Add types skeleton of coin selection and largestFirst algo implementation

[paweljakubas]

Issue Number

#92

Overview

• I have added coin selection proposal for coin selection and fee calculation

Comments

[akegalj]

size of tx in bytestring - how should one interpret this ?

[paweljakubas]

you are right, should be Bytes (memory unit), like in http://hackage.haskell.org/package/serokell-util-0.10.0/docs/src/Serokell.Data.Memory.Units.html#Byte

[paweljakubas]

I wonder if we are ok with using serokell-utils or better define Bytes ourselves?

[KtorZ]

It's okay to use libraries (from Serokell or anyone) when they are sound and solve an actual problem. Here, serokell-util isn't really sound nor useful for most of the types or functions it provides IMO.

Here, a size could just be a Quantity "byte" Word32 if you really want to disambiguate the type. Yet, I believe it's not needed to implement largest first 🤔 ?

[paweljakubas]

if it is not needed in the end I will definitely remove it. Otherwise, will rely on Quantity "byte" Word32

[paweljakubas]

just rebased to update the branch with master

[KtorZ]

Some good ideas in the test scenarios that would be better expressed as plain hand-written unit tests IMO;

[KtorZ]

what "redeemable" means here?

[KtorZ]

I wondered yesterday already, but what "redeemable" means in this context?

[paweljakubas]

there was a check in the legacy code https://github.com/input-output-hk/cardano-wallet-legacy/blob/develop/src/Cardano/Wallet/Kernel/CoinSelection/FromGeneric.hs#L292
Basically, checking if the address in transaction output is redeemable

[KtorZ]

Ah. Okay. I think we don't care here:

1/ We can't generate redeem address anyway
2/ If, through manual selection or whatever process we end up constructing a transaction to a redeem address, the node will reject it.

I am really not sure what's the rational is here 🤔 ...

[paweljakubas]

removed unneeded comment

[KtorZ]

I'd actually swap those two checks, such that, in case there's no UTxO available, it still returns a UTxOExhausted error (which we could rename to NotEnoughMoney basically? Don't you think? The utxo can be exhausted in two ways, as described in a comment, so perhaps, it's better to have this error reflecting this as well).

[KtorZ]

Also, I think that, those checks where done in the Nothing branch previously, such that they will only occur after the coin selection has been tried once. I think the rational was that successful calls to this function are more likely than error calls and thus, rather than doing those checks on every call, we simply do it in case of error and save some CPU cycles along the way.

[paweljakubas]

swapped the errors, checked it in unit tests, and changed the name of the error

[KtorZ]

This seems wrong? The new target should be based on the current target and not on the initial one?

[paweljakubas]

we have foldM atLeast utxos outputs and in the atLeast we process every output per go. And inside, we are looking which first coin from utxo (previously taken the biggest maxnumberofinputs of them and then taken from the smallest) can cover this target. To my best knowledge, the target within go (I changed inner loop that searches for this to pickTheFirst) my stay intact and the above expression does its job.

[KtorZ]

Hmmm... that isn't correct. The go may actually picks more than one UTxO (possibly depleting the whole list if there aren't enough to cover for the target), that's why it's an iterative approach.

The target starts being the txout's value. And then, after every pick, we makes it smaller by the amount of the corresponding UTxO entry we've picked, and iterate, until the target is covered. So, in the last branch, we should have:

targets' = target - fromIntegral (getCoin (coin out))

[paweljakubas]

ok, finally got it - corrected the algorithm and included boundary and exemplary cases in unit tests to show the implementation is right now

[KtorZ]

You could use a precondition for this using QuickCheck's (==>)

[paweljakubas]

👍

[KtorZ]

I am a puzzled by the properties here 🤔 ? What properties are we actually looking for? I think you're mis-using property testing here. The testing logic is almost as complex as the implementation itself which is a good sign that tests are maybe doing too much. A good indicator is the way you can express the property in prose, what means "works as expected" here, if you're checking for a property, then you should be able to express it.

I'd suggest the following approach:

• Reword these test cases into plain unit tests, where, given some inputs (that you can construct by hand, in a easy-to-read fashion), you obtain some expected output / behavior.

• Add some property-based tests for actual properties of that largest first heuristic, for instance, I can see a few properties that I'd expect on such function:

  • forall (UTxO, NonEmpty TxOut), running largest first twice one the same UTxO yields exactly the same result
  • forall (UTXO, NonEmpty TxOut), for all selected input, there's no bigger input in the UTxO that is not already in the selected inputs.
  • forall (UTxO, NonEmpty TxOut), there's at least as many selected inputs as there are requested outputs

So in practice, the properties are very short to express, and it's really about performing the coin selection, and then, verifying that the output satisfies some conditions. All properties above assume that there are enough inputs to cover for all of the NonEmpty TxOut, so likely, they'll need preconditions (which could just be isRight $ runExceptT $ largestFirst ... ==> ...)

[paweljakubas]

fair argument. Added unit tests already. Properties will be added in the next commit

[paweljakubas]

this one is I do not understand : forall (UTXO, NonEmpty TxOut), for all selected input, there's no bigger input in the UTxO that is not already in the selected inputs.

algo goes : we take maxNumberOfInputs biggest utxo entries, and then take from the smallest to cover transaction outputs taking from the smallest. It seems, but I may be wrong, that it contradicts ^^^

[paweljakubas]

I sticked to CoveringCase to run it quicker, as correct subset is significantly smaller to whole set of (Utxo, Empty TxOut) - that's my intuition to be verified

[KtorZ]

algo goes : we take maxNumberOfInputs biggest utxo entries,

Yes.

and then take from the smallest to cover transaction outputs taking from the smallest

No. We do cover biggest outputs first, and use the biggest inputs first to do so.

[paweljakubas]

right !!!

[paweljakubas]

added the property. in the lights of correct implementation it makes sense

[KtorZ]

Why is the list reversed here 🤔 ?

[paweljakubas]

we start to consume utxo from the smallest cut obtained by maximumNumberInputs (which takes those numbers of biggest utxos entries) . taken from : https://github.com/input-output-hk/cardano-wallet-legacy/blob/develop/src/Cardano/Wallet/Kernel/CoinSelection/FromGeneric.hs#L215

[KtorZ]

Nice.
What about passing all the arguments above in a record type (instead of having comments here), so that at the call-site, it becomes even more readable ?

[paweljakubas]

done

[paweljakubas]

this should be called cover probably to better reflect intent

[paweljakubas]

is there Expectation that is "True"/expectationSatisfied? why this checking? sometimes utxo is completely depleted after coin selection and minimum from [] does not make sense...maybe secure min with default 0...

[KtorZ]

Hmmm.. since you're in a Monad, you could use when or unless here (from Control.Monad)

[KtorZ]

Good tests. I haven't yet re-reviewed the implementation, as I wanted to put the emphasizes on the tests first.
Some remarks on the form and coding style however.

[KtorZ]

😅 ... the suggestion of introducing a record type earlier was to use the named fields exactly here!

            coinSelectionUnitTest UnitTestInput
                { maxNumOfInputs = 100
                , utxoInputs = [10,10,17]
                , txOutputs = 10 :| []
                , expectedResult = Right [17]
                }

This is where we get most of the readability (at the call-site) :)

[paweljakubas]

indeed, corrected

[KtorZ]

What's the added value for this case compare to the previous one 🤔 ?

[paweljakubas]

one is smaller than any input coin and the second is the biggest possible to cover by one input - it help me when checking algo impl

[KtorZ]

I'd suggest to remove "happy path result in successful selection", and just keep the second part 👍

[paweljakubas]

done

[KtorZ]

Good scenarios overall :+1

[KtorZ]

neat-picking but I'd just call that Fixture, because that's what it is.

[paweljakubas]

done

[KtorZ]

Hmmm.. since you're in a Monad, you could use when or unless here (from Control.Monad)

[KtorZ]

I'd suggest a different approach here to avoid having too much logic in the test:

• change the precondition to something like isRight . runExceptT . largestFirst .... In the end, that's really what the pre-condition is about here, checking that we can perform the coin selection! So, let's just perform it and assume that it's right. On small sets of value, it should be fast enough to not be too slow to evaluate with quickcheck.

[paweljakubas]

really do not know how to use properly isRight with runExceptT ... but when I use CoverCase then it is not need I bet...but drawback is that logic stays

[KtorZ]

perhaps slightly more than 2 ? What do you think ?

[paweljakubas]

now (1,10) and works quickly

[KtorZ]

Hmmm... we should have this either as a precondition or in the generator. Having it in both places is redundant. I'd be in favor of generating only valid CoveringCase, so checking only here once (previous comment about simplifying the precondition still applies though).

[paweljakubas]

I like it to have in generator, but when I would know how to put isRight in the property precondition I would remove suchThat and condCoinsCovering code. On the other case, I would need to make sure significant number of covering cases are tried => checkCoverage to be used

[paweljakubas]

Added this extensive comment how the largestFirst works - hope it will save time anyone trying to understand this algorithm. This along with tests should explain the matter in a comprehensible way

[KtorZ]

Nice :)

I'd even add either, before (c) or at the end of (b) that, each output is treated independently wit the heuristic described in (c).

[paweljakubas]

added

[KtorZ]

id continued -> is continued

[KtorZ]

The 5 lines above are strictly equivalent to

result `shouldBe`expected

The pattern-match is superfluous here.

[paweljakubas]

indeed!

[KtorZ]

IO isn't needed here, the constraint is too strong and I'd suggest to lower it down to Monad m

[paweljakubas]

right

[KtorZ]

There was no need for a MonadIO m => constraint here (was actually too strong), so I've replaced it with a Monad m =>

[paweljakubas]

👍

[KtorZ]

I'd move these (+ the corresponding local declarations above) into the Nothing -> branch, to avoid computing them on every run, but only when the selection failed.

[paweljakubas]

done

[KtorZ]

In general, I'd suggest to always prepend elements to lists when using recursion with a list accumulator, and in the terminal case, reverse the list. Because built-in lists in Haskell are linked-list, adding elements to the end of a list is costly, while prepending elements is O(1). Here, it probably doesn't matter much because inputs will remain rather small in practice; but still 😶

[paweljakubas]

done, and also updated tests for it

[KtorZ]

changed here the usage of MonadIO + shouldBe with just === & runIdentity; there's no need for full IO :)

[paweljakubas]

👍

[KtorZ]

So here I've required that selection is Right as a precondition because our property only matters for valid selections.

[paweljakubas]

beautiful 💯