Skip to content

Commit

Permalink
Merge branch 'main' into ci-security
Browse files Browse the repository at this point in the history
  • Loading branch information
@DaMandal0rian
DaMandal0rian committed Jan 3, 2024
2 parents 5b6bdd9 + 8de7d53 commit 9471266
Show file tree
Hide file tree
Showing 83 changed files with 3,284 additions and 3,894 deletions.
24 changes: 16 additions & 8 deletions .github/workflows/rust.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@ jobs:
~/.cargo/registry
~/.cargo/git
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: cargo fmt
uses: actions-rs/cargo@ae10961054e4aa8b4aa7dffede299aaf087aa33b # @v1.0.1
Expand Down Expand Up @@ -99,12 +101,14 @@ jobs:
continue-on-error: true

- name: Configure cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # @v3.3.2
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # @v3.3.2
with:
path: |
~/.cargo/registry
~/.cargo/git
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: cargo clippy
uses: actions-rs/clippy-check@b5b5f21f4797c02da247df37026fcd0a5024aa4d # @v1.0.7
Expand All @@ -124,12 +128,14 @@ jobs:
repo-token: ${{ secrets.GITHUB_TOKEN }}

- name: Configure cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # @v3.3.2
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # @v3.3.2
with:
path: |
~/.cargo/registry
~/.cargo/git
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: Check Documentation
run: cargo doc --locked --all --no-deps --lib
Expand Down Expand Up @@ -177,18 +183,20 @@ jobs:
# Doesn't exist on self-hosted runners
continue-on-error: true

- name: Install cargo-nextest
uses: taiki-e/cache-cargo-install-action@1b76958d032c4d048c599f9fdfa48abe804d6319 # v1.2.2
with:
tool: cargo-nextest

- name: Configure cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # @v3.3.2
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # @v3.3.2
with:
path: |
~/.cargo/registry
~/.cargo/git
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: Install cargo-nextest
uses: taiki-e/cache-cargo-install-action@1b76958d032c4d048c599f9fdfa48abe804d6319 # v1.2.2
with:
tool: cargo-nextest

- name: cargo nextest run --locked
uses: actions-rs/cargo@ae10961054e4aa8b4aa7dffede299aaf087aa33b # @v1.0.1
Expand Down
10 changes: 10 additions & 0 deletions .github/workflows/rustdoc.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,16 @@ jobs:
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}

- name: Configure cache
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # @v3.3.2
with:
path: |
~/.cargo/registry
~/.cargo/git
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-
# Build the rust crate docs
- name: Build Documentation
run: cargo doc --all --no-deps --lib
Expand Down
10 changes: 10 additions & 0 deletions .github/workflows/snapshot-build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,16 @@ jobs:
run: sudo apt-get update && sudo apt-get install -y --no-install-recommends g++-aarch64-linux-gnu gcc-aarch64-linux-gnu libc6-dev-arm64-cross
if: matrix.build.target == 'aarch64-unknown-linux-gnu'

- name: Configure cache
uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # @v3.3.2
with:
path: |
~/.cargo/registry
~/.cargo/git
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-
- name: Build farmer
uses: actions-rs/cargo@ae10961054e4aa8b4aa7dffede299aaf087aa33b # @v1.0.1
with:
Expand Down
27 changes: 25 additions & 2 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 38 additions & 2 deletions crates/pallet-domains/src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,10 @@ mod pallet {
#[pallet::constant]
type MinOperatorStake: Get<BalanceOf<Self>>;

/// Minimum nominator stake required to nominate and operator.
#[pallet::constant]
type MinNominatorStake: Get<BalanceOf<Self>>;

/// Minimum number of blocks after which any finalized withdrawals are released to nominators.
#[pallet::constant]
type StakeWithdrawalLockingPeriod: Get<DomainBlockNumberFor<Self>>;
Expand Down Expand Up @@ -834,7 +838,7 @@ mod pallet {
pub fn submit_bundle(
origin: OriginFor<T>,
opaque_bundle: OpaqueBundleOf<T>,
) -> DispatchResult {
) -> DispatchResultWithPostInfo {
ensure_none(origin)?;

log::trace!(target: "runtime::domains", "Processing bundle: {opaque_bundle:?}");
Expand All @@ -846,6 +850,11 @@ mod pallet {
let operator_id = opaque_bundle.operator_id();
let receipt = opaque_bundle.into_receipt();

#[cfg(not(feature = "runtime-benchmarks"))]
let mut epoch_transitted = false;
#[cfg(feature = "runtime-benchmarks")]
let epoch_transitted = false;

match execution_receipt_type::<T>(domain_id, &receipt) {
ReceiptType::Rejected(rejected_receipt_type) => {
return Err(Error::<T>::BlockTree(rejected_receipt_type.into()).into());
Expand All @@ -866,6 +875,9 @@ mod pallet {
//
// NOTE: Skip the following staking related operations when benchmarking the
// `submit_bundle` call, these operations will be benchmarked separately.
// TODO: in order to get a more accurate actual weight, separately benchmark:
// - `do_reward_operators`,`do_slash_operators`,`do_unlock_pending_withdrawals`
// - `do_finalize_domain_current_epoch`
#[cfg(not(feature = "runtime-benchmarks"))]
if let Some(confirmed_block_info) = maybe_confirmed_domain_block_info {
do_reward_operators::<T>(
Expand Down Expand Up @@ -902,6 +914,7 @@ mod pallet {
domain_id,
completed_epoch_index,
});
epoch_transitted = true;
}

do_unlock_pending_withdrawals::<T>(
Expand Down Expand Up @@ -944,7 +957,15 @@ mod pallet {
bundle_author: operator_id,
});

Ok(())
let actual_weight = if !epoch_transitted {
Some(T::WeightInfo::submit_bundle())
} else {
Some(
T::WeightInfo::submit_bundle()
.saturating_add(T::WeightInfo::pending_staking_operation()),
)
};
Ok(actual_weight.into())
}

#[pallet::call_index(1)]
Expand Down Expand Up @@ -1695,8 +1716,14 @@ impl<T: Config> Pallet<T> {
})?;
}
FraudProof::InvalidBundles(invalid_bundles_fraud_proof) => {
let bad_receipt_parent =
BlockTreeNodes::<T>::get(bad_receipt.parent_domain_block_receipt_hash)
.ok_or(FraudProofError::ParentReceiptNotFound)?
.execution_receipt;

verify_invalid_bundles_fraud_proof::<T::Block, T::DomainHeader, BalanceOf<T>>(
bad_receipt,
bad_receipt_parent,
invalid_bundles_fraud_proof,
)
.map_err(|err| {
Expand Down Expand Up @@ -1855,6 +1882,8 @@ impl<T: Config> Pallet<T> {
}

/// Returns the block number of oldest execution receipt.
// FIXME: the `oldest_receipt_number` may not be correct if fraud proof is submitted
// and bad ER were pruned, see https://github.com/subspace/subspace/issues/2354
pub fn oldest_receipt_number(domain_id: DomainId) -> DomainBlockNumberFor<T> {
Self::head_receipt_number(domain_id).saturating_sub(Self::block_tree_pruning_depth())
}
Expand Down Expand Up @@ -1908,6 +1937,13 @@ impl<T: Config> Pallet<T> {
pub fn execution_receipt(receipt_hash: ReceiptHashFor<T>) -> Option<ExecutionReceiptOf<T>> {
BlockTreeNodes::<T>::get(receipt_hash).map(|db| db.execution_receipt)
}

pub fn receipt_hash(
domain_id: DomainId,
domain_number: DomainBlockNumberFor<T>,
) -> Option<ReceiptHashFor<T>> {
BlockTree::<T>::get(domain_id, domain_number)
}
}

impl<T> Pallet<T>
Expand Down
40 changes: 36 additions & 4 deletions crates/pallet-domains/src/staking.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,11 @@ pub(crate) fn do_register_operator<T: Config>(
Error::DuplicateOperatorSigningKey
);

ensure!(
config.minimum_nominator_stake >= T::MinNominatorStake::get(),
Error::MinimumNominatorStake
);

let domain_obj = DomainRegistry::<T>::get(domain_id).ok_or(Error::DomainNotInitialized)?;
ensure!(
domain_obj
Expand Down Expand Up @@ -777,6 +782,33 @@ pub(crate) mod tests {
});
}

#[test]
fn test_register_operator_minimum_nominator_stake() {
let domain_id = DomainId::new(0);
let operator_account = 1;
let pair = OperatorPair::from_seed(&U256::from(0u32).into());

let mut ext = new_test_ext();
ext.execute_with(|| {
let operator_config = OperatorConfig {
signing_key: pair.public(),
minimum_nominator_stake: Default::default(),
nomination_tax: Default::default(),
};

let res = Domains::register_operator(
RuntimeOrigin::signed(operator_account),
domain_id,
Default::default(),
operator_config,
);
assert_err!(
res,
Error::<Test>::Staking(StakingError::MinimumNominatorStake)
);
});
}

#[test]
fn test_register_operator() {
let domain_id = DomainId::new(0);
Expand All @@ -792,7 +824,7 @@ pub(crate) mod tests {
operator_account,
operator_free_balance,
operator_stake,
0,
SSC,
pair.public(),
BTreeMap::new(),
);
Expand All @@ -809,7 +841,7 @@ pub(crate) mod tests {
signing_key: pair.public(),
current_domain_id: domain_id,
next_domain_id: domain_id,
minimum_nominator_stake: 0,
minimum_nominator_stake: SSC,
nomination_tax: Default::default(),
current_total_stake: operator_stake,
current_epoch_rewards: 0,
Expand Down Expand Up @@ -972,7 +1004,7 @@ pub(crate) mod tests {
operator_account,
operator_free_balance,
operator_stake,
0,
SSC,
pair.public(),
BTreeMap::new(),
);
Expand Down Expand Up @@ -1062,7 +1094,7 @@ pub(crate) mod tests {
operator_account,
operator_free_balance,
operator_stake,
0,
SSC,
pair.public(),
BTreeMap::new(),
);
Expand Down
Loading

0 comments on commit 9471266

Please sign in to comment.