[Consensus] Small enhancement to the invalid blocks metric #19515
Conversation
…ostname is used whenever possible.
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
3 Skipped Deployments
|
| @@ -104,11 +108,12 @@ impl<C: CoreThreadDispatcher> NetworkService for AuthorityService<C> { | |||
|
|
|||
| // Reject blocks failing validations. | |||
| if let Err(e) = self.block_verifier.verify(&signed_block) { | |||
| let error: &'static str = e.clone().into(); | |||
There was a problem hiding this comment.
That will derive the error enum name only, not parameters etc, so cardinality will be low.
There was a problem hiding this comment.
Maybe add a test for this pattern only returns the enum name in BlockVerifier? Totally optional.
| .with_label_values(&[ | ||
| peer_hostname, | ||
| "handle_send_block", | ||
| "BlockSignatureMissmatchSender", |
There was a problem hiding this comment.
Or UnexpectedAuthority as the error below. Signature is not verified here. This is only checking the peer against indicated author of the block.
| .with_label_values(&[ | ||
| peer_hostname, | ||
| "handle_send_block", | ||
| "BlockSignatureMissmatchSender", |
There was a problem hiding this comment.
Or UnexpectedAuthority as the error below. Signature is not verified here. This is only checking the peer against indicated author of the block.
| @@ -104,11 +108,12 @@ impl<C: CoreThreadDispatcher> NetworkService for AuthorityService<C> { | |||
|
|
|||
| // Reject blocks failing validations. | |||
| if let Err(e) = self.block_verifier.verify(&signed_block) { | |||
| let error: &'static str = e.clone().into(); | |||
There was a problem hiding this comment.
Maybe add a test for this pattern only returns the enum name in BlockVerifier? Totally optional.
consensus/core/src/block_manager.rs
Outdated
| @@ -159,11 +159,19 @@ impl BlockManager { | |||
| } | |||
| } | |||
| for (block_ref, block) in blocks_to_reject { | |||
| // It's safe to look up in the authority here since we know that the block has been already verified either via the synchronization methods. | |||
There was a problem hiding this comment.
| // It's safe to look up in the authority here since we know that the block has been already verified either via the synchronization methods. |
consensus/core/src/synchronizer.rs
Outdated
| @@ -611,11 +611,25 @@ impl<C: NetworkClient, V: BlockVerifier, D: CoreThreadDispatcher> Synchronizer<C | |||
| if let Err(e) = block_verifier.verify(&signed_block) { | |||
| // TODO: we might want to use a different metric to track the invalid "served" blocks | |||
| // from the invalid "proposed" ones. | |||
|
|
|||
| // It's important to check the validity of the index, otherwise the method will panic. | |||
| let hostname = if context.committee.is_valid_index(signed_block.author()) { | |||
There was a problem hiding this comment.
Can we pass the peer_index to verify_blocks() instead? The peer is the culprit here since it should not serve invalid blocks to others.
There was a problem hiding this comment.
That's good point. I'll switch to using the peer_index. We need to keep in mind then that for an invalid block report on the metrics we can see either:
- the original author coming up
- or the peer to served an invalid block
there is no good way to distinguish anyways unless we always report both, but for now might be good enough
There was a problem hiding this comment.
For timestamp checks, only the block authority is available, which should be equivalent to the peer here since the block has been verified. Or are there other places where peer is unavailable? We can take the opportunity to see if it is possible to fix them. For a few errors, the indicated author can be arbitrary so counting them in metrics is not very useful.
There was a problem hiding this comment.
Or are there other places where peer is unavailable?
There shouldn't. At least from all the synchronization paths peer is available.
| @@ -720,11 +722,16 @@ impl<C: NetworkClient, V: BlockVerifier, D: CoreThreadDispatcher> Synchronizer<C | |||
| for serialized_block in blocks { | |||
| let signed_block = bcs::from_bytes(&serialized_block).map_err(ConsensusError::MalformedBlock)?; | |||
| block_verifier.verify(&signed_block).tap_err(|err|{ | |||
| let hostname = if context.committee.is_valid_index(signed_block.author()) { | |||
There was a problem hiding this comment.
This should use authority_index instead?
There was a problem hiding this comment.
Ah good catch! Fixed it here #19597
Description
Use the hostname whenever possible. Add the error type as well.
Test plan
CI
Release notes
Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required.
For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates.