-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Aura: Do not verify on state import #13058
Aura: Do not verify on state import #13058
Conversation
When we import the state, we can not fetch authorities to verify the seal etc. So, we can directly skip any verification.
Thanks for this @bkchr! Using this allowed the chain to be synced up but we still are receiving the same error around verification
I seem to also be stuck on
|
@samelamin I think I know what the problem is. The gap sync needs to be supported as well. |
Yup, looks like its being used in the common import queue too |
@arkpar @andresilva I now skip any checks for when we are importing blocks in the gap. Given that we properly warp synced to the block after the gap, this should be safe? As if someone can sign fake warp sync proofs, they could also produce/sign fake blocks in between? If we would import any fake block in between, we should end up with some invalid chain. Is my reasoning okay or should we do it properly with verifying all signatures etc? |
FYI these changes work. I am able to produce blocks after warp sync
|
@bkchr I think your reasoning is correct, assuming we checked a finality proof before warping to this block then it should not be possible to fool us into syncing a fake chain before the warp (you'd have to break the block hash function). We can create an issue as a nice-to-have to validate these signatures but we'd need to change Aura to keep track of authorities on the client-side (using digests) like we do for BABE, this way we wouldn't require the state to be available to figure out the authorities. |
// | ||
// It is expected that the block after the gap was checked/chosen properly, e.g. by warp | ||
// syncing to this block. | ||
if info |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of checking for gaps specifically, just check for block.state_action.skip_execution_checks()
It returns true
when all checks that involve calling into parent runtime should be skipped.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might as well remove the same check on line 249 below.
Co-authored-by: André Silva <[email protected]>
bot merge |
* Aura: Do not verify on state import When we import the state, we can not fetch authorities to verify the seal etc. So, we can directly skip any verification. * Skip checks as well for gap sync * Update client/consensus/aura/src/import_queue.rs Co-authored-by: André Silva <[email protected]> * Review comment Co-authored-by: André Silva <[email protected]>
* Aura: Do not verify on state import When we import the state, we can not fetch authorities to verify the seal etc. So, we can directly skip any verification. * Skip checks as well for gap sync * Update client/consensus/aura/src/import_queue.rs Co-authored-by: André Silva <[email protected]> * Review comment Co-authored-by: André Silva <[email protected]>
* Aura: Do not verify on state import When we import the state, we can not fetch authorities to verify the seal etc. So, we can directly skip any verification. * Skip checks as well for gap sync * Update client/consensus/aura/src/import_queue.rs Co-authored-by: André Silva <[email protected]> * Review comment Co-authored-by: André Silva <[email protected]>
* Aura: Do not verify on state import When we import the state, we can not fetch authorities to verify the seal etc. So, we can directly skip any verification. * Skip checks as well for gap sync * Update client/consensus/aura/src/import_queue.rs Co-authored-by: André Silva <[email protected]> * Review comment Co-authored-by: André Silva <[email protected]>
When we import the state, we can not fetch authorities to verify the seal etc. So, we can directly skip any verification.