Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[KS-196] Validate Signatures in Mercury Aggregator #522

Merged
merged 1 commit into from
May 21, 2024
Merged

[KS-196] Validate Signatures in Mercury Aggregator #522

merged 1 commit into from
May 21, 2024

Conversation

bolekk
Copy link
Contributor

@bolekk bolekk commented May 20, 2024

  1. Add Metadata field to TriggerEvent. Use it to pass Streams DON info ("SignersMetadata" struct) between trigger receiver and OCR aggregator.
  2. Extend feeds OCR aggregator with an initial phase of agreeing on a set of valid signers and the F value.
  3. Add ReportContext field to FeedReport - Streams DON signs both fields together so we need to pass them to validate sigantures.

@bolekk bolekk requested a review from DeividasK May 20, 2024 02:16
@bolekk bolekk force-pushed the feature/KS-196-signatures branch from c1c0a4c to d7d6fe3 Compare May 20, 2024 02:27
@bolekk bolekk force-pushed the feature/KS-196-signatures branch from d7d6fe3 to 0ddb73d Compare May 20, 2024 02:54
@bolekk bolekk marked this pull request as ready for review May 20, 2024 05:12
@bolekk bolekk force-pushed the feature/KS-196-signatures branch from 0ddb73d to d1c37bd Compare May 20, 2024 05:38
DeividasK
DeividasK reviewed May 20, 2024
View reviewed changes
pkg/capabilities/capabilities.go Outdated
@@ -80,6 +80,7 @@ type TriggerEvent struct {
TriggerType string
ID string
Timestamp string
Metadata values.Value
Copy link
Collaborator

@DeividasK DeividasK May 20, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Metadata is reserved for workflow-specific data, not trigger-specific data (see comment below). However, if the capability response type is a report, it might make sense to include the signers in the metadata. Metadata field expectations based on capability response type should be documented, though.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, shouldn't this be on the CapabilityResponse and not TriggerEvent?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I want it to be trigger-specific, I will move the comment to apply to both fields.
I initially wanted to put it inside payload but didn't want to add a yet another layer of wrapping.

@bolekk bolekk force-pushed the feature/KS-196-signatures branch from d1c37bd to d695db0 Compare May 20, 2024 14:31
@bolekk bolekk requested a review from krehermann May 20, 2024 17:54
krehermann
krehermann reviewed May 20, 2024
View reviewed changes
pkg/capabilities/consensus/ocr3/datafeeds/feeds_aggregator.go Outdated
@@ -37,23 +41,24 @@ type dataFeedsAggregator struct {

var _ types.Aggregator = (*dataFeedsAggregator)(nil)

// EncodableOutcome is a list of AggregatedPricePoints
// This Aggregator has two phases:
// 1. Agree on valid trigger signers by extracting them from event metadata and aggregating using MODE (i.e. F+1 copies needed).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what is the comment about F+1? is that specific to MODE? if so, i don't understand how one is related to the other

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, MODE but the value needs to appear at least F+1 times

krehermann
krehermann reviewed May 20, 2024
View reviewed changes
pkg/capabilities/consensus/ocr3/datafeeds/feeds_aggregator.go Outdated
// find latest valid Mercury report for each feed ID
func (a *dataFeedsAggregator) Aggregate(previousOutcome *types.AggregationOutcome, observations map[ocrcommon.OracleID][]values.Value, f int) (*types.AggregationOutcome, error) {
allowedSigners, minRequired, payloads := a.extractSignersAndPayloads(observations, f)
if len(payloads) > 0 && minRequired == 0 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is an odd check. why not return an error from the extract? or maybe rename minRequired?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a little tricky because for empty observations (from valid nodes!) we will extract zero minRequired but we still want to complete the rest of Aggregate to return meaningful outcome. I re-worded the error message to be more descriptive.

krehermann
krehermann reviewed May 20, 2024
View reviewed changes
pkg/capabilities/datastreams/types.go Outdated
// validate each report and convert to a list of Mercury reports
Unwrap(raw values.Value) ([]FeedReport, error)
// validate each report and convert to a list of Feed reports
Unwrap(wrapped values.Value, allowedSigners [][]byte, minRequiredSignatures int) ([]FeedReport, error)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this doesn't look like Unwrap any longer. UnwrapAndValidate? FeedsFromValue()? CreateFeeds()?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about UnwrapValid()? :)

@bolekk bolekk force-pushed the feature/KS-196-signatures branch from d695db0 to 8590a67 Compare May 20, 2024 22:49
@bolekk bolekk requested a review from HenryNguyen5 May 20, 2024 22:50
@bolekk
[KS-196] Validate Signatures in Mercury Aggregator
a45f8db 
1. Add Metadata field to TriggerEvent. Use it to pass Streams DON info ("SignersMetadata" struct) between trigger receiver and OCR aggregator.
2. Extend feeds OCR aggregator with an initial phase of agreeing on a set of valid signers and the F value.
3. Add ReportContext field to FeedReport - Streams DON signs both fields together so we need to pass them to validate sigantures.
@bolekk bolekk force-pushed the feature/KS-196-signatures branch from a9f0cbd to a45f8db Compare May 21, 2024 00:59
@bolekk bolekk merged commit 6a2cfa1 into main May 21, 2024
8 of 9 checks passed
@bolekk bolekk deleted the feature/KS-196-signatures branch May 21, 2024 01:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DeividasK DeividasK DeividasK left review comments

@krehermann krehermann krehermann approved these changes

@jmank88 jmank88 Awaiting requested review from jmank88 jmank88 is a code owner

@krebernisak krebernisak Awaiting requested review from krebernisak krebernisak is a code owner

@HenryNguyen5 HenryNguyen5 Awaiting requested review from HenryNguyen5

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bolekk @DeividasK @krehermann