light-client: Attack detector and evidence reporting

Question

light-client: Attack detector and evidence reporting

Closed this issue a year ago · 0 comments

Description

Implement a light client attack detector, based on its Go version in Comet.

A tentative API for the detector could look like this:

pub struct Divergence {
    pub evidence: LightClientAttackEvidence,
    pub challenging_block: LightBlock,
}

/// Given a primary trace and a witness, detect any divergence between the two,
/// by querying the witness for the same header as the last header in the primary trace
/// (ie. the target block), and comparing the hashes.
///
/// If the hashes match, then no divergence has been detected and the target block can be trusted.
///
/// If the hashes do not match, then the witness has provided a conflicting header.
/// This could possibly imply an attack on the light client.
/// In this case, we need to verify the witness's header using the same skipping verification
/// and then we need to find the point that the headers diverge and examine this for any evidence of an attack.
/// We then attempt to find the bifurcation point and if successful construct the evidence of an
/// attack to report to the witness.
pub async fn detect_divergence(
    witness: &mut Provider,
    primary_trace: Vec<LightBlock>,
    max_clock_drift: Duration,
    max_block_lag: Duration,
    now: Time
) -> Result<Option<Divergence>, DivergenceError>;

Definition of "done"

The light client attack detector is implemented, tested and documented, and the API it exposes can be successfully integrated into Hermes.