chore: specialize Encodable/Decodable for bytes

[dpc]

Re #4111

Re rust-bitcoin/rust-bitcoin#2390

Due to Rust limitations, we can't have impls for both Vec<T> and Vec<u8>. Handling byte case in a generic way is potentially very inefficient, and we do use it in some places, thought it's hard to find all of them (and then prevent even more from being introduced).

The most appealing approach seems to be specializing that case using TypeId check and unsafe.

Cons:

• TypeId requires 'static bound
• unsafe (but small and easy to reason about)

Pros:

• zero cost (at runtime)
• works automatically everywhere
• no loss in ergonomics

Edit:

In idle just mprocs I can't tell if there's any performance difference.

[dpc]

This reminds me I need to port https://github.com/rust-bitcoin/rust-bitcoin/blob/e2b9555070d9357fb552e56085fb6fb3f0274560/bitcoin/src/consensus/encode.rs#L304 to Fedimint ...

[codecov]

Codecov Report

Attention: 3 lines in your changes are missing coverage. Please review.

Comparison is base (f7463d3) 58.10% compared to head (154b804) 58.11%.

Files	Patch %	Lines
fedimint-core/src/encoding/mod.rs	95.89%	3 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #4145   +/-   ##
=======================================
  Coverage   58.10%   58.11%           
=======================================
  Files         192      192           
  Lines       42981    43054   +73     
=======================================
+ Hits        24976    25020   +44     
- Misses      18005    18034   +29     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[elsirion]

In a not very scientific test this made running fedimint-dbtool dump 18% faster.

[elsirion]

This is a really cool pattern! 🤯

[elsirion]

This should only error on <64bit platforms, right?

[dpc]

This errors if trying to decode byte array larger than total theoretical virtual memory available for the process (which we wouldn't be able to allocate anyway).

[elsirion]

Right, but for all reasonable platforms these days u64==usize

[dpc]

In a not very scientific test this made running fedimint-dbtool dump 18% faster.

I'm happy to hear you were able to confirm this improves something. :D

[tcharding]

TypeId requires 'static bound

That is a pretty big con, right? In a real life program when would one decode static things? (Excuse my ignorance but the only 'static decodable things are static strings in tests, are they not?)

[dpc]

That is a pretty big con, right? In a real life program when would one decode static things? (Excuse my ignorance but the only 'static decodable things are static strings in tests, are they not?)

AFAIR T: 'static means "any references held by this type need to be of static lifetime. Doesn't seem like a big con. It would interefere with zero-copy de/serialization, I guess. I mean - con is a con. Fedimint not being a general purpose library, might be OK with it.

[maan2003]

#[inline(always)] to make array doesn't have to be copied

[maan2003]

wait you can't transmute Vec you have to go through {to, from}_raw methods

[maan2003]

see https://doc.rust-lang.org/nomicon/transmutes.html?highlight=Vec%20transmute#transmutes

[maan2003]

actually it is correct, because T is u8

[maan2003]

I think we can remove unsafe from this, using dyn Any api

[maan2003]

yes, I removed a lot of unsafe in 6ee8e87

but for &[T], rust complains about 'static

[maan2003]

we should impl for [T] instead of &[T]

[maan2003]

but using Any still doesn't work
because you can't do .downcast_ref::<[u8]>(), because downcast_ref needs Sized

[maan2003]

we could impl for Vec without unsafe, but not for Box<[u8]> or Arc, Rc

[Kixunil]

To shed more light on why 'static is required: Rust doesn't want to allow non-'static casting because it's not clear how type IDs should interact with lifetimes. Also while apparently there could be a safe downcasting function it's not expressible with current syntax (at least I think so):

fn downcast_ref<'a, T, U>(value:: &'a T) -> Option<&'a U> { /* ... */ }

There needs to be a bound requiring that T outlives U (assuming T and U are covariant) to ban this code:

fn do_stuff<T>(value: &T, s: &mut &'static str) {
    *s = *downcast_ref(value).unwrap();
}

But such bound is currently inexpressible.

This PR wold be sound even without the 'static bound because instead of a generic U it uses a compile time known type u8, which never has any references (this is not the same as 'static!) and thus always outlives itself. (So yes, having an imagined U: 'always_static bound above would work too but it'd still be more restrictive than necessary.) However there's no way to check if T is u8 because you can't obtain TypeId for non-'static T.

[dpc]

@Kixunil 100% matches my understanding.

BTW. If Rust had something like TypeId::get_static<T> -> Option<TypeID> then one could have a cake and eat it, no T: 'static would be required - it would just return None.

[dpc]

@maan2003 I don't see a reason to worry about wrapping this unsafe into anything. These are the only places where it seems worthwhile and it's already small, isolated and easy to check that it's correct.

[maan2003]

Agreed

[maan2003]

wow github doesn't like this pr, maybe we broke something

[dpc]

wow github doesn't like this pr, maybe we broke something

It already passed before the CI. It must be some flakiness on master.