search

filecoin-project / specs

The Filecoin protocol specification
https://spec.filecoin.io
Other
367 stars 170 forks source link

The penalty mechanism of time and space proof #1288

Open llifezou opened 2 years ago

llifezou commented 2 years ago

specs-actors v6

SubmitWindowedPoSt will update FaultyPower immediately

func (a Actor) SubmitWindowedPoSt(rt Runtime, params *SubmitWindowedPoStParams) *abi.EmptyValue {
    // ...

    postResult, err = deadline.RecordProvenSectors(store, sectors, info.SectorSize, QuantSpecForDeadline(currDeadline), faultExpiration, params.Partitions)
    builtin.RequireNoErr(rt, err, exitcode.ErrIllegalState, "failed to process post submission for deadline %d", params.Deadline)

    // ...

    return nil
}

func (dl *Deadline) RecordProvenSectors(
    store adt.Store, sectors Sectors,
    ssize abi.SectorSize, quant builtin.QuantSpec, faultExpiration abi.ChainEpoch,
    postPartitions []PoStPartition,
) (*PoStResult, error) {
    // ...

    // Save everything back.
    dl.FaultyPower = dl.FaultyPower.Sub(recoveredPowerTotal).Add(newFaultyPowerTotal)

    // ...

    return &PoStResult{
        Sectors:                allSectorNos,
        IgnoredSectors:         allIgnoredSectorNos,
        PowerDelta:             powerDelta,
        NewFaultyPower:         newFaultyPowerTotal,
        RecoveredPower:         recoveredPowerTotal,
        RetractedRecoveryPower: retractedRecoveryPowerTotal,
        Partitions:             partitionIndexes,
    }, nil
}

When calculating the penalty, the current FaultyPower is used

func (st *State) AdvanceDeadline(store adt.Store, currEpoch abi.ChainEpoch) (*AdvanceDeadlineResult, error) {
    // ...

    previouslyFaultyPower := deadline.FaultyPower

    // ...

    // Compute penalties all together.
    // Be very careful when changing these as any changes can affect rounding.
    return &AdvanceDeadlineResult{
        PledgeDelta:           pledgeDelta,
        PowerDelta:            powerDelta,
        PreviouslyFaultyPower: previouslyFaultyPower,
        DetectedFaultyPower:   detectedFaultyPower,
        TotalFaultyPower:      totalFaultyPower,
    }, nil
}

result, err := st.AdvanceDeadline(store, currEpoch)
builtin.RequireNoErr(rt, err, exitcode.ErrIllegalState, "failed to advance deadline")

// Faults detected by this missed PoSt pay no penalty, but sectors that were already faulty
// and remain faulty through this deadline pay the fault fee.
penaltyTarget := PledgePenaltyForContinuedFault(
    rewardSmoothed,
    qualityAdjPowerSmoothed,
    result.PreviouslyFaultyPower.QA,
)

There will be a phenomenon: I did not submit the entire partition, I have a chance of exemption from punishment, but if I submit the partition, but skip some sectors, I will be punished immediately