Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ICS 15: Cosmos Signed Messages #33

Closed
wants to merge 21 commits into from

Conversation

alexanderbez
Copy link
Contributor

@alexanderbez alexanderbez commented Mar 7, 2019

A (modified) port of the Cosmos Signed Message spec from the SDK. I initialized this spec as draft as it already had some form of approval in the SDK.

closes: #15

@alexanderbez alexanderbez added wip Issues or pull requests which are in progress. stage-draft labels Mar 7, 2019
@cwgoes
Copy link
Contributor

cwgoes commented Mar 7, 2019

Do you mind using ICS 15? Joon & I assigned numbers to all of the issues - https://github.com/cosmos/ics/issues - so that PRs won't conflict.

@alexanderbez alexanderbez changed the title ICS 4: Cosmos Signed Messages ICS 15: Cosmos Signed Messages Mar 7, 2019
@alexanderbez alexanderbez marked this pull request as ready for review March 8, 2019 20:48
@alexanderbez alexanderbez added ready-for-review Pull requests which are ready for review. and removed wip Issues or pull requests which are in progress. labels Mar 8, 2019
@alexanderbez alexanderbez requested review from cwgoes and mossid March 8, 2019 20:48
Copy link
Contributor

@cwgoes cwgoes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the ICS submission!

General notes:

  • Can we clarify how @type will be encoded for structured data? Can @type itself be a JSON schema object?
  • Can we eludicate upon the difference between signed messages and custom transactions, and which usecases we expected signed messages to be best suited to? (preferably giving very concrete examples)
  • Can we include two procedures, explicitly defined:
    • sign_message(unsigned_message) => signed_message, to be implemented by user agents (e.g. Voyager), which will validate certain fields to be signed against the root of trust, validate that the data is an instance of the type schema, validate the domain separator, and prompt the user to sign the message
    • verify_message(signed_message) => boolean, which will verify a signed message against a particular root of trust, check that the data matches the schema, check the domain separator where applicable, and return whether all fields & the signature were valid or not


# Synopsis

Having the ability to sign messages off-chain has proven to be a fundamental aspect
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

spec/ics-15-cosmos-signed-messages/README.md Outdated Show resolved Hide resolved
applications of signing such data includes, but is not limited to, providing a
cryptographic secure and verifiable means of proving validator identity and
possibly associating it with some other framework or organization. In addition,
having the ability to sign Cosmos messages with a Ledger or similar HSM device.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sentence fragment, what do you mean?

# Synopsis

Having the ability to sign messages off-chain has proven to be a fundamental aspect
of nearly any blockchain. The notion of signing messages off-chain has many
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Many added benefits compared to sending transactions? We should make that explicit (signing messages allows for cheaper authentication where ordering or provable state is not necessary)

spec/ics-15-cosmos-signed-messages/README.md Outdated Show resolved Hide resolved
"pattern": "^[\\x20-\\x7E]+$",
"minLength": 1
},
"domain_separator": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What are example domain separators?

"pattern": "^[\\x20-\\x7E]+$",
"minLength": 1
},
"nonce": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this be a part of the domain separator?

"description": "The account nonce.",
"minimum": 0
},
"block_height": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this be a part of the domain separator?

"description": "The chain block height.",
"minimum": 0
},
"timestamp": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could this be a part of the domain separator? How should it be validated?


We can formally specify the Cosmos message signing protocol as follows.
Given a message `m` that adheres to the JSON schema defined and `M`, the set of
all possible valid messages: <code>∀m ∈ M, z ← sign<sub>sk</sub>(H(m))</code>.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need a separate verify function to define this, I think - this isn't how clients will verify signed messages

@cwgoes
Copy link
Contributor

cwgoes commented Mar 12, 2019

Can we also note which functions we require from the signature algorithm (sign and verify), explain how they are used in the procedures, reference the JSON schema validation function (presumably there are libraries which do this)? Also ref #15 (comment) - ideally we should be able to encapsulate ASCII text in the JSON schema @type field.

@cwgoes
Copy link
Contributor

cwgoes commented Mar 12, 2019

For now, I think we can choose how to construct the "domain separator" based on accounts on Cosmos SDK-esque chains signing messages - so it should include account number / address, some kind of nonce, timestamp at minimum.

@cwgoes
Copy link
Contributor

cwgoes commented May 11, 2019

Please reformat re: #84 (in addition to prior comments)

@cwgoes
Copy link
Contributor

cwgoes commented Aug 17, 2019

Per #185 (comment), and the observation that this is the only non-IBC specification being considered for inclusion, I wonder if we should put this in the SDK repository (which I believe has other specifications for SDK modules) instead.

@cwgoes
Copy link
Contributor

cwgoes commented Aug 24, 2019

Per the above I'm going to close this. Feel free to reopen if you have objections.

I would be glad to review if this turns into an SDK-side PR.

@cwgoes cwgoes closed this Aug 24, 2019
@alexanderbez
Copy link
Contributor Author

@cwgoes does this belong in ICS or the SDK? How does arbitrary signing of messages relate to IBC?

@cwgoes
Copy link
Contributor

cwgoes commented Sep 18, 2019

@cwgoes does this belong in ICS or the SDK? How does arbitrary signing of messages relate to IBC?

It does not, and everything else in this repo is just for IBC, so I think this might be better off in the SDK.

"@chain_id": {
"type": "string",
"description": "The corresponding Cosmos chain identifier.",
"minLength": 1
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it possible to specify maxLength for all (most?) fields?

@jleni
Copy link
Member

jleni commented Sep 25, 2019

  • It would be good to restrict fields to ASCII or even 32..127 when possible to ensure that they can be represented in HW wallets.

  • With respect to backwards compatibility, is there any specific requirement? It would be good to make that explicit.

  • Canonical JSON: Make some restrictions explicit. Field order for instance (alphabetical or similar). Otherwise, identical content where field order changes results in different hashes / signatures. Similarly, spaces, separators, serialized objects (sets, etc.) that can result in multiple valid representations should be restricted to a unique representation.

  • Field names: As a general recommendation, it would be good if field names, in particular in embedded objects:

  1. could be user friendly so final users can understand them or...
  2. there is some additional field with a short description that could be used for representational purposes

All in all, while this may require some changes in the HW wallet app but I don't see any significant impact that is not solvable. Actually, some improvements would result in a friendlier user interface.

@cwgoes cwgoes deleted the bez/15-ics-cosmos-signed-messages branch March 23, 2021 12:15
mpoke added a commit that referenced this pull request Feb 28, 2022
* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>
mpoke added a commit that referenced this pull request Feb 28, 2022
* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* extend consumer InitGenesis

* describe mechanism to disseminate genesis state

* remove ExportGenesis and restarted chains

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* validate channel IDs on provider genesis

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>
mpoke added a commit that referenced this pull request Mar 23, 2022
* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* extend consumer InitGenesis

* describe mechanism to disseminate genesis state

* describe mapping heights provider <> consumer

* remove ExportGenesis and restarted chains

* add overview of consumer initiated slashing

* add slashing invariant

* add assumptions needed by evidence

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* draft CCV props for slashing

* replace time w/ height; add HtoVSC and VSCtoH

* replace time with height in invariants and properties

* validate channel IDs on provider genesis

* prove Slashing Invariant

* enable mapping from consumer to provider heights

* technical spec for slashing

* minor changes

* fix links to tendermint spec

* clarify Staking vs Slashing modules

* replace VSC acks w/ VSCMaturedPackets

* fix some TODOs

* fix properties

* HtoVSC and VSCtoH from () to []

* fix infraction height and add intuition diagram

* keep ValidatorSet in consumer CCV module state

* add outstanding downtime flag and decouple from validatorSet

* fix issues pointed by Simon

* dealing with downtime slashing atomicity

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Aditya <[email protected]>

* addressing Aditya's comments

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* addressing Josef's comments

* link TODOs with issues

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* apply suggestions from code review

* cleanup outdated note on restarted consumer chains

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>
Co-authored-by: Aditya <[email protected]>
mpoke added a commit that referenced this pull request Mar 23, 2022
* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* extend consumer InitGenesis

* describe mechanism to disseminate genesis state

* describe mapping heights provider <> consumer

* remove ExportGenesis and restarted chains

* add overview of consumer initiated slashing

* add slashing invariant

* add assumptions needed by evidence

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* draft CCV props for slashing

* replace time w/ height; add HtoVSC and VSCtoH

* replace time with height in invariants and properties

* validate channel IDs on provider genesis

* prove Slashing Invariant

* enable mapping from consumer to provider heights

* technical spec for slashing

* minor changes

* fix links to tendermint spec

* clarify Staking vs Slashing modules

* replace VSC acks w/ VSCMaturedPackets

* fix some TODOs

* fix properties

* HtoVSC and VSCtoH from () to []

* fix infraction height and add intuition diagram

* keep ValidatorSet in consumer CCV module state

* remove CCV channel status

* add outstanding downtime flag and decouple from validatorSet

* adressing Josef's comment

* fix issues pointed by Simon

* dealing with downtime slashing atomicity

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Aditya <[email protected]>

* addressing Aditya's comments

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* addressing Josef's comments

* link TODOs with issues

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* apply suggestions from code review

* cleanup outdated note on restarted consumer chains

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>
Co-authored-by: Aditya <[email protected]>
mpoke added a commit that referenced this pull request Aug 9, 2022
* ICS 28 CCV draft w/ init and validator set update (#640)

* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* split Valid Blockchain assumption

* minor changes after discussion w/ Josef

* make the split of Valid Blockchain consistent

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* resolve conversations

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Aditya <[email protected]>

* merge CODEOWNERS from master

* ICS28: CCV draft w/ complete unbonding (#646)

* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>

* ICS28: Extend consumer InitGenesis (#659)

* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* extend consumer InitGenesis

* describe mechanism to disseminate genesis state

* remove ExportGenesis and restarted chains

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* validate channel IDs on provider genesis

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>

* ICS28: Consumer Initiated Slashing (aka Evidence) (#663)

* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* extend consumer InitGenesis

* describe mechanism to disseminate genesis state

* describe mapping heights provider <> consumer

* remove ExportGenesis and restarted chains

* add overview of consumer initiated slashing

* add slashing invariant

* add assumptions needed by evidence

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* draft CCV props for slashing

* replace time w/ height; add HtoVSC and VSCtoH

* replace time with height in invariants and properties

* validate channel IDs on provider genesis

* prove Slashing Invariant

* enable mapping from consumer to provider heights

* technical spec for slashing

* minor changes

* fix links to tendermint spec

* clarify Staking vs Slashing modules

* replace VSC acks w/ VSCMaturedPackets

* fix some TODOs

* fix properties

* HtoVSC and VSCtoH from () to []

* fix infraction height and add intuition diagram

* keep ValidatorSet in consumer CCV module state

* add outstanding downtime flag and decouple from validatorSet

* fix issues pointed by Simon

* dealing with downtime slashing atomicity

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Aditya <[email protected]>

* addressing Aditya's comments

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* addressing Josef's comments

* link TODOs with issues

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* apply suggestions from code review

* cleanup outdated note on restarted consumer chains

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>
Co-authored-by: Aditya <[email protected]>

* ICS28: Remove CCV channel state (#678)

* Create README.md

* Add files with CCV spec

* fix links to ICS 4

* fix links to ICS 7

* add ICS 28 to main README.md

* adding tech spec for unbonding delegations

* add context on unbonding operations

* add unbonding operation diagram

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/README.md

Co-authored-by: Sergio Mena <[email protected]>

* minor, remove confusing phrasing

* child -> consumer; parent -> provider

* clarify which staking module

* extend staking assumptions, remove redundant inv, prove staking props and sys inv

* modify staking hooks spec to cover other unbonding ops

* provider Staking module

* break long lines

* break long lines

* remove dependecies to Cosmos SDK

* changes in the security model

* specify multiple consumer chains

* channel init overview

* address issues #27 and #33 from cosmos/interchain-security repo

* extend consumer InitGenesis

* describe mechanism to disseminate genesis state

* describe mapping heights provider <> consumer

* remove ExportGenesis and restarted chains

* add overview of consumer initiated slashing

* add slashing invariant

* add assumptions needed by evidence

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* draft CCV props for slashing

* replace time w/ height; add HtoVSC and VSCtoH

* replace time with height in invariants and properties

* validate channel IDs on provider genesis

* prove Slashing Invariant

* enable mapping from consumer to provider heights

* technical spec for slashing

* minor changes

* fix links to tendermint spec

* clarify Staking vs Slashing modules

* replace VSC acks w/ VSCMaturedPackets

* fix some TODOs

* fix properties

* HtoVSC and VSCtoH from () to []

* fix infraction height and add intuition diagram

* keep ValidatorSet in consumer CCV module state

* remove CCV channel status

* add outstanding downtime flag and decouple from validatorSet

* adressing Josef's comment

* fix issues pointed by Simon

* dealing with downtime slashing atomicity

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Aditya <[email protected]>

* addressing Aditya's comments

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/overview_and_basic_concepts.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/technical_specification.md

Co-authored-by: Josef Widder <[email protected]>

* addressing Josef's comments

* link TODOs with issues

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Aditya <[email protected]>

* apply suggestions from code review

* cleanup outdated note on restarted consumer chains

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Josef Widder <[email protected]>
Co-authored-by: Aditya <[email protected]>

* Update technical_specification.md

Fix typo: VSCtoH replaced with HtoVSC in SendSlashRequest

* ICS28: Replace "Initiator" w/ "Caller" and “Trigger Event” (#696)

* update init methods and ics26 methods

* updating ValSet Update methods

* updating Consumer Initiated Slashing methods

* ICS28: Handle pending proposals to spawn consumer chains (#697)

* handle pending proposals

* ICS28: Remove genesisHash from specification (#699)

* remove genesis hash

* remove details of genesis state dissemination

* ICS28: CCV Reward Distribution subprotocol (#704)

* add overview of reward distribution

* add CCVHandshakeMetadata and update channel handshake methods signatures

* initiate opening handshake for transfer channel

* add DistributeRewards() method

* address review comments

* add distribution invariant

* replace system invariants with system properties

Co-authored-by: Josef Widder <[email protected]>

* ICS28: Set initH in onChanOpenConfirm (#705)

* set initH in onChanOpenConfirm

* replace initH with initialHeights

* ICS28: Enable the removal of a consumer chain from the provider (#707)

* stopping a consumer chain

* deal with timeouts on the consumer side

* fix typo

* add note on how to shut down the consumer

* add note on safety implication of lockUnbondingOnTimeout

* ICS28: Remove BeforeUnbondingOpCompleted (#711)

* remove BeforeUnbondingOpCompleted hook

* cleanup method names

* ICS28: Update SlashPacketData (#728)

* update SlashPacket

* ICS28: Remove dependency on Tendermint and ABCI (#730)

* remove mention of V2

* remove ABCI dependency from overview; also small fixes

* remove dependencies from system model and README

* remove dependencies from tech spec

* call UnbondMaturePackets() earlier (#747)

* fix edge case enabled by aggregation (#746)

* Use `h < hp'` instead of `h <= hp'` in Bond-Based Consumer Voting Power (#749)

* replace slashRequests w/ downtimeSlashRequests (#745)

* ics28 update sendPacket (#756)

* ICS28: Restructure technical spec (#760)

* split technical spec into two files

* restructure methods and subprotocols

* add links to readme.md

* fix typo - initH replaced w/ initialHeights

* ICS28: Unbonding ops are put on hold even w/o consumer chains (#763)

* PutUnbondingOnHold only if consumer chains exist

* Use currentTimestamp() >= p.stopTime in StopConsumerChainProposalHandler (#769)

Tackle #768

* adding consumerUnbondingPeriod (#771)

* fix sendFungibleTokens signature

* add authors

* ICS28: Removing the only consumer chain (#770)

* remove unbonding op with no consumer chains

* add postcondition

* add conditions for CreateConsumerClient and StopConsumerChain (#775)

* update created date

* ICS28: Account for slashing in Bond-Based Consumer Voting Power property (#793)

* extend Bond-Based Consumer Voting Power w/ slashing

* fix Bond-Based Consumer Voting Power formula

* expand note for clarity

* add pUnbonding

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Josef Widder <[email protected]>

* clarify mathematical writeup of property

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Josef Widder <[email protected]>

* Update spec/app/ics-028-cross-chain-validation/system_model_and_properties.md

Co-authored-by: Josef Widder <[email protected]>

* make changes to sumUnbonding / sumSlash consistent

* add history

Co-authored-by: Josef Widder <[email protected]>

Co-authored-by: Sergio Mena <[email protected]>
Co-authored-by: Aditya <[email protected]>
Co-authored-by: Josef Widder <[email protected]>
Co-authored-by: Daniel T <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ready-for-review Pull requests which are ready for review.
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

ICS 15: Cosmos Signed Messages
3 participants