remove store from verify_and_update_bisection too

informalsystems · Jan 30, 2020 · 8b2b964 · 8b2b964
1 parent 31550c3
commit 8b2b964
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 13 deletions.
diff --git a/tendermint-lite/src/main.rs b/tendermint-lite/src/main.rs
@@ -61,16 +61,22 @@ fn main() {
         );
 
         let now = &SystemTime::now();
-        lite::verify_and_update_bisection(
+        let trusted_state = store.get(0).expect("can not read trusted state");
+
+        let new_state = lite::verify_and_update_bisection(
+            trusted_state.clone(),
             latest_peer_height,
             &TrustThresholdFraction::default(),
             &trusting_period,
             now,
             &req,
-            &mut store,
         )
         .unwrap();
 
+        store
+            .add(new_state)
+            .expect("couldn't store new trusted state");
+
         println!("Succeeded bisecting!");
 
         // notifications ?

diff --git a/tendermint/src/lite/verifier.rs b/tendermint/src/lite/verifier.rs
@@ -207,42 +207,46 @@ where
     store.add(new_trusted_state)
 }
 
-/// Attempt to update the store to the given untrusted height
+/// Attempt to "bisect" to the given untrusted height
 /// by requesting the necessary data (signed headers and validators).
+///
+/// On success, callers are responsible for persisting the returned state
+/// which can now be trusted.
+///
 /// Returns an error if:
 ///     - we're already at or past that height
 ///     - our latest state expired
 ///     - any requests fail
 ///     - requested data is inconsistent (eg. vals don't match hashes in header)
 ///     - validators did not correctly commit their blocks
+///
 /// This function is recursive: it uses a bisection algorithm
 /// to request data for intermediate heights as necessary.
 /// Ensures our last trusted header hasn't expired yet, and that
 /// data from the untrusted height can be verified, possibly using
 /// data from intermediate heights.
+///
 /// This function is primarily for use by a light node.
-pub fn verify_and_update_bisection<C, H, L, R, S>(
+pub fn verify_and_update_bisection<C, H, L, R>(
+    trusted_state: TrustedState<C, H>,
     untrusted_height: Height,
     trust_threshold: &L,
     trusting_period: &Duration,
     now: &SystemTime,
     req: &R,
-    store: &mut S,
-) -> Result<(), Error>
+) -> Result<TrustedState<C, H>, Error>
 where
     H: Header,
     C: Commit,
     L: TrustThreshold,
     R: Requester<C, H>,
-    S: Store<C, H>,
 {
-    // Fetch the latest state and ensure it hasn't expired.
+    // Ensure the latest state hasn't expired.
     // Note we only check for expiry once in this
     // verify_and_update_bisection function since we assume the
-    // time is passed in and we don't access a clock internall.
+    // time is passed in and we don't access a clock internal.
     // Thus the trust_period must be long enough to incorporate the
     // expected time to complete this function.
-    let trusted_state = store.get(0)?;
     let trusted_sh = trusted_state.last_header();
     is_within_trust_period(trusted_sh.header(), trusting_period, now)?;
 
@@ -260,9 +264,7 @@ where
 
     // inner recursive function which assumes
     // trusting_period check is already done.
-    let new_trusted =
-        verify_and_update_bisection_inner(trusted_state, untrusted_height, trust_threshold, req)?;
-    store.add(new_trusted)
+    verify_and_update_bisection_inner(&trusted_state, untrusted_height, trust_threshold, req)
 }
 
 // inner recursive function for verify_and_update_bisection.