Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Construct quorum certificate incrementally (BFT-386) #51

Merged
merged 11 commits into from
Jan 4, 2024

Conversation

moshababo
Copy link
Contributor

@moshababo moshababo commented Dec 13, 2023

Constructing quorum certificates from a batch of signed messages creates redundant error checks which are hard to reason about.

Since this operation's failure is unacceptable and can only occur as a result of a bug, it is preferred to construct incrementally upon receiving each message.

However, this refactoring ended up with no error checks during the incremental construction, delegating responsibility to the message processing.

Consequently, this change can be viewed merely as code cleanup which removes redundant error checks, and the incremental steps as a safer way to do that.

Notes

  • Batch-mode functions throughout the stack are no longer used in non-test code, and were moved to testonly. They can be removed altogether if tests will construct incrementally as well.
    • PrepareQC::from
    • CommitQC::from (also seemed to had a duplicated error check which was removed)
    • validator::AggregateSignature::aggregate
    • bn254::AggregateSignature::aggregate

@moshababo moshababo requested a review from pompon0 December 13, 2023 05:46
@brunoffranca brunoffranca changed the title Construct quorum certificate incrementally Construct quorum certificate incrementally (BFT-386) Dec 13, 2023
Copy link
Member

@brunoffranca brunoffranca left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall, looks good. A small nit, I don't see the need to have a separate Builder type. A QC is still a QC, even if it doesn't have enough signers.

node/actors/bft/src/leader/state_machine.rs Outdated Show resolved Hide resolved
# Conflicts:
#	node/actors/bft/src/leader/replica_commit.rs
#	node/actors/bft/src/leader/replica_prepare.rs
#	node/actors/bft/src/leader/state_machine.rs
#	node/libs/roles/src/validator/messages/consensus.rs
@moshababo
Copy link
Contributor Author

A small nit, I don't see the need to have a separate Builder type. A QC is still a QC, even if it doesn't have enough signers.

Agree, I added the higher-level structs due to having additional fields. But I ended up removing all of them, delegating responsibility for correctness to the caller.

@moshababo moshababo force-pushed the incremental_qc branch 2 times, most recently from 3107e95 to 7b14a56 Compare December 19, 2023 02:30
@moshababo moshababo marked this pull request as ready for review December 19, 2023 04:01
@brunoffranca brunoffranca merged commit cf8340d into main Jan 4, 2024
4 checks passed
@brunoffranca brunoffranca deleted the incremental_qc branch January 4, 2024 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants