-
Notifications
You must be signed in to change notification settings - Fork 4.5k
Cleanup RFCs on branch generation and leader rotation #1967
Cleanup RFCs on branch generation and leader rotation #1967
Conversation
a122fad
to
cd2408e
Compare
rfcs/0002-branch-generation.md
Outdated
|
||
Validators can ignore forks at other points (e.g. from the wrong leader), or slash the leader responsible for the fork. | ||
|
||
Validators vote based on a greedy choise to maximze their reward described in [branch selection](rfcs/0008-branch_selection.md). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
choice
rfcs/0002-branch-generation.md
Outdated
4. Leader packages transactions into entries based off its current PoH slot. | ||
5. Leader transmits the entries to validator nodes (in signed blobs) | ||
a. The PoH stream includes ticks; empty entries that indicate liveness of the leader and the passage of time on the network. | ||
b. A leader's stream begins with the tick entries necessary complete the PoH back to the leaders most recently observed prior leader period. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
period => slot everywhere?
2. Append them together. | ||
3. Hash the string for `N` counts via a similar process as PoH itself. | ||
4. The resulting hash is the random seed for `M` counts, `M` leader periods, where M > N | ||
1. Periodically at a specific `PoH tick count` use the tick count (simple monotonically increasing counter) as a seed to a stable psudo-random algorithm. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are we concerned that the leader schedule seeds are all pre-compute-able?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nevermind, answered below...
@@ -0,0 +1,76 @@ | |||
# Branch Generation | |||
|
|||
The goal of this RFC is to define how Solana generates branches. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Solana doesn't generate branches. And if "branches" are different than "forks", you'll want to explain that here.
rfcs/0002-branch-generation.md
Outdated
|
||
## Basic Design Idea | ||
|
||
Nodes take turns being leader and generating the PoH that encodes state changes. The network can tolerate loss of connection to any leader by synthesizing what the leader ***would have generated*** had it been connected but not ingesting any state changes. The complexity of forks is thereby limited to a "there/not-there" skip list of branches that may arise on leader rotation periods boundaries. A leader can only transmit durring their predefined PoH slot. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"complexity of forks .. list of branches" huh?
on a boundary or after?
A leader can transmit at any time, but it's transactions will only be accepted if they fall within the leader's slot.
|
||
## Message Flow | ||
|
||
1. Transactions are ingested at the current leader. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
at -> by
## Message Flow | ||
|
||
1. Transactions are ingested at the current leader. | ||
2. Leader filters for valid transactions. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no need for "for" here
|
||
1. Transactions are ingested at the current leader. | ||
2. Leader filters for valid transactions. | ||
3. Leader executes valid transactions on its state. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"on its state" -> ", updating its state."
@@ -1,104 +1,29 @@ | |||
# Leader Rotation | |||
|
|||
The goal of this RFC is to define how leader nodes are rotated in Solana, how rotation may cause forks to arise, and how the converges | |||
in response. | |||
The goal of this RFC is to define how leader nodes are rotated in Solana. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
More precisely, it's to define how fullnodes rotate in taking the leader role.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@garious why not leaders? a leader doesn't need to be a full node per se.
2. Append them together. | ||
3. Hash the string for `N` counts via a similar process as PoH itself. | ||
4. The resulting hash is the random seed for `M` counts, `M` leader periods, where M > N | ||
1. Periodically at a specific `PoH tick count` use the tick count (simple monotonically increasing counter) as a seed to a stable psudo-random algorithm. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pseudo
3. Hash the string for `N` counts via a similar process as PoH itself. | ||
4. The resulting hash is the random seed for `M` counts, `M` leader periods, where M > N | ||
1. Periodically at a specific `PoH tick count` use the tick count (simple monotonically increasing counter) as a seed to a stable psudo-random algorithm. | ||
2. At that height, compute all the currently staked accounts and their assigned leader identities and weights. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This sentence doesn't make sense to me.
2. At that height, compute all the currently staked accounts and their assigned leader identities and weights. | ||
3. Sort them by stake weight. | ||
4. Using the random seed select nodes weighted by stake to create a stake weighted ordering. | ||
5. This ordering becomes valid in `N` `PoH tick counts`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That doesn't seem right. Seems like it ought to be something like N counts after the start of the slot.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the leader schedule needs to be available for a good while before it comes into effect to reduce forking that might arise because schedules themselves have forked
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ideally, I'd want to see leader schedules available no later than 32 slots before they come into effect...
V |----| | | | | | | | | vote(E(L4)) | ||
V | L5 | xx xx xx E(L5) xx xx xx xx | ||
V +----+ hang on to E(L4) and E(L5) for more... | ||
The seed that is selected is predictable but unbiasable. There is no grinding attack to influence its outcome. The set of **staked accounts** and their leader identities is computed over a large period, which is our approach to censorship resistance of the staking set. If at least 1 leader in the schedule is not censoring staking transactions then over a long period of time that leader can ensure that the set of active nodes is not censored. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"our approach to censorship resistance" -> "is used to resist censorship". Also, how? Alternatively say that's out of the scope of this document.
Also, typos in the last sentence. Two missing commas and "is" should be "are".
That last sentence should either be dropped (out of scope) or expanded on a bunch.
@aeyakovenko, why was this merged? |
Finalize the stake pool struct for when a lockup will eventually be present.
* extract clock crate * update clock usage in solana-program * fmt * fmt after rebase * update lock file after rebase * fmt after rebase * fmt after rebase * fmt * make serde optional in solana-clock * fix description Co-authored-by: Jon C <me@jonc.dev> * fix docs link Co-authored-by: Jon C <me@jonc.dev> * fix accidental deletions from workspace members table --------- Co-authored-by: Jon C <me@jonc.dev>
* extract clock crate * update clock usage in solana-program * fmt * fmt after rebase * update lock file after rebase * fmt after rebase * fmt after rebase * fmt * make serde optional in solana-clock * fix description Co-authored-by: Jon C <me@jonc.dev> * fix docs link Co-authored-by: Jon C <me@jonc.dev> * fix accidental deletions from workspace members table --------- Co-authored-by: Jon C <me@jonc.dev>
Problem
RFCs for consensus and leader rotation are incomplete and confusing.
Summary of Changes
RFCs for leader selection and branch generation. TBD: rfc for branch selection
Fixes #1924