enhance PoT verification handling for development mode

jfrank-summit · jfrank-summit · commit 46e41ffa7c6c · 2025-11-07T16:50:44.000-07:00
diff --git a/crates/subspace-malicious-operator/src/bin/subspace-malicious-operator.rs b/crates/subspace-malicious-operator/src/bin/subspace-malicious-operator.rs
@@ -201,6 +201,7 @@ fn main() -> Result<(), Error> {
                 &consensus_chain_config,
                 false,
                 &pot_external_entropy,
+                false, // dev_no_farming: malicious operator doesn't use dev mode
             )
             .map_err(|error| {
                 sc_service::Error::Other(format!("Failed to build a full subspace node: {error:?}"))
diff --git a/crates/subspace-node/src/commands/run.rs b/crates/subspace-node/src/commands/run.rs
@@ -140,6 +140,7 @@ pub async fn run(run_options: RunOptions) -> Result<(), Error> {
                     ChainSyncMode::Snap => true,
                 },
                 &pot_external_entropy,
+                subspace_configuration.dev_no_farming,
             )
             .map_err(|error| {
                 sc_service::Error::Other(format!(
diff --git a/crates/subspace-node/src/main.rs b/crates/subspace-node/src/main.rs
@@ -141,6 +141,7 @@ fn main() -> Result<(), Error> {
                     &config,
                     false,
                     &derive_pot_external_entropy(&config, None)?,
+                    false, // dev_no_farming: utility commands don't need dev mode
                 )?;
                 Ok((
                     cmd.run(client, import_queue).map_err(Error::SubstrateCli),
@@ -160,6 +161,7 @@ fn main() -> Result<(), Error> {
                     &config,
                     false,
                     &derive_pot_external_entropy(&config, None)?,
+                    false, // dev_no_farming: utility commands don't need dev mode
                 )?;
                 Ok((
                     cmd.run(client, config.database)
@@ -180,6 +182,7 @@ fn main() -> Result<(), Error> {
                     &config,
                     false,
                     &derive_pot_external_entropy(&config, None)?,
+                    false, // dev_no_farming: utility commands don't need dev mode
                 )?;
                 Ok((
                     cmd.run(client, config.chain_spec)
@@ -201,6 +204,7 @@ fn main() -> Result<(), Error> {
                     &config,
                     false,
                     &derive_pot_external_entropy(&config, None)?,
+                    false, // dev_no_farming: utility commands don't need dev mode
                 )?;
                 Ok((
                     cmd.run(client, import_queue).map_err(Error::SubstrateCli),
@@ -224,6 +228,7 @@ fn main() -> Result<(), Error> {
                     &config,
                     false,
                     &derive_pot_external_entropy(&config, None)?,
+                    false, // dev_no_farming: utility commands don't need dev mode
                 )?;
                 Ok((
                     cmd.run(client, backend, None).map_err(Error::SubstrateCli),
@@ -251,6 +256,7 @@ fn main() -> Result<(), Error> {
                                 &config,
                                 false,
                                 &derive_pot_external_entropy(&config, None)?,
+                                false, // dev_no_farming: benchmark commands don't need dev mode
                             )?;
 
                         cmd.run(client)
@@ -262,6 +268,7 @@ fn main() -> Result<(), Error> {
                             &config,
                             false,
                             &derive_pot_external_entropy(&config, None)?,
+                            false, // dev_no_farming: benchmark commands don't need dev mode
                         )?;
                         let db = backend.expose_db();
                         let storage = backend.expose_storage();
diff --git a/crates/subspace-service/src/lib.rs b/crates/subspace-service/src/lib.rs
@@ -244,6 +244,7 @@ struct SubspaceExtensionsFactory<PosTable, Client, DomainBlock> {
     pot_verifier: PotVerifier,
     domains_executor: Arc<sc_domains::RuntimeExecutor>,
     confirmation_depth_k: BlockNumber,
+    dev_no_farming: bool,
     _pos_table: PhantomData<(PosTable, DomainBlock)>,
 }
 
@@ -276,123 +277,139 @@ where
         let mut exts = Extensions::new();
         exts.register(KzgExtension::new(self.kzg.clone()));
         exts.register(PosExtension::new::<PosTable>());
-        exts.register(PotExtension::new({
-            let client = Arc::clone(&self.client);
-            let pot_verifier = self.pot_verifier.clone();
-
-            Box::new(
-                move |parent_hash, slot, proof_of_time, quick_verification| {
-                    let parent_hash = {
-                        let mut converted_parent_hash = Block::Hash::default();
-                        converted_parent_hash.as_mut().copy_from_slice(&parent_hash);
-                        converted_parent_hash
-                    };
-
-                    let parent_header = match client.header(parent_hash) {
-                        Ok(Some(parent_header)) => parent_header,
-                        Ok(None) => {
-                            if quick_verification {
+        
+        // In dev-no-farming mode, always accept PoT verification (bypass actual verification)
+        if self.dev_no_farming {
+            exts.register(PotExtension::new(Box::new(
+                move |_parent_hash, _slot, _proof_of_time, _quick_verification| {
+                    // Always return true in dev mode - bypass PoT verification
+                    debug!(
+                        "🔧 Dev mode: bypassing PoT verification for slot {}, parent_hash: {:?}",
+                        _slot, _parent_hash
+                    );
+                    true
+                },
+            )));
+        } else {
+            // Production path: use actual PoT verification
+            exts.register(PotExtension::new({
+                let client = Arc::clone(&self.client);
+                let pot_verifier = self.pot_verifier.clone();
+
+                Box::new(
+                    move |parent_hash, slot, proof_of_time, quick_verification| {
+                        let parent_hash = {
+                            let mut converted_parent_hash = Block::Hash::default();
+                            converted_parent_hash.as_mut().copy_from_slice(&parent_hash);
+                            converted_parent_hash
+                        };
+
+                        let parent_header = match client.header(parent_hash) {
+                            Ok(Some(parent_header)) => parent_header,
+                            Ok(None) => {
+                                if quick_verification {
+                                    error!(
+                                        %parent_hash,
+                                        "Header not found during proof of time verification"
+                                    );
+
+                                    return false;
+                                } else {
+                                    debug!(
+                                        %parent_hash,
+                                        "Header not found during proof of time verification"
+                                    );
+
+                                    // This can only happen during special sync modes there are no other
+                                    // cases where parent header may not be available, hence allow it
+                                    return true;
+                                }
+                            }
+                            Err(error) => {
                                 error!(
+                                    %error,
                                     %parent_hash,
-                                    "Header not found during proof of time verification"
+                                    "Failed to retrieve header during proof of time verification"
                                 );
 
                                 return false;
-                            } else {
-                                debug!(
+                            }
+                        };
+
+                        let parent_pre_digest = match extract_pre_digest(&parent_header) {
+                            Ok(parent_pre_digest) => parent_pre_digest,
+                            Err(error) => {
+                                error!(
+                                    %error,
                                     %parent_hash,
-                                    "Header not found during proof of time verification"
+                                    parent_number = %parent_header.number(),
+                                    "Failed to extract pre-digest from parent header during proof of \
+                                    time verification, this must never happen"
                                 );
 
-                                // This can only happen during special sync modes there are no other
-                                // cases where parent header may not be available, hence allow it
-                                return true;
+                                return false;
                             }
-                        }
-                        Err(error) => {
-                            error!(
-                                %error,
-                                %parent_hash,
-                                "Failed to retrieve header during proof of time verification"
-                            );
-
-                            return false;
-                        }
-                    };
-
-                    let parent_pre_digest = match extract_pre_digest(&parent_header) {
-                        Ok(parent_pre_digest) => parent_pre_digest,
-                        Err(error) => {
-                            error!(
-                                %error,
-                                %parent_hash,
-                                parent_number = %parent_header.number(),
-                                "Failed to extract pre-digest from parent header during proof of \
-                                time verification, this must never happen"
-                            );
+                        };
 
+                        let parent_slot = parent_pre_digest.slot();
+                        if slot <= *parent_slot {
                             return false;
                         }
-                    };
-
-                    let parent_slot = parent_pre_digest.slot();
-                    if slot <= *parent_slot {
-                        return false;
-                    }
 
-                    let pot_parameters = match client.runtime_api().pot_parameters(parent_hash) {
-                        Ok(pot_parameters) => pot_parameters,
-                        Err(error) => {
-                            debug!(
-                                %error,
-                                %parent_hash,
-                                parent_number = %parent_header.number(),
-                                "Failed to retrieve proof of time parameters during proof of time \
-                                verification"
-                            );
+                        let pot_parameters = match client.runtime_api().pot_parameters(parent_hash) {
+                            Ok(pot_parameters) => pot_parameters,
+                            Err(error) => {
+                                debug!(
+                                    %error,
+                                    %parent_hash,
+                                    parent_number = %parent_header.number(),
+                                    "Failed to retrieve proof of time parameters during proof of time \
+                                    verification"
+                                );
 
-                            return false;
-                        }
-                    };
+                                return false;
+                            }
+                        };
 
-                    let pot_input = if parent_header.number().is_zero() {
-                        PotNextSlotInput {
-                            slot: parent_slot + Slot::from(1),
-                            slot_iterations: pot_parameters.slot_iterations(),
-                            seed: pot_verifier.genesis_seed(),
+                        let pot_input = if parent_header.number().is_zero() {
+                            PotNextSlotInput {
+                                slot: parent_slot + Slot::from(1),
+                                slot_iterations: pot_parameters.slot_iterations(),
+                                seed: pot_verifier.genesis_seed(),
+                            }
+                        } else {
+                            let pot_info = parent_pre_digest.pot_info();
+
+                            PotNextSlotInput::derive(
+                                pot_parameters.slot_iterations(),
+                                parent_slot,
+                                pot_info.proof_of_time(),
+                                &pot_parameters.next_parameters_change(),
+                            )
+                        };
+
+                        // Ensure proof of time and future proof of time included in upcoming block are
+                        // valid
+
+                        if quick_verification {
+                            pot_verifier.try_is_output_valid(
+                                pot_input,
+                                Slot::from(slot) - parent_slot,
+                                proof_of_time,
+                                pot_parameters.next_parameters_change(),
+                            )
+                        } else {
+                            pot_verifier.is_output_valid(
+                                pot_input,
+                                Slot::from(slot) - parent_slot,
+                                proof_of_time,
+                                pot_parameters.next_parameters_change(),
+                            )
                         }
-                    } else {
-                        let pot_info = parent_pre_digest.pot_info();
-
-                        PotNextSlotInput::derive(
-                            pot_parameters.slot_iterations(),
-                            parent_slot,
-                            pot_info.proof_of_time(),
-                            &pot_parameters.next_parameters_change(),
-                        )
-                    };
-
-                    // Ensure proof of time and future proof of time included in upcoming block are
-                    // valid
-
-                    if quick_verification {
-                        pot_verifier.try_is_output_valid(
-                            pot_input,
-                            Slot::from(slot) - parent_slot,
-                            proof_of_time,
-                            pot_parameters.next_parameters_change(),
-                        )
-                    } else {
-                        pot_verifier.is_output_valid(
-                            pot_input,
-                            Slot::from(slot) - parent_slot,
-                            proof_of_time,
-                            pot_parameters.next_parameters_change(),
-                        )
-                    }
-                },
-            )
-        }));
+                    },
+                )
+            }));
+        }
 
         exts.register(FraudProofExtension::new(Arc::new(
             FraudProofHostFunctionsImpl::<_, _, DomainBlock, _, _>::new(
@@ -472,6 +489,7 @@ pub fn new_partial<PosTable, RuntimeApi>(
     // TODO: Replace with check for `ChainSyncMode` once we get rid of ^ `Configuration`
     snap_sync: bool,
     pot_external_entropy: &[u8],
+    dev_no_farming: bool,
 ) -> Result<PartialComponents<RuntimeApi>, ServiceError>
 where
     PosTable: Table,
@@ -557,6 +575,10 @@ where
     // ensure the extracted confirmation_depth matches the one from runtime
     assert_eq!(confirmation_depth_k, chain_constants.confirmation_depth_k());
 
+    if dev_no_farming {
+        warn!("🔧 Dev mode: Registering PoT bypass extension for bundle validation");
+    }
+
     client
         .execution_extensions()
         .set_extensions_factory(SubspaceExtensionsFactory::<PosTable, _, DomainBlock> {
@@ -566,6 +588,7 @@ where
             domains_executor: Arc::new(domains_executor),
             backend: backend.clone(),
             confirmation_depth_k: chain_constants.confirmation_depth_k(),
+            dev_no_farming,
             _pos_table: PhantomData,
         });
 

Original file line number	Diff line number	Diff line change
`@@ -201,6 +201,7 @@ fn main() -> Result<(), Error> {`
`201`	`201`	`&consensus_chain_config,`
`202`	`202`	`false,`
`203`	`203`	`&pot_external_entropy,`
	`204`	`+ false, // dev_no_farming: malicious operator doesn't use dev mode`
`204`	`205`	`)`
`205`	`206`	`.map_err(\|error\| {`
`206`	`207`	`sc_service::Error::Other(format!("Failed to build a full subspace node: {error:?}"))`
Original file line number	Diff line number	Diff line change
`@@ -140,6 +140,7 @@ pub async fn run(run_options: RunOptions) -> Result<(), Error> {`
`140`	`140`	`ChainSyncMode::Snap => true,`
`141`	`141`	`},`
`142`	`142`	`&pot_external_entropy,`
	`143`	`+ subspace_configuration.dev_no_farming,`
`143`	`144`	`)`
`144`	`145`	`.map_err(\|error\| {`
`145`	`146`	`sc_service::Error::Other(format!(`