nimbus-eth1/nimbus/p2p/clique.nim

# Nimbus
# Copyright (c) 2018 Status Research & Development GmbH
# Licensed under either of
#  * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or
#    http://www.apache.org/licenses/LICENSE-2.0)
#  * MIT license ([LICENSE-MIT](LICENSE-MIT) or
#    http://opensource.org/licenses/MIT)
# at your option. This file may not be copied, modified, or distributed except
# according to those terms.

##
## EIP-225 Clique PoA Consensus Protocol
## =====================================
##
## For details see
## `EIP-225 <https://github.com/ethereum/EIPs/blob/master/EIPS/eip-225.md>`_
## and
## `go-ethereum <https://github.com/ethereum/EIPs/blob/master/EIPS/eip-225.md>`_
##

import
  std/[sequtils],
  ./clique/[clique_cfg, clique_defs, clique_desc, clique_verify],
  ./clique/snapshot/[ballot, snapshot_desc],
  eth/common,
  stew/results

{.push raises: [Defect].}

# note that mining is unsupported, so the `clique_mining` module is ignored
export
  clique_cfg,
  clique_defs,
  clique_desc

type
  CliqueState* = ##\
    ## Descriptor state snapshot which can be used for implementing
    ## transaction trasnaction handling. Nore the the `Snapshot` type
    ## inside the `Result[]` is most probably opaque.
    Result[Snapshot,void]

# ------------------------------------------------------------------------------
# Public
# ------------------------------------------------------------------------------

proc cliqueSave*(c: var Clique): CliqueState =
  ## Save current `Clique` state.
  ok(c.snapshot)

proc cliqueRestore*(c: var Clique; state: var CliqueState) =
  ## Restore current `Clique` state from a saved snapshot.
  ##
  ## For the particular `state` argument this fuction is disabled with
  ## `cliqueDispose()`. So it can be savely handled in a `defer:` statement.
  if state.isOk:
    c.snapshot = state.value

proc cliqueDispose*(c: var Clique; state: var CliqueState) =
  ## Disable the function `cliqueDispose()` for the particular `state`
  ## argument
  state = err(CliqueState)


proc cliqueVerify*(c: Clique; header: BlockHeader;
                  parents: openArray[BlockHeader]): CliqueOkResult
                        {.gcsafe, raises: [Defect,CatchableError].} =
  ## Check whether a header conforms to the consensus rules. The caller may
  ## optionally pass on a batch of parents (ascending order) to avoid looking
  ## those up from the database. This might be useful for concurrently
  ## verifying a batch of new headers.
  ##
  ## On success, the latest authorised signers list is available via the
  ## fucntion `c.cliqueSigners()`. Otherwise, the latest error is also stored
  ## in the `Clique` descriptor
  var list = toSeq(parents)
  c.cliqueVerifySeq(header, list)

# clique/clique.go(217): func (c *Clique) VerifyHeader(chain [..]
proc cliqueVerify*(c: Clique; header: BlockHeader): CliqueOkResult
                        {.gcsafe, raises: [Defect,CatchableError].} =
  ## Consensus rules verifier without optional parents list.
  var blind: seq[BlockHeader]
  c.cliqueVerifySeq(header, blind)

proc cliqueVerify*(c: Clique;
                   headers: openArray[BlockHeader]): CliqueOkResult
                        {.gcsafe, raises: [Defect,CatchableError].} =
  ## This function verifies a batch of headers checking each header for
  ## consensus rules conformance. The `headers` list is supposed to contain a
  ## chain of headers, i e. `headers[i]` is parent to `headers[i+1]`.
  ##
  ## On success, the latest authorised signers list is available via the
  ## fucntion `c.cliqueSigners()`. Otherwise, the latest error is also stored
  ## in the `Clique` descriptor
  ##
  ## If there is an error, this error is also stored within the `Clique`
  ## descriptor and can be retrieved via `c.failed` along with the hash/ID of
  ## the failed block header.
  var list = toSeq(headers)
  c.cliqueVerifySeq(list)


proc cliqueSigners*(c: Clique): seq[EthAddress] {.inline.} =
  ## Retrieve the sorted list of authorized signers for the current state
  ## of the `Clique` descriptor.
  ##
  ## Note the the returned list is sorted on-the-fly each time this function
  ## is invoked.
  c.snapshot.ballot.authSigners

# ------------------------------------------------------------------------------
# End
# ------------------------------------------------------------------------------
Eip225 clique/PoA consensus protocol details: formal port from go-lang sources, compiles but will not do anything useful yet 2021-05-28 17:39:55 +00:00			`# Nimbus`
			`# Copyright (c) 2018 Status Research & Development GmbH`
			`# Licensed under either of`
			`# * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or`
			`# http://www.apache.org/licenses/LICENSE-2.0)`
			`# * MIT license ([LICENSE-MIT](LICENSE-MIT) or`
			`# http://opensource.org/licenses/MIT)`
			`# at your option. This file may not be copied, modified, or distributed except`
			`# according to those terms.`

			`##`
			`## EIP-225 Clique PoA Consensus Protocol`
			`## =====================================`
			`##`
			`## For details see`
			## `EIP-225 <https://github.com/ethereum/EIPs/blob/master/EIPS/eip-225.md>`_
			`## and`
			## `go-ethereum <https://github.com/ethereum/EIPs/blob/master/EIPS/eip-225.md>`_
			`##`

			`import`
Renamed source file clique_utils => clique_helpers (#762) * Renamed source file clique_utils => clique_helpers why: New name is more in line with other modules where local libraries are named similarly. * re-implemented PoA verification module as clique_verify.nim details: The verification code was ported from the go sources and provisionally stored in the clique_misc.nim source file. todo: Bring it to life. * re-design Snapshot descriptor as: ref object why: Avoids some copying descriptor objects details: The snapshot management in clique_snapshot.nim has been cleaned up. todo: There is a lot of unnecessary copying & sub-list manipulation of seq[BlockHeader] lists which needs to be simplified by managing index intervals. * optimised sequence handling for Clique/PoA why: To much ado about nothing details: * Working with shallow sequences inside PoA processing avoids unnecessary copying. * Using degenerate lists in the cliqueVerify() batch where only the parent (and no other ancestor) is needed. todo: Expose only functions that are needed, shallow sequences should be handles with care. * fix var-parameter function argument * Activate PoA engine -- currently proof of concept details: PoA engine is activated with newChain(extraValidation = true) applied to a PoA network. status and todo: The extraValidation flag on the Chain object can be set at a later state which allows to pre-load parts of the block chain without verification. Setting it later will only go back the block chain to the latest epoch checkpoint. This is inherent to the Clique protocol, needs testing though. PoA engine works in fine weather mode on Goerli replay. With the canonical eip-225 tests, there are quite a few fringe conditions that fail. These can easily fudged over to make things work but need some more work to understand and correct properly. * Make the last offending verification header available why: Makes some fringe case tests work. details: Within a failed transaction comprising several blocks, this feature help to identify the offending block if there was a PoA verification error. * Make PoA header verifier store the final snapshot why: The last snapshot needed by the verifier is the one of the parent but the list of authorised signer is derived from the current snapshot. So updating to the latest snapshot provides the latest signers list. details: Also, PoA processing has been implemented as transaction in persistBlocks() with Clique state rollback. Clique tests succeed now. * Avoiding double yields in iterator => replaced by template why: Tanks to Andri who observed it (see #762) * Calibrate logging interval and fix logging event detection why: Logging interval as copied from Go implementation was too large and needed re-calibration. Elapsed time calculation was bonkers, negative the wrong way round. 2021-07-21 13:31:52 +00:00			`std/[sequtils],`
			`./clique/[clique_cfg, clique_defs, clique_desc, clique_verify],`
			`./clique/snapshot/[ballot, snapshot_desc],`
			`eth/common,`
			`stew/results`
Most snapshot unit tests work details: three test cases still fail which are skipped test suite is linked to all_tests list 2021-06-14 18:33:57 +00:00
			`{.push raises: [Defect].}`
Eip225 clique/PoA consensus protocol details: formal port from go-lang sources, compiles but will not do anything useful yet 2021-05-28 17:39:55 +00:00
Renamed source file clique_utils => clique_helpers (#762) * Renamed source file clique_utils => clique_helpers why: New name is more in line with other modules where local libraries are named similarly. * re-implemented PoA verification module as clique_verify.nim details: The verification code was ported from the go sources and provisionally stored in the clique_misc.nim source file. todo: Bring it to life. * re-design Snapshot descriptor as: ref object why: Avoids some copying descriptor objects details: The snapshot management in clique_snapshot.nim has been cleaned up. todo: There is a lot of unnecessary copying & sub-list manipulation of seq[BlockHeader] lists which needs to be simplified by managing index intervals. * optimised sequence handling for Clique/PoA why: To much ado about nothing details: * Working with shallow sequences inside PoA processing avoids unnecessary copying. * Using degenerate lists in the cliqueVerify() batch where only the parent (and no other ancestor) is needed. todo: Expose only functions that are needed, shallow sequences should be handles with care. * fix var-parameter function argument * Activate PoA engine -- currently proof of concept details: PoA engine is activated with newChain(extraValidation = true) applied to a PoA network. status and todo: The extraValidation flag on the Chain object can be set at a later state which allows to pre-load parts of the block chain without verification. Setting it later will only go back the block chain to the latest epoch checkpoint. This is inherent to the Clique protocol, needs testing though. PoA engine works in fine weather mode on Goerli replay. With the canonical eip-225 tests, there are quite a few fringe conditions that fail. These can easily fudged over to make things work but need some more work to understand and correct properly. * Make the last offending verification header available why: Makes some fringe case tests work. details: Within a failed transaction comprising several blocks, this feature help to identify the offending block if there was a PoA verification error. * Make PoA header verifier store the final snapshot why: The last snapshot needed by the verifier is the one of the parent but the list of authorised signer is derived from the current snapshot. So updating to the latest snapshot provides the latest signers list. details: Also, PoA processing has been implemented as transaction in persistBlocks() with Clique state rollback. Clique tests succeed now. * Avoiding double yields in iterator => replaced by template why: Tanks to Andri who observed it (see #762) * Calibrate logging interval and fix logging event detection why: Logging interval as copied from Go implementation was too large and needed re-calibration. Elapsed time calculation was bonkers, negative the wrong way round. 2021-07-21 13:31:52 +00:00			# note that mining is unsupported, so the `clique_mining` module is ignored
Feature/goerli replay clique poa (#743) * extract unused clique/mining support into separate file why: mining is currently unsupported by nimbus * Replay first 51840 transactions from Goerli block chain why: Currently Goerli is loaded but the block headers are not verified. Replaying allows real data PoA development. details: Simple stupid gzipped dump/undump layer for debugging based on the zlib module (no nim-faststream support.) This is a replay running against p2p/chain.persistBlocks() where the data were captured from. * prepare stubs for PoA engine * split executor source into sup-modules why: make room for updates, clique integration should go into executor/update_poastate.nim * Simplify p2p/executor.processBlock() function prototype why: vmState argument always wraps basicChainDB * split processBlock() into sub-functions why: isolate the part where it will support clique/poa * provided additional processTransaction() function prototype without _fork_ argument why: with the exception of some tests, the _fork_ argument is always derived from the other prototype argument _vmState_ details: similar situation with makeReceipt() * provide new processBlock() version explicitly supporting PoA details: The new processBlock() version supporting PoA is the general one also supporting non-PoA networks, it needs an additional _Clique_ descriptor function argument for PoA state (if any.) The old processBlock() function without the _Clique_ descriptor argument retorns an error on PoA networgs (e.g. Goerli.) * re-implemented Clique descriptor as _ref object_ why: gives more flexibility when moving around the descriptor object details: also cleaned up a bit the clique sources * comments for clarifying handling of Clique/PoA state descriptor 2021-07-06 13:14:45 +00:00			`export`
			`clique_cfg,`
			`clique_defs,`
Renamed source file clique_utils => clique_helpers (#762) * Renamed source file clique_utils => clique_helpers why: New name is more in line with other modules where local libraries are named similarly. * re-implemented PoA verification module as clique_verify.nim details: The verification code was ported from the go sources and provisionally stored in the clique_misc.nim source file. todo: Bring it to life. * re-design Snapshot descriptor as: ref object why: Avoids some copying descriptor objects details: The snapshot management in clique_snapshot.nim has been cleaned up. todo: There is a lot of unnecessary copying & sub-list manipulation of seq[BlockHeader] lists which needs to be simplified by managing index intervals. * optimised sequence handling for Clique/PoA why: To much ado about nothing details: * Working with shallow sequences inside PoA processing avoids unnecessary copying. * Using degenerate lists in the cliqueVerify() batch where only the parent (and no other ancestor) is needed. todo: Expose only functions that are needed, shallow sequences should be handles with care. * fix var-parameter function argument * Activate PoA engine -- currently proof of concept details: PoA engine is activated with newChain(extraValidation = true) applied to a PoA network. status and todo: The extraValidation flag on the Chain object can be set at a later state which allows to pre-load parts of the block chain without verification. Setting it later will only go back the block chain to the latest epoch checkpoint. This is inherent to the Clique protocol, needs testing though. PoA engine works in fine weather mode on Goerli replay. With the canonical eip-225 tests, there are quite a few fringe conditions that fail. These can easily fudged over to make things work but need some more work to understand and correct properly. * Make the last offending verification header available why: Makes some fringe case tests work. details: Within a failed transaction comprising several blocks, this feature help to identify the offending block if there was a PoA verification error. * Make PoA header verifier store the final snapshot why: The last snapshot needed by the verifier is the one of the parent but the list of authorised signer is derived from the current snapshot. So updating to the latest snapshot provides the latest signers list. details: Also, PoA processing has been implemented as transaction in persistBlocks() with Clique state rollback. Clique tests succeed now. * Avoiding double yields in iterator => replaced by template why: Tanks to Andri who observed it (see #762) * Calibrate logging interval and fix logging event detection why: Logging interval as copied from Go implementation was too large and needed re-calibration. Elapsed time calculation was bonkers, negative the wrong way round. 2021-07-21 13:31:52 +00:00			`clique_desc`

			`type`
			`CliqueState* = ##\`
			`## Descriptor state snapshot which can be used for implementing`
			## transaction trasnaction handling. Nore the the `Snapshot` type
			## inside the `Result[]` is most probably opaque.
			`Result[Snapshot,void]`

			`# ------------------------------------------------------------------------------`
			`# Public`
			`# ------------------------------------------------------------------------------`

			`proc cliqueSave*(c: var Clique): CliqueState =`
			## Save current `Clique` state.
			`ok(c.snapshot)`

			`proc cliqueRestore*(c: var Clique; state: var CliqueState) =`
			## Restore current `Clique` state from a saved snapshot.
			`##`
			## For the particular `state` argument this fuction is disabled with
			## `cliqueDispose()`. So it can be savely handled in a `defer:` statement.
			`if state.isOk:`
			`c.snapshot = state.value`

			`proc cliqueDispose*(c: var Clique; state: var CliqueState) =`
			## Disable the function `cliqueDispose()` for the particular `state`
			`## argument`
			`state = err(CliqueState)`


			`proc cliqueVerify*(c: Clique; header: BlockHeader;`
			`parents: openArray[BlockHeader]): CliqueOkResult`
			`{.gcsafe, raises: [Defect,CatchableError].} =`
			`## Check whether a header conforms to the consensus rules. The caller may`
			`## optionally pass on a batch of parents (ascending order) to avoid looking`
			`## those up from the database. This might be useful for concurrently`
			`## verifying a batch of new headers.`
			`##`
			`## On success, the latest authorised signers list is available via the`
			## fucntion `c.cliqueSigners()`. Otherwise, the latest error is also stored
			## in the `Clique` descriptor
			`var list = toSeq(parents)`
			`c.cliqueVerifySeq(header, list)`

			`# clique/clique.go(217): func (c *Clique) VerifyHeader(chain [..]`
			`proc cliqueVerify*(c: Clique; header: BlockHeader): CliqueOkResult`
			`{.gcsafe, raises: [Defect,CatchableError].} =`
			`## Consensus rules verifier without optional parents list.`
			`var blind: seq[BlockHeader]`
			`c.cliqueVerifySeq(header, blind)`

			`proc cliqueVerify*(c: Clique;`
			`headers: openArray[BlockHeader]): CliqueOkResult`
			`{.gcsafe, raises: [Defect,CatchableError].} =`
			`## This function verifies a batch of headers checking each header for`
			## consensus rules conformance. The `headers` list is supposed to contain a
			## chain of headers, i e. `headers[i]` is parent to `headers[i+1]`.
			`##`
			`## On success, the latest authorised signers list is available via the`
			## fucntion `c.cliqueSigners()`. Otherwise, the latest error is also stored
			## in the `Clique` descriptor
			`##`
			## If there is an error, this error is also stored within the `Clique`
			## descriptor and can be retrieved via `c.failed` along with the hash/ID of
			`## the failed block header.`
			`var list = toSeq(headers)`
			`c.cliqueVerifySeq(list)`


			`proc cliqueSigners*(c: Clique): seq[EthAddress] {.inline.} =`
			`## Retrieve the sorted list of authorized signers for the current state`
			## of the `Clique` descriptor.
			`##`
			`## Note the the returned list is sorted on-the-fly each time this function`
			`## is invoked.`
			`c.snapshot.ballot.authSigners`
Update snapshot smoke test details: can initialise & load all tests todo: double check tests that are supposed to return error follow up succesful voting results 2021-06-11 17:26:08 +00:00
Eip225 clique/PoA consensus protocol details: formal port from go-lang sources, compiles but will not do anything useful yet 2021-05-28 17:39:55 +00:00			`# ------------------------------------------------------------------------------`
			`# End`
			`# ------------------------------------------------------------------------------`