I'm online messages #2719
Comments
It should be triggered somehow, since it's not supposed to be arbitrary
See above.
Not entirely, but the logic of "do something if X says they're online" can be done, with "do something" being a trait parameter.
I would mark this as beyond the scope of the goal of getting information about those who say they're online into the runtime. The separation of architecture here will make things easier to audit.
Definitely not. It should be a trait associated type of
How do you check this, except to see if there are different signatures? And note that ed25519 signatures are deterministic, so with the same key, you always get the same signature for the same message. |
|
I also don't know why the BABE module would be responsible for handling the incoming |
It should also include the |
|
We do need a mechanism for validators to be offline after session key revocation, but then rejoining requires key change and the incurred delay. I doubt mere "I'm online" messages address any security concerns however, so can you explain what purpose this serves? Al and I designed BABE variants that actually do prove your presence by proving exactly how many blocks you missed. We never pushed them and folks opted for the simpler design closer to ouroboros. Instead, we wanted validators to be slashed for being offline in proportion to the number of validators who were offline simultaneously since the interesting attacks require more participants.
What does this achieve?
You likely compare what is signed and the signer, but not sure the point. And Ed25519 might not stick around in the session key. |
Well, if you sign 2 payloads a and b with a deterministic algorithm, |
|
You must include the X regardless, so comparing the messages and signers works. Ed25519's determinism is mostly so that test vectors make sense. It gives you nothing else really. |
|
@burdges I'm not sure that you follow the point, which is that you can't tell the difference between someone signing two "I'm online" messages and someone replaying the one that someone signed the first time. |
|
I'm saying the only differences come from the message and the signer. A comparison |
|
@cmichi closed? |
|
Closed and follow-up integration ToDos are in #3223. |
Users should use DHT for discovering new nodes. The reason for adding external addresses was unstable work of authority discovery (see paritytech#2719), which is now stable. Hence we can safely remove `external_addresses`. Refs https://github.com/paritytech/polkadot/issues/7181
* [frame/im-online] remove `external_addresses` from heartbeats Users should use DHT for discovering new nodes. The reason for adding external addresses was unstable work of authority discovery (see #2719), which is now stable. Hence we can safely remove `external_addresses`. Refs https://github.com/paritytech/polkadot/issues/7181 * remove unused import * run benchmark * remove external_addresses from offchain NetworkState * add missing fn to TestNetwork * Revert "run benchmark" This reverts commit a282042. * update weights * address @bkchr comments * remove duplicate fn * cleanup benchmarking.rs * fix executor tests * remove peer_id from hearbeat as well #14251 (comment) * remove MaxPeerDataEncodingSize * change storage value type to `()` #14251 (comment) * scaffold storage migration * no need to check the type actually * remove unnecessary types from v0 mod * add a test for migration * expose Config types + pre_upgrade and post_upgrade working fn * fix test * replace dummy type with ConstU32 * add some comments to migration test * fix comment * respond to @bkchr comments * use BoundedOpaqueNetworkState::default intead of using default for each field
) * [frame/im-online] remove `external_addresses` from heartbeats Users should use DHT for discovering new nodes. The reason for adding external addresses was unstable work of authority discovery (see paritytech#2719), which is now stable. Hence we can safely remove `external_addresses`. Refs https://github.com/paritytech/polkadot/issues/7181 * remove unused import * run benchmark * remove external_addresses from offchain NetworkState * add missing fn to TestNetwork * Revert "run benchmark" This reverts commit a282042. * update weights * address @bkchr comments * remove duplicate fn * cleanup benchmarking.rs * fix executor tests * remove peer_id from hearbeat as well paritytech#14251 (comment) * remove MaxPeerDataEncodingSize * change storage value type to `()` paritytech#14251 (comment) * scaffold storage migration * no need to check the type actually * remove unnecessary types from v0 mod * add a test for migration * expose Config types + pre_upgrade and post_upgrade working fn * fix test * replace dummy type with ConstU32 * add some comments to migration test * fix comment * respond to @bkchr comments * use BoundedOpaqueNetworkState::default intead of using default for each field
This feature is intended to handle the case when validators go offline without malicious intent (i.e. without the intention of attacking the network). We don't want to slash them if there is no malicious intent.
Sending
I'm onlinemessagesI'm onlineheartbeat everyn blockssession.Interpreting
I'm onlinemessagesI'm onlinemessages).1(i.e. any points at all signify the authority is online).srml-im-onlinemodule which has anode_onlinehook.validate_transactiontrait in the srml-im-online module which interprets and validates the unsigned transaction.srml-im-onlinecontains amap babe_session_key => Option<multiaddr>. Clear this map every timeon_session_change()is called.Future stuff with the points system
Open questions
srml-im-online? Don't botherThe text was updated successfully, but these errors were encountered: