flamenco, feature: enshrine_slashing_program

Author: mjain-jump

src/flamenco/features/fd_features_generated.c

@@ -1633,6 +1633,12 @@ fd_feature_id_t const ids[] = {
     .name                      = "enable_vote_address_leader_schedule",
     .cleaned_up                = {UINT_MAX, UINT_MAX, UINT_MAX} },
 
+  { .index                     = offsetof(fd_features_t, enshrine_slashing_program)>>3,
+    .id                        = {"\x0c\xe8\xe3\x0a\x1b\x9d\x30\xc1\x5d\x98\x93\xa3\x19\x40\xb4\xc8\x7f\x92\x5b\x24\x5e\x7a\xe6\xec\x6b\xe8\x87\xd5\xaa\x22\xb2\x6d"},
+                                 /* sProgVaNWkYdP2eTRAy1CPrgb3b9p8yXCASrPEqo6VJ */
+    .name                      = "enshrine_slashing_program",
+    .cleaned_up                = {UINT_MAX, UINT_MAX, UINT_MAX} },
+
   { .index = ULONG_MAX }
 };
 /* TODO replace this with fd_map_perfect */
@@ -1878,6 +1884,7 @@ fd_feature_id_query( ulong prefix ) {
   case 0x7170cf84367fbb1a: return &ids[ 236 ];
   case 0xa9e3bfbaf8d67260: return &ids[ 237 ];
   case 0x3711b30f40730240: return &ids[ 238 ];
+  case 0xc1309d1b0ae3e80c: return &ids[ 239 ];
   default: break;
   }
   return NULL;
@@ -2122,4 +2129,5 @@ FD_STATIC_ASSERT( offsetof( fd_features_t, formalize_loaded_transaction_data_siz
 FD_STATIC_ASSERT( offsetof( fd_features_t, enable_extend_program_checked                           )>>3==236UL, layout );
 FD_STATIC_ASSERT( offsetof( fd_features_t, require_static_nonce_account                            )>>3==237UL, layout );
 FD_STATIC_ASSERT( offsetof( fd_features_t, enable_vote_address_leader_schedule                     )>>3==238UL, layout );
+FD_STATIC_ASSERT( offsetof( fd_features_t, enshrine_slashing_program                               )>>3==239UL, layout );
 FD_STATIC_ASSERT( sizeof( fd_features_t )>>3==FD_FEATURE_ID_CNT, layout );

src/flamenco/features/fd_features_generated.h

@@ -8,7 +8,7 @@
 #endif
 
 /* FEATURE_ID_CNT is the number of features in ids */
-#define FD_FEATURE_ID_CNT (239UL)
+#define FD_FEATURE_ID_CNT (240UL)
 union fd_features {
   ulong f[ FD_FEATURE_ID_CNT ];
   struct {
@@ -251,5 +251,6 @@ union fd_features {
     /* 0x7170cf84367fbb1a */ ulong enable_extend_program_checked;
     /* 0xa9e3bfbaf8d67260 */ ulong require_static_nonce_account;
     /* 0x3711b30f40730240 */ ulong enable_vote_address_leader_schedule;
+    /* 0xc1309d1b0ae3e80c */ ulong enshrine_slashing_program;
   };
 };

src/flamenco/features/feature_map.json

@@ -237,5 +237,6 @@
   {"name":"formalize_loaded_transaction_data_size","pubkey":"DeS7sR48ZcFTUmt5FFEVDr1v1bh73aAbZiZq3SYr8Eh8"},
   {"name":"enable_extend_program_checked","pubkey":"2oMRZEDWT2tqtYMofhmmfQ8SsjqUFzT6sYXppQDavxwz"},
   {"name":"require_static_nonce_account","pubkey":"7VVhpg5oAjAmnmz1zCcSHb2Z9ecZB2FQqpnEwReka9Zm"},
-  {"name":"enable_vote_address_leader_schedule","pubkey":"5JsG4NWH8Jbrqdd8uL6BNwnyZK3dQSoieRXG5vmofj9y"}
+  {"name":"enable_vote_address_leader_schedule","pubkey":"5JsG4NWH8Jbrqdd8uL6BNwnyZK3dQSoieRXG5vmofj9y"},
+  {"name":"enshrine_slashing_program","pubkey":"sProgVaNWkYdP2eTRAy1CPrgb3b9p8yXCASrPEqo6VJ"}
 ]

src/flamenco/runtime/fd_runtime.c

@@ -1756,24 +1756,105 @@ fd_new_target_program_data_account( fd_exec_slot_ctx_t * slot_ctx,
   } FD_SPAD_FRAME_END;
 }
 
-/* Mimics migrate_builtin_to_core_bpf(). The arguments map as follows:
-    - builtin_program_id: builtin_program_id
-    - config
-      - source_buffer_address: source_buffer_address
-      - migration_target
-        - Builtin: !stateless
-        - Stateless: stateless
-      - upgrade_authority_address: upgrade_authority_address
+/* Initializes a source buffer account from funk. Returns 1 if the
+   buffer account does not exist or is not owned by the upgradeable
+   loader. Returns 0 on success.
+
+   https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L22-L49 */
+static int
+fd_source_buffer_account_new( fd_exec_slot_ctx_t * slot_ctx,
+                              fd_txn_account_t *   buffer_account,
+                              fd_pubkey_t const *  buffer_address,
+                              fd_funk_rec_prepare_t * prepare ) {
+  /* The buffer account should exist.
+     https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L27-L29 */
+  if( FD_UNLIKELY( fd_txn_account_init_from_funk_mutable( buffer_account, buffer_address, slot_ctx->funk, slot_ctx->funk_txn, 0, 0UL, prepare )!=FD_ACC_MGR_SUCCESS ) ) {
+    FD_LOG_WARNING(( "Buffer account %s does not exist, skipping migration...", FD_BASE58_ENC_32_ALLOCA( buffer_address ) ));
+    return 1;
+  }
+
+  /* The buffer account should be owned by the upgradeable loader.
+     https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L31-L34 */
+  if( FD_UNLIKELY( memcmp( fd_txn_account_get_owner( buffer_account ), fd_solana_bpf_loader_upgradeable_program_id.uc, sizeof(fd_pubkey_t) ) ) ) {
+    FD_LOG_WARNING(( "Buffer account %s is not owned by the upgradeable loader, skipping migration...", FD_BASE58_ENC_32_ALLOCA( buffer_address ) ));
+    return 1;
+  }
+
+  /* The buffer account should have the correct state. We already check
+     the buffer account state in fd_new_target_program_data_account(),
+     so we can skip the checks here.
+     https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L37-L47 */
+
+  return 0;
+}
+
+/* Similar to fd_source_buffer_account_new() but also checks the build
+   hash of the buffer account for verification. verified_build_hash must
+   be valid and non-NULL. Returns 1 if fd_source_buffer_account_new()
+   fails, the buffer dlen is too small, or if the build hash mismatches.
+   Returns 0 on success.
+
+   https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L51-L75 */
+static int
+fd_source_buffer_account_new_with_hash( fd_exec_slot_ctx_t *    slot_ctx,
+                                        fd_txn_account_t *      buffer_account,
+                                        fd_pubkey_t const *     buffer_address,
+                                        fd_hash_t const *       verified_build_hash,
+                                        fd_funk_rec_prepare_t * prepare ) {
+  /* https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L58 */
+  int err = fd_source_buffer_account_new( slot_ctx, buffer_account, buffer_address, prepare );
+  if( FD_UNLIKELY( err ) ) {
+    return err;
+  }
+
+  /* https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L59 */
+  uchar const * data = fd_txn_account_get_data( buffer_account );
+  ulong         data_len = fd_txn_account_get_data_len( buffer_account );
+
+  /* https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L61 */
+  ulong offset = BUFFER_METADATA_SIZE;
+  if( FD_UNLIKELY( data_len<offset ) ) {
+    return 1;
+  }
+
+  /* Search for the first nonzero byte in the buffer account data starting
+     from the right.
+     https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L62 */
+  ulong end_offset = offset;
+  for( ulong i=data_len-1UL; i>=offset; i-- ) {
+    if( data[i]!=0 ) {
+      end_offset = i+1UL;
+      break;
+    }
+  }
+
+  /* Compute and verify the hash.
+     https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L64-L71 */
+  fd_hash_t hash[1];
+  fd_sha256_hash( data+offset, end_offset-offset, hash );
+  if( FD_UNLIKELY( memcmp( verified_build_hash, hash, sizeof(fd_hash_t) ) ) ) {
+    FD_LOG_WARNING(( "Mismatching build hash for Buffer account %s (expected=%s, actual=%s). Skipping migration...", FD_BASE58_ENC_32_ALLOCA( buffer_address ), FD_BASE58_ENC_32_ALLOCA( verified_build_hash ), FD_BASE58_ENC_32_ALLOCA( hash ) ));
+    return 1;
+  }
+
+  return 0;
+}
+
+/* Mimics migrate_builtin_to_core_bpf().
   https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/mod.rs#L235-L318 */
 static void
-fd_migrate_builtin_to_core_bpf( fd_exec_slot_ctx_t * slot_ctx,
-                                fd_pubkey_t *        upgrade_authority_address,
-                                fd_pubkey_t const *  builtin_program_id,
-                                fd_pubkey_t const *  source_buffer_address,
-                                uchar                stateless,
-                                fd_spad_t *          runtime_spad ) {
+fd_migrate_builtin_to_core_bpf( fd_exec_slot_ctx_t *                   slot_ctx,
+                                fd_core_bpf_migration_config_t const * config,
+                                fd_spad_t *                            runtime_spad ) {
   int err;
 
+  /* Initialize local variables from the config */
+  fd_pubkey_t const * source_buffer_address     = config->source_buffer_address;
+  fd_pubkey_t *       upgrade_authority_address = config->upgrade_authority_address;
+  uchar               stateless                 = !!( config->migration_target==FD_CORE_BPF_MIGRATION_TARGET_STATELESS );
+  fd_pubkey_t const * builtin_program_id        = config->builtin_program_id;
+  fd_hash_t const *   verified_build_hash       = config->verified_build_hash;
+
   /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/mod.rs#L242-L243
 
      The below logic is used to obtain a TargetBuiltin account. There
@@ -1836,19 +1917,22 @@ fd_migrate_builtin_to_core_bpf( fd_exec_slot_ctx_t * slot_ctx,
     return;
   }
 
-  /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/mod.rs#L244
+  /* https://github.com/anza-xyz/agave/blob/v2.3.0/runtime/src/bank/builtins/core_bpf_migration/mod.rs#L221-L229
 
      Obtains a SourceBuffer account. There are two fields returned:
       - source.buffer_address: source_buffer_address
-      - source.buffer_account: the existing buffer account */
-
-  /* The buffer account should exist.
-     https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L26-L29 */
+      - source.buffer_account: the existing buffer account
+     Depending on if the verified build hash is provided,  */
   FD_TXN_ACCOUNT_DECL( source_buffer_account );
   fd_funk_rec_prepare_t source_buffer_prepare = {0};
-  if( FD_UNLIKELY( fd_txn_account_init_from_funk_mutable( source_buffer_account, source_buffer_address, slot_ctx->funk, slot_ctx->funk_txn, 0, 0UL, &source_buffer_prepare )!=FD_ACC_MGR_SUCCESS ) ) {
-    FD_LOG_NOTICE(( "Buffer account %s does not exist, skipping migration...", FD_BASE58_ENC_32_ALLOCA( source_buffer_address ) ));
-    return;
+  if( verified_build_hash!=NULL ) {
+    if( FD_UNLIKELY( fd_source_buffer_account_new_with_hash( slot_ctx, source_buffer_account, source_buffer_address, verified_build_hash, &source_buffer_prepare ) ) ) {
+      return;
+    }
+  } else {
+    if( FD_UNLIKELY( fd_source_buffer_account_new( slot_ctx, source_buffer_account, source_buffer_address, &source_buffer_prepare ) ) ) {
+      return;
+    }
   }
 
   fd_lthash_value_t prev_source_buffer_hash[1];
@@ -1858,19 +1942,8 @@ fd_migrate_builtin_to_core_bpf( fd_exec_slot_ctx_t * slot_ctx,
     fd_txn_account_get_data( source_buffer_account ),
     prev_source_buffer_hash );
 
-  /* The buffer account should be owned by the upgradeable loader.
-     https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L31-L34 */
-  if( FD_UNLIKELY( memcmp( fd_txn_account_get_owner( source_buffer_account ), fd_solana_bpf_loader_upgradeable_program_id.uc, sizeof(fd_pubkey_t) ) ) ) {
-    FD_LOG_WARNING(( "Buffer account %s is not owned by the upgradeable loader, skipping migration...", FD_BASE58_ENC_32_ALLOCA( source_buffer_address ) ));
-    return;
-  }
-
-  /* The buffer account should have the correct state. We already check
-     the buffer account state in fd_new_target_program_data_account, so
-     we can skip the checks here.
-     https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/source_buffer.rs#L37-L47 */
-
-  /* This check is done a bit prematurely because we calculate the previous account state's lamports. We use 0 for starting lamports
+  /* This check is done a bit prematurely because we calculate the
+     previous account state's lamports. We use 0 for starting lamports
      for stateless accounts because they don't yet exist.
 
      https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/mod.rs#L277-L280 */
@@ -1883,8 +1956,9 @@ fd_migrate_builtin_to_core_bpf( fd_exec_slot_ctx_t * slot_ctx,
   slot_ctx->funk_txn = fd_funk_txn_prepare( slot_ctx->funk, slot_ctx->funk_txn, &migration_xid, 0UL );
   fd_funk_txn_end_write( slot_ctx->funk );
 
-  /* Attempt serialization of program account. If the program is stateless, we want to create the account. Otherwise,
-     we want a writable handle to modify the existing account.
+  /* Attempt serialization of program account. If the program is
+     stateless, we want to create the account. Otherwise, we want a
+     writable handle to modify the existing account.
      https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank/builtins/core_bpf_migration/mod.rs#L246-L249 */
   FD_TXN_ACCOUNT_DECL( new_target_program_account );
   fd_funk_rec_prepare_t new_target_program_prepare = {0};
@@ -2037,12 +2111,7 @@ fd_apply_builtin_program_feature_transitions( fd_exec_slot_ctx_t *   slot_ctx,
     /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6732-L6751 */
     if( builtins[i].core_bpf_migration_config && FD_FEATURE_ACTIVE_OFFSET( fd_bank_slot_get( slot_ctx->bank ), fd_bank_features_get( slot_ctx->bank ), builtins[i].core_bpf_migration_config->enable_feature_offset ) ) {
       FD_LOG_NOTICE(( "Migrating builtin program %s to core BPF", FD_BASE58_ENC_32_ALLOCA( builtins[i].pubkey->key ) ));
-      fd_migrate_builtin_to_core_bpf( slot_ctx,
-                                      builtins[i].core_bpf_migration_config->upgrade_authority_address,
-                                      builtins[i].core_bpf_migration_config->builtin_program_id,
-                                      builtins[i].core_bpf_migration_config->source_buffer_address,
-                                      0,
-                                      runtime_spad );
+      fd_migrate_builtin_to_core_bpf( slot_ctx, builtins[i].core_bpf_migration_config, runtime_spad );
     }
     /* https://github.com/anza-xyz/agave/blob/v2.1.0/runtime/src/bank.rs#L6753-L6774 */
     if( builtins[i].enable_feature_offset!=NO_ENABLE_FEATURE_ID && FD_FEATURE_JUST_ACTIVATED_OFFSET( slot_ctx, builtins[i].enable_feature_offset ) ) {
@@ -2056,12 +2125,7 @@ fd_apply_builtin_program_feature_transitions( fd_exec_slot_ctx_t *   slot_ctx,
   for( ulong i=0UL; i<fd_num_stateless_builtins(); i++ ) {
     if( stateless_builtins[i].core_bpf_migration_config && FD_FEATURE_ACTIVE_OFFSET( fd_bank_slot_get( slot_ctx->bank ), fd_bank_features_get( slot_ctx->bank ), stateless_builtins[i].core_bpf_migration_config->enable_feature_offset ) ) {
       FD_LOG_NOTICE(( "Migrating stateless builtin program %s to core BPF", FD_BASE58_ENC_32_ALLOCA( stateless_builtins[i].pubkey->key ) ));
-      fd_migrate_builtin_to_core_bpf( slot_ctx,
-                                      stateless_builtins[i].core_bpf_migration_config->upgrade_authority_address,
-                                      stateless_builtins[i].core_bpf_migration_config->builtin_program_id,
-                                      stateless_builtins[i].core_bpf_migration_config->source_buffer_address,
-                                      1,
-                                      runtime_spad );
+      fd_migrate_builtin_to_core_bpf( slot_ctx, stateless_builtins[i].core_bpf_migration_config, runtime_spad );
     }
   }
 

src/flamenco/runtime/fd_system_ids.c

@@ -36,13 +36,15 @@ const fd_pubkey_t fd_solana_spl_native_mint_id                = { .uc = { NATIVE
 const fd_pubkey_t fd_solana_spl_token_id                      = { .uc = { TOKEN_PROG_ID            } };
 const fd_pubkey_t fd_solana_zk_token_proof_program_id         = { .uc = { ZK_TOKEN_PROG_ID         } };
 const fd_pubkey_t fd_solana_zk_elgamal_proof_program_id       = { .uc = { ZK_EL_GAMAL_PROG_ID      } };
+const fd_pubkey_t fd_solana_slashing_program_id               = { .uc = { SLASHING_PROG_ID        } };
 
-const fd_pubkey_t fd_solana_address_lookup_table_program_buffer_address = { .uc = { ADDR_LUT_PROG_BUFFER_ID } };
-const fd_pubkey_t fd_solana_config_program_buffer_address               = { .uc = { CONFIG_PROG_BUFFER_ID } };
-const fd_pubkey_t fd_solana_feature_program_buffer_address              = { .uc = { FEATURE_PROG_BUFFER_ID } };
-const fd_pubkey_t fd_solana_stake_program_buffer_address                = { .uc = { STAKE_PROG_BUFFER_ID } };
+const fd_pubkey_t fd_solana_address_lookup_table_program_buffer_address   = { .uc = { ADDR_LUT_PROG_BUFFER_ID } };
+const fd_pubkey_t fd_solana_config_program_buffer_address                 = { .uc = { CONFIG_PROG_BUFFER_ID } };
+const fd_pubkey_t fd_solana_feature_program_buffer_address                = { .uc = { FEATURE_PROG_BUFFER_ID } };
+const fd_pubkey_t fd_solana_stake_program_buffer_address                  = { .uc = { STAKE_PROG_BUFFER_ID } };
+const fd_pubkey_t fd_solana_slashing_program_buffer_address               = { .uc = { SLASHING_PROG_BUFFER_ID } };
 
-const fd_pubkey_t fd_solana_migration_authority                         = { .uc = { MIGRATION_AUTHORITY_ID } };
+const fd_pubkey_t fd_solana_migration_authority                           = { .uc = { MIGRATION_AUTHORITY_ID } };
 
 /* https://github.com/firedancer-io/agave/blob/66c126b41ec2b55b3f747a4ac4e3ee6b439164a5/sdk/src/reserved_account_keys.rs#L152-L194 */
 #define MAP_PERFECT_NAME fd_pubkey_active_reserved_keys_tbl

src/flamenco/runtime/fd_system_ids.h

@@ -43,13 +43,15 @@ extern const fd_pubkey_t fd_solana_spl_native_mint_id;
 extern const fd_pubkey_t fd_solana_spl_token_id;
 extern const fd_pubkey_t fd_solana_zk_token_proof_program_id;
 extern const fd_pubkey_t fd_solana_zk_elgamal_proof_program_id;
+extern const fd_pubkey_t fd_solana_slashing_program_id;
 
 /* Buffer accounts for BPF migrations
    https://github.com/anza-xyz/agave/blob/v2.1.6/runtime/src/bank/builtins/mod.rs#L151-L165 */
 extern const fd_pubkey_t fd_solana_address_lookup_table_program_buffer_address;
 extern const fd_pubkey_t fd_solana_config_program_buffer_address;
 extern const fd_pubkey_t fd_solana_feature_program_buffer_address;
 extern const fd_pubkey_t fd_solana_stake_program_buffer_address;
+extern const fd_pubkey_t fd_solana_slashing_program_buffer_address;
 
 /* BPF migration authority
    https://github.com/anza-xyz/agave/blob/v2.2.6/programs/bpf_loader/src/lib.rs#L399-L401 */