mirror of
https://github.com/d0zingcat/ore.git
synced 2026-05-14 15:10:13 +00:00
308 lines
12 KiB
Rust
308 lines
12 KiB
Rust
use std::mem::size_of;
|
|
|
|
use drillx::Solution;
|
|
use ore_api::prelude::*;
|
|
use ore_boost_api::state::{Boost, Stake};
|
|
#[allow(deprecated)]
|
|
use solana_program::{
|
|
keccak::hashv,
|
|
log::{sol_log, sol_log_data},
|
|
program::set_return_data,
|
|
sanitize::SanitizeError,
|
|
serialize_utils::{read_pubkey, read_u16},
|
|
slot_hashes::SlotHash,
|
|
};
|
|
use steel::*;
|
|
|
|
/// Mine validates hashes and increments a miner's claimable balance.
|
|
pub fn process_mine(accounts: &[AccountInfo], data: &[u8]) -> ProgramResult {
|
|
// Parse args.
|
|
let args = Mine::try_from_bytes(data)?;
|
|
|
|
// Load accounts.
|
|
let (required_accounts, optional_accounts) = accounts.split_at(6);
|
|
let [signer_info, bus_info, config_info, proof_info, instructions_sysvar, slot_hashes_sysvar] =
|
|
required_accounts
|
|
else {
|
|
return Err(ProgramError::NotEnoughAccountKeys);
|
|
};
|
|
signer_info.is_signer()?;
|
|
let bus = bus_info.is_bus()?.to_account_mut::<Bus>(&ore_api::ID)?;
|
|
let config = config_info
|
|
.is_config()?
|
|
.to_account::<Config>(&ore_api::ID)?;
|
|
let proof = proof_info
|
|
.to_account_mut::<Proof>(&ore_api::ID)?
|
|
.check_mut(|p| p.miner == *signer_info.key)?;
|
|
instructions_sysvar.is_sysvar(&sysvar::instructions::ID)?;
|
|
slot_hashes_sysvar.is_sysvar(&sysvar::slot_hashes::ID)?;
|
|
|
|
// Authenticate the proof account.
|
|
//
|
|
// Only one proof account can be used for any given transaction. All `mine` instructions
|
|
// in the transaction must use the same proof account.
|
|
authenticate(&instructions_sysvar.data.borrow(), proof_info.key)?;
|
|
|
|
// Validate epoch is active.
|
|
let clock = Clock::get()?;
|
|
if config
|
|
.last_reset_at
|
|
.saturating_add(EPOCH_DURATION)
|
|
.le(&clock.unix_timestamp)
|
|
{
|
|
return Err(OreError::NeedsReset.into());
|
|
}
|
|
|
|
// Reject spam transactions.
|
|
//
|
|
// Miners are rate limited to approximately 1 hash per minute. If a miner attempts to submit
|
|
// solutions more frequently than this, reject with an error.
|
|
let t: i64 = clock.unix_timestamp;
|
|
let t_target = proof.last_hash_at.saturating_add(ONE_MINUTE);
|
|
let t_spam = t_target.saturating_sub(TOLERANCE);
|
|
if t.lt(&t_spam) {
|
|
return Err(OreError::Spam.into());
|
|
}
|
|
|
|
// Validate the hash digest.
|
|
//
|
|
// Here we use drillx to validate the provided solution is a valid hash of the challenge.
|
|
// If invalid, we return an error.
|
|
let solution = Solution::new(args.digest, args.nonce);
|
|
if !solution.is_valid(&proof.challenge) {
|
|
return Err(OreError::HashInvalid.into());
|
|
}
|
|
|
|
// Validate the hash satisfies the minimum difficulty.
|
|
//
|
|
// We use drillx to get the difficulty (leading zeros) of the hash. If the hash does not have the
|
|
// minimum required difficulty, we reject it with an error.
|
|
let hash = solution.to_hash();
|
|
let difficulty = hash.difficulty();
|
|
if difficulty.lt(&(config.min_difficulty as u32)) {
|
|
return Err(OreError::HashTooEasy.into());
|
|
}
|
|
|
|
// Normalize the difficulty and calculate the reward amount.
|
|
//
|
|
// The reward doubles for every bit of difficulty (leading zeros) on the hash. We use the normalized
|
|
// difficulty so the minimum accepted difficulty pays out at the base reward rate.
|
|
let normalized_difficulty = difficulty
|
|
.checked_sub(config.min_difficulty as u32)
|
|
.unwrap();
|
|
let mut reward = config
|
|
.base_reward_rate
|
|
.checked_mul(2u64.checked_pow(normalized_difficulty).unwrap())
|
|
.unwrap();
|
|
|
|
// Apply staking multiplier.
|
|
//
|
|
// If user has greater than or equal to the max stake on the network, they receive 2x multiplier.
|
|
// Any stake less than this will receives between 1x and 2x multipler. The multipler is only active
|
|
// if the miner's last stake deposit was more than one minute ago to protect against flash loan attacks.
|
|
if proof.balance.gt(&0) && proof.last_stake_at.saturating_add(ONE_MINUTE).lt(&t) {
|
|
// Calculate staking reward.
|
|
if config.top_balance.gt(&0) {
|
|
let staking_reward = (reward as u128)
|
|
.checked_mul(proof.balance.min(config.top_balance) as u128)
|
|
.unwrap()
|
|
.checked_div(config.top_balance as u128)
|
|
.unwrap() as u64;
|
|
reward = reward.checked_add(staking_reward).unwrap();
|
|
}
|
|
|
|
// Update bus stake tracker.
|
|
if proof.balance.gt(&bus.top_balance) {
|
|
bus.top_balance = proof.balance;
|
|
}
|
|
}
|
|
|
|
// Apply boosts.
|
|
//
|
|
// Boosts are staking incentives that can multiply a miner's rewards. Up to 3 boosts can be applied
|
|
// on any given mine operation.
|
|
let base_reward = reward;
|
|
let mut boost_events: Vec<BoostEvent> = vec![];
|
|
let mut applied_boosts = [Pubkey::new_from_array([0; 32]); 3];
|
|
for i in 0..3 {
|
|
if optional_accounts.len().gt(&(i * 2)) {
|
|
// Load optional accounts.
|
|
let boost_info = optional_accounts[i * 2].clone();
|
|
let stake_info = optional_accounts[i * 2 + 1].clone();
|
|
let boost = boost_info.to_account::<Boost>(&ore_boost_api::ID)?;
|
|
let stake = stake_info
|
|
.to_account::<Stake>(&ore_boost_api::ID)?
|
|
.check(|s| s.authority == proof.authority)?
|
|
.check(|s| s.boost == *boost_info.key)?;
|
|
|
|
// Skip if boost is applied twice.
|
|
if applied_boosts.contains(boost_info.key) {
|
|
continue;
|
|
}
|
|
|
|
// Record this boost has been used.
|
|
applied_boosts[i] = *boost_info.key;
|
|
|
|
// Apply multiplier if boost is not expired and last stake at was more than one minute ago.
|
|
if boost.expires_at.gt(&t) && stake.last_stake_at.saturating_add(ONE_MINUTE).le(&t) {
|
|
let multiplier = boost.multiplier.checked_sub(1).unwrap();
|
|
let boost_reward = (base_reward as u128)
|
|
.checked_mul(multiplier as u128)
|
|
.unwrap()
|
|
.checked_mul(stake.balance as u128)
|
|
.unwrap()
|
|
.checked_div(boost.total_stake as u128)
|
|
.unwrap() as u64;
|
|
reward = reward.checked_add(boost_reward).unwrap();
|
|
|
|
// Push boost event
|
|
boost_events.push(BoostEvent {
|
|
mint: boost.mint,
|
|
reward: boost_reward,
|
|
});
|
|
}
|
|
}
|
|
}
|
|
|
|
// Apply liveness penalty.
|
|
//
|
|
// The liveness penalty exists to ensure there is no "invisible" hashpower on the network. It
|
|
// should not be possible to spend ~1 hour on a given challenge and submit a hash with a large
|
|
// difficulty value to earn an outsized reward.
|
|
//
|
|
// The penalty works by halving the reward amount for every minute late the solution has been submitted.
|
|
// This ultimately drives the reward to zero given enough time (10-20 minutes).
|
|
let reward_pre_penalty = reward;
|
|
let t_liveness = t_target.saturating_add(TOLERANCE);
|
|
if t.gt(&t_liveness) {
|
|
// Halve the reward for every minute late.
|
|
let secs_late = t.saturating_sub(t_target) as u64;
|
|
let mins_late = secs_late.saturating_div(ONE_MINUTE as u64);
|
|
if mins_late.gt(&0) {
|
|
reward = reward.saturating_div(2u64.saturating_pow(mins_late as u32));
|
|
}
|
|
|
|
// Linear decay with remainder seconds.
|
|
let remainder_secs = secs_late.saturating_sub(mins_late.saturating_mul(ONE_MINUTE as u64));
|
|
if remainder_secs.gt(&0) && reward.gt(&0) {
|
|
let penalty = reward
|
|
.saturating_div(2)
|
|
.saturating_mul(remainder_secs)
|
|
.saturating_div(ONE_MINUTE as u64);
|
|
reward = reward.saturating_sub(penalty);
|
|
}
|
|
}
|
|
|
|
// Apply bus limit.
|
|
//
|
|
// Busses are limited to distributing 1 ORE per epoch. The payout amount must be capped to whatever is
|
|
// left in the selected bus. This limits the maximum amount that will be paid out for any given hash to 1 ORE.
|
|
let reward_actual = reward.min(bus.rewards).min(ONE_ORE);
|
|
|
|
// Update balances.
|
|
//
|
|
// We track the theoretical rewards that would have been paid out ignoring the bus limit, so the
|
|
// base reward rate will be updated to account for the real hashpower on the network.
|
|
bus.theoretical_rewards = bus.theoretical_rewards.checked_add(reward).unwrap();
|
|
bus.rewards = bus.rewards.checked_sub(reward_actual).unwrap();
|
|
proof.balance = proof.balance.checked_add(reward_actual).unwrap();
|
|
|
|
// Hash a recent slot hash into the next challenge to prevent pre-mining attacks.
|
|
//
|
|
// The slot hashes are unpredictable values. By seeding the next challenge with the most recent slot hash,
|
|
// miners are forced to submit their current solution before they can begin mining for the next.
|
|
proof.last_hash = hash.h;
|
|
proof.challenge = hashv(&[
|
|
hash.h.as_slice(),
|
|
&slot_hashes_sysvar.data.borrow()[0..size_of::<SlotHash>()],
|
|
])
|
|
.0;
|
|
|
|
// Update stats.
|
|
proof.last_hash_at = t.max(t_target);
|
|
proof.total_hashes = proof.total_hashes.saturating_add(1);
|
|
proof.total_rewards = proof.total_rewards.saturating_add(reward_actual);
|
|
|
|
// Log boost events.
|
|
//
|
|
// The boost rewards are scaled down before logging to account for penalties and bus limits.
|
|
// These logs can be used by pool operators to calculate staker rewards.
|
|
for mut event in boost_events.into_iter() {
|
|
event.reward = (event.reward as u128)
|
|
.checked_mul(reward_actual as u128)
|
|
.unwrap()
|
|
.checked_div(reward_pre_penalty as u128)
|
|
.unwrap() as u64;
|
|
sol_log_data(&[event.to_bytes()]);
|
|
}
|
|
sol_log(&format!("Base: {}", reward_actual));
|
|
|
|
// Log mining event.
|
|
//
|
|
// These logs can be used by pool operators to calculate miner rewards.
|
|
set_return_data(
|
|
MineEvent {
|
|
difficulty: difficulty as u64,
|
|
reward: reward_actual,
|
|
timing: t.saturating_sub(t_liveness),
|
|
}
|
|
.to_bytes(),
|
|
);
|
|
|
|
Ok(())
|
|
}
|
|
|
|
/// Authenticate the proof account.
|
|
///
|
|
/// This process is necessary to prevent sybil attacks. If a user can pack multiple hashes into a single
|
|
/// transaction, then there is a financial incentive to mine across multiple keypairs and submit as many hashes
|
|
/// as possible in the same transaction to minimize fee / hash.
|
|
///
|
|
/// We prevent this by forcing every transaction to declare upfront the proof account that will be used for mining.
|
|
/// The authentication process includes passing the 32 byte pubkey address as instruction data to a CU-optimized noop
|
|
/// program. We parse this address through transaction introspection and use it to ensure the same proof account is
|
|
/// used for every `mine` instruction in a given transaction.
|
|
fn authenticate(data: &[u8], proof_address: &Pubkey) -> ProgramResult {
|
|
if let Ok(Some(auth_address)) = parse_auth_address(data) {
|
|
if proof_address.ne(&auth_address) {
|
|
return Err(OreError::AuthFailed.into());
|
|
}
|
|
} else {
|
|
return Err(OreError::AuthFailed.into());
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
/// Use transaction introspection to parse the authenticated pubkey.
|
|
fn parse_auth_address(data: &[u8]) -> Result<Option<Pubkey>, SanitizeError> {
|
|
// Start the current byte index at 0
|
|
let mut curr = 0;
|
|
let num_instructions = read_u16(&mut curr, data)?;
|
|
let pc = curr;
|
|
|
|
// Iterate through the transaction instructions
|
|
for i in 0..num_instructions as usize {
|
|
// Shift pointer to correct positition
|
|
curr = pc + i * 2;
|
|
curr = read_u16(&mut curr, data)? as usize;
|
|
|
|
// Skip accounts
|
|
let num_accounts = read_u16(&mut curr, data)? as usize;
|
|
curr += num_accounts * 33;
|
|
|
|
// Read the instruction program id
|
|
let program_id = read_pubkey(&mut curr, data)?;
|
|
|
|
// Introspect on the first noop instruction
|
|
if program_id.eq(&NOOP_PROGRAM_ID) {
|
|
// Return address read from instruction data
|
|
curr += 2;
|
|
let address = read_pubkey(&mut curr, data)?;
|
|
return Ok(Some(address));
|
|
}
|
|
}
|
|
|
|
// Default return none
|
|
Ok(None)
|
|
}
|