light-client: Attack detector and evidence reporting
Closed this issue · 0 comments
romac commented
Description
Implement a light client attack detector, based on its Go version in Comet.
A tentative API for the detector could look like this:
pub struct Divergence {
pub evidence: LightClientAttackEvidence,
pub challenging_block: LightBlock,
}
/// Given a primary trace and a witness, detect any divergence between the two,
/// by querying the witness for the same header as the last header in the primary trace
/// (ie. the target block), and comparing the hashes.
///
/// If the hashes match, then no divergence has been detected and the target block can be trusted.
///
/// If the hashes do not match, then the witness has provided a conflicting header.
/// This could possibly imply an attack on the light client.
/// In this case, we need to verify the witness's header using the same skipping verification
/// and then we need to find the point that the headers diverge and examine this for any evidence of an attack.
/// We then attempt to find the bifurcation point and if successful construct the evidence of an
/// attack to report to the witness.
pub async fn detect_divergence(
witness: &mut Provider,
primary_trace: Vec<LightBlock>,
max_clock_drift: Duration,
max_block_lag: Duration,
now: Time
) -> Result<Option<Divergence>, DivergenceError>;
Definition of "done"
The light client attack detector is implemented, tested and documented, and the API it exposes can be successfully integrated into Hermes.