-
Notifications
You must be signed in to change notification settings - Fork 998
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle integer_squareroot
bound case
#3600
Conversation
961ec87
to
42bc600
Compare
specs/phase0/beacon-chain.md
Outdated
@@ -178,6 +178,7 @@ The following values are (non-configurable) constants used throughout the specif | |||
|
|||
| Name | Value | | |||
| - | - | | |||
| `MAX_UINT_64` | `uint64(2**64 - 1)` | |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's nit-picky, but I think this would be better as UINT64_MAX
. Where the second _
is removed and MAX
is moved to the end. This aligns more with how other libraries do things:
| `MAX_UINT_64` | `uint64(2**64 - 1)` | | |
| `UINT64_MAX` | `uint64(2**64 - 1)` | |
Isn't this similar to As in, should |
Right, so in specs, we generally said that the SSZ typing However, for this helper, it's interesting that clients implemented it in various ways! 😄 If clients use the optimized library to implement it, it won't overflow as pyspec did. For this case, it's better to make |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems like a good fix!
Credits to the University of Manchester Bounded Model Checking (BMC) project team: Bruno Farias, Youcheng Sun, and Lucas C. Cordeiro for reporting this issue! 🙏 💯
This team is an Ethereum Foundation ESP "Bounded Model Checking for Verifying and Testing Ethereum Consensus Specifications (FY22-0751)" project grantee. They used ESBMC model checker to find this issue.
Also, thanks to Mate Soos and Justin Traglia (@jtraglia) for helping verify the issue! 🙌
tl;dr
It's a spec bug, but it's impossible to produce it in the current mainnet.
Description
integer_squareroot
raises ValueError exception whenn
is maxint ofuint64
, i.e.,2**64 - 1
.However, we only use
integer_squareroot
ininteger_squareroot(total_balance)
integer_squareroot(SLOTS_PER_EPOCH)
With the current Ether total supply + EIP-1559, it's unlikely to hit the overflow bound in a very long time. (🦇🔊)
That said, it should be fixed to return the expected value.
How did I fix it
To make minimal changes in the spec, this fix returns the hardcoded edge case result. It's not pretty, but it's an easy patch. I believe there are better solutions, but I'm inclined not to change the existing code much.
Given that
2**64
should be overflow when computing total balance, I think we are not able to provide clean "state transition" test vectors for it. Perhaps we can have another new "math" category test vectors later.p.s. I talked to all the CL client teams about it before opening this PR. :)