If the exit queue is very long, then a validator may take many months to exit. With the code as currently written, however, self-slashing is a potentially lucrative route to get one's money out faster, because one can exit in 36 days.
This PR changes it so that slashing can only extend your withdrawal time, not contract it. Also, instead of the slashed balances used to calculate one's slashing penalty being those in `[withdrawal - 54 days ... withdrawal - 18 days]`, we now run the penalization algorithm once every 36 days that a validator is slashed but not withdrawn, so that it covers the 36-day period where the validator was actually slashed. It also moves the minimum slashing penalty to the `slash_validator` function so that it is only applied once.
We also simplify the `slashed_balances` logic to be per-epoch.
* Add RandaoRevealSlashing for early Randao reveals
* add some randao reveal slashing tests
* Unifying RANDAO reveal slashing and Custody reveal slashing; implemented more lenient penalty for not-to-early reveals
* Fix custody reveal domain
* Also test exposed_randao_reveals
* Re-add exposed_randao_reveals to validator initialization
* Fix tests
* Unified Randao Reveal slashing mechanism and Custody Reveal,
CUSTODY_PERIOD_TO_RANDAO_PADDING = EPOCHS_PER_CUSTODY_PERIOD
* Move exposed_randao_reveals into separate data structure to keep validator record clean
* new shiny staggered custody periods
* Fixes style and type hinting
* removes whitespace
* Cleans up multi-line conditionals
* Make RANDAO key reveal penalties proportional to block rewards
* Minor typos
* Minor typos
* Fixes off-by one error
* Removes unnecicary whitepsace
* Clean up comments; add test for key reveal too far in the future
* Reduce the CUSTODY_PERIOD_TO_RANDAO_PADDING again
* Fix max_proposer_slot_reward
* Fix types
* Move test
* Fix RandaoKeyReveal tests
* Move all RANDAO key reveal to phase 1
* Factor out signature checking
* Some fixes
* Update specs/core/1_custody-game.md
Co-Authored-By: dankrad <dankrad@ethereum.org>
* Addressing Vitalik's suggestions: Separate RANDAO and Custody key reveals; append the cleanup of RANDAO reveals instead of adding a new function
* Remove remnants of verify_custody_key
* RandaoKeyReveal -> EarlyDerivedSecretReveal
* Make penalty proportional to number of secrets already exposed
* Update specs/core/1_custody-game.md
Co-Authored-By: dankrad <dankrad@ethereum.org>
* Update specs/core/1_custody-game.md
Co-Authored-By: dankrad <dankrad@ethereum.org>
* Update specs/core/1_custody-game.md
Co-Authored-By: dankrad <dankrad@ethereum.org>
* Custody game changes
1. Don't store the full chunk bits, instead only store a Merkle root. Increased history size complexity from `N` to `N + log(N)` but with the benefit of decreasing storage requirements from `N` to a single 32 byte hash.
2. `custody_bit` is computed as the first bit of the hash of the custody bits, not the xor. This allows us to more safely use functions with more risky security assumptions for computing the chunk mix.
* Update specs/core/1_custody-game.md
* Update specs/core/1_custody-game.md
* Update specs/core/1_custody-game.md
* Update specs/core/1_custody-game.md
* XOR aggregation before SHA256 to reduce number of hashes
* Simplifed get_chunk_bits_root
* standalone -> indexed
* Fix missing "data" and ToC
protolambda
Danny Ryan
vbuterin
Justin Drake
Dankrad Feist
Carl Beekhuizen
Hsiao-Wei Wang
terence tsao
JSON
dankrad