Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Empty commit to bump protocol version to fix bug in proposal selection.
A bug in Credential.lowestOutput causes large accounts to be block proposers disproportionately more often than small accounts. When there are multiple proposals, nodes vote for the proposal with the "lowest credential" -- essentially, the VRF output is hashed and the proposal with the lowest hash wins. More precisely, if via binomial sampling an account has been selected to be on the proposal committee k times, their VRF output is hashed with an incrementing counter k times, and the lowest of those k hashes is used. (This is supposed to simulate k independent proposals from the account.) Due to a bug in the implementation, the first of these k hash values (used for determining the "lowest credential") is the same hash value that was used as input to binomial sampling (for determining whether the account was selected to propose in the first place). So conditioned on an an account being selected to propose, this first tie-breaking hash value is nonuniform. In particular, it will tend to be much higher (and thus much worse as a "lowest credential") than a uniform value. This means an account selected to serve on the proposal committee more than once has a significant advantage over an account selected to serve on the proposal committee only once. As a consequence, high-stake accounts propose the winning block dramatically more often than would be expected given their stake. The fix (adding proper domain separation) requires a protocol upgrade to ensure all nodes have the same behavior when computing lowest credential. Strictly speaking it would not permanently stall the network to deploy the fix without a protocol upgrade, but doing so would degrade network performance. This repo does not currently specify how to compare two credentials (i.e., the area with the bug). This empty commit will bump the protocol version for the sake of deploying the fix without further delay. After the fix is deployed we'll take the time to fully specify correct behavior.
- Loading branch information
