Optimized azks

[eozturk1]

See Issue #186.

With the removal of previous states of HistoryTreeNode, we don't have a need for keeping states for multiple epochs. In result, HistoryTreeNode, HistoryNodeState and HistoryChildState can simply be replaced with TreeNode.

This diff starts this conversion by adding the labels of its (1) left and right children, and (2) its hash to the HistoryTreeNode (not yet re-named). Actual hash updates will be added in the next diffs. Rather than keeping the node hashes at the parent, I will keep them at the node itself.

NOTE: The PR builds with cargo build but not ready for testing. The purpose of the PR is to "get it out there" to get feedback rather than merging it.

[slawlor]

Some nits to consider. @eozturk1 are we waiting on @Jasleen1 or @kevinlewi to give it a process pass to see if you're on the right track? There's obviously some clippy and rustfmt issues, but functionally it makes sense to me I think.

[slawlor]

nit ::Hasher

[slawlor]

nit: if you're just returning result, can you just remove the variable assignment? I.e.

match child_node {
...
}

without the let result = match child_node {...}; result

[slawlor]

nit: instead of a mut, with multiple assignments can we just do

let leaf_hash = H::merge(&[
  H::hash(&self.hash),
  hash_label::<H>(self.label),
]);

[slawlor]

hmmm. I think we're trying to avoid Panic's. Is this something that can never happen? We should then not pass in an optional, or if it could happen return Err

[slawlor]

nit: is this to be resurrected at some point or just no longer needed? delete it if the latter?

[slawlor]

nit: as before in another spot, are there better options than panic's?

[eozturk1]

@slawlor, @Jasleen1 and I have done an initial pass on the code. This week I'll try and update the tests to matc the new tree construction. I'll also fix the other issues (rustfmt, clippy) and the parts you mentioned.

[eozturk1]

Summary

This PR so far has removed the need for storing states-per-epoch and revised the HistoryTreeNode (referred to as node below) to contain the only (current) state (aka hash), significantly reducing the storage requirements.

Important Changes

• Each node keeps a label of their left and right children, and its hash.
• For leaf nodes the hash is over the initial digest and the label. Initial hash is the hash of public key (and epoch, see next steps).
• For non-leaf nodes, the hash is over the left and right child, and the label.
• For the root, we use the empty node hash: over the empty value and empty label.
• The last_epoch has been kept to be used in append-only proofs whereas birth_epoch is not needed anymore.
• For each call, set_child and update_node_hash writes the updated nodes to the storage for consistency. See below for optimizations over this.
• Epochs in the functions have been kept for adding them to the hash later.
• Storage has been removed from function parameters if the function operated on state or children.

Next Steps:

• Clean up: We should remove the dead-code, debug output, unused HistoryChildState and HistoryNodeState, along with the storage layer code for these nodes.
• Remove birth epoch: Not needed anymore
• Clippy: Make sure Clippy passes.
• Merge with eozturk1:optimized-azks:
• Difference between get_leaf_node and get_leaf_node_without_hashing: How should they differ?
• Updating history/audit/lookup tests:
  • tests::test_directory_polling_azks_change
  • tests::test_limited_key_history
  • tests::test_simple_audit
  • tests::test_simple_key_history
  • tests::test_simple_lookup
  • akd_client tests::test_simple_lookup
  • akd_client tests::test_simple_lookup_for_small_tree
  • akd_client tests::test_tombstoned_key_history
• Updating proof tests:
  • append_only_zks::tests::test_append_only_proof
  • append_only_zks::tests::test_append_only_proof_tiny
  • append_only_zks::tests::test_append_only_proof_very_tiny
  • append_only_zks::tests::test_membership_proof_intermediate
  • append_only_zks::tests::test_membership_proof_permuted
  • append_only_zks::tests::test_nonmembership_proof
  • akd_client tests::test_history_proof_single_epoch
  • akd_client tests::test_history_proof_multiple_epochs
• High level:
  • memory_tests::test_directory_operations
  • mysql_tests::test_directory_operations
  • mysql_tests::test_lookups
  • mysql_db_tests::test_mysql_db
• Fix: Verification failure with small trees #144
• Addition of epoch to the leaf: Leaves should include the latest epoch information in their initial hash. This will allow us to track when a leaf was inserted into the tree.
• Enabling concurrent read/write operations: During a sequencing operation a node might get updated. This means if a client requests a proof during sequencing, we might return an inconsistent proof (a mix of states from the current and next epochs). To circumvent this, we should keep two hashes in the node and update the second one with the new state while moving the current second state to the first (i.e., shift the state to the left).
  • tests::test_read_during_publish
• Renaming HistoryTreeNode as TreeNode: No history, only current.

Improvements

• Tests: We should add more tests for small trees and nodes with non-uniform distribution to increase test coverage for tree creation.
• Minimizing storage writes: If a node is not written to the storage as soon as it is updated, a dirty-read may occur for consecutive operations. We might be able to minimize these writes by allowing short-term inconsistencies by restructuring the code. Another question to look into is how expensive are these instant-writes? (@afterdusk mentioned we use transactions to minimize the impact)
• Tree Visualization: Noticed it is hard to track the current state of the tree through logs. Maybe a visual representation could assist us in this?

[kevinlewi]

Discussed in-person with @eozturk1 and @Jasleen1 , let's disable the currently-failing tests and fix clippy, so that we can land and @Jasleen1 can work on top of the changes here (filling in the rest of the checkboxes).

[eozturk1]

I have disabled the failing tests and updated the next steps to list those tests.

[kevinlewi]

Not sure what the integration test issue is exactly, but perhaps we can merge into a separate branch so that @Jasleen1 can start working on top of it. cc: @slawlor