light-client: treat Trusted status as a special case of Verified as per the spec
#419
Conversation
Only looking for blocks with `Status::Verified` might miss a block that has previously gone through fork detection and marked as `Trusted`. We would then fetch it again from the peer, go through verification again, and then override its status to `Verified`, thus downgrading it from `Trusted` to `Verified`. This commit fixes this by asking the light store for blocks which are either trusted or verified.
romac
changed the title
Co-authored-by: Ismail Khoffi <[email protected]>
|
@josef-widder This PR also addresses a concern raised in #418. While has been brought to light that there is no actual case where a trusted block would be downgraded to verified, I believe it is a bit cleaner to assume it could happen and handle it properly. We can revisit this when we add support for verifying blocks below the latest trusted state. What do you think? |
romac
changed the title
Trusted status as a special case of Verified as per the spec
Codecov Report
@@ Coverage Diff @@
## master #419 +/- ##
======================================
Coverage 30.7% 30.8%
======================================
Files 131 132 +1
Lines 5459 5516 +57
Branches 1697 1712 +15
======================================
+ Hits 1678 1699 +21
- Misses 2598 2619 +21
- Partials 1183 1198 +15
Continue to review full report at Codecov.
|
xla
changed the title
Trusted status as a special case of Verified as per the specTrusted status as a special case of Verified as per the spec
| .fetch_light_block(self.peer, AtHeight::At(height)) | ||
| .map_err(ErrorKind::Io)?; | ||
|
|
||
| state.light_store.insert(block.clone(), Status::Unverified); |
There was a problem hiding this comment.
It's strange to see mutations being done in a method that is called get_or_fetch_block. I know it has been here before but it indicates something being of about where we manage this concern. As now there is an implicit behavioural assumption that the fetched block will be in the light store going forward.
There was a problem hiding this comment.
Agreed it's not ideal. Allhough we don't really rely on this assumption, it's more of a performance optimization (ie. caching of fetched blocks). Perhaps the method should be renamed, or even refactored into a helper which caches blocks in the store and the original get_or_fetch_block. This would make the light store mutation more explicit at call site. Will think about it.
There was a problem hiding this comment.
Ideally behaviour like this (sounds like write-through caching) happens on a layer wrapping this component. Often referred to as decorators.This way each layer can be looked at in isolation and concerns are separated.
There was a problem hiding this comment.
I can give examples and/or go into more detail if it is of interest.
There was a problem hiding this comment.
Ideally behaviour like this (sounds like write-through caching) happens on a layer wrapping this component. Often referred to as decorators.This way each layer can be looked at in isolation and concerns are separated.
Agreed, that's actually what I had in mind when I wrote "refactored into a helper which caches blocks in the store" but the name decorator didn't spring to my mind at the time :)
There was a problem hiding this comment.
Can we capture this somewhere so it doesn't get lost?
Close #427
This PR also addresses a concern raised in #418. While has been brought to light that there is no actual case where a trusted block would be downgraded to verified, I believe it is a bit cleaner to assume it could happen and handle it properly.