Update batch logic to only store+hash the manifest

[peterbroadhurst]

Resolves #506

A few notes on the implementation.

Improvements related to performance:

• The hash on a batch is now just a hash of the manifest, rather than the full payload
  • tx was added to the manifest to include in the hash
• The database object for a batch is now the manifest
• The manifest has been updated to include everything the batch aggregator needs to find pins
  • A count of the topics were needed for this
• We now have a cache for messages + all data associated with a message

Improvements related to debug:

• Added to-string helpers to definition batch actions, and log the results
• Added a GET /status/pins collection to peekinside the pins status

Migration:

• The code copes with a persisted batch of the old type stored in the DB
  • Version in manifest used to distinguish this, and provide future extensibility
• The code copes with processing a batch that has a payload hash, rather than a manifest hash
  • To handle late-join/re-sync to a network processing old broadcasts

Potential follow-on work:

• Update the code in add fetchreferences param to events api #587 to use the message cache
• Add a batch cache - to help the aggregator logic when managing pins
• Add a transaction cache - to help add fetchreferences param to events api #587 event enrichment
• Trawl for any remaining GetMessageByID calls

Message/data cache implementation notes

Messages have fields that are mutable, in two categories

1. Can change multiple times like state - you cannot rely on the cache for these
2. Can go from being un-set, to being set, and once set are immutable.

For (2) the cache provides a set of CacheReadOption modifiers that makes it safe to query the cache, even if the cache we slow to update asynchronously (active/active cluster being the ultimate example here, but from code inspection this is possible in the current cache).

If you use CRORequestBatchID then the cache will return a miss, if there is no BatchID set.

If you use CRORequirePins then the cache will return a miss, if the number of pins does not match the number of topics in the message.

[awrichar]

This is the operative decision for #568 - I'm still wondering if it's possible for the public reference to be removed from the batch hash altogether. Perhaps it could be stored on the Blob instead of on the BlobRef?

[awrichar]

It's mainly odd that private blob transfer happens after batch sealing, but public blob transfer must happen before batch sealing in order to include the IPFS ref. Seems like they should happen in the same order regardless.

When a node receives an IPFS ref, it does do some checking of the fetched contents to verify they match the blob hash before recording the blob as received. The question is whether this is "good enough" to say we can send IPFS refs without including them in the batch's hash proof.

[peterbroadhurst]

Seems like they should happen in the same order regardless.

While I agree the discrepancy is annoying - I do not think this is possible, as IPFS does not have a "messaging" capability. It's just a storage system. So the blockchain has to be the messaging system in this case.

[codecov-commenter]

Codecov Report

Merging #582 (8952a4f) into main (e7c080f) will not change coverage.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##              main      #582    +/-   ##
==========================================
  Coverage   100.00%   100.00%            
==========================================
  Files          304       304            
  Lines        17544     17801   +257     
==========================================
+ Hits         17544     17801   +257     

Impacted Files	Coverage Δ
internal/orchestrator/orchestrator.go	100.00% <ø> (ø)
internal/apiserver/route_get_batch_by_id.go	100.00% <100.00%> (ø)
internal/apiserver/route_get_batches.go	100.00% <100.00%> (ø)
internal/apiserver/route_get_data.go	100.00% <100.00%> (ø)
internal/apiserver/route_get_msg_data.go	100.00% <100.00%> (ø)
internal/apiserver/route_get_status_pins.go	100.00% <100.00%> (ø)
internal/batch/batch_manager.go	100.00% <100.00%> (ø)
internal/batch/batch_processor.go	100.00% <100.00%> (ø)
internal/batchpin/batchpin.go	100.00% <100.00%> (ø)
internal/batchpin/operations.go	100.00% <100.00%> (ø)
... and 37 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e7c080f...8952a4f. Read the comment docs.

[awrichar]

Why are these under status? Doesn't feel entirely like a "status" object to me since it's just a collection listing... I guess the alternative would be a root endpoint though. Open to anything really, just wanted to call it out.

[peterbroadhurst]

We could put them at the root, if we wanted to explain them in more detail as a first class object.
My thinking here was they are an internal read-only view of the state for problem diagnosis. Understand it's not perfect, and happy to discuss more.

[peterbroadhurst]

Shall be merging through the chain with this here, but with an open-ness to move it in a future commit

[awrichar]

Want to make sure it's OK that we update the batchID in the cache before we write the batchID to the database itself (ie in case we somehow fail to update the database)... I think it's OK and we would come back around and try to write the same batchID on the second try. Just wanted to put a note because I was staring at this for a bit.

[peterbroadhurst]

Yep, the only way to avoid this would be to push all of the cache updating (in all cases) to post-commit actions.
I convinced myself that wasn't required, but happy to discuss more.

[awrichar]

Should this be higher than debug? Is this an expected situation?

[peterbroadhurst]

The architecture prior to this code change allows it.
e.g. you could send some data to a party, then send a message referring to that data, without sending that data again.

[peterbroadhurst]

A specific example would be a broadcast, followed by a private message.

[awrichar]

This is going to be overwritten by addBatchSendInputs below

[peterbroadhurst]

Sorry, think this was a merge error

[awrichar]

Looks good - marking approved, although I did leave a few comments inline that are worth a look before you decide to merge.