add duplicate block proof sigverify #5
Conversation
AshwinSekar
force-pushed
the
sigverify
branch
10 times, most recently
from
b28a6da to
37888b9
Compare
AshwinSekar
force-pushed
the
sigverify
branch
from
37888b9 to
50f1118
Compare
| assert!( | ||
| ErasureMeta::check_erasure_consistency(&shred1, &shred2), | ||
| "Expected erasure consistency failure", | ||
| ); |
There was a problem hiding this comment.
Did you mean to remove this check?
There was a problem hiding this comment.
Yeah it's not completely accurate to say it's an erasure consistency failure here, the real failure is the merkle root of shred1 and shred2 will not be consistent. i've updated the condition here.
program/src/sigverify.rs
Outdated
| *verification = | ||
| MaybeUninit::new(SignatureVerification::new(pubkey, message, signature)?); | ||
| } | ||
| unsafe { std::mem::transmute_copy(&verifications) } |
There was a problem hiding this comment.
Rather than copying, let's just transmute directly, like in the array exmaple: https://doc.rust-lang.org/std/mem/union.MaybeUninit.html#initializing-an-array-element-by-element
We can also add a comment to use array_assume_init once it stabilizes https://doc.rust-lang.org/std/mem/union.MaybeUninit.html#method.array_assume_init
There was a problem hiding this comment.
ah I was running into problems with transmute which is why I opted for the copy. rust-lang/rust#61956
I think I could manually assume_init on each element instead, what do you think?
There was a problem hiding this comment.
To be honest, I'd prefer to use the approach recommended directly in the docs, ie unsafe { mem::transmute::<_, [SignatureVerification; NUM_VERIFICATIONS]>(verifications) }
https://doc.rust-lang.org/std/mem/union.MaybeUninit.html#initializing-an-array-element-by-element
There was a problem hiding this comment.
the problem is the const generic NUM_VERIFICATIONS see rust-lang/rust#61956. It was fixed for [T; N] but does not work for [MaybeUninit<T>; N] -> [T; N] rust-lang/rust#61956 (comment)
So for example this:
Ok(unsafe { std::mem::transmute::<_, [SignatureVerification; NUM_VERIFICATIONS]>(verifications) })
results in
error[E0512]: cannot transmute between types of different sizes, or dependently-sized types
--> program/src/sigverify.rs:187:21
|
187 | Ok(unsafe { std::mem::transmute::<_, [SignatureVerification; NUM_VERIFICATIONS]>(verifications) })
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: source type: `[std::mem::MaybeUninit<sigverify::SignatureVerification<'_>>; NUM_VERIFICATIONS]` (this type does not have a fixed size)
= note: target type: `[sigverify::SignatureVerification<'_>; NUM_VERIFICATIONS]` (this type does not have a fixed size)
However if I remove the NUM_VERIFICATIONS and just use 2 it compiles
There was a problem hiding this comment.
Ohhhh gotcha, sorry about that, I didn't realize it didn't work with const generics. In that case, it's not even clear to me that array_assume_init will work.
Either way, let's go with your solution, thanks for the explanation
AshwinSekar
force-pushed
the
sigverify
branch
from
abd03bd to
bde746a
Compare
Adds signature verification of the shreds included in a duplicate block proof to the slashing program.
Due to the limitations of zerocopying from the instructions sysvar the requirements are as follows:
shred1and the second forshred2as indicated by the ordering in theproof_accountspecified to the slashing instruciton(pubkey, message, signature)data indicated by the Ed25519 ix's offsets must be in the instruction data for the slashing instruction.If each
(pubkey, message, signature)matches the(node_pubkey, shredx.merkle_root, shredx.signature)for both shreds, then the signature verification is considered successful.Additionally we expose a utility for the user to create both the sigverify instruction and the slashing instruction together.
Will update the SIMD if this approach is satisfactory