Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ICS28: system aborted due to update aggregation logic #743

Closed
danwt opened this issue May 19, 2022 · 1 comment
Closed

ICS28: system aborted due to update aggregation logic #743

danwt opened this issue May 19, 2022 · 1 comment
Assignees
@mpoke
Labels
app Application layer.

Comments

@danwt
Copy link
Contributor

danwt commented May 19, 2022
edited
Loading

Context

In the consumer EndBlock the received updates are aggregated and then processed

ibc/spec/app/ics-028-cross-chain-validation/technical_specification.md

Lines 1734 to 1743 in a6bc8d1

// aggregate the pending changes
changes = pendingChanges.Aggregate()
// Note: in the implementation, the aggregation is done directly
// when receiving a VSCPacket via the AccumulateChanges method.
// remove all pending changes
pendingChanges.RemoveAll()
// update validatorSet
UpdateValidatorSet(changes)

the aggregation is defined

ibc/spec/app/ics-028-cross-chain-validation/technical_specification.md

Lines 348 to 351 in a6bc8d1

// return an aggregated list of updates, i.e.,
// keep only the latest update per validator;
// the original list is not modified
Aggregate(): [ValidatorUpdate]

and the aggregated updates are processed:

ibc/spec/app/ics-028-cross-chain-validation/technical_specification.md

Lines 1775 to 1781 in a6bc8d1

// CCF: Consumer Chain Function
function UpdateValidatorSet(changes: [ValidatorUpdate]) {
foreach update IN changes {
addr := hash(update.pubKey)
if addr NOT IN validatorSet.Keys() {
// new validator bonded
abortSystemUnless(update.power > 0)

Scenario

If a validator v0 receives a power=0 update on the consumer in block A then the validator will be deleted

ibc/spec/app/ics-028-cross-chain-validation/technical_specification.md

Lines 1791 to 1793 in a6bc8d1

else if update.power == 0 {
// existing validator begins unbonding
validatorSet.Remove(addr)

but if subsequently the the pendingUpdates struct fills up with, e.g.

[(v0, 42), (v0, 0)]

then the aggregation will reduce this to

[ (v0, 0)]

which will trigger this branch

ibc/spec/app/ics-028-cross-chain-validation/technical_specification.md

Lines 1779 to 1781 in a6bc8d1

if addr NOT IN validatorSet.Keys() {
// new validator bonded
abortSystemUnless(update.power > 0)

causing a panic
@danwt danwt moved this to Todo in Replicated Security May 19, 2022
@danwt danwt changed the title ICS;028 ICS028 system aborted due to update aggregation logic May 19, 2022
@mpoke
Copy link
Contributor

mpoke commented May 19, 2022

@danwt That's true. Nice catch. Could you please open an issue on the implementation side also?

@mpoke mpoke changed the title ICS028 system aborted due to update aggregation logic ICS28: system aborted due to update aggregation logic May 19, 2022
@mpoke mpoke added the app Application layer. label May 19, 2022
@danwt danwt mentioned this issue May 19, 2022
Closed
@mpoke mpoke mentioned this issue May 19, 2022
Merged
@mpoke mpoke moved this from Todo to Waiting for review in Replicated Security May 19, 2022
@mpoke mpoke closed this as completed May 20, 2022
Repository owner moved this from Waiting for review to Done in Replicated Security May 20, 2022
@danwt danwt mentioned this issue Jul 13, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mpoke mpoke

Labels
app Application layer.
Projects
IBC-GO Eureka
Status: Backlog
Replicated Security
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mpoke @danwt