hydra icon indicating copy to clipboard operation
hydra copied to clipboard

Published 20 hours ago verified publisher icon input-output-hk

Align implementation with HeadV1 protocol specification

Open ch1bo opened this issue 3 years ago • 1 comments
trafficstars

Why

In the work stream to mature the Hydra Head protocol enough to aim for a mainnet release, we have been running our implementation against a formal model and created an updated specifiction (because the protocol evolved since publishing the peer-reviewed paper).

These prior works will/did highlight gaps in our implementation of the protocol behavior and/or the scripts that should ensure protocol security on the layer 1.

What

This work package is about addressing and closing these first gaps:

  • Make sure the on-chain code (validators) is checking what is specified
  • Make sure the off-chain code (HeadLogic + chain layer) is working as specified

How

  • Go through all the gaps and fix them (detail this step)
  • Update or create tests corresponding to each item and link them from the gap list closed in this work package

Gaps identified so far

Transition security

  • Head ID needs to be checked in each v_head transition
    • we wouldn't know wheter some NFT is indeed an ST, so we need to keep the head currency id in the datum
  • ST in output value not checked right now
  • Upper tx validity could be very big on close/contest (e.g. close but have deadline in 10 years)
    • enforce a bound using T_max - T_min < some slots
  • Check committed outputs are reimbursed on v_head instead of v_commit
    • individual checks would "collapse" if two identical TxOuts were committed and only one needs to be reimbursed to pass
  • Validator can assume first output is v_head output (simplification)
  • Snapshot number and utxo hash need not be in the redeemer on close/contest
    • the output datum needs to include them and we can check using that
    • only the signature is enough
  • Do not allow contest by closing party and only allow contest once
    • need to collect who contested in the datum and check it
    • needed? leads to upper bound of T_final when we do this 👇
  • Deadline handling changed between paper and V1 spec -> deadline gets "pushed out" on each contest
    • this makes the contestation period easier to determine and scales with number of parties

Protocol logic

  • Sign network messages / authenticate them to be sure they are from a given Party (Hydra VK)
  • Not send transactions with ReqSn, but only transaction ids (Hashes of transactions)
    • Book-keep transactions seend via ReqTx
    • ReqSn handling would then need to resolve TxId -> Tx
  • Decision when to snapshot is different than in spec
    • Best case: contrived and refactor it
    • Worst case: actually different and not clear which is correct
  • "Detect cheating" if we see a ReqSn or AckSn with s > s_seen + 1
  • Actually check the the aggregated signature and "detect cheating" if not

ch1bo avatar Aug 05 '22 09:08 ch1bo

Marked 🔴 as not yet discussed. Depends on outcomes of #194 #448.

ch1bo avatar Aug 05 '22 09:08 ch1bo

Marked amber as the list of gaps appears somewhat clearer (and solvable...)

abailly-iohk avatar Oct 18 '22 12:10 abailly-iohk

When running hydra heads we might have discovered another gap / at least an annoyance: #612

ch1bo avatar Nov 15 '22 13:11 ch1bo