connecting unstaked AN with the staked AN using DHT for peer discovery

cmd/access/node_builder/access_node_builder.go

@@ -2,17 +2,18 @@ package node_builder
 
 import (
 	"context"
+	"encoding/json"
 	"fmt"
 	"strings"
 	"time"
 
+	dht "github.com/libp2p/go-libp2p-kad-dht"
 	"github.com/onflow/flow/protobuf/go/flow/access"
 	"github.com/spf13/pflag"
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
 
 	"github.com/onflow/flow-go/cmd"
-	"github.com/onflow/flow-go/cmd/build"
 	"github.com/onflow/flow-go/consensus"
 	"github.com/onflow/flow-go/consensus/hotstuff"
 	"github.com/onflow/flow-go/consensus/hotstuff/committees"
@@ -42,6 +43,7 @@ import (
 	"github.com/onflow/flow-go/network"
 	jsoncodec "github.com/onflow/flow-go/network/codec/json"
 	"github.com/onflow/flow-go/network/p2p"
+	"github.com/onflow/flow-go/network/validator"
 	"github.com/onflow/flow-go/state/protocol"
 	badgerState "github.com/onflow/flow-go/state/protocol/badger"
 	"github.com/onflow/flow-go/state/protocol/blocktimer"
@@ -84,7 +86,9 @@ type AccessNodeBuilder interface {
 // while for a node running as a library, the config fields are expected to be initialized by the caller.
 type AccessNodeConfig struct {
 	staked                       bool
-	stakedAccessNodeIDHex        string
+	bootstrapNodeAddresses       []string
+	bootstrapNodePublicKeys      []string
+	bootstrapIdentites           flow.IdentityList // the identity list of bootstrap peers the node uses to discover other nodes
 	unstakedNetworkBindAddr      string
 	collectionGRPCPort           uint
 	executionGRPCPort            uint
@@ -131,7 +135,8 @@ func DefaultAccessNodeConfig() *AccessNodeConfig {
 		apiRatelimits:                nil,
 		apiBurstlimits:               nil,
 		staked:                       true,
-		stakedAccessNodeIDHex:        "",
+		bootstrapNodeAddresses:       []string{},
+		bootstrapNodePublicKeys:      []string{},
 		unstakedNetworkBindAddr:      cmd.NotSet,
 	}
 }
@@ -144,6 +149,7 @@ type FlowAccessNodeBuilder struct {
 	*AccessNodeConfig
 
 	// components
+	UnstakedLibP2PNode         *p2p.Node
 	UnstakedNetwork            *p2p.Network
 	unstakedMiddleware         *p2p.Middleware
 	FollowerState              protocol.MutableState
@@ -483,9 +489,9 @@ func (anb *FlowAccessNodeBuilder) Build() AccessNodeBuilder {
 
 type Option func(*AccessNodeConfig)
 
-func WithUpstreamAccessNodeID(upstreamAccessNodeID flow.Identifier) Option {
+func WithBootStrapPeers(bootstrapNodes ...*flow.Identity) Option {
 	return func(config *AccessNodeConfig) {
-		config.stakedAccessNodeIDHex = upstreamAccessNodeID.String()
+		config.bootstrapIdentites = bootstrapNodes
 	}
 }
 
@@ -563,71 +569,59 @@ func (builder *FlowAccessNodeBuilder) extraFlags() {
 		flags.StringToIntVar(&builder.apiRatelimits, "api-rate-limits", defaultConfig.apiRatelimits, "per second rate limits for Access API methods e.g. Ping=300,GetTransaction=500 etc.")
 		flags.StringToIntVar(&builder.apiBurstlimits, "api-burst-limits", defaultConfig.apiBurstlimits, "burst limits for Access API methods e.g. Ping=100,GetTransaction=100 etc.")
 		flags.BoolVar(&builder.staked, "staked", defaultConfig.staked, "whether this node is a staked access node or not")
-		flags.StringVar(&builder.stakedAccessNodeIDHex, "staked-access-node-id", defaultConfig.stakedAccessNodeIDHex, "the node ID of the upstream staked access node if this is an unstaked access node")
+		flags.StringSliceVar(&builder.bootstrapNodeAddresses, "bootstrap-node-addresses", defaultConfig.bootstrapNodeAddresses, "the network addresses of the bootstrap access node if this is an unstaked access node e.g. access-001.mainnet.flow.org:9653,access-002.mainnet.flow.org:9653")
+		flags.StringSliceVar(&builder.bootstrapNodePublicKeys, "bootstrap-node-public-keys", defaultConfig.bootstrapNodePublicKeys, "the networking public key of the bootstrap access node if this is an unstaked access node (in the same order as the bootstrap node addresses) e.g. \"d57a5e9c5.....\",\"44ded42d....\"")
 		flags.StringVar(&builder.unstakedNetworkBindAddr, "unstaked-bind-addr", defaultConfig.unstakedNetworkBindAddr, "address to bind on for the unstaked network")
 	})
 }
 
 // initLibP2PFactory creates the LibP2P factory function for the given node ID and network key.
 // The factory function is later passed into the initMiddleware function to eventually instantiate the p2p.LibP2PNode instance
-func (builder *FlowAccessNodeBuilder) initLibP2PFactory(
-	ctx context.Context,
+func (builder *FlowAccessNodeBuilder) initLibP2PFactory(ctx context.Context,
 	nodeID flow.Identifier,
-	networkMetrics module.NetworkMetrics,
-	networkKey crypto.PrivateKey,
-) (p2p.LibP2PFactoryFunc, error) {
+	networkKey crypto.PrivateKey) (p2p.LibP2PFactoryFunc, error) {
 
-	// setup the Ping provider to return the software version and the sealed block height
-	pingProvider := p2p.PingInfoProviderImpl{
-		SoftwareVersionFun: func() string {
-			return build.Semver()
-		},
-		SealedBlockHeightFun: func() (uint64, error) {
-			head, err := builder.State.Sealed().Head()
-			if err != nil {
-				return 0, err
-			}
-			return head.Height, nil
-		},
-	}
+	// The staked nodes act as the DHT servers
+	dhtOptions := []dht.Option{p2p.AsServer(builder.IsStaked())}
 
-	libP2PNodeFactory, err := p2p.DefaultLibP2PNodeFactory(
-		ctx,
-		builder.Logger,
-		nodeID,
-		builder.unstakedNetworkBindAddr,
-		networkKey,
-		builder.RootBlock.ID().String(),
-		p2p.DefaultMaxPubSubMsgSize,
-		networkMetrics,
-		pingProvider,
-	)
-	if err != nil {
-		return nil, fmt.Errorf("could not generate libp2p node factory: %w", err)
+	// if this is an unstaked access node, then seed the DHT with the boostrap identities
+	if !builder.IsStaked() {
+		bootstrapPeersOpt, err := p2p.WithBootstrapPeers(builder.bootstrapIdentites)
+		builder.MustNot(err)
+		dhtOptions = append(dhtOptions, bootstrapPeersOpt)
 	}
 
-	return libP2PNodeFactory, nil
+	return func() (*p2p.Node, error) {
+		libp2pNode, err := p2p.NewDefaultLibP2PNodeBuilder(nodeID, builder.unstakedNetworkBindAddr, networkKey).
+			SetRootBlockID(builder.RootBlock.ID().String()).
+			// unlike the staked network where currently all the node addresses are known upfront,
+			// for the unstaked network the nodes need to discover each other using DHT Discovery.
+			SetPubsubOptions(p2p.WithDHTDiscovery(dhtOptions...)).
+			SetLogger(builder.Logger).
+			Build(ctx)
+		if err != nil {
+			return nil, err
+		}
+		builder.UnstakedLibP2PNode = libp2pNode
+		return builder.UnstakedLibP2PNode, nil
+	}, nil
 }
 
 // initMiddleware creates the network.Middleware implementation with the libp2p factory function, metrics, peer update
 // interval, and validators. The network.Middleware is then passed into the initNetwork function.
 func (builder *FlowAccessNodeBuilder) initMiddleware(nodeID flow.Identifier,
 	networkMetrics module.NetworkMetrics,
 	factoryFunc p2p.LibP2PFactoryFunc,
-	peerUpdateInterval time.Duration,
-	unicastMessageTimeout time.Duration,
-	connectionGating bool,
-	managerPeerConnections bool,
 	validators ...network.MessageValidator) *p2p.Middleware {
 	builder.unstakedMiddleware = p2p.NewMiddleware(builder.Logger,
 		factoryFunc,
 		nodeID,
 		networkMetrics,
 		builder.RootBlock.ID().String(),
-		peerUpdateInterval,
-		unicastMessageTimeout,
-		connectionGating,
-		managerPeerConnections,
+		time.Hour, // TODO: this is pretty meaningless since there is no peermanager in play.
+		p2p.DefaultUnicastTimeout,
+		false, // no connection gating for the unstaked network
+		false, // no peer management for the unstaked network (peer discovery will be done via LibP2P discovery mechanism)
 		validators...)
 	return builder.unstakedMiddleware
 }
@@ -661,3 +655,49 @@ func (builder *FlowAccessNodeBuilder) initNetwork(nodeID module.Local,
 
 	return net, nil
 }
+
+func unstakedNetworkMsgValidators(selfID flow.Identifier) []network.MessageValidator {
+	return []network.MessageValidator{
+		// filter out messages sent by this node itself
+		validator.ValidateNotSender(selfID),
+	}
+}
+
+// BootstrapIdentities converts the bootstrap node addresses and keys to a Flow Identity list where
+// each Flow Identity is initialized with the passed address, the networking key
+// and the Node ID set to ZeroID, role set to Access, 0 stake and no staking key.
+func BootstrapIdentities(addresses []string, keys []string) (flow.IdentityList, error) {
+
+	if len(addresses) != len(keys) {
+		return nil, fmt.Errorf("number of addresses and keys provided for the boostrap nodes don't match")
+	}
+
+	ids := make([]*flow.Identity, len(addresses))
+	for i, address := range addresses {
+
+		key := keys[i]
+		// json unmarshaller needs a quotes before and after the string
+		// the pflags.StringSliceVar does not retain quotes for the command line arg even if escaped with \"
+		// hence this additional check to ensure the key is indeed quoted
+		if !strings.HasPrefix(key, "\"") {
+			key = fmt.Sprintf("\"%s\"", key)
+		}
+		// networking public key
+		var networkKey encodable.NetworkPubKey
+		err := json.Unmarshal([]byte(key), &networkKey)
+		if err != nil {
+			return nil, err
+		}
+
+		// create the identity of the peer by setting only the relevant fields
+		id := &flow.Identity{
+			NodeID:        flow.ZeroID, // the NodeID is the hash of the staking key and for the unstaked network it does not apply
+			Address:       address,
+			Role:          flow.RoleAccess, // the upstream node has to be an access node
+			NetworkPubKey: networkKey,
+		}
+
+		ids = append(ids, id)
+	}
+	return ids, nil
+}

cmd/access/node_builder/staked_access_node_builder.go

@@ -3,14 +3,12 @@ package node_builder
 import (
 	"context"
 	"fmt"
-	"time"
 
 	"github.com/onflow/flow-go/cmd"
 	pingeng "github.com/onflow/flow-go/engine/access/ping"
 	"github.com/onflow/flow-go/model/flow"
 	"github.com/onflow/flow-go/module"
 	"github.com/onflow/flow-go/module/metrics"
-	"github.com/onflow/flow-go/network/p2p"
 	"github.com/onflow/flow-go/network/topology"
 )
 
@@ -83,26 +81,17 @@ func (builder *StakedAccessNodeBuilder) enqueueUnstakedNetworkInit(ctx context.C
 		// TODO: set a different networking key of the staked access node on the unstaked network
 		unstakedNetworkKey := builder.NetworkKey
 
+		libP2PFactory, err := builder.initLibP2PFactory(ctx, unstakedNodeID, unstakedNetworkKey)
+		builder.MustNot(err)
+
+		msgValidators := unstakedNetworkMsgValidators(unstakedNodeID)
+
 		// Network Metrics
 		// for now we use the empty metrics NoopCollector till we have defined the new unstaked network metrics
 		// TODO: define new network metrics for the unstaked network
 		unstakedNetworkMetrics := metrics.NewNoopCollector()
 
-		libP2PFactory, err := builder.FlowAccessNodeBuilder.initLibP2PFactory(ctx, unstakedNodeID, unstakedNetworkMetrics, unstakedNetworkKey)
-		builder.MustNot(err)
-
-		// use the default validators for the staked access node unstaked networks
-		msgValidators := p2p.DefaultValidators(builder.Logger, unstakedNodeID)
-
-		// don't need any peer updates since this will be taken care by the DHT discovery mechanism
-		peerUpdateInterval := time.Hour
-
-		middleware := builder.initMiddleware(unstakedNodeID,
-			unstakedNetworkMetrics, libP2PFactory, peerUpdateInterval,
-			builder.UnicastMessageTimeout,
-			false, // no connection gating for the unstaked network
-			false, // no peer management for the unstaked network (peer discovery will be done via LibP2P discovery mechanism)
-			msgValidators...)
+		middleware := builder.initMiddleware(unstakedNodeID, unstakedNetworkMetrics, libP2PFactory, msgValidators...)
 
 		// empty list of unstaked network participants since they will be discovered dynamically and are not known upfront
 		// TODO: this list should be the unstaked addresses of all the staked AN that participate in the unstaked network

cmd/access/node_builder/unstaked_access_node_builder.go

@@ -2,16 +2,12 @@ package node_builder
 
 import (
 	"context"
-	"strings"
-	"time"
 
 	"github.com/onflow/flow-go/cmd"
 	"github.com/onflow/flow-go/model/flow"
 	"github.com/onflow/flow-go/module"
 	"github.com/onflow/flow-go/module/local"
 	"github.com/onflow/flow-go/module/metrics"
-	"github.com/onflow/flow-go/network/p2p"
-	"github.com/onflow/flow-go/network/topology"
 )
 
 type UnstakedAccessNodeBuilder struct {
@@ -31,8 +27,12 @@ func (builder *UnstakedAccessNodeBuilder) Initialize() cmd.NodeBuilder {
 
 	builder.validateParams()
 
+	builder.deriveBootstrapPeerIdentities()
+
 	builder.enqueueUnstakedNetworkInit(ctx)
 
+	builder.enqueueConnectWithStakedAN()
+
 	builder.EnqueueMetricsServerInit()
 
 	builder.RegisterBadgerMetrics()
@@ -46,15 +46,22 @@ func (builder *UnstakedAccessNodeBuilder) Initialize() cmd.NodeBuilder {
 
 func (builder *UnstakedAccessNodeBuilder) validateParams() {
 
-	// for an unstaked access node, the staked access node ID must be provided
-	if strings.TrimSpace(builder.stakedAccessNodeIDHex) == "" {
-		builder.Logger.Fatal().Msg("staked access node ID not specified")
-	}
-
-	// and also the unstaked bind address
+	// for an unstaked access node, the unstaked network bind address must be provided
 	if builder.unstakedNetworkBindAddr == cmd.NotSet {
 		builder.Logger.Fatal().Msg("unstaked bind address not set")
 	}
+
+	if len(builder.bootstrapNodeAddresses) != len(builder.bootstrapNodePublicKeys) {
+		builder.Logger.Fatal().Msg("number of bootstrap node addresses and public keys should match")
+	}
+}
+
+// deriveBootstrapPeerIdentities derives the Flow Identity of the bootstreap peers from the parameters.
+// These are the identity of the staked and unstaked AN also acting as the DHT bootstrap server
+func (builder *UnstakedAccessNodeBuilder) deriveBootstrapPeerIdentities() {
+	ids, err := BootstrapIdentities(builder.bootstrapNodeAddresses, builder.bootstrapNodePublicKeys)
+	builder.MustNot(err)
+	builder.bootstrapIdentites = ids
 }
 
 // initUnstakedLocal initializes the unstaked node ID, network key and network address
@@ -92,33 +99,18 @@ func (builder *UnstakedAccessNodeBuilder) enqueueUnstakedNetworkInit(ctx context
 		// for now we use the empty metrics NoopCollector till we have defined the new unstaked network metrics
 		unstakedNetworkMetrics := metrics.NewNoopCollector()
 
-		// intialize the LibP2P factory with an empty metrics NoopCollector for now till we have defined the new unstaked
-		// network metrics
-		libP2PFactory, err := builder.FlowAccessNodeBuilder.initLibP2PFactory(ctx, unstakedNodeID, unstakedNetworkMetrics, unstakedNetworkKey)
+		libP2PFactory, err := builder.initLibP2PFactory(ctx, unstakedNodeID, unstakedNetworkKey)
 		builder.MustNot(err)
 
-		// use the default validators for the staked access node unstaked networks
-		msgValidators := p2p.DefaultValidators(builder.Logger, unstakedNodeID)
+		msgValidators := unstakedNetworkMsgValidators(unstakedNodeID)
 
-		// don't need any peer updates since this will be taken care by the DHT discovery mechanism
-		peerUpdateInterval := time.Hour
-
-		middleware := builder.initMiddleware(unstakedNodeID, unstakedNetworkMetrics, libP2PFactory, peerUpdateInterval,
-			node.UnicastMessageTimeout,
-			false, // no connection gating for the unstaked network
-			false, // no peer management for the unstaked network (peer discovery will be done via LibP2P discovery mechanism)
-			msgValidators...)
+		middleware := builder.initMiddleware(unstakedNodeID, unstakedNetworkMetrics, libP2PFactory, msgValidators...)
 
 		// empty list of unstaked network participants since they will be discovered dynamically and are not known upfront
 		participants := flow.IdentityList{}
 
-		upstreamANIdentifier, err := flow.HexStringToIdentifier(builder.stakedAccessNodeIDHex)
-		builder.MustNot(err)
-
-		// topology only consist of the upsteam staked AN
-		top := topology.NewFixedListTopology(upstreamANIdentifier)
-
-		network, err := builder.initNetwork(builder.Me, unstakedNetworkMetrics, middleware, participants, top)
+		// topology is nil since its automatically managed by libp2p
+		network, err := builder.initNetwork(builder.Me, unstakedNetworkMetrics, middleware, participants, nil)
 		builder.MustNot(err)
 
 		builder.UnstakedNetwork = network
@@ -133,3 +125,15 @@ func (builder *UnstakedAccessNodeBuilder) enqueueUnstakedNetworkInit(ctx context
 		return builder.UnstakedNetwork, err
 	})
 }
+
+// enqueueConnectWithStakedAN enqueues the upstream connector component which connects the libp2p host of the unstaked
+// AN with the staked AN.
+// Currently, there is an issue with LibP2P stopping advertisements of subscribed topics if no peers are connected
+// (https://github.com/libp2p/go-libp2p-pubsub/issues/442). This means that an unstaked AN could end up not being
+// discovered by other unstaked ANs if it subscribes to a topic before connecting to the staked AN. Hence, the need
+// of an explicit connect to the staked AN before the node attempts to subscribe to topics.
+func (builder *UnstakedAccessNodeBuilder) enqueueConnectWithStakedAN() {
+	builder.Component("unstaked network", func(_ cmd.NodeBuilder, _ *cmd.NodeConfig) (module.ReadyDoneAware, error) {
+		return newUpstreamConnector(builder.bootstrapIdentites, builder.UnstakedLibP2PNode, builder.Logger), nil
+	})
+}