nimbus-eth2/beacon_chain/gossip_processing
tersec 11bbc4010e
use correct pubkey for gossip validation of BLS to execution changes (#5646)
2023-12-04 22:10:13 +01:00
..
README.md update some consensus spec URLs to v1.4.0-beta.4 (#5594) 2023-11-11 06:27:53 +01:00
batch_validation.nim use correct pubkey for gossip validation of BLS to execution changes (#5646) 2023-12-04 22:10:13 +01:00
block_processor.nim track block/blob matching/quarantines using both indices and commitments (#5621) 2023-12-01 18:58:46 +00:00
eth2_processor.nim track block/blob matching/quarantines using both indices and commitments (#5621) 2023-12-01 18:58:46 +00:00
gossip_validation.nim use correct pubkey for gossip validation of BLS to execution changes (#5646) 2023-12-04 22:10:13 +01:00
light_client_processor.nim rm unused code (#5596) 2023-11-11 11:49:34 +03:00
optimistic_processor.nim remove `{.raises: [Defect].}` Nim 1.2 compatibility (#5352) 2023-08-25 11:29:07 +02:00

README.md

Gossip Processing

This folder holds a collection of modules to:

  • validate raw gossip data before
    • rebroadcasting it (potentially aggregated)
    • sending it to one of the consensus object pools

Validation

Gossip validation is different from consensus verification in particular for blocks.

There are multiple consumers of validated consensus objects:

  • a ValidationResult.Accept output triggers rebroadcasting in libp2p
    • We jump into method validate(PubSub, Message) in libp2p/protocols/pubsub/pubsub.nim
    • which was called by rpcHandler(GossipSub, PubSubPeer, RPCMsg)
  • a blockValidator message enqueues the validated object to the processing queue in block_processor
    • blockQueue: AsyncQueue[BlockEntry] (shared with request_manager and sync_manager)
    • This queue is then regularly processed to be made available to the consensus object pools.
  • a xyzValidator message adds the validated object to a pool in eth2_processor
    • Attestations (unaggregated and aggregated) get collected into batches.
    • Once a threshold is exceeded or after a timeout, they get validated together using BatchCrypto.

Security concerns

As the first line of defense in Nimbus, modules must be able to handle bursts of data that may come:

  • from malicious nodes trying to DOS us
  • from long periods of non-finality, creating lots of forks, attestations