light-client: Attack detector and evidence reporting

[romac]

Closes: #1291
Closes: #1219
Closes: #415

• Referenced an issue explaining the need for the change
• Updated all relevant documentation in docs
• Updated all code comments where relevant
• Wrote tests
• Added entry in .changelog/

[ancazamfir]

Trying to read the evidence with a hermes version using this branch and I see:

$ hermes --config config.toml equivocation --chain ibc-1
2023-04-24T04:46:55.627984Z  INFO ThreadId(01) running Hermes v1.4.0+17ba1b5e3-dirty
2023-04-24T04:46:55.648529Z DEBUG ThreadId(18) event_monitor{chain=ibc-1}: starting event monitor
2023-04-24T04:46:55.660791Z DEBUG ThreadId(01) trying to check for evidence at height 1-106
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: serde parse error: mismatch between raw voting (Power(0)) and computed one (Power(100000)) at line 1 column 4149', crates/relayer-cli/src/commands/equivocation.rs:107:75
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Also tried to use the block here (which is the same as the one read by hermes above, coming from Go light client evidence after a forked chain) in one of the gaia fixtures and seeing similar error:

---- incoming_fixtures stdout ----
thread 'incoming_fixtures' panicked at 'called `Result::unwrap()` on an `Err` value: serde parse error

Caused by:
    mismatch between raw voting (Power(0)) and computed one (Power(100000))

Edit:
The error comes from

tendermint-rs/tendermint/src/validator.rs

Lines 271 to 278 in 9e48f17

	// Ensure that the raw voting power matches the computed one
	let raw_voting_power = value.total_voting_power.try_into()?;
	if raw_voting_power != validator_set.total_voting_power() {
	return Err(Error::raw_voting_power_mismatch(
	raw_voting_power,
	validator_set.total_voting_power(),
	));
	}

.
The total_voting_power is missing in the ValidatorSet of the ConflictingBlock (of type LigthBlock). Not sure if it was ever sent by the Go light client. I will also try with the Rust light client.
But iirc, we had this issue also in the past with the IBC light client updates. If the field is missing we shouldn't do the check, not sure how easy we can determine this though.

[ancazamfir]

I will also try with the Rust light client.

Same error

[romac]

If the field is missing we shouldn't do the check, not sure how easy we can determine this though.

Unfortunately there is no way to distinguish between the field being missing or its value being 0. I believe the best we can do is to drop the check if the value is 0. What do you think?

[ancazamfir]

If the field is missing we shouldn't do the check, not sure how easy we can determine this though.

Unfortunately there is no way to distinguish between the field being missing or its value being 0. I believe the best we can do is to drop the check if the value is 0. What do you think?

Yes, let's drop the check. There is this unexported comment in validator set totalVotingPower in Comet:
https://github.com/cometbft/cometbft/blob/b8187b0f538195eae07ef4c79c2eb3c927bc181c/types/validator_set.go#L51-L58

Maybe it specifically means that it will not be included in RPC responses that have validator set. Maybe we should clarify with the Comet team.

There are also some comments in ValidatorSetFromProto and ToProto() that suggest that for protos also this field is set to 0 on encoding and computed when decoding.

[romac]

I removed the changes related to the addition of light client CLI and the removal of the supervisor into their own PR, to be merged after this one: #1308

[ancazamfir]

Amazing work @romac! Thanks also for the help @mzabaluev