Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Multisig V2] Aborts the multisig transaction if the provided payload does not match the payload stored onchain #13160

Merged
merged 1 commit into from
Jun 12, 2024
Merged

[Multisig V2] Aborts the multisig transaction if the provided payload does not match the payload stored onchain #13160

merged 1 commit into from
Jun 12, 2024

Conversation

junkil-park
Copy link
Contributor

@junkil-park junkil-park commented May 1, 2024
edited
Loading

Description

This PR update the validate_multisig_transaction function, so that the multisig transaction fails if the provided payload does not match to the onchain payload. This fixes #12929.

Type of Change

  • New feature
  • Bug fix
  • Breaking change
  • Performance improvement
  • Refactoring
  • Dependency update
  • Documentation update
  • Tests

Which Components or Systems Does This Change Impact?

  • Validator Node
  • Full Node (API, Indexer, etc.)
  • Move/Aptos Virtual Machine
  • Aptos Framework
  • Aptos CLI/SDK
  • Developer Infrastructure
  • Other (specify)

How Has This Been Tested?

Tested on the localnet
Added API tests

@trunk-io Trunk.io
Copy link

trunk-io bot commented May 1, 2024
edited
Loading

⏱️ 2h 47m total CI duration on this PR
Job Cumulative Duration Recent Runs
rust-move-unit-coverage 1h 7m 🟩🟩🟩🟩
rust-targeted-unit-tests 45m 🟥🟥
rust-move-tests 23m 🟩🟩
run-tests-main-branch 13m 🟩🟩🟩
rust-lints 11m 🟥🟥
general-lints 4m 🟩🟩
check-dynamic-deps 2m 🟩🟩
semgrep/ci 1m 🟩🟩🟩
file_change_determinator 30s 🟩🟩
file_change_determinator 19s 🟩🟩
permission-check 6s 🟩🟩
permission-check 5s 🟩🟩
permission-check 5s 🟩🟩
permission-check 4s 🟩🟩

🚨 2 jobs on the last run were significantly faster/slower than expected

Job Duration vs 7d avg Delta
rust-targeted-unit-tests 23m 16m +45%
rust-move-tests 12m 9m +36%

settingsfeedbackdocs ⋅ learn more about trunk.io

@codecov Codecov
Copy link

codecov bot commented May 1, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 6.66667% with 14 lines in your changes missing coverage. Please review.

Project coverage is 58.6%. Comparing base (5ad91bc) to head (ebd1b45).

Files Patch % Lines
aptos-move/aptos-vm/src/aptos_vm.rs 0.0% 6 Missing ⚠️
aptos-move/aptos-vm/src/transaction_validation.rs 0.0% 4 Missing ⚠️
types/src/on_chain_config/aptos_features.rs 25.0% 3 Missing ⚠️
aptos-move/aptos-vm/src/errors.rs 0.0% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff            @@
##             main   #13160     +/-   ##
=========================================
- Coverage    58.6%    58.6%   -0.1%     
=========================================
  Files         823      823             
  Lines      198440   198453     +13     
=========================================
+ Hits       116350   116351      +1     
- Misses      82090    82102     +12

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@junkil-park junkil-park marked this pull request as ready for review May 2, 2024 21:16
@junkil-park junkil-park force-pushed the jpark/payload-mismatch branch 7 times, most recently from e0271b4 to 9a4cc41 Compare May 24, 2024 10:21
georgemitenkov
georgemitenkov approved these changes May 28, 2024
View reviewed changes
aptos-move/aptos-release-builder/src/components/feature_flags.rs Outdated
@@ -116,6 +116,7 @@ pub enum FeatureFlag {
DispatchableFungibleAsset,
NewAccountsDefaultToFaAptStore,
OperationsDefaultToFaAptStore,
MultisigV2Fix,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: maybe a more descriptive name rather than "fix"? Would be nice to have some context for the future

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done renaming it. Thanks!

aptos-move/aptos-vm/src/aptos_vm.rs Show resolved Hide resolved
@junkil-park junkil-park force-pushed the jpark/payload-mismatch branch 2 times, most recently from 453b5cc to d694c34 Compare June 10, 2024 17:10
georgemitenkov
georgemitenkov approved these changes Jun 11, 2024
View reviewed changes
Copy link
Contributor

@georgemitenkov georgemitenkov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, see comments for some questions I have

aptos-move/aptos-vm/src/transaction_validation.rs Outdated Show resolved Hide resolved
aptos-move/aptos-vm/src/transaction_validation.rs Show resolved Hide resolved
aptos-move/framework/move-stdlib/sources/configs/features.move Outdated
/// abort if the provided payload does not match the payload stored on-chain.
///
/// Lifetime: transient
const MULTISIG_V2_FIX: u64 = 69;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: based on the description, isn't it better to call the flag (and in Rust code) ABORT_IF_MISMATCHED_MULTISIG_PAYLOAD? Then feature reads easily like abort_if_mismatched_multisig_payload_enabled() and it is way clearer what the features is above without having to look up much?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done renaming it! Thank you!

@junkil-park
Fails the multisig transaction upon the mismatch between provided and…
ebd1b45 
… onchain payloads

Updates the `validate_multisig_transaction ` function, so that the multisig transaction fails if the provided payload does not match to the onchain payload. This fixes #12929.
@junkil-park junkil-park changed the title [Multisig V2] Fails the multisig transaction upon the mismatch between provided and onchain payloads [Multisig V2] Aborts the multisig transaction if the provided payload does not match the payload stored onchain Jun 12, 2024
@junkil-park junkil-park enabled auto-merge (squash) June 12, 2024 22:02
@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@github-actions GitHub Actions
Copy link
Contributor

✅ Forge suite compat success on a68e71c05caebf01504d4499110f3fba213fb53d ==> ebd1b45c3ba64d3193b31bd6e75828388666c2b3

Compatibility test results for a68e71c05caebf01504d4499110f3fba213fb53d ==> ebd1b45c3ba64d3193b31bd6e75828388666c2b3 (PR)
1. Check liveness of validators at old version: a68e71c05caebf01504d4499110f3fba213fb53d
compatibility::simple-validator-upgrade::liveness-check : committed: 10673.105396101895 txn/s, latency: 3175.406548622822 ms, (p50: 2500 ms, p90: 5900 ms, p99: 12100 ms), latency samples: 355800
2. Upgrading first Validator to new version: ebd1b45c3ba64d3193b31bd6e75828388666c2b3
compatibility::simple-validator-upgrade::single-validator-upgrade : committed: 6829.57945517944 txn/s, latency: 4455.250817427386 ms, (p50: 4500 ms, p90: 6100 ms, p99: 6400 ms), latency samples: 241000
3. Upgrading rest of first batch to new version: ebd1b45c3ba64d3193b31bd6e75828388666c2b3
compatibility::simple-validator-upgrade::half-validator-upgrade : committed: 6775.995271832782 txn/s, latency: 4522.436786469345 ms, (p50: 4500 ms, p90: 6200 ms, p99: 6500 ms), latency samples: 236500
4. upgrading second batch to new version: ebd1b45c3ba64d3193b31bd6e75828388666c2b3
compatibility::simple-validator-upgrade::rest-validator-upgrade : committed: 10750.312052306039 txn/s, latency: 2847.379375740814 ms, (p50: 2400 ms, p90: 4700 ms, p99: 6100 ms), latency samples: 354340
5. check swarm health
Compatibility test for a68e71c05caebf01504d4499110f3fba213fb53d ==> ebd1b45c3ba64d3193b31bd6e75828388666c2b3 passed
Test Ok

@github-actions GitHub Actions
Copy link
Contributor

✅ Forge suite realistic_env_max_load success on ebd1b45c3ba64d3193b31bd6e75828388666c2b3

two traffics test: inner traffic : committed: 9380.861662270743 txn/s, latency: 4191.713111078147 ms, (p50: 4200 ms, p90: 4500 ms, p99: 5700 ms), latency samples: 4044900
two traffics test : committed: 99.95952860432475 txn/s, latency: 1994.4017441860465 ms, (p50: 1900 ms, p90: 2200 ms, p99: 3600 ms), latency samples: 1720
Latency breakdown for phase 0: ["QsBatchToPos: max: 0.242, avg: 0.217", "QsPosToProposal: max: 1.988, avg: 1.883", "ConsensusProposalToOrdered: max: 0.324, avg: 0.286", "ConsensusOrderedToCommit: max: 0.367, avg: 0.355", "ConsensusProposalToCommit: max: 0.651, avg: 0.641"]
Max round gap was 1 [limit 4] at version 1943611. Max no progress secs was 5.401813 [limit 15] at version 1943611.
Test Ok

@github-actions GitHub Actions
Copy link
Contributor

✅ Forge suite framework_upgrade success on a68e71c05caebf01504d4499110f3fba213fb53d ==> ebd1b45c3ba64d3193b31bd6e75828388666c2b3

Compatibility test results for a68e71c05caebf01504d4499110f3fba213fb53d ==> ebd1b45c3ba64d3193b31bd6e75828388666c2b3 (PR)
Upgrade the nodes to version: ebd1b45c3ba64d3193b31bd6e75828388666c2b3
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1204.7958930803609 txn/s, submitted: 1207.778629056374 txn/s, failed submission: 2.982735976013082 txn/s, expired: 2.982735976013082 txn/s, latency: 2715.401771091221 ms, (p50: 1800 ms, p90: 4700 ms, p99: 12100 ms), latency samples: 105020
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1141.1137110076654 txn/s, submitted: 1142.865564718673 txn/s, failed submission: 1.7518537110077381 txn/s, expired: 1.7518537110077381 txn/s, latency: 2591.3668201880637 ms, (p50: 2100 ms, p90: 4500 ms, p99: 8700 ms), latency samples: 104220
5. check swarm health
Compatibility test for a68e71c05caebf01504d4499110f3fba213fb53d ==> ebd1b45c3ba64d3193b31bd6e75828388666c2b3 passed
Upgrade the remaining nodes to version: ebd1b45c3ba64d3193b31bd6e75828388666c2b3
framework_upgrade::framework-upgrade::full-framework-upgrade : committed: 1167.0528105845967 txn/s, submitted: 1168.6044477496666 txn/s, failed submission: 1.5516371650697394 txn/s, expired: 1.5516371650697394 txn/s, latency: 2657.7768850902185 ms, (p50: 2100 ms, p90: 4500 ms, p99: 10200 ms), latency samples: 105300
Test Ok

@junkil-park junkil-park merged commit 2b01095 into main Jun 12, 2024
89 checks passed
@junkil-park junkil-park deleted the jpark/payload-mismatch branch June 12, 2024 22:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@georgemitenkov georgemitenkov georgemitenkov approved these changes

@movekevin movekevin movekevin approved these changes

@davidiw davidiw Awaiting requested review from davidiw davidiw is a code owner

@wrwg wrwg Awaiting requested review from wrwg wrwg is a code owner

@zekun000 zekun000 Awaiting requested review from zekun000 zekun000 is a code owner

@vgao1996 vgao1996 Awaiting requested review from vgao1996 vgao1996 is a code owner

@banool banool Awaiting requested review from banool banool is a code owner

@gregnazario gregnazario Awaiting requested review from gregnazario gregnazario is a code owner

@0xmaayan 0xmaayan Awaiting requested review from 0xmaayan 0xmaayan is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Multisig V2] execute-with-payload ignores the provided payload
3 participants
@junkil-park @georgemitenkov @movekevin