Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle integer_squareroot bound case #3600

Merged
merged 3 commits into from
Feb 15, 2024
Merged

Handle integer_squareroot bound case #3600

merged 3 commits into from
Feb 15, 2024

Conversation

hwwhww
Copy link
Contributor

@hwwhww hwwhww commented Feb 14, 2024

Credits to the University of Manchester Bounded Model Checking (BMC) project team: Bruno Farias, Youcheng Sun, and Lucas C. Cordeiro for reporting this issue! 🙏 💯

This team is an Ethereum Foundation ESP "Bounded Model Checking for Verifying and Testing Ethereum Consensus Specifications (FY22-0751)" project grantee. They used ESBMC model checker to find this issue.

Also, thanks to Mate Soos and Justin Traglia (@jtraglia) for helping verify the issue! 🙌

tl;dr

It's a spec bug, but it's impossible to produce it in the current mainnet.

Description

integer_squareroot raises ValueError exception when n is maxint of uint64, i.e., 2**64 - 1.

However, we only use integer_squareroot in

  1. integer_squareroot(total_balance)
  2. integer_squareroot(SLOTS_PER_EPOCH)

With the current Ether total supply + EIP-1559, it's unlikely to hit the overflow bound in a very long time. (🦇🔊)

That said, it should be fixed to return the expected value.

How did I fix it

To make minimal changes in the spec, this fix returns the hardcoded edge case result. It's not pretty, but it's an easy patch. I believe there are better solutions, but I'm inclined not to change the existing code much.

Given that 2**64 should be overflow when computing total balance, I think we are not able to provide clean "state transition" test vectors for it. Perhaps we can have another new "math" category test vectors later.

p.s. I talked to all the CL client teams about it before opening this PR. :)

@hwwhww hwwhww force-pushed the integer_squareroot branch from 961ec87 to 42bc600 Compare February 14, 2024 14:28
@@ -178,6 +178,7 @@ The following values are (non-configurable) constants used throughout the specif

| Name | Value |
| - | - |
| `MAX_UINT_64` | `uint64(2**64 - 1)` |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's nit-picky, but I think this would be better as UINT64_MAX. Where the second _ is removed and MAX is moved to the end. This aligns more with how other libraries do things:

Suggested change
| `MAX_UINT_64` | `uint64(2**64 - 1)` |
| `UINT64_MAX` | `uint64(2**64 - 1)` |

@etan-status
Copy link
Contributor

Isn't this similar to increase_balance not checking for overflow, but if there is an EVM chain with a different total supply, and then the entire supply were to be deposited into a validator, and then they attest, that everything gets deleted?

As in, should increase_balance also be fixed to support different scales than what is being used on Ethereum Mainnet?

@hwwhww
Copy link
Contributor Author

hwwhww commented Feb 14, 2024

@etan-status

Right, so in specs, we generally said that the SSZ typing ValueError is considered invalid.

However, for this helper, it's interesting that clients implemented it in various ways! 😄 If clients use the optimized library to implement it, it won't overflow as pyspec did.

For this case, it's better to make integer_squareroot return the correct value when the input value n is in the valid domain. It protects any possible future use case when we may somehow call integer_squareroot(2**64 - 1) in spec writing.

@hwwhww hwwhww added the phase0 label Feb 15, 2024
@hwwhww hwwhww mentioned this pull request Feb 15, 2024
6 tasks
Copy link
Member

@ralexstokes ralexstokes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems like a good fix!

@hwwhww hwwhww merged commit f82a3af into dev Feb 15, 2024
30 checks passed
@hwwhww hwwhww deleted the integer_squareroot branch February 15, 2024 18:47
tersec added a commit to status-im/nimbus-eth2 that referenced this pull request Feb 16, 2024
tersec added a commit to status-im/nimbus-eth2 that referenced this pull request Feb 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants