From 075a668534f41a5d213e6c6f82ffffdc8a19e4d8 Mon Sep 17 00:00:00 2001
From: Diane Gallois-Wong <diane.gallois-wong@nomadic-labs.com>
Date: Wed, 7 Feb 2024 14:58:33 +0100
Subject: [PATCH 1/2] Proto/AI: prevent a potential double slashing related to
 migration

---
 .../lib_protocol/already_denounced_storage.ml | 28 ++++++++++++++++++-
 1 file changed, 27 insertions(+), 1 deletion(-)

diff --git a/src/proto_alpha/lib_protocol/already_denounced_storage.ml b/src/proto_alpha/lib_protocol/already_denounced_storage.ml
index 1d74a0887a04..0814a267e2d0 100644
--- a/src/proto_alpha/lib_protocol/already_denounced_storage.ml
+++ b/src/proto_alpha/lib_protocol/already_denounced_storage.ml
@@ -7,7 +7,7 @@
 (*                                                                           *)
 (*****************************************************************************)
 
-let already_denounced ctxt delegate (level : Level_repr.t) round kind =
+let already_denounced_aux ctxt delegate (level : Level_repr.t) round kind =
   let open Lwt_result_syntax in
   let* denounced_opt =
     Storage.Already_denounced.find
@@ -21,6 +21,32 @@ let already_denounced ctxt delegate (level : Level_repr.t) round kind =
   | Some denounced, Double_attesting -> return denounced.for_double_attesting
   | Some denounced, Double_baking -> return denounced.for_double_baking
 
+let already_denounced ctxt delegate level round kind =
+  let open Lwt_result_syntax in
+  let* answer = already_denounced_aux ctxt delegate level round kind in
+  if answer || Round_repr.(round = zero) then return answer
+  else
+    let* first_level = Storage.Tenderbake.First_level_of_protocol.get ctxt in
+    if Raw_level_repr.(level.level >= first_level) then return answer
+    else
+      (* Exception related to the migration from Oxford to P: because
+         Oxford doesn't record the round of misbehaviours, all
+         misbehaviours present in the storage at stitching time got
+         assigned the round zero. So we also check with the round set
+         to zero in the specific case where a misbehaviour:
+
+         - is old enough to have potentially been denounced during
+         Oxford (ie. its level is before the first level of P),
+
+         - has a non-zero round (otherwise the new check is identical
+         to the previous one anyway), and
+
+         - has not been found in the storage under its own round
+         (ie. [answer] is [false]).
+
+         This whole control flow can be removed in Q. *)
+      already_denounced_aux ctxt delegate level Round_repr.zero kind
+
 let add_denunciation ctxt delegate (level : Level_repr.t) round kind =
   let open Lwt_result_syntax in
   let* denounced_opt =
-- 
GitLab


From 82f6e44881446fe2f8c949276b13077299d1d2b2 Mon Sep 17 00:00:00 2001
From: Diane Gallois-Wong <diane.gallois-wong@nomadic-labs.com>
Date: Thu, 15 Feb 2024 10:32:32 +0100
Subject: [PATCH 2/2] Proto/AI: link to #6957 where clean-ups are needed in Q

---
 src/proto_alpha/lib_protocol/already_denounced_storage.ml | 3 ++-
 src/proto_alpha/lib_protocol/storage.ml                   | 2 ++
 src/proto_alpha/lib_protocol/storage.mli                  | 6 ++++--
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/proto_alpha/lib_protocol/already_denounced_storage.ml b/src/proto_alpha/lib_protocol/already_denounced_storage.ml
index 0814a267e2d0..685aa851449f 100644
--- a/src/proto_alpha/lib_protocol/already_denounced_storage.ml
+++ b/src/proto_alpha/lib_protocol/already_denounced_storage.ml
@@ -44,7 +44,8 @@ let already_denounced ctxt delegate level round kind =
          - has not been found in the storage under its own round
          (ie. [answer] is [false]).
 
-         This whole control flow can be removed in Q. *)
+         TODO #6957: This whole control flow should be removed from
+         protocol Q. *)
       already_denounced_aux ctxt delegate level Round_repr.zero kind
 
 let add_denunciation ctxt delegate (level : Level_repr.t) round kind =
diff --git a/src/proto_alpha/lib_protocol/storage.ml b/src/proto_alpha/lib_protocol/storage.ml
index ed3ae0cc68d0..340498959323 100644
--- a/src/proto_alpha/lib_protocol/storage.ml
+++ b/src/proto_alpha/lib_protocol/storage.ml
@@ -1112,6 +1112,7 @@ module Pending_denunciations =
 
 (** Per cycle storage *)
 
+(* TODO #6957: Remove this from protocol Q. *)
 type denounced__Oxford = {for_double_attesting : bool; for_double_baking : bool}
 
 type denounced = {
@@ -1170,6 +1171,7 @@ module Cycle = struct
                (req "for_double_baking" bool))
       end)
 
+  (* TODO #6957: Remove this from protocol Q. *)
   module Already_denounced__Oxford =
     Make_indexed_data_storage
       (Make_subcontext (Ghost) (Indexed_context.Raw_context)
diff --git a/src/proto_alpha/lib_protocol/storage.mli b/src/proto_alpha/lib_protocol/storage.mli
index c801340207a6..6b3767147498 100644
--- a/src/proto_alpha/lib_protocol/storage.mli
+++ b/src/proto_alpha/lib_protocol/storage.mli
@@ -485,7 +485,8 @@ module Pending_denunciations :
      and type key = Signature.public_key_hash
      and type value = Denunciations_repr.t
 
-(** Needed for the stitching from Oxford to P. Remove this in Q. *)
+(** Needed for the stitching from Oxford to P.
+    TODO #6957: Remove this from protocol Q. *)
 type denounced__Oxford = {for_double_attesting : bool; for_double_baking : bool}
 
 (** This type is used to track which denunciations have already been
@@ -507,7 +508,8 @@ module Already_denounced :
       (Raw_level_repr.t * Round_repr.t) * Signature.Public_key_hash.t
      and type value = denounced
 
-(** Needed for the stitching from Oxford to P. Remove this in Q. *)
+(** Needed for the stitching from Oxford to P.
+    TODO #6957: Remove this from protocol Q. *)
 module Already_denounced__Oxford :
   Indexed_data_storage
     with type t := Raw_context.t * Cycle_repr.t
-- 
GitLab