client/beefy: track equivocations and create proofs

client/beefy/src/round.rs

@@ -18,7 +18,7 @@
 
 use beefy_primitives::{
 	crypto::{AuthorityId, Public, Signature},
-	Commitment, Payload, ValidatorSet, ValidatorSetId, VoteMessage,
+	Commitment, Equivocation, EquivocationProof, ValidatorSet, ValidatorSetId, VoteMessage,
 };
 use codec::{Decode, Encode};
 use log::debug;
@@ -59,23 +59,23 @@ pub fn threshold(authorities: usize) -> usize {
 	authorities - faulty
 }
 
-#[derive(Debug, PartialEq)]
-pub enum VoteImportResult {
+#[derive(Debug)]
+pub enum VoteImportResult<B: Block> {
+	Ok,
+	RoundConcluded(Vec<Option<Signature>>),
+	Equivocation(EquivocationProof<NumberFor<B>, Public, Signature>),
 	Invalid,
 	Stale,
-	Equivocation,
-	OkRoundInProgress,
-	OkRoundConcluded(Vec<Option<Signature>>),
 }
 
 /// Keeps track of all voting rounds (block numbers) within a session.
 /// Only round numbers > `best_done` are of interest, all others are considered stale.
 ///
 /// Does not do any validation on votes or signatures, layers above need to handle that (gossip).
-#[derive(Debug, Decode, Encode, PartialEq)]
+#[derive(Debug, Decode, Encode)]
 pub(crate) struct Rounds<B: Block> {
 	rounds: BTreeMap<Commitment<NumberFor<B>>, RoundTracker>,
-	equivocations: BTreeMap<(Public, NumberFor<B>), Payload>,
+	equivocations: BTreeMap<(Public, NumberFor<B>), VoteMessage<NumberFor<B>, Public, Signature>>,
 	session_start: NumberFor<B>,
 	validator_set: ValidatorSet<Public>,
 	mandatory_done: bool,
@@ -99,7 +99,10 @@ where
 
 	pub(crate) fn new_manual(
 		rounds: BTreeMap<Commitment<NumberFor<B>>, RoundTracker>,
-		equivocations: BTreeMap<(Public, NumberFor<B>), Payload>,
+		equivocations: BTreeMap<
+			(Public, NumberFor<B>),
+			VoteMessage<NumberFor<B>, Public, Signature>,
+		>,
 		session_start: NumberFor<B>,
 		validator_set: ValidatorSet<Public>,
 		mandatory_done: bool,
@@ -131,55 +134,65 @@ where
 	pub(crate) fn add_vote(
 		&mut self,
 		vote: VoteMessage<NumberFor<B>, AuthorityId, Signature>,
-	) -> VoteImportResult {
+	) -> VoteImportResult<B> {
 		let num = vote.commitment.block_number;
 		let equivocation_key = (vote.id.clone(), num);
+
 		if num < self.session_start || Some(num) <= self.best_done {
 			debug!(target: "beefy", "🥩 received vote for old stale round {:?}, ignoring", num);
-			VoteImportResult::Stale
+			return VoteImportResult::Stale
 		} else if vote.commitment.validator_set_id != self.validator_set_id() {
 			debug!(
 				target: "beefy", "🥩 expected set_id {:?}, ignoring vote {:?}.",
 				self.validator_set_id(), vote,
 			);
-			VoteImportResult::Invalid
+			return VoteImportResult::Invalid
 		} else if !self.validators().iter().any(|id| &vote.id == id) {
 			debug!(
 				target: "beefy",
 				"🥩 received vote {:?} from validator that is not in the validator set, ignoring",
 				vote
 			);
-			VoteImportResult::Invalid
-		} else if self
-			.equivocations
+			return VoteImportResult::Invalid
+		}
+
+		if let Some(existing_vote) = self.equivocations.get(&equivocation_key) {
 			// is the same public key voting for a different payload?
-			.get(&equivocation_key)
-			.map(|payload| payload != &vote.commitment.payload)
-			.unwrap_or_else(|| {
-				// this is the first vote done by `id` for `num`
-				self.equivocations.insert(equivocation_key, vote.commitment.payload.clone());
-				// no equivocation
-				false
-			}) {
-			debug!(target: "beefy", "🥩 detected equivocated vote {:?}", vote);
-			VoteImportResult::Equivocation
+			if existing_vote.commitment.payload != vote.commitment.payload {
+				debug!(
+					target: "beefy", "🥩 detected equivocated vote: 1st: {:?}, 2nd: {:?}",
+					existing_vote, vote
+				);
+				let equivocation = Equivocation {
+					round_number: equivocation_key.1,
+					id: equivocation_key.0,
+					first: existing_vote.clone(),
+					second: vote,
+				};
+				let set_id = self.validator_set_id();
+				return VoteImportResult::Equivocation(EquivocationProof { set_id, equivocation })
+			}
 		} else {
-			let round = self.rounds.entry(vote.commitment.clone()).or_default();
-			if round.add_vote((vote.id, vote.signature)) &&
-				round.is_done(threshold(self.validator_set.len()))
-			{
-				if let Some(round) = self.rounds.remove(&vote.commitment) {
-					let votes = round.votes;
-					let signatures = self
-						.validators()
-						.iter()
-						.map(|authority_id| votes.get(authority_id).cloned())
-						.collect();
-					return VoteImportResult::OkRoundConcluded(signatures)
-				}
+			// this is the first vote sent by `id` for `num`, all good
+			self.equivocations.insert(equivocation_key, vote.clone());
+		}
+
+		// add valid vote
+		let round = self.rounds.entry(vote.commitment.clone()).or_default();
+		if round.add_vote((vote.id, vote.signature)) &&
+			round.is_done(threshold(self.validator_set.len()))
+		{
+			if let Some(round) = self.rounds.remove(&vote.commitment) {
+				let votes = round.votes;
+				let signatures = self
+					.validators()
+					.iter()
+					.map(|authority_id| votes.get(authority_id).cloned())
+					.collect();
+				return VoteImportResult::RoundConcluded(signatures)
 			}
-			VoteImportResult::OkRoundInProgress
 		}
+		VoteImportResult::Ok
 	}
 
 	pub(crate) fn conclude(&mut self, round_num: NumberFor<B>) {

client/beefy/src/worker.rs

@@ -31,7 +31,7 @@ use crate::{
 };
 use beefy_primitives::{
 	crypto::{AuthorityId, Signature},
-	Commitment, ConsensusLog, PayloadProvider, SignedCommitment, ValidatorSet,
+	Commitment, ConsensusLog, EquivocationProof, PayloadProvider, SignedCommitment, ValidatorSet,
 	VersionedFinalityProof, VoteMessage, BEEFY_ENGINE_ID,
 };
 use codec::{Codec, Decode, Encode};
@@ -73,7 +73,7 @@ pub(crate) enum RoundAction {
 /// Responsible for the voting strategy.
 /// It chooses which incoming votes to accept and which votes to generate.
 /// Keeps track of voting seen for current and future rounds.
-#[derive(Debug, Decode, Encode, PartialEq)]
+#[derive(Debug, Decode, Encode)]
 pub(crate) struct VoterOracle<B: Block> {
 	/// Queue of known sessions. Keeps track of voting rounds (block numbers) within each session.
 	///
@@ -256,7 +256,7 @@ pub(crate) struct WorkerParams<B: Block, BE, P, N> {
 	pub persisted_state: PersistedState<B>,
 }
 
-#[derive(Debug, Decode, Encode, PartialEq)]
+#[derive(Debug, Decode, Encode)]
 pub(crate) struct PersistedState<B: Block> {
 	/// Best block we received a GRANDPA finality for.
 	best_grandpa_block_header: <B as Block>::Header,
@@ -549,7 +549,7 @@ where
 		let round = (vote.commitment.payload.clone(), number);
 
 		match rounds.add_vote(vote) {
-			VoteImportResult::OkRoundConcluded(signatures) => {
+			VoteImportResult::RoundConcluded(signatures) => {
 				self.gossip_validator.conclude_round(number);
 
 				let commitment = Commitment {
@@ -568,7 +568,7 @@ where
 				// New state is persisted after finalization.
 				self.finalize(finality_proof)?;
 			},
-			VoteImportResult::OkRoundInProgress => {
+			VoteImportResult::Ok => {
 				let mandatory_round = self
 					.voting_oracle()
 					.mandatory_pending()
@@ -582,7 +582,9 @@ where
 						.map_err(|e| Error::Backend(e.to_string()))?;
 				}
 			},
-			VoteImportResult::Equivocation => unimplemented!(),
+			VoteImportResult::Equivocation(proof) => {
+				self.report_equivocation(proof)?;
+			},
 			VoteImportResult::Invalid | VoteImportResult::Stale => (),
 		};
 		Ok(())
@@ -901,6 +903,18 @@ where
 			}
 		}
 	}
+
+	/// Report the given equivocation to the BEEFY runtime module. This method
+	/// generates a session membership proof of the offender and then submits an
+	/// extrinsic to report the equivocation. In particular, the session membership
+	/// proof must be generated at the block at which the given set was active which
+	/// isn't necessarily the best block if there are pending authority set changes.
+	pub(crate) fn report_equivocation(
+		&self,
+		_proof: EquivocationProof<NumberFor<B>, AuthorityId, Signature>,
+	) -> Result<(), Error> {
+		todo!()
+	}
 }
 
 /// Scan the `header` digest log for a BEEFY validator set change. Return either the new

primitives/beefy/src/lib.rs

@@ -183,7 +183,7 @@ pub enum ConsensusLog<AuthorityId: Codec> {
 ///
 /// A vote message is a direct vote created by a BEEFY node on every voting round
 /// and is gossiped to its peers.
-#[derive(Debug, Decode, Encode, TypeInfo)]
+#[derive(Clone, Debug, Decode, Encode, TypeInfo)]
 pub struct VoteMessage<Number, Id, Signature> {
 	/// Commit to information extracted from a finalized block
 	pub commitment: Commitment<Number>,
@@ -211,8 +211,10 @@ pub struct Equivocation<Number, Id, Signature> {
 /// Proving is achieved by collecting the signed commitments of conflicting votes.
 #[derive(Debug, Decode, Encode, TypeInfo)]
 pub struct EquivocationProof<Number, Id, Signature> {
-	set_id: ValidatorSetId,
-	equivocation: Equivocation<Number, Id, Signature>,
+	/// BEEFY validator set id active during this equivocation.
+	pub set_id: ValidatorSetId,
+	/// Equivocation details including the conflicting votes.
+	pub equivocation: Equivocation<Number, Id, Signature>,
 }
 
 /// Check a commitment signature by encoding the commitment and