Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow disabling header verification by setting trusted_node = true in the chain config #3328

Merged
merged 10 commits into from
May 22, 2023
Merged

Allow disabling header verification by setting trusted_node = true in the chain config #3328

merged 10 commits into from
May 22, 2023

Conversation

romac
Copy link
Member

@romac romac commented May 12, 2023
edited

Closes: #3330

Description

PR author checklist:

  • Added changelog entry, using unclog.
  • Added tests: integration (for Hermes) or unit/mock tests (for modules).
  • Linked to GitHub issue.
  • Updated code comments and documentation (e.g., docs/).
  • Tagged one reviewer who will be the one responsible for shepherding this PR.

Reviewer checklist:

  • Reviewed Files changed in the GitHub PR explorer.
  • Manually tested (in case integration/unit/mock tests are absent).

@romac romac requested a review from ancazamfir May 15, 2023 11:54
@romac romac marked this pull request as ready for review May 15, 2023 11:57
ancazamfir
ancazamfir approved these changes May 19, 2023
View reviewed changes
Copy link
Collaborator

@ancazamfir ancazamfir left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Left some minor suggestions.

config.toml Outdated
Comment on lines 135 to 138
# Enable verification of headers including in `ClientUpdate` message using the light client.
# Default: true
verify_headers = true

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe mention this is experimental. Also maybe:

Suggested change
# Enable verification of headers including in `ClientUpdate` message using the light client.
# Default: true
verify_headers = true
# Whether or not the full node is trusted.
# If not trusted it enables verification of headers including in `ClientUpdate` message using the light client.
# Note: If the full node is configured as trusted then in addition to headers not being verified, the verification traces will not be provided. This may cause failure in client updates after significant change in validator sets.
# Default: false
trusted_node = false

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ac17e4b

@romac romac changed the title Allow disabling header verification with verify_header chain setting Allow disabling header verification by setting trusted_node = true in the chain config May 22, 2023
@romac romac requested a review from ancazamfir May 22, 2023 09:08
ljoss17
ljoss17 approved these changes May 22, 2023
View reviewed changes
Copy link
Contributor

@ljoss17 ljoss17 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@ancazamfir ancazamfir merged commit 84693fd into master May 22, 2023
33 checks passed
@ancazamfir ancazamfir deleted the perf/header-verification branch May 22, 2023 15:24
pratikbin pushed a commit to pratikbin/hermes that referenced this pull request May 24, 2023
@romac @ancazamfir
Allow disabling header verification by setting trusted_node = true
fdda7bb 
…in the chain config (informalsystems#3328)

* Disable verification of headers, and therefore generation of traces

* Add `verify_headers` setting to the chain config

* Cleanup

* Add changelog entry

* Rename `verify_headers` to `trusted_node`

* Update changelog entry

---------

Co-authored-by: Anca Zamfir <zamfiranca@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ancazamfir ancazamfir ancazamfir approved these changes

@ljoss17 ljoss17 ljoss17 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow disabling header verification on a per-chain basis
3 participants
@romac @ancazamfir @ljoss17