[Epoch Sync] EpochSyncProof validation

[staffik]

Issue: #11932

Implements EpochSyncProof validation, according to:

• design doc
• epoch_sync.rs

Summary:

• Move block merkle proof retrieval logic from Chain to a separate trait (MerkleProofAccess). Make Store implements this trait so that we can get_block_proof while serving EpochSyncRequest from a separate thread and having no access to Chain.
• Refactor verify_approval and compute_bp_hash so that we can use it for proof validation.
• Derive first_block_info_in_epoch from block header.
• Implement the validation logic.
• Add 2 more fields to the proof
  • EpochSyncProofPastEpochData::protocol_version
  • merkle_proof_for_first_block generated at height of final block of current epoch.
  • Apparently, we need to add even more to enable generating merkle_proof_for_first_block at the bootstrapped node. That will be done as a follow-up issue: [Epoch Sync] Generate merkle proof for the first block of current epoch #12255.
• Create a bunch of follow-up issues (added to the tracking issue):
  • [Epoch Sync] Generate merkle proof for the first block of current epoch #12255
  • [Epoch Sync] Merkle tree size for a block mismatches with the block ordinal? #12256
  • [Epoch Sync] Missing epoch_sync_data_hash in final_block_header_in_next_epoch #12258
  • [Epoch Sync] Verify 2 last block headers in prev epoch #12259
  • [Epoch Sync] Add tests for epoch sync proof verification #12260

[staffik]

Concern: BlockHeader::block_ordinal() is supported since BlockHeaderV3.

[robin-near]

I don't think that's an issue. EpochSync to a block header version below V3 is unsupportable due to also not having epoch_data_hash.

[robin-near]

But it will be worth making a test to check that trying to sync to a version below V3 will fail. I'll file an issue.

[staffik]

Concern: there is also from_header_and_endorsements() method, but from_header would copy endorsements from the header. cc @tayfunelmas

[staffik]

Looking into failing integration tests.

[robin-near]

Very nice design to make it work for both ChainStore and Store!

[robin-near]

I don't think that's an issue. EpochSync to a block header version below V3 is unsupportable due to also not having epoch_data_hash.

[robin-near]

But it will be worth making a test to check that trying to sync to a version below V3 will fail. I'll file an issue.

[robin-near]

Nice refactoring for this function. I was worried earlier about the protocol version check in here, but this is good.

[robin-near]

Could we add some tests (can add some to the testloop test) that messing with the proof will result in a failing verification? We could, e.g. check that tweaking every byte of a valid serialized proof will cause a failure one way or another. It doesn't cover all possible attacks but at least makes sure that we aren't forgetting any fields.

[staffik]

Created follow-up issue for tests: #12260.
Might need fixing other issues first.

[robin-near]

Great implementation!

[staffik]

Addressed PR comments here: 76bdb69
Needed to add two more fields to the proof.
Also, there are 2 things marked as todo and this PR does not includes tests.

[codecov]

Codecov Report

Attention: Patch coverage is 79.58115% with 78 lines in your changes missing coverage. Please review.

Project coverage is 71.62%. Comparing base (ba6c707) to head (2a35498).
Report is 2 commits behind head on master.

Files with missing lines	Patch %	Lines
chain/chain/src/store/merkle_proof.rs	75.46%	25 Missing and 15 partials ⚠️
chain/client/src/sync/epoch.rs	83.92%	17 Missing and 10 partials ⚠️
chain/chain/src/test_utils/kv_runtime.rs	0.00%	10 Missing ⚠️
chain/chain-primitives/src/error.rs	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #12020      +/-   ##
==========================================
- Coverage   71.62%   71.62%   -0.01%     
==========================================
  Files         837      838       +1     
  Lines      167105   167319     +214     
  Branches   167105   167319     +214     
==========================================
+ Hits       119696   119842     +146     
- Misses      42180    42242      +62     
- Partials     5229     5235       +6     

Flag	Coverage Δ
backward-compatibility	0.16% <0.00%> (-0.01%)	⬇️
db-migration	0.16% <0.00%> (-0.01%)	⬇️
genesis-check	1.25% <0.00%> (-0.01%)	⬇️
integration-tests	38.92% <79.58%> (+0.04%)	⬆️
linux	71.23% <79.58%> (-0.02%)	⬇️
linux-nightly	71.21% <79.58%> (+<0.01%)	⬆️
macos	54.24% <8.90%> (-0.07%)	⬇️
pytests	1.56% <0.00%> (-0.01%)	⬇️
sanity-checks	1.37% <0.00%> (-0.01%)	⬇️
unittests	65.35% <8.90%> (-0.09%)	⬇️
upgradability	0.21% <0.00%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.