preparing eip-3076

Signed-off-by: Aliaksei Misiukevich <[email protected]>

Author: nadtech-hub

common/eip_3076/Cargo.toml

@@ -0,0 +1,30 @@
+[package]
+name = "eip_3076"
+version = "0.1.0"
+authors = ["Michael Sproul <[email protected]>", "pscott <[email protected]>"]
+edition.workspace = true
+autotests = false
+
+[features]
+arbitrary-fuzz = ["types/arbitrary-fuzz"]
+portable = ["types/portable"]
+
+[dependencies]
+arbitrary = { workspace = true, features = ["derive"] }
+ethereum_serde_utils = { workspace = true }
+filesystem = { workspace = true }
+r2d2 = { workspace = true }
+r2d2_sqlite = "0.21.0"
+rusqlite = { workspace = true }
+serde = { workspace = true }
+serde_json = { workspace = true }
+tempfile = { workspace = true }
+tracing = { workspace = true }
+types = { workspace = true }
+
+[dev-dependencies]
+rayon = { workspace = true }
+
+[[test]]
+name = "eip_3076_tests"
+path = "tests/main.rs"

common/eip_3076/Makefile

@@ -0,0 +1,43 @@
+TESTS_TAG := v5.3.0
+GENERATE_DIR := generated-tests
+OUTPUT_DIR := interchange-tests
+TARBALL := $(OUTPUT_DIR)-$(TESTS_TAG).tar.gz
+ARCHIVE_URL := https://github.com/eth-clients/slashing-protection-interchange-tests/tarball/$(TESTS_TAG)
+
+ifeq ($(OS),Windows_NT)
+ifeq (, $(shell where rm))
+	rmfile  = if exist $(1) (del /F /Q $(1))
+	rmdir   = if exist $(1) (rmdir /Q /S $(1))
+	makedir = if not exist $(1) (mkdir $(1))
+else
+	rmfile  = rm -f $(1)
+	rmdir   = rm -rf $(1)
+	makedir = mkdir -p $(1)
+endif
+else
+	rmfile  = rm -f $(1)
+	rmdir   = rm -rf $(1)
+	makedir = mkdir -p $(1)
+endif
+
+$(OUTPUT_DIR): $(TARBALL)
+	$(call rmdir,$@)
+	$(call makedir,$@)
+	tar --strip-components=1 -xzf $^ -C $@
+
+$(TARBALL):
+	curl --fail -L -o $@ $(ARCHIVE_URL)
+
+clean-test-files:
+	$(call rmdir,$(OUTPUT_DIR))
+
+clean-archives:
+	$(call rmfile,$(TARBALL))
+
+generate:
+	$(call rmdir,$(GENERATE_DIR))
+	cargo run --release --bin test_generator -- $(GENERATE_DIR)
+
+clean: clean-test-files clean-archives
+
+.PHONY: clean clean-archives clean-test-files generate

common/eip_3076/interchange-tests/.github/workflows/check.yaml

@@ -0,0 +1,15 @@
+name: schema checks
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  check_schema:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+      - run: make check

common/eip_3076/interchange-tests/.gitignore

@@ -0,0 +1 @@
+*.tar.gz

common/eip_3076/interchange-tests/Makefile

@@ -0,0 +1,9 @@
+VERSION:=$(shell git describe --tags)
+
+check:
+	cargo run --manifest-path schema_validator/Cargo.toml --release -- schema.json tests/generated
+
+# Build a tarball for a release.
+# To make a new release: `git tag -s vX.Y.Z`
+release:
+	tar -czvf eip-3076-tests-$(VERSION).tar.gz tests/

common/eip_3076/interchange-tests/README.md

@@ -0,0 +1,140 @@
+# Slashing Protection Interchange Tests (EIP-3076)
+
+Tests for EIP-3076:
+
+https://eips.ethereum.org/EIPS/eip-3076
+
+Discussion:
+
+https://ethereum-magicians.org/t/eip-3076-validator-client-interchange-format-slashing-protection/4883
+
+## How to run
+
+Each test directory contains an interchange file and some extra data about how to test it.
+
+For example:
+
+```json
+{
+  "name": "single_validator_genesis_attestation",
+  "genesis_validators_root": "0x0000000000000000000000000000000000000000000000000000000000000000",
+  "steps": [
+    {
+      "should_succeed": true,
+      "contains_slashable_data": false,
+      "interchange": {
+        "metadata": {
+          "interchange_format_version": "5",
+          "genesis_validators_root": "0x0000000000000000000000000000000000000000000000000000000000000000"
+        },
+        "data": [
+          {
+            "pubkey": "0xa99a76ed7796f7be22d5b7e85deeb7c5677e88e511e0b337618f8c4eb61349b4bf2d153f649f7b53359fe8b94a38e44c",
+            "signed_blocks": [],
+            "signed_attestations": [
+              {
+                "source_epoch": "0",
+                "target_epoch": "0"
+              }
+            ]
+          }
+        ]
+      },
+      "blocks": [],
+      "attestations": [
+        {
+          "pubkey": "0xa99a76ed7796f7be22d5b7e85deeb7c5677e88e511e0b337618f8c4eb61349b4bf2d153f649f7b53359fe8b94a38e44c",
+          "source_epoch": "0",
+          "target_epoch": "0",
+          "should_succeed": false
+        }
+      ]
+    }
+  ]
+}
+```
+
+To run a test, first initialize a new (empty) slashing protection database.
+
+Then for each entry in `steps`, import the `interchange`, process the `blocks` and `attestations`,
+and continue to the next step.
+
+Determine the test outcome according to the meanings of each of the fields,
+which are as follows:
+
+* `name: string`: the name of the test-case, informational.
+* `genesis_validators_root: Root`: the genesis validators root to use when
+  creating the empty slashing protection database, or to compare the import
+  against.
+* `steps[i].should_succeed: bool`: whether the `steps[i].interchange` given is valid and should
+  be imported successfully.
+* `steps[i].contains_slashable_data: bool`: whether the `steps[i].interchange` contains some
+  slashable data with respect to itself or the existing contents of the database.
+* `steps[i].interchange: Interchange`: slashing protection interchange data as described
+  by the spec.
+* `steps[i].blocks: [object]`: a list of block signings to be attempted **after**
+  importing the `interchange`, detailed below.
+* `steps[i].attestations: [object]`: a list of attestation signings to be attempted **after**
+  importing the `interchange`, detailed below.
+
+Each block in `blocks` is structured as:
+
+```json
+{
+  "pubkey": "0xa99a76ed7796f7be22d5b7e85deeb7c5677e88e511e0b337618f8c4eb61349b4bf2d153f649f7b53359fe8b94a38e44c",
+  "slot": "1",
+  "signing_root": "0x0000000000000000000000000000000000000000000000000000000000000000",
+  "should_succeed": false,
+  "should_succeed_complete": true
+}
+```
+
+Your test-runner should attempt to sign a block with `signing_root` at the given slot from the given
+`pubkey`. The `should_succeed` field describes whether this signing should be accepted (true) or
+rejected (false) _by a client using a minimal strategy_. Clients using a complete strategy should
+instead use the `should_succeed_complete` field which allows signing to succeed in more cases. If
+the block is signed successfully it should be incorporated into the slashing protection database.
+
+Each attestation in `attestations` is structured as:
+
+```json
+{
+  "pubkey": "0xa99a76ed7796f7be22d5b7e85deeb7c5677e88e511e0b337618f8c4eb61349b4bf2d153f649f7b53359fe8b94a38e44c",
+  "source_epoch": "11",
+  "target_epoch": "12",
+  "signing_root": "0x0000000000000000000000000000000000000000000000000000000000000000",
+  "should_succeed": true,
+  "should_succeed_complete": true
+}
+```
+
+Similarly to above, your test-runner should attempt to sign an attestation with these parameters
+using the given `pubkey`, and succeed based on the value of
+`should_succeed`/`should_succeed_complete`.  Again, implementations that use the _complete_ strategy
+should use `should_succeed_complete`. All implementations should incorporate signed attestations
+into the database.
+
+Note that the top-level `genesis_validators_root` is not necessarily the same
+as the GVR contained in the interchange, to allow us to test the case where
+they are mismatched.
+
+## Handling Slashable Data
+
+The `contains_slashable_data` parameter is to be interpreted as follows:
+
+- If `should_succeed` is false, then `contains_slashable_data` is irrelevant
+- If `contains_slashable_data` is false, then the given interchange **must** be imported
+  successfully, and the given block/attestation checks must pass.
+- If `contains_slashable_data` is true, then implementations have the option to do one of two
+  things:
+  	- Import the interchange successfully, working around the slashable data by minification
+	  or some other mechanism. If the import succeeds, all checks must pass and the test
+	  should continue to the next step.
+	- Reject the interchange (or partially import it), in which case the block/attestation
+	  checks and all future steps should be ignored.
+
+## Downloading the tests
+
+The `tests` directory is released as a versioned `.tar.gz` on the [Releases](https://github.com/eth-clients/slashing-protection-interchange-tests/releases) page.
+
+Alternatively, you could use a git submodule.

common/eip_3076/interchange-tests/schema.json

@@ -0,0 +1,94 @@
+{
+  "title": "Signing history",
+  "description": "This schema provides a record of the blocks and attestations signed by a set of validators",
+  "type": "object",
+  "properties": {
+    "metadata": {
+      "type": "object",
+      "properties": {
+        "interchange_format_version": {
+          "type": "string",
+          "description": "The version of the interchange format that this document adheres to"
+        },
+        "genesis_validators_root": {
+          "type": "string",
+          "description": "Calculated at Genesis time; serves to uniquely identify the chain"
+        }
+      },
+      "required": [
+        "interchange_format_version",
+        "genesis_validators_root"
+      ]
+    },
+    "data": {
+      "type": "array",
+      "items": [
+        {
+          "type": "object",
+          "properties": {
+            "pubkey": {
+              "type": "string",
+              "description": "The BLS public key of the validator (encoded as a 0x-prefixed hex string)"
+            },
+            "signed_blocks": {
+              "type": "array",
+              "items": [
+                {
+                  "type": "object",
+                  "properties": {
+                    "slot": {
+                      "type": "string",
+                      "description": "The slot number of the block that was signed"
+                    },
+                    "signing_root": {
+                      "type": "string",
+                      "description": "The output of compute_signing_root(block, domain)"
+                    }
+                  },
+                  "required": [
+                    "slot"
+                  ]
+                }
+              ]
+            },
+            "signed_attestations": {
+              "type": "array",
+              "items": [
+                {
+                  "type": "object",
+                  "properties": {
+                    "source_epoch": {
+                      "type": "string",
+                      "description": "The attestation.data.source.epoch of the signed attestation"
+                    },
+                    "target_epoch": {
+                      "type": "string",
+                      "description": "The attestation.data.target.epoch of the signed attestation"
+                    },
+                    "signing_root": {
+                      "type": "string",
+                      "description": "The output of compute_signing_root(attestation, domain)"
+                    }
+                  },
+                  "required": [
+                    "source_epoch",
+                    "target_epoch"
+                  ]
+                }
+              ]
+            }
+          },
+          "required": [
+            "pubkey",
+            "signed_blocks",
+            "signed_attestations"
+          ]
+        }
+      ]
+    }
+  },
+  "required": [
+    "metadata",
+    "data"
+  ]
+}

common/eip_3076/interchange-tests/schema_validator/.gitignore

@@ -0,0 +1,2 @@
+/target
+Cargo.lock

common/eip_3076/interchange-tests/schema_validator/Cargo.toml

@@ -0,0 +1,9 @@
+[package]
+name = "schema_validator"
+version = "0.1.0"
+authors = ["Michael Sproul <[email protected]>"]
+edition = "2018"
+
+[dependencies]
+jsonschema = { version = "0.3.1", default-features = false }
+serde_json = "1.0.59"

common/eip_3076/interchange-tests/schema_validator/src/main.rs

@@ -0,0 +1,44 @@
+use jsonschema::{Draft, JSONSchema};
+use serde_json::Value;
+use std::env;
+use std::fs::{self, File};
+
+fn main() {
+    let args: Vec<_> = env::args().collect();
+
+    let schema_file = File::open(&args[1]).unwrap();
+    let schema_value = serde_json::from_reader(schema_file).unwrap();
+    let schema = JSONSchema::compile(&schema_value, Some(Draft::Draft7)).unwrap();
+
+    let tests_dir = &args[2];
+
+    let mut success_all = true;
+
+    fs::read_dir(tests_dir)
+        .expect("read_dir succeeds on test directory")
+        .map(|e| e.unwrap().path())
+        .filter(|path| path.is_file())
+        .for_each(|path| {
+            let test_file = File::open(&path).unwrap();
+            let test_value: Value = serde_json::from_reader(test_file).unwrap();
+            let filename = path.file_name().unwrap().to_str().unwrap();
+
+            let steps = test_value.get("steps").unwrap();
+            let mut success = true;
+
+            for (i, step) in steps.as_array().unwrap().iter().enumerate() {
+                let interchange_value = step.get("interchange").unwrap();
+                if let Err(errors) = schema.validate(interchange_value) {
+                    for e in errors {
+                        println!("{} .steps[{}].interchange, error: {:?}", filename, i, e);
+                    }
+                    success = false;
+                    success_all = false;
+                }
+            }
+            if success {
+                println!("{}, ok", filename);
+            }
+        });
+    assert!(success_all, "one or more tests failed, see above");
+}