Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add deployed_contracts and replaced_classes to StateDiff #13

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add deployed_contracts and replaced_classes to StateDiff #13

wants to merge 1 commit into from

Conversation

IronGauntlets
Copy link
Collaborator

To verify the state diff commitment we need to have access to all the fields present in the StateDiff returned by the feeder gateway. Therefore, we need to have deployed_contract and replaced_classes in the StateDiff messages.

The reason for not including the DeclaredV0Classes and DeclaredV1Classes is because these can be derived from the Classes message, which all Cairo0 and Cairo1 classes can be mapped to DeclaredV0Classes and DeclaredV1Classes, respectively.

@IronGauntlets
Add deployed_contracts and replaced_classes to StateDiff
2759ac2 
To verify the state diff commitment we need to have access to all the
fields present in the `StateDiff` returned by the feeder gateway.
Therefore, we need to have `deployed_contract` and `replaced_classes` in
the `StateDiff` messages.

The reason for not including the `DeclaredV0Classes` and
`DeclaredV1Classes` is because these can be derived from the `Classes`
message, which all Cairo0 and Cairo1 classes can be mapped to
`DeclaredV0Classes` and `DeclaredV1Classes`, respectively.
@ittaysw
Copy link
Collaborator

ittaysw commented Nov 26, 2023

A block body contains also the classes that were added.
And a state diff contains also the contract roots, that is, the contracts that were deployed

@IronGauntlets
Copy link
Collaborator Author

After discussion with the team, it is true that both deployed_contract and replaced_classes can be derived from the optional StateDiff.ContractDiff.class_hash field as follows:

  • If class_hash is present and the address is unknown then the contract has been deployed.
  • If class_hash is present and the address is known then the contract's class has been replaced.

There is a possible edge case where a contract is deployed and replaced in the same block then an optional class_hash may not be sufficient for correctly deriving deployed_contracts and replaced_class. If the feeder StateDiff contains entries in both lists then calculating the StateDiff commitment would not be possible with the current message definition. However, this is an extremely rare scenario and @joshklop managed to create a block on Goerli where a contract was deployed and replaced in the same block. The resulting feeder StateDiff only modified the deployed_contracts therefore, this edge case is safe to ignore.

Verification of StateDiff commitment requires access to the latest state to create deployed_contracts and replaced_classes which can be slow to read from the DB. Therefore, a malicious peer can send incorrect StateDiff and an honest peer would not know about it until it loads the state from DB. If we add deployed_contracts and replaced_classes to StateDiff then StateDiff commitment verification becomes stateless.

@ittaysw
Copy link
Collaborator

ittaysw commented Dec 3, 2023

@IronGauntlets , why would you need to get the deployed or replaced classes from the state diff? Verification of the state diff should be by executing the transactions. Maybe you are talking about making sure it is consistent with all other changes?

@IronGauntlets
Copy link
Collaborator Author

@ittaysw

why would you need to get the deployed or replaced classes from the state diff?

The signature over the state_diff_commitment includes deployed and replaced classes. Therefore, to verify the the received block and state diff from a peer we need to create the corresponding data over which the signature was created. As I mentioned above, it is possible to generate the data required if you have access to the state. However, it means that the signature cannot be verified until your state is at currentBlock - 1 which delays the verification of messages and possibly the sync process, also db access is slow.

Verification of the state diff should be by executing the transactions

AFAIU not all nodes would execute transactions and would rely on consensus signatures. Without the changes proposed in this PR verification of the signature is cumbersome for the reasons mentioned above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@omerfirmak omerfirmak Awaiting requested review from omerfirmak

@CHr15F0x CHr15F0x Awaiting requested review from CHr15F0x

@Mirko-von-Leipzig Mirko-von-Leipzig Awaiting requested review from Mirko-von-Leipzig

@ittaysw ittaysw Awaiting requested review from ittaysw

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@IronGauntlets @ittaysw