Have Batch contain Block and batch ID, ensuring eclipsed validators don't publish invalid shares

See prior commit message for more info. With the plan for the batch sign ID to be just 5 bytes (potentially 4), this does incur a +5 bytes cost compared to the ExternalBlock system *even in the standard case*. The simplicity remains preferred at this time.
2025-03-28 01:59:00 +00:00 · 2023-08-31 23:04:37 -04:00 · 2023-08-31 23:04:37 -04:00 · 9b7cb688ed
commit 9b7cb688ed
parent 9a5f8fc5dd
4 changed files with 13 additions and 8 deletions
--- a/coordinator/src/main.rs
+++ b/coordinator/src/main.rs
@ -600,7 +600,7 @@ pub async fn handle_processors<D: Db, Pro: Processors, P: P2p>(
            MainDb::<D>::save_first_preprocess(&mut txn, id.id, preprocess);
            txn.commit();

-            Some(Transaction::Batch(id.id))
+            Some(Transaction::Batch(block.0, id.id))
          } else {
            Some(Transaction::BatchPreprocess(SignData {
              plan: id.id,
--- a/coordinator/src/tests/tributary/mod.rs
+++ b/coordinator/src/tests/tributary/mod.rs
@ -103,9 +103,11 @@ fn serialize_transaction() {
  ));

  {
+    let mut block = [0; 32];
+    OsRng.fill_bytes(&mut block);
    let mut batch = [0; 32];
    OsRng.fill_bytes(&mut batch);
-    test_read_write(Transaction::Batch(batch));
+    test_read_write(Transaction::Batch(block, batch));
  }
  test_read_write(Transaction::SubstrateBlock(OsRng.next_u64()));

--- a/coordinator/src/tributary/handle.rs
+++ b/coordinator/src/tributary/handle.rs
@ -443,7 +443,7 @@ pub async fn handle_application_tx<
      }
    }

-    Transaction::Batch(batch) => {
+    Transaction::Batch(_, batch) => {
      // Because this Batch has achieved synchrony, its batch ID should be authorized
      TributaryDb::<D>::recognize_id(txn, Zone::Batch.label(), genesis, batch);
      recognized_id(spec.set().network, genesis, RecognizedIdType::Batch, batch).await;
--- a/coordinator/src/tributary/mod.rs
+++ b/coordinator/src/tributary/mod.rs
@ -232,7 +232,7 @@ pub enum Transaction {
  DkgConfirmed(u32, [u8; 32], Signed),

  // When we have synchrony on a batch, we can allow signing it
-  Batch([u8; 32]),
+  Batch([u8; 32], [u8; 32]),
  // When a Serai block is finalized, with the contained batches, we can allow the associated plan
  // IDs
  SubstrateBlock(u64),
@ -331,9 +331,11 @@ impl ReadWrite for Transaction {
      }

      3 => {
+        let mut block = [0; 32];
+        reader.read_exact(&mut block)?;
        let mut batch = [0; 32];
        reader.read_exact(&mut batch)?;
-        Ok(Transaction::Batch(batch))
+        Ok(Transaction::Batch(block, batch))
      }

      4 => {
@ -430,8 +432,9 @@ impl ReadWrite for Transaction {
        signed.write(writer)
      }

-      Transaction::Batch(batch) => {
+      Transaction::Batch(block, batch) => {
        writer.write_all(&[3])?;
+        writer.write_all(block)?;
        writer.write_all(batch)
      }

@ -475,7 +478,7 @@ impl TransactionTrait for Transaction {
      Transaction::DkgShares { signed, .. } => TransactionKind::Signed(signed),
      Transaction::DkgConfirmed(_, _, signed) => TransactionKind::Signed(signed),

-      Transaction::Batch(_) => TransactionKind::Provided("batch"),
+      Transaction::Batch(_, _) => TransactionKind::Provided("batch"),
      Transaction::SubstrateBlock(_) => TransactionKind::Provided("serai"),

      Transaction::BatchPreprocess(data) => TransactionKind::Signed(&data.signed),
@ -534,7 +537,7 @@ impl Transaction {
        Transaction::DkgShares { ref mut signed, .. } => signed,
        Transaction::DkgConfirmed(_, _, ref mut signed) => signed,

-        Transaction::Batch(_) => panic!("signing Batch"),
+        Transaction::Batch(_, _) => panic!("signing Batch"),
        Transaction::SubstrateBlock(_) => panic!("signing SubstrateBlock"),

        Transaction::BatchPreprocess(ref mut data) => &mut data.signed,