hive: fcu fields not validated #6217

rkrasiuk · 2024-01-24T17:32:05Z

Description

The chain formed by forkchoice update fields (finalized -> safe -> head) is not validated by the consensus engine and it erroneously responds with FCU status Syncing

Hive

At the time of writing the test covering this behavior is named Inconsistent Head in ForkchoiceState (Paris) under engine-api test suite.

Test breakdown

The simulation sends following Engine API requests to the client:

FCU head: 0xd462b6793c2895fd61cd63e098874774d3e03556e14ec40fb9861956e39eb8b0 - Valid

New Payload: 0xab4eb0d9f2a392ccf1edf43ffd0c9d6a197d1215a94f7294d032e962812a175b (parent: 0xd462b6793c2895fd61cd63e098874774d3e03556e14ec40fb9861956e39eb8b0) - Valid

New Payload: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7 (parent: 0xd462b6793c2895fd61cd63e098874774d3e03556e14ec40fb9861956e39eb8b0) - Valid

FCU head: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7 - Valid

FCU head: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7 - Valid

New Payload: 0xb307f97d770d75d8f61e996162a063cbe3ed3c6a9b8b2392e237c3364225a585 (parent: 0xab4eb0d9f2a392ccf1edf43ffd0c9d6a197d1215a94f7294d032e962812a175b) - Valid

New Payload: 0x444680403ae5c7e1d3eb67d2e7d77bdf6492bdf0f108cca77f7d9097dfd97652 (parent: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7) - Valid

FCU head: 0x444680403ae5c7e1d3eb67d2e7d77bdf6492bdf0f108cca77f7d9097dfd97652 safe: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7 - Valid

FCU head: 0x444680403ae5c7e1d3eb67d2e7d77bdf6492bdf0f108cca77f7d9097dfd97652 safe: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7 - Valid

New Payload: 0xcd8924ad6d3e6075f7548297a35a46a85e384b3520ed1abdf1c168cae381ac71 (parent: 0xb307f97d770d75d8f61e996162a063cbe3ed3c6a9b8b2392e237c3364225a585) - Valid

New Payload: 0xd6d53c45ebebd35fe4abaf030eeaec52e830a328e0cc0d15b93a9fe687f408de (parent: 0x444680403ae5c7e1d3eb67d2e7d77bdf6492bdf0f108cca77f7d9097dfd97652) - Valid

FCU head: 0xd6d53c45ebebd35fe4abaf030eeaec52e830a328e0cc0d15b93a9fe687f408de safe: 0x444680403ae5c7e1d3eb67d2e7d77bdf6492bdf0f108cca77f7d9097dfd97652 finalized: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7 - Valid

FCU head: 0xcd8924ad6d3e6075f7548297a35a46a85e384b3520ed1abdf1c168cae381ac71 safe: 0x444680403ae5c7e1d3eb67d2e7d77bdf6492bdf0f108cca77f7d9097dfd97652 finalized: 0x2e656d340bf43036bf48c6fd966497414ee79d8cf6c3bc86c15c47ed907e51f7 - Syncing (wrong)

After analyzing the chains formed by these blocks, we can see that head 0xcd89..ac71 can never extend chain formed by 0x4446..7652 and 0x2e65..51f7.

Solution

After validating the existence of the head block in the blockchain tree, we should validate that it forms a valid chain by extending safe and finalized blocks.

The text was updated successfully, but these errors were encountered:

Rjected · 2024-01-25T22:03:48Z

To add some more context here, we do perform a similar check here

reth/crates/consensus/beacon/src/engine/mod.rs

Lines 827 to 868 in 720815a

    
               /// Ensures that the given forkchoice state is consistent, assuming the head block has been 
        
               /// made canonical. 
        
               /// 
        
               /// If the forkchoice state is consistent, this will return Ok(None). Otherwise, this will 
        
               /// return an instance of [OnForkChoiceUpdated] that is INVALID. 
        
               /// 
        
               /// This also updates the safe and finalized blocks in the [CanonChainTracker], if they are 
        
               /// consistent with the head block. 
        
               fn ensure_consistent_state( 
        
                   &mut self, 
        
                   state: ForkchoiceState, 
        
               ) -> RethResult<Option<OnForkChoiceUpdated>> { 
        
                   // Ensure that the finalized block, if not zero, is known and in the canonical chain 
        
                   // after the head block is canonicalized. 
        
                   // 
        
                   // This ensures that the finalized block is consistent with the head block, i.e. the 
        
                   // finalized block is an ancestor of the head block. 
        
                   if !state.finalized_block_hash.is_zero() && 
        
                       !self.blockchain.is_canonical(state.finalized_block_hash)? 
        
                   { 
        
                       return Ok(Some(OnForkChoiceUpdated::invalid_state())) 
        
                   } 
        
                   // Finalized block is consistent, so update it in the canon chain tracker. 
        
                   self.update_finalized_block(state.finalized_block_hash)?; 
        
                   // Also ensure that the safe block, if not zero, is known and in the canonical chain 
        
                   // after the head block is canonicalized. 
        
                   // 
        
                   // This ensures that the safe block is consistent with the head block, i.e. the safe 
        
                   // block is an ancestor of the head block. 
        
                   if !state.safe_block_hash.is_zero() && 
        
                       !self.blockchain.is_canonical(state.safe_block_hash)? 
        
                   { 
        
                       return Ok(Some(OnForkChoiceUpdated::invalid_state())) 
        
                   } 
        
                   // Safe block is consistent, so update it in the canon chain tracker. 
        
                   self.update_safe_block(state.safe_block_hash)?; 
        
                   Ok(None) 
        
               }

This happens after make_canonical and the check is only performed if make_canonical returns a VALID response. Given that cd89 and all its ancestors should exist in the blockchain tree, SYNCING is definitely the wrong response here

github-actions · 2024-02-16T01:47:40Z

This issue is stale because it has been open for 21 days with no activity.

mattsse · 2025-02-06T08:43:58Z

iirc merge tests were retired

rkrasiuk added C-bug An unexpected or incorrect behavior A-consensus Related to the consensus engine labels Jan 24, 2024

github-project-automation bot added this to Reth Tracker Jan 24, 2024

github-project-automation bot moved this to Todo in Reth Tracker Jan 24, 2024

github-actions bot added the S-stale This issue/PR is stale and will close with no further activity label Feb 16, 2024

Rjected added M-prevent-stale Prevents old inactive issues/PRs from being closed due to inactivity and removed S-stale This issue/PR is stale and will close with no further activity labels Feb 16, 2024

Rjected mentioned this issue Mar 21, 2024

Remaining Engine Hive Tests #7026

Open

1 task

emhane mentioned this issue May 18, 2024

Failing hive engine-api tests #8305

Closed

10 tasks

emhane mentioned this issue Jun 25, 2024

feat: new engine API handler #8559

Merged

mattsse closed this as completed Feb 6, 2025

github-project-automation bot moved this from Todo to Done in Reth Tracker Feb 6, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

hive: fcu fields not validated #6217

hive: fcu fields not validated #6217

rkrasiuk commented Jan 24, 2024 •

edited

Loading

Rjected commented Jan 25, 2024

github-actions bot commented Feb 16, 2024

mattsse commented Feb 6, 2025

hive: fcu fields not validated #6217

hive: fcu fields not validated #6217

Comments

rkrasiuk commented Jan 24, 2024 • edited Loading

Description

Hive

Test breakdown

Solution

Rjected commented Jan 25, 2024

github-actions bot commented Feb 16, 2024

mattsse commented Feb 6, 2025

rkrasiuk commented Jan 24, 2024 •

edited

Loading