-
Notifications
You must be signed in to change notification settings - Fork 11.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Consensus] Small enhancement to the invalid blocks metric #19515
Conversation
…ostname is used whenever possible.
The latest updates on your projects. Learn more about Vercel for Git ↗︎
3 Skipped Deployments
|
@@ -104,11 +108,12 @@ impl<C: CoreThreadDispatcher> NetworkService for AuthorityService<C> { | |||
|
|||
// Reject blocks failing validations. | |||
if let Err(e) = self.block_verifier.verify(&signed_block) { | |||
let error: &'static str = e.clone().into(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That will derive the error enum name only, not parameters etc, so cardinality will be low.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe add a test for this pattern only returns the enum name in BlockVerifier? Totally optional.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
.with_label_values(&[ | ||
peer_hostname, | ||
"handle_send_block", | ||
"BlockSignatureMissmatchSender", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/missmatch/mismatch
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or UnexpectedAuthority
as the error below. Signature is not verified here. This is only checking the peer against indicated author of the block.
.with_label_values(&[ | ||
peer_hostname, | ||
"handle_send_block", | ||
"BlockSignatureMissmatchSender", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or UnexpectedAuthority
as the error below. Signature is not verified here. This is only checking the peer against indicated author of the block.
@@ -104,11 +108,12 @@ impl<C: CoreThreadDispatcher> NetworkService for AuthorityService<C> { | |||
|
|||
// Reject blocks failing validations. | |||
if let Err(e) = self.block_verifier.verify(&signed_block) { | |||
let error: &'static str = e.clone().into(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe add a test for this pattern only returns the enum name in BlockVerifier? Totally optional.
consensus/core/src/block_manager.rs
Outdated
@@ -159,11 +159,19 @@ impl BlockManager { | |||
} | |||
} | |||
for (block_ref, block) in blocks_to_reject { | |||
// It's safe to look up in the authority here since we know that the block has been already verified either via the synchronization methods. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
// It's safe to look up in the authority here since we know that the block has been already verified either via the synchronization methods. |
consensus/core/src/synchronizer.rs
Outdated
@@ -611,11 +611,25 @@ impl<C: NetworkClient, V: BlockVerifier, D: CoreThreadDispatcher> Synchronizer<C | |||
if let Err(e) = block_verifier.verify(&signed_block) { | |||
// TODO: we might want to use a different metric to track the invalid "served" blocks | |||
// from the invalid "proposed" ones. | |||
|
|||
// It's important to check the validity of the index, otherwise the method will panic. | |||
let hostname = if context.committee.is_valid_index(signed_block.author()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we pass the peer_index
to verify_blocks()
instead? The peer is the culprit here since it should not serve invalid blocks to others.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's good point. I'll switch to using the peer_index
. We need to keep in mind then that for an invalid block report on the metrics we can see either:
- the original author coming up
- or the peer to served an invalid block
there is no good way to distinguish anyways unless we always report both, but for now might be good enough
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For timestamp checks, only the block authority is available, which should be equivalent to the peer here since the block has been verified. Or are there other places where peer is unavailable? We can take the opportunity to see if it is possible to fix them. For a few errors, the indicated author can be arbitrary so counting them in metrics is not very useful.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or are there other places where peer is unavailable?
There shouldn't. At least from all the synchronization paths peer is available.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is actually a great improvement! Thanks!
@@ -720,11 +722,16 @@ impl<C: NetworkClient, V: BlockVerifier, D: CoreThreadDispatcher> Synchronizer<C | |||
for serialized_block in blocks { | |||
let signed_block = bcs::from_bytes(&serialized_block).map_err(ConsensusError::MalformedBlock)?; | |||
block_verifier.verify(&signed_block).tap_err(|err|{ | |||
let hostname = if context.committee.is_valid_index(signed_block.author()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should use authority_index
instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah good catch! Fixed it here #19597
Description
Use the hostname whenever possible. Add the error type as well.
Test plan
CI
Release notes
Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required.
For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates.