nimbus-eth2/beacon_chain/gossip_processing
tersec 2ca28fb861
Merge BeaconBlock gossip validation (#3165)
* Merge BeaconBlock gossip validation

* figure/ground inversion

* revert cosmetic cleanups to reduce merge conflicts
2021-12-08 17:29:22 +00:00
..
README.md move quarantine outside of chaindag (#3124) 2021-12-06 10:49:01 +01:00
batch_validation.nim move quarantine outside of chaindag (#3124) 2021-12-06 10:49:01 +01:00
block_processor.nim move quarantine outside of chaindag (#3124) 2021-12-06 10:49:01 +01:00
consensus_manager.nim move quarantine outside of chaindag (#3124) 2021-12-06 10:49:01 +01:00
eth2_processor.nim Merge BeaconBlock gossip validation (#3165) 2021-12-08 17:29:22 +00:00
gossip_validation.nim Merge BeaconBlock gossip validation (#3165) 2021-12-08 17:29:22 +00:00

README.md

Gossip Processing

This folder holds a collection of modules to:

  • validate raw gossip data before
    • rebroadcasting it (potentially aggregated)
    • sending it to one of the consensus object pools

Validation

Gossip validation is different from consensus verification in particular for blocks.

There are multiple consumers of validated consensus objects:

  • a ValidationResult.Accept output triggers rebroadcasting in libp2p
    • We jump into method validate(PubSub, Message) in libp2p/protocols/pubsub/pubsub.nim
    • which was called by rpcHandler(GossipSub, PubSubPeer, RPCMsg)
  • a blockValidator message enqueues the validated object to the processing queue in block_processor
    • blockQueue: AsyncQueue[BlockEntry] (shared with request_manager and sync_manager)
    • This queue is then regularly processed to be made available to the consensus object pools.
  • a xyzValidator message adds the validated object to a pool in eth2_processor
    • Attestations (unaggregated and aggregated) get collected into batches.
    • Once a threshold is exceeded or after a timeout, they get validated together using BatchCrypto.

Security concerns

As the first line of defense in Nimbus, modules must be able to handle bursts of data that may come:

  • from malicious nodes trying to DOS us
  • from long periods of non-finality, creating lots of forks, attestations