Skip to content

*: lock supporting grace period #4226

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
obol-bulldozer merged 3 commits into from
Jan 20, 2026
Merged

*: lock supporting grace period #4226

obol-bulldozer merged 3 commits into from
Jan 20, 2026

Conversation

@pinebit
Copy link
Collaborator

@pinebit pinebit commented Jan 15, 2026
edited
Loading

Add cluster lock hash validation to privkey lock file

Enhances the private key lock mechanism to prevent race conditions during cluster configuration changes.

Changes

  • Track cluster_lock_hash in the privkey lock file metadata
  • Introduce 2-epoch grace period (768s) after cluster edits before allowing restart with new configuration
  • Update privkeylock.New() signature to accept cluster lock file path
  • Handle missing cluster lock files gracefully (for DKG scenarios)
  • Skip grace period check for migrations from old format (empty hash)
  • Edit commands copying the lock file, if present.

Why

After cluster edits (adding/removing operators), validators shouldn't immediately start with the new configuration. The grace period ensures:

  • Old configuration finishes duties gracefully
  • Network has time to finalize pending attestations
  • Prevents double-signing between old/new configurations

category: feature
ticket: #4200

@codecov
Copy link

codecov bot commented Jan 15, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 74.50980% with 13 lines in your changes missing coverage. Please review.
✅ Project coverage is 56.91%. Comparing base (941bb21) to head (88ad0a0).
⚠️ Report is 6 commits behind head on main.

Files with missing lines Patch % Lines
app/privkeylock/privkeylock.go 76.74% 5 Missing and 5 partials ⚠️
dkg/protocolsteps.go 50.00% 1 Missing and 1 partial ⚠️
app/app.go 0.00% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4226      +/-   ##
==========================================
- Coverage   56.96%   56.91%   -0.06%     
==========================================
  Files         237      237              
  Lines       30688    30857     +169     
==========================================
+ Hits        17482    17562      +80     
- Misses      10976    11057      +81     
- Partials     2230     2238       +8

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@pinebit pinebit marked this pull request as ready for review January 16, 2026 10:33
KaloyanTanev
KaloyanTanev approved these changes Jan 16, 2026
View reviewed changes
OisinKyne
OisinKyne reviewed Jan 19, 2026
View reviewed changes
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 19, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@KaloyanTanev KaloyanTanev added the merge when ready Indicates bulldozer bot may merge when all checks pass label Jan 20, 2026
@obol-bulldozer obol-bulldozer bot merged commit fcb8c34 into main Jan 20, 2026
11 of 12 checks passed
@obol-bulldozer obol-bulldozer bot deleted the pinebit/lock-grace-period branch January 20, 2026 14:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@OisinKyne OisinKyne OisinKyne left review comments

@KaloyanTanev KaloyanTanev KaloyanTanev approved these changes

@DiogoSantoss DiogoSantoss Awaiting requested review from DiogoSantoss

Assignees

No one assigned

Labels

merge when ready Indicates bulldozer bot may merge when all checks pass

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pinebit @OisinKyne @KaloyanTanev