context: remove verifier & trust node #6805
Conversation
|
This pull request introduces 1 alert when merging 5fa4e4b into 6e7ce48 - view on LGTM.com new alerts:
|
Codecov Report
@@ Coverage Diff @@
## master #6805 +/- ##
==========================================
+ Coverage 61.27% 61.42% +0.14%
==========================================
Files 510 509 -1
Lines 31555 31457 -98
==========================================
- Hits 19334 19321 -13
+ Misses 10720 10637 -83
+ Partials 1501 1499 -2 |
tac0turtle
requested review from
aaronc,
alessio,
alexanderbez,
clevinson,
fedekunze and
jgimeno
as code owners
There was a problem hiding this comment.
Thanks @marbar3778! Left a few minor comments. Should we also create an issue for how we plan to tackle the light client?
alexanderbez
added
the
A:automerge
| @@ -103,18 +99,12 @@ func (ctx Context) queryABCI(req abci.RequestQuery) (abci.ResponseQuery, error) | |||
| return result.Response, nil | |||
| } | |||
|
|
|||
| if err = ctx.verifyProof(req.Path, result.Response); err != nil { | |||
There was a problem hiding this comment.
so proofs are not verified anymore? I don't think this is desirable
There was a problem hiding this comment.
the lite.verifier is no longer present in tendermint. These methods are no longer useable. the light client can verify, isnt that what is needed by IBC?
There was a problem hiding this comment.
The context is still using tendermint/lite/proxy - I don't know if that's up to date or not
There was a problem hiding this comment.
If I'm understanding this correctly, this removes verification of the proof of the internal query returned from a sdk application process to the querying client. This is technically fine because these queried results shouldn't be used to execute any state. If one is updating state they should be using the light client not this verifier.
Maybe we should update documentation to explain this?
There was a problem hiding this comment.
Is the verification just being pushed downstream to the light client? Can one query through the light client?
There was a problem hiding this comment.
From my understanding, this is used if the query is being executed against a distrusted node.
I will go through the docs and update the removal of this feature. In the future, I believe operators that do not wish to run a full node will be able to run a light client if they would like verification. This can be done in 0.40.x as it should not introduce any breaking changes
There was a problem hiding this comment.
Is the verification just being pushed downstream to the light client? Can one query through the light client?
there is no notion of running a light client in the Cosmos-SDK from my limited knowledge.
There was a problem hiding this comment.
gotcha, so basically
- trust no one -> full node
- trust someone -> light client
- trust many folk -> use a service
There was a problem hiding this comment.
gotcha, so basically
trust no one -> full node
trust someone -> light client
trust many folk -> use a service
ok this makes sense then
There was a problem hiding this comment.
note that the binary (full-node) will connect and serve queries through itself by default and not need to prove anything. If you override this behavior by specifying --node=... when you do a query, then you'll need to potentially verify the proof. To do this, you'll need a light client.
Honestly, I'm not sure about the UX. We can leave the --node flag, but then maybe we provide a warning log that you cannot trust nodes in this case and that you should start a light client.
tac0turtle
removed
the
A:automerge
|
removed automerge, there is still work to be done in docs |
tac0turtle
added
the
A:automerge
Description
This Pr removes trust node and verifier. This is preparation for tendermint 0.34. These methods and flow of logic is not present any longer. This is up for discussion on how to be handled. I have a issue for incorporating the light client into the sdk here: #6563
closes: #XXXX
Before we can merge this PR, please make sure that all the following items have been
checked off. If any of the checklist items are not applicable, please leave them but
write a little note why.
docs/) or specification (x/<module>/spec/)godoccomments.Unreleasedsection inCHANGELOG.mdFiles changedin the Github PR explorerCodecov Reportin the comment section below once CI passes