Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Epic: road to AVS mainnet #3799

Open
1 of 5 tasks
aroralanuk opened this issue May 17, 2024 · 0 comments
Open
1 of 5 tasks

Epic: road to AVS mainnet #3799

aroralanuk opened this issue May 17, 2024 · 0 comments

Comments

@aroralanuk
Copy link
Contributor

aroralanuk commented May 17, 2024
edited by avious00
Loading

This is the successor to #3588. Given that Hyperlane AVS is live on testnet and operators are now able to register/deregister from the AVS, there are additional steps required for mainnet use. Some of these are concrete sprint tickets and some of them are more open-ended discussion topics.

Challengers

Fraud proofs will be mainly for:

  • MessageIdMultisigIsm - check if the messageId signed doesn't exist
  • MerkleTreeMultisigIsm - check if signed root differs from the actual root

Once the challenge is successful on the origin chain (not L1), we need to dispatch it to ethereum via the deployer's preferred method, ie, native bridge in the case of rollups. The IRemoteChallenger implementation will be access controlled by the L2 challenger address.

Given that a single deployer like AW may want to run several origin chains, it is cumbersome for an operator to signup for multiple chains for multiple deployers which means if a deployer is running validators for n chains and there are upto m deployers you want to support, you'll need to enroll into mxn challengers. Maybe there's a preferred challenger pairwise contracts which most deployers may end up using?

For mainnet, it'll be useful to deploy an example challenger (say, for Arbitrum outbound messages) even though slashing wouldn't be live for a while. Ideally, the challenger can be reused for native staking too.

Key custody solutions

Eigenlayer CLI currently only supports local keystores. But, operators may want remote signers with better security patterns, like Fireblocks, Web3Signer, etc., or Cubist, which is a more custom build solution for AVS operators.

Tasks
Beta Give feedback
  3. Update HIP-8 to reflect design: add diagrams for contract interactions #3589
    0 of 1
    aroralanuk
@yorhodes yorhodes mentioned this issue Aug 7, 2024
Merged
github-merge-queue bot pushed a commit that referenced this issue Aug 12, 2024
@yorhodes
feat: implement checkpoint fraud proofs (#4277)
cb404cb 
### Description

Implements 4 categories of checkpoint fraud proofs for use in future
validator slashing protocol:

1. **premature**: if a checkpoint index is greater than the
corresponding mailbox count, it is fraudulent
2. **non local**: if a checkpoint origin does not match the checkpoint's
mailbox domain, it is fraudulent
3. **message id**: if a checkpoint message ID differs from the actual
message ID (verified by merkle proof) at the checkpoint index, it is
fraudulent
4. **root**: if a checkpoint root differs from the actual root (verified
by merkle proof + root reconstruction) at the checkpoint index, it is
fraudulent

Notably this is implemented independently from signature verification to
allow for multiple checkpoint signing schemes to reuse the same
checkpoint logic.

### Related issues

- Touches
#3799
- See #2431 for
previous discussions

### Backward compatibility

Yes

### Testing

Unit testing with fixtures in `vectors/merkle.json` that are generated
by the rust merkle tree and proof code
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
Hyperlane Tasks
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aroralanuk