/prysm/v5/consensus-types/primitives.Slot"]; | ||
| uint64 validator_index = 2 [(ethereum.eth.ext.cast_type) = "github.com/prysmaticlabs/prysm/v5/consensus-types/primitives.ValidatorIndex"]; | ||
| bytes inclusion_list_committee_root = 3 [(ethereum.eth.ext.ssz_size) = "32"]; | ||
| repeated bytes transactions = 4 [(ethereum.eth.ext.ssz_size) = "?,?", (ethereum.eth.ext.ssz_max) = "1048576,1073741824"]; |
There was a problem hiding this comment.
Will allowing max size of transactions to 1 GiB instead of 8 KiB leave the room for DoS attack?
There was a problem hiding this comment.
No, this is a ssz list size, it's just a theoretical limit. The 8kb check is enforced on the gossip level
| totalSize += len(transaction) | ||
| } | ||
| if totalSize > 8*1024 { | ||
| return pubsub.ValidationReject, errors.New("total size of transactions exceeds 8KB") |
There was a problem hiding this comment.
| return pubsub.ValidationReject, errors.New("total size of transactions exceeds 8KB") | |
| return pubsub.ValidationReject, errors.New("total size of transactions exceeds 8KiB") |
| // GetInclusionListCommittee retrieves the validator indices assigned to the inclusion list committee | ||
| // for a given slot. Returns an error if the state or slot does not meet the required constraints. | ||
| func GetInclusionListCommittee(ctx context.Context, state state.ReadOnlyBeaconState, slot primitives.Slot) ([]primitives.ValidatorIndex, error) { | ||
| if state.Version() < version.Electra { |
There was a problem hiding this comment.
| if state.Version() < version.Electra { | |
| if state.Version() < version.FOCIL { |
| @@ -743,6 +743,10 @@ func (v *validator) RolesAt(ctx context.Context, slot primitives.Slot) (map[[fie | |||
| syncCommitteeValidators[duty.ValidatorIndex] = bytesutil.ToBytes48(duty.PublicKey) | |||
| } | |||
|
|
|||
| if duty.InclusionListCommitteeSlot == slot { | |||
There was a problem hiding this comment.
I guess this is a known issue but beacon REST API for UpdateDuties() is not updated. It could save us some time in the future to explicitly add a TODO in dutiesForEpoch() in validator/client/beacon-api/duties.go.
|
|
||
| // GetInclusionListCommittee retrieves the validator indices assigned to the inclusion list committee | ||
| // for a given slot. Returns an error if the state or slot does not meet the required constraints. | ||
| func GetInclusionListCommittee(ctx context.Context, state state.ReadOnlyBeaconState, slot primitives.Slot) ([]primitives.ValidatorIndex, error) { |
There was a problem hiding this comment.
This one gets called multiple times. What do you think about caching it?
There was a problem hiding this comment.
I think it makes sense to do it later. I don't want to introduce premature optimization unless it's necessary at this point. It's not a blocker to interop
| defer cancel() | ||
|
|
||
| result := &primitives.PayloadID{} | ||
| err := s.rpcClient.CallContext(ctx, result, UpdatePayloadWithInclusionListV1, &InclusionListV1{ |
There was a problem hiding this comment.
| err := s.rpcClient.CallContext(ctx, result, UpdatePayloadWithInclusionListV1, &InclusionListV1{ | |
| err := s.rpcClient.CallContext(ctx, result, UpdatePayloadWithInclusionListV1, payloadID, &InclusionListV1{ |
beacon-chain/sync/inclusion_list.go
Outdated
| // Validate slot constraints. | ||
| currentSlot := s.cfg.clock.CurrentSlot() | ||
| if il.Message.Slot == currentSlot || il.Message.Slot+1 == currentSlot { | ||
| return pubsub.ValidationReject, errors.New("slot is equal to the previous or current slot") |
There was a problem hiding this comment.
| return pubsub.ValidationReject, errors.New("slot is equal to the previous or current slot") | |
| return pubsub.ValidationReject, errors.New("slot is not equal to the previous or current slot") |
| return pubsub.ValidationIgnore, err | ||
| } | ||
| deadline := params.BeaconConfig().SecondsPerSlot / params.BeaconConfig().IntervalsPerSlot | ||
| if il.Message.Slot+1 == currentSlot && secondsSinceSlotStart > deadline { |
There was a problem hiding this comment.
Should we need to change consensus spec's p2p part to [IGNORE] The slot message.slot is equal to the previous slot and the current time is less than attestation_deadline seconds into the slot.?
beacon-chain/sync/inclusion_list.go
Outdated
| } | ||
| deadline := params.BeaconConfig().SecondsPerSlot / params.BeaconConfig().IntervalsPerSlot | ||
| if il.Message.Slot+1 == currentSlot && secondsSinceSlotStart > deadline { | ||
| return pubsub.ValidationIgnore, errors.New("slot is equal to the current slot, or it is equal to the previous slot and the current time is less than attestation_deadline seconds into the slot") |
There was a problem hiding this comment.
It seems the error messages here show why it went wrong instead of what it should be.
| @@ -215,6 +217,7 @@ func (s *Service) Start() { | |||
| } | |||
| s.spawnProcessAttestationsRoutine() | |||
| go s.runLateBlockTasks() | |||
| go s.updateBlockWithInclusionListRoutine() | |||
There was a problem hiding this comment.
What makes it better to have a routine here instead of updating a payload when a validator has a proposer role? Easier implementation?
There was a problem hiding this comment.
The routine is a no op unless the validator has a proposer role regardless
terencechain
force-pushed
the
focil
branch
4 times, most recently
from
23b7573 to
7536720
Compare
| if entry.txs == nil { | ||
| entry.txs = txs | ||
| } else { | ||
| entry.seenTwice = true |
There was a problem hiding this comment.
Is there any chance the same IL received from different peer?
There was a problem hiding this comment.
Libp2p covers such case, it filters by content so we should not be importing same IL from different peer
Initial implementation of FOCIL based on:
Looking for feedback on the spec, design decisions, and end to end testing strategies