Skip to content

fix: escape hatch snapshots #20363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
LHerskind wants to merge 2 commits into
base: lh/fee-overflow-fixes
Choose a base branch
from
Open

fix: escape hatch snapshots #20363

LHerskind wants to merge 2 commits into from
+857 −67

Conversation

@LHerskind
Copy link
Contributor

@LHerskind LHerskind commented Feb 10, 2026
edited
Loading

In the implementation we had just a single value to store the escape hatch, but since it is updatable by governance, and are not always used with exactly the value that it currently has, we are back into the good ol' case of snapshots.

Essentially, when there is only one value for the escape hatch to look at, the consumers (which might depend on specific timing) could retroactively have their logic altered.

Consumers:

  • Epoch Proof Library
  • Invalidation Library
  • Propose Library
  • Slashing

By being able to alter "all" view of the escape hatch it was possible to make failure cases as these:

  • After a hatch has been used to submit checkpoints, the escape hatch is updated, and when it comes time to prove, the proof will fail because no committee signatures 😭
  • As above, possible to invalidate the block early
  • If the update happens after a provider was selected but before their duty starts, they could end up in a case where it is impossible for them to propose and they will then get punished because they also did not prove anything
  • For the case of slashing, because we do not slash during the escape hatch, it could be abused to avoid slashing entirely.

Another point of interest, not for the rollup, but for the candidates, is that the escape hatch could keep selecting them for duty, without being able to actually propose. So the escape hatch must also take a look at the rollup to see if it is currently the active hatch.

Solving the problems are as mentioned simple, use a snapshot, and then read historical values. When updating the escape hatch we will then do it for the NEXT epoch, since it could otherwise happen after a checkpoint was already proposed in the same L1 block.

In the case where the update happens during an open hatch, we allow the proposer to do nothing without getting punished, but if he does propose thing he must fulfill them.

@LHerskind LHerskind mentioned this pull request Feb 10, 2026
Open
@LHerskind Graphite App
Copy link
Contributor Author

LHerskind commented Feb 10, 2026
edited
Loading

Warning

This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
Learn more

This stack of pull requests is managed by Graphite. Learn more about stacking.

@LHerskind LHerskind mentioned this pull request Feb 10, 2026
Open
@LHerskind LHerskind force-pushed the lh/escape-hatch-snapshot branch from a4165af to 620b5e1 Compare February 12, 2026 12:33
@LHerskind LHerskind force-pushed the lh/fee-overflow-fixes branch from a663b2b to dae0ae5 Compare February 12, 2026 12:33
@LHerskind LHerskind mentioned this pull request Feb 12, 2026
Open
@LHerskind LHerskind marked this pull request as ready for review February 12, 2026 13:44
@LHerskind LHerskind changed the title chore: showcase issues fix: escape hatch snapshots Feb 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Maddiaa0 Maddiaa0 Awaiting requested review from Maddiaa0 Maddiaa0 is a code owner

@just-mitch just-mitch Awaiting requested review from just-mitch just-mitch is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@LHerskind