Patches Call::Staking.restore_ledger to ensure a restored ledger has enough free balance to cover staking locks
#5066
Conversation
gpestana
added
R0-silent
gpestana
changed the title
Call::Staking.restore_ledgerCall::Staking.restore_ledger to ensure a restored ledger has enough free balance to cover staking locks
|
bot fmt |
|
@gpestana https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6864164 was started for your command Comment |
|
We are migrating the command bot to be a GitHub Action |
|
@gpestana Command |
…polkadot-sdk into gpestana/restore_ledger_kill
|
bot fmt |
|
@gpestana https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/6864474 was started for your command Comment |
|
We are migrating the command bot to be a GitHub Action |
|
@gpestana Command |
|
bot fmt |
|
@gpestana https://gitlab.parity.io/parity/mirrors/polkadot-sdk/-/jobs/7103117 was started for your command Comment |
|
@gpestana Command |
|
This pull request has been mentioned on Polkadot Forum. There might be relevant details there: https://forum.polkadot.network/t/recover-corrupted-staking-ledgers-in-polkadot-and-kusama/9796/1 |
…polkadot-sdk into gpestana/restore_ledger_kill
|
The CI pipeline was cancelled due to failure one of the required jobs. |
…Kusama (#447) Note: for more details on the corrupted ledgers issue and recovery steps check https://hackmd.io/m_h9DRutSZaUqCwM9tqZ3g?view. This PR adds a migration in Polkadot and Kusama runtimes to recover the current corrupted ledgers in Polkadot and Kusama. A migration consists of: 1. Call into `pallet_staking::Pallet::<T>::restore_ledger` for each of the "whitelisted" stashes as `Root` origin. 2. Performs a check that ensures the restored ledger's stake does not overflow the current stash's free balance. If that's the case, force unstake the ledger. This check is currently missing in polkadot-sdk/pallet-staking ([PR with patch here](paritytech/polkadot-sdk#5066)). The reason to restore the corrupted ledgers as migrations implemented in the fellowship runtimes is twofold: 1. The call to `pallet_staking::Pallet::<T>::restore_ledger` and check + `force_unstake` must be done atomically (thus a ledger can't be safely restored with a set of two distinct extrinsic calls, so it's not possible to use referenda to this fx). 2. To speed up the whole process and avoid having to wait for 1. merge and releases of paritytech/polkadot-sdk#5066 and 2. referenda to call into `Call::restore_ledger` for both Polkadot and Kusama. Alternatively, we could add a new temporary pallet directly in the fellowship runtime which would expose an extrinsic to restore the ledgers and perform the extra missing check. See this [PR as an example](gpestana#2). --- - [x] on-runtime-upgrade tests against Polkadot and Kusama - [x] staking try-state checks passing after all migrations.
The
Call::restore_ledgercall was introduced to restore corrupted ledgers based on as much on-chain data as possible.One of the corruption cases that it covers is when a ledger is wiped out due to the corruption. In this case, if there are staking locks left behind associated with a stash that has a ledger wiped out, the new, restored,
ledger.totalwill be taken from the lingering staking locks. However, at the time of the restore, the lingering locks may be higher than the current stash free balance. In that case, we cannot set the new ledger.total as the lock amount.To solve this issue,
Call::restore_ledgerwill basically chill and kill the corrupted stash/ledger.Note: Although we may use a different strat to restore the ledgers at this point (see this approach or this), we should nevertheless ensure that this code is correct.