LCOV - code coverage report
Current view: top level - choreo/eqvoc - fd_eqvoc.h (source / functions) Hit Total Coverage
Test: cov.lcov Lines: 0 77 0.0 %
Date: 2025-07-01 05:00:49 Functions: 0 50 0.0 %

          Line data    Source code
       1             : #ifndef HEADER_fd_src_choreo_eqvoc_fd_eqvoc_h
       2             : #define HEADER_fd_src_choreo_eqvoc_fd_eqvoc_h
       3             : 
       4             : #include "../../ballet/shred/fd_shred.h"
       5             : #include "../../flamenco/leaders/fd_leaders.h"
       6             : #include "../fd_choreo_base.h"
       7             : #include "../../flamenco/runtime/fd_blockstore.h"
       8             : 
       9             : /* fd_eqvoc presents an API for detecting and sending / receiving proofs
      10             :    of equivocation.
      11             : 
      12             :    APIs prefixed with `fd_eqvoc_proof` relate to constructing and
      13             :    verifying equivocation proofs from shreds.
      14             : 
      15             :    APIs prefixed with `fd_eqvoc_fec` relate to shred and FEC set
      16             :    metadata indexing to detect equivocating shreds.
      17             : 
      18             :    Equivocation is when a shred producer produces two or more versions
      19             :    of a shred for the same (slot, idx).  An equivocation proof comprises
      20             :    two shreds that conflict in a way that imply the shreds' producer
      21             :    equivocated.
      22             : 
      23             :    The proof can be both direct and indirect (implied).  A direct proof,
      24             :    for example, contains two shreds with the same shred index but
      25             :    different data payloads.  An indirect proof contains two shreds with
      26             :    different shred indices, and the metadata on the shreds implies there
      27             :    must be two or more versions of a block for that slot.  See
      28             :    `fd_eqvoc_proof_verify` for more details.
      29             : 
      30             :    Every FEC set must have the same signature for every shred in the
      31             :    set, so a different signature would indicate equivocation.  Note in
      32             :    the case of merkle shreds, the shred signature is signed on the FEC
      33             :    set's merkle root, so every shred in the same FEC set must have the
      34             :    same signature. */
      35             : 
      36             : /* FD_EQVOC_USE_HANDHOLDING:  Define this to non-zero at compile time
      37             :    to turn on additional runtime checks and logging. */
      38             : 
      39             : #ifndef FD_EQVOC_USE_HANDHOLDING
      40             : #define FD_EQVOC_USE_HANDHOLDING 1
      41             : #endif
      42             : 
      43           0 : #define FD_EQVOC_FEC_MAX ( 67UL )
      44             : 
      45             : struct fd_slot_fec {
      46             :   ulong slot;
      47             :   uint  fec_set_idx;
      48             : };
      49             : typedef struct fd_slot_fec fd_slot_fec_t;
      50             : 
      51             : /* clang-format off */
      52             : static const fd_slot_fec_t     fd_slot_fec_null = { 0 };
      53             : #define FD_SLOT_FEC_NULL       fd_slot_fec_null
      54             : #define FD_SLOT_FEC_INVAL(key) (!((key).slot) & !((key).fec_set_idx))
      55           0 : #define FD_SLOT_FEC_EQ(k0,k1)  (!(((k0).slot) ^ ((k1).slot))) & !(((k0).fec_set_idx) ^ (((k1).fec_set_idx)))
      56           0 : #define FD_SLOT_FEC_HASH(key)  ((uint)(((key).slot)<<15UL) | (((key).fec_set_idx)))
      57             : /* clang-format on */
      58             : 
      59             : struct fd_eqvoc_fec {
      60             :   fd_slot_fec_t    key;
      61             :   ulong            next;
      62             :   ulong            code_cnt;
      63             :   ulong            data_cnt;
      64             :   uint             last_idx;
      65             :   fd_ed25519_sig_t sig;
      66             : };
      67             : typedef struct fd_eqvoc_fec fd_eqvoc_fec_t;
      68             : 
      69             : #define POOL_NAME fd_eqvoc_fec_pool
      70           0 : #define POOL_T    fd_eqvoc_fec_t
      71             : #include "../../util/tmpl/fd_pool.c"
      72             : 
      73             : /* clang-format off */
      74             : #define MAP_NAME               fd_eqvoc_fec_map
      75             : #define MAP_ELE_T              fd_eqvoc_fec_t
      76             : #define MAP_KEY_T              fd_slot_fec_t
      77           0 : #define MAP_KEY_EQ(k0,k1)      (FD_SLOT_FEC_EQ(*k0,*k1))
      78           0 : #define MAP_KEY_HASH(key,seed) (FD_SLOT_FEC_HASH(*key)^seed)
      79             : #include "../../util/tmpl/fd_map_chain.c"
      80             : /* clang-format on */
      81             : 
      82             : /* This is the standard MTU
      83             : 
      84             :    IPv6 MTU - IP / UDP headers = 1232
      85             :    DuplicateShredMaxPayloadSize = 1232 - 115
      86             :    DuplicateShred headers = 63
      87             : 
      88             :    https://github.com/anza-xyz/agave/blob/v2.0.3/gossip/src/cluster_info.rs#L113 */
      89             : 
      90           0 : #define FD_EQVOC_PROOF_CHUNK_SZ  (1232UL - 115UL - 63UL)
      91           0 : #define FD_EQVOC_PROOF_CHUNK_CNT (( FD_EQVOC_PROOF_SZ / FD_EQVOC_PROOF_CHUNK_SZ ) + 1) /* 3 */
      92           0 : #define FD_EQVOC_PROOF_SZ (2*FD_SHRED_MAX_SZ + 2*sizeof(ulong)) /* 2 shreds prefixed with sz, encoded in 3 chunks */
      93             : 
      94             : /* The chunk_cnt is encoded in a UCHAR_MAX, so you can have at most
      95             :    UCHAR_MAX chunks */
      96             : 
      97             : #define FD_EQVOC_PROOF_CHUNK_MIN ( ( FD_EQVOC_PROOF_SZ / UCHAR_MAX ) + 1 ) /* 20 */
      98             : 
      99           0 : #define FD_EQVOC_PROOF_VERIFY_FAILURE           (0)
     100           0 : #define FD_EQVOC_PROOF_VERIFY_SUCCESS_SIGNATURE (1)
     101           0 : #define FD_EQVOC_PROOF_VERIFY_SUCCESS_META      (2)
     102           0 : #define FD_EQVOC_PROOF_VERIFY_SUCCESS_LAST      (3)
     103           0 : #define FD_EQVOC_PROOF_VERIFY_SUCCESS_OVERLAP   (4)
     104           0 : #define FD_EQVOC_PROOF_VERIFY_SUCCESS_CHAINED   (5)
     105             : 
     106           0 : #define FD_EQVOC_PROOF_VERIFY_ERR_SLOT      (-1) /* different slot */
     107           0 : #define FD_EQVOC_PROOF_VERIFY_ERR_VERSION   (-2) /* different shred version */
     108           0 : #define FD_EQVOC_PROOF_VERIFY_ERR_TYPE      (-3) /* wrong shred type (must be chained {resigned} merkle) */
     109           0 : #define FD_EQVOC_PROOF_VERIFY_ERR_MERKLE    (-4) /* merkle root failed */
     110           0 : #define FD_EQVOC_PROOF_VERIFY_ERR_SIGNATURE (-5) /* sig verify of shred producer failed */
     111             : 
     112             : #define SET_NAME fd_eqvoc_proof_set
     113             : #define SET_MAX  256
     114             : #include "../../util/tmpl/fd_set.c"
     115             : 
     116             : struct fd_eqvoc_proof {
     117             :   fd_slot_pubkey_t     key;
     118             :   ulong                prev; /* reserved for data structure use */
     119             :   ulong                next; /* reserved for data structure use*/
     120             : 
     121             :   fd_pubkey_t         producer;   /* producer of shreds' pubkey */
     122             :   void *              bmtree_mem; /* scratch space for reconstructing
     123             :                                      the merkle root */
     124             :   ulong               wallclock;  /* `wallclock` */
     125             :   ulong               chunk_cnt;  /* `num_chunks` */
     126             :   ulong               chunk_sz;   /* `chunk_len` */
     127             : 
     128             :   /* static declaration of an fd_set that occupies 4 words ie. 256 bits
     129             :      that tracks which proof chunks have been received. */
     130             : 
     131             :   fd_eqvoc_proof_set_t set[UCHAR_MAX / sizeof( ulong )];
     132             : 
     133             :   /* DuplicateShred messages are serialized in the following format:
     134             : 
     135             :      ---------
     136             :      shred1_sz
     137             :      ---------
     138             :      shred1
     139             :      ---------
     140             :      shred2_sz
     141             :      ---------
     142             :      shred2
     143             :      ---------
     144             : 
     145             :      Each shred is prepended with its size in bytes, before being
     146             :      chunked.
     147             :   */
     148             : 
     149             :    uchar shreds[2 * FD_SHRED_MAX_SZ + 2 * sizeof(ulong)];
     150             : };
     151             : typedef struct fd_eqvoc_proof fd_eqvoc_proof_t;
     152             : 
     153             : #define POOL_NAME fd_eqvoc_proof_pool
     154           0 : #define POOL_T    fd_eqvoc_proof_t
     155             : #include "../../util/tmpl/fd_pool.c"
     156             : 
     157             : /* clang-format off */
     158             : #define MAP_NAME               fd_eqvoc_proof_map
     159             : #define MAP_ELE_T              fd_eqvoc_proof_t
     160             : #define MAP_KEY_T              fd_slot_pubkey_t
     161           0 : #define MAP_KEY_EQ(k0,k1)      (FD_SLOT_PUBKEY_EQ(k0,k1))
     162           0 : #define MAP_KEY_HASH(key,seed) (FD_SLOT_PUBKEY_HASH(key,seed))
     163             : #include "../../util/tmpl/fd_map_chain.c"
     164             : /* clang-format on */
     165             : 
     166             : struct fd_eqvoc {
     167             : 
     168             :   /* primitives */
     169             : 
     170             :   fd_pubkey_t me; /* our pubkey */
     171             :   ulong fec_max;
     172             :   ulong proof_max;
     173             :   ulong shred_version; /* shred version we expect in all shreds in eqvoc-related msgs. */
     174             : 
     175             :   /* owned */
     176             : 
     177             :   fd_eqvoc_fec_t *       fec_pool;
     178             :   fd_eqvoc_fec_map_t *   fec_map;
     179             :   // fd_eqvoc_fec_dlist_t * fec_dlist;
     180             :   fd_eqvoc_proof_t *     proof_pool;
     181             :   fd_eqvoc_proof_map_t * proof_map;
     182             :   fd_sha512_t *          sha512;
     183             :   void *                 bmtree_mem;
     184             : 
     185             :   /* borrowed  */
     186             : 
     187             :   fd_epoch_leaders_t const * leaders;
     188             : };
     189             : typedef struct fd_eqvoc fd_eqvoc_t;
     190             : 
     191             : /* clang-format off */
     192             : 
     193             : /* fd_eqvoc_{align,footprint} return the required alignment and
     194             :    footprint of a memory region suitable for use as eqvoc with up to
     195             :    node_max nodes and vote_max votes. */
     196             : 
     197             : FD_FN_CONST static inline ulong
     198           0 : fd_eqvoc_align( void ) {
     199           0 :   return alignof(fd_eqvoc_t);
     200           0 : }
     201             : 
     202             : FD_FN_CONST static inline ulong
     203           0 : fd_eqvoc_footprint( ulong fec_max, ulong proof_max ) {
     204           0 :   return FD_LAYOUT_FINI(
     205           0 :     FD_LAYOUT_APPEND(
     206           0 :     FD_LAYOUT_APPEND(
     207           0 :     FD_LAYOUT_APPEND(
     208           0 :     FD_LAYOUT_APPEND(
     209           0 :     FD_LAYOUT_APPEND(
     210           0 :     FD_LAYOUT_APPEND(
     211           0 :     FD_LAYOUT_APPEND(
     212           0 :     FD_LAYOUT_INIT,
     213           0 :       alignof(fd_eqvoc_t),         sizeof(fd_eqvoc_t) ),
     214           0 :       fd_eqvoc_fec_pool_align(),   fd_eqvoc_fec_pool_footprint( fec_max ) ),
     215           0 :       fd_eqvoc_fec_map_align(),    fd_eqvoc_fec_map_footprint( fec_max ) ),
     216           0 :       fd_eqvoc_proof_pool_align(), fd_eqvoc_proof_pool_footprint( proof_max ) ),
     217           0 :       fd_eqvoc_proof_map_align(),  fd_eqvoc_proof_map_footprint( proof_max ) ),
     218           0 :       fd_sha512_align(),           fd_sha512_footprint() ),
     219           0 :       fd_bmtree_commit_align(),    fd_bmtree_commit_footprint( FD_SHRED_MERKLE_LAYER_CNT ) ),
     220           0 :    fd_eqvoc_align() );
     221           0 : }
     222             : /* clang-format on */
     223             : 
     224             : /* fd_eqvoc_new formats an unused memory region for use as a eqvoc.
     225             :    mem is a non-NULL pointer to this region in the local address space
     226             :    with the required footprint and alignment. */
     227             : 
     228             : void *
     229             : fd_eqvoc_new( void * shmem, ulong fec_max, ulong proof_max, ulong seed );
     230             : 
     231             : /* fd_eqvoc_join joins the caller to the eqvoc.  eqvoc points to the
     232             :    first byte of the memory region backing the eqvoc in the caller's
     233             :    address space.
     234             : 
     235             :    Returns a pointer in the local address space to eqvoc on success. */
     236             : 
     237             : fd_eqvoc_t *
     238             : fd_eqvoc_join( void * sheqvoc );
     239             : 
     240             : /* fd_eqvoc_leave leaves a current local join.  Returns a pointer to the
     241             :    underlying shared memory region on success and NULL on failure (logs
     242             :    details).  Reasons for failure include eqvoc is NULL. */
     243             : 
     244             : void *
     245             : fd_eqvoc_leave( fd_eqvoc_t const * eqvoc );
     246             : 
     247             : /* fd_eqvoc_delete unformats a memory region used as a eqvoc.
     248             :    Assumes only the nobody is joined to the region.  Returns a
     249             :    pointer to the underlying shared memory region or NULL if used
     250             :    obviously in error (e.g. eqvoc is obviously not a eqvoc ... logs
     251             :    details).  The ownership of the memory region is transferred to the
     252             :    caller. */
     253             : 
     254             : void *
     255             : fd_eqvoc_delete( void * sheqvoc );
     256             : 
     257             : /* fd_eqvoc_init initializes eqvoc with the expected shred version. */
     258             : 
     259             : void
     260             : fd_eqvoc_init( fd_eqvoc_t * eqvoc, ulong shred_version );
     261             : 
     262             : /* fd_eqvoc_fec_query queries for FEC set metadata on (slot,
     263             :    fec_set_idx).  At least one coding shred most be inserted to populate
     264             :    code_cnt, data_cnt, and the last data shred in the slot to populate
     265             :    last_idx.  Otherwise fields are defaulted to 0, 0, FD_SHRED_IDX_NULL
     266             :    respectively.  Callers should check whether fields are the default
     267             :    values before using them. */
     268             : 
     269             : FD_FN_PURE static inline fd_eqvoc_fec_t const *
     270           0 : fd_eqvoc_fec_query( fd_eqvoc_t const * eqvoc, ulong slot, uint fec_set_idx ) {
     271           0 :   fd_slot_fec_t key = { slot, fec_set_idx };
     272           0 :   return fd_eqvoc_fec_map_ele_query_const( eqvoc->fec_map, &key, NULL, eqvoc->fec_pool );
     273           0 : }
     274             : 
     275             : /* fd_eqvoc_fec_insert inserts a new FEC entry into eqvoc, indexed by
     276             :    (slot, fec_set_idx). */
     277             : 
     278             : fd_eqvoc_fec_t *
     279             : fd_eqvoc_fec_insert( fd_eqvoc_t * eqvoc, ulong slot, uint fec_set_idx );
     280             : 
     281             : /* fd_eqvoc_fec_search searches for whether `shred` implies equivocation
     282             :    by checking for a conflict in the currently indexed FEC sets. Returns
     283             :    the conflicting entry if there is one, NULL otherwise.
     284             : 
     285             :    A FEC set "overlaps" with another if they both contain a data shred
     286             :    at the samed idx.  For example, say we have a FEC set containing data
     287             :    shreds in the idx interval [13, 15] and another containing idxs [15,
     288             :    20].  The first FEC set has fec_set_idx 13 and data_cnt 3. The second
     289             :    FEC set has fec_set_idx 15 and data_cnt 6.  They overlap because they
     290             :    both contain a data shred at idx 15.  Therefore, these two FEC sets
     291             :    imply equivocation.
     292             : 
     293             :    This overlap can be detected arithmetically by adding the data_cnt to
     294             :    the fec_set_idx that starts earlier.  If the result is greater than
     295             :    the fec_set_idx that starts later, we know at least one data shred
     296             :    idx must overlap.  In this example, 13 + 3 > 15, which indicates
     297             :    equivocation.
     298             : 
     299             :    We can check for this overlap both backwards and forwards.  We know
     300             :    the max number of data shred idxs in a valid FEC set is 67.  So we
     301             :    need to look back at most 67 FEC set idxs to find the previous FEC
     302             :    set.  Similarly, we look forward at most data_cnt idxs to find the
     303             :    next FEC set. */
     304             : 
     305             : fd_eqvoc_fec_t const *
     306             : fd_eqvoc_fec_search( fd_eqvoc_t const * eqvoc, fd_shred_t const * shred );
     307             : 
     308             : /* fd_eqvoc_proof_query queries for the proof at (slot, from). */
     309             : 
     310             : FD_FN_PURE static inline fd_eqvoc_proof_t *
     311           0 : fd_eqvoc_proof_query( fd_eqvoc_t * eqvoc, ulong slot, fd_pubkey_t const * from ) {
     312           0 :   fd_slot_pubkey_t key = { slot, *from };
     313           0 :   return fd_eqvoc_proof_map_ele_query( eqvoc->proof_map, &key, NULL, eqvoc->proof_pool );
     314           0 : }
     315             : 
     316             : /* fd_eqvoc_proof_query_const is the const version of the above. */
     317             : 
     318             : FD_FN_PURE static inline fd_eqvoc_proof_t const *
     319           0 : fd_eqvoc_proof_query_const( fd_eqvoc_t const * eqvoc, ulong slot, fd_pubkey_t const * from ) {
     320           0 :   fd_slot_pubkey_t key = { slot, *from };
     321           0 :   return fd_eqvoc_proof_map_ele_query_const( eqvoc->proof_map, &key, NULL, eqvoc->proof_pool );
     322           0 : }
     323             : 
     324             : /* fd_eqvoc_proof_insert inserts a proof entry into eqvoc, keyed by
     325             :    (slot, from) where from is the pubkey that generated the proof. */
     326             : 
     327             : fd_eqvoc_proof_t *
     328             : fd_eqvoc_proof_insert( fd_eqvoc_t * eqvoc, ulong slot, fd_pubkey_t const * from );
     329             : 
     330             : void
     331             : fd_eqvoc_proof_init( fd_eqvoc_proof_t * proof, fd_pubkey_t const * producer, ulong wallclock, ulong chunk_cnt, ulong chunk_sz, void * bmtree_mem );
     332             : 
     333             : /* fd_eqvoc_proof_chunk_insert inserts a proof chunk into the proof.
     334             :    Proofs are divided into chunks before they are transmitted via
     335             :    gossip, so this function is necessary for reconstruction. */
     336             : 
     337             : void
     338             : fd_eqvoc_proof_chunk_insert( fd_eqvoc_proof_t * proof, fd_gossip_duplicate_shred_t const * chunk );
     339             : 
     340             : /* fd_eqvoc_shreds_chunk_insert is a lower-level API for the above. */
     341             : 
     342             : void
     343             : fd_eqvoc_shreds_chunk_insert( fd_shred_t * shred1, fd_shred_t * shred2, fd_gossip_duplicate_shred_t const * chunk );
     344             : 
     345             : /* fd_eqvoc_proof_remove removes the proof entry associated with key. */
     346             : 
     347             : void
     348             : fd_eqvoc_proof_remove( fd_eqvoc_t * eqvoc, fd_slot_pubkey_t const * key );
     349             : 
     350             : /* fd_eqvoc_proof_complete checks whether the proof has received all
     351             :    chunks ie. is complete.  Returns 1 if so, 0 otherwise. */
     352             : 
     353             : static inline int
     354           0 : fd_eqvoc_proof_complete( fd_eqvoc_proof_t const * proof ) {
     355           0 :   for( uchar i = 0; i < proof->chunk_cnt; i++ ) {
     356           0 :     if( !fd_eqvoc_proof_set_test( proof->set, i ) ) return 0;
     357           0 :   }
     358           0 :   return 1;
     359           0 : }
     360             : 
     361             : /* fd_eqvoc_proof_verify verifies that the two shreds contained in
     362             :    `proof` do in fact equivocate.
     363             : 
     364             :    Returns: FD_EQVOC_VERIFY_FAILURE if they do not
     365             :      FD_EQVOC_VERIFY_SUCCESS_{REASON} if they do
     366             :      FD_EQVOC_VERIFY_ERR_{REASON} if the shreds were not valid inputs
     367             : 
     368             :    Two shreds equivocate if they satisfy any of the following:
     369             : 
     370             :    1. They are in the same FEC set but have different signatures.
     371             :    2. They are in the same FEC set and are both coding shreds, but have
     372             :       different coding metadata ie. code_cnt, data_cnt, first_code_idx.
     373             :    3. They are in the same FEC set and are both data shreds.  One shred
     374             :       is marked as the last data shred in the slot
     375             :       (FD_SHRED_DATA_FLAG_SLOT_COMPLETE), but the other shred has a
     376             :       higher data shred index.
     377             :    4. They are in different FEC sets and the shred with a lower FEC set
     378             :       index is a coding shred, whereas the shred with the higher FEC set
     379             :       index is either a coding or data shred.  The lower coding shred's
     380             :       `data_cnt` implies the lower FEC set intersects with the higher
     381             :       FEC set ie. the FEC sets are overlapping.
     382             :    5. They are in different FEC sets and the shred with a lower FEC set
     383             :       index is a coding shred, and the FEC sets are adjacent ie. the
     384             :       last data shred index in the lower FEC set is one less than the
     385             :       first data shred index in the higher FEC set.  The merkle root of
     386             :       the lower FEC set is different from the chained merkle root of the
     387             :       higher FEC set.
     388             : 
     389             :    Note: two shreds are in the same FEC set if they have the same slot
     390             :    and same FEC set index.
     391             : 
     392             :    To prevent false positives, this function also performs the following
     393             :    input validation on the shreds:
     394             : 
     395             :    1. shred1 and shred2 are both the expected shred_version.
     396             :    2. shred1 and shred2 are for the same slot.
     397             :    3. shred1 and shred2 are either chained merkle or chained resigned
     398             :       merkle variants.
     399             :    4. shred1 and shred2 contain valid signatures signed by the same
     400             :       producer pubkey.
     401             : 
     402             :    If any of the above input validation fail, this function returns
     403             :    FD_EQVOC_VERIFY_ERR_{REASON} for the appropriate reason. */
     404             : 
     405             : int
     406             : fd_eqvoc_proof_verify( fd_eqvoc_proof_t const * proof );
     407             : 
     408             : /* fd_eqvoc_proof_shreds_verify is a lower-level API for
     409             :    fd_eqvoc_proof_verify.  Refer above for documentation.  */
     410             : 
     411             : int
     412             : fd_eqvoc_shreds_verify( fd_shred_t const * shred1, fd_shred_t const * shred2, fd_pubkey_t const * producer, void * bmtree_mem );
     413             : 
     414             : /* fd_eqvoc_proof_shred1 returns a pointer to shred1 in `proof`. */
     415             : 
     416             : static inline fd_shred_t *
     417           0 : fd_eqvoc_proof_shred1( fd_eqvoc_proof_t * proof ) {
     418           0 :   return (fd_shred_t *)fd_type_pun_const( proof->shreds + sizeof(ulong) );
     419           0 : }
     420             : 
     421             : /* fd_eqvoc_proof_shred1_const returns a const pointer to shred1 in
     422             :    `proof`. */
     423             : 
     424             : static inline fd_shred_t const *
     425           0 : fd_eqvoc_proof_shred1_const( fd_eqvoc_proof_t const * proof ) {
     426           0 :   return (fd_shred_t const *)fd_type_pun_const( proof->shreds + sizeof(ulong) );
     427           0 : }
     428             : 
     429             : /* fd_eqvoc_proof_shred2 returns a pointer to shred2 in `proof`. */
     430             : 
     431             : static inline fd_shred_t *
     432           0 : fd_eqvoc_proof_shred2( fd_eqvoc_proof_t * proof ) {
     433           0 :   ulong shred1_sz = *(ulong *)fd_type_pun( proof->shreds );
     434           0 :   return (fd_shred_t *)fd_type_pun( proof->shreds + shred1_sz + 2*sizeof(ulong) );
     435           0 : }
     436             : 
     437             : /* fd_eqvoc_proof_shred2_const returns a const pointer to shred2 in `proof`. */
     438             : 
     439             : static inline fd_shred_t const *
     440           0 : fd_eqvoc_proof_shred2_const( fd_eqvoc_proof_t const * proof ) {
     441           0 :   ulong shred1_sz = *(ulong const *)fd_type_pun_const( proof->shreds );
     442           0 :   return (fd_shred_t const *)fd_type_pun_const( proof->shreds + shred1_sz + 2*sizeof(ulong) );
     443           0 : }
     444             : 
     445             : /* fd_eqvoc_verify verifies `slot` has FEC sets with merkle roots that
     446             :    correctly chain, including that the first FEC set in slot's merkle
     447             :    hash chains from the last FEC set in parent slot's merkle hash. */
     448             : 
     449             : int
     450             : fd_eqvoc_slot_verify( fd_eqvoc_t const * eqvoc, fd_blockstore_t * blockstore, ulong slot );
     451             : 
     452             : /* fd_eqvoc_from_chunks reconstructs shred1_out and shred2_out from
     453             :    `chunks` which is an array of "duplicate shred" gossip msgs. Shred1
     454             :    and shred2 comprise a "duplicate shred proof", ie. proof of two
     455             :    shreds that conflict and therefore demonstrate the shreds' producer
     456             :    has equivocated.
     457             : 
     458             :    Assumes `chunks` is non-NULL and contains at least one valid array
     459             :    member chunks[0] to extract header information.  Caller's
     460             :    responsibility to guarantee this.  Also assumes the `chunk` field in
     461             :    `fd_gossip_duplicate_shred_t` is a pointer to valid memory and
     462             :    consistent with the metadata presented in the header of the first
     463             :    array member, eg. if the header says there are 4 chunks then this
     464             :    implementation assumes this is true.  These assumptions should be
     465             :    already upheld by caller if using deserializers in `fd_types.h`.
     466             :    Behavior is undefined otherwise.
     467             : 
     468             :    Does additional sanity-check validation eg. checking chunk_len <=
     469             :    FD_EQVOC_PROOF_SZ.
     470             : 
     471             :    This function is expected to be deprecated once chunks are specified
     472             :    to be fixed-length in the gossip protocol. */
     473             : 
     474             : void
     475             : fd_eqvoc_proof_from_chunks( fd_gossip_duplicate_shred_t const * chunks,
     476             :                             fd_eqvoc_proof_t * proof_out );
     477             : 
     478             : /* fd_eqvoc_to_chunks constructs an array of DuplicateShred gossip msgs
     479             :    (`chunks_out`) from shred1 and shred2.
     480             : 
     481             :    Shred1 and shred2 are concatenated (the concatenation is implemented
     482             :    virtually) and then spliced into chunks of FD_EQVOC_PROOF_CHUNK_SZ
     483             :    size. These chunks are embedded in the body of each DuplicateShred
     484             :    msg, along with a common header across all msgs.
     485             : 
     486             :    Caller supplies `chunks_out`, which is an array that MUST contain
     487             :    `ceil(shred1_payload_sz + shred2_payload_sz /
     488             :    FD_EQVOC_PROOF_CHUNK_SZ)` elements.  Each chunk in `chunks_out` MUST
     489             :    have a buffer of at least `chunk_len` size available in its `chunk`
     490             :    pointer field.  Behavior is undefined otherwise.
     491             : 
     492             :    IMPORTANT SAFETY TIP!  The lifetime of each chunk in `chunks_out`
     493             :    must be at least as long as the lifetime of the array of
     494             :    duplicate_shreds.  Caller is responsible for ensuring this memory
     495             :    safety guarantee. */
     496             : 
     497             : void
     498             : fd_eqvoc_proof_to_chunks( fd_eqvoc_proof_t * proof, fd_gossip_duplicate_shred_t * chunks_out );
     499             : 
     500             : #endif /* HEADER_fd_src_choreo_eqvoc_fd_eqvoc_h */

Generated by: LCOV version 1.14