-
Notifications
You must be signed in to change notification settings - Fork 208
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vaults detects failing priceAuthority and requests new one #8696
Conversation
b2898f3
to
d419cc7
Compare
priceAuthority, | ||
priceAuthority: priceAuthorityReg, | ||
priceAuthorityAdmin, | ||
aethPriceAuthority, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why expose this? anything looking up aeth prices should be able to get it from priceAuthority
OIC, it's to provide access to the manual authority. consider naming it aethMPA
or something to distinguish.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I consider it a bug farm that the thing called priceAuthority
rather pervasively, is actually a priceAuthorityRegistry
with the same API as a priceAuthority
. I don't mind giving the manual PA a distinct name, since one has to know its type to be able to use its manual properties.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I consider it a bug farm that the thing called priceAuthority rather pervasively, is actually a priceAuthorityRegistry with the same API as a priceAuthority
I don't think that's quite right. I refer to this type:
agoric-sdk/packages/zoe/tools/priceAuthorityRegistry.js
Lines 29 to 36 in d419cc7
/** | |
* @typedef {object} PriceAuthorityRegistry A price authority that is a facade | |
* for other backing price authorities registered for a given asset and price | |
* brand | |
* @property {PriceAuthority} priceAuthority | |
* @property {PriceAuthorityRegistryAdmin} adminFacet | |
*/ | |
PriceAuthority
is an interface. PriceAuthorityRegistry
is a kit of a priceAuthority
(PriceAuthority
) and an adminFacet
(PriceAuthorityRegistryAdmin
) which can be used to control it.
Regardless of the provenance, the PriceAuthority
interface allows for querying any price, whether the authority has information about it or not.
Do you want to change that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not the shared interface that has my attention. I'm a strong proponent of polymorphism.
What I'm referring to is the confusion of the priceAuthorityRegistry with other priceAuthorities. I've only gradually (over the last two quasi-vacation weeks) come to understand how all these pieces actually fit together.
- The priceAuthorityRegistry is a vat that pre-dates Zoe in bootstrap order. (It's Vat8, while Zoe is Vat9). That means that it's not a Zoe contract. I don't know what that means for our ability to upgrade it or inform its dependents if it changes.
- When provided to Auctions and Vaults, its name is PriceAuthority and it is typed as
PriceAuthority
. I had assumed that I was using a PriceAuthority in those contracts.
If you have a PriceAuthorityRegistry, and you call makeQuoteNotifier()
, you end up talking to an ERef for the notifier that refers directly to the intended priceAuthority vat. (This is fine.) If you use any of the other PA methods for requesting a price, every request is relayed through the PriceAuthorityRegistry vat.
ln the context of tracing an associated storage leak (#8400), knowing which vats are holding and relaying which promises has become a priority.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When provided to Auctions and Vaults, its name is PriceAuthority and it is typed as PriceAuthority. I had assumed that I was using a PriceAuthority in those contracts.
Isn't that accurate? It may leave out some details but it is an object that implements PriceAuthority. That's all the Auctions and Vaults are supposed to know.
I'm interested in what changes you might propose. But we're on a tangent now so I'm fine resolving this thread and picking up in Slack or wherever.
d419cc7
to
70dccf5
Compare
space, | ||
priceAuthority: priceAuthorityReg, | ||
priceAuthorityAdmin, | ||
aethPriceAuthority, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same issue here, right?
aethPriceAuthority, | |
aethManualPA, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
fd9c706
to
935cbf6
Compare
935cbf6
to
e722e81
Compare
If the quoteNotifier is broken, set updatingOracleQuote to null. If updatingOracleQuote is null when attempting to capture the oracle price, restart observeQuoteNotifier Vaults detects failing priceAuthority and requests new one (#8696)
) * feat: auctioneer/vaults detect failing priceAuthority & request new If the quoteNotifier is broken, set updatingOracleQuote to null. If updatingOracleQuote is null when attempting to capture the oracle price, restart observeQuoteNotifier Vaults detects failing priceAuthority and requests new one (#8696) * feat: make vaultManager robust against failing priceAuthority * chore: fix types, drop expect-error --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…oric#8691) * feat: auctioneer/vaults detect failing priceAuthority & request new If the quoteNotifier is broken, set updatingOracleQuote to null. If updatingOracleQuote is null when attempting to capture the oracle price, restart observeQuoteNotifier Vaults detects failing priceAuthority and requests new one (Agoric#8696) * feat: make vaultManager robust against failing priceAuthority * chore: fix types, drop expect-error --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
refs: #8675
Description
Define
watchPerpetualNotifier
, and use it to monitor updates from the quoteNotifier. When it detects an error, it requests a new notifier and restarts thewatchPerpetualNotifier
.Security Considerations
robustness for the chain.
Scaling Considerations
Not a scaling issue.
Documentation Considerations
No user docs required.
Testing Considerations
Added a test that Vaults switches to a new priceAuthority when the existing authority throws an error.
Many existing vaults tests were not cleanly adding a priceAuthority before adding a new vaultManager, so I had to refactor the setup functions to make that simple.
Upgrade Considerations
The priceAuthority is holding onto cyclic data structures involving exitObjects. In order to force GC of those objects, we plan to fix the problem in Zoe and then abandon the old priceAuthorities. This fix allows Vaults to survive when the old priceAuthority is killed.