![[deprecated] F3 Theory Audits](https://images.spr.so/cdn-cgi/imagedelivery/j42No7y-dcokJuNgXeA0ig/0b97dad5-9d8f-493d-b6e8-86cdff13b2ab/rijksmuseum_avercamp_1620/w=3840,quality=90,fit=scale-down)
Creator
NicolaCreated
Mar 6, 2024 1:52 PM
Background
- Spec: FIP-0086
- Implementation: go-f3
- Roadmap: instagantt
- Targetting nv23, code freeze on 9 May
- Audits
- External (Least Authority)
- Theory + go-f3: starting 11 Mar
- Integration: possibly Apr if good lotus-familiar auditor, possibly not happening
- Internal
- This document
- Given timelines, should start ASAP and overlap with external
Internal audit
- Team (tentative)
- Auditors: Guy, Irene [not involved in design]
- Guides: Alejandro, Kuba [involved in design]
- Advisor: Nicola
- Phases
- GossiPBFT (10 days - ASAP)
- Phase 1: Review theory
- Review liveness and safety
- Review security threshold (50+% 30+%)
- Review relationship with drand
- Phase 2: Review Spec
- (2.a) Review FIP https://github.com/filecoin-project/FIPs/blob/master/FIPS/fip-0086.md
- (2.b) Review TLA+?
- Currently out of sync. Are we updating TLA+ to match current spec?
- Phase 3: F3 integration (GPBFT <> EC) (5 days)
- Review changes to the fork rule
- Relation with EC
- Review changes in EC if any
- Review guarantees expected from EC if any
- Evaluate failure modes
- Analyze edge cases: EC slowdown, GPBFT slowdown
- Phase 4: Filecoin-specific attacks (5 days)
- Review WindowPoSt apocalypse
- Phase 5: Protocol implementation review (go-f3) (5 days - late April)
- Good use of randomness, signatures
- Potentially bring in someone new (Rod, Masih?)
[Guy - Irene] Meeting Notes, 12 March
- Guy’s availability: ~ 2 days in this and the next week
- Discussed what is the exact request
- Irene’s concern:
- what “review theory” means? is there any other doc (beyond the FIP) we need to review?
- Guy’s answer: no, likely no other doc
- We agree that we should proceed in a similar way to “conference peer review”:
- independently read the fip, each one writes comments, concerns (short informal report)
- then (~1 week from now), we compare notes and come up with a final report
- About the different phases of the audit:
- We will start with phase 2 (not phase 1)
- (likely phase 1 will not be needed once phase 2 is complete)