Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Kick out solver from competition if not settling #3221

Open
sunce86 opened this issue Jan 8, 2025 · 3 comments
Open

feat: Kick out solver from competition if not settling #3221

sunce86 opened this issue Jan 8, 2025 · 3 comments
Labels
track:post-mortem post mortem follow up tasks

Comments

@sunce86
Copy link
Contributor

sunce86 commented Jan 8, 2025

Problem

When a solver repeatedly wins consecutive auctions but fails to settle its solutions on-chain, it can lead to system downtime. To prevent this, the autopilot must have the capability to temporarily exclude such solvers from participating in competitions. This ensures no single solver can disrupt the system's operations.

Suggested solution

Introduce a new domain::competition component to control whether a /solve request should be sent to a solver. This component would handle two responsibilities:

Solver Authorization

Utilize the existing logic eth.contracts().authenticator().is_solver() to verify if a solver is whitelisted.

Settlement Performance Tracking

Implement statistics-based logic to identify solvers that have won the last X auctions but failed to deliver settlements on-chain. This logic would also encompass other criteria for evaluating a solver’s reliability based on settlement success.

All required data is already accessible via the database. For example, given the auction X, we can fetch data from the previous N auctions, including full competition details. Additionally, the settlement::Observer populates a relationship between settlements and auctions. This allows us to confirm whether a settlement exists for a specific auction before its deadline.

@MartinquaXD
Copy link
Contributor

Forcefully enabling this for all solvers feels like it requires a CIP. However, I think it's reasonable to assume that if we offer this as an opt-in safety net for solvers to avoid huge slashing damages most solvers should be interested in that.
Given that this does not address the issue of an actively malicious solver it probably makes sense to make this mandatory via CIP eventually.

And Felix brought up that this should be very simple to communicate to solvers. Or else there might be support questions that need to be addressed. So I suggest that the autopilot should send a notification to the respective driver that it will get timed out due to submission failures. This should be easy enough for solver teams to track on their end how many auctions they won and how many solutions they actually brought on chain.

@fleupold fleupold added the track:post-mortem post mortem follow up tasks label Jan 9, 2025
@sunce86
Copy link
Contributor Author

sunce86 commented Jan 9, 2025

Haris proposed to also disable /quote requests if the /solve requests are disabled for a solver.

This makes a lot of sense to me although I'm don't see an easy way to achieve this, but leaving here for completness.

@sunce86
Copy link
Contributor Author

sunce86 commented Jan 13, 2025

We need #3065 merged to be able to nicely filter out drivers by submission address. And we want to use submission address to recognize driver and not driver's name/url because name/url are not saved into database so we would have to have a custom code that cache auctions in-memory which is not super from a decentralized perspective.

That said, will prioritize merging #3065 first.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
track:post-mortem post mortem follow up tasks
Projects
None yet
Development

No branches or pull requests

3 participants