From 4499adc7fd110a4c5fde9da27d613af37f68d9da Mon Sep 17 00:00:00 2001 From: Pawan Dhananjay Date: Mon, 1 Nov 2021 07:44:40 +0000 Subject: [PATCH] Check proposer index during block production (#2740) ## Issue Addressed Resolves #2612 ## Proposed Changes Implements both the checks mentioned in the original issue. 1. Verifies the `randao_reveal` in the beacon node 2. Cross checks the proposer index after getting back the block from the beacon node. ## Additional info The block production time increases by ~10x because of the signature verification on the beacon node (based on the `beacon_block_production_process_seconds` metric) when running on a local testnet. --- beacon_node/beacon_chain/src/beacon_chain.rs | 2 +- consensus/state_processing/src/per_block_processing.rs | 10 +++++++++- validator_client/src/block_service.rs | 8 ++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/beacon_node/beacon_chain/src/beacon_chain.rs b/beacon_node/beacon_chain/src/beacon_chain.rs index 16bbf8a74..c4ed8ace9 100644 --- a/beacon_node/beacon_chain/src/beacon_chain.rs +++ b/beacon_node/beacon_chain/src/beacon_chain.rs @@ -2889,7 +2889,7 @@ impl BeaconChain { &mut state, &block, None, - BlockSignatureStrategy::NoVerification, + BlockSignatureStrategy::VerifyRandao, &self.spec, )?; drop(process_timer); diff --git a/consensus/state_processing/src/per_block_processing.rs b/consensus/state_processing/src/per_block_processing.rs index 1681f194f..845aee747 100644 --- a/consensus/state_processing/src/per_block_processing.rs +++ b/consensus/state_processing/src/per_block_processing.rs @@ -46,6 +46,8 @@ pub enum BlockSignatureStrategy { NoVerification, /// Validate each signature individually, as its object is being processed. VerifyIndividual, + /// Validate only the randao reveal signature. + VerifyRandao, /// Verify all signatures in bulk at the beginning of block processing. VerifyBulk, } @@ -115,6 +117,7 @@ pub fn per_block_processing( } BlockSignatureStrategy::VerifyIndividual => VerifySignatures::True, BlockSignatureStrategy::NoVerification => VerifySignatures::False, + BlockSignatureStrategy::VerifyRandao => VerifySignatures::False, }; let proposer_index = process_block_header(state, block, spec)?; @@ -123,11 +126,16 @@ pub fn per_block_processing( verify_block_signature(state, signed_block, block_root, spec)?; } + let verify_randao = if let BlockSignatureStrategy::VerifyRandao = block_signature_strategy { + VerifySignatures::True + } else { + verify_signatures + }; // Ensure the current and previous epoch caches are built. state.build_committee_cache(RelativeEpoch::Previous, spec)?; state.build_committee_cache(RelativeEpoch::Current, spec)?; - process_randao(state, block, verify_signatures, spec)?; + process_randao(state, block, verify_randao, spec)?; process_eth1_data(state, block.body().eth1_data())?; process_operations(state, block.body(), proposer_index, verify_signatures, spec)?; diff --git a/validator_client/src/block_service.rs b/validator_client/src/block_service.rs index 289f8a09f..0cba70481 100644 --- a/validator_client/src/block_service.rs +++ b/validator_client/src/block_service.rs @@ -259,6 +259,7 @@ impl BlockService { let randao_reveal_ref = &randao_reveal; let self_ref = &self; + let proposer_index = self.validator_store.validator_index(&validator_pubkey); let validator_pubkey_ref = &validator_pubkey; let signed_block = self .beacon_nodes @@ -274,6 +275,13 @@ impl BlockService { .data; drop(get_timer); + if proposer_index != Some(block.proposer_index()) { + return Err( + "Proposer index does not match block proposer. Beacon chain re-orged" + .to_string(), + ); + } + let signed_block = self_ref .validator_store .sign_block(*validator_pubkey_ref, block, current_slot)