This repository has been archived by the owner on Nov 2, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathsupervisor.rs
423 lines (361 loc) · 14.7 KB
/
supervisor.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
//! Supervisor and Handle implementation.
use crossbeam_channel as channel;
use tendermint::evidence::{ConflictingHeadersEvidence, Evidence};
use crate::bail;
use crate::errors::{Error, ErrorKind};
use crate::evidence::EvidenceReporter;
use crate::fork_detector::{Fork, ForkDetection, ForkDetector};
use crate::light_client::LightClient;
use crate::peer_list::PeerList;
use crate::state::State;
use crate::types::{Height, LatestStatus, LightBlock, PeerId, Status};
/// Provides an interface to the supervisor for use in downstream code.
pub trait Handle: Send + Sync {
/// Get latest trusted block.
fn latest_trusted(&self) -> Result<Option<LightBlock>, Error>;
/// Get the latest status.
fn latest_status(&self) -> Result<LatestStatus, Error>;
/// Verify to the highest block.
fn verify_to_highest(&self) -> Result<LightBlock, Error>;
/// Verify to the block at the given height.
fn verify_to_target(&self, _height: Height) -> Result<LightBlock, Error>;
/// Terminate the underlying [`Supervisor`].
fn terminate(&self) -> Result<(), Error>;
}
/// Input events sent by the [`Handle`]s to the [`Supervisor`]. They carry a [`Callback`] which is
/// used to communicate back the responses of the requests.
#[derive(Debug)]
enum HandleInput {
/// Terminate the supervisor process
Terminate(channel::Sender<()>),
/// Verify to the highest height, call the provided callback with result
VerifyToHighest(channel::Sender<Result<LightBlock, Error>>),
/// Verify to the given height, call the provided callback with result
VerifyToTarget(Height, channel::Sender<Result<LightBlock, Error>>),
/// Get the latest trusted block.
LatestTrusted(channel::Sender<Option<LightBlock>>),
/// Get the current status of the LightClient
GetStatus(channel::Sender<LatestStatus>),
}
/// A light client `Instance` packages a `LightClient` together with its `State`.
#[derive(Debug)]
pub struct Instance {
/// The light client for this instance
pub light_client: LightClient,
/// The state of the light client for this instance
pub state: State,
}
impl Instance {
/// Constructs a new instance from the given light client and its state.
pub fn new(light_client: LightClient, state: State) -> Self {
Self {
light_client,
state,
}
}
/// Get the latest trusted block.
pub fn latest_trusted(&self) -> Option<LightBlock> {
self.state.light_store.latest(Status::Trusted)
}
/// Trust the given block.
pub fn trust_block(&mut self, lb: &LightBlock) {
self.state.light_store.update(lb, Status::Trusted);
}
}
/// The supervisor manages multiple light client instances, of which one
/// is deemed to be the primary instance through which blocks are retrieved
/// and verified. The other instances are considered as witnesses
/// which are consulted to perform fork detection.
///
/// If primary verification fails, the primary client is removed and a witness
/// is promoted to primary. If a witness is deemed faulty, then the witness is
/// removed.
///
/// The supervisor is intended to be ran in its own thread, and queried
/// via a `Handle`.
///
/// ## Example
///
/// ```rust,ignore
/// let mut supervisor: Supervisor = todo!();
/// let mut handle = supervisor.handle();
///
/// // Spawn the supervisor in its own thread.
/// std::thread::spawn(|| supervisor.run());
///
/// loop {
/// // Asynchronously query the supervisor via a handle
/// let maybe_block = handle.verify_to_highest();
/// match maybe_block {
/// Ok(light_block) => {
/// println!("[info] synced to block {}", light_block.height());
/// }
/// Err(e) => {
/// println!("[error] sync failed: {}", e);
/// }
/// };
///
/// std::thread::sleep(Duration::from_millis(800));
/// }
/// ```
pub struct Supervisor {
/// List of peers and their instances (primary, witnesses, full and faulty nodes)
peers: PeerList<Instance>,
/// An instance of the fork detector
fork_detector: Box<dyn ForkDetector>,
/// Reporter of fork evidence
evidence_reporter: Box<dyn EvidenceReporter>,
/// Channel through which to reply to `Handle`s
sender: channel::Sender<HandleInput>,
/// Channel through which to receive events from the `Handle`s
receiver: channel::Receiver<HandleInput>,
}
impl std::fmt::Debug for Supervisor {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
f.debug_struct("Supervisor")
.field("peers", &self.peers)
.finish()
}
}
// Ensure the `Supervisor` can be sent across thread boundaries.
static_assertions::assert_impl_all!(Supervisor: Send);
impl Supervisor {
/// Constructs a new supevisor from the given list of peers and fork detector instance.
pub fn new(
peers: PeerList<Instance>,
fork_detector: impl ForkDetector + 'static,
evidence_reporter: impl EvidenceReporter + 'static,
) -> Self {
let (sender, receiver) = channel::unbounded::<HandleInput>();
Self {
peers,
sender,
receiver,
fork_detector: Box::new(fork_detector),
evidence_reporter: Box::new(evidence_reporter),
}
}
/// Create a new handle to this supervisor.
pub fn handle(&self) -> SupervisorHandle {
SupervisorHandle::new(self.sender.clone())
}
/// Get the latest trusted state of the primary peer, if any
pub fn latest_trusted(&self) -> Option<LightBlock> {
self.peers.primary().latest_trusted()
}
/// Verify to the highest block.
pub fn verify_to_highest(&mut self) -> Result<LightBlock, Error> {
self.verify(None)
}
/// Return latest trusted status summary.
fn latest_status(&mut self) -> LatestStatus {
let latest_trusted = self.peers.primary().latest_trusted();
let mut connected_nodes: Vec<PeerId> = Vec::new();
connected_nodes.push(self.peers.primary_id());
connected_nodes.append(&mut self.peers.witnesses_ids().iter().copied().collect());
match latest_trusted {
Some(trusted) => LatestStatus::new(
Some(trusted.signed_header.header.height.value()),
Some(trusted.signed_header.header.hash()),
Some(trusted.next_validators.hash()),
connected_nodes,
),
// only return connected nodes to see what is going on:
None => LatestStatus::new(None, None, None, connected_nodes),
}
}
/// Verify to the block at the given height.
pub fn verify_to_target(&mut self, height: Height) -> Result<LightBlock, Error> {
self.verify(Some(height))
}
/// Verify either to the latest block (if `height == None`) or to a given block (if `height ==
/// Some(height)`).
fn verify(&mut self, height: Option<Height>) -> Result<LightBlock, Error> {
let primary = self.peers.primary_mut();
// Perform light client core verification for the given height (or highest).
let verdict = match height {
None => primary.light_client.verify_to_highest(&mut primary.state),
Some(height) => primary
.light_client
.verify_to_target(height, &mut primary.state),
};
match verdict {
// Verification succeeded, let's perform fork detection
Ok(verified_block) => {
let trusted_block = primary
.latest_trusted()
.ok_or(ErrorKind::NoTrustedState(Status::Trusted))?;
// Perform fork detection with the highest verified block and the trusted block.
let outcome = self.detect_forks(&verified_block, &trusted_block)?;
match outcome {
// There was a fork or a faulty peer
ForkDetection::Detected(forks) => {
let forked = self.process_forks(forks)?;
if !forked.is_empty() {
// Fork detected, exiting
bail!(ErrorKind::ForkDetected(forked))
}
// If there were no hard forks, perform verification again
self.verify(height)
}
ForkDetection::NotDetected => {
// We need to re-ask for the primary here as the compiler
// is not smart enough to realize that we do not mutate
// the `primary` field of `PeerList` between the initial
// borrow of the primary and here (can't blame it, it's
// not that obvious).
self.peers.primary_mut().trust_block(&verified_block);
// No fork detected, exiting
Ok(verified_block)
}
}
}
// Verification failed
Err(err) => {
// Swap primary, and continue with new primary, if there is any witness left.
self.peers.replace_faulty_primary(Some(err))?;
self.verify(height)
}
}
}
fn process_forks(&mut self, forks: Vec<Fork>) -> Result<Vec<PeerId>, Error> {
let mut forked = Vec::with_capacity(forks.len());
for fork in forks {
match fork {
// An actual fork was detected, report evidence and record forked peer.
// TODO: also report to primary
Fork::Forked { primary, witness } => {
let provider = witness.provider;
self.report_evidence(provider, &primary, &witness)?;
forked.push(provider);
}
// A witness has timed out, remove it from the peer list.
Fork::Timeout(provider, _error) => {
self.peers.replace_faulty_witness(provider);
// TODO: Log/record the error
}
// A witness has been deemed faulty, remove it from the peer list.
Fork::Faulty(block, _error) => {
self.peers.replace_faulty_witness(block.provider);
// TODO: Log/record the error
}
}
}
Ok(forked)
}
/// Report the given evidence of a fork.
fn report_evidence(
&mut self,
provider: PeerId,
primary: &LightBlock,
witness: &LightBlock,
) -> Result<(), Error> {
let evidence = ConflictingHeadersEvidence::new(
primary.signed_header.clone(),
witness.signed_header.clone(),
);
self.evidence_reporter
.report(Evidence::ConflictingHeaders(Box::new(evidence)), provider)
.map_err(ErrorKind::Io)?;
Ok(())
}
/// Perform fork detection with the given verified block and trusted block.
fn detect_forks(
&self,
verified_block: &LightBlock,
trusted_block: &LightBlock,
) -> Result<ForkDetection, Error> {
if self.peers.witnesses_ids().is_empty() {
bail!(ErrorKind::NoWitnesses);
}
let witnesses = self
.peers
.witnesses_ids()
.iter()
.filter_map(|id| self.peers.get(id))
.collect();
self.fork_detector
.detect_forks(verified_block, &trusted_block, witnesses)
}
/// Run the supervisor event loop in the same thread.
///
/// This method should typically be called within a new thread with `std::thread::spawn`.
pub fn run(mut self) -> Result<(), Error> {
loop {
let event = self.receiver.recv().map_err(ErrorKind::from)?;
match event {
HandleInput::LatestTrusted(sender) => {
let outcome = self.latest_trusted();
sender.send(outcome).map_err(ErrorKind::from)?;
}
HandleInput::Terminate(sender) => {
sender.send(()).map_err(ErrorKind::from)?;
return Ok(());
}
HandleInput::VerifyToTarget(height, sender) => {
let outcome = self.verify_to_target(height);
sender.send(outcome).map_err(ErrorKind::from)?;
}
HandleInput::VerifyToHighest(sender) => {
let outcome = self.verify_to_highest();
sender.send(outcome).map_err(ErrorKind::from)?;
}
HandleInput::GetStatus(sender) => {
let outcome = self.latest_status();
sender.send(outcome).map_err(ErrorKind::from)?;
}
}
}
}
}
/// A [`Handle`] to the [`Supervisor`] which allows to communicate with
/// the supervisor across thread boundaries via message passing.
#[derive(Clone)]
pub struct SupervisorHandle {
sender: channel::Sender<HandleInput>,
}
impl SupervisorHandle {
/// Crate a new handle that sends events to the supervisor via
/// the given channel. For internal use only.
fn new(sender: channel::Sender<HandleInput>) -> Self {
Self { sender }
}
fn verify(
&self,
make_event: impl FnOnce(channel::Sender<Result<LightBlock, Error>>) -> HandleInput,
) -> Result<LightBlock, Error> {
let (sender, receiver) = channel::bounded::<Result<LightBlock, Error>>(1);
let event = make_event(sender);
self.sender.send(event).map_err(ErrorKind::from)?;
receiver.recv().map_err(ErrorKind::from)?
}
}
impl Handle for SupervisorHandle {
fn latest_trusted(&self) -> Result<Option<LightBlock>, Error> {
let (sender, receiver) = channel::bounded::<Option<LightBlock>>(1);
self.sender
.send(HandleInput::LatestTrusted(sender))
.map_err(ErrorKind::from)?;
Ok(receiver.recv().map_err(ErrorKind::from)?)
}
fn latest_status(&self) -> Result<LatestStatus, Error> {
let (sender, receiver) = channel::bounded::<LatestStatus>(1);
self.sender
.send(HandleInput::GetStatus(sender))
.map_err(ErrorKind::from)?;
Ok(receiver.recv().map_err(ErrorKind::from)?)
}
fn verify_to_highest(&self) -> Result<LightBlock, Error> {
self.verify(HandleInput::VerifyToHighest)
}
fn verify_to_target(&self, height: Height) -> Result<LightBlock, Error> {
self.verify(|sender| HandleInput::VerifyToTarget(height, sender))
}
fn terminate(&self) -> Result<(), Error> {
let (sender, receiver) = channel::bounded::<()>(1);
self.sender
.send(HandleInput::Terminate(sender))
.map_err(ErrorKind::from)?;
Ok(receiver.recv().map_err(ErrorKind::from)?)
}
}