zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
Browse Source

Clarify 0-length vote extensions in the spec, according to #8174

sergio/0length-vote-extensions-prepare-proposal-txs-size
Sergio Mena 2 years ago
parent
e4ae922c33
commit
5c8050fab2
No known key found for this signature in database GPG Key ID: 43D327BE5B5DD087
2 changed files with 11 additions and 6 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      spec/abci++/abci++_basic_concepts_002_draft.md
  2. +9
    -4
      spec/abci++/abci++_methods_002_draft.md

+ 2
- 2
spec/abci++/abci++_basic_concepts_002_draft.md View File

@ -65,8 +65,8 @@ ignore the invalid part of the prepared proposal at block execution time.
The data, called _vote extension_, will also be made available to the
application in the next height, along with the vote it is extending, in the rounds
where the local process is the proposer.
The Application may also choose not to include any vote extension.
Tendermint calls it when is about to send a non-`nil` precommit message.
If the Application does not have vote extension information to provide, it returns a 0-length byte array as its vote extension.
Tendermint calls `ExtendVote` when is about to send a non-`nil` precommit message.
* [**VerifyVoteExtension:**](./abci++_methods_002_draft.md#verifyvoteextension) It allows validators to validate the vote extension data attached to a precommit message. If the validation fails, the precommit message will be deemed invalid and ignored
by Tendermint. This has a negative impact on Tendermint's liveness, i.e., if vote extensions repeatedly cannot be verified by correct validators, Tendermint may not be able to finalize a block even if sufficiently many (+2/3) of the validators send precommit votes for that block. Thus, `VerifyVoteExtension` should be used with special care.


+ 9
- 4
spec/abci++/abci++_methods_002_draft.md View File

@ -529,7 +529,7 @@ a [CanonicalVoteExtension](#canonicalvoteextension) field in the `precommit nil`
| hash | bytes | The header hash of the propsed block that the vote extension refers to. | 1 |
| validator_address | bytes | [Address](../core/data_structures.md#address) of the validator that signed the extension | 2 |
| height | int64 | Height of the block (for sanity check). | 3 |
| vote_extension | bytes | Optional information signed by Tendermint. | 4 |
| vote_extension | bytes | Application-specific information signed by Tendermint. Can have 0 length | 4 |
* **Response**:
@ -538,6 +538,9 @@ a [CanonicalVoteExtension](#canonicalvoteextension) field in the `precommit nil`
| status | [VerifyStatus](#VerifyStatus) | `enum` signaling if the application accepts the vote extension | 1 |
* **Usage**:
* `RequestVerifyVoteExtension.vote_extension` can be an empty byte array. The Application's interpretation of it should be
that the Application running at the process that sent the vote chose not to extend it.
Tendermint will always call `RequestVerifyVoteExtension`, even for 0 length vote extensions.
* If `ResponseVerifyVoteExtension.status` is `REJECT`, Tendermint will reject the whole received vote.
See the [Requirements](abci++_app_requirements_002_draft.md) section to understand the potential
liveness implications of this.
@ -553,9 +556,11 @@ a [CanonicalVoteExtension](#canonicalvoteextension) field in the `precommit nil`
When a validator _p_ is in Tendermint consensus round _r_, height _h_, state _prevote_ (**TODO** discuss: I think I must remove the state
from this condition, but not sure), and _p_ receives a Precommit message for round _r_, height _h_ from _q_:
1. _p_'s Tendermint calls `RequestVerifyVoteExtension`.
2. The Application returns _accept_ or _reject_ via `ResponseVerifyVoteExtension.status`.
3. If the Application returns
1. If the Precommit message does not contain a vote extension with a valid signature, Tendermint discards the message as invalid.
* a 0-length vote extension is valid as long as its accompanying signature is also valid.
2. Else, _p_'s Tendermint calls `RequestVerifyVoteExtension`.
3. The Application returns _accept_ or _reject_ via `ResponseVerifyVoteExtension.status`.
4. If the Application returns
* _accept_, _p_'s Tendermint will keep the received vote, together with its corresponding
vote extension in its internal data structures. It will be used to populate the [ExtendedCommitInfo](#extendedcommitinfo)
structure in calls to `RequestPrepareProposal`, in rounds of height _h + 1_ where _p_ is the proposer.


Write Preview
Loading…
Cancel
Save