Enforce base fee #1390
Enforce base fee #1390
Conversation
|
I think this can go first and later we can update with hotshot 0.5.45(needs to release tag) which will have simplify builder interaction, and update builder along with that. |
|
We need to wait until @Ancient123 is ready for the new contracts deployment order |
jbearer
force-pushed
the
jb/enforce-base-fee
branch
6 times, most recently
from
9b197de
to
a82f075
Compare
jbearer
requested review from
nomaxg,
philippecamacho,
ImJeremyHe and
tbro
as code owners
jbearer
force-pushed
the
jb/enforce-base-fee
branch
3 times, most recently
from
a46cf22
to
21bd047
Compare
jbearer
force-pushed
the
jb/enforce-base-fee
branch
from
21bd047
to
bbb4064
Compare
scripts/smoke-test-demo
Outdated
| function get_balance() { | ||
| ( | ||
| unset MNEMONIC | ||
| cargo run --release --all-features --bin bridge -- balance -e $SEQUENCER_API -a $1 -b $2 |
There was a problem hiding this comment.
Not a huge deal but I think it's kind of nice that this script is currently portable and doesn't need a rust toolchain. Maybe it would be useful to expose reading the bridge query APIs via the explorer then we could query that instead. If we do add the cargo run here we should probably add rust-cache to the test-demo github action workflow.
There was a problem hiding this comment.
What do you mean exactly by reading the bridge APIs via the explorer?
Another approach could be to use bridge as an executable for the native demo (since the native demo already relies on cargo targets being added to $PATH) and use the bridge docker for the docker demo, which would also have the nice benefit of testing that the new docker is built correctly. I could add a CLI flag to this script to choose the bridge executable
There was a problem hiding this comment.
I mean if we had a HTTP API that allowed to query the bridge balances either run by the hotshot node or via the block explorer that would be useful here and I think it would be convenient with anyone interacting with our sequencer too but it's also somewhat out of scope.
We could also call bridge if it's in the PATH and otherwise try the docker container then we don't need a flag.
There was a problem hiding this comment.
I mean if we had a HTTP API that allowed to query the bridge balances either run by the hotshot node or via the block explorer that would be useful here and I think it would be convenient with anyone interacting with our sequencer too but it's also somewhat out of scope.
I agree, but yeah, I think adding this to the block explorer is a lot of work. We do have an HTTP API (that is how the bridge tool gets its information) but it outputs a merkle path and the balance is base64 encoded which makes it a bit annoying to work with, hence the bridge tool.
The collection of fees (or lack thereof) is not completely controlled by ChainConfig. This makes it possible to launch without fees (even without a fee contract) and upgrade to enable fees at a later date. The only code change required to do this upgraded will be the ability to change the ChainConfig by upgrading. After that, only a configuration change is need to change the ChainConfig to set the fee contract and base fee.
This will allow the underlying asset to be conserved, and we can decide what to do with the burnt fees at a later point.
* Use fee message defined in HotShot trait, rather than constructing it ourselves, to avoid accidentally going out of sync with how the builder is signing * Fail signature recovery if the recovered address is wrong, rather than proceeding with a random address
jbearer
force-pushed
the
jb/enforce-base-fee
branch
from
bbb4064
to
2ac26c0
Compare
| Err(err) | ||
| } else { | ||
| Ok(()) | ||
| return Err(err); |
There was a problem hiding this comment.
Not really an issue w/ this PR, but I wonder if persistent_update_with should take a closure that returns a Result instead of an Option. I think we could then bubble the error up to the caller instead of mutating err. This code appears to demonstrate that we do need to handle more than just the Some and None cases. I might be confused though.
There was a problem hiding this comment.
Yeah I think that would be cleaner. This pattern is basically just implementing that in a messier way. @mrain maybe you can clean this up in jf-merkle-tree whenever you find yourself with some spare time?
| let header = parent.get_block_header(); | ||
|
|
||
| // Validation fails because the genesis fee (0) is too low. | ||
| let err = validate_proposal(&state, instance.chain_config, &parent, header, &vid_common) |
There was a problem hiding this comment.
Inspect the error to ensure that it failed because of the base fee being too low?
There was a problem hiding this comment.
We will do this in the followup #1463
| anyhow::ensure!( | ||
| (VidSchemeType::get_payload_byte_len(vid_common) as u64) | ||
| < expected_chain_config.max_block_size(), | ||
| block_size < expected_chain_config.max_block_size, |
There was a problem hiding this comment.
This was added some time ago but wouldn't it be more intuitive to make the range inclusive so that a block of max_block_size is still allowed? If yes, let's add an issue.
| @@ -90,6 +94,14 @@ impl ValidatedState { | |||
| self.fee_merkle_tree.update(account, amount).unwrap(); | |||
| } | |||
|
|
|||
| pub fn balance(&mut self, account: FeeAccount) -> Option<FeeAmount> { | |||
There was a problem hiding this comment.
This function is only used in tests (unless my rust-analyzer is tripping). I'm not sure returning None is a good idea for the NotInMemory case, but if we make it test code only then I think it's not a problem.
There was a problem hiding this comment.
I know we don't have a stable public Rust API yet but I feel like a function like this should be part of it. Could easily be useful outside tests for clients and apps built on top of this. What do you think such a public function should do in the NotInMemory case? Should it return Result instead of Option?
Use the bridge executable from the path if it is already built; otherwise use Docker.
validate_proposalto enforce that the provided fee is at least the base feeThe new demo configuration should work on a real network like Sepolia or Ethereum, and demonstrates the startup order/dependencies.
Draft because I think this should go in after the latest builder and HotShot updates, but I don't know how to do those updates.
Testing
A good end-to-end test is to run
demo-native, convince yourself that it's working as you normally would (look at block height, submit-transactions logs, etc) and then watch the balance of the builder account and burner account:cargo run --release --all-features --bin bridge -- balance -e http://localhost:44001 -a 0x23618e81E3f5cdF7f54C3d65f7FBc0aBf5B21E8fcargo run --release --all-features --bin bridge -- balance -e http://localhost:44001 -a 0x0000000000000000000000000000000000000000The former should be steadily decreasing while the latter is steadily increasing, as the builder pays fees