-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Conversation
Co-authored-by: Piotr Mikołajczyk <piomiko41@gmail.com>
…te into kiz-fix-staking-slash
@shawntabrizi @ggwpez would be good if you take a look here sometime soon. |
bot rebase |
Rebased |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not really into the code but looks good.
slash_era + slash_defer_duration + 1, | ||
); | ||
<Self as Store>::UnappliedSlashes::mutate( | ||
slash_era.saturating_add(slash_defer_duration).saturating_add(One::one()), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe pull the slash_era.saturating_add(slash_defer_duration).saturating_add(One::one())
out and use it in the log above as well?
There should also be saturating_inc
.
bot merge |
This PR is assuming that there are no existing pending slashes in storage. If there are, they might become prematurely executed (or other behavior). Something to look into. |
aghhh shit, this would probably allow you to evade a slash, since in the old logic we write to a key in Options:
|
* initial draft of fixing slashing * fix test * Update frame/staking/src/tests.rs Co-authored-by: Piotr Mikołajczyk <piomiko41@gmail.com> * last touches * add more detail about unbonding * add migration * fmt Co-authored-by: Piotr Mikołajczyk <piomiko41@gmail.com> Co-authored-by: parity-processbot <>
* initial draft of fixing slashing * fix test * Update frame/staking/src/tests.rs Co-authored-by: Piotr Mikołajczyk <piomiko41@gmail.com> * last touches * add more detail about unbonding * add migration * fmt Co-authored-by: Piotr Mikołajczyk <piomiko41@gmail.com> Co-authored-by: parity-processbot <>
(assuming polkadot context, where slash deferring is 27 eras and bonding duration is 28).
A slash can happen at any given era
s
, and can be reported at any given erar
, as long ass + 28 > r >= s
. This is because we must assume that even if a slash is reported later, the offender knows about it, and they will attempt to unbond and leave the system. Therefore, we must apply the slash latest at the beginning of eras + 28
, otherwise the offender may have fully unbonded, leaving the slash incomplete, and posing a fundamental risk to the economic security of the chain.The old logic would defer a slash reported at
r
tor + 27
, and this seems clearly wrong to me. This would easily allow an offence that is being reported with a delay to evaded entirely. Instead a slash should be deferred tos + 27
, i.e. relative to when it occurred, not when it was reported.