simulators/eth2/engine: Update Proxy, Add Test Cases

[marioevz]

This PR adds following EL-mock-based testnet test cases:

• Invalid Transition Payload: Validator produces an incorrect (invalid stateRoot) transition payload and generates an invalid beacon block with it, which shall be rejected by the rest of the validators.
• Invalid Payload BlockHash: Validator produces payload with an invalid hash and generates an invalid beacon block with it, which shall be rejected by the rest of the validators.
• Invalid Payload Timestamp: Validator produces payload with a timestamp that is beyond the slot timespan, which shall be rejected by the rest of the validators.
• Invalid Header PrevRandao: Validator produces a valid payload but with an incorrect PrevRandao value and generates an invalid beacon block with it, which shall be rejected by the rest of the validators.
• Syncing with Invalid Chain: Verifies the latestValidHash value is correctly interpreted by the CL when the EL had been SYNCING.
• baseFee Encoding Check: Verifies that the endianess is correct when a payload that contains a base fee greater than 255, by generating a execution chain with a high base fee on genesis and then performing the merge.
• Equal Timestamp Terminal Transition Block: Verifies that the CL does not request an invalid transition payload when the slot timestamp coincides with the terminal block's time.
• TTD Before Bellatrix: Verifies that the CL and EL can perform the transition to Proof of Stake even when the TTD is hit before the Bellatrix epoch is reached by the beacon chain.
• Invalid Quantity Fields: Injects invalid payload responses by swapping the quantity fields with different errors: leading zero (e.g. 0x01), empty value (0x), and overflow.
• Invalid Terminal Block Total Difficulty: Starts a non-validating beacon node with an incorrect TTD configuration, the beacon node must not import beacon block containing transition payload based on the incorrect terminal block.

All test cases use a new functionality of the proxy that implements callbacks and allows to introduce logic before modifying/corrupting a payload.

[marioevz]

Update:

• Added "SYNCING with invalid chain" test case
• Added parameter --data-storage-mode=ARCHIVE to Teku, which allows queries on finalized states
• Rebased to master

[marioevz]

Update, fixed "syncing-with-invalid-chain" by spoofing forkchoiceUpdated to also return SYNCING. Test is now passing in at least one client.

[marioevz]

Fixed a small issue that left proxies running in the bg after a test case had finished.

[marioevz]

Added invalid timestamp test case.

[zilm13]

Could we add these changes and few blocks below to simulators/eth2/testnet/running_testnet.go so we could pass eth2/testnet too? I don't want to just copy and make PR from it but if you want, I can

[marioevz]

I think it would be better to create another PR to do this to not mix different simulators on the same PR.

[zilm13]

When we are adding keystores and there are no validators on certain client like the 3rd client in test syncing-with-invalid-chain, this client is not started with failure, you could check this in vc logs for this test, so we need to change this in all vc clients setup files like clients/teku-vc/teku_vc.sh those lines, I guess.

for keystore_path in /hive/input/keystores/*
do
  pubkey=$(basename "$keystore_path")
  cp "/hive/input/keystores/$pubkey/keystore.json" "/data/validators/keys/voting-keystore-$pubkey.json"
  cp "/hive/input/secrets/$pubkey" "/data/validators/passwords/voting-keystore-$pubkey.txt"
done

To something like this. Maybe there is better fix, I'm not good in bash

[ ! -d "/hive/input/keystores/" ]; then
   echo "No keystores to setup"
else
  for keystore_path in /hive/input/keystores/*
  do
    pubkey=$(basename "$keystore_path")
    cp "/hive/input/keystores/$pubkey/keystore.json" "/data/validators/keys/voting-keystore-$pubkey.json"
    cp "/hive/input/secrets/$pubkey" "/data/validators/passwords/voting-keystore-$pubkey.txt"
  done
fi

And ideally move this method to some mixin so we are not duplicating this in every bash script

UPDATE: btw, why do we need vc without validators?

[marioevz]

@zilm13 I think it would be better to not launch the validator if it has nothing to validate, so I will try this change directly in the simulator.

The reason to include beacon nodes without validators is to verify that they don't follow a chain if their configuration mismatches (e.g. Terminal Total Difficulty), even if the chain has 66%+ participation.

[marioevz]

Hi @fjl, I think this PR should be ready to merge with a few considerations:

• Nimbus will fail to start until Implement Capella Fork protolambda/zrnt#38 is merged and we update.
• All test cases require proxy: Add Request Bytes to Response Callback rauljordan/engine-proxy#5, therefore engine-proxy currently points to my branch at https://github.com/marioevz/engine-proxy/tree/request-bytes-callback until the PR is merged (otherwise none of the test cases would work).
• Lodestar shows networking issues, but I think this needs to be addressed in clients/lodestar: add Lodestar Beacon Node and Validator Client #577

I think these changes can be part of new PRs to keep this PR from further growing.
Let me know what you think.