fix(spv): compute required proof headers from actual header difficulties#4039
fix(spv): compute required proof headers from actual header difficulties#4039lionakhnazarov wants to merge 1 commit into
Conversation
getProofInfo assumed every proof header carries the relay epoch difficulty, so with txProofDifficultyFactor=1 it assembled single-header proofs. On testnet4 (BIP94), sweeps mined in minimum-difficulty blocks produced proofs containing only a DIFF1 header, which the Bridge rejects with "Not at current or previous difficulty". Mirror the Bridge's BitcoinTx logic instead: skip leading DIFF1 headers when both relay epochs are above minimum, bind the requested difficulty to the first decisive header matching the relay's current or previous epoch difficulty, and accumulate headers until their total observed difficulty covers requestedDifficulty * txProofDifficultyFactor.
|
Warning Review limit reached
More reviews will be available in 17 minutes and 10 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more credits in the billing tab to continue. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (3)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
1 participant
fix(spv): compute required proof headers from actual header difficulties
Problem
The SPV maintainer computed the number of block headers for a proof assuming every header carries the relay epoch difficulty: with
txProofDifficultyFactor = 1it always assembled a single-header proof. On testnet4 (BIP94), sweep transactions are regularly mined in minimum-difficulty (DIFF1) blocks, so the proof contained only a DIFF1 header. The Bridge skips DIFF1 headers when binding to the relay difficulty, finds no decisive header, and reverts with:Because the error is deterministic, the maintainer crash-looped on the same transaction every cycle (
error while maintaining SPV: ... restarting maintainer), and the affected wallet's main UTXO could never be registered on the host chain — blocking all subsequent sweeps for that wallet.Fix
getProofInfonow mirrors the Bridge'sBitcoinTx.determineRequestedDifficulty/evaluateProofDifficultylogic instead of assuming a fixed per-header difficulty:requestedDifficulty × txProofDifficultyFactor,maxProofHeaders = 144and report "wait for more confirmations" when the chain tip is reached first.The old epoch-boundary block-count arithmetic is removed; epoch spans are handled implicitly by summing actual header difficulties.
Testing
TestGetProofInforewritten for the new semantics: current/previous-epoch proofs, epoch-spanning proofs with difficulty drop/raise, leading DIFF1 headers, relay at minimum difficulty, decisive-header mismatch, DIFF1 run exceeding the header bound, and chain tip reached early. Headers are generated with real compact-bits encoding (blockHeaderWithDifficulty).go test ./pkg/maintainer/spvpasses.876510fd...62c8, mined in a DIFF1 block at height 137542) was proven on the first cycle after deploying this fix —submitDepositSweepProoftx0xfeeefad32c7116727949483edfb1e38f8117d923521fd3467886a05226b82577, status 1 — and the maintainer completed its round cleanly.Notes
determineRequestedDifficulty(deployed via the DIFF1 library upgrade); against an older Bridge the maintainer now skips such transactions instead of crash-looping.