assumeutxo: fail early if snapshot block hash doesn't match AssumeUTXO parameters #28652
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
|
Wasn't the goal to make the RPC async, in which case the wait loop can be replaced with an immediate error? This would also avoid having to duplicate error checks in the RPC, as well as the Activate function? |
Yes, I think that's one of the long-term plans: #28620. It seems that currently no-one is working on that though and even if, it's likely too late to include it into the upcoming release v26 anyway. This PR is based on the assumption that the |
src/rpc/blockchain.cpp
Outdated
| @@ -2751,6 +2751,10 @@ static RPCHelpMan loadtxoutset() | |||
| afile >> metadata; | |||
|
|
|||
| uint256 base_blockhash = metadata.m_base_blockhash; | |||
| if (!Params().AssumeutxoForBlockhash(base_blockhash).has_value()) { | |||
There was a problem hiding this comment.
nit: Use chainman to get the params, instead of using the global?
There was a problem hiding this comment.
Thanks, done. Intentionally moved the chainman definition up more than needed (right after node) to fail early in the (hypothetical?) case that there's no chainman.
theStack
force-pushed
the
202310-assumeutxo-fail_early_if_blockhash_not_in_params
branch
from
164273c
to
9620cb4
Compare
There was a problem hiding this comment.
Code review ACK 9620cb4. This should fix an annoyance and bad UX.
It would be possible to deduplicate the checks in the loadtxoutset function and ActivateSnapshot without making the RPC async by splitting ActivateSnapshot up and returning util::Result as suggested #27596 (comment). But the current PR seems like a simple improvement for now.
|
lgtm ACK 9620cb4 |
DrahtBot
requested review from
pablomartin4btc
and removed request for
pablomartin4btc
There was a problem hiding this comment.
tACK 9620cb4
error ouput with a file which size >= 40 bytes (size of SnapshotMetadata)
./src/bitcoin-cli -datadir=${AU_DATADIR} loadtxoutset ${AU_DATADIR}/utxo-111.dat
error code: -32603
error message:
Unable to load UTXO snapshot, assumeutxo block hash in snapshot metadata not recognized (3634353634363536363435363436353636343536343635363634353634363536)
error ouput with a file which size < 40 bytes (not enough to fit SnapshotMetadata structure)
./src/bitcoin-cli -datadir=${AU_DATADIR} loadtxoutset ${AU_DATADIR}/utxo-111.dat
error code: -1
error message:
AutoFile::read: end of file: iostream error
I left a suggestion to handle iostream error when utxo file size is less than 40 bytes.
| @@ -2751,14 +2752,16 @@ static RPCHelpMan loadtxoutset() | |||
| afile >> metadata; | |||
There was a problem hiding this comment.
Since we are touching this file I think we could improved the iostream error that's thrown when the file size is less than 40 bytes.
| afile >> metadata; | |
| // Check if the file size is at least as large as the expected size of SnapshotMetadata | |
| if (afile.size() < sizeof(SnapshotMetadata)) { | |
| throw JSONRPCError(RPC_INTERNAL_ERROR, strprintf("Unable to load UTXO snapshot, " | |
| "file size is invalid"); | |
| } | |
| afile >> metadata; | |
|
Since this adds the test for a bad hash, that Todo should be removed from the list at the top of |
This PR doesn't add a new test; the "bad hash" TODO (which refers to the UTXO set hash, not the block hash in the metadata, as far as I understand) is tackled in #28647. |
No, I'd say it is still up for grabs: #28647 (comment) |
theStack
deleted the
202310-assumeutxo-fail_early_if_blockhash_not_in_params
branch
Sorry, I actually meant the block hash one, just misspelled/confused: |
I implemented a (partial) fix for #28620 , you might want to take a look. |
…esn't match AssumeUTXO parameters
Right now the
loadtxoutsetRPC call treats literally all files with a minimum size of 40 bytes (=size of metadata) as potential valid snapshot candidates and the waiting loop for seeing the metadata block hash in the headers chain is always entered, e.g.:There is no point in doing any further action though if we already know from the start that the UTXO snapshot loading won't be successful. This PR adds an assumeutxo parameter check immediately after the metadata is read in, so we can fail immediately on a mismatch:
This way, users who mistakenly try to load files that are not snapshots don't have to wait 10 minutes (=the block header waiting timeout) anymore to get a negative response. If a file is loaded which is a valid snapshot (referencing to an existing block hash), but one which doesn't match the parameters, the feedback is also faster, as we don't have to wait anymore to see the hash in the headers chain before getting an error.
This is also partially fixes #28621.