Dear @poa-validators

We recently found a critical bug in BlockReward contract implementation which fortunately never activated.

The bug is in this line of code: https://github.com/poanetwork/poa-network-consensus-contracts/blob/31fa251ab0d299ba7b70f2fd03ceb5fd04ad5950/contracts/RewardByBlock.sol#L71

This line can revert RewardByBlock.reward system call if the block is produced by a validator which is being removed from the consensus in the same block when the corresponding ballot is being finalized.

At the moment we have two active ballots for removal (Irvin Cardenas and Kristina Yevseyeva) both in Core and Sokol chains. Finalizing those ballots with the current version of BlockReward implementation can activate that bug, so please do not finalize the ballots until the BlockReward contracts are fixed.

We fixed the bug in https://github.com/poanetwork/poa-network-consensus-contracts/pull/209 and deployed the fixed implementations:

For POA Core: https://blockscout.com/poa/core/address/0x1a71a7Dfd947A1D212394ef953099028dBe3d31b/contracts
For POA Sokol: https://blockscout.com/poa/sokol/address/0x13784220cB46932fE8d508F119deE60faAb41A0F/contracts

These implementations only differ from old ones in one line of code. You can compare the code of the new Core implementation with the old/current one, the Sokol implementation - with the old/current one.

Now we need to create a ballot for changing the implementation in Core and Sokol following the instruction:

1. To create a new ballot in POA Core, switch your MetaMask to POA Core chain, then open the page https://voting.poa.network/poa-dapps-voting/new and click Modify Proxy Contract Ballot. Set Proposed Address field to 0x1a71a7Dfd947A1D212394ef953099028dBe3d31b and Contract Type to RewardByBlock. Don’t forget to set ballot’s description and set Ballot End time so that it would be enough to let other validators vote (e.g., 4 days).

2. To create a new ballot in POA Sokol, switch your MetaMask to POA Sokol chain, then open the page https://voting.poa.network/poa-dapps-voting/new and click Modify Proxy Contract Ballot. Set Proposed Address field to 0x13784220cB46932fE8d508F119deE60faAb41A0F and Contract Type to RewardByBlock. Don’t forget to set ballot’s description and set Ballot End time so that it would be enough to let other validators vote (e.g., 4 days).

After these two Proxy ballots are finalized, the other ballots for Irvin Cardenas and Kristina Yevseyeva removal will be able to finalize safely.

Another option to safely finalize the current consensus ballots is to ask Irvin Cardenas @irvinxyz and Kristina Yevseyeva @kristina to turn off their nodes. In this case, they will stop producing blocks and that line of code won’t revert when ballot finalization even with the buggy BlockReward implementation.

@poa-validators, the ballot to fix the bug has been created on Core and Sokol. Please cast your vote. We have a little over 4 days to collect 8 votes need. Thanks

https://voting.poa.network/poa-dapps-voting/

@varasev, I wonder if you wait until the block by the removed validator is produced and finalize the ballot in the next few blocks, would it be a solution to avoid the bug?

@henryvishnevsky That would be a solution, but there is no guarantee that the transaction will be mined in the block you expect: if there are a few pending transactions, your tx can be mined later and fall into the block of the validator which is being removed.

@varasev What if you increase gas for the ballot finalization tx? Shouldn’t it put priority for the tx? I see the blocks are at no more than 5% of capacity.

@henryvishnevsky Yes, you can try to set a high gas price (e.g. 30 gwei or even higher).

On POA Core, after Irvin’s block is issued, you will have 10 blocks to finalize the ballot (before Kristina’s block).

On POA Sokol, after Kristina’s block is issued, you will have 10 blocks to finalize the ballot (before Irvin’s block).

But anyway I’d recommend to wait for the RewardByBlock ballot to finalize first.