Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disallow using existing TSS account IDs in Staking pallet #657

Merged
merged 6 commits into from
Mar 4, 2024
Merged

Disallow using existing TSS account IDs in Staking pallet #657

merged 6 commits into from
Mar 4, 2024

Conversation

ameba23
Copy link
Contributor

@ameba23 ameba23 commented Mar 1, 2024

This addresses #654 by adding a check to make sure that validators may not use TSS account IDs which already exist.

I'm not sure if benchmarking / weights need to be updated - if so i don't know how to do that.

@vercel Vercel
Copy link

vercel bot commented Mar 1, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
entropy-core ✅ Ready (Inspect) Visit Preview 💬 Add feedback Mar 4, 2024 8:37am

@ameba23 ameba23 requested review from HCastano and JesseAbram March 1, 2024 09:07
HCastano
HCastano reviewed Mar 2, 2024
View reviewed changes
Copy link
Collaborator

@HCastano HCastano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Couple small things with the tests, but otherwise this looks good.

I'm not sure if benchmarking / weights need to be updated - if so i don't know how to do that.

We don't need to change the benchmarks. Next time we run them they should account for the extra storage read.

pallets/staking/src/lib.rs
@@ -356,6 +362,11 @@ pub mod pallet {
let validator_id = <T as pallet_session::Config>::ValidatorId::try_from(stash)
.or(Err(Error::<T>::InvalidValidatorId))?;

ensure!(
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: I would move this under the other ensure! check. Keeps those assertions close together and lets us bail earlier

pallets/staking/src/tests.rs
Comment on lines +84 to +98
assert_ok!(FrameStaking::bond(
RuntimeOrigin::signed(2),
100u64,
pallet_staking::RewardDestination::Account(2),
));
assert_noop!(
Staking::validate(
RuntimeOrigin::signed(2),
pallet_staking::ValidatorPrefs::default(),
vec![20],
3,
NULL_ARR
),
Error::<Test>::TssAccountAlreadyExists
);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd move this into its own test just to make sure we can isolate the original issue

pallets/staking/src/tests.rs
Comment on lines +153 to +170
// Check that we cannot change to a TSS account which already exists
assert_ok!(FrameStaking::bond(
RuntimeOrigin::signed(2),
100u64,
pallet_staking::RewardDestination::Account(2),
));
assert_ok!(Staking::validate(
RuntimeOrigin::signed(2),
pallet_staking::ValidatorPrefs::default(),
vec![20],
5,
NULL_ARR
));

assert_noop!(
Staking::change_threshold_accounts(RuntimeOrigin::signed(1), 5, NULL_ARR),
Error::<Test>::TssAccountAlreadyExists
);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here

CHANGELOG.md Outdated Show resolved Hide resolved
@HCastano
Copy link
Collaborator

HCastano commented Mar 2, 2024

Oh one thing I want to bring up. Do we even need to have the ability to change Threshold Accounts on the fly? Really the only scenario I can think of where this would be needed is if a validator wipes their KVDB mid-session.

In this case I'd be tempted to have them get kicked from the set and have to re-join with a new identity. Wdyt @JesseAbram?

(P.S I know we used this to fix our genesis issue once, but that seems like a one off use case to me)

@HCastano HCastano changed the title Add check to staking pallet to disallow using existing TSS account IDs Disallow using existing TSS account IDs in Staking pallet Mar 2, 2024
@JesseAbram
Copy link
Member

Oh one thing I want to bring up. Do we even need to have the ability to change Threshold Accounts on the fly? Really the only scenario I can think of where this would be needed is if a validator wipes their KVDB mid-session.

In this case I'd be tempted to have them get kicked from the set and have to re-join with a new identity. Wdyt @JesseAbram?

(P.S I know we used this to fix our genesis issue once, but that seems like a one off use case to me)

Ya I mean sometimes a good key rotation is in order, or maybe someone got paranoid, or an employee left and they wanna be safe

JesseAbram
JesseAbram approved these changes Mar 3, 2024
View reviewed changes
Copy link
Member

@JesseAbram JesseAbram left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good, good catch

@ameba23 ameba23 merged commit 1ed55f7 into master Mar 4, 2024
10 checks passed
@ameba23 ameba23 deleted the peg/staking-extension-check branch March 4, 2024 11:19
@HCastano HCastano added the Bump `impl_version` A change which only affect the implementation details of the runtime label Mar 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@HCastano HCastano HCastano left review comments

@JesseAbram JesseAbram JesseAbram approved these changes

Assignees
No one assigned
Labels
Bump `impl_version` A change which only affect the implementation details of the runtime
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ameba23 @HCastano @JesseAbram