Skip to content

Draft: Allow anyone to propose protocol and prevent activation of not revealed protocol

Sylvain R. requested to merge sylvain/fix-proposal-injection into proto-proposal

This MR modifies the voting process by splitting the submit proposal operation into two : propose protocol and upvote proposal and adding a new voting period reveal. It also modify the shell to retrieve a protocol from current running protocol before trying to fetch it from the distributed db.

By doing so we prevent the activation of a protocol where the source have never been reveal to the shell. It also allow anyone to propose a new protocol, not only delegate.

this MR is based on !109, first commit is c63e5464

proposal (8264a883)

A proposal is


type t = {
  period : Voting_period_repr.index;
  protocol : Protocol.t option;
  source : Signature.Public_key_hash.t;
}

Where period is the voting period where this proposal have been submitted, protocol the source protocol and source the contract that submitted it.

storage: (8264a883)

a new storage module Proposal is created, it has the following sub storage

  • Proposed : Proposal_repr.t Protocol_hash.Map.t: contains protocol hash proposed during the proposals period. This proposal does not contains the source of the protocol.
  • Current : Protocol_hash.t * (Proposal_repr.t option): contains current protocol under voting/testing period. This proposal has to have the protocol source revealed during the reveal period.
  • Winner: Protocol_hash.t -> Proposal_repr.t: contains protocols that won the voting process. All proposals here have the protocol source.

operation (710df7a5, c409a663, 6736fa67)

  •     source : Signature.Public_key_hash.t;
    hash : Protocol_hash.t;
    period : Voting_period_repr.index;
  }```

and the corresponding command tezos-client propose protocol <protocol_hash> for <contract_alias>.

  •     source : Signature.Public_key_hash.t;
    period : Voting_period_repr.index;
    proposals : Protocol_hash.t list;
  }```

This operation is just a rename to the previous Proposals operation.

and the corresponding command tezos-client upvote proposals for <delegate> <proposal1> <proposal2> ...

  •     period : Voting_period_repr.index;
    proposal : Protocol_hash.t;
    protocol : Protocol.t;
  }```

and the corresponding command tezos-client reveal protocol <src_dir> of proposal <proposal> for <contract_alias>

constant (dad4a525, 7f5d2ca5)

In order for the reveal operation to be injected into the block and be send to other nodes the following constant had to be increased :

  • Distributed_db_message.operation_max_size = 2mb
  • Constants_repr.max_operation_data_length = 2mb
  • Main voting operation size = 2mb

voting process (710df7a5, 89f9c372, c409a663, 6736fa67)

The voting process is modified as follow

  1. Proposals period (710df7a5, 89f9c372, c409a663)
    • Any contract can propose a protocol with the Propose operation. This operation burn a fee of 256 Tez. To propose a protocol only the hash of the protocol have to be submitted. The source of the protocol have to be reveal in the next period.
    • Delegate can upvote a proposal using the Upvote_proposals operation. only 20 Upvote_proposals operation (as previously) is allowed by delegate. This operation verify that the proposal has already been proposed earlier and will fail otherwise.
    • When the period finish the wining proposal is added to the Storage.Proposal.current.
  • Reveal period (6736fa67)
    • Any contract can reveal the current proposal with Reveal_protocol operation. This operation can only be submitted once and as soon as the proposal as been revealed we go to the next period.

The rest of the voting process remains unchanged.

environment modification (e30d0640, fb1bbe6d)

The environment have been modified so that protocols have to implement a new function with the following signature : val reveal_protocol : context -> Block_header.shell_header -> Protocol_hash.t -> Protocol.t option tzresult Lwt.t

shell (9414c4e3)

When the Shell does not know a protocol it will first try to retrieve it from the current running protocol before fetching it from the distributed db.

small improvment (f3760da6, 58909fd7)

  • remove the use of mutable var in client and refactor error logic of upvote_proposal (58909fd7, b3734aff)
  • use a map delegate -> Protocol_hash.Set.t instead of a (delegate, Protocol_hash.t) set for upvote storage (f3760da6)

todo :

  • rebase when review is finished

Implements #44, #73, #74

Edited by Sylvain R.

Merge request reports