Grandpa protocols

[MattHalpinParity]

No description provided.

[zdave-parity]

Can't comment on the actual message contents as I'm not familiar enough with GRANDPA; will have to trust you on that for now!

[zdave-parity]

To be consistent with how enums are defined elsewhere, I would write this like:

0 ++ Prevote OR 1 ++ Precommit OR 2 ++ PrimaryPropose

Would also be good to use a more specific name than Message. If these are votes, perhaps Vote would be a good name?

[zdave-parity]

The 0 ++ seems unnecessary, similar comment on the other protocols.

[zdave-parity]

Assuming this is a response to a previous catchup request, we should probably just return it on the request stream?

[zdave-parity]

I've read the GRANDPA paper and somewhat understand how it works now. It should be possible for someone to implement this protocol given only the GP, referenced papers (this includes the GRANDPA paper), and this document. I don't think there is enough detail here at the moment for that to be the case. I've commented on particular places where I think there is not enough detail, but these comments are probably not exhaustive...

[zdave-parity]

A summary of the vote types here and when they are sent would be good. Ideally it should be possible to implement this using only the GRANDPA paper and this document. So in particular, I think PrimaryPropose needs clarifying here, as I don't think that wording is used in the paper. I assume it is the block broadcast by the primary in step 2 of the protocol? We also need to define here how the primary is chosen as this is not defined in the paper.

[zdave-parity]

Probably don't need the public key here given that it should match the peer ID?

[zdave-parity]

I think we need to be clearer about the sending behaviour here. The paper says that to reduce spam, we should:

1. Delay broadcasting a commit by a random time from 0..1 seconds.
2. Don't broadcast if we receive a commit from another validator.

I assume this is implemented in the Rust crate? Although it doesn't seem critical that all implementations do exactly the same thing here, we should probably still document the expected behaviour.

[zdave-parity]

I assume the nth signature applies to the nth precommit? This should be documented. Preferable to identify signers by their index rather than their public key here? Seems like this would cut message size by ~25%, and would be consistent with the other protocols and the GP.

[MattHalpinParity]

Yes, the signatures are in order of precommit. I've removed this along with Compact Commit though.

[zdave-parity]

Should clarify when this is sent. Is it sent once the validator "starts the round" as defined in the paper?

[zdave-parity]

What's the reason for the double-encoding here?

[MattHalpinParity]

This was for a generic finality justification system that would work with eg, Grandpa and Beefy. Replaced this with a simple Grandpa Justification protocol for now so the double encoding has gone.

[zdave-parity]

I assume this does not include a Set Id because that is implied or something?

[MattHalpinParity]

It does not strictly need Set Id as all the votes inside Commit are signed with the Set Id so the Justification will only validate with the correct Set Id.
I've decided to add Set Id to it though as I think that will make syncing and tracking set changes easier.

[zdave-parity]

What does the signature cover? Presumably it should cover round number and set ID to avoid weird replay attacks? In any case I think this should be documented here given that it isn't covered in the GP. Also should document the prefix used for the signature.

[MattHalpinParity]

Yeah, I've clarified this now. The signature does cover round number and set ID.

[zdave-parity]

I assume Set Id refers to the validator/voter set? I think we need to be explicit here about what it actually is, eg is it an epoch index or something?

[MattHalpinParity]

Clarified this. It starts at 0 at genesis and increments after each set change block is finalized. So it normally increments with epoch but it is not strictly the same as epoch index.

[zdave-parity]

This needs more explanation, particularly as this isn't really covered by the GRANDPA paper AFAICT. eg:

• What are Base Hash and Base Header?
• What do the round number and set ID in the request and response mean?
• You say "the response includes all votes required to catch up state to that of the responding voter", but it seems like only the votes for one round are returned? If the requester is multiple rounds behind, are they supposed to request votes for one round at a time or something? Given the protocol defined in the paper, it does not seem possible for an honest voter to skip rounds? But perhaps this is possible based on observed commits or something?

[MattHalpinParity]

I've clarified this a bit. Base refers to a block that all vote targets are a descendent of. There is no longer a response set ID, just for the request. The responding validator only returns the votes for the last completed round from it's view.