-
-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Get rid of CheckBridge and forked Tendermint #357
Comments
how to prevent that tendermint runs too far ahead of period submission? |
Why it is bad? (asking for a friend) |
I can imagine it is possible to have temporary gaps in the period list. We are not really chaining periods anyway — |
|
|
I think a threshold of max. 3 pending periods cause no problems?
That's odd. 🤔 The last time I had the leap-node running, I had those checkBridge call in the debug logs. |
ok, we keep |
also, @sunify and me discussed an option to "suspend" the app if there is no period landed after 32 blocks. Similar like we do with CheckBridge, but done on the app side: just need to stop proxying txs to Tendermint RPC. |
@johannbarbie you mean tracking of nonce? |
i was only referring to |
What if a malicious- or bad node sends to the tendermint daemon? 🙂 Edit: |
that's what we doing with CheckBridge. @pinkiebell Do you know how to do that without changing Tendermint code? |
Sadly, no idea. you can check the ABCI endpoints but I'm sure something like that isn't there. |
maybe I've over-exaggerated — checkBridge checks not the current, but the previous submission which should happen at that point even with CAS. |
I think this is solved, if all the validators keep a pendingPeriods list — proposer can just use the hash of the last period as a prevHash. |
overall gut feeling:
:) |
Both of these are relevant right now as well: if there is no period and checkBridge stops the consensus you can't construct proofs as well. |
Me too. I also scared that the node is working in unforeseen way 😄 |
I see two quite separate concerns here in this issue:
The bounty definition as it is now addresses only the first concern assuming the second one is not needed and should be removed. While it is still not clear should we allow the chain to run once there are missed period submissions, I will split this bounty in two:
|
closing in favour of #410 |
Bounty
We are using tendermint fork with extra home-grown ABCI called
CheckBridge
. It is supposed to be called every 32 blocks and return 1, otherwise the proposal is deferred (consensus engine is stopped). On a leap-node side we use checkBridge handler to ensure there is a period submitted. This is the ultimate reason for all the clusterfuck — ensure that period is submitted.ThreeOne problem with this approach:It won't be working right because of the CAS — there is no period every 32nd block anymore with CAS — it is submitted later, once there are enough period votes.Solved in fix: check bridge always return success #358As of now it doesn't seem to work yet the networks are working.Solved in fix: check bridge always return success #358This bounty attempts to address the problem purely on ABCI app side, so we can use vanilla tendermint.
Scope
[periodMerkleRoot;prevPeriodHash;txHash;slotId]
tuple to thependingPeriods
list in the bridgeState. If the list was empty store submission time inbridgeState.periodSubmissionTime
.pendingPeriods
and check if the period is landed on the root chain. Skip if the current node is not a validator orslotId
of the pending period is not matching the node's slot.pendingPeriods
list. IfpendingPeriods
is not empty, setperiodSubmissionTime
to the current time.periodSubmissionTime
periodSubmissionTime
— if it is older then 10 minutes, resubmit the period transaction with higher gas price.Deliverables
Gain for the project
Publicly visible delivery
writeup for newsletter
Roles
bounty gardener: @troggy / 90 DAI
bounty worker: name / share
bounty reviewer: name / share
The text was updated successfully, but these errors were encountered: