contracts: update root cache upon renewal #389
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR updates the root cache in the
ContractManager
when a contract gets renewed, essentially copying over the roots from existing to renewal. I'm keeping this as aDRAFT
@n8maninger because it's merely to illustrate the problem, the real fix is (likely) something else entirely and this will also need a thorough regression test. I don't mind taking a stab at it but I felt this is probably something that you will want to write the fix for yourself.Context:
In
renterd
we have a test calledTestUploadDownloadSpending
that fails locally withAppendSector: proof verification failed
on the branchpj/subscription-api
. The reason it fails is becausehostd
builds the proof of a recently renewed contract without sector roots. I sprinkled some logging in the host's contract manager and also the proof code in core and found that we seem to update the database just fine on renewal but the next time the contract updater fetches the roots from the store it returns 0 roots. Causing the host to try and build a proof wheresecRoots
is empty causing it to fail when verifying. I considered the possibility that something was removing those roots but I added panics in alldelete
andtrim
methods and those aren't hit during the test.Couple of things I find especially odd/interesting is that it passes on CI, so somehow this is a race condition, and also if we really consider the contract to be empty after renewal, even for a short period of time, this would wreak some serious havoc on production so it's probably somehow not that big of an issue or a really small window or something.