-
Notifications
You must be signed in to change notification settings - Fork 86
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reject invalid scripts from our wallet #3230
Reject invalid scripts from our wallet #3230
Conversation
ouroboros-consensus-shelley/src/Ouroboros/Consensus/Shelley/Ledger/Mempool.hs
Outdated
Show resolved
Hide resolved
f9450a9
to
8cbb107
Compare
@EncodePanda @jasagredo What do you think about the new flag? Should we instead have introduced a new method? Is the naming reasonable? Should |
ouroboros-consensus-shelley/src/Ouroboros/Consensus/Shelley/Eras.hs
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, minor suggestions, pls squash commits before merger or reword them
ouroboros-consensus-byronspec/src/Ouroboros/Consensus/ByronSpec/Ledger/Mempool.hs
Outdated
Show resolved
Hide resolved
ouroboros-consensus/src/Ouroboros/Consensus/Ledger/SupportsMempool.hs
Outdated
Show resolved
Hide resolved
8cbb107
to
c855f53
Compare
Once PR #3241 merges, we can rebase this and it'll change far fewer files. It currently includes that other PR's commit because this PR will change one of the Golden test files that that PR belatedly adds. |
ouroboros-consensus-shelley/src/Ouroboros/Consensus/Shelley/Eras.hs
Outdated
Show resolved
Hide resolved
ouroboros-consensus/src/Ouroboros/Consensus/Node/Serialisation.hs
Outdated
Show resolved
Hide resolved
cb6aaac
to
7cbcc4c
Compare
The current commits are still reflective of my trailblazing; hence still Draft PR. Also, this latest commit introduces some workarounds that will soon be properly provided by the ledger. The current tip is merely a proof of concept demonstrating that we can set Some Alonzo serialization golden tests fail, as expected. The Mary-to-Alonzo ThreadNet does pass; there are no Alonzo transactions in that, though, so it's not really proving much. Edit: Also, when the ledger updates come through, we won't need to give |
7cbcc4c
to
03c525c
Compare
@nc6 @EncodePanda would you review again please. Context/reasons for Draft:
Edit: I've resolved all those things -- see my next comment here. |
03c525c
to
4e548c3
Compare
@jasagredo @nc6 I now think this is ready for merge; please do a final review. Thanks! @EncodePanda you're welcome to review it if you need a short mixup from your Genesis focus etc, but don't feel obligated. |
Significant changes since that Approval
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One grammar fix, otherwise looks good.
ouroboros-consensus-shelley/src/Ouroboros/Consensus/Shelley/Eras.hs
Outdated
Show resolved
Hide resolved
We introduce this argument so that we can use slightly different rules when validating transactions depending on their source. In particular, we can reject an invalid script submitted by the local wallet, thereby preventing the local wallet from being punished for it. This is not something we want to do for transactions from peers. The new flag controls eg whether we intervene in this way.
The next commit will increase the cardano-ledger-specs. That update introduces a newtype wrapper which precludes the current type of extractTxs. This function is only used in tests, for inspecting block contents, so it's not problematic to change its type in this way.
… Alonzo Tx Instead of intervening whenever the local wallet submits a transaction with an invalid script, we now require the local wallet tell us whether it thinks the submitted scripts are valid. We only intervene if the wallet's claim is incorrect. (At least at first, the wallet will likely only ever intend to submit valid scripts -- so nothing is really new here.) It also makes sense to do the same thing for txs submitted from peers: force them to explicity state a claim about the scripts' validity. Except in that case we don't intervene as above; we instead simply propagate the tx with a corrected flag and -- not yet aa part of this PR -- disconnect from the buggy peer.
4e548c3
to
46cc6a6
Compare
I addressed Clarke's comments and opened the IntersectMBO/ouroboros-consensus#589 follow-up. Rebased onto |
bors r+ |
Build succeeded: |
Fixes Issue #3205.
This PR introduces a flag to
applyTx
that lets us use different logic when the transaction was submitted by our local neighbor, the wallet.