mratsim/2020-08-06 Eth2 Call 45.txt

## 2020-08-06 Eth2 Call 45.txt
https://github.com/ethereum/eth2.0-pm/issues/171

Nimbus:

Medalla issues:

1. The increased number of attestations in Medalla revealed limits in our stack between libp2p and the beacon node. In particular we are doing the same work multiple times especially in periods of non-finality. This is fixed

2. Attestation processing bug: we wanted to optimize database loading by delaying
    the deserialisation of public keys/signatures. 2 approaches were explored
    but the first one we merged had significant impact on sync and was reverted.
    The second approach is now being used instead with expected benefits and no impact on the rest of the stack.

3. Medalla blocks are often filled with the maximum of 128 attestations, we are reaching the limits of Milagro and will switch to BLST.

4. We have race conditions between incoming and outgoing requests from the same peer.

Issue 3 and 4 are our primary focus
Low peer count is expected due to issue 3, while NBC is working on attestations, it seems to not answer fast enough to peers and gets kicked out)

Audit:

The auditors finished the first phase of audit which was focused on networking, we are currently fixing the issues raised and the second phase will start in 10 days.

————

Medalla post mortem

(link private, for implementers only at the moment, details on pre and post launch issues)

Q: Debugging tools missing?
- network analysis
- peer dumps
- API/RPC
—> RPC on building the internal chain
- opacity on gossip, on attestation integration

————
Testing release updates

————
Client updates

Lodestar
Working on issues on Medalla
-> gossip
-> peering
Peer kicking Lodestar
Seems like things are silently failing

Nimbus


Teku
Integrated BLST: 7x speedup other JVM Milagro
Async storage
Robustness against Johnny’s attack
Closing out the security assessment Rfp, wide range of vendors

Prysm
(…)
Fixed several issues
handling new influx of users, in particular for questions on (….)

Trinity
Sync performance
…

Lighthouse
Stability issues
Increased attestation inclusion
Slasher functioning in isolation
Working with BLST team
Weak subjectivity (?)
Validator UX WIP

Nethermind
not there

————
Research updates

Justin:
BLST: pushing on optimizations and edge cases
Building a security team for Eth2
40 applications

Breakthrough in single leader election
The scheme from Dan Boneh could be solved 2 ways
Either Zero-Knowledge Proofs or Fraud proofs
But ZKP is nascent and causes issue of trusted setup.
—> Breakthrough is tailored ZKP protected by Discrete Logarithm Problem
  which doesn’t require trusted setup (i.e. same requirement as elliptic curve crypto and pairing like BLS)

Dankrad: which client team is interested in implemented the API of (?)

Johny: how far do we want to go on privacy protection, for example the identifier protocol
Assumptions:
- We benefit more from knowing the clients than an attacker
- An attacker can invest to fingerprint a client, trivial today with default port


Attacknets
Devnets: to debug P2P com between Nimbus and Lighthouse

EIP 2334, security risk?
usability: only one mnemonic which avoids confusion

————
Spec discussion
Vitalik: annotated spec, now in repo, https://github.com/ethereum/annotated-spec
	https://github.com/ethereum/eth2.0-pm/issues/171

	Nimbus:

	Medalla issues:

	1. The increased number of attestations in Medalla revealed limits in our stack between libp2p and the beacon node. In particular we are doing the same work multiple times especially in periods of non-finality. This is fixed

	2. Attestation processing bug: we wanted to optimize database loading by delaying
	the deserialisation of public keys/signatures. 2 approaches were explored
	but the first one we merged had significant impact on sync and was reverted.
	The second approach is now being used instead with expected benefits and no impact on the rest of the stack.

	3. Medalla blocks are often filled with the maximum of 128 attestations, we are reaching the limits of Milagro and will switch to BLST.

	4. We have race conditions between incoming and outgoing requests from the same peer.

	Issue 3 and 4 are our primary focus
	Low peer count is expected due to issue 3, while NBC is working on attestations, it seems to not answer fast enough to peers and gets kicked out)

	Audit:

	The auditors finished the first phase of audit which was focused on networking, we are currently fixing the issues raised and the second phase will start in 10 days.

	————

	Medalla post mortem

	(link private, for implementers only at the moment, details on pre and post launch issues)

	Q: Debugging tools missing?
	- network analysis
	- peer dumps
	- API/RPC
	—> RPC on building the internal chain
	- opacity on gossip, on attestation integration

	————
	Testing release updates

	————
	Client updates

	Lodestar
	Working on issues on Medalla
	-> gossip
	-> peering
	Peer kicking Lodestar
	Seems like things are silently failing

	Nimbus


	Teku
	Integrated BLST: 7x speedup other JVM Milagro
	Async storage
	Robustness against Johnny’s attack
	Closing out the security assessment Rfp, wide range of vendors

	Prysm
	(…)
	Fixed several issues
	handling new influx of users, in particular for questions on (….)

	Trinity
	Sync performance
	…

	Lighthouse
	Stability issues
	Increased attestation inclusion
	Slasher functioning in isolation
	Working with BLST team
	Weak subjectivity (?)
	Validator UX WIP

	Nethermind
	not there

	————
	Research updates

	Justin:
	BLST: pushing on optimizations and edge cases
	Building a security team for Eth2
	40 applications

	Breakthrough in single leader election
	The scheme from Dan Boneh could be solved 2 ways
	Either Zero-Knowledge Proofs or Fraud proofs
	But ZKP is nascent and causes issue of trusted setup.
	—> Breakthrough is tailored ZKP protected by Discrete Logarithm Problem
	which doesn’t require trusted setup (i.e. same requirement as elliptic curve crypto and pairing like BLS)

	Dankrad: which client team is interested in implemented the API of (?)

	Johny: how far do we want to go on privacy protection, for example the identifier protocol
	Assumptions:
	- We benefit more from knowing the clients than an attacker
	- An attacker can invest to fingerprint a client, trivial today with default port


	Attacknets
	Devnets: to debug P2P com between Nimbus and Lighthouse

	EIP 2334, security risk?
	usability: only one mnemonic which avoids confusion

	————
	Spec discussion
	Vitalik: annotated spec, now in repo, https://github.com/ethereum/annotated-spec