Proof of absence and presence for the same path with nil proof of presence value #414
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com>
Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com>
jsign
commented
Nov 2, 2023
gballet
approved these changes
Nov 3, 2023
jsign
force-pushed
the
jsign-proof-tests-fix
branch
from
6c426c6
to
33c0992
Compare
jsign
commented
Nov 3, 2023
jsign
force-pushed
the
jsign-proof-tests-fix
branch
from
33c0992
to
a58c6fc
Compare
jsign
commented
Nov 3, 2023
Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com>
jsign
force-pushed
the
jsign-proof-tests-fix
branch
from
a58c6fc
to
fa7eeeb
Compare
Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com>
jsign
commented
Nov 3, 2023
| @@ -398,8 +398,9 @@ func PreStateTreeFromProof(proof *Proof, rootC *Point) (VerkleNode, error) { // | |||
| stems = append(stems, k[:31]) | |||
| } | |||
| } | |||
| stemIndex := 0 | |||
There was a problem hiding this comment.
We don't need this anymore, things got simplified.
Comment on lines
+401
to
+403
| if len(stems) != len(proof.ExtStatus) { | ||
| return nil, fmt.Errorf("invalid number of stems and extension statuses: %d != %d", len(stems), len(proof.ExtStatus)) | ||
| } |
There was a problem hiding this comment.
As a preliminary check, now check if there's a 1:1 match between stems and extension statuses.
Comment on lines
+416
to
+424
| // We build a cache of paths that have a presence extension status. | ||
| pathsWithExtPresent := map[string]struct{}{} | ||
| i := 0 | ||
| for _, es := range proof.ExtStatus { | ||
| depth := es >> 3 | ||
| path := stems[stemIndex][:depth] | ||
| if es&3 == extStatusPresent { | ||
| pathsWithExtPresent[string(stems[i][:es>>3])] = struct{}{} | ||
| } | ||
| i++ | ||
| } |
There was a problem hiding this comment.
Nothing new here compared to last review.
Comment on lines
+445
to
449
| for j := range proof.Keys { // TODO: DoS risk, use map or binary search. | ||
| if bytes.HasPrefix(proof.Keys[j], stems[i]) && proof.PreValues[j] != nil { | ||
| return nil, fmt.Errorf("proof of absence (other) stem %x has a value", si.stem) | ||
| } | ||
| } |
There was a problem hiding this comment.
First, we check that all keys for this stem have nil values.
This must be the case since all are absent. If that's not true, wrong proof.
Comment on lines
+451
to
+457
| // For this absent path, we must first check if this path contains a proof of presence. | ||
| // If that is the case, we don't have to do anything since the corresponding leaf will be | ||
| // constructed by that extension status (already processed or to be processed). | ||
| // In other case, we should get the stem from the list of proof of absence stems. | ||
| if _, ok := pathsWithExtPresent[string(path)]; ok { | ||
| continue | ||
| } |
There was a problem hiding this comment.
Second, if we know there is a proof of presence for this path; we don't do anything since that proof of presence will create this path.
Comment on lines
+466
to
+467
| si.stem = poas[0] | ||
| poas = poas[1:] |
There was a problem hiding this comment.
Forth, we're the first (or only) proof of absence (without proof of presences) for this path. Create it.
Comment on lines
469
to
-475
| si.values = map[byte][]byte{} | ||
| for i, k := range proof.Keys { // TODO: DoS risk, use map or binary search. | ||
| if bytes.Equal(k[:len(path)], stemPath) && proof.PreValues[i] != nil { | ||
| si.values[k[31]] = proof.PreValues[i] | ||
| si.stem = stems[i] | ||
| for j, k := range proof.Keys { // TODO: DoS risk, use map or binary search. | ||
| if bytes.Equal(k[:31], si.stem) { | ||
| si.values[k[31]] = proof.PreValues[j] | ||
| si.has_c1 = si.has_c1 || (k[31] < 128) | ||
| si.has_c2 = si.has_c2 || (k[31] >= 128) | ||
| // This key has values, its stem is the one that | ||
| // is present. | ||
| if si.stem == nil { | ||
| si.stem = k[:31] | ||
| continue | ||
| } | ||
| // Any other key with values must have the same | ||
| // same previously detected stem. If that isn't the case, | ||
| // the proof is invalid. | ||
| if !bytes.Equal(si.stem, k[:31]) { | ||
| return nil, fmt.Errorf("multiple keys with values found for stem %x", k[:31]) | ||
| } | ||
| } | ||
| } | ||
| // For a proof of presence, we must always have detected a stem. | ||
| // If that isn't the case, the proof is invalid. | ||
| if si.stem == nil { | ||
| return nil, fmt.Errorf("no stem found for path %x", path) | ||
| } |
There was a problem hiding this comment.
All this got quite simplified since:
- si.stem is
stem[i]directly due to the current 1:1 correspondence - Look for keys, and simply add them into stemInfo (we don't care if their values are nil or not-nil. just add the values and mark c1/c2 appropriately).
Comment on lines
-479
to
-489
|
|
||
| // Skip over all the stems that share the same path | ||
| // to the extension tree. This happens e.g. if two | ||
| // stems have the same path, but one is a proof of | ||
| // absence and the other one is present. | ||
| stemIndex++ | ||
| for ; stemIndex < len(stems); stemIndex++ { | ||
| if !bytes.Equal(stems[stemIndex][:depth], path) { | ||
| break | ||
| } | ||
| } |
There was a problem hiding this comment.
Thanks to the 1:1 correspondence, all this is unnecessary since we don't have to "infer" the current stem by "tracking" some separate index from keys.
Comment on lines
+1475
to
1481
| // If this is the first extension status added for this path, | ||
| // add the proof of absence stem (only once). If later we detect a proof of | ||
| // presence, we'll clear the list since that proof of presence | ||
| // will be enough to provide the stem. | ||
| if len(esses) == 0 { | ||
| esses = append(esses, extStatusAbsentOther|(n.depth<<3)) | ||
| poass = append(poass, n.stem) | ||
| } |
Comment on lines
+1482
to
+1488
| // Add an extension status absent other for this stem. | ||
| // Note we keep a cache to avoid adding the same stem twice (or more) if | ||
| // there're multiple keys with the same stem. | ||
| if _, ok := addedAbsentStems[string(key[:StemSize])]; !ok { | ||
| esses = append(esses, extStatusAbsentOther|(n.depth<<3)) | ||
| addedAbsentStems[string(key[:StemSize])] = struct{}{} | ||
| } |
There was a problem hiding this comment.
We use the addedAbsentStems to avoid adding duplicate extension statuses for the same stem. This can happen since this external loop is iterating keys, and not "grouped stems".
gballet
approved these changes
Nov 3, 2023
I'll merge all back to #412, and I'll test Kaustinen with that branch before merging to main. |
jsign
added a commit
that referenced
this pull request
Nov 3, 2023
* proof: add proof of absence border case tests Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * Proof of absence and presence for the same path with nil proof of presence value (#414) * keep the extension statuses of absent stems Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * more improvements and tests Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * fix & extra test case Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * make steams and extStatuses be 1:1 Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * cleanup Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> --------- Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> --------- Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com>
gballet
pushed a commit
that referenced
this pull request
Nov 6, 2023
* proof: verify proof of absence steam is sorted Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * proof: more length checks Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * more tree from proof checks Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * add checks in CreatePath Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * lints Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * fix comments Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * Proof of absence border case test (#413) * proof: add proof of absence border case tests Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * Proof of absence and presence for the same path with nil proof of presence value (#414) * keep the extension statuses of absent stems Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * more improvements and tests Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * fix & extra test case Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * make steams and extStatuses be 1:1 Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * cleanup Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> --------- Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> --------- Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * lint Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * add extra border case test Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * fix bug Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * further fixes Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * fix Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> * cleanup Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com> --------- Signed-off-by: Ignacio Hagopian <jsign.uy@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a proposed fix to #413.
At the end of the day, it's almost aligned with the ultra-original Python implementation, which probably did this for the same reason I found #413 problematic.