Skip to content

Slashing Condition Evidence Expiration Window Inconsistency Between Slot and Epoch Units #13

Description

@JamesEjembi

Problem Statement / Feature Objective

Slashing evidence (double-vote, surround-vote) carries an expiration window measured in epochs from the time of the infraction. The slashing engine checks evidence.Slot + MAX_SLASHING_WINDOW > current_slot, but the window constant is defined in slots while evidence timestamps use a mix of slot and epoch units. A surround-vote evidence spanning an epoch boundary can be incorrectly expired or accepted.

Technical Invariants & Bounds

  • MAX_SLASHING_WINDOW = 8192 slots (~36 hours).
  • WHISTLEBLOWER_REWARD_QUOTIENT = 512 (reward fraction).
  • Evidence must include both source and target epochs (surround vote).
  • Slot-to-epoch conversion: epoch = slot / 32.
  • Window check uses slot comparison; source/target are epochs.
  • Off-by-SLOTS_PER_EPOCH can extend/reduce window by 32 slots.

Codebase Navigation Guide

  • src/slashing/evidence-verifier.rs - verify_evidence_expiry() and verify_surround_vote().
  • src/slashing/types.rs - SlashingEvidence struct with slot, source_epoch, target_epoch.
  • src/slashing/condition-engine.rs - process_slashing() entry point.
  • tests/slashing/evidence_expiry_test.rs - expiry edge case tests.

Implementation Blueprint

  1. In src/slashing/evidence-verifier.rs, normalize all expiry checks to a single unit (slots). Convert source_epoch and target_epoch to their equivalent slot ranges (source_slot_start = source_epoch * 32, etc.).
  2. Update verify_evidence_expiry() to use slot_start of the earliest infraction for the window check.
  3. Add a helper fn evidence_infraction_slot_range(ev: &SlashingEvidence) -> (Slot, Slot) that returns the inclusive slot range of the violation.
  4. Write tests for surround-vote evidence exactly at the window boundary and one slot past it.
  5. Add a property test that randomly generates evidence timestamps and verifies the window rule is symmetric.

Metadata

Metadata

Assignees

Labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions