24-host: Reduce provable surface area to only packet flow keys #1144
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ovable keys to private keys
AdityaSripal
requested review from
angbrav,
colin-axner,
damiannolan and
sangier
as code owners
crodriguezvega
approved these changes
Aug 21, 2024
| @@ -311,16 +186,6 @@ This permissioning can be implemented with unique references (object capabilitie | |||
|
|
|||
| Modules that wish to make use of particular IBC features MAY implement certain handler functions, e.g. to add additional logic to a channel handshake with an associated module on another state machine. | |||
|
|
|||
| ### Datagram submission | |||
There was a problem hiding this comment.
Just curious: why was this section deleted?
sangier
approved these changes
Aug 22, 2024
sangier
reviewed
Aug 22, 2024
sangier
reviewed
Aug 22, 2024
sangier
reviewed
Aug 22, 2024
|
Leaving open for now because we may want to remove specification of private keys entirely. it is up to individual implementations to decide how best to execute the logic required to write the provable keys in store. Also, we should be standardizing the values stored under the provable keys in this specification as well. Also blocked on discussion around spec format. i.e. ABI for universal data format and moving to IETF standards for specs |
sangier
reviewed
Sep 23, 2024
|
|
||
| #### Packet Acknowledgement | ||
|
|
||
| The acknowledgement will be provided with the packet to the sending chain. Thus we only need to provably associate the acknowledgement with the original packet. This association is already accomplished by the acknowledgment path which contains the destination identifier and the sequence. Thus on the sending chain, we can prove the acknowledgement was indeed sent for the packet we sent. We prove the packet was sent by us by checking that we stored the packet commitment under the packet commitment path. We can retrieve the client from the source identifier and then prove the counterparty stored under the destination identifier and sequence. Thus, we can associate the acknowledgement stored under this path with the unique packet provided. The acknowledgement commitment can therefore simply consist of a hash of the acknowledgment data sent to the state machine. |
There was a problem hiding this comment.
Would be nice to have a visual representation of this
sangier
reviewed
Sep 23, 2024
| actually used in the private store implementation. | ||
| | Store | Path format | Value type | Defined in | | ||
| | -------------- | -------------------------------------------------------------------------- | ----------------- | ---------------------- | | ||
| | provableStore | "commitments/channels/{identifier}/sequences/{bigEndianUint64Sequence}" | bytes | [ICS 4](../ics-004-packet-semantics) | |
There was a problem hiding this comment.
I'm wondering if there is some space for commitment collision which could led to double usage, but I cannot really think of a scenario that would allow that. At a first glance the provableStore paths look good to me.
This was referenced Sep 24, 2024
damiannolan
reviewed
Sep 30, 2024
Comment on lines
+113
to
+117
| | Store | Path format | Value type | Defined in | | ||
| | -------------- | -------------------------------------------------------------------------- | ----------------- | ---------------------- | | ||
| | provableStore | "commitments/channels/{identifier}/sequences/{bigEndianUint64Sequence}" | bytes | [ICS 4](../ics-004-packet-semantics) | | ||
| | provableStore | "receipts/channels/{identifier}/sequences/{bigEndianUint64Sequence}" | bytes | [ICS 4](../ics-004-packet-semantics) | | ||
| | provableStore | "acks/channels/{identifier}/sequences/{bigEndianUint64Sequence}" | bytes | [ICS 4](../ics-004-packet-semantics) | |
There was a problem hiding this comment.
Looks like we're missing "nextSequenceSend/ports/{identifier}/channels/{identifier}"?
I guess it doesn't need to be provable, but it should also still be defined?? I think we still want the logical separation of sequence/nonce under its own key in v2. And the current impl still relies on port identifier being included
There was a problem hiding this comment.
Since it won't be provable, but the ICS4 still uses it, I have defined the
function nextSequenceSendPath(sourceChannelID: bytes): Path {
return "nextSequenceSend/{sourceChannelID}"
}
``` in the privateStore. However, being local and private it could be any path that the chains want to set, thus I guess the implementation should be able to avoid relying on the port, correct?
sangier
reviewed
Oct 1, 2024
| | Store | Path format | Value type | Defined in | | ||
| | -------------- | -------------------------------------------------------------------------- | ----------------- | ---------------------- | | ||
| | provableStore | "commitments/channels/{identifier}/sequences/{bigEndianUint64Sequence}" | bytes | [ICS 4](../ics-004-packet-semantics) | | ||
| | provableStore | "receipts/channels/{identifier}/sequences/{bigEndianUint64Sequence}" | bytes | [ICS 4](../ics-004-packet-semantics) | |
There was a problem hiding this comment.
seems that sequences will be the main discriminator here, thus would be possible to use a path like "receipts/{identifier}/sequences/{bigEndianUint64Sequence}" so deleting the channels reference?
|
Merging this though the key paths may still be subject to change. Avoiding having PRs stand up for too long |
AdityaSripal
added a commit
that referenced
this pull request
Mar 26, 2025
* add v2 folder * create structure and paste v1 specs for now * TAO V2 support in 07 client (#1137) * deprecate delay period params * add params into clientState * fix comment * include PR link in history * fixes * fix comment * fix modified field * Copied README.md to v2/ while preserving history * Reverted README.md to commit 825d47d * fix deadlinks * rm v1 deprecation references * del v2 folder and readme * cp v1 spec into TAO_V1_README * apply v2 changes * fix dead links * fix deadlinks 2 * fix image links * fixes * fixes * fix link to v2 version --------- Co-authored-by: Stefano Angieri <[email protected]> * 02-client-TAOv2 (#1147) * rm delayPeriods * add msg and hanlder * fixes * del things * fix order * typos * review comments --------- Co-authored-by: Stefano Angieri <[email protected]> * 24-host: Reduce provable surface area to only packet flow keys (#1144) * start 24-host by removing unnecessary requirements and moving some provable keys to private keys * fix layout rendering * fix links * address Stefano's comments * high level path space and commitment specification --------- Co-authored-by: Carlos Rodriguez <[email protected]> * 04-Packet-Flow-v2 (#1148) * start removing channel refs * add counterparty refs * introducing multi-packet data structure * add multi-data packet * introduce packet handlers * send packet handl * change packet commitment paths * fix paths * mod sendPacket * mod receive * allign with new packet structure * mod ack and paths * change counterparty def * discussions-related-fixes * add sketch packet flow * rework + ack logic * fixes + timeout logic * start addressing review * addressing review comments * fixes * client-creation-registration * ante-error-post conditions sendPacket * fixes * handlers pre-error-post conditions * fixes * add mermaid diagrams, fixes * router fixes * improvements and fixes * minor fix * improvements * adding considerations * add condition table * change condition table format * multi-payload,paths,router,acks fixes * improve createClient conditions * table fix * registerChannel table * fixes * improvements * fixes * setup fixes * diagram fixes * fix diagram * test fix * two and three step setup * send-receive conditions * router fixes * createChannl conditions * register table fixes * conditions tables * table fixes * self review * self review * add soundness and correctness * self review * self review * fixes * minor fixes * rename folder * polish * change registerChannel to registerCounterparty * Apply suggestions from code review Co-authored-by: Aditya <[email protected]> * address review comments * rm counterparty channel id check in send packet * mod writeAck function * delete packet once async ack has been written * fix callbacks * fixes * fix mermaid * rm relayer from SendPack * Apply suggestions from code review --------- Co-authored-by: Aditya <[email protected]> * ics20-tao-v2-support (#1157) * start v2 changes * mod onRecv callback * mod revert,refund * wip refactor * wip-packet-reasoning * callbacks interface update * fixes * v2Tao support in v1 * Apply suggestions from code review Co-authored-by: Aditya <[email protected]> * fix sequence type * unrmarshal utility function * fix write ack * fix revertInFlightsChanges * fixes * rm relayer from onSend * Apply suggestions from code review --------- Co-authored-by: Aditya <[email protected]> * ICS24: Restructure provable packet keys (#1155) * imp: note that commitments must be lexographically ordered to maintain soundness (#1153) * restructure ibc keys * add value instead of redundant provable store column * chore: remove myself as codeowner (#1156) * Fix variable name (#1162) * fix link and put new provable keys into 04-channel spec --------- Co-authored-by: colin axnér <[email protected]> Co-authored-by: Christoph Otter <[email protected]> * add timeoutTimestamp in forwarding (#1163) * Packet Spec: Hash App data rather than standardizing encoding (#1152) * add packet and acknowledgement structs and commitment details * add CBOR as suggested encoding and SENTINEL_ACKNOWLEDGEMENT value * explain each field in the code * change id to channel * switch cbor encoding to hashing in packet commitment * switch cbor encoding to hashing in acknowledgement * Apply suggestions from code review Co-authored-by: sangier <[email protected]> * add recursive hashing suggestion from amulet * prepend protocol byte --------- Co-authored-by: sangier <[email protected]> * Move PACKET.md (#1166) * move PACKET.md to the right folder * linter * linter * ICS4: Create 32 byte commitment (#1168) * move protocol version inside final hash * Update spec/core/v2/ics-004-packet-semantics/PACKET.md Co-authored-by: DimitrisJim <[email protected]> --------- Co-authored-by: DimitrisJim <[email protected]> * ICS4: Event Emission Specification (NO PSEUDOCODE) (#1172) * event specification * specify events for channel creation * add client id to register counterparty events * rename emitLogEntry to emitEvents * address reviews * fix typo * remove explicit event implementation and include event writeup on what should be included * continue changes * add packet handler to v2 spec * move to v2 folder in top-level spec * simplify the spec * rename folder for more visibility * specify client handler specification * cleanup ICS-2 and start with ICS24 * ics5 port specification * halfway through ICS26 * specify packet callbacks * move folders to core * fix table * write overview doc * add link to payload docs * header corrections * address marius reviews and lint lists * revert non-core changes * revert client changes * satisfy linter * fix links * fix more linting issues * lint --------- Co-authored-by: sangier <[email protected]> Co-authored-by: Stefano Angieri <[email protected]> Co-authored-by: Carlos Rodriguez <[email protected]> Co-authored-by: colin axnér <[email protected]> Co-authored-by: Christoph Otter <[email protected]> Co-authored-by: DimitrisJim <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context for Reviewers:
This PR introduces a new high level packet and acknowledgement commitment.
The packet commitment must now include the destination identifier
The packet commitment hashes the destination identifier, timeout, and app data all as bytes to create a fixed preimage size and then hashes the result
The acknowledgement is just a hash of the acknowledgement
Closes: #1138