Skip to content

Migrate legacy malfeasance proofs to malfeasance v2 #6690

New issue
New issue
Open
Open
Migrate legacy malfeasance proofs to malfeasance v2#6690
Assignees
fasmat
@fasmat

Description

@fasmat
fasmat
opened on Feb 4, 2025

Description

Legacy malfeasance proofs need to be ported to malfeasance v2 to simplify the codebase and remove the need to store proofs in the database in two different formats and check two sources every time we decide if an identity is malicious or not.

Implementation hints

Add handlers and publishers for other domains besides ATX

For the following 2 domains handlers and publishers are needed (similar to the handlers and publishers for the activation domain): mesh - for multiple ballot proof and hare for conflicting votes proof

The following legacy proofs need to be ported

  • mesh: Proof for multiple ballots
    • Publisher doesn't actually gossip the proof, because it would spam the network too much.
    • Just persist it in the database. Every node online should be witness to that malicious behaviour anyway and other nodes just sync it after they restart.
  • hare: conflicting messages sent by same identity
    • Same as with multiple ballots, proof isn't gossiped immediatly - just persisted in the DB upon publication
  • activation: Invalid PoST in ATX
    • same as the new invalid post but for v1 ATXs,
    • just like for the v2 proof the migrated proofs should contain both an index for a valid and an index for an invalid label so that a post without any valid label can be considered syntactically invalid
  • activation: Invalid Previous ATX
    • same as the new invalid previous ATX but with two v1 ATXs
  • activation: Multiple ATXs
    • this proof only needs to be kept for backwards compatibility, a publisher for it is not needed as the case of two ATXs in the same epoch is already covered by the Invalid Previous ATX proof

Deprecated legacy malfeasance sync

Temporarily the node should not serve any proofs in the old format any more. During sync it should communicate to peers that it doesn't know about any malicious identity (when using the legacy protocol) and not request proofs via sync through the legacy protocol.

For gossip temporarily the node should accept legacy malfeasance proofs but automatically convert them to the new proof format before storing them.

Eventually the deprecated protocol can just be removed from the node for both sync and gossip.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

Dev team kanban

Status

🔖 Next

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions