fix consensus

[erikzhang]

No description provided.

[vncoelho]

This fix is more related to avoiding communication after block is sent and verification of signatures, not so much related to the commit phase we have been working, right?
Good move.

[igormcoelho]

Nice changes! Seem to allow PrepareResponse to arrive prior to PrepareRequest, which happens a lot in practice. Usually timer used to finish together with block relay too, good fix... now with Akka I haven't seen anymore.

[shargon]

@erikzhang could you explain what happend here? why the necesity of review the signatures?

neo/neo/Consensus/ConsensusService.cs

Lines 252 to 257 in 92e55f1

	byte[] hashData = context.MakeHeader().GetHashData();
	if (!Crypto.Default.VerifySignature(hashData, message.Signature, context.Validators[payload.ValidatorIndex].EncodePoint(false))) return;
	for (int i = 0; i < context.Signatures.Length; i++)
	if (context.Signatures[i] != null)
	if (!Crypto.Default.VerifySignature(hashData, context.Signatures[i], context.Validators[i].EncodePoint(false)))
	context.Signatures[i] = null;

[vncoelho]

What if a normal RPC inject this, Shargon?
I think that this verification ensures that.

[igormcoelho]

I think its not reviewing signatures shargon, its allowing to.keep sigs from PrepReponse if PrepRequest arrives later.. the previous code was dropping useful signatures I guess.

[erikzhang]

I think its not reviewing signatures shargon, its allowing to.keep sigs from PrepReponse if PrepRequest arrives later.. the previous code was dropping useful signatures I guess.

Yes

[shargon]

It seems good for me, we will test it! :)

[erikzhang]

I updated it again and solved the consensus problem that is now facing. Please review it again. @shargon @vncoelho @igormcoelho

[vncoelho]

Double checked, @erikzhang. Great job and precise.

[vncoelho]

Erik, what if you verify the transactions OnPersist and, then, delete/remove the ones that fails the test along with these ones here

neo/neo/Ledger/Blockchain.cs

Line 382 in c2d7bd4

mem_pool.TryRemove(tx.Hash, out _);

?

[igormcoelho]

@erikzhang This change just feels redundant to me, because these tx are supposed to exist on mempool already... so perhaps it's something I didn't get. The most important is to get Neo safer and safer now, even if it costs performance temporarialy, so I agree with the changes.

[shargon]

@erikzhang if a CN doesn't have a TX, where he asking for it?

[erikzhang]

Erik, what if you verify the transactions OnPersist and, then, delete/remove the ones that fails the test along with these ones here

If there are a large number of transactions in the memory pool, it takes a lot of time to re-verify them all.

This change just feels redundant to me, because these tx are supposed to exist on mempool already...

After the block is persisted, all transactions in the memory pool must be re-verified.

if a CN doesn't have a TX, where he asking for it?

neo/neo/Consensus/ConsensusService.cs

Lines 325 to 330 in c2d7bd4

	SignAndRelay(context.MakePrepareRequest());
	if (context.TransactionHashes.Length > 1)
	{
	foreach (InvPayload payload in InvPayload.CreateGroup(InventoryType.TX, context.TransactionHashes.Skip(1).ToArray()))
	system.LocalNode.Tell(Message.Create("inv", payload));
	}

The primary will re-relay the transactions after sending the PrepareRequest.

[vncoelho]

Thanks, Erik.

If there are a large number of transactions in the memory pool, it takes a lot of time to re-verify them all.

Does this re-verifiying occurs naturally at the OnNewTransaction events (however, depends on P2P communication)?

One last question and summary, Erik. 🗡️

1. OnPersistCompleted Self.Tell(tx, ActorRefs.NoSender) send a message to All Connections with all current reimaining TXs in its local mempool, right?
2. Then, mem_pool is clear;
3. Block is distributed to everyone again;
4. Speaker FillContext only using its local memory pool with call .GetMemoryPool(). Since mem_pool was clear, Speaker memory pool just contains transactions that arrived though OnNewTransaction calls, correct?
5. Backups checks the Primary Context and get missing transactions from mem_pool_unverified for speed up instead of waiting for a transaction to arrive naturally as OnNewTransaction.

Thanks for the patient.

Following this reasoning, one could see this mem_pool_unverified as a speed up instead of a fix?

[belane]

Tested on private net and working fine.

==> /opt/node1/neo-cli/Logs/2018-10-26.log <==
[16:06:12.316] initialize: height=90 view=0 index=2 role=Primary
[16:06:27.323] timeout: height=90 view=0 state=Primary
[16:06:27.324] send prepare request: height=90 view=0
[16:06:27.345] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.380] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.385] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.390] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.394] relay block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a
[16:06:27.397] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.400] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.401] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.405] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.410] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.413] persist block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a

==> /opt/node2/neo-cli/Logs/2018-10-26.log <==
[16:06:12.322] initialize: height=90 view=0 index=0 role=Backup
[16:06:27.328] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.340] send prepare response
[16:06:27.341] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.345] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.346] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.352] relay block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a
[16:06:27.358] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.360] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.361] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.365] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.368] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.376] persist block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a

==> /opt/node3/neo-cli/Logs/2018-10-26.log <==
[16:06:12.337] initialize: height=90 view=0 index=3 role=Backup
[16:06:27.328] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.334] send prepare response
[16:06:27.335] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.335] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.342] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.364] relay block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a
[16:06:27.373] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.374] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.374] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.375] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.386] OnPrepareResponseReceived: height=90 view=0 index=1
[16:06:27.398] persist block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a

==> /opt/node4/neo-cli/Logs/2018-10-26.log <==
[16:06:12.325] initialize: height=90 view=0 index=1 role=Backup
[16:06:27.335] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.343] send prepare response
[16:06:27.347] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.347] OnPrepareRequestReceived: height=90 view=0 index=2 tx=1
[16:06:27.348] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.355] relay block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a
[16:06:27.369] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.371] OnPrepareResponseReceived: height=90 view=0 index=3
[16:06:27.372] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.380] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.383] OnPrepareResponseReceived: height=90 view=0 index=0
[16:06:27.388] persist block: 0x5440aad0193a621d92555f35b914b5e1f71743d1c94b8b94df64b69161308d4a

[belane]

I would prefer to re-verify the pending TXs in Blockchain.OnPersistCompleted insted to move them to mem_pool_unverified because they are now available only for backup nodes if they receive a PrepareRequest with one of these TX but are not available for the Primary in FillContext.

[erikzhang]

If there are a lot of transactions in the memory pool, it will take a long time to re-verify them. And it will block the consensus. That's why I move them into mem_pool_unverified.

[shargon]

This lock the state when a Block was sent, right? do you think that is needed the commit phase after this PR?

[vncoelho]

@erikzhang, I agree with you that we should not re-verify at OnPersist.

I think that this mem_pool_unverified is a speed up and not a fix, right?
I am trying to understand how the mempool is filled again.
Nowadays, all transaction that were cleared arrive now with Self.Tell(tx, ActorRefs.NoSender) as a OnNewTransaction event one by one?

With this PR the Backups will be able to speed up the process of getting a hash that they do not know.

[erikzhang]

I think that this mem_pool_unverified is a speed up and not a fix, right?

Right.

[vncoelho]

Lets go for it and then we can merge with the commit phase for finally tackling that.

[vncoelho]

@erikzhang, last time question... 🔢

[vncoelho]

@erikzhang, I am double checking here and just to be sure I am thinking why message.Signature is assigned here to the Signatures array.

Should not it be context.Signatures[payload.ValidatorIndex] = null?
If the hashData is null it means that the payload is kind of empty, right?

[erikzhang]

I think @igormcoelho has answered your question:

I think its not reviewing signatures shargon, its allowing to.keep sigs from PrepReponse if PrepRequest arrives later.. the previous code was dropping useful signatures I guess.

[vncoelho]

That part of reviewing signatures I understood (I think, eahueauea).

I mean this line

neo/neo/Consensus/ConsensusService.cs

Line 296 in 4407478

context.Signatures[payload.ValidatorIndex] = message.Signature;

Should not it be context.Signatures[payload.ValidatorIndex] = null;?

Because Node B could receive wrong empty hashdata of (C,D) and then proceed to CheckSignatures(); when a correct signature of node E arrives.
And CheckSignature could pass, relaying a block, because it does not verify again.

It it is null the verification will not count them context.Signatures.Count(p => p != null):

neo/neo/Consensus/ConsensusService.cs

Line 85 in 4407478

if (context.Signatures.Count(p => p != null) >= context.M && context.TransactionHashes.All(p => context.Transactions.ContainsKey(p)))