Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Blob verification changes #321

Merged
merged 23 commits into from
Mar 18, 2024
Merged

Blob verification changes #321

merged 23 commits into from
Mar 18, 2024

Conversation

0x0aa0
Copy link
Contributor

@0x0aa0 0x0aa0 commented Mar 6, 2024

Why are these changes needed?

We need to include canonical values for quorums and verify those values in our blob verification

Checks

  • I've made sure the lint is passing in this PR.
  • I've made sure the tests are passing. Note that there might be a few flaky tests, in that case, please comment that they are not relevant.
  • Testing Strategy
    • Unit tests
    • Integration tests
    • This PR is not tested :(

@0x0aa0 0x0aa0 requested review from mooselumph and ian-shim March 6, 2024 22:15
@ian-shim ian-shim requested a review from gpsanant March 6, 2024 23:50
}

// make sure that the stake signed for is greater than the given confirmationThresholdPercentage
require(uint8(blobVerificationProof.batchMetadata.batchHeader.signedStakeForQuorums[uint8(blobVerificationProof.quorumThresholdIndexes[i])])
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we rename quorumThresholdIndexes to just quorumIndices?

@mooselumph mooselumph self-requested a review March 7, 2024 00:19
@@ -29,6 +25,12 @@ abstract contract EigenDAServiceManagerStorage is IEigenDAServiceManager {
* have to serve after they've deregistered.
*/
uint32 public constant BLOCK_STALE_MEASURE = 150;

/// @notice The quorum adversary threshold percentages
bytes public constant quorumAdversaryThresholdPercentages = hex"2121";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks very cryptic. Can we comment on what this means?

IEigenDAServiceManager eigenDAServiceManager,
uint256 quorumNumber
) public view returns(uint8 adversaryThresholdPercentage) {
if(eigenDAServiceManager.quorumAdversaryThresholdPercentages().length > quorumNumber){
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should it be >=?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should be > I think. If only quorum 0 and 1 are set we want to make sure those numbers are less than the length of the byte array (2)

- rename quorumIndices
- more descriptive NATSPEC
@0x0aa0 0x0aa0 requested a review from ian-shim March 7, 2024 15:17
require(msg.value == stakeRequired, "MockRollup.registerValidator: Must send stake required to register");
require(!validators[msg.sender], "MockRollup.registerValidator: Validator already registered");
require(!blacklist[msg.sender], "MockRollup.registerValidator: Validator blacklisted");
validators[msg.sender] = true;
}

Copy link
Contributor

@siddimore siddimore Mar 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can anyone call mockrollup postcommitment?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes

require(validators[msg.sender], "MockRollup.postCommitment: Validator not registered");
require(commitments[block.timestamp].validator == address(0), "MockRollup.postCommitment: Commitment already posted");
// require commitment has not already been posted
require(commitments[block.timestamp].confirmer == address(0), "MockRollup.postCommitment: Commitment already posted");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should there be a check on who can call confirmer? or should the comment be not a confirmer?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed the check to simplify so that we can just use any address to verify the blobs

@@ -45,7 +45,7 @@ interface IEigenDAServiceManager is IServiceManager {
struct BatchHeader {
bytes32 blobHeadersRoot;
bytes quorumNumbers; // each byte is a different quorum number
bytes quorumThresholdPercentages; // every bytes is an amount less than 100 specifying the percentage of stake
bytes signedStakeForQuorums; // every bytes is an amount less than 100 specifying the percentage of stake
// the must have signed in the corresponding quorum in `quorumNumbers`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"must have signed" -> "have actually signed"? The former is the threshold, whereas this looks the actual signed stake

),
confirmedQuorumsBitmap
),
"EigenDARollupUtils.verifyBlob: confirmed quorums are not a subset of the required quorums"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: error message is reversed, should be "required quorums are not a subset of the confirmed quorums"

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good catch

Copy link
Contributor

@jianoaix jianoaix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just some nits, lgtm otherwise

contracts/src/interfaces/IEigenDAServiceManager.sol Outdated Show resolved Hide resolved
contracts/src/interfaces/IEigenDAServiceManager.sol Outdated Show resolved Hide resolved
* @notice gets the adversary threshold percentage for a given quorum
* @param eigenDAServiceManager the contract in which the batch was confirmed
* @param quorumNumber the quorum number to get the adversary threshold percentage for
* @dev returns 0 if the quorumNumber is not found
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is no clause setting to 0 below for invalid quorumNumber. Does it implicit do so in Sol? Is it a good practice to set it explicitly?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes because adversaryThresholdPercentage is defined as 0 by default with return it will return zero if a quorum is not found

@0x0aa0 0x0aa0 requested a review from jianoaix March 17, 2024 23:38
@mooselumph mooselumph merged commit 7bd41f9 into master Mar 18, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants