privval: DO NOT require extension signature from privval if vote extension is disabled #2439

melekes · 2024-02-26T13:45:08Z

Lines 436 to 441 in 914e9d7

    
           isNil := vote.BlockID.IsNil() 
        
           extSignature := (len(v.ExtensionSignature) > 0) 
        
           if extSignature == (!isPrecommit || isNil) { 
        
           	// Non-recoverable because the vote is malformed 
        
           	return false, &ErrVoteExtensionInvalid{ExtSignature: v.ExtensionSignature} 
        
           }

Currently, we require an extension signature from the privval EVEN IF vote extensions are disabled. I.e., if the app is not using vote extensions, validators are signing (through HSM or FilePV) empty Vote.Extension (plus other fields like height and round). Seems like a waste of computing resources. Refs iqlusioninc/tmkms#857 (comment)

The text was updated successfully, but these errors were encountered:

cason · 2024-02-26T16:19:09Z

if the app is not using vote extensions

If the application has enabled vote extensions (which is optional) and is not actually using it.

melekes · 2024-02-29T04:44:57Z

After discussion with @sergio-mena, we've decided to add a boolean flag signExtension to SignVote, indicating if privval needs to sign extension bytes.

SignVote(chainID string, vote *cmtproto.Vote, signExtension bool) error {

Protobuf declaration:

// SignVoteRequest is a request to sign a vote
message SignVoteRequest {
  cometbft.types.v1beta1.Vote vote     = 1;
  string                      chain_id = 2;
  bool sign_extension = 3;
}

... from privval if vote extension is disabled New API (added sign_extension bool flag): ``` SignVote(chainID string, vote *cmtproto.Vote, signExtension bool) error { ``` New Protobuf message (added sign_extension field): ``` // SignVoteRequest is a request to sign a vote message SignVoteRequest { cometbft.types.v1beta1.Vote vote = 1; string chain_id = 2; bool sign_extension = 3; } ``` [api-breaking] Closes #2439

... from privval if vote extensions are disabled New API (added sign_extension bool flag): ``` SignVote(chainID string, vote *cmtproto.Vote, signExtension bool) error { ``` New Protobuf message (added sign_extension field): ``` // SignVoteRequest is a request to sign a vote message SignVoteRequest { cometbft.types.v1beta1.Vote vote = 1; string chain_id = 2; bool sign_extension = 3; } ``` [api-breaking] Closes #2439 --- #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments - [x] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec

... from privval if vote extensions are disabled New API (added sign_extension bool flag): ``` SignVote(chainID string, vote *cmtproto.Vote, signExtension bool) error { ``` New Protobuf message (added sign_extension field): ``` // SignVoteRequest is a request to sign a vote message SignVoteRequest { cometbft.types.v1beta1.Vote vote = 1; string chain_id = 2; bool sign_extension = 3; } ``` [api-breaking] Closes #2439 --- #### PR checklist - [x] Tests written/updated - [x] Changelog entry added in `.changelog` (we use [unclog](https://github.com/informalsystems/unclog) to manage our changelog) - [ ] Updated relevant documentation (`docs/` or `spec/`) and code comments - [x] Title follows the [Conventional Commits](https://www.conventionalcommits.org/en/v1.0.0/) spec (cherry picked from commit cb177fe)

This adds a new field to the `ChainConfig` structure which represents an entry in the `[[chain]]` registry in tmkms.toml which indicates whether or not vote extensions should be signed. In the future we should be able to query this using the `signExtension` field of `SignVote`. See cometbft/cometbft#2439. However, for now this requires a manual configuration flag.

cason · 2024-04-22T16:38:25Z

Do we have a solution for this problem for v0.38.x? See #2711.

melekes · 2024-04-23T07:33:14Z

Do we have a solution for this problem for v0.38.x? See #2711.

The only possible solution is to not check extension signature if vote extensions are disabled. But this would change the default behavior (always check).

melekes added bug Something isn't working needs-triage This issue/PR has not yet been triaged by the team. enhancement New feature or request privval and removed bug Something isn't working needs-triage This issue/PR has not yet been triaged by the team. labels Feb 26, 2024

melekes mentioned this issue Feb 26, 2024

fix(privval): always sign extension iqlusioninc/tmkms#857

Merged

melekes mentioned this issue 8000 Mar 2, 2024

feat(privval)!: DO NOT require extension signature #2496

Merged

4 tasks

melekes self-assigned this Mar 2, 2024

melekes added this to CometBFT Mar 2, 2024

github-project-automation bot moved this to Todo in CometBFT Mar 2, 2024

melekes moved this from Todo to Ready for Review in CometBFT Mar 2, 2024

melekes closed this as completed in #2496 Mar 5, 2024

github-project-automation bot moved this from Ready for Review to Done in CometBFT Mar 5, 2024

adizere added this to the 2024-Q1 milestone Mar 6, 2024

tony-iqlusion mentioned this issue Mar 18, 2024

Add optional sign_extensions field to [[chain]] config iqlusioninc/tmkms#882

Merged

cason mentioned this issue Apr 8, 2024

Consensus Failure error when trying to sign using remote signer #2711

Closed

fcecin mentioned this issue Apr 25, 2025

feat: Upgrade root module to CometBFT v1.0.1 cosmos/cosmos-sdk#24528

Merged

12 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

privval: DO NOT require extension signature from privval if vote extension is disabled #2439

privval: DO NOT require extension signature from privval if vote extension is disabled #2439

Uh oh!

Uh oh!

Uh oh!

Uh oh!

privval: DO NOT require extension signature from privval if vote extension is disabled #2439

privval: DO NOT require extension signature from privval if vote extension is disabled #2439

Comments

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!