Light client: further trait impls, improvements, and tests #84
Conversation
tendermint/src/block/header.rs
Outdated
| byteslices.push(self.app_hash.as_ref().map_or(vec![], encode_hash)); | ||
| byteslices.push(self.last_results_hash.as_ref().map_or(vec![], encode_hash)); | ||
| byteslices.push(self.evidence_hash.as_ref().map_or(vec![], encode_hash)); | ||
| byteslices.push(bytes_enc(self.proposer_address.as_bytes())); |
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
|
TODOs:
|
Further reduce boilerplate code by leveraging generics
Thanks for the suggestion @tarcieri :-)
- SignedVote can now be constructed without going through CanoncialVote (which is an amino-type) - modify impl to match new constructor and remove amino dep - make explicit where which types are amino_types (in vote.rs)
lite::ValidatorSet:: & Set - tests for lite::ValidatorSetLookup lite::ValidatorSet impl - delete `fn hash(self) -> merkle::Hash` from Set and only keep the impl of lite::ValidatorSet
and correctly compute header hash when block id is empty. Represent empty Hash with Option
accept iff +1/3 of the voting power signed
…code (lite2) and tests: - rename former verify method to verify_header_and_commit (might be obsolete) - make the expired method public to be able to use and test it from the outside - add some helpers to be able to deal with deserialization hickups - add a bunch of tests using @Shivani912's generator code (with minor modifications)
and some minor changes due to rebasing on master
liamsi
force-pushed
the
fix_lite_impl_merkle_merged
branch
from
42130c6
to
904f9aa
Compare
| run_test_cases(cases); | ||
| } | ||
|
|
||
| fn run_test_cases(cases: TestCases) { |
There was a problem hiding this comment.
- add a `voting_power_in` method to Commit trait (corresponds to votingpower_in(V1, V1) auxiliary function of spec - use above method to simplify `verify_commit_full` and `verify_commit_trusting` - move validator(id) lookup method to ValidatorSet trait - delete `ValidatorSetLookup` trait - take references everywhere (instead of cloning) - add a len() method the ValidatorSet trait - add in an is_empty method to ValidatorSet; otherwise: `trait `ValidatorSet` has a `len` method but no (possibly inherited) `is_empty` method`
| } | ||
| signed_power += val.power(); | ||
| } | ||
| let signed_power = commit.voting_power_in(vals)?; |
There was a problem hiding this comment.
@ancazamfir @ebuchman Does this work for you? I think it's closer to what is in the spec and should also be less confusing. It's used here and below in verify_commit_trusting (we do lookups in both cases now).
referencing related comments: #36 (comment)
see votingpower_in(V1,V2) function in spec: https://github.com/tendermint/spec/blob/4f7c55507cb99c35c7774c583f182859283f3017/spec/consensus/light-client.md#functions-1
There was a problem hiding this comment.
Yes, it looks better imo.
- they are not used in the abstract verifier logic; hence they do not need to be part of the trait anymore
| /// and thus use an ternary enum here instead of the binary Option. | ||
| // TODO figure out if we want/can do an iter() method here that returns a | ||
| // VoteIterator instead of returning a vec | ||
| fn into_vec(&self) -> Vec<Option<Self::Vote>>; |
There was a problem hiding this comment.
The into_vec or any possibility to iterate over the underlying votes is not used in the abstract verifier code. The parts of the code that needed this is now moved into voting_power_in (see below). I think this makes the code more readable and closer to the spec.
|
I'd appreciate another pass of reviews here. I started working on putting this all together but it would be nice to merge this soon and continue with the remaining parts of the light client (on-top of these changes):
|
…g PartsHeader hash!!")` -> still failing
| "evidence_hash": "", | ||
| "proposer_address": "01F527D77D3FFCC4FCFF2DDC2952EEA5414F2A33" | ||
| }, | ||
| "commit": null |
There was a problem hiding this comment.
Currently, this (null commit) won't even parse correctly. (In the SignedHeader struct a commit isn't optional).
| "input": [ | ||
| { | ||
| "signed_header": { | ||
| "header": null, |
There was a problem hiding this comment.
Currently, this (null header) won't even parse correctly. (In the SignedHeader struct a header isn't optional).
There was a problem hiding this comment.
@Shivani912 why do we even have a null header? Is there ever a case where the rpc would return this?
improve the readability of the abstract traits / verification logic
… instead) and add method `CheckSupport` (see spec)
| } | ||
| signed_power += val.power(); | ||
| } | ||
| let signed_power = commit.voting_power_in(vals)?; |
There was a problem hiding this comment.
Yes, it looks better imo.
- delete `verify` add in a `verify` method that verifies a signed header - use check_support in the tests instead - add module documentation (see: cargo doc --open --no-deps) - make comment a todo to make it easier grepable - add in some feedback for shivani
tendermint/tests/lite.rs
Outdated
| // Then for tests this structure could be used for the skipping case too: | ||
| // The light client get's two such LiteBlocks (one with height h and one with height h-x) | ||
| // This gives more flexibility on how to compose the tests and can be used | ||
| // to mock both rpc endpoints too? |
There was a problem hiding this comment.
This is a good idea cc @Shivani912.
Don't we need to include the NextValidatorSet as well ? Even in bisection, we're verifying the commit against the current Validators, but setting the NextValidators as the trusted ones when checking support for a subsequent commit.
- remove obsolete comments and - introduce const for test files
…elem instead of cloning the whole iter
Supersedes #63: clean-up the commit history and rebased the changes of #63 on master.
From #63's description:
Particularly:
ValidatorSetLookuptrait was deleted later)last_commitasOption<Commit>#79 (deals with decoding JSON)