Comments (7)
I believe this is an improvement not only for the unstaked side of the network but also on the staked side of the network where multiple consensus nodes are publishing the same blocks.
from flow-go.
So I've done some more digging, and it turns out we wonβt be able to access the GossipSubRouter
since it is a private field. Thus, we can't directly relay messages by calling GossipSubRouter.Publish
as hoped.
However, I realized that we may be approaching this completely wrong in the first place.
First of all, on the staked access node, we're creating two entirely separate instances of Network
, which in turn creates two entirely distinct libp2p Node
s
- https://github.com/onflow/flow-go/blob/master/cmd/access/staked_access_node_builder.go#L77-L90
- https://github.com/onflow/flow-go/blob/master/network/p2p/middleware.go#L151
I'm guessing the reason it's implemented this way is because conceptually we are creating two "separate" networks, but in fact I'm not sure we have to explicitly separate them this way.
Here is a method that allows us to register a topic validator:
https://github.com/libp2p/go-libp2p-pubsub/blob/master/pubsub.go#L1297
The validators are run before any message is sent or gossiped-forward on the network
- https://github.com/libp2p/go-libp2p-pubsub/blob/master/pubsub.go#L1083-L1085
- https://github.com/libp2p/go-libp2p-pubsub/blob/master/validation.go#L228-L244
What we could to instead, is the following:
- For all staked AN's, we register a validator that checks if the message originated from a node who is in the protocol state (ie a staked node). If it is, then we can allow the validator to pass.
- What this implies is, that messages from the staked network will be gossiped-forward to the unstaked nodes. This is handled automatically by libp2p, and we don't need to do any extra work.
- If the message did not original from a node that we recognize from the protocol state, we fail the validation. At the same time, we intercept the message (since it must be from an unstaked node) and process it as we should.
- This implies that messages from the public / unstaked network won't be gossiped-forward to the staked network.
- At the same time, the staked AN's themselves will receive the messages from the unstaked network, and can process them however it needs (respond to sync requests, etc.)
The reason this should work is because unstaked nodes can only bootstrap from staked AN's and other unstaked nodes. In other words, the staked AN's are the only things connecting the staked network with the public network, and the two would be completely disconnected otherwise. This is ensured by connection gating on all of the staked nodes. Therefore, all traffic between the public and private networks has to pass through them.
One thing I'm not sure about is how this would work with DHT. Ideally, we would want to ensure that it is possible for the rest of the staked nodes to not participate in the DHT, so that unstaked nodes can't find out their addresses via the DHT. However, i believe it should be okay even if they do find out about the addresses because connection gating will prevent any messages from unstaked nodes to be gossiped by staked nodes.
from flow-go.
The separation of the networks is intentional. We do not want any traffic on the staked network from nodes which are not staked.
from flow-go.
Yes, but we have a Connection gater, don't we @vishalchangrani ?
from flow-go.
Additional notes here: (Recording things here so I remember before putting everything into notion doc)
- Wanted to verify that signature checking is done by libp2p before validators are called. In other words, by the time our validator is run, we know that the
From
field has been validated and we can take it at face value.- first, we check signing policy here. This ensures that if signing is required, that a signature must be present.
- Then, signature validation is done before any of our validators are called.
- Here is where the
From
field is populated. Here is the field definition. - Important: We must ensure that sign policy is never changed from the "strict" setting, for all of the nodes.
- Here are the acceptable types we can use to implement a validator: https://github.com/libp2p/go-libp2p-pubsub/blob/master/validation.go#L162-L170
from flow-go.
Another note:
Since we would be intercepting messages from unstaked nodes at the gossip layer, they would never make it to the engines on their own. In other words, they wouldn't go through the normal processing flow of messages received on the staked network (from libp2p -> our network layer -> engine).
Instead, we will need some way of injecting that message back into the processing flow once it's been validated, whether by directly passing it to the network layer or directly passing it to an engine.
from flow-go.
This is done
from flow-go.
Related Issues (20)
- [Flow EVM] Add a method to return the value from a storage slot on a given address
- π§[under construction]π§ EFM committee
- Short Circuit Transactions with insufficient balance - more docs
- Mark root checkpoint files in bootstrap folder to be read only
- [Flow EVM] update geth version to v1.14.6
- [Protocol State] Differentiate between uncommitted and committed epochs in API
- [EFM Recovery] Update `flow.EpochExtension` creation to include valid `TargetEndTime` field
- Change account key index to uint32 from uint64 HOT 2
- Add Burner to System Contracts
- [EFM] Smart Contract represents DKG key vectors as mappings
- [EFM] Protocol State represents DKG key vectors as mapping
- [EFM] Implement `SetEpochExtensionViewCount` for KV store
- [Access] Add REST endpoint to get an all accounts keys by address
- [EFM] Minimal Data Model Change to Represent DKG key vectors as mapping
- [CI] Add commit as tag to docker builds
- [EVM] Block mapping
- Improve CI to detect variable shadowing bugs
- [Access] Add compatible range to Node Version Info endpoint
- [Access] Add support for pebbleDB to execution data tracker/pruner
- [EVM] Reevaluate batch run
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flow-go.