-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement validator set changes and key initialization. #135
Comments
Is it possible to call it by
Will it also be called by
I think, for HBBFT it's better not to use the
Is it possible to call it by When I ask about
Do you mean here something like that? https://github.com/poanetwork/posdao-contracts/blob/240c1a3c3701ca094a0337006f39d663b63424f2/contracts/InitializerHBBFT.sol#L31-L33 - we did it for the
Sorry, I'm a little confused by these terms. The As for other points of https://hackmd.io/_Gg__CJCRleryPv8yxC8DA?view:
We can have similar Also, in AuRa we have the |
Yes, Same for
OK, so we'll just call
The problem is only that system calls can only use information that's already in the block somehow: All their arguments must be computable by anyone who sees the block. E.g. it's not possible to use a system call to input a random number that other nodes seeing the block wouldn't know otherwise. So if we want to make it a system call, we need to use some block header field for actually storing the random number.
Right! Sorry, I forgot that that functionality is already there! So we can already initialize the public keys from the genesis block. 👍
That's right; and we should probably find better names for them.
Yes, I think it should work the same way as in Aura: Validators will make calls to |
Let's pass to the
Yes, that would be great if we could call it by system.
I meant the Or maybe it's better to make the same working with
Yes, however, I'm not sure yet if it works because So, first we should test if it is possible to pass
Ok, so for HBBFT we could use AuRa version of Let's also think about maximum compatibility of HBBFT engine implementation with the AuRa contracts so that we could make HBBFT contracts similar to AuRa ones as much as possible (except working with random contract and BlockReward.reward functions, imho, because these should differ due to different concept of HBBFT). In this case further supporting of the contracts would be much easier. |
I agree, there shouldn't be a difference regarding
|
Let's begin with the There is only one contract at the moment: https://github.com/poanetwork/posdao-contracts/blob/hbbft-light/contracts/KeyGenHistory.sol - it's almost empty and doesn't have a constructor yet. I have first questions about the
|
The future validators; so at the point where key generation begins, the
We could, but I don't think it's strictly necessary: In any given block, at most one key generation is ongoing.
Yes, a new key generation begins whenever the validator set is about to change, whether it's because a staking epoch ended or because someone got banned.
Yes, that looks exactly right. 👍 |
Ok, added TODO for that: https://github.com/poanetwork/posdao-contracts/blob/6f4b37fc5af9e88c810455e479f6a6fd8bb053aa/contracts/KeyGenHistory.sol#L21-L23
Ok, TODO for that: https://github.com/poanetwork/posdao-contracts/blob/6f4b37fc5af9e88c810455e479f6a6fd8bb053aa/contracts/KeyGenHistory.sol#L25-L27
Ok, added that into the contract: https://github.com/poanetwork/posdao-contracts/blob/6f4b37fc5af9e88c810455e479f6a6fd8bb053aa/contracts/KeyGenHistory.sol#L10-L18 Now, I think you can try to compile this contract with the constructor arguments and write its bytecode to the One more question regarding the constructor: it uses Solidity experimental feature when the array of |
Sounds good, thank you! 👍 Unfortunately the |
OK, I think |
With hbbft, validators will have three secrets:
HoneyBadger
and threshold signatures inBinaryAgreement
's cryptographic common coin.HoneyBadger
requires aNetworkInfo
for initialization, which needsPublicKeySet
that defines all validators' public key shares, andThe non-threshold stuff (ID and BLS keys) doesn't need to change, but the key shares need to be newly generated every time the validator set changes. We also need to provide means to initialize everything at the genesis block.
The engine will require that the HBBFT POSDAO or compatible contracts are deployed in genesis.
Validator Set Changes
The engine must call
BlockRewardHBBFT.reward
after every block, not only to distribute block rewards but also because that automatically triggers the random selection of a new set of validators in each epoch. (See Aura.)For randomization to work, the engine must also call
RandomHBBFT.storeRandom
in every block, with the newly generated random number (xoring random numbers from all the contributions).Once a new validator set has been selected,ValidatorSetBase.emitInitiateChangeCallable
will returntrue
, and at that point, the engine must callValidatorSetBase.emitInitiateChange
—this needs to be a transaction and not a system call, since system calls cannot emit events. In Aura, this currently is signed by the block producer, but with hbbft, all validators must produce identical transactions. We need to figure out how to do that…We could also try to not rely on the
InitiateChange
event and just call a function that returns the pending validator set: If that's different from the current one, we know that a change is in progress.When the validator set contract has determined the next validator set (
InitiateChange
event or something else…), the hbbft engine needs to prepare for that change:The engine needs to publish and collect all the future validator's public BLS keys (unless we remove that requirement), and initialize a new SyncKeyGen instance. A node which is not among the future validators can use
SecretKey::default()
as its "secret key" here, as it is not used. In the validators-elect, the constructor will return aPart
message: The engine must sign and send a transaction callingKeyGenHistory.writePart
with the serialized message.While key generation is ongoing, all
Part
andAck
messages in the contract must be passed intoSyncKeyGen
, and any returnedAck
messages turned into transactions usingKeyGenHistory.writeAck
.After each block, we check whether
SyncKeyGen::is_ready
. When it is, we initialize a newHoneyBadger
withSyncKeyGen::into_network_info
. Any further batches that have been returned by the old instance are ignored: the next block will already be produced by the new instance, and the new set of validators.In the first block produced by a new validator set, the system calls
ValidatorSetBase.finalizeChange
. (See Aura.)Initialization
The initial validator set needs to learn about its secret BLS keys and key shares, too. And every node needs to know the public key set and the map of public BLS keys (if needed).
ValidatorSetHBBFT
, so that all nodes can read them from the genesis block.KeyGenHistory
, so that immediately after the genesis block it looks as if "key generation is complete". Alternatively, these, too, could be separate configuration and chain spec entries.It would probably be most convenient to just pass a list of
Part
andAck
messages into theKeyGenHistory
constructor, so the the keys can be read from it just like after an actual on-chain key generation.The text was updated successfully, but these errors were encountered: