Have miner account for timewarp mitigation, activate on regtest, lower nPowTargetTimespan to 144 and add test #30681
Conversation
This currently has no effect due to fPowNoRetargeting, except for the getnetworkhashps when called with -1. It will when the next commit enforces the timewarp attack mitigation on regtest.
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. |
d6c7713 to
2781ab5
Compare
2781ab5 to
775c335
Compare
775c335 to
59ff17e
Compare
| assert_raises_rpc_error, | ||
| get_fee, | ||
| ) | ||
| from test_framework.wallet import MiniWallet | ||
|
|
||
|
|
||
| DIFFICULTY_ADJUSTMENT_INTERVAL = 144 | ||
| MAX_FUTURE_BLOCK_TIME = 2 * 3600 | ||
| MAX_TIMEWARP = 600 |
There was a problem hiding this comment.
In e929054 "Add timewarp attack mitigation test"
This constant is unused in this commit.
There was a problem hiding this comment.
I'll move it to the other commit, or find a way to use it here, if I need to retouch.
|
ACK 59ff17e |
|
ACK 59ff17e Reviewed the code and verified that the newly added tests do actually test the change in behavior. |
| @@ -108,6 +108,10 @@ struct Params { | |||
| /** Proof of work parameters */ | |||
| uint256 powLimit; | |||
| bool fPowAllowMinDifficultyBlocks; | |||
| /** | |||
| * Enfore BIP94 timewarp attack mitigation. On testnet4 this also enforces | |||
There was a problem hiding this comment.
typo nit e85f386
| * Enfore BIP94 timewarp attack mitigation. On testnet4 this also enforces | |
| * Enforce BIP94 timewarp attack mitigation. On testnet4 this also enforces |
There was a problem hiding this comment.
Thanks, will fix if I need to retouch.
|
I tested this patchset with 2016 target timespan and tests passed as expected. I also added a boundary test case: #30698 |
|
Hate to be that guy, but this form of the time-warp mitigation closes off the possibility of using something like forward blocks for scaling bitcoin on-chain in the future. That was my voiced objection to the "create consensus clean-up" on the mailing list. Of course it only applies to testnet4, but in practice this ends up throwing up a hurdle to later deployment of something like forward blocks, as it can no longer be tested on the primary testnet. Has there been consideration given to limiting the relative amount of time-warp compared to the last time-warp, instead of an absolute requirement that total timewarp be less than a certain %age? |
|
@maaku this would be better to discuss on the mailinglist and/or Delving. There's ongoing discussion what addition / other mitigation is needed to handle another variant of the timewarp that is currently not fixed: https://delvingbitcoin.org/t/zawy-s-alternating-timestamp-attack/1062 Maybe that can be combined with what you have in mind. We can always launch a testnet5 with completely different rules. I also vaguely remember a pull request that allowed for custom regtest rules. |
|
@Sjors I have brought this up on the mailing list, 4 months ago: https://groups.google.com/g/bitcoindev/c/CAfm7D5ppjo/m/Jiurx8AiAgAJ |
31378d4 test: Add time-timewarp-attack boundary cases (Greg Sanders) Pull request description: Basic addition to test case added in #30681 ACKs for top commit: fjahr: Code review ACK 31378d4 achow101: ACK 31378d4 tdb3: ACK 31378d4 Tree-SHA512: 7d18af9e7fac0ecb0fb5e4c009d6ce3f9af849b4abc54ae8cf681dc8b882aaa9b4cffd7f798b7193c76d89f96ec2cb6dbd13e341882d59b0580d3573ec675ffd
There was a problem hiding this comment.
I'm late and only saw this PR in the release notes, but FWIW I think that changing regtest consensus rules in order to add test coverage for testnet is setting the wrong priority.
In my opinion, testnet 4 isn't anywhere near important enough to justify that. Regtest, in particular unit and functional tests, primarily exists to test mainnet and should therefore follow it as close as possible. Rather than this, we should add tests to regtest that demonstrate that timewarp is not mitigated, which is the case for mainnet.
I also don't think that the timewarp fix being a "serious candidate for a future mainnet softfork" is enough of a reason. At this point, it's too unclear if, at which point in time and how exactly this will be activated in a future softfork.
Haven't followed any of this in detail, but on regtest, modifying the consensus rule on the command line should be harmless and is already being done to closer mirror main-net, where the defaults don't achieve it. It should be easy to apply in this case as well, if there is need to. |
|
Reviving #17032 seems like a good way to get good test coverage for the timewarp, with and without mitigation. And to avoid arguments on what should and should not be active on regtest.
This can still be achieved using the previous releases functionality. |
|
Forgot about this until last week - I opened issue #31137 to continue discussion. |
…arp bug 733fa0b miner: never create a template which exploits the timewarp bug (Antoine Poinsot) Pull request description: This check was introduced in #30681 but only enabled for testnet4. To avoid potentially creating an invalid block template if a soft fork to fix the timewarp attack were to activate in the future, we should have this check on all networks. It also seems wise for our miner to not support it whether or not a soft fork activates to fix it at the consensus level. ACKs for top commit: Sjors: ACK 733fa0b fjahr: utACK 733fa0b TheCharlatan: ACK 733fa0b Tree-SHA512: 9b3bc8b26a57f93425b17dda80bcfac4ecb750a3d26bc3eb8df619135634e369ac15982fac0c9770b1df207bd2e418ffe02a98f37968f024e55262d97715a4f5
e1676b0 doc: release notes (Sjors Provoost) 0082f6a rpc: have mintime account for timewarp rule (Sjors Provoost) 79d45b1 rpc: clarify BIP94 behavior for curtime (Sjors Provoost) 0713548 refactor: add GetMinimumTime() helper (Sjors Provoost) Pull request description: #30681 fixed the `curtime` field of `getblocktemplate` to take the timewarp rule into account. However I forgot to do the same for the `mintime` field, which was hardcoded to use `pindexPrev->GetMedianTimePast()+1`. This PR adds a helper `GetMinimumTime()` and uses it for the `mintime` field. #31376 changed the `curtime` field to always account for the timewarp rule. This PR maintains that behavior. Note that `mintime` now always applies BIP94, including on mainnet. This makes future softfork activation safer. It could be backported to v28. ACKs for top commit: fjahr: tACK e1676b0 achow101: ACK e1676b0 darosior: utACK e1676b0 on the code changes tdb3: brief code review re ACK e1676b0 TheCharlatan: ACK e1676b0 Tree-SHA512: 0e322d8cc3b8ff770849bce211edcb5b6f55d04e5e0dee0657805049663d758f27423b047ee6363bd8f6c6fead13f974760f48b3321ea86f514f446e1b23231c
Because #30647 reduced the timewarp attack threshold from 7200s to 600s, our miner code will fail to propose a block template (on testnet4) if the last block of the previous period has a timestamp two hours in the future. This PR fixes that and also adds a test.
The non-test changes in the last commit should be in v28, otherwise miners have to patch it themselves. If necessary I can split that out into a separate PR, but I prefer to get the tests in as well.
In order to add the test, we activate BIP94 on regtest.
In order for the test to run faster, we reduce its difficulty retarget period to 144, the same number that's already used for softfork activation logic. Regtest does not actually adjust its difficulty, so this change has no effect (except for
getnetworkhashps, see commit).An alternative approach would be to run this test on testnet4, by hardcoding its first 2015 in the test suite. But since the timewarp mitigation is a serious candidate for a future mainnet softfork, it seems better to just deploy it on regtest.
The next commits add a test and fix the miner code.
The
MAX_TIMEWARPconstant is moved toconsensus.hso both validation and miner code have access to it.