Use CheckTx in transaction scheduler

[abukosek]

Closes #1963.

TODO:

• Make txn sched workers run runtimes.
• Run CheckTx on transactions before queuing them.
• Add a cmdline flag to toggle this check.
• Figure out how to interpret CheckTx response.
• Figure out why it hangs in e2e tests that use encrypted storage.
• Figure out why it hangs in SGX e2e tests.
• Write changelog fragment.

[kostko]

I found the reason for why SGX tests are not working in this PR. So all batches are being rejected due to the following error:

roothash/commitment: batch RAK signature invalid

This is because here you actually overwrite the RAK that is registered for the compute runtime (by the compute worker's RegisterRole handler). And since each enclave has its own RAK this makes all signatures for the compute enclave invalid.

The solution is either to:

• Support multiple enclaves to be registered for the same runtime in the node descriptor (e.g., multiple RAKs per runtime per node), for different purposes (e.g., one for compute and another one for txnscheduler).
• Remove this for loop so that only the enclave for compute is registered. There is no need to register the txnscheduler's RAK in the registry as this runtime is only used for local checks and it doesn't actually sign any batches.

I would be in favor of option two as it is much simpler and the txnscheduler runtime is only used for CheckTx, which currently doesn't sign the results using RAK. If we later desired to verify that the scheduler actually performed CheckTx, we could do add this later.

[abukosek]

Ah, that makes sense! I'll fix it. Thanks for the help!

[codecov]

Codecov Report

Merging #2502 into master will increase coverage by 0.01%.
The diff coverage is 54.73%.

@@            Coverage Diff             @@
##           master    #2502      +/-   ##
==========================================
+ Coverage   67.24%   67.25%   +0.01%     
==========================================
  Files         328      328              
  Lines       30184    30262      +78     
==========================================
+ Hits        20296    20352      +56     
- Misses       7386     7398      +12     
- Partials     2502     2512      +10

Impacted Files	Coverage Δ
go/registry/api/api.go	41.15% <0%> (ø)	⬆️
go/worker/txnscheduler/init.go	100% <100%> (ø)	⬆️
go/worker/txnscheduler/committee/node.go	65.5% <46.55%> (-4.81%)	⬇️
go/worker/txnscheduler/worker.go	83.67% <72.41%> (-3.99%)	⬇️
go/worker/compute/committee/state.go	74.07% <0%> (-11.12%)	⬇️
go/worker/common/host/protocol/protocol.go	68.65% <0%> (-5.23%)	⬇️
go/worker/compute/committee/node.go	63.23% <0%> (-4.63%)	⬇️
go/worker/keymanager/worker.go	58.85% <0%> (-4.21%)	⬇️
go/worker/merge/committee/node.go	75.42% <0%> (-1.21%)	⬇️
go/worker/common/committee/group.go	81.78% <0%> (-0.75%)	⬇️
... and 19 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 51ed3fa...25e1f50. Read the comment docs.

[kostko]

This seems dangerous, what if the block is nil?

[abukosek]

The way it was used previously, this couldn't happen, I think, but I've now removed this code, since it's no longer needed, as CheckTx is done in the node code.

[kostko]

Accessing the CurrentBlock requires holding the CrossNode lock if called outside of methods which assume the caller does so (e.g., the ones ending in Locked).

[kostko]

Why panic on unmarshal? It should log the error and return ErrCheckTxFailed.

[kostko]

Could be if err := n.CheckTx(...); err != nil { ....

[abukosek]

Fixed! Ready for re-review :)