-
Notifications
You must be signed in to change notification settings - Fork 3.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can bonded validators be slashed for infractions more than an unbonding period in the past? #1022
Comments
Are these mutually exclusive ? We defintely want (2), so we can get people in their unbonding period, but if someone hasn't unbonded and they equivocated longer than the unbonding period ago, we could still punish them. Only thing is Tendermint keeps a parameter which is how far back evidence can come from to prevent DoS |
The difference is whether or not bonded validators can be slashed for equivocations more than a bonding period in the past at the time of discovery. We certainly can punish still-bonded validators for older infractions, IIRC one concern discussed in the validator working group was dealing with compromised signing keys. If we always impose a limitation of a bonding period on slashing, validators who rotate their signing keys (and stay bonded) don't need to worry about the security of keys last used more than a bonding period in the past. Without that limitation, they need to keep all past keys secure until they unbond. edit: see Zaki's comment |
If we can incentivize validators to destroy keys after rotation, it decreases the subjectivity of the chain. |
Agreed. Do you think the best way to incentivize this is by not having a 3-week limit? That way validators who rotate and delete old keys approximately every bonding period can maintain the same level of assurance (assuming they delete their keys correctly!), and choosing not to delete their old keys incurs risk. |
Limited somewhat by the necessity of ignoring evidence past a certain age in Tendermint to prevent spam, but we could still elect to slash bonded validators for infractions more than a bonding period and less than the Tendermint limit. |
Tabled to post-launch, see #1378. |
Is there utility in continuing this discussion? |
I think there's a lot of utility in having a general incentive discussion; I suspect our current incentives are not perfect (in many ways, this perhaps one of them). I don't know if it really belongs on the SDK repo though. |
Closing this as out of scope for the SDK repo. Moving to Gaia |
I'm not clear on the exact conditions under which a validator can be slashed. Two options:
The text was updated successfully, but these errors were encountered: