Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Initial validator sets #547

Merged
merged 48 commits into from
Sep 18, 2024
Merged

Initial validator sets #547

merged 48 commits into from
Sep 18, 2024

Conversation

minghinmatthewlam
Copy link
Contributor

Why this should be merged

Fixes #543 and #542

How this works

  • Adds a separate initializeValidatorSet call which expects a Warp message that contains a SubnetConversionMessage in its payload, and then verifies the tx ID against the hash of the bytes for the passed in SubnetConversionData with the initial validators.
  • Restricts initial valiator registration until initial validator set is set, and implicitly has checked for other calls to not be callable until initializedValidatorSet
  • Removes owner from the base struct of Validator, any PoA validator either added from initial validator set, or from a PoA validator manager contract can be intiialized end by anyone after migration to PoS.
  • For PoA, only owner can call intiialize registration/end for any validators, fixes a bug where after owner change the new owner doesn't have access.
  • PoS validator manager contract keeps track of its added validations, so it knows which validations are PoS and eligibile for rewards, etc.
  • Reentrancy guard is moved to only PoS, because PoA doesn't have external calls to lock/unlock stake, only calls to Warp.

How this was tested

TODO

How is this documented

comments

@minghinmatthewlam minghinmatthewlam requested a review from a team as a code owner September 12, 2024 15:52
@minghinmatthewlam minghinmatthewlam marked this pull request as draft September 12, 2024 15:52
geoff-vball
geoff-vball reviewed Sep 12, 2024
View reviewed changes
Copy link
Contributor

@geoff-vball geoff-vball left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know this is still WIP but wanted to leave feedback as early as possible

contracts/staking/interfaces/IPoSValidatorManager.sol Show resolved Hide resolved
contracts/staking/ValidatorManager.sol Outdated Show resolved Hide resolved
contracts/staking/ValidatorManager.sol Outdated Show resolved Hide resolved
contracts/staking/ValidatorManager.sol Outdated Show resolved Hide resolved
contracts/staking/ValidatorManager.sol Outdated Show resolved Hide resolved
Base automatically changed from min-stake-duration to staking-contract September 13, 2024 18:01
This was referenced Sep 13, 2024
Closed
Closed
minghinmatthewlam and others added 10 commits September 17, 2024 12:10
cam-schultz
cam-schultz reviewed Sep 17, 2024
View reviewed changes
Copy link
Contributor

@cam-schultz cam-schultz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally makes sense to me. I left a handful of clarifying questions and cleanup suggestions.

contracts/staking/ValidatorManager.sol Outdated Show resolved Hide resolved
contracts/staking/PoSValidatorManager.sol Show resolved Hide resolved
contracts/staking/ERC20TokenStakingManager.sol Show resolved Hide resolved
contracts/staking/ValidatorMessages.sol Outdated Show resolved Hide resolved
contracts/staking/ValidatorMessages.sol Show resolved Hide resolved
contracts/staking/interfaces/IValidatorManager.sol Outdated Show resolved Hide resolved
contracts/staking/interfaces/IValidatorManager.sol
InitialValidator[] initialValidators;
}

struct InitialValidator {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should have the name here match the spec. The spec update calls this ValidatorData. Between the two, I prefer InitialValidator, unless there's another scenario in which ValidatorData would be used outside of initialization. @michaelkaplan13

contracts/staking/interfaces/IValidatorManager.sol Outdated Show resolved Hide resolved
contracts/staking/ValidatorManager.sol Outdated
for (uint32 i; i < numInitialValidators; ++i) {
InitialValidator memory initialValidator = subnetConversionData.initialValidators[i];
bytes32 nodeID = initialValidator.nodeID;
require(nodeID != bytes32(0), "ValidatorManager: invalid node ID");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this check strictly necessary? IMO node ID validity should be checked on the P-Chain side, so if the P-Chain is willing to sign it we should accept it. A zero node ID would cause the hash comparison to fail.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Expanding on this, one could argue all the validity checks on subnetConversionData are unnecessary since the subnetConversionID from the Warp message already encodes validated data (by the P-Chain). If the caller supplies invalid subnetConversionData here, the hash comparison will fail regardless, and the result would be the same as if we checks the input's validity.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree and would be fine removing all of these checks.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed all validity checks on subnetConversionData, but note that we still need to check that the blockchainID and validator manager address retreived from the Warp message match the contract instance.

contracts/staking/ValidatorManager.sol Show resolved Hide resolved
bernard-avalabs
bernard-avalabs reviewed Sep 18, 2024
View reviewed changes
Copy link
Contributor

@bernard-avalabs bernard-avalabs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally makes sense to me.

contracts/staking/ValidatorManager.sol Outdated Show resolved Hide resolved
@cam-schultz cam-schultz merged commit 0896ba3 into staking-contract Sep 18, 2024
12 checks passed
@cam-schultz cam-schultz deleted the initial-validators-ending branch September 18, 2024 18:58
@cam-schultz cam-schultz mentioned this pull request Sep 18, 2024
Closed
@iansuvak iansuvak mentioned this pull request Sep 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cam-schultz cam-schultz cam-schultz left review comments

@iansuvak iansuvak iansuvak approved these changes

@geoff-vball geoff-vball geoff-vball approved these changes

@feuGeneA feuGeneA Awaiting requested review from feuGeneA feuGeneA was automatically assigned from ava-labs/interop

@bernard-avalabs bernard-avalabs Awaiting requested review from bernard-avalabs

@michaelkaplan13 michaelkaplan13 Awaiting requested review from michaelkaplan13

Assignees
No one assigned
Labels
None yet
Projects
Platform Engineering Group
Status: Done ✅
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@minghinmatthewlam @iansuvak @geoff-vball @bernard-avalabs @michaelkaplan13 @cam-schultz