Skip to content

staking-async: allow session keys handling on AssetHub #10666

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
sigurpol wants to merge 26 commits into
base: master
Choose a base branch
from
Open

staking-async: allow session keys handling on AssetHub #10666

sigurpol wants to merge 26 commits into from

Conversation

@sigurpol
Copy link
Contributor

@sigurpol sigurpol commented Dec 16, 2025
edited
Loading

  • Validators can now call set_keys and purge_keys on AssetHub, which forwards the request to the RelayChain via XCM.
  • Session keys and ownership proof are validated on AssetHub before forwarding. Only validated keys are sent to RC (no proof), as RC trusts AH's validation.
  • Staking proxies can call set_keys and purge_keys on behalf of validators. The ProxyType::Staking filter on runtime needs to be updated to include these calls.
  • Validators are still allowed to call set_keys and purge_keys via relay-chain pallet-session's extrinsics. This option will be deprecated in the future.
  • No key deposit is required on AssetHub.

Close #8806.

TODO

  • integration test to check AH-RC key consistencies
  • proper benchmarking (e.g. around ownership proof now that frame-session: Introduce a proper proof of key ownership #1739 is merged)
  • re-generate weights for staking-async-rc-client
  • should we use a bonded vector for proof of ownership on AH? We will never forward it to RC but still...

@sigurpol sigurpol requested a review from a team as a code owner December 16, 2025 15:49
@sigurpol sigurpol added the T2-pallets This PR/Issue is related to a particular pallet. label Dec 16, 2025
@sigurpol
Copy link
Contributor Author

sigurpol commented Dec 16, 2025

/cmd prdoc --audience runtime_dev --bump major

@sigurpol sigurpol changed the title staking-async: allow session keys handling on AssetHub 🚧 staking-async: allow session keys handling on AssetHub Dec 16, 2025
@sigurpol sigurpol force-pushed the sigurpol-session-keys-asset-hub branch from 4f19e9b to 06c4e0e Compare December 17, 2025 08:21
@sigurpol
session/staking/westend AH and RC: allow to set/purge session keys vi…
dc9400a 
…a AH

- Allow setting or purging keys via AH -> XCM -> RC.
-  Maintain the option to set or purge keys via RC for backward compatibility.
-  We do not yet enforce or handle deposits on AH; this will be addressed once
RC extrinsics are fully deprecated.
-  Updated Westend RC to set the deposit to 0, aligning it with the current
Polkadot/Kusama RC, and modified Westend AH to support setting or purging keys.

TODO:
-  Tests
-  Benchmarking
@sigurpol sigurpol force-pushed the sigurpol-session-keys-asset-hub branch from 06c4e0e to dc9400a Compare December 17, 2025 08:57
Ank4n
Ank4n reviewed Dec 18, 2025
View reviewed changes
Ank4n
Ank4n reviewed Dec 18, 2025
View reviewed changes
Ank4n
Ank4n reviewed Dec 18, 2025
View reviewed changes
substrate/frame/staking-async/ah-client/src/lib.rs
}

fn set_keys(account: &Self::AccountId, keys: Self::Keys) -> DispatchResult {
pallet_session::Pallet::<T>::do_set_keys(account, keys)
Copy link
Contributor

@Ank4n Ank4n Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why can't we directly xcm::transact session pallet call?

Copy link
Contributor Author

@sigurpol sigurpol Dec 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

my understanding - which might be wrong - is that if we use xcm::transact directly to call pallet_session::set_keys, then RC has no way to know that the transaction was signed by validator X, the origin would be just the XCM origin (Parachain(1000) or something) and pallet_session::set_keys requires ensure_signed(origin) so it would need the account of X. so ensure_origin would fail because it would find AH as origin and not X.

ah-client solves the issues :

  pub fn set_keys_from_ah(
      origin: OriginFor<T>,
      stash: T::AccountId,    // ← X's account passed explicitly!!!!!!
      keys: Vec<u8>,
      proof: Vec<u8>,
  ) {
      T::AssetHubOrigin::ensure_origin(origin)?;  // we verify it's from AssetHub

      T::SessionInterface::set_keys(&stash, keys)?;  // ← Use stash  of X directly calling pallet_session::Pallet::<T>::do_set_keys(account, keys)
  }

Note that RC relies on AH to have verified that the transaction is signed by X

 pub fn set_keys(origin: OriginFor<T>, keys: T::Keys, proof: Vec<u8>) -> DispatchResult {
      let stash = ensure_signed(origin)?;  // ← we check it is signed by validator X

Does it make sense?

@sigurpol
Copy link
Contributor Author

sigurpol commented Dec 18, 2025

Main outcome of discussion with @Ank4n :

  • fire and forget when setting / purging keys from AH to RC
  • raw bytes as keys
  • it's ok to have a transition period where we allows keys to be set / purged both on AH and RC to have an easy transitions for validators / tools. We will deprecated and remove RC extrinsics later on

@sigurpol sigurpol changed the title 🚧 staking-async: allow session keys handling on AssetHub staking-async: allow session keys handling on AssetHub Dec 18, 2025
sigurpol
sigurpol commented Dec 18, 2025
View reviewed changes
@paritytech-workflow-stopper
Copy link

paritytech-workflow-stopper bot commented Dec 24, 2025

All GitHub workflows were cancelled due to failure one of the required jobs.
Failed workflow url: https://github.com/paritytech/polkadot-sdk/actions/runs/20483170037
Failed job name: test-linux-stable

@sigurpol
Copy link
Contributor Author

sigurpol commented Dec 26, 2025

/cmd bench --pallet pallet_staking_async_rc_client --runtime asset-hub-westend

@github-actions
Copy link
Contributor

github-actions bot commented Dec 26, 2025

Command "bench --pallet pallet_staking_async_rc_client --runtime asset-hub-westend" has started 🚀 See logs here

@github-actions
Copy link
Contributor

github-actions bot commented Dec 26, 2025

Command "bench --pallet pallet_staking_async_rc_client --runtime asset-hub-westend" has finished ✅ See logs here

Details

Subweight results:
File Extrinsic Old New Change [%]
substrate/frame/staking-async/rc-client/src/weights.rs set_keys 175.00us Added
substrate/frame/staking-async/rc-client/src/weights.rs purge_keys 35.00us Added
cumulus/parachains/runtimes/assets/asset-hub-westend/src/weights/pallet_staking_async_rc_client.rs set_keys 416.75us Added
cumulus/parachains/runtimes/assets/asset-hub-westend/src/weights/pallet_staking_async_rc_client.rs purge_keys 100.98us Added
Command output:

✅ Successful benchmarks of runtimes/pallets:
-- asset-hub-westend: ['pallet_staking_async_rc_client']

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Ank4n Ank4n Ank4n left review comments

@seadanda seadanda Awaiting requested review from seadanda

@andreitrand andreitrand Awaiting requested review from andreitrand

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

T2-pallets This PR/Issue is related to a particular pallet.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[AHM-Polkadot] Sessions Keys stored in AH

3 participants

@sigurpol @Ank4n