Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

migrate provider deal proposal label to the new format #721

Merged
merged 7 commits into from
Jun 22, 2022

Conversation

dirkmc
Copy link
Contributor

@dirkmc dirkmc commented Jun 17, 2022

I made a build of v1.16.0-rc1 with go-fil-markets updated to point at this PR.
I tested that I could make a storage deal and it published successfully on my local devnet with the following combinations of client and provider:

  • client v1.15.3 / provider v1.15.3 ✅
  • client v1.15.3 / provider v1.16.0-rc1 ✅
  • client v1.16.0-rc1 / provider v1.15.3 ✅
  • client v1.16.0-rc1 / provider v1.16.x ✅

@dirkmc dirkmc force-pushed the fix/migrate-dealprop-label branch 3 times, most recently from d5d8db3 to 308c548 Compare June 17, 2022 14:56
@dirkmc dirkmc force-pushed the fix/migrate-dealprop-label branch from 308c548 to 4db0b66 Compare June 17, 2022 15:04
@dirkmc dirkmc force-pushed the fix/migrate-dealprop-label branch 3 times, most recently from db2a6da to 72804de Compare June 20, 2022 12:32
@dirkmc dirkmc force-pushed the fix/migrate-dealprop-label branch from 72804de to fd8afb8 Compare June 20, 2022 12:37
@dirkmc dirkmc marked this pull request as ready for review June 20, 2022 12:52
@nonsense nonsense self-requested a review June 20, 2022 14:07
go.mod Outdated
@@ -3,6 +3,7 @@ module github.com/filecoin-project/go-fil-markets
go 1.13

require (
github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 // indirect
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is such an odd dep... curious what did pull it in?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This breaks boost build for me; Removing this like fixes it

github.com/filecoin-project/boost/cli/node imports
        github.com/libp2p/go-libp2p-core/crypto imports
        github.com/btcsuite/btcd/btcec tested by
        github.com/btcsuite/btcd/btcec.test imports
        github.com/btcsuite/btcd/chaincfg/chainhash: ambiguous import: found package github.com/btcsuite/btcd/chaincfg/chainhash in multiple modules:
        github.com/btcsuite/btcd v0.22.0-beta (/home/magik6k/.opt/go/pkg/mod/github.com/btcsuite/btcd@v0.22.0-beta/chaincfg/chainhash)
        github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 (/home/magik6k/.opt/go/pkg/mod/github.com/btcsuite/btcd/chaincfg/chainhash@v1.0.1)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is how the libp2p team fixed it:
libp2p/go-libp2p-core#254

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Working on a fix here:
#723

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Merged the above PR with a fix into this branch.

storagemarket/impl/provider.go Outdated Show resolved Hide resolved
Comment on lines 42 to 47
prop, err := migrations.MigrateClientDealProposal0To1(*ds.DealProposal)
if err != nil {
err = fmt.Errorf("migrating v110 deal proposal to current version: %w", err)
log.Warnf(err.Error())
return ProposalUndefined, cid.Undef, err
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this from the user? We can't do this migration without (possibly) changing signatures.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch 👍

One option would be to reject non-utf8 labels sent over version 1.1.0 of the deal proposal protocol.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After discussing with @magik6k and @arajasek I implemented the proposed change: reject deal proposals over the v1.1.0 protocol where the deal label is not parseable utf8

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dirkmc just for my sanity, this will only affect any new deals made, not historical deals that may have non-utf8 labels, yes?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Historical deals will be migrated from the old format (deal label as a string) to the new format (DealLabel struct).
If those deals were made with a non-utf8 deal label, their signature will no longer match the new format. It's my understanding that this doesn't matter because those deals have already been published on chain.

This PR introduces a new protocol version. So we now have:

  • v1.1.0: The current version
    When a deal proposal is received, reject the deal proposal if it has a label that cannot be parsed as utf8.
    Otherwise, migrate the deal proposal to the new format (label as DealLabel struct). This should not change the signature of the deal because the label is CBOR-marshalled in the same was as if it were a string. See the tests in storagemarket/network/deal_stream_v110_test.go
  • v1.1.1: The new version
    This protocol version will be used when both the client and provider use a version of lotus that depends on this PR.
    Deals made over v1.1.1 are already in the new format (label as a DealLabel struct).

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dirkmc Got it, I think this is good for any newly made / received deals. My concern is whether the entire migration of historical deals will fail if there are historical non-utf8 deals (which I agree will no longer have valid signatures) -- and if so, what is the impact of this migration failing?

(also when does the migration of historical deal info happen? at startup?)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The migration happens at startup 👍

The migration is not expected to fail for historical deals with non-utf8 labels. Please take a look at the code here:
https://github.com/filecoin-project/go-fil-markets/pull/721/files#diff-8536cd1664598e5c06e27807ae8fa95a9f1d40439d4883fbef351e54826dbeccR248
If there's an issue with that code let me know.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perfect, thanks, that assuages my concern -- I think I was conflating the ReadDealProposal (which uses checkDealLabel and fails if non-utf-8) with the migration code, that succeeds in an immaterially wrong state.

Thanks for indulging!

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yep, that makes sense 👍

@jennijuju
Copy link
Member

(this needs to be backported on top of v1.20.1-v16-1 as well.

@dirkmc dirkmc force-pushed the fix/migrate-dealprop-label branch from 960b6ee to 5132179 Compare June 21, 2022 14:43
storagemarket/impl/provider.go Outdated Show resolved Hide resolved
}

return &storagemarket.ClientDealProposal{
ClientSignature: prop.ClientSignature,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, this isn't entirely meaningful, because if we are using the byte-type label (that is, if the label wasn't a valid UTF-8 string), then the signature is now invalid. I'm not too concerned about getting this right, though...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, I think it's ok for the signature for deals with non-utf8 labels not to match, as long as the deals have already been published on chain

Comment on lines 42 to 47
prop, err := migrations.MigrateClientDealProposal0To1(*ds.DealProposal)
if err != nil {
err = fmt.Errorf("migrating v110 deal proposal to current version: %w", err)
log.Warnf(err.Error())
return ProposalUndefined, cid.Undef, err
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dirkmc just for my sanity, this will only affect any new deals made, not historical deals that may have non-utf8 labels, yes?

@dirkmc dirkmc merged commit c865e76 into master Jun 22, 2022
@dirkmc dirkmc deleted the fix/migrate-dealprop-label branch June 22, 2022 10:04
@dirkmc dirkmc mentioned this pull request Jun 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

7 participants