Privacy e2e #32
Privacy e2e #32
Conversation
Mikelle
force-pushed
the
privacy-e2e
branch
2 times, most recently
from
7ace486 to
456b835
Compare
| @@ -0,0 +1,189 @@ | |||
| package depositmanager | |||
There was a problem hiding this comment.
No unit tests for this pkg. We should add some basic tests atleast.
p2p/pkg/depositmanager/deposit.go
Outdated
| eg.Go(func() error { | ||
| ev1 := events.NewEventHandler( | ||
| "NewWindow", | ||
| func(window *blocktracker.BlocktrackerNewWindow) error { |
There was a problem hiding this comment.
There should be some way to clear old window information, otherwise the state will keep growing and its all in memory now.
There was a problem hiding this comment.
I'm not sure that I understand this comment. How will the state grow if I'm using atomicInt here?
There was a problem hiding this comment.
I meant for the balances. So we will have old window information everywhere. We should have some way to clean that up. Maybe LRU cache with fixed sizes could be good. Not an immediate concern.
| } | ||
|
|
||
| // Function to get the winner of a specific block | ||
| function getBlockWinner( |
| bidSignature []byte, | ||
| commitmentSignature []byte, | ||
| ) error { | ||
| sharedSecretKey []byte, |
There was a problem hiding this comment.
Just to understand the flow, where does this sharedSecretKey originate?
There was a problem hiding this comment.
In code it's here:
https://github.com/primevprotocol/monorepo/pull/32/files#diff-a9be9ab22daa2b86b99b82b397e5590bbc5d53f0a81f366b88bbc557aeab16ffR119
In docs here is a good image, describing the encryption process:
https://www.notion.so/primev/mev-commit-privacy-e2e-v1-1-6569036f5f50438885df24050a54ff17?pvs=4#f1a1eec07bd54c3098090e804d1316c7
| uint256 public blocksPerWindow = 64; | ||
|
|
||
| // Mapping from block number to the winner's address | ||
| mapping(uint256 => address) public blockWinners; |
There was a problem hiding this comment.
@aloknerurkar I think it would be great to add some state pruning function, bcs otherwise state will grow indefinitely and record tx will be super expensive
| return providers, nil | ||
| } | ||
|
|
||
| func (ke *KeyExchange) prepareMessages(providers []p2p.Peer) ([][]byte, []byte, error) { |
There was a problem hiding this comment.
Sorry I missed this in my previous reviews. Not sure why we are sending all then encrypted keys to all the peers?
We should have point to point messages. For eg. each provider should be sent the key meant for it only, along with the timestamp message. If a new provider joins the network, only that provider should be getting a new message with its encrypted key.
We should make these changes before the release as this protobuf message structure takes in the array of keys. If we release with this then changing the protobuf would involve protocol bumps.
There was a problem hiding this comment.
I'm taking it from the design document...
Mikelle
force-pushed
the
privacy-e2e
branch
5 times, most recently
from
3391e62 to
f1cbbed
Compare
| decayEndTimeStamp int64, | ||
| bidSignature []byte, | ||
| commitmentSignature []byte, | ||
| sharedSecretKey []byte, |
There was a problem hiding this comment.
we might want to call this a shared blinder, but up to you. SharedSecretKey gives the implicit assumption it's being used for encryption. Blinder also helps make it apparent that it's ephemeral.
There was a problem hiding this comment.
But feel free to change the name, after and merge this PR, this is def not a blocker comment!
|
|
||
| ethAddress, err := p.signer.VerifyBid(bid) | ||
| p.logger.Info("received bid", "encryptedBid", encryptedBid) | ||
| bid, err := p.encryptor.DecryptBidData(peer.EthAddress, encryptedBid) |
There was a problem hiding this comment.
What happens if the encryptedBid came from a Peer that didn't have peer.EthAddress. Maybe we should add a NOTE or TODO here to update this section if we ever move to a gossip protocol, We'll need the decryptor to attempt decryption from all possible keys.
There was a problem hiding this comment.
The ecnryptedBid payload should also have a bidder signature on it right? maybe use that to verify identity?
| type BidProcessor interface { | ||
| ProcessBid(context.Context, *preconfpb.Bid) (chan providerapi.ProcessedBidResponse, error) | ||
| } | ||
|
|
||
| type EncrDecrCommitmentStore interface { |
There was a problem hiding this comment.
This should be removed. Not required.
p2p/pkg/depositmanager/deposit.go
Outdated
| return err | ||
| } | ||
|
|
||
| effectiveStake := new(big.Int).Div(new(big.Int).Set(bidderReg.DepositedAmount), new(big.Int).SetUint64(blocksPerWindow)) |
There was a problem hiding this comment.
nit: do we need to do new(big.Int).Set here or cant we just use the DepositedAmount directly. The result is anyway a new big.Int
p2p/pkg/depositmanager/deposit.go
Outdated
| return dm.store.RefundBalanceForBlock(address, deductedAmount, blockNumber) | ||
| } | ||
|
|
||
| func (dm *DepositManager) checkAndSetBlocksPerWindow() (uint64, error) { |
There was a problem hiding this comment.
Instead of checkAndSet, we should name it get or getOrSet as this returns the value.
This PR implements privacy e2e protocol.
Related docs: