oxen-io/oxen-core
2
1
Fork 0
mirror of https://github.com/oxen-io/oxen-core.git synced 2023-12-14 02:22:56 +01:00
Code Issues Projects Releases Wiki Activity
oxen-core/src/cryptonote_core/service_node_list.cpp

3978 lines
165 KiB
C++
Raw Normal View History

servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
// Copyright (c) 2018, The Loki Project
//
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without modification, are
// permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice, this list of
// conditions and the following disclaimer.
//
// 2. Redistributions in binary form must reproduce the above copyright notice, this list
// of conditions and the following disclaimer in the documentation and/or other
// materials provided with the distribution.
//
// 3. Neither the name of the copyright holder nor the names of its contributors may be
// used to endorse or promote products derived from this software without specific
// prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
#include "cryptonote_config.h"
Integrate CLSAGs into loki They are allowed from v16, and MLSAGs are rejected from v16 + 10 blocks.
2019-06-09 15:02:16 +02:00
#include "ringct/rctTypes.h"
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
#include <functional>
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
#include <algorithm>
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
#include <chrono>
quorum_cop: added quorum cop and service node keys to lokid Submit deregistration autonomously, prune uptime_proofs Move pruner to relayer, fix inf. loop, quorum participation bool return find_if, fix reorg logic, make 2hrs check a variable Add iterator assign on erase, adjust detached check qacop: review iteration, changed warnings and std::find call Accept proofs excluding the added time buffer
2018-07-12 03:58:17 +02:00
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
#include <boost/endian/conversion.hpp>
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
extern "C" {
#include <sodium.h>
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
#include "ringct/rctSigs.h"
Move epee includes under "epee/..." This ends epee's include pollution.
2020-10-24 00:49:42 +02:00
#include "epee/net/local_ip.h"
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
#include "cryptonote_tx_utils.h"
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
#include "cryptonote_basic/tx_extra.h"
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
#include "cryptonote_basic/hardfork.h"
RPC to return SS and lokinet versions, renaming variables
2021-01-25 01:50:34 +01:00
#include "cryptonote_core/uptime_proof.h"
Move epee includes under "epee/..." This ends epee's include pollution.
2020-10-24 00:49:42 +02:00
#include "epee/int-util.h"
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
#include "common/scoped_message_writer.h"
#include "common/i18n.h"
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
#include "common/util.h"
Move randomness into new common/random.h This adds a thread-local, pre-seeded rng at `tools::rng` (to avoid the multiple places we are creating + seeding such an RNG currently). This also moves the portable uniform value and generic shuffle code there as well as neither function is specific to service nodes and this seems a logical place for them.
2019-11-03 18:58:09 +01:00
#include "common/random.h"
Add helper header/func to obtain unique locks auto locks = tools::unique_locks(mutex1, mutex2, ...); gives you a tuple of unique_locks and obtains the locks atomically. auto lock = tools::unique_lock(lock1); is essentially the same as: std::unique_lock<decltype(lock1)> lock{lock1}; but less ugly (and extends nicely to the plural version).
2019-12-12 04:11:07 +01:00
#include "common/lock.h"
Remove deprecated epee code
2020-10-23 22:32:28 +02:00
#include "common/hex.h"
Move epee includes under "epee/..." This ends epee's include pollution.
2020-10-24 00:49:42 +02:00
#include "epee/misc_os_dependent.h"
Unify and move responsibility of voting to quorum_cop (#615) * Unify checkpointing and uptime quorums * Begin making checkpoints cull old votes/checkpoints * Begin rehaul of service node code out of core, to assist checkpoints * Begin overhaul of votes to move resposibility into quorum_cop * Update testing suite to work with the new system * Remove vote culling from checkpoints and into voting_pool * Fix bugs making integration deregistration fail * Votes don't always specify an index in the validators * Update tests for validator index member change * Rename deregister to voting, fix subtle hashing bug Update the deregister hash derivation to use uint32_t as originally set not uint64_t otherwise this affects the result and produces different results. * Remove un-needed nettype from vote pool * PR review, use <algorithms> * Rename uptime_deregister/uptime quorums to just deregister quorums * Remove unused add_deregister_vote, move side effect out of macro
2019-05-31 03:06:42 +02:00
#include "blockchain.h"
Remove loki namespace and merge into service_nodes (#334)
2018-12-21 01:33:05 +01:00
#include "service_node_quorum_cop.h"
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Handle round > 255, add debug logs - Log the generated pulse quorum - Log the round when a msg signature fails - Handle round > 255 and revert to allowing PoW blocks
2020-08-19 06:54:37 +02:00
#include "pulse.h"
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
#include "service_node_list.h"
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
#include "uptime_proof.h"
Add API for staking from GUI wallet (#315) * Enable staking in GUI wallet * Move more helper functions into service_node_rules.h * Move validation of arguments for staking into wallet2 * call stake validation from within create_stake_tx
2018-11-15 03:22:14 +01:00
#include "service_node_rules.h"
Bufferless swarm assignment logic (#518) * unit tests and core tests for new queueless swarm assignment logic * new bufferless swarm assignment logic * new lines * Address reviews * Improve node stealing logic * unit tests for additional functions * get_excess_pool to return early if the threshold is lower than MIN_SWARM_SIZE * Address reviews * another round of reviews * Move new_swarm_vector inside loop * Rebase changes: moved get_new_swarm_id to service_node_swarm.cpp * reserve vector size for all_ids in get_new_swarm_id
2019-04-08 04:03:47 +02:00
#include "service_node_swarm.h"
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
#include "version.h"
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
executable names changed
2021-01-04 04:19:42 +01:00
#undef OXEN_DEFAULT_LOG_CATEGORY
#define OXEN_DEFAULT_LOG_CATEGORY "service_nodes"
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
namespace service_nodes
{
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
size_t constexpr STORE_LONG_TERM_STATE_INTERVAL = 10000;
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
constexpr auto X25519_MAP_PRUNING_INTERVAL = 5min;
constexpr auto X25519_MAP_PRUNING_LAG = 24h;
static_assert(X25519_MAP_PRUNING_LAG > config::UPTIME_PROOF_VALIDITY, "x25519 map pruning lag is too short!");
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
Store more quorums than just the immutable checkpoint
2019-12-10 01:06:28 +01:00
static uint64_t short_term_state_cull_height(uint8_t hf_version, uint64_t block_height)
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
{
size_t constexpr DEFAULT_SHORT_TERM_STATE_HISTORY = 6 * STATE_CHANGE_TX_LIFETIME_IN_BLOCKS;
Add blink quorums
2019-10-15 19:54:45 +02:00
static_assert(DEFAULT_SHORT_TERM_STATE_HISTORY >= BLOCKS_EXPECTED_IN_HOURS(12), // Arbitrary, but raises a compilation failure if it gets shortened.
"not enough short term state storage for blink quorum retrieval!");
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
uint64_t result =
(block_height < DEFAULT_SHORT_TERM_STATE_HISTORY) ? 0 : block_height - DEFAULT_SHORT_TERM_STATE_HISTORY;
return result;
}
service_node_list::service_node_list(cryptonote::Blockchain &blockchain)
Switch service_node_keys to plain pointer instead of shared_ptr The owning pointer is stashed in a unique_ptr so that it gets properly destroyed; everything else gets a plain pointer to it. (Ideally it would be std::optional instead, but that's not until C++17)
2019-10-27 23:31:35 +01:00
: m_blockchain(blockchain) // Warning: don't touch `blockchain`, it gets initialized *after* us
, m_service_node_keys(nullptr)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
, m_state{this}
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
{
}
quorum_cop: added quorum cop and service node keys to lokid Submit deregistration autonomously, prune uptime_proofs Move pruner to relayer, fix inf. loop, quorum participation bool return find_if, fix reorg logic, make 2hrs check a variable Add iterator assign on erase, adjust detached check qacop: review iteration, changed warnings and std::find call Accept proofs excluding the added time buffer
2018-07-12 03:58:17 +02:00
Store historical states for every 10k blocks and better detach
2019-07-19 09:33:29 +02:00
void service_node_list::init()
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Add snode revision soft forks & drop hard fork voting code Snode revisions are a secondary version that let us put out a mandatory update for snodes that isn't a hardfork (and so isn't mandatory for wallets/exchanges/etc.). The main point of this is to let us make a 9.2.0 release that includes new mandatory minimums of future versions of storage server (2.2.0) and lokinet (0.9.4) to bring upgrades to the network. This slightly changes the HF7 blocks to 0 (instead of 1) because, apparently, we weren't properly checking the HF value of the pre-first-hf genesis block at all before. (In practice this changes nothing because genesis blocks are v7 anyway). This also changes (slightly) how we check for hard forks: now if we skip some hard forks then we still want to know the height when a hard fork triggers. For example, if the hf tables contains {7,14} then we still need to know that the HF14 block height also is the height that activates HF9, 10, etc.
2021-06-18 01:06:51 +02:00
if (m_blockchain.get_network_version() < cryptonote::network_version_9_service_nodes)
Store historical states for every 10k blocks and better detach
2019-07-19 09:33:29 +02:00
{
reset(true);
return;
}
uint64_t current_height = m_blockchain.get_current_blockchain_height();
bool loaded = load(current_height);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
if (loaded && m_transient.old_quorum_states.size() < std::min(m_store_quorum_history, uint64_t{10})) {
LOG_PRINT_L0("Full history storage requested, but " << m_transient.old_quorum_states.size() << " old quorum states found");
Store historical states for every 10k blocks and better detach
2019-07-19 09:33:29 +02:00
loaded = false; // Either we don't have stored history or the history is very short, so recalculation is necessary or cheap.
}
Fix off by 1 when checking state_t heights causing sync failure (#759)
2019-07-25 06:35:36 +02:00
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
if (!loaded || m_state.height > current_height)
reset(true);
Store historical states for every 10k blocks and better detach
2019-07-19 09:33:29 +02:00
}
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
template <typename UnaryPredicate>
static std::vector<service_nodes::pubkey_and_sninfo> sort_and_filter(const service_nodes_infos_t &sns_infos, UnaryPredicate p, bool reserve = true) {
std::vector<pubkey_and_sninfo> result;
if (reserve) result.reserve(sns_infos.size());
Fix warnings and unintended copies - pessimizing move in wallet2 prevents copy ellision - various for loops were creating copies (clang-10 now warns about this). Mostly this is because they had the type wrong when looping through a map: the iterator type of a `map<K, V>` is `pair<const K, V>` not `pair<K, V>`. Replaced them with C++17: for (const auto& [key, val] : var) which is so much nicer. - cryptonote::core did not have a virtual destructor, but had virtual methods (causing both a warning, and likely a crash if we ever have something inheriting from it held in a unique_ptr<core>). - core() constructor still had explicit even though it lost the single argument. - test code class had a `final` destructor but wasn't marked final. (It also has a billion superfluous `virtual` declarations but I left them in place because it's just test code).
2020-06-22 04:18:38 +02:00
for (const auto& key_info : sns_infos)
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
if (p(*key_info.second))
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
result.push_back(key_info);
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
std::sort(result.begin(), result.end(),
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
[](const pubkey_and_sninfo &a, const pubkey_and_sninfo &b) {
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
return memcmp(reinterpret_cast<const void*>(&a), reinterpret_cast<const void*>(&b), sizeof(a)) < 0;
});
return result;
}
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
std::vector<pubkey_and_sninfo> service_node_list::state_t::active_service_nodes_infos() const {
Pulse: Move verification to block. Add support to core tests. Verification needs to go to the block, not the header to ensure it does not get included in the block hash.
2020-06-18 06:39:44 +02:00
return sort_and_filter(service_nodes_infos, [](const service_node_info &info) { return info.is_active(); }, /*reserve=*/ true);
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
}
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
std::vector<pubkey_and_sninfo> service_node_list::state_t::decommissioned_service_nodes_infos() const {
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return sort_and_filter(service_nodes_infos, [](const service_node_info &info) { return info.is_decommissioned() && info.is_fully_funded(); }, /*reserve=*/ false);
}
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
std::vector<pubkey_and_sninfo> service_node_list::state_t::payable_service_nodes_infos(uint64_t height, cryptonote::network_type nettype) const {
return sort_and_filter(service_nodes_infos, [height, nettype](const service_node_info &info) { return info.is_payable(height, nettype); }, /*reserve=*/ true);
}
Rename `testing_quorum` class to just `quorum` testing_quorum is a bit of a misnomer: it only does testing when used for an obligations quorum, but it is also used for checkpointing and soon Blink.
2019-10-15 19:52:49 +02:00
std::shared_ptr<const quorum> service_node_list::get_quorum(quorum_type type, uint64_t height, bool include_old, std::vector<std::shared_ptr<const quorum>> *alt_quorums) const
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
{
Add +detail to print_sn|print_n_status, display checkpoint and reachability
2019-09-17 04:01:13 +02:00
height = offset_testing_quorum_height(type, height);
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
quorum_manager const *quorums = nullptr;
if (height == m_state.height)
quorums = &m_state.quorums;
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
else // NOTE: Search m_transient.state_history && m_transient.state_archive
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = m_transient.state_history.find(height);
if (it != m_transient.state_history.end())
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
quorums = &it->quorums;
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
if (!quorums)
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = m_transient.state_archive.find(height);
if (it != m_transient.state_archive.end()) quorums = &it->quorums;
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
}
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
}
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
if (!quorums && include_old) // NOTE: Search m_transient.old_quorum_states
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
{
auto it =
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
std::lower_bound(m_transient.old_quorum_states.begin(),
m_transient.old_quorum_states.end(),
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
height,
[](quorums_by_height const &entry, uint64_t height) { return entry.height < height; });
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
if (it != m_transient.old_quorum_states.end() && it->height == height)
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
quorums = &it->quorums;
(Low priority) Add disabled-by-default quorum storage support (#702) * Add disabled-by-default quorum storage support This adds support for storing N blocks of recent expired quorum state history in lokid (and dumping to/from the lmdb). This isn't useful for regular nodes (and that's why we don't store it) but is incredibly useful for the block explorer to be able to report *which* node got deregistered/decommissioned/etc. by a given state_change tx. * Fix quorum states copy
2019-07-17 08:01:54 +02:00
}
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (alt_quorums)
{
Fix warnings and unintended copies - pessimizing move in wallet2 prevents copy ellision - various for loops were creating copies (clang-10 now warns about this). Mostly this is because they had the type wrong when looping through a map: the iterator type of a `map<K, V>` is `pair<const K, V>` not `pair<K, V>`. Replaced them with C++17: for (const auto& [key, val] : var) which is so much nicer. - cryptonote::core did not have a virtual destructor, but had virtual methods (causing both a warning, and likely a crash if we ever have something inheriting from it held in a unique_ptr<core>). - core() constructor still had explicit even though it lost the single argument. - test code class had a `final` destructor but wasn't marked final. (It also has a billion superfluous `virtual` declarations but I left them in place because it's just test code).
2020-06-22 04:18:38 +02:00
for (const auto& [hash, alt_state] : m_transient.alt_state)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
if (alt_state.height == height)
{
Rename `testing_quorum` class to just `quorum` testing_quorum is a bit of a misnomer: it only does testing when used for an obligations quorum, but it is also used for checkpointing and soon Blink.
2019-10-15 19:52:49 +02:00
std::shared_ptr<const quorum> alt_result = alt_state.quorums.get(type);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (alt_result) alt_quorums->push_back(alt_result);
}
}
}
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (!quorums)
return nullptr;
Rename `testing_quorum` class to just `quorum` testing_quorum is a bit of a misnomer: it only does testing when used for an obligations quorum, but it is also used for checkpointing and soon Blink.
2019-10-15 19:52:49 +02:00
std::shared_ptr<const quorum> result = quorums->get(type);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
return result;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Rename `testing_quorum` class to just `quorum` testing_quorum is a bit of a misnomer: it only does testing when used for an obligations quorum, but it is also used for checkpointing and soon Blink.
2019-10-15 19:52:49 +02:00
static bool get_pubkey_from_quorum(quorum const &quorum, quorum_group group, size_t quorum_index, crypto::public_key &key)
Resolve pubkeys from state change in dupe check in the tx_pool (#707) * Resolve public keys from state changes for the TX pool to avoid dupes * Update copy pasted error message for quorum index OOB * Code review
2019-07-04 09:25:02 +02:00
{
std::vector<crypto::public_key> const *array = nullptr;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (group == quorum_group::validator) array = &quorum.validators;
else if (group == quorum_group::worker) array = &quorum.workers;
Resolve pubkeys from state change in dupe check in the tx_pool (#707) * Resolve public keys from state changes for the TX pool to avoid dupes * Update copy pasted error message for quorum index OOB * Code review
2019-07-04 09:25:02 +02:00
else
{
MERROR("Invalid quorum group specified");
return false;
}
if (quorum_index >= array->size())
{
MERROR("Quorum indexing out of bounds: " << quorum_index << ", quorum_size: " << array->size());
return false;
}
key = (*array)[quorum_index];
return true;
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
bool service_node_list::get_quorum_pubkey(quorum_type type, quorum_group group, uint64_t height, size_t quorum_index, crypto::public_key &key) const
{
Rename `testing_quorum` class to just `quorum` testing_quorum is a bit of a misnomer: it only does testing when used for an obligations quorum, but it is also used for checkpointing and soon Blink.
2019-10-15 19:52:49 +02:00
std::shared_ptr<const quorum> quorum = get_quorum(type, height);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (!quorum)
{
LOG_PRINT_L1("Quorum for height: " << height << ", was not stored by the daemon");
return false;
}
bool result = get_pubkey_from_quorum(*quorum, group, quorum_index, key);
return result;
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
size_t service_node_list::get_service_node_count() const
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
return m_state.service_nodes_infos.size();
}
Service Nodes States Endpoint (#145) * Add get_service_node_list_state command for analytics * Update service_node_list_state to search particular pubkey * Service node list state sorts display results by longest waiting * Fix up leftover todos/unused data structures * Change get_service_node_list_state to print_sn
2018-08-15 04:59:05 +02:00
std::vector<service_node_pubkey_info> service_node_list::get_service_node_list_state(const std::vector<crypto::public_key> &service_node_pubkeys) const
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Service Nodes States Endpoint (#145) * Add get_service_node_list_state command for analytics * Update service_node_list_state to search particular pubkey * Service node list state sorts display results by longest waiting * Fix up leftover todos/unused data structures * Change get_service_node_list_state to print_sn
2018-08-15 04:59:05 +02:00
std::vector<service_node_pubkey_info> result;
if (service_node_pubkeys.empty())
{
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
result.reserve(m_state.service_nodes_infos.size());
Service Nodes States Endpoint (#145) * Add get_service_node_list_state command for analytics * Update service_node_list_state to search particular pubkey * Service node list state sorts display results by longest waiting * Fix up leftover todos/unused data structures * Change get_service_node_list_state to print_sn
2018-08-15 04:59:05 +02:00
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
for (const auto &info : m_state.service_nodes_infos)
result.emplace_back(info);
Service Nodes States Endpoint (#145) * Add get_service_node_list_state command for analytics * Update service_node_list_state to search particular pubkey * Service node list state sorts display results by longest waiting * Fix up leftover todos/unused data structures * Change get_service_node_list_state to print_sn
2018-08-15 04:59:05 +02:00
}
else
{
result.reserve(service_node_pubkeys.size());
for (const auto &it : service_node_pubkeys)
{
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
auto find_it = m_state.service_nodes_infos.find(it);
if (find_it != m_state.service_nodes_infos.end())
result.emplace_back(*find_it);
Service Nodes States Endpoint (#145) * Add get_service_node_list_state command for analytics * Update service_node_list_state to search particular pubkey * Service node list state sorts display results by longest waiting * Fix up leftover todos/unused data structures * Change get_service_node_list_state to print_sn
2018-08-15 04:59:05 +02:00
}
}
return result;
}
Switch service_node_keys to plain pointer instead of shared_ptr The owning pointer is stashed in a unique_ptr so that it gets properly destroyed; everything else gets a plain pointer to it. (Ideally it would be std::optional instead, but that's not until C++17)
2019-10-27 23:31:35 +01:00
void service_node_list::set_my_service_node_keys(const service_node_keys *keys)
Making service nodes list and quorum cop thread-safe (#285) * Remove dependency on service node list in quorum cop * making service node list therad-safe * improve thread-safety of quorum cop
2018-10-10 07:24:01 +02:00
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Switch service_node_keys to plain pointer instead of shared_ptr The owning pointer is stashed in a unique_ptr so that it gets properly destroyed; everything else gets a plain pointer to it. (Ideally it would be std::optional instead, but that's not until C++17)
2019-10-27 23:31:35 +01:00
m_service_node_keys = keys;
Making service nodes list and quorum cop thread-safe (#285) * Remove dependency on service node list in quorum cop * making service node list therad-safe * improve thread-safety of quorum cop
2018-10-10 07:24:01 +02:00
}
(Low priority) Add disabled-by-default quorum storage support (#702) * Add disabled-by-default quorum storage support This adds support for storing N blocks of recent expired quorum state history in lokid (and dumping to/from the lmdb). This isn't useful for regular nodes (and that's why we don't store it) but is incredibly useful for the block explorer to be able to report *which* node got deregistered/decommissioned/etc. by a given state_change tx. * Fix quorum states copy
2019-07-17 08:01:54 +02:00
void service_node_list::set_quorum_history_storage(uint64_t hist_size) {
if (hist_size == 1)
hist_size = std::numeric_limits<uint64_t>::max();
m_store_quorum_history = hist_size;
}
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
bool service_node_list::is_service_node(const crypto::public_key& pubkey, bool require_active) const
core, service_node_list: separated address from service node pubkey
2018-07-12 04:07:34 +02:00
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
auto it = m_state.service_nodes_infos.find(pubkey);
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
return it != m_state.service_nodes_infos.end() && (!require_active || it->second->is_active());
core, service_node_list: separated address from service node pubkey
2018-07-12 04:07:34 +02:00
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
bool service_node_list::is_key_image_locked(crypto::key_image const &check_image, uint64_t *unlock_height, service_node_info::contribution_t *the_locked_contribution) const
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
for (const auto& pubkey_info : m_state.service_nodes_infos)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
const service_node_info &info = *pubkey_info.second;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
for (const service_node_info::contributor_t &contributor : info.contributors)
{
for (const service_node_info::contribution_t &contribution : contributor.locked_contributions)
{
if (check_image == contribution.key_image)
{
if (the_locked_contribution) *the_locked_contribution = contribution;
if (unlock_height) *unlock_height = info.requested_unlock_height;
return true;
}
}
}
}
return false;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
bool reg_tx_extract_fields(const cryptonote::transaction& tx, contributor_args_t &contributor_args, uint64_t& expiration_timestamp, crypto::public_key& service_node_key, crypto::signature& signature)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
cryptonote::tx_extra_service_node_register registration;
DRY out tx_extra API a little; convert extra macros to constexprs The tx extra getting/setting API is a little non-DRY, so this dries it out with some small changes: - Added get_field_from_tx_extra that takes a specific tx_extra lvalue reference and fetches it. This eliminates a bunch of nearly duplicate code that calls parse - find - return. - Add three new functions to add tagged data: - add_tagged_data_to_tx_extra is a raw function that takes a tag and string_view and appends it to tx_extra - add_tx_extra<T>(tx_extra, val) lets you copy `val` directly as a `T`. `val` does *not* have to be the same as `T` (`T` is not deduced) but rather just has to have the same size. This makes it very easy to add simple tx_extra values such as `tx_extra_pub_key` from just a pub key without needing to wrap it first: add_tx_extra<tx_extra_pub_key>(tx.extra, regular_old_pubkey); - add_tx_extra<T>(tx, val) - very light wrapper around the above that takes a transaction lvalue directly (rather than the extra vector) for slight convenience. These additions allow removing several now-unneeded methods and simplify some code around the tx extra handling. This commit also converts the TX_EXTRA_* macros into constexprs.
2020-06-02 06:21:05 +02:00
if (!get_field_from_tx_extra(tx.extra, registration))
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
return false;
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
if (!cryptonote::get_service_node_pubkey_from_tx_extra(tx.extra, service_node_key))
return false;
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor_args.addresses.clear();
contributor_args.addresses.reserve(registration.m_public_spend_keys.size());
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
for (size_t i = 0; i < registration.m_public_spend_keys.size(); i++) {
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor_args.addresses.emplace_back();
contributor_args.addresses.back().m_spend_public_key = registration.m_public_spend_keys[i];
contributor_args.addresses.back().m_view_public_key = registration.m_public_view_keys[i];
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor_args.portions_for_operator = registration.m_portions_for_operator;
contributor_args.portions = registration.m_portions;
contributor_args.success = true;
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
expiration_timestamp = registration.m_expiration_timestamp;
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
signature = registration.m_service_node_signature;
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
return true;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Add +detail to print_sn|print_n_status, display checkpoint and reachability
2019-09-17 04:01:13 +02:00
uint64_t offset_testing_quorum_height(quorum_type type, uint64_t height)
{
uint64_t result = height;
if (type == quorum_type::checkpointing)
{
if (result < REORG_SAFETY_BUFFER_BLOCKS_POST_HF12)
return 0;
result -= REORG_SAFETY_BUFFER_BLOCKS_POST_HF12;
}
return result;
}
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
void validate_contributor_args(uint8_t hf_version, contributor_args_t const &contributor_args)
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
{
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
if (contributor_args.portions.empty())
throw invalid_contributions{"No portions given"};
if (contributor_args.portions.size() != contributor_args.addresses.size())
throw invalid_contributions{"Number of portions (" + std::to_string(contributor_args.portions.size()) + ") doesn't match the number of addresses (" + std::to_string(contributor_args.portions.size()) + ")"};
if (contributor_args.portions.size() > MAX_NUMBER_OF_CONTRIBUTORS)
throw invalid_contributions{"Too many contributors"};
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
if (contributor_args.portions_for_operator > STAKING_PORTIONS)
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
throw invalid_contributions{"Operator portions are too high"};
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
if (!check_service_node_portions(hf_version, contributor_args.portions))
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
{
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
std::stringstream stream;
for (size_t i = 0; i < contributor_args.portions.size(); i++)
{
if (i) stream << ", ";
stream << contributor_args.portions[i];
}
throw invalid_contributions{"Invalid portions: {" + stream.str() + "}"};
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
}
}
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
void validate_contributor_args_signature(contributor_args_t const &contributor_args, uint64_t const expiration_timestamp, crypto::public_key const &service_node_key, crypto::signature const &signature)
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
{
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
crypto::hash hash = {};
if (!get_registration_hash(contributor_args.addresses, contributor_args.portions_for_operator, contributor_args.portions, expiration_timestamp, hash))
throw invalid_contributions{"Failed to generate registration hash"};
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
if (!crypto::check_key(service_node_key))
Remove deprecated epee code
2020-10-23 22:32:28 +02:00
throw invalid_contributions{"Service Node Key was not a valid crypto key" + tools::type_to_hex(service_node_key)};
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
if (!crypto::check_signature(hash, service_node_key, signature))
Remove deprecated epee code
2020-10-23 22:32:28 +02:00
throw invalid_contributions{"Failed to validate service node with key:" + tools::type_to_hex(service_node_key) + " and hash: " + tools::type_to_hex(hash)};
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
}
struct parsed_tx_contribution
{
cryptonote::account_public_address address;
uint64_t transferred;
crypto::secret_key tx_key;
std::vector<service_node_info::contribution_t> locked_contributions;
};
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
static uint64_t get_staking_output_contribution(const cryptonote::transaction& tx, int i, crypto::key_derivation const &derivation, hw::device& hwdev)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
boost::variant -> std::variant A huge amount of this is repetitive: - `boost::get<T>(variant)` becomes `std::get<T>(variant)` - `boost::get<T>(variant_ptr)` becomes `std::get_if<T>(variant_ptr)` - `variant.type() == typeid(T)` becomes `std::holds_alternative<T>(variant)` There are also some simplifications to visitors using simpler stl visitors, or (simpler still) generic lambdas as visitors. Also adds boost serialization serializers for std::variant and std::optional.
2020-06-02 05:47:20 +02:00
if (!std::holds_alternative<cryptonote::txout_to_key>(tx.vout[i].target))
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return 0;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
rct::key mask;
uint64_t money_transferred = 0;
crypto::secret_key scalar1;
hwdev.derivation_to_scalar(derivation, i, scalar1);
try
{
switch (tx.rct_signatures.type)
{
Remove MLSAG generation The blockchain only accepts CLSAG txes now, so no need to keep the MLSAG generation code around. (MLSAG verification stays, of course).
2020-11-23 23:25:01 +01:00
case rct::RCTType::Simple:
case rct::RCTType::Bulletproof:
case rct::RCTType::Bulletproof2:
case rct::RCTType::CLSAG:
money_transferred = rct::decodeRctSimple(tx.rct_signatures, rct::sk2rct(scalar1), i, mask, hwdev);
break;
case rct::RCTType::Full:
money_transferred = rct::decodeRct(tx.rct_signatures, rct::sk2rct(scalar1), i, mask, hwdev);
break;
default:
LOG_PRINT_L0(__func__ << ": Unsupported rct type: " << (int)tx.rct_signatures.type);
return 0;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
}
catch (const std::exception &e)
{
wallet2: added staking transactions to create_transactions_2
2018-08-03 08:52:44 +02:00
LOG_PRINT_L0("Failed to decode input " << i);
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return 0;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return money_transferred;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Add overload for tx_get_staking_components that accepts a txid
2020-04-24 02:18:12 +02:00
bool tx_get_staking_components(cryptonote::transaction_prefix const &tx, staking_components *contribution, crypto::hash const &txid)
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
{
staking_components contribution_unused_ = {};
if (!contribution) contribution = &contribution_unused_;
if (!cryptonote::get_service_node_pubkey_from_tx_extra(tx.extra, contribution->service_node_pubkey))
return false; // Is not a contribution TX don't need to check it.
if (!cryptonote::get_service_node_contributor_from_tx_extra(tx.extra, contribution->address))
return false;
if (!cryptonote::get_tx_secret_key_from_tx_extra(tx.extra, contribution->tx_key))
{
Add overload for tx_get_staking_components that accepts a txid
2020-04-24 02:18:12 +02:00
LOG_PRINT_L1("TX: There was a service node contributor but no secret key in the tx extra for tx: " << txid);
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
return false;
}
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
return true;
}
Add overload for tx_get_staking_components that accepts a txid
2020-04-24 02:18:12 +02:00
bool tx_get_staking_components(cryptonote::transaction const &tx, staking_components *contribution)
{
bool result = tx_get_staking_components(tx, contribution, cryptonote::get_transaction_hash(tx));
return result;
}
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
bool tx_get_staking_components_and_amounts(cryptonote::network_type nettype,
uint8_t hf_version,
cryptonote::transaction const &tx,
uint64_t block_height,
staking_components *contribution)
{
staking_components contribution_unused_ = {};
if (!contribution) contribution = &contribution_unused_;
if (!tx_get_staking_components(tx, contribution))
return false;
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
// A cryptonote transaction is constructed as follows
// P = Hs(aR)G + B
// P := Stealth Address
// a := Receiver's secret view key
// B := Receiver's public spend key
// R := TX Public Key
// G := Elliptic Curve
// In Loki we pack into the tx extra information to reveal information about the TX
// A := Public View Key (we pack contributor into tx extra, 'parsed_contribution.address')
// r := TX Secret Key (we pack secret key into tx extra, 'parsed_contribution.tx_key`)
// Calulate 'Derivation := Hs(Ar)G'
crypto::key_derivation derivation;
if (!crypto::generate_key_derivation(contribution->address.m_view_public_key, contribution->tx_key, derivation))
{
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
LOG_PRINT_L1("TX: Failed to generate key derivation on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
return false;
}
hw::device &hwdev = hw::get_device("default");
contribution->transferred = 0;
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
bool stake_decoded = true;
Add snode revision soft forks & drop hard fork voting code Snode revisions are a secondary version that let us put out a mandatory update for snodes that isn't a hardfork (and so isn't mandatory for wallets/exchanges/etc.). The main point of this is to let us make a 9.2.0 release that includes new mandatory minimums of future versions of storage server (2.2.0) and lokinet (0.9.4) to bring upgrades to the network. This slightly changes the HF7 blocks to 0 (instead of 1) because, apparently, we weren't properly checking the HF value of the pre-first-hf genesis block at all before. (In practice this changes nothing because genesis blocks are v7 anyway). This also changes (slightly) how we check for hard forks: now if we skip some hard forks then we still want to know the height when a hard fork triggers. For example, if the hf tables contains {7,14} then we still need to know that the HF14 block height also is the height that activates HF9, 10, etc.
2021-06-18 01:06:51 +02:00
if (hf_version >= cryptonote::network_version_11_infinite_staking)
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
{
// In Infinite Staking, we lock the key image that would be generated if
// you tried to send your stake and prevent it from being transacted on
// the network whilst you are a Service Node. To do this, we calculate
// the future key image that would be generated when they user tries to
// spend the staked funds. A key image is derived from the ephemeral, one
// time transaction private key, 'x' in the Cryptonote Whitepaper.
// This is only possible to generate if they are the staking to themselves
// as you need the recipients private keys to generate the key image that
// would be generated, when they want to spend it in the future.
cryptonote::tx_extra_tx_key_image_proofs key_image_proofs;
DRY out tx_extra API a little; convert extra macros to constexprs The tx extra getting/setting API is a little non-DRY, so this dries it out with some small changes: - Added get_field_from_tx_extra that takes a specific tx_extra lvalue reference and fetches it. This eliminates a bunch of nearly duplicate code that calls parse - find - return. - Add three new functions to add tagged data: - add_tagged_data_to_tx_extra is a raw function that takes a tag and string_view and appends it to tx_extra - add_tx_extra<T>(tx_extra, val) lets you copy `val` directly as a `T`. `val` does *not* have to be the same as `T` (`T` is not deduced) but rather just has to have the same size. This makes it very easy to add simple tx_extra values such as `tx_extra_pub_key` from just a pub key without needing to wrap it first: add_tx_extra<tx_extra_pub_key>(tx.extra, regular_old_pubkey); - add_tx_extra<T>(tx, val) - very light wrapper around the above that takes a transaction lvalue directly (rather than the extra vector) for slight convenience. These additions allow removing several now-unneeded methods and simplify some code around the tx extra handling. This commit also converts the TX_EXTRA_* macros into constexprs.
2020-06-02 06:21:05 +02:00
if (!get_field_from_tx_extra(tx.extra, key_image_proofs))
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
{
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
LOG_PRINT_L1("TX: Didn't have key image proofs in the tx_extra, rejected on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
stake_decoded = false;
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
}
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
for (size_t output_index = 0; stake_decoded && output_index < tx.vout.size(); ++output_index)
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
{
uint64_t transferred = get_staking_output_contribution(tx, output_index, derivation, hwdev);
if (transferred == 0)
continue;
// So prove that the destination stealth address can be decoded using the
// staker's packed address, which means that the recipient of the
// contribution is themselves (and hence they have the necessary secrets
// to generate the future key image).
// i.e Verify the packed information is valid by computing the stealth
// address P' (which should equal P if matching) using
// 'Derivation := Hs(Ar)G' (we calculated earlier) instead of 'Hs(aR)G'
// P' = Hs(Ar)G + B
// = Hs(aR)G + B
// = Derivation + B
// = P
crypto::public_key ephemeral_pub_key;
{
// P' := Derivation + B
if (!hwdev.derive_public_key(derivation, output_index, contribution->address.m_spend_public_key, ephemeral_pub_key))
{
LOG_PRINT_L1("TX: Could not derive TX ephemeral key on height: " << block_height << " for tx: " << get_transaction_hash(tx) << " for output: " << output_index);
continue;
}
// Stealth address public key should match the public key referenced in the TX only if valid information is given.
Target macos 10.12 When targetting macos <10.14 macos won't allow use of anything from C++17 that throws, such as: - std::get on a variant - std::visit - std::optional::value() - std::any_cast This avoids all of these. For std::get, we either replace with std::get_if (where appropriate), or else use a `var::get` implementation of std::get added to lokimq (also updated here). (This `var` namespace is just an `std` alias everywhere *except* old target macos). For std::visit, likewise lokimq adds an var::visit implementation for old macos that we use. std::optional::value() uses weren't useful anyway as everywhere it calls them we've already checked that the option has a value, in which case we can use `*opt` (which doesn't check for contents and throw). std::any just has to be avoided as far as I can tell, but the one place we used it is only ever a block, so I just replaced it with a `const block*`.
2020-10-16 00:44:36 +02:00
const auto& out_to_key = var::get<cryptonote::txout_to_key>(tx.vout[output_index].target);
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
if (out_to_key.key != ephemeral_pub_key)
{
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
LOG_PRINT_L1("TX: Derived TX ephemeral key did not match tx stored key on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx) << " for output: " << output_index);
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
continue;
}
}
// To prevent the staker locking any arbitrary key image, the provided
// key image is included and verified in a ring signature which
// guarantees that 'the staker proves that he knows such 'x' (one time
// ephemeral secret key) and that (the future key image) P = xG'.
// Consequently the key image is not falsified and actually the future
// key image.
// The signer can try falsify the key image, but the equation used to
// construct the key image is re-derived by the verifier, false key
// images will not match the re-derived key image.
for (auto proof = key_image_proofs.proofs.begin(); proof != key_image_proofs.proofs.end(); proof++)
{
Annotate and split up ring signature code We use generate_ring_signature and check_ring_signature somewhat inappropriately to sign and check a signature of a single key image. While it works for that, the full ring signature algorithm adds quite a bit of complexity that we don't need (and simply doesn't run) for the key image proof included in stake transactions and exported key images from the wallet. This splits it up, makes the key image interface considerably simpler, and adds annotation comments through it (and also adds comments into the "main" signature code). This is a necessary step to getting stake transactions and key image exports working with Ledger, without implementing the full ring signature (because that is quite involved, and not needed for most of these cases). Also remove unused gen/check_ring_signatures interfaces: The raw pointer code is never called, except through the vector version and one place in the test suite, so just remove it and make the vector version the main implementation.
2020-12-02 03:27:44 +01:00
if (!crypto::check_key_image_signature(proof->key_image, ephemeral_pub_key, proof->signature))
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
continue;
contribution->locked_contributions.emplace_back(service_node_info::contribution_t::version_t::v0, ephemeral_pub_key, proof->key_image, transferred);
contribution->transferred += transferred;
key_image_proofs.proofs.erase(proof);
break;
}
}
}
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
Add snode revision soft forks & drop hard fork voting code Snode revisions are a secondary version that let us put out a mandatory update for snodes that isn't a hardfork (and so isn't mandatory for wallets/exchanges/etc.). The main point of this is to let us make a 9.2.0 release that includes new mandatory minimums of future versions of storage server (2.2.0) and lokinet (0.9.4) to bring upgrades to the network. This slightly changes the HF7 blocks to 0 (instead of 1) because, apparently, we weren't properly checking the HF value of the pre-first-hf genesis block at all before. (In practice this changes nothing because genesis blocks are v7 anyway). This also changes (slightly) how we check for hard forks: now if we skip some hard forks then we still want to know the height when a hard fork triggers. For example, if the hf tables contains {7,14} then we still need to know that the HF14 block height also is the height that activates HF9, 10, etc.
2021-06-18 01:06:51 +02:00
if (hf_version < cryptonote::network_version_11_infinite_staking)
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
{
// Pre Infinite Staking, we only need to prove the amount sent is
// sufficient to become a contributor to the Service Node and that there
// is sufficient lock time on the staking output.
for (size_t i = 0; i < tx.vout.size(); i++)
{
bool has_correct_unlock_time = false;
{
uint64_t unlock_time = tx.unlock_time;
if (tx.version >= cryptonote::txversion::v3_per_output_unlock_times)
unlock_time = tx.output_unlock_times[i];
uint64_t min_height = block_height + staking_num_lock_blocks(nettype);
has_correct_unlock_time = unlock_time < CRYPTONOTE_MAX_BLOCK_NUMBER && unlock_time >= min_height;
}
if (has_correct_unlock_time)
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
{
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
contribution->transferred += get_staking_output_contribution(tx, i, derivation, hwdev);
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
stake_decoded = true;
}
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
}
}
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
return stake_decoded;
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
}
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
/// Makes a copy of the given service_node_info and replaces the shared_ptr with a pointer to the copy.
/// Returns the non-const service_node_info (which is now held by the passed-in shared_ptr lvalue ref).
static service_node_info &duplicate_info(std::shared_ptr<const service_node_info> &info_ptr) {
auto new_ptr = std::make_shared<service_node_info>(*info_ptr);
info_ptr = new_ptr;
return *new_ptr;
}
Eliminate state_t lookup temporaries (C++14) Looking up by height currently goes via a mostly-empty implicitly created state_t, which is wasteful but was necessary with C++11. C++14 `std::set`s let us avoid this by making `state_t` and heights directly comparable for set lookups.
2019-12-07 22:06:18 +01:00
bool service_node_list::state_t::process_state_change_tx(state_set const &state_history,
state_set const &state_archive,
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
std::unordered_map<crypto::hash, state_t> const &alt_states,
cryptonote::network_type nettype,
const cryptonote::block &block,
const cryptonote::transaction &tx,
Switch service_node_keys to plain pointer instead of shared_ptr The owning pointer is stashed in a unique_ptr so that it gets properly destroyed; everything else gets a plain pointer to it. (Ideally it would be std::optional instead, but that's not until C++17)
2019-10-27 23:31:35 +01:00
const service_node_keys *my_keys)
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
{
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
if (tx.type != cryptonote::txtype::state_change)
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
return false;
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint8_t const hf_version = block.major_version;
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
cryptonote::tx_extra_service_node_state_change state_change;
make get_checkpoints_range faster by using lmdb cursor as iterator (#819) * make get_checkpoints_range faster by using lmdb cursor as iterator * Update clamp to be more compliant with convention
2019-08-30 05:54:49 +02:00
if (!cryptonote::get_service_node_state_change_from_tx_extra(tx.extra, state_change, hf_version))
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
{
Promote SN state change errors to MERROR These are quite serious: if they occur there's a good chance that the local SN state data is wrong. (At default logging they aren't printed at all, and really should be). This also fixes and adds more detail in the the "height is not stored" error.
2019-12-02 22:39:05 +01:00
MERROR("Transaction: " << cryptonote::get_transaction_hash(tx) << ", did not have valid state change data in tx extra rejecting malformed tx");
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
return false;
}
auto it = state_history.find(state_change.block_height);
if (it == state_history.end())
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
{
Query state archive when processing state changes
2019-12-03 01:26:30 +01:00
it = state_archive.find(state_change.block_height);
if (it == state_archive.end())
{
MERROR("Transaction: " << cryptonote::get_transaction_hash(tx) << " in block "
<< cryptonote::get_block_height(block) << " " << cryptonote::get_block_hash(block)
<< " references quorum height " << state_change.block_height
<< " but that height is not stored!");
return false;
}
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
quorum_manager const *quorums = &it->quorums;
cryptonote::tx_verification_context tvc = {};
if (!verify_tx_state_change(
state_change, cryptonote::get_block_height(block), tvc, *quorums->obligations, hf_version))
{
quorums = nullptr;
Fix warnings and unintended copies - pessimizing move in wallet2 prevents copy ellision - various for loops were creating copies (clang-10 now warns about this). Mostly this is because they had the type wrong when looping through a map: the iterator type of a `map<K, V>` is `pair<const K, V>` not `pair<K, V>`. Replaced them with C++17: for (const auto& [key, val] : var) which is so much nicer. - cryptonote::core did not have a virtual destructor, but had virtual methods (causing both a warning, and likely a crash if we ever have something inheriting from it held in a unique_ptr<core>). - core() constructor still had explicit even though it lost the single argument. - test code class had a `final` destructor but wasn't marked final. (It also has a billion superfluous `virtual` declarations but I left them in place because it's just test code).
2020-06-22 04:18:38 +02:00
for (const auto& [hash, alt_state] : alt_states)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
if (alt_state.height != state_change.block_height) continue;
quorums = &alt_state.quorums;
if (!verify_tx_state_change(state_change, cryptonote::get_block_height(block), tvc, *quorums->obligations, hf_version))
{
quorums = nullptr;
continue;
}
}
}
if (!quorums)
{
Promote SN state change errors to MERROR These are quite serious: if they occur there's a good chance that the local SN state data is wrong. (At default logging they aren't printed at all, and really should be). This also fixes and adds more detail in the the "height is not stored" error.
2019-12-02 22:39:05 +01:00
MERROR("Could not get a quorum that could completely validate the votes from state change in tx: " << get_transaction_hash(tx) << ", skipping transaction");
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
return false;
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
}
Resolve pubkeys from state change in dupe check in the tx_pool (#707) * Resolve public keys from state changes for the TX pool to avoid dupes * Update copy pasted error message for quorum index OOB * Code review
2019-07-04 09:25:02 +02:00
crypto::public_key key;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (!get_pubkey_from_quorum(*quorums->obligations, quorum_group::worker, state_change.service_node_index, key))
{
Promote SN state change errors to MERROR These are quite serious: if they occur there's a good chance that the local SN state data is wrong. (At default logging they aren't printed at all, and really should be). This also fixes and adds more detail in the the "height is not stored" error.
2019-12-02 22:39:05 +01:00
MERROR("Retrieving the public key from state change in tx: " << cryptonote::get_transaction_hash(tx) << " failed");
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
return false;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
auto iter = service_nodes_infos.find(key);
if (iter == service_nodes_infos.end()) {
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
LOG_PRINT_L2("Received state change tx for non-registered service node " << key << " (perhaps a delayed tx?)");
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
return false;
Service Nodes Improve Reliability & Feedback (#262) * If unable to receive own uptime proof, switch to more granular pinging * Uptime proof simpler solution to repeatedly ping on failure
2018-09-27 10:31:08 +02:00
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint64_t block_height = cryptonote::get_block_height(block);
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
auto &info = duplicate_info(iter->second);
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
bool is_me = my_keys && my_keys->pub == key;
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
switch (state_change.state) {
case new_state::deregister:
if (is_me)
MGINFO_RED("Deregistration for service node (yours): " << key);
else
LOG_PRINT_L1("Deregistration for service node: " << key);
make get_checkpoints_range faster by using lmdb cursor as iterator (#819) * make get_checkpoints_range faster by using lmdb cursor as iterator * Update clamp to be more compliant with convention
2019-08-30 05:54:49 +02:00
if (hf_version >= cryptonote::network_version_11_infinite_staking)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
for (const auto &contributor : info.contributors)
{
for (const auto &contribution : contributor.locked_contributions)
{
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
key_image_blacklist.emplace_back(); // NOTE: Use default value for version in key_image_blacklist_entry
key_image_blacklist_entry &entry = key_image_blacklist.back();
entry.key_image = contribution.key_image;
entry.unlock_height = block_height + staking_num_lock_blocks(nettype);
show amount for blacklisted stakes (#1140) * fix segfault when exiting cli wallet due to running poll thread * fix whitespace * style * support for amount of blacklisted stakes in wallets * bump version number for blacklist entries with amounts * default initialize ints in key_image_blacklist_entry * whitespace
2020-04-29 02:45:44 +02:00
entry.amount = contribution.amount;
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
}
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
service_nodes_infos.erase(iter);
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return true;
case new_state::decommission:
make get_checkpoints_range faster by using lmdb cursor as iterator (#819) * make get_checkpoints_range faster by using lmdb cursor as iterator * Update clamp to be more compliant with convention
2019-08-30 05:54:49 +02:00
if (hf_version < cryptonote::network_version_12_checkpointing) {
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
MERROR("Invalid decommission transaction seen before network v12");
return false;
}
if (info.is_decommissioned()) {
LOG_PRINT_L2("Received decommission tx for already-decommissioned service node " << key << "; ignoring");
return false;
}
if (is_me)
MGINFO_RED("Temporary decommission for service node (yours): " << key);
else
LOG_PRINT_L1("Temporary decommission for service node: " << key);
info.active_since_height = -info.active_since_height;
info.last_decommission_height = block_height;
Add multiple decommission reasons to output.
2021-03-26 00:01:52 +01:00
info.last_decommission_reason_consensus_all = state_change.reason_consensus_all;
info.last_decommission_reason_consensus_any = state_change.reason_consensus_any;
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
info.decommission_count++;
Reset uptime to 0 on decommission, so node must submit uptime to recommission
2019-07-11 06:21:27 +02:00
Update soft-forking checks to be effective HF13 (#825) Code review m_oldest_allowable_alternative_block -> m_immutable_height
2019-09-10 02:04:44 +02:00
if (hf_version >= cryptonote::network_version_13_enforce_checkpoints) {
Fix decommissioned snodes not leaving swarms (#812)
2019-08-22 05:14:25 +02:00
// Assigning invalid swarm id effectively kicks the node off
// its current swarm; it will be assigned a new swarm id when it
// gets recommissioned. Prior to HF13 this step was incorrectly
// skipped.
info.swarm_id = UNASSIGNED_SWARM_ID;
}
Don't reset proof data when rescanning This would wipe out proof data if the rescan crossed a registration, and wipe out the timestamp if it crossed a decommission. We don't want to do either when rescanning: our latest proof data would have already been reset the first time we cross the registration/decomm transactions.
2019-12-08 21:15:42 +01:00
if (sn_list && !sn_list->m_rescanning)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto &proof = sn_list->proofs[key];
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
proof.timestamp = proof.effective_timestamp = 0;
Work around broken database interface Apparently it's not safe to use "transactions" in the LMDB without first taking out an exclusive lock on the Blockchain class. Transactions apparently aren't actually transactions, they are just fatal errors that forever deadlock the database if you try to take two write transactions at once. Work around this terrible design by adding the appropriate magic incantation.
2019-12-11 16:51:36 +01:00
proof.store(key, sn_list->m_blockchain);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
}
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return true;
Recommission credit (#1204) This changes the credit rules for recommission: instead of being restored with no credit at all, with this you get restored with 2 blocks of credit lost (up to all of your credit) for each block of decommission time you had. For example, if you had 1000 blocks of credit and are decommissioned for 150 blocks, you'll get recommissioned with 700 blocks of credit. If you were decommissioned for 500 or more blocks then you'll get decommissioned with 0 blocks of credit. This applies the effects immediately rather than waiting for the hard fork. Because this isn't a consensus-breaking change it seems easier to not worry about the HF rules. The consequences are that the rules that get applied to determining how much credit you have will depend on the nodes involved in testing up until the hard fork: you *may* be subject to the harsher v7 rules, or you may fall under v8 rules if enough of the testing quorum has upgraded, but you'll never end up worse than the v7 rules.
2020-08-06 04:24:57 +02:00
case new_state::recommission: {
make get_checkpoints_range faster by using lmdb cursor as iterator (#819) * make get_checkpoints_range faster by using lmdb cursor as iterator * Update clamp to be more compliant with convention
2019-08-30 05:54:49 +02:00
if (hf_version < cryptonote::network_version_12_checkpointing) {
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
MERROR("Invalid recommission transaction seen before network v12");
return false;
}
if (!info.is_decommissioned()) {
LOG_PRINT_L2("Received recommission tx for already-active service node " << key << "; ignoring");
return false;
}
if (is_me)
MGINFO_GREEN("Recommission for service node (yours): " << key);
else
LOG_PRINT_L1("Recommission for service node: " << key);
Recommission credit (#1204) This changes the credit rules for recommission: instead of being restored with no credit at all, with this you get restored with 2 blocks of credit lost (up to all of your credit) for each block of decommission time you had. For example, if you had 1000 blocks of credit and are decommissioned for 150 blocks, you'll get recommissioned with 700 blocks of credit. If you were decommissioned for 500 or more blocks then you'll get decommissioned with 0 blocks of credit. This applies the effects immediately rather than waiting for the hard fork. Because this isn't a consensus-breaking change it seems easier to not worry about the HF rules. The consequences are that the rules that get applied to determining how much credit you have will depend on the nodes involved in testing up until the hard fork: you *may* be subject to the harsher v7 rules, or you may fall under v8 rules if enough of the testing quorum has upgraded, but you'll never end up worse than the v7 rules.
2020-08-06 04:24:57 +02:00
// To figure out how much credit the node gets at recommissioned we need to know how much it
// had when it got decommissioned, and how long it's been decommisioned.
int64_t credit_at_decomm = quorum_cop::calculate_decommission_credit(info, info.last_decommission_height);
int64_t decomm_blocks = block_height - info.last_decommission_height;
Fix recommissioning not reinserting SN at the back of the reward list
2019-06-26 05:58:38 +02:00
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
info.active_since_height = block_height;
Recommission credit (#1204) This changes the credit rules for recommission: instead of being restored with no credit at all, with this you get restored with 2 blocks of credit lost (up to all of your credit) for each block of decommission time you had. For example, if you had 1000 blocks of credit and are decommissioned for 150 blocks, you'll get recommissioned with 700 blocks of credit. If you were decommissioned for 500 or more blocks then you'll get decommissioned with 0 blocks of credit. This applies the effects immediately rather than waiting for the hard fork. Because this isn't a consensus-breaking change it seems easier to not worry about the HF rules. The consequences are that the rules that get applied to determining how much credit you have will depend on the nodes involved in testing up until the hard fork: you *may* be subject to the harsher v7 rules, or you may fall under v8 rules if enough of the testing quorum has upgraded, but you'll never end up worse than the v7 rules.
2020-08-06 04:24:57 +02:00
info.recommission_credit = RECOMMISSION_CREDIT(credit_at_decomm, decomm_blocks);
Fix recommissioning not reinserting SN at the back of the reward list
2019-06-26 05:58:38 +02:00
// Move the SN at the back of the list as if it had just registered (or just won)
info.last_reward_block_height = block_height;
info.last_reward_transaction_index = std::numeric_limits<uint32_t>::max();
Handle multi state changes in the pool (#781) * Update state transition check to account for height and universally set timestamp on recommission Reject invalidated state changes by their height after HF13 * Prune invalidated state changes on blockchain increment Simplify check_tx_inputs for state_changes by using service node list Instead of querying the last 60 historical blocks for every transaction, use the service node list and determine the state of the service node and if it can transition to its new state. We also now enforce at hardfork 13, that the network cannot commit transactions to the network if they would have been invalidated by a newer state change that already is already on the blockchain. This is backwards compatible all the way back to hardfork 9. Greatly simplify state change tx pruning on block added Use the new stricter rules for pruning state changes in the txpool We can do so because pruning the TX pool won't cause issues at the protocol level, but the more people we can upgrade the better network behaviour we get in terms of propagating more intrinsically correct ordering of state changes to other peers. * Don't generate state changes if not valid, disallow voting if node is non-votable
2019-08-12 01:48:47 +02:00
// NOTE: Only the quorum deciding on this node agrees that the service
// node has a recent uptime atleast for it to be recommissioned not
// necessarily the entire network. Ensure the entire network agrees
// simultaneously they are online if we are recommissioning by resetting
Fix 4.0.4 uptime proof transmission after recomm When a node gets recommissioned in 4.0.4 we reset its timestamp to the current time to delay obligations checks for newly recommissioned nodes, but this reset caused problems: - the code runs not only when a fresh block is received, but also when syncing or rescanning, and so time(NULL) gets used to update the node's timestamp even if it is an old record, and since proof info is shared across states, the affects the current state. - as a result of the above, a just-rescanned node that has been decommissioned at some point in the past will think it has just sent a proof, and so won't send any proofs for an hour. - A just-rescanned node won't accept or relay any proofs for any node that was recommissioned in its scan for the first half an hour, but this lack of relaying can cause chaos in getting uptime proofs out across the network, especially while we still have 4.0.3 nodes that need it. To address the first issue, this switches the recommissioning to use the block timestamp rather than the current timestamp. This *will* be slightly delayed in the case of current blocks (since a block timestamp is the time the pool *started* working on the block, which is generally the time the previous block was found on the network), but even with an exceptionally long block delay (e.g. 20 minutes) we are still fending off obligations checks for 1h40m. That would partially fix issues 2 and 3, but we actually don't want a recommissioning to look like a received uptime proof for a couple reasons: - When we haven't actually received an uptime proof it's confusing to report that we have (at the recommission time) and may mask an underlying issue of a node that isn't actually sending proofs for some reason (which might be more common for a node that has just been decommissioned/recommissioned). There's also a related weird state here for nodes that have come on recently: they think the SN is active, but have 0's for IP and storage server port. - 4.0.3 nodes don't get the updated timestamp and so really need the proof to come through even when the 4.0.4 nodes don't think it's important/acceptable. So to also fix these, this commits adds an "effective_timestamp" to the proof info: if it is larger than the actual timestamp field, we use it instead of the actual one for obligations checking. On a recommission, we update only the effective field so that we can delay obligations checking for a couple of hours without delaying actual proofs info going over the network.
2019-08-16 19:31:58 +02:00
// the failure conditions. We set only the effective but not *actual*
// timestamp so that we delay obligations checks but don't prevent the
// next actual proof from being sent/relayed.
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (sn_list)
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto &proof = sn_list->proofs[key];
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
proof.effective_timestamp = block.timestamp;
Pulse: Record pulse participation and issue decommission
2020-09-08 05:56:01 +02:00
proof.checkpoint_participation.reset();
proof.pulse_participation.reset();
quorumnet message for timestamp requests random sampling of service nodes, call timestamp lmq message checks timestamp of 5 service nodes, if local time is 30 seconds different from 80% of the nodes tested then warn user tracks external timesync status and timestamp participation of service nodes clean up includes new template struct for participation history, individual types for participation entry refactor checking participation update select_randomly, move the testing for variance overflow version locks, bump to 8.1.5 explicit casting for mac & clang note to remove after hard fork timestamp debugging log messages debugging messages for before timesync - before message sent logging errord with compiling print version and change add_command to add_request_command log if statement test std::to_string replaced with tools::view_guts for x25519 key check if my sn is active before sending timestamp requests logging the failures checking if statement for success of message more logging, if guards arn't passing more logging, successfully tests if service node might be out of sync more tests before we decide we are out of sync logging output if sn isn't passing tests if check_participation fails then disconnect print timestamp status remove saving variance from the participation history reduce MIN_TIME_IN_S_BEFORE_VOTING reset participation history on recommission undo reduction in startup time reduce log levels Set hardfork time in testnet
2020-12-01 01:56:43 +01:00
proof.timestamp_participation.reset();
proof.timesync_status.reset();
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
}
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return true;
Recommission credit (#1204) This changes the credit rules for recommission: instead of being restored with no credit at all, with this you get restored with 2 blocks of credit lost (up to all of your credit) for each block of decommission time you had. For example, if you had 1000 blocks of credit and are decommissioned for 150 blocks, you'll get recommissioned with 700 blocks of credit. If you were decommissioned for 500 or more blocks then you'll get decommissioned with 0 blocks of credit. This applies the effects immediately rather than waiting for the hard fork. Because this isn't a consensus-breaking change it seems easier to not worry about the HF rules. The consequences are that the rules that get applied to determining how much credit you have will depend on the nodes involved in testing up until the hard fork: you *may* be subject to the harsher v7 rules, or you may fall under v8 rules if enough of the testing quorum has upgraded, but you'll never end up worse than the v7 rules.
2020-08-06 04:24:57 +02:00
}
Add penalty for switching IPs This adds a new obligations quorum vote "ip_change_penalty" that gets triggered if the quorum has received multiple IPs advertised in uptime proofs from a service node in the past 24 hours. Upon reception of such a transaction the SN gets bumped to the bottom of the reward list.
2019-06-26 06:01:40 +02:00
case new_state::ip_change_penalty:
make get_checkpoints_range faster by using lmdb cursor as iterator (#819) * make get_checkpoints_range faster by using lmdb cursor as iterator * Update clamp to be more compliant with convention
2019-08-30 05:54:49 +02:00
if (hf_version < cryptonote::network_version_12_checkpointing) {
Add penalty for switching IPs This adds a new obligations quorum vote "ip_change_penalty" that gets triggered if the quorum has received multiple IPs advertised in uptime proofs from a service node in the past 24 hours. Upon reception of such a transaction the SN gets bumped to the bottom of the reward list.
2019-06-26 06:01:40 +02:00
MERROR("Invalid ip_change_penalty transaction seen before network v12");
return false;
}
if (info.is_decommissioned()) {
LOG_PRINT_L2("Received reset position tx for service node " << key << " but it is already decommissioned; ignoring");
return false;
}
if (is_me)
MGINFO_RED("Reward position reset for service node (yours): " << key);
else
LOG_PRINT_L1("Reward position reset for service node: " << key);
// Move the SN at the back of the list as if it had just registered (or just won)
info.last_reward_block_height = block_height;
info.last_reward_transaction_index = std::numeric_limits<uint32_t>::max();
info.last_ip_change_height = block_height;
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
return true;
Add penalty for switching IPs This adds a new obligations quorum vote "ip_change_penalty" that gets triggered if the quorum has received multiple IPs advertised in uptime proofs from a service node in the past 24 hours. Upon reception of such a transaction the SN gets bumped to the bottom of the reward list.
2019-06-26 06:01:40 +02:00
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
default:
// dev bug!
MERROR("BUG: Service node state change tx has unknown state " << static_cast<uint16_t>(state_change.state));
return false;
}
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
bool service_node_list::state_t::process_key_image_unlock_tx(cryptonote::network_type nettype, uint64_t block_height, const cryptonote::transaction &tx)
{
crypto::public_key snode_key;
if (!cryptonote::get_service_node_pubkey_from_tx_extra(tx.extra, snode_key))
return false;
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
auto it = service_nodes_infos.find(snode_key);
if (it == service_nodes_infos.end())
return false;
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
const service_node_info &node_info = *it->second;
if (node_info.requested_unlock_height != KEY_IMAGE_AWAITING_UNLOCK_HEIGHT)
{
LOG_PRINT_L1("Unlock TX: Node already requested an unlock at height: "
<< node_info.requested_unlock_height << " rejected on height: " << block_height
<< " for tx: " << cryptonote::get_transaction_hash(tx));
return false;
}
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
cryptonote::tx_extra_tx_key_image_unlock unlock;
DRY out tx_extra API a little; convert extra macros to constexprs The tx extra getting/setting API is a little non-DRY, so this dries it out with some small changes: - Added get_field_from_tx_extra that takes a specific tx_extra lvalue reference and fetches it. This eliminates a bunch of nearly duplicate code that calls parse - find - return. - Add three new functions to add tagged data: - add_tagged_data_to_tx_extra is a raw function that takes a tag and string_view and appends it to tx_extra - add_tx_extra<T>(tx_extra, val) lets you copy `val` directly as a `T`. `val` does *not* have to be the same as `T` (`T` is not deduced) but rather just has to have the same size. This makes it very easy to add simple tx_extra values such as `tx_extra_pub_key` from just a pub key without needing to wrap it first: add_tx_extra<tx_extra_pub_key>(tx.extra, regular_old_pubkey); - add_tx_extra<T>(tx, val) - very light wrapper around the above that takes a transaction lvalue directly (rather than the extra vector) for slight convenience. These additions allow removing several now-unneeded methods and simplify some code around the tx extra handling. This commit also converts the TX_EXTRA_* macros into constexprs.
2020-06-02 06:21:05 +02:00
if (!cryptonote::get_field_from_tx_extra(tx.extra, unlock))
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
LOG_PRINT_L1("Unlock TX: Didn't have key image unlock in the tx_extra, rejected on height: "
<< block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
return false;
}
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint64_t unlock_height = get_locked_key_image_unlock_height(nettype, node_info.registration_height, block_height);
for (const auto &contributor : node_info.contributors)
{
auto cit = std::find_if(contributor.locked_contributions.begin(),
contributor.locked_contributions.end(),
[&unlock](const service_node_info::contribution_t &contribution) {
return unlock.key_image == contribution.key_image;
});
if (cit != contributor.locked_contributions.end())
{
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// NOTE(oxen): This should be checked in blockchain check_tx_inputs already
Remove nonce (replace with 0) from stake unlock There is no reason at all to sign a *different* message in every stake unlock; signatures already have their own nonce. Having something that serves no purpose is worse than not having it (because it leads to questions about why such a thing is there), so this commit removes it by always using 0 as a nonce and comments about it. Removing this from the broadcast tx would require a new tx extra field so that isn't worth doing for now (but can be done in the future if we change the tx extra structure for unlocks). This also simplifies the nonce-to-hash code and fixes an endian bug in it.
2020-12-04 19:32:48 +01:00
if (crypto::check_signature(service_nodes::generate_request_stake_unlock_hash(unlock.nonce),
cit->key_image_pub_key, unlock.signature))
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
duplicate_info(it->second).requested_unlock_height = unlock_height;
return true;
}
else
{
LOG_PRINT_L1("Unlock TX: Couldn't verify key image unlock in the tx_extra, rejected on height: "
<< block_height << " for tx: " << get_transaction_hash(tx));
return false;
}
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
}
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
bool is_registration_tx(cryptonote::network_type nettype, uint8_t hf_version, const cryptonote::transaction& tx, uint64_t block_timestamp, uint64_t block_height, uint32_t index, crypto::public_key& key, service_node_info& info)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor_args_t contributor_args = {};
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
crypto::public_key service_node_key;
Silence maybe-uninitialized warnings
2020-06-15 02:20:30 +02:00
uint64_t expiration_timestamp{0};
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
crypto::signature signature;
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
if (!reg_tx_extract_fields(tx, contributor_args, expiration_timestamp, service_node_key, signature))
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return false;
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
try
{
validate_contributor_args(hf_version, contributor_args);
validate_contributor_args_signature(contributor_args, expiration_timestamp, service_node_key, signature);
}
catch (const invalid_contributions &e)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Switch to exception based error reporting
2020-04-24 03:34:18 +02:00
LOG_PRINT_L1("Register TX: " << cryptonote::get_transaction_hash(tx) << ", Height: " << block_height << ". " << e.what());
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
if (expiration_timestamp < block_timestamp)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Demote error messages not relevant to user to level 1 (#484)
2019-03-13 06:34:46 +01:00
LOG_PRINT_L1("Register TX: Has expired. The block timestamp: " << block_timestamp <<
" is greater than the expiration timestamp: " << expiration_timestamp <<
" on height: " << block_height <<
" for tx:" << cryptonote::get_transaction_hash(tx));
core, service_node_list: separated address from service node pubkey
2018-07-12 04:07:34 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
new and improved contribution system
2018-08-06 15:08:44 +02:00
// check the initial contribution exists
Add snode revision soft forks & drop hard fork voting code Snode revisions are a secondary version that let us put out a mandatory update for snodes that isn't a hardfork (and so isn't mandatory for wallets/exchanges/etc.). The main point of this is to let us make a 9.2.0 release that includes new mandatory minimums of future versions of storage server (2.2.0) and lokinet (0.9.4) to bring upgrades to the network. This slightly changes the HF7 blocks to 0 (instead of 1) because, apparently, we weren't properly checking the HF value of the pre-first-hf genesis block at all before. (In practice this changes nothing because genesis blocks are v7 anyway). This also changes (slightly) how we check for hard forks: now if we skip some hard forks then we still want to know the height when a hard fork triggers. For example, if the hf tables contains {7,14} then we still need to know that the HF14 block height also is the height that activates HF9, 10, etc.
2021-06-18 01:06:51 +02:00
uint64_t staking_requirement = get_staking_requirement(nettype, block_height);
new and improved contribution system
2018-08-06 15:08:44 +02:00
cryptonote::account_public_address address;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
staking_components stake = {};
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
if (!tx_get_staking_components_and_amounts(nettype, hf_version, tx, block_height, &stake))
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Demote error messages not relevant to user to level 1 (#484)
2019-03-13 06:34:46 +01:00
LOG_PRINT_L1("Register TX: Had service node registration fields, but could not decode contribution on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
new and improved contribution system
2018-08-06 15:08:44 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (hf_version >= cryptonote::network_version_16_pulse)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
// In HF16 we start enforcing three things that were always done but weren't actually enforced:
// 1. the staked amount in the tx must be a single output.
if (stake.locked_contributions.size() != 1)
{
LOG_PRINT_L1("Register TX invalid: multi-output registration transactions are not permitted as of HF16");
return false;
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
// 2. the staked amount must be from the operator. (Previously there was a weird edge case where you
// could manually construct a registration tx that stakes for someone *other* than the operator).
if (stake.address != contributor_args.addresses[0])
{
LOG_PRINT_L1("Register TX invalid: registration stake is not from the operator");
return false;
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
// 3. The operator must be staking at least his reserved amount in the registration details.
// (We check this later, after we calculate reserved atomic currency amounts). In the pre-HF16
// code below it only had to satisfy >= 25% even if the reserved operator stake was higher.
}
else // Pre-HF16
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
const uint64_t min_transfer = get_min_node_contribution(hf_version, staking_requirement, 0, 0);
if (stake.transferred < min_transfer)
{
LOG_PRINT_L1("Register TX: Contribution transferred: " << stake.transferred << " didn't meet the minimum transfer requirement: " << min_transfer << " on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
return false;
}
size_t total_num_of_addr = contributor_args.addresses.size();
if (std::find(contributor_args.addresses.begin(), contributor_args.addresses.end(), stake.address) == contributor_args.addresses.end())
total_num_of_addr++;
// Don't need this check for HF16+ because the number of reserved spots is already checked in
// the registration details, and we disallow a non-operator registration.
if (total_num_of_addr > MAX_NUMBER_OF_CONTRIBUTORS)
{
LOG_PRINT_L1("Register TX: Number of participants: " << total_num_of_addr <<
" exceeded the max number of contributors: " << MAX_NUMBER_OF_CONTRIBUTORS <<
" on height: " << block_height <<
" for tx: " << cryptonote::get_transaction_hash(tx));
return false;
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
new and improved contribution system
2018-08-06 15:08:44 +02:00
// don't actually process this contribution now, do it when we fall through later.
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
key = service_node_key;
Aggegrate init service node info instead of setting members individually (#934) * Aggegrate init service node info instead of setting members individually * Initialise in header instead of aggregate
2019-11-27 04:40:56 +01:00
info.staking_requirement = staking_requirement;
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
info.operator_address = contributor_args.addresses[0];
info.portions_for_operator = contributor_args.portions_for_operator;
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
info.registration_height = block_height;
info.registration_hf_version = hf_version;
info.last_reward_block_height = block_height;
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
info.last_reward_transaction_index = index;
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
info.swarm_id = UNASSIGNED_SWARM_ID;
info.last_ip_change_height = block_height;
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
for (size_t i = 0; i < contributor_args.addresses.size(); i++)
new and improved contribution system
2018-08-06 15:08:44 +02:00
{
service node list: changed contributor map to vector
2018-08-07 05:21:56 +02:00
// Check for duplicates
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
auto iter = std::find(contributor_args.addresses.begin(), contributor_args.addresses.begin() + i, contributor_args.addresses[i]);
if (iter != contributor_args.addresses.begin() + i)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Demote error messages not relevant to user to level 1 (#484)
2019-03-13 06:34:46 +01:00
LOG_PRINT_L1("Register TX: There was a duplicate participant for service node on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
new and improved contribution system
2018-08-06 15:08:44 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
new and improved contribution system
2018-08-06 15:08:44 +02:00
uint64_t hi, lo, resulthi, resultlo;
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
lo = mul128(info.staking_requirement, contributor_args.portions[i], &hi);
service nodes: changed portions to 64 bits also miner fixes to simplewallet behaviour and interactive registration prompt
2018-08-18 06:36:16 +02:00
div128_64(hi, lo, STAKING_PORTIONS, &resulthi, &resultlo);
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
info.contributors.emplace_back();
auto &contributor = info.contributors.back();
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
contributor.reserved = resultlo;
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor.address = contributor_args.addresses[i];
testnet: remove testnet forks for testnet relaunch
2018-08-20 06:15:31 +02:00
info.total_reserved += resultlo;
new and improved contribution system
2018-08-06 15:08:44 +02:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
// In HF16 we require that the amount staked in the registration tx be at least the amount
// reserved for the operator. Before HF16 it only had to be >= 25%, even if the operator
// reserved amount was higher (though wallets would never actually do this).
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (hf_version >= cryptonote::network_version_16_pulse && stake.transferred < info.contributors[0].reserved)
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
{
LOG_PRINT_L1("Register TX rejected: TX does not have sufficient operator stake");
return false;
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
return true;
}
Switch service_node_keys to plain pointer instead of shared_ptr The owning pointer is stashed in a unique_ptr so that it gets properly destroyed; everything else gets a plain pointer to it. (Ideally it would be std::optional instead, but that's not until C++17)
2019-10-27 23:31:35 +01:00
bool service_node_list::state_t::process_registration_tx(cryptonote::network_type nettype, const cryptonote::block &block, const cryptonote::transaction& tx, uint32_t index, const service_node_keys *my_keys)
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint8_t const hf_version = block.major_version;
uint64_t const block_timestamp = block.timestamp;
uint64_t const block_height = cryptonote::get_block_height(block);
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
crypto::public_key key;
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
auto info_ptr = std::make_shared<service_node_info>();
service_node_info &info = *info_ptr;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (!is_registration_tx(nettype, hf_version, tx, block_timestamp, block_height, index, key, info))
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
return false;
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
make get_checkpoints_range faster by using lmdb cursor as iterator (#819) * make get_checkpoints_range faster by using lmdb cursor as iterator * Update clamp to be more compliant with convention
2019-08-30 05:54:49 +02:00
if (hf_version >= cryptonote::network_version_11_infinite_staking)
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
{
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// NOTE(oxen): Grace period is not used anymore with infinite staking. So, if someone somehow reregisters, we just ignore it
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
const auto iter = service_nodes_infos.find(key);
if (iter != service_nodes_infos.end())
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
return false;
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
// Explicitly reset any stored proof to 0, and store it just in case this is a
// re-registration: we want to wipe out any data from the previous registration.
Don't reset proof data when rescanning This would wipe out proof data if the rescan crossed a registration, and wipe out the timestamp if it crossed a decommission. We don't want to do either when rescanning: our latest proof data would have already been reset the first time we cross the registration/decomm transactions.
2019-12-08 21:15:42 +01:00
if (sn_list && !sn_list->m_rescanning)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto &proof = sn_list->proofs[key];
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
proof = {};
Work around broken database interface Apparently it's not safe to use "transactions" in the LMDB without first taking out an exclusive lock on the Blockchain class. Transactions apparently aren't actually transactions, they are just fatal errors that forever deadlock the database if you try to take two write transactions at once. Work around this terrible design by adding the appropriate magic incantation.
2019-12-11 16:51:36 +01:00
proof.store(key, sn_list->m_blockchain);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
}
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
if (my_keys && my_keys->pub == key) MGINFO_GREEN("Service node registered (yours): " << key << " on height: " << block_height);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
else LOG_PRINT_L1("New service node registered: " << key << " on height: " << block_height);
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
else
{
// NOTE: A node doesn't expire until registration_height + lock blocks excess now which acts as the grace period
// So it is possible to find the node still in our list.
bool registered_during_grace_period = false;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
const auto iter = service_nodes_infos.find(key);
if (iter != service_nodes_infos.end())
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
{
make get_checkpoints_range faster by using lmdb cursor as iterator (#819) * make get_checkpoints_range faster by using lmdb cursor as iterator * Update clamp to be more compliant with convention
2019-08-30 05:54:49 +02:00
if (hf_version >= cryptonote::network_version_10_bulletproofs)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
service_node_info const &old_info = *iter->second;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint64_t expiry_height = old_info.registration_height + staking_num_lock_blocks(nettype);
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
if (block_height < expiry_height)
return false;
// NOTE: Node preserves its position in list if it reregisters during grace period.
registered_during_grace_period = true;
info.last_reward_block_height = old_info.last_reward_block_height;
info.last_reward_transaction_index = old_info.last_reward_transaction_index;
}
else
{
return false;
}
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
if (my_keys && my_keys->pub == key)
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
{
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
if (registered_during_grace_period)
{
MGINFO_GREEN("Service node re-registered (yours): " << key << " at block height: " << block_height);
}
else
{
MGINFO_GREEN("Service node registered (yours): " << key << " at block height: " << block_height);
}
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
}
else
{
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
LOG_PRINT_L1("New service node registered: " << key << " at block height: " << block_height);
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
}
Service Nodes Improve Reliability & Feedback (#262) * If unable to receive own uptime proof, switch to more granular pinging * Uptime proof simpler solution to repeatedly ping on failure
2018-09-27 10:31:08 +02:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
service_nodes_infos[key] = std::move(info_ptr);
new and improved contribution system
2018-08-06 15:08:44 +02:00
return true;
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
bool service_node_list::state_t::process_contribution_tx(cryptonote::network_type nettype, const cryptonote::block &block, const cryptonote::transaction& tx, uint32_t index)
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint64_t const block_height = cryptonote::get_block_height(block);
uint8_t const hf_version = block.major_version;
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
staking_components stake = {};
Classify staking transactions in show/export_transfers
2019-11-25 03:50:22 +01:00
if (!tx_get_staking_components_and_amounts(nettype, hf_version, tx, block_height, &stake))
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Loki: Fix tests and bugs introduced in merging
2020-05-22 08:32:42 +02:00
if (stake.service_node_pubkey)
LOG_PRINT_L1("TX: Could not decode contribution for service node: " << stake.service_node_pubkey << " on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
auto iter = service_nodes_infos.find(stake.service_node_pubkey);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (iter == service_nodes_infos.end())
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
LOG_PRINT_L1("TX: Contribution received for service node: "
<< stake.service_node_pubkey << ", but could not be found in the service node list on height: "
<< block_height << " for tx: " << cryptonote::get_transaction_hash(tx)
<< "\n"
"This could mean that the service node was deregistered before the contribution was processed.");
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
const service_node_info& curinfo = *iter->second;
if (curinfo.is_fully_funded())
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
LOG_PRINT_L1("TX: Service node: " << stake.service_node_pubkey
<< " is already fully funded, but contribution received on height: "
<< block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
if (!cryptonote::get_tx_secret_key_from_tx_extra(tx.extra, stake.tx_key))
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Add support for Loki Name Service on the backend
2019-11-01 01:58:48 +01:00
LOG_PRINT_L1("TX: Failed to get tx secret key from contribution received on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
auto &contributors = curinfo.contributors;
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
const size_t existing_contributions = curinfo.total_num_locked_contributions();
size_t other_reservations = 0; // Number of spots that must be left open, *not* counting this contributor (if they have a reserved spot)
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
bool new_contributor = true;
size_t contributor_position = 0;
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
uint64_t contr_unfilled_reserved = 0;
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
for (size_t i = 0; i < contributors.size(); i++)
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
{
const auto& c = contributors[i];
if (c.address == stake.address)
{
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
contributor_position = i;
new_contributor = false;
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
if (c.amount < c.reserved)
contr_unfilled_reserved = c.reserved - c.amount;
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
}
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
else if (c.amount < c.reserved)
other_reservations++;
}
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (hf_version >= cryptonote::network_version_16_pulse && stake.locked_contributions.size() != 1)
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
{
// Nothing has ever created stake txes with multiple stake outputs, but we start enforcing
// that in HF16.
LOG_PRINT_L1("Ignoring staking tx: multi-output stakes are not permitted as of HF16");
return false;
}
allow less than 25% staking with large existing contributions (#339) * allow less than 25% staking with large existing contributions * remove readline depencency in wallet2
2019-01-22 00:44:30 +01:00
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
// Check node contributor counts
service node list: changed contributor map to vector
2018-08-07 05:21:56 +02:00
{
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
bool too_many_contributions = false;
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (hf_version >= cryptonote::network_version_16_pulse)
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
// Before HF16 we didn't properly take into account unfilled reservation spots
too_many_contributions = existing_contributions + other_reservations + 1 > MAX_NUMBER_OF_CONTRIBUTORS;
else if (hf_version >= cryptonote::network_version_11_infinite_staking)
// As of HF11 we allow up to 4 stakes total (except for the loophole closed above)
too_many_contributions = existing_contributions + stake.locked_contributions.size() > MAX_NUMBER_OF_CONTRIBUTORS;
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
else
// Before HF11 we allowed up to 4 contributors, but each can contribute multiple times
too_many_contributions = new_contributor && contributors.size() >= MAX_NUMBER_OF_CONTRIBUTORS;
if (too_many_contributions)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
LOG_PRINT_L1("TX: Already hit the max number of contributions: "
<< MAX_NUMBER_OF_CONTRIBUTORS
<< " for contributor: " << cryptonote::get_account_address_as_str(nettype, false, stake.address)
<< " on height: " << block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
return false;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
}
// Check that the contribution is large enough
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
uint64_t min_contribution;
if (!new_contributor && hf_version < cryptonote::network_version_11_infinite_staking)
{ // Follow-up contributions from an existing contributor could be any size before HF11
min_contribution = 1;
}
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
else if (hf_version < cryptonote::network_version_16_pulse)
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
{
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
// The implementation before HF16 was a bit broken w.r.t. properly handling reserved amounts
min_contribution = get_min_node_contribution(hf_version, curinfo.staking_requirement, curinfo.total_reserved, existing_contributions);
}
else // HF16+:
{
if (contr_unfilled_reserved > 0)
// We've got a reserved spot: require that it be filled in one go. (Reservation contribution rules are already enforced in the registration).
min_contribution = contr_unfilled_reserved;
else
min_contribution = get_min_node_contribution(hf_version, curinfo.staking_requirement, curinfo.total_reserved, existing_contributions + other_reservations);
}
allow less than 25% staking with large existing contributions (#339) * allow less than 25% staking with large existing contributions * remove readline depencency in wallet2
2019-01-22 00:44:30 +01:00
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
if (stake.transferred < min_contribution)
{
LOG_PRINT_L1("TX: Amount " << stake.transferred << " did not meet min " << min_contribution
<< " for service node: " << stake.service_node_pubkey << " on height: "
<< block_height << " for tx: " << cryptonote::get_transaction_hash(tx));
return false;
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
// Check that the contribution isn't too large. Subtract contr_unfilled_reserved because we want to
// calculate this using only the total reserved amounts of *other* contributors but not our own.
if (auto max = get_max_node_contribution(hf_version, curinfo.staking_requirement, curinfo.total_reserved - contr_unfilled_reserved);
stake.transferred > max)
Add overstaking prevention (#1210) This prevents staking transactions from being accepted if they overstake the available contribution room by more than 1%. This is to prevent a case that has happened a few times where there are competing partial stakes submitted for the same SN at the same time (i.e. before a block gets mined with the stakes). For example: - Operator registers service node with 30% contribution - Staker 1 submits stake with 40% contribution - Staker 2 submits stake with 60% contribution The wallet avoids stake 2 if the 40% has been accepted into a block, but doesn't if it is still in the mempool. Later, when the contributions get mined, both stakes are admitted because whichever one goes first doesn't complete the stake, and the second one is still valid (since there is a spot, and since it contributes >= the required amount). Whichever stake gets added to a block second, however, will only be counted as a contribution of the available amount. So, for example, if stake 1 gets added first and then stake 2 gets added you'll end up with an active service node of: - operator has 30% contributed and locked - staker 1 has 40% contributed and locked - staker 2 has 30% contributed but 60% locked. This commit adds an upper bound for an acceptable stake that is 101% of the available contribution room so that, in the above situation, whichever stake gets added first will be a contribution and the second one will fall through as an ordinary transaction back to the staker's wallet so that the staker the re-contribute the proper amount.
2020-08-03 02:10:40 +02:00
{
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
MINFO("TX: Amount " << stake.transferred << " is too large (max " << max << "). This is probably a result of competing stakes.");
Add overstaking prevention (#1210) This prevents staking transactions from being accepted if they overstake the available contribution room by more than 1%. This is to prevent a case that has happened a few times where there are competing partial stakes submitted for the same SN at the same time (i.e. before a block gets mined with the stakes). For example: - Operator registers service node with 30% contribution - Staker 1 submits stake with 40% contribution - Staker 2 submits stake with 60% contribution The wallet avoids stake 2 if the 40% has been accepted into a block, but doesn't if it is still in the mempool. Later, when the contributions get mined, both stakes are admitted because whichever one goes first doesn't complete the stake, and the second one is still valid (since there is a spot, and since it contributes >= the required amount). Whichever stake gets added to a block second, however, will only be counted as a contribution of the available amount. So, for example, if stake 1 gets added first and then stake 2 gets added you'll end up with an active service node of: - operator has 30% contributed and locked - staker 1 has 40% contributed and locked - staker 2 has 30% contributed but 60% locked. This commit adds an upper bound for an acceptable stake that is 101% of the available contribution room so that, in the above situation, whichever stake gets added first will be a contribution and the second one will fall through as an ordinary transaction back to the staker's wallet so that the staker the re-contribute the proper amount.
2020-08-03 02:10:40 +02:00
return false;
}
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
//
// Successfully Validated
//
auto &info = duplicate_info(iter->second);
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
if (new_contributor)
{
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
contributor_position = info.contributors.size();
Service node contribution fixes (#1215) This fixes a few issues surrounding required contributions: - #1210 broke reserved registrations (including the operator stake) because it wasn't properly recognizing a contribution into a reserved slot. - As part of the above, the overstaking protection now applies to the reserved amount + any free contribution room. (So, if you have a reserved spot of 8000 and there is 2000 free, but someone else fills 1000 of it before your stake gets mined, any stake above 9090 (9000 + 1%) will fall through without being locked up. - The required contribution calculation was only taking into account contributions but not unfilled, reserved contributions (issue #1137). This fixes it to count unfilled, reserved spots as contributions for the purposes of calculating the minimum contribution. This is applied in the wallet immediately, but for the chain it is not enforced until HF16. - Eliminates some potential edge cases if a stake contains multiple stake outputs. The wallet won't generate these, but they are allowed on chain and could result in an incompletely staked service node with no contributor slots remaining. The minimum contribution math effectively assumes a single output for calculating the minimum contribution (but if we have multiple outputs we would chew up two slots). Disallow such stakes entirely beginning in HF16. - Operator stake included in the registration tx had some weird edge cases. The wallet wouldn't produce these, but they should be disallowed at the blockchain level: - multi-output stakes were allowed (as above). - the registration stake only had to be >= 25%, even if the operator reserved a larger amount. - the registration stake could be for someone *other* than the operator. Beginning in HF16 the stake included in the registration must be >= the operator-reserved amount, and must be staked by the operator wallet, and must be a single output.
2020-08-07 08:37:01 +02:00
info.contributors.emplace_back().address = stake.address;
service node list: changed contributor map to vector
2018-08-07 05:21:56 +02:00
}
Delay SN info duplication This required a bit of reworking - without the duplication we only have a const iterator so can't reuse it later for a non-const iterator, so store the found contributor by index instead.
2019-10-08 06:18:28 +02:00
service_node_info::contributor_t& contributor = info.contributors[contributor_position];
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
new and improved contribution system
2018-08-06 15:08:44 +02:00
// In this action, we cannot
// increase total_reserved so much that it is >= staking_requirement
uint64_t can_increase_reserved_by = info.staking_requirement - info.total_reserved;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
uint64_t max_amount = contributor.reserved + can_increase_reserved_by;
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
stake.transferred = std::min(max_amount - contributor.amount, stake.transferred);
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
contributor.amount += stake.transferred;
info.total_contributed += stake.transferred;
new and improved contribution system
2018-08-06 15:08:44 +02:00
if (contributor.amount > contributor.reserved)
{
info.total_reserved += contributor.amount - contributor.reserved;
contributor.reserved = contributor.amount;
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
info.last_reward_block_height = block_height;
info.last_reward_transaction_index = index;
Update version naming for infinite staking
2019-02-25 08:05:20 +01:00
if (hf_version >= cryptonote::network_version_11_infinite_staking)
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
for (const auto &contribution : stake.locked_contributions)
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
contributor.locked_contributions.push_back(contribution);
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
get_contribution -> tx_get_staking_components and make public
2019-11-25 01:03:59 +01:00
LOG_PRINT_L1("Contribution of " << stake.transferred << " received for service node " << stake.service_node_pubkey);
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
if (info.is_fully_funded()) {
info.active_since_height = block_height;
return true;
}
return false;
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
static std::string dump_pulse_block_data(cryptonote::block const &block, service_nodes::quorum const *quorum)
{
std::stringstream stream;
Pulse: Rename participation to validator_bitset
2020-08-05 09:32:18 +02:00
std::bitset<8 * sizeof(block.pulse.validator_bitset)> const validator_bitset = block.pulse.validator_bitset;
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
stream << "Block(" << cryptonote::get_block_height(block) << "): " << cryptonote::get_block_hash(block) << "\n";
stream << "Leader: ";
Update oxenmq to latest oxen-mq+oxen-encoding All the encoding parts move to oxen-encoding recently; this updates to the latest version of oxen-mq, adds oxen-encoding, and converts everything to use oxenc headers rather than the oxenmq compatibility shims.
2022-02-10 19:25:55 +01:00
if (quorum) stream << (quorum->workers.empty() ? "(invalid leader)" : oxenc::to_hex(tools::view_guts(quorum->workers[0]))) << "\n";
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
else stream << "(invalid quorum)\n";
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
stream << "Round: " << +block.pulse.round << "\n";
Pulse: Rename participation to validator_bitset
2020-08-05 09:32:18 +02:00
stream << "Validator Bitset: " << validator_bitset << "\n";
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
stream << "Signatures: ";
Pulse: DRY quorum signature verification - By merging the quorum verification with pre-existing checkpointing code, checkpoints votes are currently being sorted by the vote index order. This was also enforced on the pulse signatures.
2020-06-25 05:55:24 +02:00
if (block.signatures.empty()) stream << "(none)";
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
for (service_nodes::quorum_signature const &entry : block.signatures)
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
{
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
stream << "\n";
stream << " [" << +entry.voter_index << "] validator: ";
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
if (quorum)
{
Update oxenmq to latest oxen-mq+oxen-encoding All the encoding parts move to oxen-encoding recently; this updates to the latest version of oxen-mq, adds oxen-encoding, and converts everything to use oxenc headers rather than the oxenmq compatibility shims.
2022-02-10 19:25:55 +01:00
stream << ((entry.voter_index >= quorum->validators.size()) ? "(invalid quorum index)" : oxenc::to_hex(tools::view_guts(quorum->validators[entry.voter_index])));
stream << ", signature: " << oxenc::to_hex(tools::view_guts(entry.signature));
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
}
else stream << "(invalid quorum)";
}
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
return stream.str();
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
static bool verify_block_components(cryptonote::network_type nettype,
cryptonote::block const &block,
bool miner_block,
bool alt_block,
bool log_errors,
pulse::timings &timings,
std::shared_ptr<const quorum> pulse_quorum,
std::vector<std::shared_ptr<const quorum>> &alt_pulse_quorums)
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
std::string_view block_type = alt_block ? "alt block "sv : "block "sv;
uint64_t height = cryptonote::get_block_height(block);
crypto::hash hash = cryptonote::get_block_hash(block);
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (miner_block)
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
{
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
Pulse: Don't verify PoW for Pulse Blocks
2020-08-20 04:02:26 +02:00
if (cryptonote::block_has_pulse_components(block))
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (log_errors) MGINFO("Pulse " << block_type << "received but only miner blocks are permitted\n" << dump_pulse_block_data(block, pulse_quorum.get()));
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
return false;
}
blockchain: set verification failed in subsystem, check validator bit masks
2020-06-23 04:35:30 +02:00
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
if (block.pulse.round != 0)
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (log_errors) MGINFO("Miner " << block_type << "given but unexpectedly set round " << block.pulse.round << " on height " << height);
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
return false;
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
}
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
if (block.pulse.validator_bitset != 0)
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
{
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
std::bitset<8 * sizeof(block.pulse.validator_bitset)> const bitset = block.pulse.validator_bitset;
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (log_errors) MGINFO("Miner " << block_type << "block given but unexpectedly set validator bitset " << bitset << " on height " << height);
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
return false;
}
if (block.signatures.size())
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (log_errors) MGINFO("Miner " << block_type << "block given but unexpectedly has " << block.signatures.size() << " signatures on height " << height);
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
return false;
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
return true;
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
}
else
{
Pulse: Don't verify PoW for Pulse Blocks
2020-08-20 04:02:26 +02:00
if (!cryptonote::block_has_pulse_components(block))
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (log_errors) MGINFO("Miner " << block_type << "received but only pulse blocks are permitted\n" << dump_pulse_block_data(block, pulse_quorum.get()));
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
return false;
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
// TODO(doyle): Core tests need to generate coherent timestamps with
// Pulse. So we relax the rules here for now.
if (nettype != cryptonote::FAKECHAIN)
Pulse: Check block timestamp conforms to round
2020-08-25 09:41:03 +02:00
{
auto round_begin_timestamp = timings.r0_timestamp + (block.pulse.round * PULSE_ROUND_TIME);
auto round_end_timestamp = round_begin_timestamp + PULSE_ROUND_TIME;
uint64_t begin_time = tools::to_seconds(round_begin_timestamp.time_since_epoch());
uint64_t end_time = tools::to_seconds(round_end_timestamp.time_since_epoch());
if (!(block.timestamp >= begin_time && block.timestamp <= end_time))
{
std::string time = tools::get_human_readable_timestamp(block.timestamp);
std::string begin = tools::get_human_readable_timestamp(begin_time);
std::string end = tools::get_human_readable_timestamp(end_time);
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (log_errors) MGINFO("Pulse " << block_type << "with round " << +block.pulse.round << " specifies timestamp " << time << " is not within an acceptable range of time [" << begin << ", " << end << "]");
Pulse: Check block timestamp conforms to round
2020-08-25 09:41:03 +02:00
return false;
}
}
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
if (block.nonce != 0)
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (log_errors) MGINFO("Pulse " << block_type << "specified a nonce when quorum block generation is available, nonce: " << block.nonce);
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
return false;
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
bool quorum_verified = false;
if (alt_block)
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
// NOTE: Check main pulse quorum. It might not necessarily exist because
// the alt-block's chain could be in any arbitrary state.
bool failed_quorum_verify = true;
if (pulse_quorum)
{
Pulse: Add more logging for when quorum signatures fail
2020-09-27 09:00:06 +02:00
LOG_PRINT_L1("Verifying alt-block " << height << ":" << hash << " against main chain quorum");
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
failed_quorum_verify = service_nodes::verify_quorum_signatures(*pulse_quorum,
quorum_type::pulse,
block.major_version,
height,
hash,
block.signatures,
Target macos 10.12 When targetting macos <10.14 macos won't allow use of anything from C++17 that throws, such as: - std::get on a variant - std::visit - std::optional::value() - std::any_cast This avoids all of these. For std::get, we either replace with std::get_if (where appropriate), or else use a `var::get` implementation of std::get added to lokimq (also updated here). (This `var` namespace is just an `std` alias everywhere *except* old target macos). For std::visit, likewise lokimq adds an var::visit implementation for old macos that we use. std::optional::value() uses weren't useful anyway as everywhere it calls them we've already checked that the option has a value, in which case we can use `*opt` (which doesn't check for contents and throw). std::any just has to be avoided as far as I can tell, but the one place we used it is only ever a block, so I just replaced it with a `const block*`.
2020-10-16 00:44:36 +02:00
&block) == false;
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
}
// NOTE: Check alt pulse quorums
if (failed_quorum_verify)
{
Pulse: Add more logging for when quorum signatures fail
2020-09-27 09:00:06 +02:00
LOG_PRINT_L1("Verifying alt-block " << height << ":" << hash << " against alt chain quorum(s)");
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
for (auto const &alt_quorum : alt_pulse_quorums)
{
if (service_nodes::verify_quorum_signatures(*alt_quorum,
quorum_type::pulse,
block.major_version,
height,
hash,
block.signatures,
Target macos 10.12 When targetting macos <10.14 macos won't allow use of anything from C++17 that throws, such as: - std::get on a variant - std::visit - std::optional::value() - std::any_cast This avoids all of these. For std::get, we either replace with std::get_if (where appropriate), or else use a `var::get` implementation of std::get added to lokimq (also updated here). (This `var` namespace is just an `std` alias everywhere *except* old target macos). For std::visit, likewise lokimq adds an var::visit implementation for old macos that we use. std::optional::value() uses weren't useful anyway as everywhere it calls them we've already checked that the option has a value, in which case we can use `*opt` (which doesn't check for contents and throw). std::any just has to be avoided as far as I can tell, but the one place we used it is only ever a block, so I just replaced it with a `const block*`.
2020-10-16 00:44:36 +02:00
&block))
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
{
failed_quorum_verify = false;
break;
}
}
}
quorum_verified = !failed_quorum_verify;
}
else
{
// NOTE: We only accept insufficient node for Pulse if we're on an alt
// block (that chain would be in any arbitrary state, we could be
// completely isolated from the correct network for example).
bool insufficient_nodes_for_pulse = pulse_quorum == nullptr;
if (insufficient_nodes_for_pulse)
{
if (log_errors) MGINFO("Pulse " << block_type << "specified but no quorum available " << dump_pulse_block_data(block, pulse_quorum.get()));
return false;
}
quorum_verified = service_nodes::verify_quorum_signatures(*pulse_quorum,
quorum_type::pulse,
block.major_version,
cryptonote::get_block_height(block),
cryptonote::get_block_hash(block),
block.signatures,
Target macos 10.12 When targetting macos <10.14 macos won't allow use of anything from C++17 that throws, such as: - std::get on a variant - std::visit - std::optional::value() - std::any_cast This avoids all of these. For std::get, we either replace with std::get_if (where appropriate), or else use a `var::get` implementation of std::get added to lokimq (also updated here). (This `var` namespace is just an `std` alias everywhere *except* old target macos). For std::visit, likewise lokimq adds an var::visit implementation for old macos that we use. std::optional::value() uses weren't useful anyway as everywhere it calls them we've already checked that the option has a value, in which case we can use `*opt` (which doesn't check for contents and throw). std::any just has to be avoided as far as I can tell, but the one place we used it is only ever a block, so I just replaced it with a `const block*`.
2020-10-16 00:44:36 +02:00
&block);
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
}
sn_list: Reduce overzealous pulse block checks - We already check these invariants, so convert them to asserts incase the checks are ever removed from verify_quorum_signatures
2020-08-25 08:54:29 +02:00
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (quorum_verified)
{
// NOTE: These invariants are already checked in verify_quorum_signatures
Pulse: Add more logging for when quorum signatures fail
2020-09-27 09:00:06 +02:00
if (alt_block)
LOG_PRINT_L1("Alt-block " << height << ":" << hash << " verified successfully");
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
assert(block.pulse.validator_bitset != 0);
assert(block.pulse.validator_bitset < (1 << PULSE_QUORUM_NUM_VALIDATORS));
assert(block.signatures.size() == service_nodes::PULSE_BLOCK_REQUIRED_SIGNATURES);
}
else
{
if (log_errors)
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
MGINFO("Pulse " << block_type << "failed quorum verification\n" << dump_pulse_block_data(block, pulse_quorum.get()));
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
}
return quorum_verified;
Pulse: Verify incoming pulse blocks
2020-06-17 06:51:05 +02:00
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
}
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
static bool find_block_in_db(cryptonote::BlockchainDB const &db, crypto::hash const &hash, cryptonote::block &block)
{
try
{
block = db.get_block(hash);
}
catch(std::exception const &e)
{
// ignore not found block, try alt db
blockchain: Log more useful data
2020-09-27 08:38:19 +02:00
LOG_PRINT_L1("Block " << hash << " not found in main DB, searching alt DB");
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
cryptonote::alt_block_data_t alt_data;
cryptonote::blobdata blob;
if (!db.get_alt_block(hash, &alt_data, &blob, nullptr))
{
MERROR("Failed to find block " << hash);
return false;
}
if (!cryptonote::parse_and_validate_block_from_blob(blob, block, nullptr))
blockchain: Log more useful data
2020-09-27 08:38:19 +02:00
{
MERROR("Failed to parse alt block blob at " << alt_data.height << ":" << hash);
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
return false;
blockchain: Log more useful data
2020-09-27 08:38:19 +02:00
}
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
}
return true;
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
bool service_node_list::verify_block(const cryptonote::block &block, bool alt_block, cryptonote::checkpoint_t const *checkpoint)
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
{
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
if (block.major_version < cryptonote::network_version_9_service_nodes)
return true;
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
std::string_view block_type = alt_block ? "alt block "sv : "block "sv;
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
//
// NOTE: Verify the checkpoint given on this height that locks in a block in the past.
//
Don't verify checkpoints until after HF13 (#834)
2019-09-13 05:13:40 +02:00
if (block.major_version >= cryptonote::network_version_13_enforce_checkpoints && checkpoint)
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
std::vector<std::shared_ptr<const service_nodes::quorum>> alt_quorums;
std::shared_ptr<const quorum> quorum = get_quorum(quorum_type::checkpointing, checkpoint->height, false, alt_block ? &alt_quorums : nullptr);
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
if (!quorum)
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
MGINFO("Failed to get testing quorum checkpoint for " << block_type << cryptonote::get_block_hash(block));
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
return false;
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
bool failed_checkpoint_verify = !service_nodes::verify_checkpoint(block.major_version, *checkpoint, *quorum);
if (alt_block && failed_checkpoint_verify)
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
for (std::shared_ptr<const service_nodes::quorum> alt_quorum : alt_quorums)
{
if (service_nodes::verify_checkpoint(block.major_version, *checkpoint, *alt_quorum))
{
failed_checkpoint_verify = false;
break;
}
}
}
if (failed_checkpoint_verify)
{
MGINFO("Service node checkpoint failed verification for " << block_type << cryptonote::get_block_hash(block));
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
return false;
}
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
//
// NOTE: Get Pulse Block Timing Information
//
pulse::timings timings = {};
uint64_t height = cryptonote::get_block_height(block);
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (block.major_version >= cryptonote::network_version_16_pulse)
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
{
Pulse: get_round_timings needs to work with alt blocks - Make it stop relying on the block and instead the user must pass in the correct information
2020-09-09 09:04:25 +02:00
uint64_t prev_timestamp = 0;
if (alt_block)
{
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
cryptonote::block prev_block;
if (!find_block_in_db(m_blockchain.get_db(), block.prev_id, prev_block))
Pulse: get_round_timings needs to work with alt blocks - Make it stop relying on the block and instead the user must pass in the correct information
2020-09-09 09:04:25 +02:00
{
MGINFO("Alt block " << cryptonote::get_block_hash(block) << " references previous block " << block.prev_id << " not available in DB.");
return false;
}
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
prev_timestamp = prev_block.timestamp;
Pulse: get_round_timings needs to work with alt blocks - Make it stop relying on the block and instead the user must pass in the correct information
2020-09-09 09:04:25 +02:00
}
else
{
uint64_t prev_height = height - 1;
prev_timestamp = m_blockchain.get_db().get_block_timestamp(prev_height);
}
if (!pulse::get_round_timings(m_blockchain, height, prev_timestamp, timings))
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
MGINFO("Failed to query the block data for Pulse timings to validate incoming " << block_type << "at height " << height);
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
return false;
}
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
//
// NOTE: Load Pulse Quorums
//
std::shared_ptr<const quorum> pulse_quorum;
std::vector<std::shared_ptr<const quorum>> alt_pulse_quorums;
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
bool pulse_hf = block.major_version >= cryptonote::network_version_16_pulse;
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
if (pulse_hf)
{
pulse_quorum = get_quorum(quorum_type::pulse,
height,
false /*include historical quorums*/,
alt_block ? &alt_pulse_quorums : nullptr);
}
if (m_blockchain.nettype() != cryptonote::FAKECHAIN)
{
// TODO(doyle): Core tests don't generate proper timestamps for detecting
// timeout yet. So we don't do a timeout check and assume all blocks
// incoming from Pulse are valid if they have the correct signatures
// (despite timestamp being potentially wrong).
if (pulse::time_point(std::chrono::seconds(block.timestamp)) >= timings.miner_fallback_timestamp)
pulse_quorum = nullptr;
}
//
// NOTE: Verify Block
//
bool result = false;
if (alt_block)
{
// NOTE: Verify as a pulse block first if possible, then as a miner block.
// This alt block could belong to a chain that is in an arbitrary state.
if (pulse_hf)
result = verify_block_components(m_blockchain.nettype(), block, false /*miner_block*/, true /*alt_block*/, false /*log_errors*/, timings, pulse_quorum, alt_pulse_quorums);
if (!result)
result = verify_block_components(m_blockchain.nettype(), block, true /*miner_block*/, true /*alt_block*/, false /*log_errors*/, timings, pulse_quorum, alt_pulse_quorums);
}
else
{
// NOTE: No pulse quorums are generated when the network has insufficient nodes to generate quorums
// Or, block specifies time after all the rounds have timed out
bool miner_block = !pulse_hf || !pulse_quorum;
result = verify_block_components(m_blockchain.nettype(),
block,
miner_block,
false /*alt_block*/,
true /*log_errors*/,
timings,
pulse_quorum,
alt_pulse_quorums);
}
return result;
}
bool service_node_list::block_added(const cryptonote::block& block, const std::vector<cryptonote::transaction>& txs, cryptonote::checkpoint_t const *checkpoint)
{
if (block.major_version < cryptonote::network_version_9_service_nodes)
return true;
std::lock_guard lock(m_sn_mutex);
process_block(block, txs);
Pulse: Record Pulse participation globally on network - Instead of the Pulse quorums validators recording participation between each other- so failures may not manifest in a decommission until the several common nodes align and agree to vote off the node. Voting now occurs when blocks arrives, validators participating in the generation of the block are marked. This is shared information between all nodes syncing the chain so decommissions are more readily agreeable and acted upon in the Obligation quorums immediately.
2020-09-22 08:18:13 +02:00
bool result = verify_block(block, false /*alt_block*/, checkpoint);
if (result && cryptonote::block_has_pulse_components(block))
{
Pulse: Record participation uniquely (#1283) - Avoid situations where rescanning/syncing the chain pre records the node participation when it may not be relevant anymore (i.e. someone restarting their node would re-record historical non-participation in blocks and prime them for re-voting off a particular node).
2020-09-26 05:51:50 +02:00
// NOTE: Only record participation if its a block we recently received.
// Otherwise processing blocks in retrospect/re-loading on restart seeds
// in old-data.
Pulse: Record Pulse participation globally on network - Instead of the Pulse quorums validators recording participation between each other- so failures may not manifest in a decommission until the several common nodes align and agree to vote off the node. Voting now occurs when blocks arrives, validators participating in the generation of the block are marked. This is shared information between all nodes syncing the chain so decommissions are more readily agreeable and acted upon in the Obligation quorums immediately.
2020-09-22 08:18:13 +02:00
uint64_t const block_height = cryptonote::get_block_height(block);
Pulse: Record participation uniquely (#1283) - Avoid situations where rescanning/syncing the chain pre records the node participation when it may not be relevant anymore (i.e. someone restarting their node would re-record historical non-participation in blocks and prime them for re-voting off a particular node).
2020-09-26 05:51:50 +02:00
bool newest_block = m_blockchain.get_current_blockchain_height() == (block_height + 1);
Pulse: Record Pulse participation globally on network - Instead of the Pulse quorums validators recording participation between each other- so failures may not manifest in a decommission until the several common nodes align and agree to vote off the node. Voting now occurs when blocks arrives, validators participating in the generation of the block are marked. This is shared information between all nodes syncing the chain so decommissions are more readily agreeable and acted upon in the Obligation quorums immediately.
2020-09-22 08:18:13 +02:00
Pulse: Record participation uniquely (#1283) - Avoid situations where rescanning/syncing the chain pre records the node participation when it may not be relevant anymore (i.e. someone restarting their node would re-record historical non-participation in blocks and prime them for re-voting off a particular node).
2020-09-26 05:51:50 +02:00
auto now = pulse::clock::now().time_since_epoch();
auto earliest_time = std::chrono::seconds(block.timestamp) - TARGET_BLOCK_TIME;
auto latest_time = std::chrono::seconds(block.timestamp) + TARGET_BLOCK_TIME;
if (newest_block && (now >= earliest_time && now <= latest_time))
Pulse: Record Pulse participation globally on network - Instead of the Pulse quorums validators recording participation between each other- so failures may not manifest in a decommission until the several common nodes align and agree to vote off the node. Voting now occurs when blocks arrives, validators participating in the generation of the block are marked. This is shared information between all nodes syncing the chain so decommissions are more readily agreeable and acted upon in the Obligation quorums immediately.
2020-09-22 08:18:13 +02:00
{
Pulse: Record participation uniquely (#1283) - Avoid situations where rescanning/syncing the chain pre records the node participation when it may not be relevant anymore (i.e. someone restarting their node would re-record historical non-participation in blocks and prime them for re-voting off a particular node).
2020-09-26 05:51:50 +02:00
std::shared_ptr<const quorum> quorum = get_quorum(quorum_type::pulse, block_height, false, nullptr);
if (!quorum || quorum->validators.empty())
{
Increase various potentially fatal error log levels MERROR doesn't come through at default low-logging level so promote them to MFATAL so it's more obvious where things are failing when they fail.
2021-04-20 05:16:20 +02:00
MFATAL("Unexpected Pulse error " << (quorum ? " quorum was not generated" : " quorum was empty"));
Pulse: Record participation uniquely (#1283) - Avoid situations where rescanning/syncing the chain pre records the node participation when it may not be relevant anymore (i.e. someone restarting their node would re-record historical non-participation in blocks and prime them for re-voting off a particular node).
2020-09-26 05:51:50 +02:00
return false;
}
for (size_t validator_index = 0; validator_index < service_nodes::PULSE_QUORUM_NUM_VALIDATORS; validator_index++)
{
uint16_t bit = 1 << validator_index;
bool participated = block.pulse.validator_bitset & bit;
record_pulse_participation(quorum->validators[validator_index], block_height, block.pulse.round, participated);
}
Pulse: Record Pulse participation globally on network - Instead of the Pulse quorums validators recording participation between each other- so failures may not manifest in a decommission until the several common nodes align and agree to vote off the node. Voting now occurs when blocks arrives, validators participating in the generation of the block are marked. This is shared information between all nodes syncing the chain so decommissions are more readily agreeable and acted upon in the Obligation quorums immediately.
2020-09-22 08:18:13 +02:00
}
}
return result;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
bool service_node_list::process_batching_rewards(const cryptonote::block& block)
{
return m_blockchain.sqlite_db()->add_block(block, m_state);
}
bool service_node_list::pop_batching_rewards_block(const cryptonote::block& block)
{
return m_blockchain.sqlite_db()->pop_block(block, m_state);
}
Pulse: Pass std::seed_seq to mt19937_64
2020-06-17 02:57:46 +02:00
static std::mt19937_64 quorum_rng(uint8_t hf_version, crypto::hash const &hash, quorum_type type)
SN: Rewrite Blink quorum generate to avoid mutating list Avoid changing the list which may affect future quorum_types (i.e. Pulse) using a list that has been modified prior by calculating the Blink quorum.
2020-06-11 05:59:32 +02:00
{
Pulse: Pass std::seed_seq to mt19937_64
2020-06-17 02:57:46 +02:00
std::mt19937_64 result;
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (hf_version >= cryptonote::network_version_16_pulse)
Pulse: Generate quorum_rng_seed with std::seed_seq
2020-06-16 09:33:25 +02:00
{
std::array<uint32_t, (sizeof(hash) / sizeof(uint32_t)) + 1> src = {static_cast<uint32_t>(type)};
std::memcpy(&src[1], &hash, sizeof(hash));
for (uint32_t &val : src) boost::endian::little_to_native_inplace(val);
std::seed_seq sequence(src.begin(), src.end());
Pulse: Pass std::seed_seq to mt19937_64
2020-06-17 02:57:46 +02:00
result.seed(sequence);
Pulse: Generate quorum_rng_seed with std::seed_seq
2020-06-16 09:33:25 +02:00
}
else
{
Pulse: Pass std::seed_seq to mt19937_64
2020-06-17 02:57:46 +02:00
uint64_t seed = 0;
std::memcpy(&seed, hash.data, sizeof(seed));
boost::endian::little_to_native_inplace(seed);
seed += static_cast<uint64_t>(type);
result.seed(seed);
Pulse: Generate quorum_rng_seed with std::seed_seq
2020-06-16 09:33:25 +02:00
}
SN: Rewrite Blink quorum generate to avoid mutating list Avoid changing the list which may affect future quorum_types (i.e. Pulse) using a list that has been modified prior by calculating the Blink quorum.
2020-06-11 05:59:32 +02:00
return result;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
static std::vector<size_t> generate_shuffled_service_node_index_list(
Pulse: Generate quorum_rng_seed with std::seed_seq
2020-06-16 09:33:25 +02:00
uint8_t hf_version,
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
size_t list_size,
crypto::hash const &block_hash,
quorum_type type,
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
size_t sublist_size = 0,
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
size_t sublist_up_to = 0)
{
std::vector<size_t> result(list_size);
std::iota(result.begin(), result.end(), 0);
Pulse: Pass std::seed_seq to mt19937_64
2020-06-17 02:57:46 +02:00
std::mt19937_64 rng = quorum_rng(hf_version, block_hash, type);
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
// Shuffle 2
// |=================================|
// | |
// Shuffle 1 |
// |==============| |
// | | | |
// |sublist_size | |
// | | sublist_up_to |
// 0 N Y Z
// [.......................................]
// If we have a list [0,Z) but we need a shuffled sublist of the first N values that only
// includes values from [0,Y) then we do this using two shuffles: first of the [0,Y) sublist,
// then of the [N,Z) sublist (which is already partially shuffled, but that doesn't matter). We
// reuse the same seed for both partial shuffles, but again, that isn't an issue.
if ((0 < sublist_size && sublist_size < list_size) && (0 < sublist_up_to && sublist_up_to < list_size)) {
assert(sublist_size <= sublist_up_to); // Can't select N random items from M items when M < N
service_nodes: Fix regression in RNG not using same seed
2020-08-24 08:06:51 +02:00
auto rng_copy = rng;
Pulse: Pass std::seed_seq to mt19937_64
2020-06-17 02:57:46 +02:00
tools::shuffle_portable(result.begin(), result.begin() + sublist_up_to, rng);
service_nodes: Fix regression in RNG not using same seed
2020-08-24 08:06:51 +02:00
tools::shuffle_portable(result.begin() + sublist_size, result.end(), rng_copy);
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
}
else {
Pulse: Pass std::seed_seq to mt19937_64
2020-06-17 02:57:46 +02:00
tools::shuffle_portable(result.begin(), result.end(), rng);
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
}
return result;
}
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
template <typename It>
static std::vector<crypto::hash> make_pulse_entropy_from_blocks(It begin, It end, uint8_t pulse_round)
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
{
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
std::vector<crypto::hash> result;
result.reserve(std::distance(begin, end));
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
for (auto it = begin; it != end; it++)
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
{
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
cryptonote::block const &block = *it;
crypto::hash hash = {};
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (block.major_version >= cryptonote::network_version_16_pulse &&
Pulse: Check block has pulse components before seeding entropy
2020-09-04 05:51:20 +02:00
cryptonote::block_has_pulse_components(block))
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
{
Code review, keep nonce, remove HF_VERSION.. - Keep none for blocks - Remove HF_VERSION_PULSE and prefer network_version_16 for big features - Keep HF_VERSION_... for smaller feature flags - Add operator< for pulse_sort_key - Avoid erase() in validators gen loop for pulse
2020-06-16 06:59:32 +02:00
std::array<uint8_t, 1 + sizeof(block.pulse.random_value)> src = {pulse_round};
std::copy(std::begin(block.pulse.random_value.data), std::end(block.pulse.random_value.data), src.begin() + 1);
crypto::cn_fast_hash(src.data(), src.size(), hash.data);
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
}
else
{
Code review, keep nonce, remove HF_VERSION.. - Keep none for blocks - Remove HF_VERSION_PULSE and prefer network_version_16 for big features - Keep HF_VERSION_... for smaller feature flags - Add operator< for pulse_sort_key - Avoid erase() in validators gen loop for pulse
2020-06-16 06:59:32 +02:00
crypto::hash block_hash = cryptonote::get_block_hash(block);
std::array<uint8_t, 1 + sizeof(hash)> src = {pulse_round};
std::copy(std::begin(block_hash.data), std::end(block_hash.data), src.begin() + 1);
crypto::cn_fast_hash(src.data(), src.size(), hash.data);
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
}
assert(hash != crypto::null_hash);
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
result.push_back(hash);
}
return result;
}
std::vector<crypto::hash> get_pulse_entropy_for_next_block(cryptonote::BlockchainDB const &db,
cryptonote::block const &top_block,
uint8_t pulse_round)
{
uint64_t const top_height = cryptonote::get_block_height(top_block);
if (top_height < PULSE_QUORUM_ENTROPY_LAG)
{
MERROR("Insufficient blocks to get quorum entropy for Pulse, height is " << top_height << ", we need " << PULSE_QUORUM_ENTROPY_LAG << " blocks.");
return {};
}
uint64_t const start_height = top_height - PULSE_QUORUM_ENTROPY_LAG;
uint64_t const end_height = start_height + PULSE_QUORUM_SIZE;
std::vector<cryptonote::block> blocks;
blocks.reserve(PULSE_QUORUM_SIZE);
// NOTE: Go backwards from the block and retrieve the blocks for entropy.
// We search by block so that this function handles alternatives blocks as
// well as mainchain blocks.
crypto::hash prev_hash = top_block.prev_id;
uint64_t prev_height = top_height;
while (prev_height > start_height)
{
cryptonote::block block;
if (!find_block_in_db(db, prev_hash, block))
{
MERROR("Failed to get quorum entropy for Pulse, block at " << prev_height << prev_hash);
return {};
}
prev_hash = block.prev_id;
if (prev_height >= start_height && prev_height <= end_height)
blocks.push_back(block);
prev_height--;
}
return make_pulse_entropy_from_blocks(blocks.rbegin(), blocks.rend(), pulse_round);
}
std::vector<crypto::hash> get_pulse_entropy_for_next_block(cryptonote::BlockchainDB const &db,
crypto::hash const &top_hash,
uint8_t pulse_round)
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
{
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
cryptonote::block top_block;
if (!find_block_in_db(db, top_hash, top_block))
{
MERROR("Failed to get quorum entropy for Pulse, next block parent " << top_hash);
return {};
}
Pulse: Embed entropy call into generate pulse quorum There's no custom code that relies on it at the moment, merge it together which sets up a simplified way to get different pulse rounds for tests.
2020-07-07 05:25:44 +02:00
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
return get_pulse_entropy_for_next_block(db, top_block, pulse_round);
}
RPC: get latest quorum improvements/fixes This changes the `get_quorum_state` RPC endpoint in two ways: - If requesting a pulse quorum for a height that includes the current height (i.e. top block + 1), this returns the current height, round-0 pulse quorum. - When requesting the latest quorum state (i.e. the no-argument request) you now get back the latest available quorum of each requested type, instead of the quorum for the latest available block. Thus requesting all types will now give you: - the current top-of-the-chain round-0 pulse quorum - the top block obligations quorum (no change) - the top divisible-by-4 block for checkpoint quorums - the top divisible-by-5 block for blink quorums Previously you would just get whatever quorums existing for the top height, which often meant just the one-old pulse quorum + top block obligations quorum, only only checkpoint 25% of the time and blink 20% of the time. - Also updated the RPC comments for GET_QUORUM_STATE, both to reflect the above and to update some parts which were a bit stale.
2020-10-11 02:41:59 +02:00
std::vector<crypto::hash> get_pulse_entropy_for_next_block(cryptonote::BlockchainDB const &db,
uint8_t pulse_round)
{
return get_pulse_entropy_for_next_block(db, db.get_top_block(), pulse_round);
}
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
service_nodes::quorum generate_pulse_quorum(cryptonote::network_type nettype,
crypto::public_key const &block_leader,
uint8_t hf_version,
std::vector<pubkey_and_sninfo> const &active_snode_list,
std::vector<crypto::hash> const &pulse_entropy,
uint8_t pulse_round)
{
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
service_nodes::quorum result = {};
pulse_min_service_nodes: Parameterize with nettype
2020-07-13 05:15:08 +02:00
if (active_snode_list.size() < pulse_min_service_nodes(nettype))
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
{
Pulse: Move verification to block. Add support to core tests. Verification needs to go to the block, not the header to ensure it does not get included in the block hash.
2020-06-18 06:39:44 +02:00
LOG_PRINT_L2("Insufficient active Service Nodes for Pulse: " << active_snode_list.size());
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
return result;
}
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
if (pulse_entropy.size() != PULSE_QUORUM_SIZE)
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
{
Pulse: Move verification to block. Add support to core tests. Verification needs to go to the block, not the header to ensure it does not get included in the block hash.
2020-06-18 06:39:44 +02:00
LOG_PRINT_L2("Blockchain has insufficient blocks to generate Pulse data");
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
return result;
}
std::vector<pubkey_and_sninfo const *> pulse_candidates;
pulse_candidates.reserve(active_snode_list.size());
for (auto &node : active_snode_list)
{
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
if (node.first != block_leader || pulse_round > 0)
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
pulse_candidates.push_back(&node);
}
// NOTE: Sort ascending in height i.e. sort preferring the longest time since the validator was in a Pulse quorum.
Tests: Fix test entropy using wrong height - Entropy is taken from the blockchain height, (i.e. if top block is block 100, then the blockchain height is 101). When the Core Tests is generating a block in the tests, we haven't added the block to the DB yet, so when db.height() is called in the tests, the height returned is 100. Whereas when the Blockchain is receiving a block and on validation, block 100, has been added to the DB already (added to DB, then we do Service Node List validation). So the DB returns a blockchain height of 101. The 2 inconsistencies causes differences in the source entropy for the blockchain. - Begin moving code to allow creating blocks with custom pulse data in tests by introducing loki_create_block_params. The workflow is to get loki_chain_generator to return you the parameters to form the next valid block. The user can modify the parameters to other valid blocks/invalid blocks. - Change the stable sort to a normal sort to avoid requiring the caller side of the API needing to implicitly know that the list given must be sorted lexicographically.
2020-06-19 08:48:10 +02:00
std::sort(
pulse_candidates.begin(), pulse_candidates.end(), [](pubkey_and_sninfo const *a, pubkey_and_sninfo const *b) {
if (a->second->pulse_sorter == b->second->pulse_sorter)
return memcmp(reinterpret_cast<const void *>(&a->first), reinterpret_cast<const void *>(&b->first), sizeof(a->first)) < 0;
return a->second->pulse_sorter < b->second->pulse_sorter;
});
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
crypto::public_key block_producer;
if (pulse_round == 0)
{
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
block_producer = block_leader;
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
}
else
{
std::mt19937_64 rng = quorum_rng(hf_version, pulse_entropy[0], quorum_type::pulse);
size_t producer_index = tools::uniform_distribution_portable(rng, pulse_candidates.size());
block_producer = pulse_candidates[producer_index]->first;
pulse_candidates.erase(pulse_candidates.begin() + producer_index);
}
// NOTE: Order the candidates so the first half nodes in the list is the validators for this round.
// - Divide the list in half, select validators from the first half of the list.
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
// - Swap the chosen validator into the moving first half of the list.
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
auto running_it = pulse_candidates.begin();
size_t const partition_index = (pulse_candidates.size() - 1) / 2;
Pulse: Add edge case for debug 1-2 sized quorums in Pulse
2020-08-02 08:14:20 +02:00
if (partition_index == 0)
{
running_it += service_nodes::PULSE_QUORUM_NUM_VALIDATORS;
}
else
{
for (size_t i = 0; i < service_nodes::PULSE_QUORUM_NUM_VALIDATORS; i++)
{
crypto::hash const &entropy = pulse_entropy[i + 1];
std::mt19937_64 rng = quorum_rng(hf_version, entropy, quorum_type::pulse);
size_t validators_available = std::distance(running_it, pulse_candidates.end());
size_t swap_index = tools::uniform_distribution_portable(rng, std::min(partition_index, validators_available));
std::swap(*running_it, *(running_it + swap_index));
running_it++;
}
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
}
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
result.workers.push_back(block_producer);
result.validators.reserve(PULSE_QUORUM_NUM_VALIDATORS);
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
for (auto it = pulse_candidates.begin(); it != running_it; it++)
{
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
crypto::public_key const &node_key = (*it)->first;
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
result.validators.push_back(node_key);
Pulse: Move pulse quorum gen to separate function generate_pulse_quorum
2020-06-17 07:32:18 +02:00
}
return result;
}
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
static void generate_other_quorums(service_node_list::state_t &state, std::vector<pubkey_and_sninfo> const &active_snode_list, cryptonote::network_type nettype, uint8_t hf_version)
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
{
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
assert(state.block_hash != crypto::null_hash);
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
// The two quorums here have different selection criteria: the entire checkpoint quorum and the
// state change *validators* want only active service nodes, but the state change *workers*
// (i.e. the nodes to be tested) also include decommissioned service nodes. (Prior to v12 there
// are no decommissioned nodes, so this distinction is irrelevant for network concensus).
SN: Rewrite Blink quorum generate to avoid mutating list Avoid changing the list which may affect future quorum_types (i.e. Pulse) using a list that has been modified prior by calculating the Blink quorum.
2020-06-11 05:59:32 +02:00
std::vector<pubkey_and_sninfo> decomm_snode_list;
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
if (hf_version >= cryptonote::network_version_12_checkpointing)
decomm_snode_list = state.decommissioned_service_nodes_infos();
quorum_type const max_quorum_type = max_quorum_type_for_hf(hf_version);
for (int type_int = 0; type_int <= (int)max_quorum_type; type_int++)
{
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
auto type = static_cast<quorum_type>(type_int);
auto quorum = std::make_shared<service_nodes::quorum>();
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
std::vector<size_t> pub_keys_indexes;
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
size_t num_validators = 0;
size_t num_workers = 0;
generate_quorums: Switch to case where switch (cleanup prep for Pulse)
2020-06-11 06:01:23 +02:00
switch(type)
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
{
generate_quorums: Switch to case where switch (cleanup prep for Pulse)
2020-06-11 06:01:23 +02:00
case quorum_type::obligations:
{
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
size_t total_nodes = active_snode_list.size() + decomm_snode_list.size();
num_validators = std::min(active_snode_list.size(), STATE_CHANGE_QUORUM_SIZE);
pub_keys_indexes = generate_shuffled_service_node_index_list(hf_version, total_nodes, state.block_hash, type, num_validators, active_snode_list.size());
state.quorums.obligations = quorum;
size_t num_remaining_nodes = total_nodes - num_validators;
num_workers = std::min(num_remaining_nodes, std::max(STATE_CHANGE_MIN_NODES_TO_TEST, num_remaining_nodes/STATE_CHANGE_NTH_OF_THE_NETWORK_TO_TEST));
}
break;
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
case quorum_type::checkpointing:
{
// Checkpoint quorums only exist every CHECKPOINT_INTERVAL blocks, but the height that gets
// used to generate the quorum (i.e. the `height` variable here) is actually `H -
// REORG_SAFETY_BUFFER_BLOCKS_POST_HF12`, where H is divisible by CHECKPOINT_INTERVAL, but
// REORG_SAFETY_BUFFER_BLOCKS_POST_HF12 is not (it equals 11). Hence the addition here to
// "undo" the lag before checking to see if we're on an interval multiple:
if ((state.height + REORG_SAFETY_BUFFER_BLOCKS_POST_HF12) % CHECKPOINT_INTERVAL != 0)
continue; // Not on an interval multiple: no checkpointing quorum is defined.
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
size_t total_nodes = active_snode_list.size();
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// TODO(oxen): Soft fork, remove when testnet gets reset
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
if (nettype == cryptonote::TESTNET && state.height < 85357)
total_nodes = active_snode_list.size() + decomm_snode_list.size();
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
if (total_nodes >= CHECKPOINT_QUORUM_SIZE)
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
{
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
pub_keys_indexes = generate_shuffled_service_node_index_list(hf_version, total_nodes, state.block_hash, type);
num_validators = std::min(pub_keys_indexes.size(), CHECKPOINT_QUORUM_SIZE);
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
}
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
state.quorums.checkpointing = quorum;
Make empty quorum if height is checkpointable but insufficient nodes This is so that we can validly print an error in quorum_cop on the heights that are actually not being stored in the daemon VS a service node network that has insufficient nodes to form the quorum. Update core test to enforce this constraint
2019-09-23 06:13:44 +02:00
}
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
break;
Add blink quorums
2019-10-15 19:54:45 +02:00
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
case quorum_type::blink:
Add blink quorums
2019-10-15 19:54:45 +02:00
{
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
if (state.height % BLINK_QUORUM_INTERVAL != 0)
continue;
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
// Further filter the active SN list for the blink quorum to only include SNs that are not
// scheduled to finish unlocking between the quorum height and a few blocks after the
// associated blink height.
pub_keys_indexes.reserve(active_snode_list.size());
uint64_t const active_until = state.height + BLINK_EXPIRY_BUFFER;
for (size_t index = 0; index < active_snode_list.size(); index++)
generate_quorums: Switch to case where switch (cleanup prep for Pulse)
2020-06-11 06:01:23 +02:00
{
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
pubkey_and_sninfo const &entry = active_snode_list[index];
uint64_t requested_unlock_height = entry.second->requested_unlock_height;
if (requested_unlock_height == KEY_IMAGE_AWAITING_UNLOCK_HEIGHT || requested_unlock_height > active_until)
pub_keys_indexes.push_back(index);
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
}
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
if (pub_keys_indexes.size() >= BLINK_MIN_VOTES)
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
{
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
std::mt19937_64 rng = quorum_rng(hf_version, state.block_hash, type);
tools::shuffle_portable(pub_keys_indexes.begin(), pub_keys_indexes.end(), rng);
num_validators = std::min<size_t>(pub_keys_indexes.size(), BLINK_SUBQUORUM_SIZE);
generate_quorums: Switch to case where switch (cleanup prep for Pulse)
2020-06-11 06:01:23 +02:00
}
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
// Otherwise leave empty to signal that there aren't enough SNs to form a usable quorum (to
// distinguish it from an invalid height, which gets left as a nullptr)
state.quorums.blink = quorum;
Add blink quorums
2019-10-15 19:54:45 +02:00
}
generate_quorums: Switch to case where switch (cleanup prep for Pulse)
2020-06-11 06:01:23 +02:00
break;
Add blink quorums
2019-10-15 19:54:45 +02:00
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
// NOTE: NOP. Pulse quorums are generated pre-Service Node List changes for the block
Pulse: Uncompress generate_quorums switch statement change - Pulse is generated in another function so undo the handling of 3 quorums in one switch case to be piecewise for readability.
2020-06-24 08:30:02 +02:00
case quorum_type::pulse: continue;
default: MERROR("Unhandled quorum type enum with value: " << type_int); continue;
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
}
quorum->validators.reserve(num_validators);
quorum->workers.reserve(num_workers);
size_t i = 0;
for (; i < num_validators; i++)
{
quorum->validators.push_back(active_snode_list[pub_keys_indexes[i]].first);
}
for (; i < num_validators + num_workers; i++)
{
size_t j = pub_keys_indexes[i];
if (j < active_snode_list.size())
quorum->workers.push_back(active_snode_list[j].first);
else
quorum->workers.push_back(decomm_snode_list[j - active_snode_list.size()].first);
}
}
}
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
void service_node_list::state_t::update_from_block(cryptonote::BlockchainDB const &db,
cryptonote::network_type nettype,
Eliminate state_t lookup temporaries (C++14) Looking up by height currently goes via a mostly-empty implicitly created state_t, which is wasteful but was necessary with C++11. C++14 `std::set`s let us avoid this by making `state_t` and heights directly comparable for set lookups.
2019-12-07 22:06:18 +01:00
state_set const &state_history,
state_set const &state_archive,
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
std::unordered_map<crypto::hash, state_t> const &alt_states,
const cryptonote::block &block,
const std::vector<cryptonote::transaction> &txs,
Switch service_node_keys to plain pointer instead of shared_ptr The owning pointer is stashed in a unique_ptr so that it gets properly destroyed; everything else gets a plain pointer to it. (Ideally it would be std::optional instead, but that's not until C++17)
2019-10-27 23:31:35 +01:00
const service_node_keys *my_keys)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Handle quorums needing to be stored in the previous state_t
2019-09-02 05:20:05 +02:00
++height;
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
bool need_swarm_update = false;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint64_t block_height = cryptonote::get_block_height(block);
assert(height == block_height);
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
quorums = {};
block_hash = cryptonote::get_block_hash(block);
uint8_t const hf_version = block.major_version;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
//
// Generate Pulse Quorum before any SN changes are applied to the list because,
// the Leader and Validators for this block generated Pulse Data before any
// TX's included in the block were applied
// i.e. before any deregistrations, registrations, decommissions, recommissions.
//
crypto::public_key winner_pubkey = cryptonote::get_service_node_winner_from_tx_extra(block.miner_tx.extra);
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (hf_version >= cryptonote::network_version_16_pulse)
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
{
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
std::vector<crypto::hash> entropy = get_pulse_entropy_for_next_block(db, block.prev_id, block.pulse.round);
quorum pulse_quorum = generate_pulse_quorum(nettype, winner_pubkey, hf_version, active_service_nodes_infos(), entropy, block.pulse.round);
Pulse: Make active snodes info public, disambiguate next_block_template - Make active snods info public for Pulse to query the list to allow Pulse quorums to be generated outside of the Service Node List.
2020-07-15 08:05:15 +02:00
if (verify_pulse_quorum_sizes(pulse_quorum))
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
{
// NOTE: Send candidate to the back of the list
for (size_t quorum_index = 0 ; quorum_index < pulse_quorum.validators.size(); quorum_index++)
{
crypto::public_key const &key = pulse_quorum.validators[quorum_index];
Code review - Remove PoW/Difficulty information for Pulse Block printout - Use unary + to co-erce char's in ostreams - Avoid epee::string_tools::pod_to_hex for lokimq equivalent - Express validator bitmask in terms of PULSE_QUORUM_NUM_VALIDATORS - Fix bug in generating Pulse Quorum, avoiding the use of the 0th service node in pulse_candidates - Switch to std::any for void * context
2020-07-09 06:51:44 +02:00
auto &info_ptr = service_nodes_infos[key];
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
service_node_info &new_info = duplicate_info(info_ptr);
new_info.pulse_sorter.last_height_validating_in_quorum = height;
new_info.pulse_sorter.quorum_index = quorum_index;
}
quorums.pulse = std::make_shared<service_nodes::quorum>(std::move(pulse_quorum));
}
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
//
// Remove expired blacklisted key images
//
Code review
2019-09-09 03:14:19 +02:00
if (hf_version >= cryptonote::network_version_11_infinite_staking)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
for (auto entry = key_image_blacklist.begin(); entry != key_image_blacklist.end();)
{
if (block_height >= entry->unlock_height)
entry = key_image_blacklist.erase(entry);
else
entry++;
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
//
// Expire Nodes
//
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
for (const crypto::public_key& pubkey : get_expired_nodes(db, nettype, block.major_version, block_height))
fix change address and balance display for per-output unlock times
2018-08-05 05:08:51 +02:00
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
auto i = service_nodes_infos.find(pubkey);
if (i != service_nodes_infos.end())
fix change address and balance display for per-output unlock times
2018-08-05 05:08:51 +02:00
{
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
if (my_keys && my_keys->pub == pubkey) MGINFO_GREEN("Service node expired (yours): " << pubkey << " at block height: " << block_height);
else LOG_PRINT_L1("Service node expired: " << pubkey << " at block height: " << block_height);
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
need_swarm_update += i->second->is_active();
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
service_nodes_infos.erase(i);
fix change address and balance display for per-output unlock times
2018-08-05 05:08:51 +02:00
}
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
//
// Advance the list to the next candidate for a reward
//
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
auto it = service_nodes_infos.find(winner_pubkey);
if (it != service_nodes_infos.end())
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
// set the winner as though it was re-registering at transaction index=UINT32_MAX for this block
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
auto &info = duplicate_info(it->second);
info.last_reward_block_height = block_height;
info.last_reward_transaction_index = UINT32_MAX;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
//
// Process TXs in the Block
//
Update txtype activation hardforks
2020-01-30 03:08:02 +01:00
cryptonote::txtype max_tx_type = cryptonote::transaction::get_max_type_for_hf(hf_version);
cryptonote::txtype staking_tx_type = (max_tx_type < cryptonote::txtype::stake) ? cryptonote::txtype::standard : cryptonote::txtype::stake;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
for (uint32_t index = 0; index < txs.size(); ++index)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Make tx type and version scoped enums This converts the transaction type and version to scoped enum, giving type safety and making the tx type assignment less error prone because there is no implicit conversion or comparison with raw integers that has to be worried about. This ends up converting any use of `cryptonote::transaction::type_xyz` to `cryptonote::transaction::txtype::xyz`. For version, names like `transaction::version_v4` become `cryptonote::txversion::v4_tx_types`. This also allows/includes various other simplifications related to or enabled by this change: - handle `is_deregister` dynamically in serialization code (setting `type::standard` or `type::deregister` rather than using a version-determined union) - `get_type()` is no longer needed with the above change: it is now much simpler to directly access `type` which will always have the correct value (even for v2 or v3 transaction types). And though there was an assertion on the enum value, `get_type()` was being used only sporadically: many places accessed `.type` directly. - the old unscoped enum didn't have a type but was assumed castable to/from `uint16_t`, which technically meant there was potential undefined behaviour when deserializing any type values >= 8. - tx type range checks weren't being done in all serialization paths; they are now. Because `get_type()` was not used everywhere (lots of places simply accessed `.type` directory) these might not have been caught. - `set_type()` is not needed; it was only being used in a single place (wallet2.cpp) and only for v4 txes, so the version protection code was never doing anything. - added a std::ostream << operator for the enum types so that they can be output with `<< tx_type <<` rather than needing to wrap it in `type_to_string(tx_type)` everywhere. For the versions, you get the annotated version string (e.g. 4_tx_types) rather than just the number 4.
2019-06-11 20:53:46 +02:00
const cryptonote::transaction& tx = txs[index];
Update txtype activation hardforks
2020-01-30 03:08:02 +01:00
if (tx.type == staking_tx_type)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
process_registration_tx(nettype, block, tx, index, my_keys);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
need_swarm_update += process_contribution_tx(nettype, block, tx, index);
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
}
Relax deregistration rules The replaces the deregistration mechanism with a new state change mechanism (beginning at the v12 fork) which can change a service node's network status via three potential values (and is extensible in the future to handle more): - deregistered -- this is the same as the existing deregistration; the SN is instantly removed from the SN list. - decommissioned -- this is a sort of temporary deregistration: your SN remains in the service node list, but is removed from the rewards list and from any network duties. - recommissioned -- this tx is sent by a quorum if they observe a decommissioned SN sending uptime proofs again. Upon reception, the SN is reactivated and put on the end of the reward list. Since this is broadening the quorum use, this also renames the relevant quorum to a "obligations" quorum (since it validates SN obligations), while the transactions are "state_change" transactions (since they change the state of a registered SN). The new parameters added to service_node_rules.h control how this works: // Service node decommissioning: as service nodes stay up they earn "credits" (measured in blocks) // towards a future outage. A new service node starts out with INITIAL_CREDIT, and then builds up // CREDIT_PER_DAY for each day the service node remains active up to a maximum of // DECOMMISSION_MAX_CREDIT. // // If a service node stops sending uptime proofs, a quorum will consider whether the service node // has built up enough credits (at least MINIMUM): if so, instead of submitting a deregistration, // it instead submits a decommission. This removes the service node from the list of active // service nodes both for rewards and for any active network duties. If the service node comes // back online (i.e. starts sending the required performance proofs again) before the credits run // out then a quorum will reinstate the service node using a recommission transaction, which adds // the service node back to the bottom of the service node reward list, and resets its accumulated // credits to 0. If it does not come back online within the required number of blocks (i.e. the // accumulated credit at the point of decommissioning) then a quorum will send a permanent // deregistration transaction to the network, starting a 30-day deregistration count down. This commit currently includes values (which are not necessarily finalized): - 8 hours (240 blocks) of credit required for activation of a decommission (rather than a deregister) - 0 initial credits at registration - a maximum of 24 hours (720 blocks) of credits - credits accumulate at a rate that you hit 24 hours of credits after 30 days of operation. Miscellaneous other details of this PR: - a new TX extra tag is used for the state change (including deregistrations). The old extra tag has no version or type tag, so couldn't be reused. The data in the new tag is slightly more efficiently packed than the old deregistration transaction, so it gets used for deregistrations (starting at the v12 fork) as well. - Correct validator/worker selection required generalizing the shuffle function to be able to shuffle just part of a vector. This lets us stick any down service nodes at the end of the potential list, then select validators by only shuffling the part of the index vector that contains active service indices. Once the validators are selected, the remainder of the list (this time including decommissioned SN indices) is shuffled to select quorum workers to check, thus allowing decommisioned nodes to be randomly included in the nodes to check without being selected as a validator. - Swarm recalculation was not quite right: swarms were recalculated on SN registrations, even if those registrations were include shared node registrations, but *not* recalculated on stakes. Starting with the upgrade this behaviour is fixed (swarms aren't actually used currently and aren't consensus-relevant so recalculating early won't hurt anything). - Details on decomm/dereg are added to RPC info and print_sn/print_sn_status - Slightly improves the % of reward output in the print_sn output by rounding it to two digits, and reserves space in the output string to avoid excessive reallocations. - Adds various debugging at higher debug levels to quorum voting (into all of voting itself, vote transmission, and vote reception). - Reset service node list internal data structure version to 0. The SN list has to be rescanned anyway at upgrade (its size has changed), so we might as well reset the version and remove the version-dependent serialization code. (Note that the affected code here is for SN states in lmdb storage, not for SN-to-SN communication serialization).
2019-06-18 23:57:02 +02:00
else if (tx.type == cryptonote::txtype::state_change)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Query state archive when processing state changes
2019-12-03 01:26:30 +01:00
need_swarm_update += process_state_change_tx(state_history, state_archive, alt_states, nettype, block, tx, my_keys);
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Make tx type and version scoped enums This converts the transaction type and version to scoped enum, giving type safety and making the tx type assignment less error prone because there is no implicit conversion or comparison with raw integers that has to be worried about. This ends up converting any use of `cryptonote::transaction::type_xyz` to `cryptonote::transaction::txtype::xyz`. For version, names like `transaction::version_v4` become `cryptonote::txversion::v4_tx_types`. This also allows/includes various other simplifications related to or enabled by this change: - handle `is_deregister` dynamically in serialization code (setting `type::standard` or `type::deregister` rather than using a version-determined union) - `get_type()` is no longer needed with the above change: it is now much simpler to directly access `type` which will always have the correct value (even for v2 or v3 transaction types). And though there was an assertion on the enum value, `get_type()` was being used only sporadically: many places accessed `.type` directly. - the old unscoped enum didn't have a type but was assumed castable to/from `uint16_t`, which technically meant there was potential undefined behaviour when deserializing any type values >= 8. - tx type range checks weren't being done in all serialization paths; they are now. Because `get_type()` was not used everywhere (lots of places simply accessed `.type` directory) these might not have been caught. - `set_type()` is not needed; it was only being used in a single place (wallet2.cpp) and only for v4 txes, so the version protection code was never doing anything. - added a std::ostream << operator for the enum types so that they can be output with `<< tx_type <<` rather than needing to wrap it in `type_to_string(tx_type)` everywhere. For the versions, you get the annotated version string (e.g. 4_tx_types) rather than just the number 4.
2019-06-11 20:53:46 +02:00
else if (tx.type == cryptonote::txtype::key_image_unlock)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
process_key_image_unlock_tx(nettype, block_height, tx);
}
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
// Filtered pubkey-sorted vector of service nodes that are active (fully funded and *not* decommissioned).
std::vector<pubkey_and_sninfo> active_snode_list = sort_and_filter(service_nodes_infos, [](const service_node_info &info) { return info.is_active(); });
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (need_swarm_update)
{
crypto::hash const block_hash = cryptonote::get_block_hash(block);
uint64_t seed = 0;
std::memcpy(&seed, block_hash.data, sizeof(seed));
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
/// Gather existing swarms from infos
swarm_snode_map_t existing_swarms;
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
for (const auto &key_info : active_snode_list)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
existing_swarms[key_info.second->swarm_id].push_back(key_info.first);
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
calc_swarm_changes(existing_swarms, seed);
/// Apply changes
Fix warnings and unintended copies - pessimizing move in wallet2 prevents copy ellision - various for loops were creating copies (clang-10 now warns about this). Mostly this is because they had the type wrong when looping through a map: the iterator type of a `map<K, V>` is `pair<const K, V>` not `pair<K, V>`. Replaced them with C++17: for (const auto& [key, val] : var) which is so much nicer. - cryptonote::core did not have a virtual destructor, but had virtual methods (causing both a warning, and likely a crash if we ever have something inheriting from it held in a unique_ptr<core>). - core() constructor still had explicit even though it lost the single argument. - test code class had a `final` destructor but wasn't marked final. (It also has a billion superfluous `virtual` declarations but I left them in place because it's just test code).
2020-06-22 04:18:38 +02:00
for (const auto& [swarm_id, snodes] : existing_swarms) {
for (const auto& snode : snodes) {
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
auto& sn_info_ptr = service_nodes_infos.at(snode);
if (sn_info_ptr->swarm_id == swarm_id) continue; /// nothing changed for this snode
duplicate_info(sn_info_ptr).swarm_id = swarm_id;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
}
Handle quorums needing to be stored in the previous state_t
2019-09-02 05:20:05 +02:00
Pulse: Support rounds changing the leader/validators in blocks - Previously we generated quorums based off the previous quorum. To incorporate the round, we can no longer pre-compute the quorum. Instead it must be calculated when the block arrives, just before the Service Node List is changed. - Add tests to check round changing works
2020-06-23 09:13:33 +02:00
generate_other_quorums(*this, active_snode_list, nettype, hf_version);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
void service_node_list::process_block(const cryptonote::block& block, const std::vector<cryptonote::transaction>& txs)
{
uint64_t block_height = cryptonote::get_block_height(block);
Add support for Loki Name Service on the backend
2019-11-01 01:58:48 +01:00
uint8_t hf_version = block.major_version;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Pulse: Queue Block Gen code review - Rename find_named_argument -> find_prefixed_value - Update get_current_blockchain_height() comment to specify ability to lock - Update memcmp(address1, address2) to address1 == address2 - Make create_next_miner_block_template call create_miner_block_template - Update LMQ x25519 keys only when key has changed - construct_miner_tx: Use C++17 features - Pulse: Add log category "Pulse" - Pulse: Check shutdown before blockchain height - Pulse: Use get_human_readable_timespan - Pulse: Switch to MINFO, enable with --log-level +pulse:DEBUG - Pulse: Add height into context - Pulse: Remove some default switch cases hiding compiler warnings - SN: Update hardcoded '9' literals to network_version_9_service_nodes - Core: Use using namespace std::literals - Miner: Change num_blocks availability to debug - RPC: Gate test rpc commands to != MAINNET - Wallet: Store wallet before deinitialization instead of refresh
2020-08-06 09:21:00 +02:00
if (hf_version < cryptonote::network_version_9_service_nodes)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
return;
// Cull old history
Add support for Loki Name Service on the backend
2019-11-01 01:58:48 +01:00
uint64_t cull_height = short_term_state_cull_height(hf_version, block_height);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
Add support for Loki Name Service on the backend
2019-11-01 01:58:48 +01:00
auto end_it = m_transient.state_history.upper_bound(cull_height);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
for (auto it = m_transient.state_history.begin(); it != end_it; it++)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
if (m_store_quorum_history)
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.old_quorum_states.emplace_back(it->height, it->quorums);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint64_t next_long_term_state = ((it->height / STORE_LONG_TERM_STATE_INTERVAL) + 1) * STORE_LONG_TERM_STATE_INTERVAL;
uint64_t dist_to_next_long_term_state = next_long_term_state - it->height;
bool need_quorum_for_future_states = (dist_to_next_long_term_state <= VOTE_LIFETIME + VOTE_OR_TX_VERIFY_HEIGHT_BUFFER);
if ((it->height % STORE_LONG_TERM_STATE_INTERVAL) == 0 || need_quorum_for_future_states)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_added_to_archive = true;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (need_quorum_for_future_states) // Preserve just quorum
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
state_t &state = const_cast<state_t &>(*it); // safe: set order only depends on state_t.height
state.service_nodes_infos = {};
state.key_image_blacklist = {};
state.only_loaded_quorums = true;
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_archive.emplace_hint(m_transient.state_archive.end(), std::move(*it));
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
}
Add support for Loki Name Service on the backend
2019-11-01 01:58:48 +01:00
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
}
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_history.erase(m_transient.state_history.begin(), end_it);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
if (m_transient.old_quorum_states.size() > m_store_quorum_history)
m_transient.old_quorum_states.erase(m_transient.old_quorum_states.begin(), m_transient.old_quorum_states.begin() + (m_transient.old_quorum_states.size() - m_store_quorum_history));
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
// Cull alt state history
Add support for Loki Name Service on the backend
2019-11-01 01:58:48 +01:00
for (auto it = m_transient.alt_state.begin(); it != m_transient.alt_state.end(); )
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
Add support for Loki Name Service on the backend
2019-11-01 01:58:48 +01:00
state_t const &alt_state = it->second;
if (alt_state.height < cull_height) it = m_transient.alt_state.erase(it);
else it++;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
cryptonote::network_type nettype = m_blockchain.nettype();
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_history.insert(m_transient.state_history.end(), m_state);
m_state.update_from_block(m_blockchain.get_db(), nettype, m_transient.state_history, m_transient.state_archive, {}, block, txs, m_service_node_keys);
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Distinguish pop_blocks from reorg in detach hook
2019-10-16 01:25:04 +02:00
void service_node_list::blockchain_detached(uint64_t height, bool /*by_pop_blocks*/)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
Handle quorums needing to be stored in the previous state_t
2019-09-02 05:20:05 +02:00
uint64_t revert_to_height = height - 1;
bool reinitialise = false;
bool using_archive = false;
Fix off by 1 when checking state_t heights causing sync failure (#759)
2019-07-25 06:35:36 +02:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = m_transient.state_history.find(revert_to_height); // Try finding detached height directly
reinitialise = (it == m_transient.state_history.end() || it->only_loaded_quorums);
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
if (!reinitialise)
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_history.erase(std::next(it), m_transient.state_history.end());
Fix off by 1 when checking state_t heights causing sync failure (#759)
2019-07-25 06:35:36 +02:00
}
Fix pop-blocks edge case before the first 10k interval
2019-07-22 06:21:35 +02:00
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// TODO(oxen): We should loop through the prev 10k heights for robustness, but avoid for v4.0.5. Already enough changes going in
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
if (reinitialise) // Try finding the next closest old state at 10k intervals
Fix off by 1 when checking state_t heights causing sync failure (#759)
2019-07-25 06:35:36 +02:00
{
Handle quorums needing to be stored in the previous state_t
2019-09-02 05:20:05 +02:00
uint64_t prev_interval = revert_to_height - (revert_to_height % STORE_LONG_TERM_STATE_INTERVAL);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = m_transient.state_archive.find(prev_interval);
reinitialise = (it == m_transient.state_archive.end() || it->only_loaded_quorums);
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
if (!reinitialise)
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_history.clear();
m_transient.state_archive.erase(std::next(it), m_transient.state_archive.end());
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
using_archive = true;
}
Fix off by 1 when checking state_t heights causing sync failure (#759)
2019-07-25 06:35:36 +02:00
}
Make 4.0.4 service node blob backwards compatible (#786) Ordinarily on shut down we would discard the quorum states that are converted and serialised once on initial start up with the new software. If this is lost, we would not be able to process incoming votes or any state changes and essentially halt without forcing a way to rescan the service node list back to a consistent state.
2019-08-12 01:53:05 +02:00
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
if (reinitialise)
Fix off by 1 when checking state_t heights causing sync failure (#759)
2019-07-25 06:35:36 +02:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_history.clear();
m_transient.state_archive.clear();
Fix off by 1 when checking state_t heights causing sync failure (#759)
2019-07-25 06:35:36 +02:00
init();
return;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Service Node Deregister Part 5 (#89) * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * core, service_node_list: separated address from service node pubkey * Retrieve quorum list from height, reviewed * Setup data structures for de/register TX * Submit and validate partial/full deregisters * Add P2P relaying of partial deregistration votes * Code review adjustments for deregistration part 1 - Fix check_tx_semantic - Remove signature_pod as votes are now stored as blobs. Serialization overrides don't intefere with crypto::signature anymore. * deregistration_vote_pool - changed sign/verify interface and removed repeated code * Misc review, fix sign/verify api, vote threshold * Deregister/tx edge case handling for combinatoric votes * Store service node lists for the duration of deregister lifetimes * Quorum min/max bug, sort node list, fix node to test list * Change quorum to store acc pub address, fix oob bug * Code review for expiring votes, acc keys to pub_key, improve err msgs * Add early out for is_deregistration_tx and protect against quorum changes * Remove debug code, fix segfault * Remove irrelevant check for tx v3 in blockchain, fix >= height for pruning quorum states Incorrect assumption that a transaction can be kept in the chain if it could eventually become invalid, because if it were the chain would be split and eventually these transaction would be dropped. But also that we should not override the pre-existing logic which handles this case anyway.
2018-07-18 04:42:47 +02:00
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto &history = (using_archive) ? m_transient.state_archive : m_transient.state_history;
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
auto it = std::prev(history.end());
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
m_state = std::move(*it);
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
history.erase(it);
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
std::vector<crypto::public_key> service_node_list::state_t::get_expired_nodes(cryptonote::BlockchainDB const &db,
cryptonote::network_type nettype,
uint8_t hf_version,
uint64_t block_height) const
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
std::vector<crypto::public_key> expired_nodes;
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
uint64_t const lock_blocks = staking_num_lock_blocks(nettype);
service nodes: update staking lock blocks requirements (#126)
2018-08-08 06:57:07 +02:00
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// TODO(oxen): This should really use the registration height instead of getting the block and expiring nodes.
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
// But there's something subtly off when using registration height causing syncing problems.
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
if (hf_version == cryptonote::network_version_9_service_nodes)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Handle quorums needing to be stored in the previous state_t
2019-09-02 05:20:05 +02:00
if (block_height <= lock_blocks)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
return expired_nodes;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
const uint64_t expired_nodes_block_height = block_height - lock_blocks;
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
cryptonote::block block = {};
try
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Handle quorums needing to be stored in the previous state_t
2019-09-02 05:20:05 +02:00
block = db.get_block_from_height(expired_nodes_block_height);
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
}
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
catch (std::exception const &e)
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
{
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
LOG_ERROR("Failed to get historical block to find expired nodes in v9: " << e.what());
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
return expired_nodes;
}
Handle quorums needing to be stored in the previous state_t
2019-09-02 05:20:05 +02:00
if (block.major_version < cryptonote::network_version_9_service_nodes)
return expired_nodes;
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
for (crypto::hash const &hash : block.tx_hashes)
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
{
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
cryptonote::transaction tx;
if (!db.get_tx(hash, tx))
{
LOG_ERROR("Failed to get historical tx to find expired service nodes in v9");
continue;
}
uint32_t index = 0;
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
crypto::public_key key;
Implementation of swarms using a queue/buffer (#299) * Added implementation of swarms using a buffer * fixed bug in get_new_swarm_id * use correct hf version * removed comments
2018-11-16 00:32:56 +01:00
service_node_info info = {};
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
if (is_registration_tx(nettype, cryptonote::network_version_9_service_nodes, tx, block.timestamp, expired_nodes_block_height, index, key, info))
Service Nodes Reregistration Grace Period (#290) * Allow a grace period to re-register service nodes * Guard feature behind hardfork 10 * Const iterator, guard rpc height result by hard fork 10
2018-10-16 01:32:35 +02:00
expired_nodes.push_back(key);
index++;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
else
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
for (auto it = service_nodes_infos.begin(); it != service_nodes_infos.end(); it++)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
crypto::public_key const &snode_key = it->first;
Use shared_ptr storage for service_node_info This converts the stored service_node_info value into a `shared_ptr<const service_node_info>` rather than a plain `service_node_info`. This yields a huge performance benefit by significantly eliminating the vast majority of service_node_info construction, destruction, and copying. Most of the time when we copy a service_node_info nothing in it has changed, which means we're storing exactly the same thing; this means an extra construction for every SN info on every block *and* an extra destruction when we cull old stored history. By using a shared_ptr, the vast majority of those constructions and destructions are eliminated. The immediately previous commit (upon which this one builds) already reduced a full rescan from 180s to 171s; this commit further reduces that time to 104s, or about 42% reduced from the rescan time required before this pair of commits. (All timings are from the dev.lokinet.org box, tested over multiple runs with the entire lmdb cached in memory). With the shared_ptr approach, we only make a copy when a change is actually needed: because of infrequent (at the per-SN level) events like a state_change, received reward, contribution, etc. The contained reference is deliberately `const` so that values are not changeable; there's a new function that does an explicit copying duplication, returning the new non-const and storing the const ref in the shared pointer. Related to this is a small change (and fix) to how proof info and public_ip/storage_port are stored: rather than store the values in the service_node_info struct itself, they now gets stored in a shared_ptr inside the service_node_info that intentionally gets shared among all copies of the service_node_info (that is, a SN info copy deliberately copies the pointer rather than the values). This also moves the ip/port values into the proof struct, since that seemed much easier than maintaining a separate shared_ptr for each value. Previously, because these were stored as values in the service_node_info they would actually get rolled back in the event of a reorg, but that seems highly undesirable: you would end up rolling back to the old values of the uptime proof and ip address (for example), but that should not happen: those values are not dependent on the blockchain and so should not be affected by a reorg/rollback. With this change they aren't since there is only one actual proof stored. Note that the shared storage here only applies to in-memory states; states loaded from the db will still be duplicated.
2019-08-11 18:19:24 +02:00
const service_node_info &info = *it->second;
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
if (info.registration_hf_version >= cryptonote::network_version_11_infinite_staking)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
{
if (info.requested_unlock_height != KEY_IMAGE_AWAITING_UNLOCK_HEIGHT && block_height > info.requested_unlock_height)
expired_nodes.push_back(snode_key);
}
else // Version 10 Bulletproofs
{
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
/// Note: this code exhibits a subtle unintended behaviour: a snode that
Fix SN expirations and deregistrations in core tests (#493)
2019-03-18 00:48:50 +01:00
/// registered in hardfork 9 and was scheduled for deregistration in hardfork 10
/// will have its life is slightly prolonged by the "grace period", although it might
/// look like we use the registration height to determine the expiry height.
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
uint64_t node_expiry_height = info.registration_height + lock_blocks + STAKING_REQUIREMENT_LOCK_BLOCKS_EXCESS;
if (block_height > node_expiry_height)
expired_nodes.push_back(snode_key);
}
}
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
return expired_nodes;
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
service_nodes::payout service_node_list::state_t::get_block_leader() const
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
{
Pulse: Make generating payouts a standalone function
2020-07-15 09:24:53 +02:00
crypto::public_key key = crypto::null_pkey;
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
service_node_info const *info = nullptr;
{
auto oldest_waiting = std::make_tuple(std::numeric_limits<uint64_t>::max(), std::numeric_limits<uint32_t>::max(), crypto::null_pkey);
for (const auto &info_it : service_nodes_infos)
{
const auto &sninfo = *info_it.second;
if (sninfo.is_active())
{
auto waiting_since = std::make_tuple(sninfo.last_reward_block_height, sninfo.last_reward_transaction_index, info_it.first);
if (waiting_since < oldest_waiting)
{
oldest_waiting = waiting_since;
info = &sninfo;
}
}
}
Pulse: Make generating payouts a standalone function
2020-07-15 09:24:53 +02:00
key = std::get<2>(oldest_waiting);
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
Pulse: Make generating payouts a standalone function
2020-07-15 09:24:53 +02:00
if (key == crypto::null_pkey)
return service_nodes::null_payout;
return service_node_info_to_payout(key, *info);
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Reward fudge factor (#867) * Add a 1 atomic unit fudge factor on reward calculations If the thread's rounding mode is different (because RandomX changed it in the current thread or in the thread that generated the block) then the reward calculation can be up to 1 atomic unit off. This lets those pass rather than rejecting the block. (I tested LOKI's reward calculations up to height 10M to verify that the maximum error in reward values is never off by more than 1). * Remove partial_block_reward This variable is not actually used anywhere. * Add 1ULP tolerance for SN reward checks * Rewrite confusing logic and error - fix the broken error message which was printing "base(base+fees)" instead of "total(base+fees)". - improve the error message wording to actually indicate what the values signify. - don't use base_reward as a temporary value (the intermediate value assigned to it is completely replaced later anyway). - use some better variable names to describe what is happening here * Add check for overflow
2019-10-04 05:57:14 +02:00
template <typename T>
static constexpr bool within_one(T a, T b) {
return (a > b ? a - b : b - a) <= T{1};
}
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
// NOTE: Verify queued service node coinbase or pulse block producer rewards
static bool verify_coinbase_tx_output(cryptonote::transaction const &miner_tx,
uint64_t height,
size_t output_index,
cryptonote::account_public_address const &receiver,
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
uint64_t reward)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
if (output_index >= miner_tx.vout.size())
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("Output Index: " << output_index << ", indexes out of bounds in vout array with size: " << miner_tx.vout.size());
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
return false;
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
}
service nodes: added service node operator cut to registration
2018-08-07 04:28:59 +02:00
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
cryptonote::tx_out const &output = miner_tx.vout[output_index];
Pulse: validate_miner_tx pass in block to service_node_list
2020-07-03 10:21:26 +02:00
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
// Because FP math is involved in reward calculations (and compounded by CPUs, compilers,
// expression contraction, and RandomX fiddling with the rounding modes) we can end up with a
// 1 ULP difference in the reward calculations.
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// TODO(oxen): eliminate all FP math from reward calculations
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
if (!within_one(output.amount, reward))
new and improved contribution system
2018-08-06 15:08:44 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("Service node reward amount incorrect. Should be " << cryptonote::print_money(reward) << ", is: " << cryptonote::print_money(output.amount));
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
return false;
}
service nodes: added service node operator cut to registration
2018-08-07 04:28:59 +02:00
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
if (!std::holds_alternative<cryptonote::txout_to_key>(output.target))
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("Service node output target type should be txout_to_key");
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
return false;
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
// NOTE: Loki uses the governance key in the one-time ephemeral key
// derivation for both Pulse Block Producer/Queued Service Node Winner rewards
crypto::key_derivation derivation{};
crypto::public_key out_eph_public_key{};
cryptonote::keypair gov_key = cryptonote::get_deterministic_keypair_from_height(height);
bool r = crypto::generate_key_derivation(receiver.m_view_public_key, gov_key.sec, derivation);
CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to generate_key_derivation(" << receiver.m_view_public_key << ", " << gov_key.sec << ")");
r = crypto::derive_public_key(derivation, output_index, receiver.m_spend_public_key, out_eph_public_key);
CHECK_AND_ASSERT_MES(r, false, "while creating outs: failed to derive_public_key(" << derivation << ", " << output_index << ", "<< receiver.m_spend_public_key << ")");
Fix failure to accept a null-winner block With a null winner block the `if ((miner_tx.vout.size() - 1) < winner.payouts.size())` fires, when it shouldn't. Bypass checks (after verifying that a null winner is correct) for such a block.
2020-08-12 00:01:58 +02:00
Target macos 10.12 When targetting macos <10.14 macos won't allow use of anything from C++17 that throws, such as: - std::get on a variant - std::visit - std::optional::value() - std::any_cast This avoids all of these. For std::get, we either replace with std::get_if (where appropriate), or else use a `var::get` implementation of std::get added to lokimq (also updated here). (This `var` namespace is just an `std` alias everywhere *except* old target macos). For std::visit, likewise lokimq adds an var::visit implementation for old macos that we use. std::optional::value() uses weren't useful anyway as everywhere it calls them we've already checked that the option has a value, in which case we can use `*opt` (which doesn't check for contents and throw). std::any just has to be avoided as far as I can tell, but the one place we used it is only ever a block, so I just replaced it with a `const block*`.
2020-10-16 00:44:36 +02:00
if (var::get<cryptonote::txout_to_key>(output.target).key != out_eph_public_key)
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("Invalid service node reward at output: " << output_index << ", output key, specifies wrong key");
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
return false;
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
return true;
Reward fudge factor (#867) * Add a 1 atomic unit fudge factor on reward calculations If the thread's rounding mode is different (because RandomX changed it in the current thread or in the thread that generated the block) then the reward calculation can be up to 1 atomic unit off. This lets those pass rather than rejecting the block. (I tested LOKI's reward calculations up to height 10M to verify that the maximum error in reward values is never off by more than 1). * Remove partial_block_reward This variable is not actually used anywhere. * Add 1ULP tolerance for SN reward checks * Rewrite confusing logic and error - fix the broken error message which was printing "base(base+fees)" instead of "total(base+fees)". - improve the error message wording to actually indicate what the values signify. - don't use base_reward as a temporary value (the intermediate value assigned to it is completely replaced later anyway). - use some better variable names to describe what is happening here * Add check for overflow
2019-10-04 05:57:14 +02:00
}
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
bool service_node_list::validate_miner_tx(cryptonote::block const &block, cryptonote::block_reward_parts const &reward_parts, std::optional<std::vector<cryptonote::batch_sn_payment>> const &batched_sn_payments) const
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Pulse: Queue Block Gen code review - Rename find_named_argument -> find_prefixed_value - Update get_current_blockchain_height() comment to specify ability to lock - Update memcmp(address1, address2) to address1 == address2 - Make create_next_miner_block_template call create_miner_block_template - Update LMQ x25519 keys only when key has changed - construct_miner_tx: Use C++17 features - Pulse: Add log category "Pulse" - Pulse: Check shutdown before blockchain height - Pulse: Use get_human_readable_timespan - Pulse: Switch to MINFO, enable with --log-level +pulse:DEBUG - Pulse: Add height into context - Pulse: Remove some default switch cases hiding compiler warnings - SN: Update hardcoded '9' literals to network_version_9_service_nodes - Core: Use using namespace std::literals - Miner: Change num_blocks availability to debug - RPC: Gate test rpc commands to != MAINNET - Wallet: Store wallet before deinitialization instead of refresh
2020-08-06 09:21:00 +02:00
uint8_t const hf_version = block.major_version;
if (hf_version < cryptonote::network_version_9_service_nodes)
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
return true;
Pulse: Queue Block Gen code review - Rename find_named_argument -> find_prefixed_value - Update get_current_blockchain_height() comment to specify ability to lock - Update memcmp(address1, address2) to address1 == address2 - Make create_next_miner_block_template call create_miner_block_template - Update LMQ x25519 keys only when key has changed - construct_miner_tx: Use C++17 features - Pulse: Add log category "Pulse" - Pulse: Check shutdown before blockchain height - Pulse: Use get_human_readable_timespan - Pulse: Switch to MINFO, enable with --log-level +pulse:DEBUG - Pulse: Add height into context - Pulse: Remove some default switch cases hiding compiler warnings - SN: Update hardcoded '9' literals to network_version_9_service_nodes - Core: Use using namespace std::literals - Miner: Change num_blocks availability to debug - RPC: Gate test rpc commands to != MAINNET - Wallet: Store wallet before deinitialization instead of refresh
2020-08-06 09:21:00 +02:00
std::lock_guard lock(m_sn_mutex);
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
uint64_t const height = cryptonote::get_block_height(block);
cryptonote::transaction const &miner_tx = block.miner_tx;
// NOTE: Basic queued service node list winner checks
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// NOTE(oxen): Service node reward distribution is calculated from the
Rotating Governance Schedule (#303) * Add multiple governance keys * Batch governance payments to every interval blocks * Batching of gov rewards and fix breakages in tests * Add changes to api for working with core tests * Clean up left over debug stuff * more cleanup * Fix uninitialised batched governance value * Remove dependency on blockchain in tx utils * Remove redundant vector reserve
2018-11-12 04:02:21 +01:00
// original amount, i.e. 50% of the original base reward goes to service
// nodes not 50% of the reward after removing the governance component (the
// adjusted base reward post hardfork 10).
Pulse: Apply block limit penalty on SN reward The reward pre-hf16 is removed from the miner as they are the block producer. After Pulse, the block producer changes to the Service Node. Here we subtract the penalty from the Service Node Leader (the node at the top of the Service Node List irrespective of round or even after PoW the fallback). https://github.com/loki-project/loki-core/issues/1267
2020-09-22 06:26:53 +02:00
payout const block_leader = m_state.get_block_leader();
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
{
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
auto const check_block_leader_pubkey = cryptonote::get_service_node_winner_from_tx_extra(miner_tx.extra);
if (block_leader.key != check_block_leader_pubkey)
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("Service node reward winner is incorrect! Expected " << block_leader.key << ", block has " << check_block_leader_pubkey);
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return false;
}
core tests: update priority for service nodes selected as winners (#506)
2019-03-19 08:29:27 +01:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
enum struct verify_mode
Remove using select_winner twice in block reward check Also promote the std::pair of <address, portions> to a struct for readability. Readjust block_winner to ensure test case passes
2019-08-30 08:04:58 +02:00
{
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
miner,
Pulse: Allow leader to reappear in alternative pulse rounds
2020-07-09 09:01:21 +02:00
pulse_block_leader_is_producer,
pulse_different_block_producer,
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
batched_sn_rewards,
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
};
verify_mode mode = verify_mode::miner;
crypto::public_key block_producer_key = {};
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
//
// NOTE: Determine if block leader/producer are different or the same.
//
Pulse: Don't verify PoW for Pulse Blocks
2020-08-20 04:02:26 +02:00
if (cryptonote::block_has_pulse_components(block))
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
{
Pulse: Handle alternative block reorg with Pulse blocks - Alternative pulse blocks must be verified against the quorum they belong to. This updates alt_block_added hook in Service Node List to check the new Pulse invariants and on passing allow the alt block to be stored into the DB until enough blocks have been checkpointed. - New reorganization behaviour for the Pulse hard fork. Currently reorganization rules work by preferring chains with greater cumulative difficulty and or a chain with more checkpoints. Pulse blocks introduces a 'fake' difficulty to allow falling back to PoW and continuing the chain with reasonable difficulty. If we fall into a position where we have an alt chain of mixed Pulse blocks and PoW blocks, difficulty is no longer a valid metric to compare blocks (a completely PoW chain could have much higher cumulative difficulty if hash power is thrown at it vs Pulse chain with fixed difficulty). So starting in HF16 we only reorganize when 2 consecutive checkpoints prevail on one chain. This aligns with the idea of a PoS network that is governed by the Service Nodes. The chain doesn't essentially recover until Pulse is re-enabled and Service Nodes on that chain checkpoint the chain again, causing the PoW chain to switch over. - Generating Pulse Entropy no longer does a confusing +-1 to the height dance and always begins from the top block. It now takes a block instead of a height since the blocks may be on an alternative chain or the main chain. In the former case, we have to query the alternative DB table to grab the blocks to work. - Removes the developer debug hashes in code for entropy. - Adds core tests to check reorganization works
2020-09-04 10:09:17 +02:00
std::vector<crypto::hash> entropy = get_pulse_entropy_for_next_block(m_blockchain.get_db(), block.prev_id, block.pulse.round);
quorum pulse_quorum = generate_pulse_quorum(m_blockchain.nettype(), block_leader.key, hf_version, m_state.active_service_nodes_infos(), entropy, block.pulse.round);
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
if (!verify_pulse_quorum_sizes(pulse_quorum))
Pulse: Handle round > 255, add debug logs - Log the generated pulse quorum - Log the round when a msg signature fails - Handle round > 255 and revert to allowing PoW blocks
2020-08-19 06:54:37 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("Pulse block received but Pulse has insufficient nodes for quorum, block hash " << cryptonote::get_block_hash(block) << ", height " << height);
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
return false;
Pulse: Handle round > 255, add debug logs - Log the generated pulse quorum - Log the round when a msg signature fails - Handle round > 255 and revert to allowing PoW blocks
2020-08-19 06:54:37 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
block_producer_key = pulse_quorum.workers[0];
mode = (block_producer_key == block_leader.key) ? verify_mode::pulse_block_leader_is_producer
: verify_mode::pulse_different_block_producer;
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
Pulse: Move block verification outside of validate_miner_tx
2020-08-19 10:24:10 +02:00
if (block.pulse.round == 0 && (mode == verify_mode::pulse_different_block_producer))
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("The block producer in pulse round 0 should be the same node as the block leader: " << block_leader.key << ", actual producer: " << block_producer_key);
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return false;
}
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
// NOTE: Verify miner tx vout composition
//
// Miner Block
Pulse: On alt rounds, allocate tx fee to alt producer
2020-09-11 06:45:41 +02:00
// 1 | Miner
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
// Up To 4 | Queued Service Node
// Up To 1 | Governance
//
// Pulse Block
// Up to 4 | Block Producer (0-3 for Pooled Service Node)
Pulse: Queue Block Gen code review - Rename find_named_argument -> find_prefixed_value - Update get_current_blockchain_height() comment to specify ability to lock - Update memcmp(address1, address2) to address1 == address2 - Make create_next_miner_block_template call create_miner_block_template - Update LMQ x25519 keys only when key has changed - construct_miner_tx: Use C++17 features - Pulse: Add log category "Pulse" - Pulse: Check shutdown before blockchain height - Pulse: Use get_human_readable_timespan - Pulse: Switch to MINFO, enable with --log-level +pulse:DEBUG - Pulse: Add height into context - Pulse: Remove some default switch cases hiding compiler warnings - SN: Update hardcoded '9' literals to network_version_9_service_nodes - Core: Use using namespace std::literals - Miner: Change num_blocks availability to debug - RPC: Gate test rpc commands to != MAINNET - Wallet: Store wallet before deinitialization instead of refresh
2020-08-06 09:21:00 +02:00
// Up To 4 | Queued Service Node
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
// Up To 1 | Governance
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
//
Pulse: On alt rounds, allocate tx fee to alt producer
2020-09-11 06:45:41 +02:00
// NOTE: See cryptonote_tx_utils.cpp construct_miner_tx(...) for payment details.
//
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
std::shared_ptr<const service_node_info> block_producer = nullptr;
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
size_t expected_vouts_size = 0;
Pulse: Allow leader to reappear in alternative pulse rounds
2020-07-09 09:01:21 +02:00
if (mode == verify_mode::pulse_block_leader_is_producer || mode == verify_mode::pulse_different_block_producer)
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
{
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
auto info_it = m_state.service_nodes_infos.find(block_producer_key);
if (info_it == m_state.service_nodes_infos.end())
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
{
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("The pulse block producer for round: " << +block.pulse.round << " is not currently a Service Node: " << block_producer_key);
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return false;
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
block_producer = info_it->second;
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
if (mode == verify_mode::pulse_different_block_producer && reward_parts.miner_fee > 0 && block.major_version < cryptonote::network_version_19)
{
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
expected_vouts_size += block_producer->contributors.size();
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
}
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
if (block.major_version >= cryptonote::network_version_19)
{
mode = verify_mode::batched_sn_rewards;
MDEBUG("Batched miner reward");
}
if (mode == verify_mode::miner)
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
{
block_reward_parts: base_miner_fee -> miner_fee
2020-09-25 03:49:52 +02:00
if ((reward_parts.base_miner + reward_parts.miner_fee) > 0) // (HF >= 16) this can be zero, no miner coinbase.
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
{
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
expected_vouts_size += 1; /*miner*/
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
}
}
if (mode == verify_mode::batched_sn_rewards)
{
if (batched_sn_payments.has_value())
expected_vouts_size += batched_sn_payments->size();
} else {
expected_vouts_size += block_leader.payouts.size();
bool has_governance_output = cryptonote::height_has_governance_output(m_blockchain.nettype(), hf_version, height);
if (has_governance_output) {
expected_vouts_size++;
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
}
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
if (miner_tx.vout.size() != expected_vouts_size)
{
Pulse: Improve error messages for SN validate_miner_tx
2020-07-16 06:16:58 +02:00
char const *type = mode == verify_mode::miner
? "miner"
: mode == verify_mode::pulse_block_leader_is_producer ? "pulse" : "pulse alt round";
temp: Global logs in block verify on blockchain side
2020-08-20 03:21:40 +02:00
MGINFO_RED("Expected " << type << " block, the miner TX specifies a different amount of outputs vs the expected: " << expected_vouts_size << ", miner tx outputs: " << miner_tx.vout.size());
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
return false;
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
network_version_16 += _pulse
2020-09-18 21:39:50 +02:00
if (hf_version >= cryptonote::network_version_16_pulse)
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
{
if (reward_parts.base_miner != 0)
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
{
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
MGINFO_RED("Miner reward is incorrect expected 0 reward, block specified " << cryptonote::print_money(reward_parts.base_miner));
service_node_list: add multiple stakers, reward shares, etc
2018-07-18 08:51:26 +02:00
return false;
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
// NOTE: Verify Coinbase Amounts
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
switch(mode)
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
{
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
case verify_mode::miner:
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
{
block_reward_parts: base_miner_fee -> miner_fee
2020-09-25 03:49:52 +02:00
size_t vout_index = 0 + (reward_parts.base_miner + reward_parts.miner_fee > 0);
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
Revert miner reward check from 48b13ae0db6298620508fbdbe63cb6a72897374a The miner reward includes atomic dust resulting from truncation errors of the other amounts, so this test for exact miner amounts failed (on current mainnet blocks, particularly ones with lots of SN reward recipients where such dust is likely).
2020-09-18 21:23:46 +02:00
// We don't verify the miner reward amount because it is already implied by the overall
// sum of outputs check and because when there are truncation errors on other outputs the
// miner reward ends up with the difference (and so actual miner output amount can be a few
block_reward_parts: base_miner_fee -> miner_fee
2020-09-25 03:49:52 +02:00
// atoms larger than base_miner+miner_fee).
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
std::vector<uint64_t> split_rewards = cryptonote::distribute_reward_by_portions(block_leader.payouts,
reward_parts.service_node_total,
hf_version >= cryptonote::network_version_16_pulse /*distribute_remainder*/);
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
for (size_t i = 0; i < block_leader.payouts.size(); i++)
{
payout_entry const &payout = block_leader.payouts[i];
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
if (split_rewards[i])
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
{
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
if (!verify_coinbase_tx_output(miner_tx, height, vout_index, payout.address, split_rewards[i]))
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
return false;
vout_index++;
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
}
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
break;
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
Pulse: Allow leader to reappear in alternative pulse rounds
2020-07-09 09:01:21 +02:00
case verify_mode::pulse_block_leader_is_producer:
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
{
block_reward_parts: base_miner_fee -> miner_fee
2020-09-25 03:49:52 +02:00
uint64_t total_reward = reward_parts.service_node_total + reward_parts.miner_fee;
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
std::vector<uint64_t> split_rewards = cryptonote::distribute_reward_by_portions(block_leader.payouts, total_reward, true /*distribute_remainder*/);
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
assert(total_reward > 0);
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
size_t vout_index = 0;
for (size_t i = 0; i < block_leader.payouts.size(); i++)
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
{
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
payout_entry const &payout = block_leader.payouts[i];
if (split_rewards[i])
Pulse: Compute contributor portion of rewards for coinbase
2020-09-25 02:16:24 +02:00
{
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
if (!verify_coinbase_tx_output(miner_tx, height, vout_index, payout.address, split_rewards[i]))
Pulse: Compute contributor portion of rewards for coinbase
2020-09-25 02:16:24 +02:00
return false;
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
vout_index++;
Pulse: Compute contributor portion of rewards for coinbase
2020-09-25 02:16:24 +02:00
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
}
}
break;
Pulse: Allow leader to reappear in alternative pulse rounds
2020-07-09 09:01:21 +02:00
case verify_mode::pulse_different_block_producer:
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
{
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
size_t vout_index = 0;
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
{
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
payout block_producer_payouts = service_node_info_to_payout(block_producer_key, *block_producer);
std::vector<uint64_t> split_rewards = cryptonote::distribute_reward_by_portions(block_producer_payouts.payouts, reward_parts.miner_fee, true /*distribute_remainder*/);
for (size_t i = 0; i < block_producer_payouts.payouts.size(); i++)
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
{
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
payout_entry const &payout = block_producer_payouts.payouts[i];
if (split_rewards[i])
{
if (!verify_coinbase_tx_output(miner_tx, height, vout_index, payout.address, split_rewards[i]))
return false;
vout_index++;
}
Pulse: Avoid miner, sn coinbase outputs when reward < 0 - Avoid generating any outputs on an alternative round, for the alternative block producer if the total tx fee was 0. - Remove the 1 atomic loki awarded to the miner in HF16 (previously kept to 1 for making sure tests work, whilst implementing the new block reward split)
2020-09-14 08:48:53 +02:00
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
}
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
std::vector<uint64_t> split_rewards = cryptonote::distribute_reward_by_portions(block_leader.payouts, reward_parts.service_node_total, true /*distribute_remainder*/);
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
for (size_t i = 0; i < block_leader.payouts.size(); i++)
{
payout_entry const &payout = block_leader.payouts[i];
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
if (split_rewards[i])
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
{
Pulse: Account for dust in portions payout >= HF16 - We also remove the distinction between service_node_total and service_node_paid. Previously the portions payout may still have some remainder dust loki that was not distributed, and or distributed to the miner as the difference between the pay out and the base reward was added to the miner. This is still the case for backwards compatibility before HF16. After HF16, dust is not allowed and everything is split with the remainder dust going to the 1st contributor in the Service Node (the operator).
2020-09-25 07:09:30 +02:00
if (!verify_coinbase_tx_output(miner_tx, height, vout_index, payout.address, split_rewards[i]))
Pulse: Avoid 0 amount output in coinbase more strictly - 0 amount outputs can still be generated if the portions was too low for splitting the reward amount. An example where this can happen is on alternative rounds, splitting the TX fee to the alternative quorum, if the portions is too low we could potentially get a 0 output which would be interpreted as RCT and cause some bugs on the chain. The fix here is always check each output is > 0 before generating the output in the miner tx. - Also explicitly check the miner output amount when validating miner transactions. Previously we only check the sum of the outputs match the total expected amounts, and the service node outputs match our expected rewards (and so i.e. no explicit checking on miner amount at any point).
2020-09-15 03:56:09 +02:00
return false;
vout_index++;
}
Pulse: Change queued_winner->block_leader, verify alt round rewards Changes naming scheme - Block Producer: The Service Node/Miner reponsible for generating the block - Block Leader: The Service Node that is at the top of the Service Node List queue. They are also by default on pulse round 0, the block producer. If that round fails, then the block producer is changed as per the LIP-6 with multi-block seeding. This commit also re-writes validate miner TX to repeat some of the verification code. This appears to be clearer than having multiple variables that change the verification loop in small ways which was more error prone than I'd like to tolerate.
2020-07-07 09:46:00 +02:00
}
}
break;
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
case verify_mode::batched_sn_rewards:
{
size_t vout_index = 0;
uint64_t total_payout_in_our_db = std::accumulate(batched_sn_payments->begin(),batched_sn_payments->end(), uint64_t{0}, [](auto const a, auto const b){return a + b.amount;});
uint64_t total_payout_in_vouts = 0;
cryptonote::keypair const deterministic_keypair = cryptonote::get_deterministic_keypair_from_height(height);
for (auto & vout : block.miner_tx.vout)
{
if (!std::holds_alternative<cryptonote::txout_to_key>(vout.target))
{
MGINFO_RED("Service node output target type should be txout_to_key");
return false;
}
if (vout.amount != (*batched_sn_payments)[vout_index].amount)
{
MERROR("Service node reward amount incorrect. Should be " << cryptonote::print_money((*batched_sn_payments)[vout_index].amount) << ", is: " << cryptonote::print_money(vout.amount));
return false;
}
crypto::public_key out_eph_public_key{};
if (!cryptonote::get_deterministic_output_key((*batched_sn_payments)[vout_index].address_info.address, deterministic_keypair, vout_index, out_eph_public_key))
{
MERROR("Failed to generate output one-time public key");
return false;
}
const auto& out_to_key = var::get<cryptonote::txout_to_key>(vout.target);
if (tools::view_guts(out_to_key) != tools::view_guts(out_eph_public_key))
{
MERROR("Output Ephermeral Public Key does not match");
return false;
}
total_payout_in_vouts += vout.amount;
vout_index++;
}
if (total_payout_in_vouts != total_payout_in_our_db)
{
MERROR("Total service node reward amount incorrect. Should be " << cryptonote::print_money(total_payout_in_our_db) << ", is: " << cryptonote::print_money(total_payout_in_vouts));
return false;
}
}
break;
Pulse: Validate block producer in service node list
2020-07-06 07:52:51 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
return true;
}
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
bool service_node_list::alt_block_added(cryptonote::block const &block, std::vector<cryptonote::transaction> const &txs, cryptonote::checkpoint_t const *checkpoint)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
// NOTE: The premise is to search the main list and the alternative list for
// the parent of the block we just received, generate the new Service Node
// state with this alt-block and verify that the block passes all
// the necessary checks.
// On success, this function returns true, signifying the block is valid to
// store into the alt-chain until it gathers enough blocks to cause
// a reorganization (more checkpoints/PoW than the main chain).
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
if (block.major_version < cryptonote::network_version_9_service_nodes)
return true;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
uint64_t block_height = cryptonote::get_block_height(block);
state_t const *starting_state = nullptr;
crypto::hash const block_hash = get_block_hash(block);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = m_transient.alt_state.find(block_hash);
if (it != m_transient.alt_state.end()) return true; // NOTE: Already processed alt-state for this block
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
// NOTE: Check if alt block forks off some historical state on the canonical chain
if (!starting_state)
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = m_transient.state_history.find(block_height - 1);
if (it != m_transient.state_history.end())
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
if (block.prev_id == it->block_hash) starting_state = &(*it);
}
// NOTE: Check if alt block forks off some historical alt state on an alt chain
if (!starting_state)
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = m_transient.alt_state.find(block.prev_id);
if (it != m_transient.alt_state.end()) starting_state = &it->second;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
if (!starting_state)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
LOG_PRINT_L1("Received alt block but couldn't find parent state in historical state");
return false;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
if (starting_state->block_hash != block.prev_id)
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
{
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
LOG_PRINT_L1("Unexpected state_t's hash: " << starting_state->block_hash
<< ", does not match the block prev hash: " << block.prev_id);
return false;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
// NOTE: Generate the next Service Node list state from this Alt block.
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
state_t alt_state = *starting_state;
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
alt_state.update_from_block(m_blockchain.get_db(), m_blockchain.nettype(), m_transient.state_history, m_transient.state_archive, m_transient.alt_state, block, txs, m_service_node_keys);
auto alt_it = m_transient.alt_state.find(block_hash);
if (alt_it != m_transient.alt_state.end())
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
alt_it->second = std::move(alt_state);
else
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.alt_state.emplace(block_hash, std::move(alt_state));
Incorporate checkpoint validation into syncing step Fix checkpoint verification check and add messages
2019-08-28 07:54:02 +02:00
Pulse: Verify alt blocks from pulse
2020-09-03 06:41:42 +02:00
return verify_block(block, true /*alt_block*/, checkpoint);
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
static service_node_list::quorum_for_serialization serialize_quorum_state(uint8_t hf_version, uint64_t height, quorum_manager const &quorums)
{
service_node_list::quorum_for_serialization result = {};
result.height = height;
if (quorums.obligations) result.quorums[static_cast<uint8_t>(quorum_type::obligations)] = *quorums.obligations;
if (quorums.checkpointing) result.quorums[static_cast<uint8_t>(quorum_type::checkpointing)] = *quorums.checkpointing;
return result;
}
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
static service_node_list::state_serialized serialize_service_node_state_object(uint8_t hf_version, service_node_list::state_t const &state, bool only_serialize_quorums = false)
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
{
service_node_list::state_serialized result = {};
Fix service node winner incorrect error If we are re-deriving states we still also need the historical quorums such that we can process incoming blocks with state changes. Without it, state changes will be ignored and skipped causing inconsistent state in the service node list. This mandates a rescan and stores the most recent in state_ts, and only just quorums for states preceeding 10k intervals. We can no longer store the 1st most recent state in the DB as that will be missing quorums as well for similar reason when rederiving on start-up.
2019-08-16 07:30:36 +02:00
result.version = service_node_list::state_serialized::get_version(hf_version);
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
result.height = state.height;
result.quorums = serialize_quorum_state(hf_version, state.height, state.quorums);
result.only_stored_quorums = state.only_loaded_quorums || only_serialize_quorums;
if (only_serialize_quorums)
return result;
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
result.infos.reserve(state.service_nodes_infos.size());
for (const auto &kv_pair : state.service_nodes_infos)
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
result.infos.emplace_back(kv_pair);
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
result.key_image_blacklist = state.key_image_blacklist;
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
result.block_hash = state.block_hash;
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
return result;
}
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
bool service_node_list::store()
{
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (!m_blockchain.has_db())
Fix segfault on exit with bad SN args (#690) service_node_list::store() was called on destruction, but destruction can happen before it is set up with the database pointer (hence the segfault). Fix it to just silently return if not set up yet.
2019-06-29 06:25:52 +02:00
return false; // Haven't been initialized yet
Add snode revision soft forks & drop hard fork voting code Snode revisions are a secondary version that let us put out a mandatory update for snodes that isn't a hardfork (and so isn't mandatory for wallets/exchanges/etc.). The main point of this is to let us make a 9.2.0 release that includes new mandatory minimums of future versions of storage server (2.2.0) and lokinet (0.9.4) to bring upgrades to the network. This slightly changes the HF7 blocks to 0 (instead of 1) because, apparently, we weren't properly checking the HF value of the pre-first-hf genesis block at all before. (In practice this changes nothing because genesis blocks are v7 anyway). This also changes (slightly) how we check for hard forks: now if we skip some hard forks then we still want to know the height when a hard fork triggers. For example, if the hf tables contains {7,14} then we still need to know that the HF14 block height also is the height that activates HF9, 10, etc.
2021-06-18 01:06:51 +02:00
uint8_t hf_version = m_blockchain.get_network_version();
Allow storing multiple quorum types (#562)
2019-04-23 02:53:17 +02:00
if (hf_version < cryptonote::network_version_9_service_nodes)
Infinite Staking Part 1 (#387) * Remove dead branches in hot-path check_tx_inputs Also renames #define for mixins to better match naming convention * Shuffle around some more code into common branches * Fix min/max tx version rules, since there 1 tx v2 on v9 fork * First draft infinite staking implementation * Actually generate the right key image and expire appropriately * Add framework to lock key images after expiry * Return locked key images for nodes, add request unlock option * Introduce transaction types for key image unlock * Update validation steps to accept tx types, key_image_unlock * Add mapping for lockable key images to amounts * Change inconsistent naming scheme of contributors * Create key image unlock transaction type and process it * Update tx params to allow v4 types and as a result construct_tx* * Fix some serialisation issues not sending all the information * Fix dupe tx extra tag causing incorrect deserialisation * Add warning comments * Fix key image unlocks parsing error * Simplify key image proof checks * Fix rebase errors * Correctly calculate the key image unlock times * Blacklist key image on deregistration * Serialise key image blacklist * Rollback blacklisted key images * Fix expiry logic error * Disallow requesting stake unlock if already unlocked client side * Add double spend checks for key image unlocks * Rename get_staking_requirement_lock_blocks To staking_initial_num_lock_blocks * Begin modifying output selection to not use locked outputs * Modify output selection to avoid locked/blacklisted key images * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add additional test, fix assert * Remove debug code in wallet * Fix merge dev problem
2019-01-25 04:15:52 +01:00
return true;
use a recursive_mutex from boost in service node list (#289)
2018-10-15 03:22:46 +02:00
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
data_for_serialization *data[] = {&m_transient.cache_long_term_data, &m_transient.cache_short_term_data};
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
auto const serialize_version = data_for_serialization::get_version(hf_version);
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
for (data_for_serialization *serialize_entry : data)
service nodes: add quorum states to db storage
2018-08-17 07:14:45 +02:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
if (serialize_entry->version != serialize_version) m_transient.state_added_to_archive = true;
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
serialize_entry->version = serialize_version;
serialize_entry->clear();
}
Allow storing multiple quorum types (#562)
2019-04-23 02:53:17 +02:00
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.cache_short_term_data.quorum_states.reserve(m_transient.old_quorum_states.size());
for (const quorums_by_height &entry : m_transient.old_quorum_states)
m_transient.cache_short_term_data.quorum_states.push_back(serialize_quorum_state(hf_version, entry.height, entry.quorums));
Fix storage states over-reserved size
2019-08-13 05:05:21 +02:00
Allow storing multiple quorum types (#562)
2019-04-23 02:53:17 +02:00
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
if (m_transient.state_added_to_archive)
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
for (auto const &it : m_transient.state_archive)
m_transient.cache_long_term_data.states.push_back(serialize_service_node_state_object(hf_version, it));
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
}
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
// NOTE: A state_t may reference quorums up to (VOTE_LIFETIME
// + VOTE_OR_TX_VERIFY_HEIGHT_BUFFER) blocks back. So in the
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
// (MAX_SHORT_TERM_STATE_HISTORY | 2nd oldest checkpoint) window of states we store, the
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
// first (VOTE_LIFETIME + VOTE_OR_TX_VERIFY_HEIGHT_BUFFER) states we only
// store their quorums, such that the following states have quorum
// information preceeding it.
Make 4.0.4 service node blob backwards compatible (#786) Ordinarily on shut down we would discard the quorum states that are converted and serialised once on initial start up with the new software. If this is lost, we would not be able to process incoming votes or any state changes and essentially halt without forcing a way to rescan the service node list back to a consistent state.
2019-08-12 01:53:05 +02:00
Store more quorums than just the immutable checkpoint
2019-12-10 01:06:28 +01:00
uint64_t const max_short_term_height = short_term_state_cull_height(hf_version, (m_state.height - 1)) + VOTE_LIFETIME + VOTE_OR_TX_VERIFY_HEIGHT_BUFFER;
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
for (auto it = m_transient.state_history.begin();
it != m_transient.state_history.end() && it->height <= max_short_term_height;
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
it++)
{
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// TODO(oxen): There are 2 places where we convert a state_t to be a serialized state_t without quorums. We should only do this in one location for clarity.
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.cache_short_term_data.states.push_back(serialize_service_node_state_object(hf_version, *it, it->height < max_short_term_height /*only_serialize_quorums*/));
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
}
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.cache_data_blob.clear();
if (m_transient.state_added_to_archive)
~5ms per block speed up, make serialised struct static Avoid constant reallocation.
2019-07-22 04:32:21 +02:00
{
Serialization (part2): application
2020-06-02 05:08:48 +02:00
serialization::binary_string_archiver ba;
try {
serialization::serialize(ba, m_transient.cache_long_term_data);
} catch (const std::exception& e) {
LOG_ERROR("Failed to store service node info: failed to serialize long term data: " << e.what());
return false;
}
m_transient.cache_data_blob.append(ba.str());
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
{
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
auto &db = m_blockchain.get_db();
cryptonote::db_wtxn_guard txn_guard{db};
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
db.set_service_node_data(m_transient.cache_data_blob, true /*long_term*/);
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
}
}
minor fixes to service node data storage
2018-08-16 06:13:57 +02:00
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.cache_data_blob.clear();
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
{
Serialization (part2): application
2020-06-02 05:08:48 +02:00
serialization::binary_string_archiver ba;
try {
serialization::serialize(ba, m_transient.cache_short_term_data);
} catch (const std::exception& e) {
LOG_ERROR("Failed to store service node info: failed to serialize short term data: " << e.what());
return false;
}
m_transient.cache_data_blob.append(ba.str());
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
{
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
auto &db = m_blockchain.get_db();
cryptonote::db_wtxn_guard txn_guard{db};
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
db.set_service_node_data(m_transient.cache_data_blob, false /*long_term*/);
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
}
~5ms per block speed up, make serialised struct static Avoid constant reallocation.
2019-07-22 04:32:21 +02:00
}
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_added_to_archive = false;
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
return true;
}
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
//TODO: remove after HF18, snode revision 1
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
crypto::hash service_node_list::hash_uptime_proof(const cryptonote::NOTIFY_UPTIME_PROOF::request &proof) const
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
{
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
size_t buf_size;
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
crypto::hash result;
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
auto buf = tools::memcpy_le(proof.pubkey.data, proof.timestamp, proof.public_ip, proof.storage_https_port, proof.pubkey_ed25519.data, proof.qnet_port, proof.storage_omq_port);
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
buf_size = buf.size();
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
crypto::cn_fast_hash(buf.data(), buf_size, result);
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
return result;
}
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
cryptonote::NOTIFY_UPTIME_PROOF::request service_node_list::generate_uptime_proof(
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
uint32_t public_ip, uint16_t storage_https_port, uint16_t storage_omq_port, uint16_t quorumnet_port) const
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
{
RPC overhaul High-level details: This redesigns the RPC layer to make it much easier to work with, decouples it from an embedded HTTP server, and gets the vast majority of the RPC serialization and dispatch code out of a very commonly included header. There is unfortunately rather a lot of interconnected code here that cannot be easily separated out into separate commits. The full details of what happens here are as follows: Major details: - All of the RPC code is now in a `cryptonote::rpc` namespace; this renames quite a bit to be less verbose: e.g. CORE_RPC_STATUS_OK becomes `rpc::STATUS_OK`, and `cryptonote::COMMAND_RPC_SOME_LONG_NAME` becomes `rpc::SOME_LONG_NAME` (or just SOME_LONG_NAME for code already working in the `rpc` namespace). - `core_rpc_server` is now completely decoupled from providing any request protocol: it is now *just* the core RPC call handler. - The HTTP RPC interface now lives in a new rpc/http_server.h; this code handles listening for HTTP requests and dispatching them to core_rpc_server, then sending the results back to the caller. - There is similarly a rpc/lmq_server.h for LMQ RPC code; more details on this (and other LMQ specifics) below. - RPC implementing code now returns the response object and throws when things go wrong which simplifies much of the rpc error handling. They can throw anything; generic exceptions get logged and a generic "internal error" message gets returned to the caller, but there is also an `rpc_error` class to return an error code and message used by some json-rpc commands. - RPC implementing functions now overload `core_rpc_server::invoke` following the pattern: RPC_BLAH_BLAH::response core_rpc_server::invoke(RPC_BLAH_BLAH::request&& req, rpc_context context); This overloading makes the code vastly simpler: all instantiations are now done with a small amount of generic instantiation code in a single .cpp rather than needing to go to hell and back with a nest of epee macros in a core header. - each RPC endpoint is now defined by the RPC types themselves, including its accessible names and permissions, in core_rpc_server_commands_defs.h: - every RPC structure now has a static `names()` function that returns the names by which the end point is accessible. (The first one is the primary, the others are for deprecated aliases). - RPC command wrappers define their permissions and type by inheriting from special tag classes: - rpc::RPC_COMMAND is a basic, admin-only, JSON command, available via JSON RPC. *All* JSON commands are now available via JSON RPC, instead of the previous mix of some being at /foo and others at /json_rpc. (Ones that were previously at /foo are still there for backwards compatibility; see `rpc::LEGACY` below). - rpc::PUBLIC specifies that the command should be available via a restricted RPC connection. - rpc::BINARY specifies that the command is not JSON, but rather is accessible as /name and takes and returns values in the magic epee binary "portable storage" (lol) data format. - rpc::LEGACY specifies that the command should be available via the non-json-rpc interface at `/name` for backwards compatibility (in addition to the JSON-RPC interface). - some epee serialization got unwrapped and de-templatized so that it can be moved into a .cpp file with just declarations in the .h. (This makes a *huge* difference for core_rpc_server_commands_defs.h and for every compilation unit that includes it which previously had to compile all the serialization code and then throw all by one copy away at link time). This required some new macros so as to not break a ton of places that will use the old way putting everything in the headers; The RPC code uses this as does a few other places; there are comments in contrib/epee/include/serialization/keyvalue_serialization.h as to how to use it. - Detemplatized a bunch of epee/storages code. Most of it should have have been using templates at all (because it can only ever be called with one type!), and now it isn't. This broke some things that didn't properly compile because of missing headers or (in one case) a messed up circular dependency. - Significantly simplified a bunch of over-templatized serialization code. - All RPC serialization definitions is now out of core_rpc_server_commands_defs.h and into a single .cpp file (core_rpc_server_commands_defs.cpp). - core RPC no longer uses the disgusting BEGIN_URI_MAP2/MAP_URI_BLAH_BLAH macros. This was a terrible design that forced slamming tons of code into a common header that didn't need to be there. - epee::struct_init is gone. It was a horrible hack that instiated multiple templates just so the coder could be so lazy and write `some_type var;` instead of properly value initializing with `some_type var{};`. - Removed a bunch of useless crap from epee. In particular, forcing extra template instantiations all over the place in order to nest return objects inside JSON RPC values is no longer needed, as are a bunch of stuff related to the above de-macroization of the code. - get_all_service_nodes, get_service_nodes, and get_n_service_nodes are now combined into a single `get_service_nodes` (with deprecated aliases for the others), which eliminates a fair amount of duplication. The biggest obstacle here was getting the requested fields reference passed through: this is now done by a new ability to stash a context in the serialization object that can be retrieved by a sub-serialized type. LMQ-specifics: - The LokiMQ instance moves into `cryptonote::core` rather than being inside cryptonote_protocol. Currently the instance is used both for qnet and rpc calls (and so needs to be in a common place), but I also intend future PRs to use the batching code for job processing (replacing the current threaded job queue). - rpc/lmq_server.h handles the actual LMQ-request-to-core-RPC glue. Unlike http_server it isn't technically running the whole LMQ stack from here, but the parallel name with http_server seemed appropriate. - All RPC endpoints are supported by LMQ under the same names as defined generically, but prefixed with `rpc.` for public commands and `admin.` for restricted ones. - service node keys are now always available, even when not running in `--service-node` mode: this is because we want the x25519 key for being able to offer CURVE encryption for lmq RPC end-points, and because it doesn't hurt to have them available all the time. In the RPC layer this is now called "get_service_keys" (with "get_service_node_key" as an alias) since they aren't strictly only for service nodes. This also means code needs to check m_service_node, and not m_service_node_keys, to tell if it is running as a service node. (This is also easier to notice because m_service_node_keys got renamed to `m_service_keys`). - Added block and mempool monitoring LMQ RPC endpoints: `sub.block` and `sub.mempool` subscribes the connection for new block and new mempool TX notifications. The latter can notify on just blink txes, or all new mempool txes (but only new ones -- txes dumped from a block don't trigger it). The client gets pushed a [`notify.block`, `height`, `hash`] or [`notify.tx`, `txhash`, `blob`] message when something arrives. Minor details: - rpc::version_t is now a {major,minor} pair. Forcing everyone to pack and unpack a uint32_t was gross. - Changed some macros to constexprs (e.g. CORE_RPC_ERROR_CODE_...). (This immediately revealed a couple of bugs in the RPC code that was assigning CORE_RPC_ERROR_CODE_... to a string, and it worked because the macro allows implicit conversion to a char). - De-templatizing useless templates in epee (i.e. a bunch of templated types that were never invoked with different types) revealed a painful circular dependency between epee and non-epee code for tor_address and i2p_address. This crap is now handled in a suitably named `net/epee_network_address_hack.cpp` hack because it really isn't trivial to extricate this mess. - Removed `epee/include/serialization/serialize_base.h`. Amazingly the code somehow still all works perfectly with this previously vital header removed. - Removed bitrotted, unused epee "crypted_storage" and "gzipped_inmemstorage" code. - Replaced a bunch of epee::misc_utils::auto_scope_leave_caller with LOKI_DEFERs. The epee version involves quite a bit more instantiation and is ugly as sin. Also made the `loki::defer` class invokable for some edge cases that need calling before destruction in particular conditions. - Moved the systemd code around; it makes much more sense to do the systemd started notification as in daemon.cpp as late as possible rather than in core (when we can still have startup failures, e.g. if the RPC layer can't start). - Made the systemd short status string available in the get_info RPC (and no longer require building with systemd). - during startup, print (only) the x25519 when not in SN mode, and continue to print all three when in SN mode. - DRYed out some RPC implementation code (such as set_limit) - Made wallet_rpc stop using a raw m_wallet pointer
2020-04-28 01:25:43 +02:00
assert(m_service_node_keys);
const auto& keys = *m_service_node_keys;
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
cryptonote::NOTIFY_UPTIME_PROOF::request result = {};
executable names changed
2021-01-04 04:19:42 +01:00
result.snode_version = OXEN_VERSION;
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
result.timestamp = time(nullptr);
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
result.pubkey = keys.pub;
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
result.public_ip = public_ip;
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
result.storage_https_port = storage_https_port;
result.storage_omq_port = storage_omq_port;
Add quorumnet comms This adds vote relaying via quorumnet. - The main glue between existing code and quorumnet code is in cryptonote_protocol/quorumnet.{h,cpp} - Uses function pointers assigned at initialization to call into the glue without making cn_core depend on p2p - Adds ed25519 and quorumnet port to uptime proofs and serialization. - Added a second uptime proof signature using the ed25519 key to that SNs are proving they actually have it (otherwise they could spoof someone else's pubkey). - Adds quorumnet port, defaulting to zmq rpc port + 1. quorumnet listens on the p2p IPv4 address (but broadcasts the `public_ip` to the network). - Derives x25519 when received or deserialized. - Converted service_info_info::version_t into a scoped enum (with the same underlying type). - Added contribution_t::version_t scoped enum. It was using service_info_info::version for a 0 value which seemed rather wrong. Random small details: - Renamed internal `arg_sn_bind_port` for consistency - Moved default stagenet ports from 38153-38155 to 38056-38058, and add the default stagenet quorumnet port at 38059 (this keeps the range contiguous; otherwise the next stagenet default port would collide with the testnet p2p port).
2019-10-15 19:45:58 +02:00
result.qnet_port = quorumnet_port;
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
result.pubkey_ed25519 = keys.pub_ed25519;
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
crypto::hash hash = hash_uptime_proof(result);
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
crypto::generate_signature(hash, keys.pub, keys.key, result.sig);
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
crypto_sign_detached(result.sig_ed25519.data, NULL, reinterpret_cast<unsigned char *>(hash.data), sizeof(hash.data), keys.key_ed25519.data);
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
return result;
}
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
uptime_proof::Proof service_node_list::generate_uptime_proof(uint32_t public_ip, uint16_t storage_https_port, uint16_t storage_omq_port, std::array<uint16_t, 3> ss_version, uint16_t quorumnet_port, std::array<uint16_t, 3> lokinet_version) const
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
{
const auto& keys = *m_service_node_keys;
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
return uptime_proof::Proof(public_ip, storage_https_port, storage_omq_port, ss_version, quorumnet_port, lokinet_version, keys);
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
}
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
#ifdef __cpp_lib_erase_if // # (C++20)
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
using std::erase_if;
#else
template <typename Container, typename Predicate>
static void erase_if(Container &c, Predicate pred) {
for (auto it = c.begin(), last = c.end(); it != last; ) {
if (pred(*it))
it = c.erase(it);
else
++it;
}
}
#endif
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
template <typename T>
static bool update_val(T &val, const T &to) {
if (val != to) {
val = to;
return true;
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
return false;
}
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
shorten wire names
2021-01-28 01:07:57 +01:00
proof_info::proof_info()
: proof(std::make_unique<uptime_proof::Proof>()) {};
Work around broken database interface Apparently it's not safe to use "transactions" in the LMDB without first taking out an exclusive lock on the Blockchain class. Transactions apparently aren't actually transactions, they are just fatal errors that forever deadlock the database if you try to take two write transactions at once. Work around this terrible design by adding the appropriate magic incantation.
2019-12-11 16:51:36 +01:00
void proof_info::store(const crypto::public_key &pubkey, cryptonote::Blockchain &blockchain)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
{
shorten wire names
2021-01-28 01:07:57 +01:00
if (!proof) proof = std::unique_ptr<uptime_proof::Proof>(new uptime_proof::Proof());
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::unique_lock lock{blockchain};
Work around broken database interface Apparently it's not safe to use "transactions" in the LMDB without first taking out an exclusive lock on the Blockchain class. Transactions apparently aren't actually transactions, they are just fatal errors that forever deadlock the database if you try to take two write transactions at once. Work around this terrible design by adding the appropriate magic incantation.
2019-12-11 16:51:36 +01:00
auto &db = blockchain.get_db();
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
db.set_service_node_proof(pubkey, *this);
}
shorten wire names
2021-01-28 01:07:57 +01:00
bool proof_info::update(uint64_t ts, std::unique_ptr<uptime_proof::Proof> new_proof, const crypto::x25519_public_key &pk_x2)
{
bool update_db = false;
if (!proof || *proof != *new_proof) {
update_db = true;
proof = std::move(new_proof);
}
update_db |= update_val(timestamp, ts);
Don't use timestamp from proof The timestamp inside the proof is only for signature validation, but we were using it in some places as the uptime proof time, but not updating it everywhere we needed to. This fixes it by using our own timestamp for all local timed events (e.g. when we received it, when the node is not sending proofs, etc.) to fix the issue.
2021-04-23 07:37:51 +02:00
effective_timestamp = timestamp;
shorten wire names
2021-01-28 01:07:57 +01:00
pubkey_x25519 = pk_x2;
// Track an IP change (so that the obligations quorum can penalize for IP changes)
// We only keep the two most recent because all we really care about is whether it had more than one
//
// If we already know about the IP, update its timestamp:
auto now = std::time(nullptr);
if (public_ips[0].first && public_ips[0].first == proof->public_ip)
public_ips[0].second = now;
else if (public_ips[1].first && public_ips[1].first == proof->public_ip)
public_ips[1].second = now;
// Otherwise replace whichever IP has the older timestamp
else if (public_ips[0].second > public_ips[1].second)
public_ips[1] = {proof->public_ip, now};
else
public_ips[0] = {proof->public_ip, now};
return update_db;
};
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
//TODO remove after HF18, snode revision 1
Add storage server lokimq port (#1056) * Add storage server lokimq port * Don't hash storage lmq port until HF15 * Parse storage lmq port from ping
2020-03-11 02:35:36 +01:00
bool proof_info::update(uint64_t ts,
uint32_t ip,
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
uint16_t s_https_port,
uint16_t s_omq_port,
Add storage server lokimq port (#1056) * Add storage server lokimq port * Don't hash storage lmq port until HF15 * Parse storage lmq port from ping
2020-03-11 02:35:36 +01:00
uint16_t q_port,
std::array<uint16_t, 3> ver,
const crypto::ed25519_public_key& pk_ed,
const crypto::x25519_public_key& pk_x2)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
{
bool update_db = false;
shorten wire names
2021-01-28 01:07:57 +01:00
if (!proof) proof = std::unique_ptr<uptime_proof::Proof>(new uptime_proof::Proof());
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
update_db |= update_val(timestamp, ts);
shorten wire names
2021-01-28 01:07:57 +01:00
update_db |= update_val(proof->public_ip, ip);
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
update_db |= update_val(proof->storage_https_port, s_https_port);
update_db |= update_val(proof->storage_omq_port, s_omq_port);
shorten wire names
2021-01-28 01:07:57 +01:00
update_db |= update_val(proof->qnet_port, q_port);
update_db |= update_val(proof->version, ver);
update_db |= update_val(proof->pubkey_ed25519, pk_ed);
Don't use timestamp from proof The timestamp inside the proof is only for signature validation, but we were using it in some places as the uptime proof time, but not updating it everywhere we needed to. This fixes it by using our own timestamp for all local timed events (e.g. when we received it, when the node is not sending proofs, etc.) to fix the issue.
2021-04-23 07:37:51 +02:00
effective_timestamp = timestamp;
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
pubkey_x25519 = pk_x2;
// Track an IP change (so that the obligations quorum can penalize for IP changes)
// We only keep the two most recent because all we really care about is whether it had more than one
//
// If we already know about the IP, update its timestamp:
auto now = std::time(nullptr);
shorten wire names
2021-01-28 01:07:57 +01:00
if (public_ips[0].first && public_ips[0].first == proof->public_ip)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
public_ips[0].second = now;
shorten wire names
2021-01-28 01:07:57 +01:00
else if (public_ips[1].first && public_ips[1].first == proof->public_ip)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
public_ips[1].second = now;
// Otherwise replace whichever IP has the older timestamp
else if (public_ips[0].second > public_ips[1].second)
shorten wire names
2021-01-28 01:07:57 +01:00
public_ips[1] = {proof->public_ip, now};
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
else
shorten wire names
2021-01-28 01:07:57 +01:00
public_ips[0] = {proof->public_ip, now};
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
return update_db;
};
void proof_info::update_pubkey(const crypto::ed25519_public_key &pk) {
shorten wire names
2021-01-28 01:07:57 +01:00
if (pk == proof->pubkey_ed25519)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
return;
if (pk && 0 == crypto_sign_ed25519_pk_to_curve25519(pubkey_x25519.data, pk.data)) {
shorten wire names
2021-01-28 01:07:57 +01:00
proof->pubkey_ed25519 = pk;
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
} else {
shorten wire names
2021-01-28 01:07:57 +01:00
MWARNING("Failed to derive x25519 pubkey from ed25519 pubkey " << proof->pubkey_ed25519);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
pubkey_x25519 = crypto::x25519_public_key::null();
shorten wire names
2021-01-28 01:07:57 +01:00
proof->pubkey_ed25519 = crypto::ed25519_public_key::null();
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
}
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
}
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
#define REJECT_PROOF(log) do { LOG_PRINT_L2("Rejecting uptime proof from " << proof.pubkey << ": " log); return false; } while (0)
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
//TODO remove after HF18, snode revision 1
Pulse: Queue Block Gen code review - Rename find_named_argument -> find_prefixed_value - Update get_current_blockchain_height() comment to specify ability to lock - Update memcmp(address1, address2) to address1 == address2 - Make create_next_miner_block_template call create_miner_block_template - Update LMQ x25519 keys only when key has changed - construct_miner_tx: Use C++17 features - Pulse: Add log category "Pulse" - Pulse: Check shutdown before blockchain height - Pulse: Use get_human_readable_timespan - Pulse: Switch to MINFO, enable with --log-level +pulse:DEBUG - Pulse: Add height into context - Pulse: Remove some default switch cases hiding compiler warnings - SN: Update hardcoded '9' literals to network_version_9_service_nodes - Core: Use using namespace std::literals - Miner: Change num_blocks availability to debug - RPC: Gate test rpc commands to != MAINNET - Wallet: Store wallet before deinitialization instead of refresh
2020-08-06 09:21:00 +02:00
bool service_node_list::handle_uptime_proof(cryptonote::NOTIFY_UPTIME_PROOF::request const &proof, bool &my_uptime_proof_confirmation, crypto::x25519_public_key &x25519_pkey)
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
{
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
auto vers = get_network_version_revision(m_blockchain.nettype(), m_blockchain.get_current_blockchain_height());
if (vers >= std::pair<uint8_t, uint8_t>{cryptonote::network_version_18, 1})
REJECT_PROOF("Old format (non-bt) proofs are not acceptable from v18+1 onwards");
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
auto& netconf = get_config(m_blockchain.nettype());
auto now = std::chrono::system_clock::now();
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
// Validate proof version, timestamp range,
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
auto time_deviation = now - std::chrono::system_clock::from_time_t(proof.timestamp);
if (time_deviation > netconf.UPTIME_PROOF_TOLERANCE || time_deviation < -netconf.UPTIME_PROOF_TOLERANCE)
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
REJECT_PROOF("timestamp is too far from now");
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
Min uptime version=7.0.0, centralise defn to other version vars
2020-03-12 00:05:30 +01:00
for (auto const &min : MIN_UPTIME_PROOF_VERSIONS)
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
if (vers >= min.hardfork_revision && proof.snode_version < min.oxend)
REJECT_PROOF("v" << tools::join(".", min.oxend) << "+ oxend version is required for v" << +vers.first << "." << +vers.second << "+ network proofs");
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
if (!debug_allow_local_ips && !epee::net_utils::is_ip_public(proof.public_ip))
REJECT_PROOF("public_ip is not actually public");
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
//
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
// Validate proof signature
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
//
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
crypto::hash hash = hash_uptime_proof(proof);
shorten wire names
2021-01-28 01:07:57 +01:00
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
if (!crypto::check_signature(hash, proof.pubkey, proof.sig))
REJECT_PROOF("signature validation failed");
crypto::x25519_public_key derived_x25519_pubkey = crypto::x25519_public_key::null();
if (!proof.pubkey_ed25519)
REJECT_PROOF("required ed25519 auxiliary pubkey " << proof.pubkey_ed25519 << " not included in proof");
if (0 != crypto_sign_verify_detached(proof.sig_ed25519.data, reinterpret_cast<unsigned char *>(hash.data), sizeof(hash.data), proof.pubkey_ed25519.data))
REJECT_PROOF("ed25519 signature validation failed");
if (0 != crypto_sign_ed25519_pk_to_curve25519(derived_x25519_pubkey.data, proof.pubkey_ed25519.data)
|| !derived_x25519_pubkey)
REJECT_PROOF("invalid ed25519 pubkey included in proof (x25519 derivation failed)");
if (proof.qnet_port == 0)
REJECT_PROOF("invalid quorumnet port in uptime proof");
auto locks = tools::unique_locks(m_blockchain, m_sn_mutex, m_x25519_map_mutex);
auto it = m_state.service_nodes_infos.find(proof.pubkey);
if (it == m_state.service_nodes_infos.end())
REJECT_PROOF("no such service node is currently registered");
auto &iproof = proofs[proof.pubkey];
shorten wire names
2021-01-28 01:07:57 +01:00
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
if (now <= std::chrono::system_clock::from_time_t(iproof.timestamp) + std::chrono::seconds{netconf.UPTIME_PROOF_FREQUENCY} / 2)
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
REJECT_PROOF("already received one uptime proof for this node recently");
if (m_service_node_keys && proof.pubkey == m_service_node_keys->pub)
{
my_uptime_proof_confirmation = true;
MGINFO("Received uptime-proof confirmation back from network for Service Node (yours): " << proof.pubkey);
}
else
{
my_uptime_proof_confirmation = false;
LOG_PRINT_L2("Accepted uptime proof from " << proof.pubkey);
if (m_service_node_keys && proof.pubkey_ed25519 == m_service_node_keys->pub_ed25519)
MGINFO_RED("Uptime proof from SN " << proof.pubkey << " is not us, but is using our ed/x25519 keys; "
"this is likely to lead to deregistration of one or both service nodes.");
}
auto old_x25519 = iproof.pubkey_x25519;
Storage server RPC improvements Improves the oxend<->storage server communications protocol: - pass storage server HTTPS port as part of the storage server ping (which already carries the also-required OMQ port) rather than needing to provide it when starting up oxend. --storage-server-port is now obsolete (and ignored, if specified). - Fix up the internal API to use `storage_https_port` and `storage_omq_port` rather than `storage_port` and `storage_lmq_port`. - Redo and the SS ping RPC endpoint so that it is less verbose and more closely matches the lokinet endpoint; instead of: { "version_major": 2, "version_minor": 0, "version_patch": 9, "storage_lmq_port": 22222 } we now expect: { "version": [2,0,9], "https_port": 11111, "omq_port": 22222 } - Tweaks the (not-yet-released) SS proof key names: "s"->"shp" and "slp"->"sop"
2021-04-08 18:42:33 +02:00
if (iproof.update(std::chrono::system_clock::to_time_t(now), proof.public_ip, proof.storage_https_port, proof.storage_omq_port, proof.qnet_port, proof.snode_version, proof.pubkey_ed25519, derived_x25519_pubkey))
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
iproof.store(proof.pubkey, m_blockchain);
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
if (now - x25519_map_last_pruned >= X25519_MAP_PRUNING_INTERVAL)
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
{
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
time_t cutoff = std::chrono::system_clock::to_time_t(now - X25519_MAP_PRUNING_LAG);
erase_if(x25519_to_pub, [&cutoff](auto &x) { return x.second.second < cutoff; });
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
x25519_map_last_pruned = now;
}
if (old_x25519 && old_x25519 != derived_x25519_pubkey)
x25519_to_pub.erase(old_x25519);
if (derived_x25519_pubkey)
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
x25519_to_pub[derived_x25519_pubkey] = {proof.pubkey, std::chrono::system_clock::to_time_t(now)};
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
if (derived_x25519_pubkey && (old_x25519 != derived_x25519_pubkey))
x25519_pkey = derived_x25519_pubkey;
return true;
}
shorten wire names
2021-01-28 01:07:57 +01:00
#undef REJECT_PROOF
#define REJECT_PROOF(log) do { LOG_PRINT_L2("Rejecting uptime proof from " << proof->pubkey << ": " log); return false; } while (0)
bool service_node_list::handle_btencoded_uptime_proof(std::unique_ptr<uptime_proof::Proof> proof, bool &my_uptime_proof_confirmation, crypto::x25519_public_key &x25519_pkey)
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
{
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
auto vers = get_network_version_revision(m_blockchain.nettype(), m_blockchain.get_current_blockchain_height());
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
auto& netconf = get_config(m_blockchain.nettype());
auto now = std::chrono::system_clock::now();
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
// Validate proof version, timestamp range,
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
auto time_deviation = now - std::chrono::system_clock::from_time_t(proof->timestamp);
if (time_deviation > netconf.UPTIME_PROOF_TOLERANCE || time_deviation < -netconf.UPTIME_PROOF_TOLERANCE)
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
REJECT_PROOF("timestamp is too far from now");
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
for (auto const &min : MIN_UPTIME_PROOF_VERSIONS) {
Batching of service node rewards This updates the coinbase transactions to reward service nodes periodically rather than every block. If you recieve a service node reward this reward will be delayed x blocks, if you receive another reward to the same wallet before those blocks have been completed it will be added to your total and all will be paid out after those x blocks has passed. For example if our batching interval is 2 blocks: Block 1 - Address A receives reward of 10 oxen - added to batch Block 2 - Address A receives reward of 10 oxen - added to batch Block 3 - Address A is paid out 20 oxen. Batching accumulates a small reward for all nodes every block The batching of service node rewards allows us to drip feed rewards to service nodes. Rather than accruing each service node 16.5 oxen every time they are pulse block leader we now reward every node the 16.5 / num_service_nodes every block and pay each wallet the full amount that has been accrued after a period of time (Likely 3.5 days). To spread each payment evenly we now pay the rewards based on the address of the recipient. This modulus of their address determines which block the address should be paid and by setting the interval to our service_node_batching interval we can guarantee they will be paid out regularly and evenly distribute the payments for all wallets over this
2022-04-29 01:51:14 +02:00
if (vers >= min.hardfork_revision && m_blockchain.nettype() != cryptonote::DEVNET) {
lokinet/SS minimum proof versions; 9.2.0 version bump Remove support for old (non-bt) proofs with the 9.2.0 snode revision block (I'm not 100% sure on what to call this; "snode revision"? "soft fork"? "spork"?). Also bumps the working version to 9.2.0; this likely isn't release ready, but allows for testing of this on testnet.
2021-06-18 01:47:00 +02:00
if (proof->version < min.oxend)
REJECT_PROOF("v" << tools::join(".", min.oxend) << "+ oxend version is required for v" << +vers.first << "." << +vers.second << "+ network proofs");
if (proof->lokinet_version < min.lokinet)
REJECT_PROOF("v" << tools::join(".", min.lokinet) << "+ lokinet version is required for v" << +vers.first << "." << +vers.second << "+ network proofs");
if (proof->storage_server_version < min.storage_server)
REJECT_PROOF("v" << tools::join(".", min.storage_server) << "+ storage server version is required for v" << +vers.first << "." << +vers.second << "+ network proofs");
}
}
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
shorten wire names
2021-01-28 01:07:57 +01:00
if (!debug_allow_local_ips && !epee::net_utils::is_ip_public(proof->public_ip))
Serialize the uptime proof using btencoding
2020-12-17 06:52:16 +01:00
REJECT_PROOF("public_ip is not actually public");
//
// Validate proof signature
//
shorten wire names
2021-01-28 01:07:57 +01:00
crypto::hash hash = proof->hash_uptime_proof();
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
shorten wire names
2021-01-28 01:07:57 +01:00
if (!crypto::check_signature(hash, proof->pubkey, proof->sig))
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
REJECT_PROOF("signature validation failed");
Incorporate service node ip address into uptime proofs (#622) * Incorporate service node ip address into uptime proofs; expose them using rpc * Check that storage server port is specified in service-node mode * Remove problematic const, rename argument name for storage port, update comments * Validate ip address when receive uptime proof * Better argument names and descriptions
2019-06-04 06:15:16 +02:00
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
crypto::x25519_public_key derived_x25519_pubkey = crypto::x25519_public_key::null();
shorten wire names
2021-01-28 01:07:57 +01:00
if (!proof->pubkey_ed25519)
REJECT_PROOF("required ed25519 auxiliary pubkey " << proof->pubkey_ed25519 << " not included in proof");
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
shorten wire names
2021-01-28 01:07:57 +01:00
if (0 != crypto_sign_verify_detached(proof->sig_ed25519.data, reinterpret_cast<unsigned char *>(hash.data), sizeof(hash.data), proof->pubkey_ed25519.data))
Remove obsolete HF checks from uptime code
2020-08-11 23:59:53 +02:00
REJECT_PROOF("ed25519 signature validation failed");
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
shorten wire names
2021-01-28 01:07:57 +01:00
if (0 != crypto_sign_ed25519_pk_to_curve25519(derived_x25519_pubkey.data, proof->pubkey_ed25519.data)
Remove obsolete HF checks from uptime code
2020-08-11 23:59:53 +02:00
|| !derived_x25519_pubkey)
REJECT_PROOF("invalid ed25519 pubkey included in proof (x25519 derivation failed)");
shorten wire names
2021-01-28 01:07:57 +01:00
if (proof->qnet_port == 0)
Remove obsolete HF checks from uptime code
2020-08-11 23:59:53 +02:00
REJECT_PROOF("invalid quorumnet port in uptime proof");
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
Fix deadlock The m_blockchain lock added in #975 was causing deadlocks because we have ordered `m_blockchain -> ... -> m_sn_mutex` lock sequences but `proof.store()` was adding a `m_sn_mutex -> ... -> m_blockchain` sequence when called when receiving an uptime proof. Fix it by also taking out an m_blockchain lock where we take out the `m_sn_mutex`.
2019-12-12 04:29:52 +01:00
auto locks = tools::unique_locks(m_blockchain, m_sn_mutex, m_x25519_map_mutex);
shorten wire names
2021-01-28 01:07:57 +01:00
auto it = m_state.service_nodes_infos.find(proof->pubkey);
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
if (it == m_state.service_nodes_infos.end())
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
REJECT_PROOF("no such service node is currently registered");
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
shorten wire names
2021-01-28 01:07:57 +01:00
auto &iproof = proofs[proof->pubkey];
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
if (now <= std::chrono::system_clock::from_time_t(iproof.timestamp) + std::chrono::seconds{netconf.UPTIME_PROOF_FREQUENCY} / 2)
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
REJECT_PROOF("already received one uptime proof for this node recently");
Incorporate service node ip address into uptime proofs (#622) * Incorporate service node ip address into uptime proofs; expose them using rpc * Check that storage server port is specified in service-node mode * Remove problematic const, rename argument name for storage port, update comments * Validate ip address when receive uptime proof * Better argument names and descriptions
2019-06-04 06:15:16 +02:00
shorten wire names
2021-01-28 01:07:57 +01:00
if (m_service_node_keys && proof->pubkey == m_service_node_keys->pub)
Relay proofs back to source, but don't relay your proof again Otherwise we get into a ping-pong situation as follows Node1 sends uptime -> Node2 receives uptime and relays it back to Node1 for acknowledgement -> Node1 receives it, handle_uptime_proof returns true to acknowledge -> Node1 tries to resend to the same peers again Instead, if we receive our own uptime proof, then acknowledge but don't send on. If the we are missing an uptime proof it will have been submitted automatically by the daemon itself instead of using my own proof relayed by other nodes.
2019-09-18 07:22:27 +02:00
{
Remove sychronization check on receipt of uptime If a peer views the destination peer as not synchronizing, then the destination peer should just accept the uptime proof, rather than accept it and then conditionally relay it depending on whether or not you are synchronizing at the point of attempting to relay (which you could transition into synchronizing state interim between accepting and attempting to relay the proof).
2019-09-18 07:36:00 +02:00
my_uptime_proof_confirmation = true;
shorten wire names
2021-01-28 01:07:57 +01:00
MGINFO("Received uptime-proof confirmation back from network for Service Node (yours): " << proof->pubkey);
Relay proofs back to source, but don't relay your proof again Otherwise we get into a ping-pong situation as follows Node1 sends uptime -> Node2 receives uptime and relays it back to Node1 for acknowledgement -> Node1 receives it, handle_uptime_proof returns true to acknowledge -> Node1 tries to resend to the same peers again Instead, if we receive our own uptime proof, then acknowledge but don't send on. If the we are missing an uptime proof it will have been submitted automatically by the daemon itself instead of using my own proof relayed by other nodes.
2019-09-18 07:22:27 +02:00
}
Add message on receipt of your own uptime proof from network
2019-09-18 03:42:59 +02:00
else
Relay proofs back to source, but don't relay your proof again Otherwise we get into a ping-pong situation as follows Node1 sends uptime -> Node2 receives uptime and relays it back to Node1 for acknowledgement -> Node1 receives it, handle_uptime_proof returns true to acknowledge -> Node1 tries to resend to the same peers again Instead, if we receive our own uptime proof, then acknowledge but don't send on. If the we are missing an uptime proof it will have been submitted automatically by the daemon itself instead of using my own proof relayed by other nodes.
2019-09-18 07:22:27 +02:00
{
Remove sychronization check on receipt of uptime If a peer views the destination peer as not synchronizing, then the destination peer should just accept the uptime proof, rather than accept it and then conditionally relay it depending on whether or not you are synchronizing at the point of attempting to relay (which you could transition into synchronizing state interim between accepting and attempting to relay the proof).
2019-09-18 07:36:00 +02:00
my_uptime_proof_confirmation = false;
shorten wire names
2021-01-28 01:07:57 +01:00
LOG_PRINT_L2("Accepted uptime proof from " << proof->pubkey);
Warn and refuse to submit proofs if we detect duplicate ed/x25519 keys (#1121)
2020-04-14 02:53:40 +02:00
shorten wire names
2021-01-28 01:07:57 +01:00
if (m_service_node_keys && proof->pubkey_ed25519 == m_service_node_keys->pub_ed25519)
MGINFO_RED("Uptime proof from SN " << proof->pubkey << " is not us, but is using our ed/x25519 keys; "
Warn and refuse to submit proofs if we detect duplicate ed/x25519 keys (#1121)
2020-04-14 02:53:40 +02:00
"this is likely to lead to deregistration of one or both service nodes.");
Relay proofs back to source, but don't relay your proof again Otherwise we get into a ping-pong situation as follows Node1 sends uptime -> Node2 receives uptime and relays it back to Node1 for acknowledgement -> Node1 receives it, handle_uptime_proof returns true to acknowledge -> Node1 tries to resend to the same peers again Instead, if we receive our own uptime proof, then acknowledge but don't send on. If the we are missing an uptime proof it will have been submitted automatically by the daemon itself instead of using my own proof relayed by other nodes.
2019-09-18 07:22:27 +02:00
}
Add message on receipt of your own uptime proof from network
2019-09-18 03:42:59 +02:00
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
auto old_x25519 = iproof.pubkey_x25519;
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
if (iproof.update(std::chrono::system_clock::to_time_t(now), std::move(proof), derived_x25519_pubkey))
shorten wire names
2021-01-28 01:07:57 +01:00
{
iproof.store(iproof.proof->pubkey, m_blockchain);
}
Add penalty for switching IPs This adds a new obligations quorum vote "ip_change_penalty" that gets triggered if the quorum has received multiple IPs advertised in uptime proofs from a service node in the past 24 hours. Upon reception of such a transaction the SN gets bumped to the bottom of the reward list.
2019-06-26 06:01:40 +02:00
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
if (now - x25519_map_last_pruned >= X25519_MAP_PRUNING_INTERVAL)
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
{
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
time_t cutoff = std::chrono::system_clock::to_time_t(now - X25519_MAP_PRUNING_LAG);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
erase_if(x25519_to_pub, [&cutoff](const decltype(x25519_to_pub)::value_type &x) { return x.second.second < cutoff; });
x25519_map_last_pruned = now;
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
}
Quorumnet - fix premature x25519 cache expiry x25519 -> pubkey cache entries weren't being updated on new but unchanged proofs, so would eventually expire and cause SNs to stop authenticating new quorumnet connections as being from SNs.
2020-01-13 18:43:37 +01:00
if (old_x25519 && old_x25519 != derived_x25519_pubkey)
x25519_to_pub.erase(old_x25519);
if (derived_x25519_pubkey)
Tweak uptime proof times; reduce times for testnet This makes uptime proof times network-dependent, and tweaks them a bit. Also converts the times to type-safe std::chrono types rather than macros. Mainnet/testnet/devnet: - Send the first proof 30s after startup rather than waiting 2 minutes. - Check for whether we need to send a proof every 30s rather than every 5mins. Mainnet: Other times unchanged. Testnet/devnet: - Send proofs every 10min instead of 1h, and consider nodes to be down after 21m instead of 2h5m. Fakechain: - Send 5s after startup, check every 5s, and send every 1min. - Expiry after 2min5s Also remove the cmake debug option for short proofs since the fakechain changes above basically incorporate what it did.
2021-03-24 23:20:16 +01:00
x25519_to_pub[derived_x25519_pubkey] = {iproof.proof->pubkey, std::chrono::system_clock::to_time_t(now)};
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
Pulse: Queue Block Gen code review - Rename find_named_argument -> find_prefixed_value - Update get_current_blockchain_height() comment to specify ability to lock - Update memcmp(address1, address2) to address1 == address2 - Make create_next_miner_block_template call create_miner_block_template - Update LMQ x25519 keys only when key has changed - construct_miner_tx: Use C++17 features - Pulse: Add log category "Pulse" - Pulse: Check shutdown before blockchain height - Pulse: Use get_human_readable_timespan - Pulse: Switch to MINFO, enable with --log-level +pulse:DEBUG - Pulse: Add height into context - Pulse: Remove some default switch cases hiding compiler warnings - SN: Update hardcoded '9' literals to network_version_9_service_nodes - Core: Use using namespace std::literals - Miner: Change num_blocks availability to debug - RPC: Gate test rpc commands to != MAINNET - Wallet: Store wallet before deinitialization instead of refresh
2020-08-06 09:21:00 +02:00
if (derived_x25519_pubkey && (old_x25519 != derived_x25519_pubkey))
x25519_pkey = derived_x25519_pubkey;
Pulse: Update LMQ active pubkeys when proof arrives - Fixes a edge case that is prevalent in testing when adding nodes to the network. Presuming an emty SN network, with Pulse once N nodes are added to the network, the network switches from PoW blocks to Pulse Blocks which require SN to SN communication. SN's can't communicate with each other until their uptime proofs are propagated with the IP bundled and currently LMQ only updates said communication info when blocks are added, meaning Pulse can never proceed. So instead on receipt of an uptime proof we add the comm data to LMQ if it was accepted and said Service Node is active.
2020-08-02 08:20:11 +02:00
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
return true;
Incorporate service node ip address into uptime proofs (#622) * Incorporate service node ip address into uptime proofs; expose them using rpc * Check that storage server port is specified in service-node mode * Remove problematic const, rename argument name for storage port, update comments * Validate ip address when receive uptime proof * Better argument names and descriptions
2019-06-04 06:15:16 +02:00
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
void service_node_list::cleanup_proofs()
{
MDEBUG("Cleaning up expired SN proofs");
Add helper header/func to obtain unique locks auto locks = tools::unique_locks(mutex1, mutex2, ...); gives you a tuple of unique_locks and obtains the locks atomically. auto lock = tools::unique_lock(lock1); is essentially the same as: std::unique_lock<decltype(lock1)> lock{lock1}; but less ugly (and extends nicely to the plural version).
2019-12-12 04:11:07 +01:00
auto locks = tools::unique_locks(m_sn_mutex, m_blockchain);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
uint64_t now = std::time(nullptr);
auto& db = m_blockchain.get_db();
cryptonote::db_wtxn_guard guard{db};
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
for (auto it = proofs.begin(); it != proofs.end(); )
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
{
auto& pubkey = it->first;
auto& proof = it->second;
// 6h here because there's no harm in leaving proofs around a bit longer (they aren't big, and
// we only store one per SN), and it's possible that we could reorg a few blocks and resurrect
// a service node but don't want to prematurely expire the proof.
if (!m_state.service_nodes_infos.count(pubkey) && proof.timestamp + 6*60*60 < now)
{
db.remove_service_node_proof(pubkey);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
it = proofs.erase(it);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
}
else
++it;
}
}
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
crypto::public_key service_node_list::get_pubkey_from_x25519(const crypto::x25519_public_key &x25519) const {
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::shared_lock lock{m_x25519_map_mutex};
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = x25519_to_pub.find(x25519);
if (it != x25519_to_pub.end())
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
return it->second.first;
return crypto::null_pkey;
}
quorumnet message for timestamp requests random sampling of service nodes, call timestamp lmq message checks timestamp of 5 service nodes, if local time is 30 seconds different from 80% of the nodes tested then warn user tracks external timesync status and timestamp participation of service nodes clean up includes new template struct for participation history, individual types for participation entry refactor checking participation update select_randomly, move the testing for variance overflow version locks, bump to 8.1.5 explicit casting for mac & clang note to remove after hard fork timestamp debugging log messages debugging messages for before timesync - before message sent logging errord with compiling print version and change add_command to add_request_command log if statement test std::to_string replaced with tools::view_guts for x25519 key check if my sn is active before sending timestamp requests logging the failures checking if statement for success of message more logging, if guards arn't passing more logging, successfully tests if service node might be out of sync more tests before we decide we are out of sync logging output if sn isn't passing tests if check_participation fails then disconnect print timestamp status remove saving variance from the participation history reduce MIN_TIME_IN_S_BEFORE_VOTING reset participation history on recommission undo reduction in startup time reduce log levels Set hardfork time in testnet
2020-12-01 01:56:43 +01:00
crypto::public_key service_node_list::get_random_pubkey() {
std::lock_guard lock{m_sn_mutex};
auto it = tools::select_randomly(m_state.service_nodes_infos.begin(), m_state.service_nodes_infos.end());
if(it != m_state.service_nodes_infos.end()) {
return it->first;
} else {
return m_state.service_nodes_infos.begin()->first;
}
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
void service_node_list::initialize_x25519_map() {
Add helper header/func to obtain unique locks auto locks = tools::unique_locks(mutex1, mutex2, ...); gives you a tuple of unique_locks and obtains the locks atomically. auto lock = tools::unique_lock(lock1); is essentially the same as: std::unique_lock<decltype(lock1)> lock{lock1}; but less ugly (and extends nicely to the plural version).
2019-12-12 04:11:07 +01:00
auto locks = tools::unique_locks(m_sn_mutex, m_x25519_map_mutex);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
auto now = std::time(nullptr);
Iterate directly on service node info map
2019-12-09 19:08:16 +01:00
for (const auto &pk_info : m_state.service_nodes_infos)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto it = proofs.find(pk_info.first);
if (it == proofs.end())
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
continue;
if (const auto &x2_pk = it->second.pubkey_x25519)
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
x25519_to_pub.emplace(x2_pk, std::make_pair(pk_info.first, now));
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
}
}
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::string service_node_list::remote_lookup(std::string_view xpk) {
RPC overhaul High-level details: This redesigns the RPC layer to make it much easier to work with, decouples it from an embedded HTTP server, and gets the vast majority of the RPC serialization and dispatch code out of a very commonly included header. There is unfortunately rather a lot of interconnected code here that cannot be easily separated out into separate commits. The full details of what happens here are as follows: Major details: - All of the RPC code is now in a `cryptonote::rpc` namespace; this renames quite a bit to be less verbose: e.g. CORE_RPC_STATUS_OK becomes `rpc::STATUS_OK`, and `cryptonote::COMMAND_RPC_SOME_LONG_NAME` becomes `rpc::SOME_LONG_NAME` (or just SOME_LONG_NAME for code already working in the `rpc` namespace). - `core_rpc_server` is now completely decoupled from providing any request protocol: it is now *just* the core RPC call handler. - The HTTP RPC interface now lives in a new rpc/http_server.h; this code handles listening for HTTP requests and dispatching them to core_rpc_server, then sending the results back to the caller. - There is similarly a rpc/lmq_server.h for LMQ RPC code; more details on this (and other LMQ specifics) below. - RPC implementing code now returns the response object and throws when things go wrong which simplifies much of the rpc error handling. They can throw anything; generic exceptions get logged and a generic "internal error" message gets returned to the caller, but there is also an `rpc_error` class to return an error code and message used by some json-rpc commands. - RPC implementing functions now overload `core_rpc_server::invoke` following the pattern: RPC_BLAH_BLAH::response core_rpc_server::invoke(RPC_BLAH_BLAH::request&& req, rpc_context context); This overloading makes the code vastly simpler: all instantiations are now done with a small amount of generic instantiation code in a single .cpp rather than needing to go to hell and back with a nest of epee macros in a core header. - each RPC endpoint is now defined by the RPC types themselves, including its accessible names and permissions, in core_rpc_server_commands_defs.h: - every RPC structure now has a static `names()` function that returns the names by which the end point is accessible. (The first one is the primary, the others are for deprecated aliases). - RPC command wrappers define their permissions and type by inheriting from special tag classes: - rpc::RPC_COMMAND is a basic, admin-only, JSON command, available via JSON RPC. *All* JSON commands are now available via JSON RPC, instead of the previous mix of some being at /foo and others at /json_rpc. (Ones that were previously at /foo are still there for backwards compatibility; see `rpc::LEGACY` below). - rpc::PUBLIC specifies that the command should be available via a restricted RPC connection. - rpc::BINARY specifies that the command is not JSON, but rather is accessible as /name and takes and returns values in the magic epee binary "portable storage" (lol) data format. - rpc::LEGACY specifies that the command should be available via the non-json-rpc interface at `/name` for backwards compatibility (in addition to the JSON-RPC interface). - some epee serialization got unwrapped and de-templatized so that it can be moved into a .cpp file with just declarations in the .h. (This makes a *huge* difference for core_rpc_server_commands_defs.h and for every compilation unit that includes it which previously had to compile all the serialization code and then throw all by one copy away at link time). This required some new macros so as to not break a ton of places that will use the old way putting everything in the headers; The RPC code uses this as does a few other places; there are comments in contrib/epee/include/serialization/keyvalue_serialization.h as to how to use it. - Detemplatized a bunch of epee/storages code. Most of it should have have been using templates at all (because it can only ever be called with one type!), and now it isn't. This broke some things that didn't properly compile because of missing headers or (in one case) a messed up circular dependency. - Significantly simplified a bunch of over-templatized serialization code. - All RPC serialization definitions is now out of core_rpc_server_commands_defs.h and into a single .cpp file (core_rpc_server_commands_defs.cpp). - core RPC no longer uses the disgusting BEGIN_URI_MAP2/MAP_URI_BLAH_BLAH macros. This was a terrible design that forced slamming tons of code into a common header that didn't need to be there. - epee::struct_init is gone. It was a horrible hack that instiated multiple templates just so the coder could be so lazy and write `some_type var;` instead of properly value initializing with `some_type var{};`. - Removed a bunch of useless crap from epee. In particular, forcing extra template instantiations all over the place in order to nest return objects inside JSON RPC values is no longer needed, as are a bunch of stuff related to the above de-macroization of the code. - get_all_service_nodes, get_service_nodes, and get_n_service_nodes are now combined into a single `get_service_nodes` (with deprecated aliases for the others), which eliminates a fair amount of duplication. The biggest obstacle here was getting the requested fields reference passed through: this is now done by a new ability to stash a context in the serialization object that can be retrieved by a sub-serialized type. LMQ-specifics: - The LokiMQ instance moves into `cryptonote::core` rather than being inside cryptonote_protocol. Currently the instance is used both for qnet and rpc calls (and so needs to be in a common place), but I also intend future PRs to use the batching code for job processing (replacing the current threaded job queue). - rpc/lmq_server.h handles the actual LMQ-request-to-core-RPC glue. Unlike http_server it isn't technically running the whole LMQ stack from here, but the parallel name with http_server seemed appropriate. - All RPC endpoints are supported by LMQ under the same names as defined generically, but prefixed with `rpc.` for public commands and `admin.` for restricted ones. - service node keys are now always available, even when not running in `--service-node` mode: this is because we want the x25519 key for being able to offer CURVE encryption for lmq RPC end-points, and because it doesn't hurt to have them available all the time. In the RPC layer this is now called "get_service_keys" (with "get_service_node_key" as an alias) since they aren't strictly only for service nodes. This also means code needs to check m_service_node, and not m_service_node_keys, to tell if it is running as a service node. (This is also easier to notice because m_service_node_keys got renamed to `m_service_keys`). - Added block and mempool monitoring LMQ RPC endpoints: `sub.block` and `sub.mempool` subscribes the connection for new block and new mempool TX notifications. The latter can notify on just blink txes, or all new mempool txes (but only new ones -- txes dumped from a block don't trigger it). The client gets pushed a [`notify.block`, `height`, `hash`] or [`notify.tx`, `txhash`, `blob`] message when something arrives. Minor details: - rpc::version_t is now a {major,minor} pair. Forcing everyone to pack and unpack a uint32_t was gross. - Changed some macros to constexprs (e.g. CORE_RPC_ERROR_CODE_...). (This immediately revealed a couple of bugs in the RPC code that was assigning CORE_RPC_ERROR_CODE_... to a string, and it worked because the macro allows implicit conversion to a char). - De-templatizing useless templates in epee (i.e. a bunch of templated types that were never invoked with different types) revealed a painful circular dependency between epee and non-epee code for tor_address and i2p_address. This crap is now handled in a suitably named `net/epee_network_address_hack.cpp` hack because it really isn't trivial to extricate this mess. - Removed `epee/include/serialization/serialize_base.h`. Amazingly the code somehow still all works perfectly with this previously vital header removed. - Removed bitrotted, unused epee "crypted_storage" and "gzipped_inmemstorage" code. - Replaced a bunch of epee::misc_utils::auto_scope_leave_caller with LOKI_DEFERs. The epee version involves quite a bit more instantiation and is ugly as sin. Also made the `loki::defer` class invokable for some edge cases that need calling before destruction in particular conditions. - Moved the systemd code around; it makes much more sense to do the systemd started notification as in daemon.cpp as late as possible rather than in core (when we can still have startup failures, e.g. if the RPC layer can't start). - Made the systemd short status string available in the get_info RPC (and no longer require building with systemd). - during startup, print (only) the x25519 when not in SN mode, and continue to print all three when in SN mode. - DRYed out some RPC implementation code (such as set_limit) - Made wallet_rpc stop using a raw m_wallet pointer
2020-04-28 01:25:43 +02:00
if (xpk.size() != sizeof(crypto::x25519_public_key))
return "";
crypto::x25519_public_key x25519_pub;
std::memcpy(x25519_pub.data, xpk.data(), xpk.size());
auto pubkey = get_pubkey_from_x25519(x25519_pub);
if (!pubkey) {
MDEBUG("no connection available: could not find primary pubkey from x25519 pubkey " << x25519_pub);
return "";
}
bool found = false;
uint32_t ip = 0;
uint16_t port = 0;
for_each_service_node_info_and_proof(&pubkey, &pubkey + 1, [&](auto&, auto&, auto& proof) {
found = true;
shorten wire names
2021-01-28 01:07:57 +01:00
ip = proof.proof->public_ip;
port = proof.proof->qnet_port;
RPC overhaul High-level details: This redesigns the RPC layer to make it much easier to work with, decouples it from an embedded HTTP server, and gets the vast majority of the RPC serialization and dispatch code out of a very commonly included header. There is unfortunately rather a lot of interconnected code here that cannot be easily separated out into separate commits. The full details of what happens here are as follows: Major details: - All of the RPC code is now in a `cryptonote::rpc` namespace; this renames quite a bit to be less verbose: e.g. CORE_RPC_STATUS_OK becomes `rpc::STATUS_OK`, and `cryptonote::COMMAND_RPC_SOME_LONG_NAME` becomes `rpc::SOME_LONG_NAME` (or just SOME_LONG_NAME for code already working in the `rpc` namespace). - `core_rpc_server` is now completely decoupled from providing any request protocol: it is now *just* the core RPC call handler. - The HTTP RPC interface now lives in a new rpc/http_server.h; this code handles listening for HTTP requests and dispatching them to core_rpc_server, then sending the results back to the caller. - There is similarly a rpc/lmq_server.h for LMQ RPC code; more details on this (and other LMQ specifics) below. - RPC implementing code now returns the response object and throws when things go wrong which simplifies much of the rpc error handling. They can throw anything; generic exceptions get logged and a generic "internal error" message gets returned to the caller, but there is also an `rpc_error` class to return an error code and message used by some json-rpc commands. - RPC implementing functions now overload `core_rpc_server::invoke` following the pattern: RPC_BLAH_BLAH::response core_rpc_server::invoke(RPC_BLAH_BLAH::request&& req, rpc_context context); This overloading makes the code vastly simpler: all instantiations are now done with a small amount of generic instantiation code in a single .cpp rather than needing to go to hell and back with a nest of epee macros in a core header. - each RPC endpoint is now defined by the RPC types themselves, including its accessible names and permissions, in core_rpc_server_commands_defs.h: - every RPC structure now has a static `names()` function that returns the names by which the end point is accessible. (The first one is the primary, the others are for deprecated aliases). - RPC command wrappers define their permissions and type by inheriting from special tag classes: - rpc::RPC_COMMAND is a basic, admin-only, JSON command, available via JSON RPC. *All* JSON commands are now available via JSON RPC, instead of the previous mix of some being at /foo and others at /json_rpc. (Ones that were previously at /foo are still there for backwards compatibility; see `rpc::LEGACY` below). - rpc::PUBLIC specifies that the command should be available via a restricted RPC connection. - rpc::BINARY specifies that the command is not JSON, but rather is accessible as /name and takes and returns values in the magic epee binary "portable storage" (lol) data format. - rpc::LEGACY specifies that the command should be available via the non-json-rpc interface at `/name` for backwards compatibility (in addition to the JSON-RPC interface). - some epee serialization got unwrapped and de-templatized so that it can be moved into a .cpp file with just declarations in the .h. (This makes a *huge* difference for core_rpc_server_commands_defs.h and for every compilation unit that includes it which previously had to compile all the serialization code and then throw all by one copy away at link time). This required some new macros so as to not break a ton of places that will use the old way putting everything in the headers; The RPC code uses this as does a few other places; there are comments in contrib/epee/include/serialization/keyvalue_serialization.h as to how to use it. - Detemplatized a bunch of epee/storages code. Most of it should have have been using templates at all (because it can only ever be called with one type!), and now it isn't. This broke some things that didn't properly compile because of missing headers or (in one case) a messed up circular dependency. - Significantly simplified a bunch of over-templatized serialization code. - All RPC serialization definitions is now out of core_rpc_server_commands_defs.h and into a single .cpp file (core_rpc_server_commands_defs.cpp). - core RPC no longer uses the disgusting BEGIN_URI_MAP2/MAP_URI_BLAH_BLAH macros. This was a terrible design that forced slamming tons of code into a common header that didn't need to be there. - epee::struct_init is gone. It was a horrible hack that instiated multiple templates just so the coder could be so lazy and write `some_type var;` instead of properly value initializing with `some_type var{};`. - Removed a bunch of useless crap from epee. In particular, forcing extra template instantiations all over the place in order to nest return objects inside JSON RPC values is no longer needed, as are a bunch of stuff related to the above de-macroization of the code. - get_all_service_nodes, get_service_nodes, and get_n_service_nodes are now combined into a single `get_service_nodes` (with deprecated aliases for the others), which eliminates a fair amount of duplication. The biggest obstacle here was getting the requested fields reference passed through: this is now done by a new ability to stash a context in the serialization object that can be retrieved by a sub-serialized type. LMQ-specifics: - The LokiMQ instance moves into `cryptonote::core` rather than being inside cryptonote_protocol. Currently the instance is used both for qnet and rpc calls (and so needs to be in a common place), but I also intend future PRs to use the batching code for job processing (replacing the current threaded job queue). - rpc/lmq_server.h handles the actual LMQ-request-to-core-RPC glue. Unlike http_server it isn't technically running the whole LMQ stack from here, but the parallel name with http_server seemed appropriate. - All RPC endpoints are supported by LMQ under the same names as defined generically, but prefixed with `rpc.` for public commands and `admin.` for restricted ones. - service node keys are now always available, even when not running in `--service-node` mode: this is because we want the x25519 key for being able to offer CURVE encryption for lmq RPC end-points, and because it doesn't hurt to have them available all the time. In the RPC layer this is now called "get_service_keys" (with "get_service_node_key" as an alias) since they aren't strictly only for service nodes. This also means code needs to check m_service_node, and not m_service_node_keys, to tell if it is running as a service node. (This is also easier to notice because m_service_node_keys got renamed to `m_service_keys`). - Added block and mempool monitoring LMQ RPC endpoints: `sub.block` and `sub.mempool` subscribes the connection for new block and new mempool TX notifications. The latter can notify on just blink txes, or all new mempool txes (but only new ones -- txes dumped from a block don't trigger it). The client gets pushed a [`notify.block`, `height`, `hash`] or [`notify.tx`, `txhash`, `blob`] message when something arrives. Minor details: - rpc::version_t is now a {major,minor} pair. Forcing everyone to pack and unpack a uint32_t was gross. - Changed some macros to constexprs (e.g. CORE_RPC_ERROR_CODE_...). (This immediately revealed a couple of bugs in the RPC code that was assigning CORE_RPC_ERROR_CODE_... to a string, and it worked because the macro allows implicit conversion to a char). - De-templatizing useless templates in epee (i.e. a bunch of templated types that were never invoked with different types) revealed a painful circular dependency between epee and non-epee code for tor_address and i2p_address. This crap is now handled in a suitably named `net/epee_network_address_hack.cpp` hack because it really isn't trivial to extricate this mess. - Removed `epee/include/serialization/serialize_base.h`. Amazingly the code somehow still all works perfectly with this previously vital header removed. - Removed bitrotted, unused epee "crypted_storage" and "gzipped_inmemstorage" code. - Replaced a bunch of epee::misc_utils::auto_scope_leave_caller with LOKI_DEFERs. The epee version involves quite a bit more instantiation and is ugly as sin. Also made the `loki::defer` class invokable for some edge cases that need calling before destruction in particular conditions. - Moved the systemd code around; it makes much more sense to do the systemd started notification as in daemon.cpp as late as possible rather than in core (when we can still have startup failures, e.g. if the RPC layer can't start). - Made the systemd short status string available in the get_info RPC (and no longer require building with systemd). - during startup, print (only) the x25519 when not in SN mode, and continue to print all three when in SN mode. - DRYed out some RPC implementation code (such as set_limit) - Made wallet_rpc stop using a raw m_wallet pointer
2020-04-28 01:25:43 +02:00
});
if (!found) {
MDEBUG("no connection available: primary pubkey " << pubkey << " is not registered");
return "";
}
if (!(ip && port)) {
MDEBUG("no connection available: service node " << pubkey << " has no associated ip and/or port");
return "";
}
return "tcp://" + epee::string_tools::get_ip_string_from_int32(ip) + ":" + std::to_string(port);
}
Pulse: Record pulse participation and issue decommission
2020-09-08 05:56:01 +02:00
void service_node_list::record_checkpoint_participation(crypto::public_key const &pubkey, uint64_t height, bool participated)
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (!m_state.service_nodes_infos.count(pubkey))
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
return;
Pulse: Record pulse participation and issue decommission
2020-09-08 05:56:01 +02:00
participation_entry entry = {};
entry.height = height;
entry.voted = participated;
auto &info = proofs[pubkey];
info.checkpoint_participation.add(entry);
}
Pulse: Record Pulse participation globally on network - Instead of the Pulse quorums validators recording participation between each other- so failures may not manifest in a decommission until the several common nodes align and agree to vote off the node. Voting now occurs when blocks arrives, validators participating in the generation of the block are marked. This is shared information between all nodes syncing the chain so decommissions are more readily agreeable and acted upon in the Obligation quorums immediately.
2020-09-22 08:18:13 +02:00
void service_node_list::record_pulse_participation(crypto::public_key const &pubkey, uint64_t height, uint8_t round, bool participated)
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
{
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (!m_state.service_nodes_infos.count(pubkey))
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
return;
Pulse: Record pulse participation and issue decommission
2020-09-08 05:56:01 +02:00
participation_entry entry = {};
entry.is_pulse = true;
entry.height = height;
entry.voted = participated;
entry.pulse.round = round;
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto &info = proofs[pubkey];
Pulse: Record pulse participation and issue decommission
2020-09-08 05:56:01 +02:00
info.pulse_participation.add(entry);
Service node checkpointing deregistration (#672) * Add deregistration of checkpoints by checking how many votes are missed Move uptime proofs and add checkpoint counts in the service_node_list because we typically prune uptime proofs by time, but it seems we want to switch to a model where we persist proof data until the node expires otherwise currently we would prune uptime entries and potentially our checkpoint vote counts which would cause premature deregistration as the expected vote counts start mismatching with the number of received votes. * Revise deregistration * Fix test breakages * uint16_t for port, remove debug false, min votes to 2 in integration mode * Fix integration build
2019-06-27 09:05:44 +02:00
}
Incorporate service node ip address into uptime proofs (#622) * Incorporate service node ip address into uptime proofs; expose them using rpc * Check that storage server port is specified in service-node mode * Remove problematic const, rename argument name for storage port, update comments * Validate ip address when receive uptime proof * Better argument names and descriptions
2019-06-04 06:15:16 +02:00
quorumnet message for timestamp requests random sampling of service nodes, call timestamp lmq message checks timestamp of 5 service nodes, if local time is 30 seconds different from 80% of the nodes tested then warn user tracks external timesync status and timestamp participation of service nodes clean up includes new template struct for participation history, individual types for participation entry refactor checking participation update select_randomly, move the testing for variance overflow version locks, bump to 8.1.5 explicit casting for mac & clang note to remove after hard fork timestamp debugging log messages debugging messages for before timesync - before message sent logging errord with compiling print version and change add_command to add_request_command log if statement test std::to_string replaced with tools::view_guts for x25519 key check if my sn is active before sending timestamp requests logging the failures checking if statement for success of message more logging, if guards arn't passing more logging, successfully tests if service node might be out of sync more tests before we decide we are out of sync logging output if sn isn't passing tests if check_participation fails then disconnect print timestamp status remove saving variance from the participation history reduce MIN_TIME_IN_S_BEFORE_VOTING reset participation history on recommission undo reduction in startup time reduce log levels Set hardfork time in testnet
2020-12-01 01:56:43 +01:00
void service_node_list::record_timestamp_participation(crypto::public_key const &pubkey, bool participated)
{
std::lock_guard lock(m_sn_mutex);
if (!m_state.service_nodes_infos.count(pubkey))
return;
timestamp_participation_entry entry = {};
entry.participated = participated;
auto &info = proofs[pubkey];
info.timestamp_participation.add(entry);
}
void service_node_list::record_timesync_status(crypto::public_key const &pubkey, bool synced)
{
std::lock_guard lock(m_sn_mutex);
if (!m_state.service_nodes_infos.count(pubkey))
return;
timesync_entry entry = {};
entry.in_sync = synced;
auto &info = proofs[pubkey];
info.timesync_status.add(entry);
}
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
std::optional<bool> proof_info::reachable_stats::reachable(const std::chrono::steady_clock::time_point& now) const {
if (last_reachable >= last_unreachable)
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
return true;
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
if (last_unreachable > now - config::REACHABLE_MAX_FAILURE_VALIDITY)
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
return false;
// Last result was a failure, but it was a while ago, so we don't know for sure that it isn't
// reachable now:
return std::nullopt;
}
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
bool proof_info::reachable_stats::unreachable_for(std::chrono::seconds threshold, const std::chrono::steady_clock::time_point& now) const {
if (auto maybe_reachable = reachable(now); !maybe_reachable /*stale*/ || *maybe_reachable /*good*/)
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
return false;
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
if (first_unreachable > now - threshold)
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
return false; // Unreachable, but for less than the grace time
return true;
}
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
bool service_node_list::set_peer_reachable(bool storage_server, const crypto::public_key& pubkey, bool reachable) {
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
// (See .h for overview description)
C++17 Switch loki dev branch to C++17 compilation, and update the code with various C++17 niceties. - stop including the (deprecated) lokimq/string_view.h header and instead switch everything to use std::string_view and `""sv` instead of `""_sv`. - std::string_view is much nicer than epee::span, so updated various loki-specific code to use it instead. - made epee "portable storage" serialization accept a std::string_view instead of const lvalue std::string so that we can avoid copying. - switched from mapbox::variant to std::variant - use `auto [a, b] = whatever()` instead of `T1 a; T2 b; std::tie(a, b) = whatever()` in a couple places (in the wallet code). - switch to std::lock(...) instead of boost::lock(...) for simultaneous lock acquisition. boost::lock() won't compile in C++17 mode when given locks of different types. - removed various pre-C++17 workarounds, e.g. for fold expressions, unused argument attributes, and byte-spannable object detection. - class template deduction means lock types no longer have to specify the mutex, so `std::unique_lock<std::mutex> lock{mutex}` can become `std::unique_lock lock{mutex}`. This will make switching any mutex types (e.g. from boost to std mutexes) far easier as you just have to update the type in the header and everything should work. This also makes the tools::unique_lock and tools::shared_lock methods redundant (which were a sort of poor-mans-pre-C++17 way to eliminate the redundancy) so they are now gone and replaced with direct unique_lock or shared_lock constructions. - Redid the LNS validation using a string_view; instead of using raw char pointers the code now uses a string view and chops off parts of the view as it validates. So, for instance, it starts with "abcd.loki", validates the ".loki" and chops the view to "abcd", then validates the first character and chops to "bcd", validates the last and chops to "bc", then can just check everything remaining for is-valid-middle-char. - LNS validation gained a couple minor validation checks in the process: - slightly tightened the requirement on lokinet addresses to require that the last character of the mapped address is 'y' or 'o' (the last base32z char holds only one significant bit). - In parse_owner_to_generic_owner made sure that the owner value has the correct size (otherwise we could up end not filling or overfilling the pubkey buffer). - Replaced base32z/base64/hex conversions with lokimq's versions which have a nicer interface, are better optimized, and don't depend on epee.
2020-05-13 20:12:49 +02:00
std::lock_guard lock(m_sn_mutex);
Add storage server reachability field; test it with quorums (#820) * Add storage server reachability field; test it with quorums * Improve method names * Address review comments
2019-09-02 05:06:15 +02:00
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
const auto type = storage_server ? "storage server"sv : "lokinet"sv;
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (!m_state.service_nodes_infos.count(pubkey)) {
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
MDEBUG("Dropping " << type << " reachable report: " << pubkey << " is not a registered SN pubkey");
Add storage server reachability field; test it with quorums (#820) * Add storage server reachability field; test it with quorums * Improve method names * Address review comments
2019-09-02 05:06:15 +02:00
return false;
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
}
Add storage server reachability field; test it with quorums (#820) * Add storage server reachability field; test it with quorums * Improve method names * Address review comments
2019-09-02 05:06:15 +02:00
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
MDEBUG("Received " << type << (reachable ? " reachable" : " UNREACHABLE") << " report for SN " << pubkey);
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
const auto now = std::chrono::steady_clock::now();
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
auto& reach = storage_server ? proofs[pubkey].ss_reachable : proofs[pubkey].lokinet_reachable;
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
if (reachable) {
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
reach.last_reachable = now;
reach.first_unreachable = NEVER;
Re-do how SS ping tests are handled This moves all the responsibility of ping testing (deciding when it's unreachable, etc.) into oxend, allowing for better reporting on SS ping results and eliminating some edge cases that can lead to oxend and storage server getting "stuck" thinking each is in a different state.
2021-04-13 23:00:00 +02:00
} else {
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
reach.last_unreachable = now;
if (reach.first_unreachable == NEVER)
reach.first_unreachable = now;
Add storage server reachability field; test it with quorums (#820) * Add storage server reachability field; test it with quorums * Improve method names * Address review comments
2019-09-02 05:06:15 +02:00
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
return true;
Add lokinet reachability to quorum testing It works just like storage server testing. Renames the report_peer_storage_server_status to report_peer_status, and repurposes the code to handle both SS and lokinet. This *doesn't* need a HF by design because the reason bit field was deliberately designed so that we can add reason fields (older clients will just ignore unknown bits).
2021-06-04 21:17:31 +02:00
}
bool service_node_list::set_storage_server_peer_reachable(crypto::public_key const &pubkey, bool reachable)
{
return set_peer_reachable(true, pubkey, reachable);
}
bool service_node_list::set_lokinet_peer_reachable(crypto::public_key const &pubkey, bool reachable)
{
return set_peer_reachable(false, pubkey, reachable);
Add storage server reachability field; test it with quorums (#820) * Add storage server reachability field; test it with quorums * Improve method names * Address review comments
2019-09-02 05:06:15 +02:00
}
Make 4.0.4 service node blob backwards compatible (#786) Ordinarily on shut down we would discard the quorum states that are converted and serialised once on initial start up with the new software. If this is lost, we would not be able to process incoming votes or any state changes and essentially halt without forcing a way to rescan the service node list back to a consistent state.
2019-08-12 01:53:05 +02:00
static quorum_manager quorum_for_serialization_to_quorum_manager(service_node_list::quorum_for_serialization const &source)
{
quorum_manager result = {};
Rename `testing_quorum` class to just `quorum` testing_quorum is a bit of a misnomer: it only does testing when used for an obligations quorum, but it is also used for checkpointing and soon Blink.
2019-10-15 19:52:49 +02:00
result.obligations = std::make_shared<quorum>(source.quorums[static_cast<uint8_t>(quorum_type::obligations)]);
Make 4.0.4 service node blob backwards compatible (#786) Ordinarily on shut down we would discard the quorum states that are converted and serialised once on initial start up with the new software. If this is lost, we would not be able to process incoming votes or any state changes and essentially halt without forcing a way to rescan the service node list back to a consistent state.
2019-08-12 01:53:05 +02:00
// Don't load any checkpoints that shouldn't exist (see the comment in generate_quorums as to why the `+BUFFER` term is here).
if ((source.height + REORG_SAFETY_BUFFER_BLOCKS_POST_HF12) % CHECKPOINT_INTERVAL == 0)
Rename `testing_quorum` class to just `quorum` testing_quorum is a bit of a misnomer: it only does testing when used for an obligations quorum, but it is also used for checkpointing and soon Blink.
2019-10-15 19:52:49 +02:00
result.checkpointing = std::make_shared<quorum>(source.quorums[static_cast<uint8_t>(quorum_type::checkpointing)]);
Make 4.0.4 service node blob backwards compatible (#786) Ordinarily on shut down we would discard the quorum states that are converted and serialised once on initial start up with the new software. If this is lost, we would not be able to process incoming votes or any state changes and essentially halt without forcing a way to rescan the service node list back to a consistent state.
2019-08-12 01:53:05 +02:00
return result;
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
service_node_list::state_t::state_t(service_node_list* snl, state_serialized &&state)
Fix service node winner incorrect error If we are re-deriving states we still also need the historical quorums such that we can process incoming blocks with state changes. Without it, state changes will be ignored and skipped causing inconsistent state in the service node list. This mandates a rescan and stores the most recent in state_ts, and only just quorums for states preceeding 10k intervals. We can no longer store the 1st most recent state in the DB as that will be missing quorums as well for similar reason when rederiving on start-up.
2019-08-16 07:30:36 +02:00
: height{state.height}
, key_image_blacklist{std::move(state.key_image_blacklist)}
, only_loaded_quorums{state.only_stored_quorums}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
, block_hash{state.block_hash}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
, sn_list{snl}
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
{
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (!sn_list)
throw std::logic_error("Cannot deserialize a state_t without a service_node_list");
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
if (state.version == state_serialized::version_t::version_0)
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
block_hash = sn_list->m_blockchain.get_block_id_by_height(height);
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
for (auto &pubkey_info : state.infos)
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
{
Fix version_t count assert Use an alias to simplify a little.
2019-10-08 06:21:22 +02:00
using version_t = service_node_info::version_t;
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
auto &info = const_cast<service_node_info &>(*pubkey_info.info);
Fix version_t count assert Use an alias to simplify a little.
2019-10-08 06:21:22 +02:00
if (info.version < version_t::v1_add_registration_hf_version)
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
{
Fix version_t count assert Use an alias to simplify a little.
2019-10-08 06:21:22 +02:00
info.version = version_t::v1_add_registration_hf_version;
Add snode revision soft forks & drop hard fork voting code Snode revisions are a secondary version that let us put out a mandatory update for snodes that isn't a hardfork (and so isn't mandatory for wallets/exchanges/etc.). The main point of this is to let us make a 9.2.0 release that includes new mandatory minimums of future versions of storage server (2.2.0) and lokinet (0.9.4) to bring upgrades to the network. This slightly changes the HF7 blocks to 0 (instead of 1) because, apparently, we weren't properly checking the HF value of the pre-first-hf genesis block at all before. (In practice this changes nothing because genesis blocks are v7 anyway). This also changes (slightly) how we check for hard forks: now if we skip some hard forks then we still want to know the height when a hard fork triggers. For example, if the hf tables contains {7,14} then we still need to know that the HF14 block height also is the height that activates HF9, 10, etc.
2021-06-18 01:06:51 +02:00
info.registration_hf_version = sn_list->m_blockchain.get_network_version(pubkey_info.info->registration_height);
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
}
Update service node info to v4, no data conversions necessary
2019-12-10 06:37:46 +01:00
if (info.version < version_t::v4_noproofs)
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
{
Update service node info to v4, no data conversions necessary
2019-12-10 06:37:46 +01:00
// Nothing to do here (the missing data will be generated in the new proofs db via uptime proofs).
info.version = version_t::v4_noproofs;
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
}
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
if (info.version < version_t::v5_pulse_recomm_credit)
Recommission credit (#1204) This changes the credit rules for recommission: instead of being restored with no credit at all, with this you get restored with 2 blocks of credit lost (up to all of your credit) for each block of decommission time you had. For example, if you had 1000 blocks of credit and are decommissioned for 150 blocks, you'll get recommissioned with 700 blocks of credit. If you were decommissioned for 500 or more blocks then you'll get decommissioned with 0 blocks of credit. This applies the effects immediately rather than waiting for the hard fork. Because this isn't a consensus-breaking change it seems easier to not worry about the HF rules. The consequences are that the rules that get applied to determining how much credit you have will depend on the nodes involved in testing up until the hard fork: you *may* be subject to the harsher v7 rules, or you may fall under v8 rules if enough of the testing quorum has upgraded, but you'll never end up worse than the v7 rules.
2020-08-06 04:24:57 +02:00
{
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// If it's an old record then assume it's from before oxen 8, in which case there were only
Recommission credit (#1204) This changes the credit rules for recommission: instead of being restored with no credit at all, with this you get restored with 2 blocks of credit lost (up to all of your credit) for each block of decommission time you had. For example, if you had 1000 blocks of credit and are decommissioned for 150 blocks, you'll get recommissioned with 700 blocks of credit. If you were decommissioned for 500 or more blocks then you'll get decommissioned with 0 blocks of credit. This applies the effects immediately rather than waiting for the hard fork. Because this isn't a consensus-breaking change it seems easier to not worry about the HF rules. The consequences are that the rules that get applied to determining how much credit you have will depend on the nodes involved in testing up until the hard fork: you *may* be subject to the harsher v7 rules, or you may fall under v8 rules if enough of the testing quorum has upgraded, but you'll never end up worse than the v7 rules.
2020-08-06 04:24:57 +02:00
// two valid values here: initial for a node that has never been recommissioned, or 0 for a recommission.
auto was = info.recommission_credit;
if (info.decommission_count <= info.is_decommissioned()) // Has never been decommissioned (or is currently in the first decommission), so add initial starting credit
info.recommission_credit = DECOMMISSION_INITIAL_CREDIT;
else
info.recommission_credit = 0;
SN: Turn SN pulse data into proper sort key Add stable sort to handle ties via public keys. The quorum_index reduces bias in Service Nodes choosing a lexigraphical closer public key. On launch all Service Nodes will have this set to 0, but eventually it will hold a unique value per Service Node.
2020-06-15 04:34:00 +02:00
Code review, keep nonce, remove HF_VERSION.. - Keep none for blocks - Remove HF_VERSION_PULSE and prefer network_version_16 for big features - Keep HF_VERSION_... for smaller feature flags - Add operator< for pulse_sort_key - Avoid erase() in validators gen loop for pulse
2020-06-16 06:59:32 +02:00
info.pulse_sorter.last_height_validating_in_quorum = info.last_reward_block_height;
Pulse: Support generating 1-time quorums for a block
2020-06-12 07:17:51 +02:00
info.version = version_t::v5_pulse_recomm_credit;
Recommission credit (#1204) This changes the credit rules for recommission: instead of being restored with no credit at all, with this you get restored with 2 blocks of credit lost (up to all of your credit) for each block of decommission time you had. For example, if you had 1000 blocks of credit and are decommissioned for 150 blocks, you'll get recommissioned with 700 blocks of credit. If you were decommissioned for 500 or more blocks then you'll get decommissioned with 0 blocks of credit. This applies the effects immediately rather than waiting for the hard fork. Because this isn't a consensus-breaking change it seems easier to not worry about the HF rules. The consequences are that the rules that get applied to determining how much credit you have will depend on the nodes involved in testing up until the hard fork: you *may* be subject to the harsher v7 rules, or you may fall under v8 rules if enough of the testing quorum has upgraded, but you'll never end up worse than the v7 rules.
2020-08-06 04:24:57 +02:00
}
Pulse: Remigrate the sort key to 0 - Currently nodes that have updated over time will have seeded their sort key to a different value than everyone else, causing everone to generate Pulse quorums that are inconsistent with each other. Instead, set the sort key to 0. Ties in the sort list are currently dealt with by sorting on the public key itself.
2020-10-12 06:39:39 +02:00
if (info.version < version_t::v6_reassign_sort_keys)
{
info.pulse_sorter = {};
info.version = version_t::v6_reassign_sort_keys;
}
Fix SN info upgrade in debug build The v7 info doesn't need anything done, but it fails the assert() here for a debug build.
2021-04-29 18:08:54 +02:00
if (info.version < version_t::v7_decommission_reason)
{
// Nothing to do here (leave consensus reasons as 0s)
info.version = version_t::v7_decommission_reason;
}
Add SN ed25519/x25519 pubkeys + quorumnet port in proofs This generates a ed25519 keypair (and from it derives a x25519 keypair) and broadcasts the ed25519 pubkey in HF13 uptime proofs. This auxiliary key will be used both inside lokid (starting in HF14) in places like the upcoming quorumnet code where we need a standard pub/priv keypair that is usable in external tools (e.g. sodium) without having to reimplement the incompatible (though still 25519-based) Monero pubkey format. This pulls it back into HF13 from the quorumnet code because the generation code is ready now, and because there may be opportunities to use this outside of lokid (e.g. in the storage server and in lokinet) before HF14. Broadcasting it earlier also allows us to be ready to go as soon as HF14 hits rather than having to wait for every node to have sent a post-HF14 block uptime proof. For a similar reason this adds a placeholder for the quorumnet port in the uptime proof: currently the value is just set to 0 and ignored, but allowing it to be passed will allow upgraded loki 6.x nodes to start sending it to each other without having to wait for the fork height so that they can start using it immediately when HF14 begins.
2019-10-07 19:23:16 +02:00
// Make sure we handled any future state version upgrades:
enum_top, use burn hf in sanity check, fill new construction data
2019-12-02 06:22:44 +01:00
assert(info.version == tools::enum_top<decltype(info.version)>);
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
service_nodes_infos.emplace(std::move(pubkey_info.pubkey), std::move(pubkey_info.info));
Remove Blockchain dependency in service_node_list::state_t
2019-09-06 06:33:07 +02:00
}
Optimizations and simplifications This commit makes various simplifications and optimizations, mainly in the service node list code. All in all, this shaves about 5% of the CPU time used for re-processing the entire service node list. In particular: - changed m_state_history from a std::vector to a std::set that sorts on height. This is responsible for the bulk of the CPU reduction by significant reducing the amount of work required for checkpoint culling, which has to shuffle a lot of `state_t`s around when removing from the midde of a vector. - the above also allows replacing the binary-search `std::lower_bound` complexity with a much simpler `find()`. - since the history is now always sorted, removed the error messages related to sorting that either can't happen (on store) or don't matter (on load). - Added some converting constructors to simplify code (for example, a `state_t` can now be very usefully constructed from an r-value `state_serialized`). - Many construct + moves (and a couple construct + copy) were replaced with in-place constructions. - removed some unused variables
2019-08-11 05:46:59 +02:00
quorums = quorum_for_serialization_to_quorum_manager(state.quorums);
}
(Low priority) Add disabled-by-default quorum storage support (#702) * Add disabled-by-default quorum storage support This adds support for storing N blocks of recent expired quorum state history in lokid (and dumping to/from the lmdb). This isn't useful for regular nodes (and that's why we don't store it) but is incredibly useful for the block explorer to be able to report *which* node got deregistered/decommissioned/etc. by a given state_change tx. * Fix quorum states copy
2019-07-17 08:01:54 +02:00
bool service_node_list::load(const uint64_t current_height)
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
{
minor fixes to service node data storage
2018-08-16 06:13:57 +02:00
LOG_PRINT_L1("service_node_list::load()");
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
reset(false);
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (!m_blockchain.has_db())
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
{
return false;
}
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
// NOTE: Deserialize long term state history
uint64_t bytes_loaded = 0;
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
auto &db = m_blockchain.get_db();
cryptonote::db_rtxn_guard txn_guard{db};
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
std::string blob;
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (db.get_service_node_data(blob, true /*long_term*/))
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
{
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
bytes_loaded += blob.size();
data_for_serialization data_in = {};
Serialization (part2): application
2020-06-02 05:08:48 +02:00
bool success = false;
try {
serialization::parse_binary(blob, data_in);
success = true;
} catch (...) {}
if (success && data_in.states.size())
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
{
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
// NOTE: Previously the quorum for the next state is derived from the
// state that's been updated from the next block. This is fixed in
// version_1.
// So, copy the quorum from (state.height-1) to (state.height), all
// states need to have their (height-1) which means we're missing the
// 10k-th interval and need to generate it based on the last state.
if (data_in.states[0].version == state_serialized::version_t::version_0)
{
size_t const last_index = data_in.states.size() - 1;
if ((data_in.states.back().height % STORE_LONG_TERM_STATE_INTERVAL) != 0)
{
LOG_PRINT_L0("Last serialised quorum height: " << data_in.states.back().height
<< " in archive is unexpectedly not a multiple of: "
<< STORE_LONG_TERM_STATE_INTERVAL << ", regenerating state");
return false;
}
for (size_t i = data_in.states.size() - 1; i >= 1; i--)
{
state_serialized &serialized_entry = data_in.states[i];
state_serialized &prev_serialized_entry = data_in.states[i - 1];
if ((prev_serialized_entry.height % STORE_LONG_TERM_STATE_INTERVAL) == 0)
{
// NOTE: drop this entry, we have insufficient data to derive
// sadly, do this as a one off and if we ever need this data we
// need to do a full rescan.
continue;
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
state_t entry{this, std::move(serialized_entry)};
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
entry.height--;
entry.quorums = quorum_for_serialization_to_quorum_manager(prev_serialized_entry.quorums);
if ((serialized_entry.height % STORE_LONG_TERM_STATE_INTERVAL) == 0)
{
state_t long_term_state = entry;
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
cryptonote::block const &block = db.get_block_from_height(long_term_state.height + 1);
std::vector<cryptonote::transaction> txs = db.get_tx_list(block.tx_hashes);
long_term_state.update_from_block(db, m_blockchain.nettype(), {} /*state_history*/, {} /*state_archive*/, {} /*alt_states*/, block, txs, nullptr /*my_keys*/);
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
entry.service_nodes_infos = {};
entry.key_image_blacklist = {};
entry.only_loaded_quorums = true;
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_archive.emplace_hint(m_transient.state_archive.begin(), std::move(long_term_state));
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
}
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_archive.emplace_hint(m_transient.state_archive.begin(), std::move(entry));
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
}
}
else
{
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
for (state_serialized &entry : data_in.states)
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_archive.emplace_hint(m_transient.state_archive.end(), this, std::move(entry));
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
}
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
}
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
}
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
// NOTE: Deserialize short term state history
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (!db.get_service_node_data(blob, false))
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
return false;
Make 4.0.4 service node blob backwards compatible (#786) Ordinarily on shut down we would discard the quorum states that are converted and serialised once on initial start up with the new software. If this is lost, we would not be able to process incoming votes or any state changes and essentially halt without forcing a way to rescan the service node list back to a consistent state.
2019-08-12 01:53:05 +02:00
Serialize long term storage separate from short term
2019-08-16 10:20:23 +02:00
bytes_loaded += blob.size();
Remove rollback code and old serialization method, mandate rescan
2019-08-16 07:34:27 +02:00
data_for_serialization data_in = {};
Serialization (part2): application
2020-06-02 05:08:48 +02:00
try {
serialization::parse_binary(blob, data_in);
} catch (const std::exception& e) {
LOG_ERROR("Failed to parse service node data from blob: " << e.what());
return false;
}
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
Don't version code because adding only_loaded_quorums breaks compat
2019-08-16 08:15:43 +02:00
if (data_in.states.empty())
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
return false;
(Low priority) Add disabled-by-default quorum storage support (#702) * Add disabled-by-default quorum storage support This adds support for storing N blocks of recent expired quorum state history in lokid (and dumping to/from the lmdb). This isn't useful for regular nodes (and that's why we don't store it) but is incredibly useful for the block explorer to be able to report *which* node got deregistered/decommissioned/etc. by a given state_change tx. * Fix quorum states copy
2019-07-17 08:01:54 +02:00
service nodes: add quorum states to db storage
2018-08-17 07:14:45 +02:00
{
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
const uint64_t hist_state_from_height = current_height - m_store_quorum_history;
uint64_t last_loaded_height = 0;
Remove rollback code and old serialization method, mandate rescan
2019-08-16 07:34:27 +02:00
for (auto &states : data_in.quorum_states)
Guard against invalid serialisation and change deque to vector
2019-07-22 07:16:29 +02:00
{
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
if (states.height < hist_state_from_height)
continue;
Make 4.0.4 service node blob backwards compatible (#786) Ordinarily on shut down we would discard the quorum states that are converted and serialised once on initial start up with the new software. If this is lost, we would not be able to process incoming votes or any state changes and essentially halt without forcing a way to rescan the service node list back to a consistent state.
2019-08-12 01:53:05 +02:00
quorums_by_height entry = {};
entry.height = states.height;
entry.quorums = quorum_for_serialization_to_quorum_manager(states);
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
if (states.height <= last_loaded_height)
{
LOG_PRINT_L0("Serialised quorums is not stored in ascending order by height in DB, failed to load from DB");
return false;
}
last_loaded_height = states.height;
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.old_quorum_states.push_back(entry);
Only store service node list every 10k AND Height-N blocks (#761) * Store the oldest state in the MAX_SHORT_TERM_STATE_HISTORY window Rederive the rest on startup, this way we only need to store states for 10k intervals + 1 state every block temporarily removing the overhead of having to serialise 30+(every 10k interval) states every block which was taking upto 15ms~ per block on mainnet. * Store quorums into the state class This is setup work to allow only storing one service node list state and rederiving the rest of the state at runtime in memory without having to waste space storing the extra 360 quorums every block which is the biggest bottleneck with syncing the blockchain adding around ~15ms per block after Service Nodes are activated. * Derive quorums using correct state, record duration of scan * Don't fail load if quorums empty, save progress on rescan Storing quorums in quorum states is now optional because quorums are stored with the state objects. Quorums are only stored in the dedicated data structure if you requested to store quorum history so for most users this will be empty. * Store state upto quorum lifetime to match previous behaviour * Make store every 10k states more robust * Corectly use lower bound to find quorum * Code review
2019-08-02 03:07:37 +02:00
}
}
{
Remove rollback code and old serialization method, mandate rescan
2019-08-16 07:34:27 +02:00
assert(data_in.states.size() > 0);
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
size_t const last_index = data_in.states.size() - 1;
Code review only_serialize_quorums should set only_store_quorums flag Simplify detach logic since we don't need constants anymore Move state storage comment to ::store Fix off by one in detach on recent states
2019-08-17 03:54:55 +02:00
if (data_in.states[last_index].only_stored_quorums)
{
LOG_PRINT_L0("Unexpected last serialized state only has quorums loaded");
return false;
}
Add alt block added hook Move service node list methods to state_t methods Add querying state from alt blocks and put key image parsing into function Incorporate hash into state_t to find alt states Add a way to query alternate testing quorums Rebase cleanup
2019-07-18 09:42:15 +02:00
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
if (data_in.states[0].version == state_serialized::version_t::version_0)
{
for (size_t i = last_index; i >= 1; i--)
{
state_serialized &serialized_entry = data_in.states[i];
state_serialized &prev_serialized_entry = data_in.states[i - 1];
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
state_t entry{this, std::move(serialized_entry)};
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
entry.quorums = quorum_for_serialization_to_quorum_manager(prev_serialized_entry.quorums);
entry.height--;
if (i == last_index) m_state = std::move(entry);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
else m_transient.state_archive.emplace_hint(m_transient.state_archive.end(), std::move(entry));
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
}
}
else
{
size_t const last_index = data_in.states.size() - 1;
for (size_t i = 0; i < last_index; i++)
{
state_serialized &entry = data_in.states[i];
if (entry.block_hash == crypto::null_hash) entry.block_hash = m_blockchain.get_block_id_by_height(entry.height);
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient.state_history.emplace_hint(m_transient.state_history.end(), this, std::move(entry));
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
m_state = {this, std::move(data_in.states[last_index])};
Add migration code for service node state format updates Also gate some troublesome slow changes that slow down pre-hf12 changes
2019-09-06 06:29:23 +02:00
}
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
// NOTE: Load uptime proof data
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
proofs = db.get_all_service_node_proofs();
Clear our own proof timestamp when loading This restores the more aggressive sending of uptime proofs after a restart.
2019-12-09 19:45:41 +01:00
if (m_service_node_keys)
{
// Reset our own proof timestamp to zero so that we aggressively try to resend proofs on
// startup (in case we are restarting because the last proof that we think went out didn't
// actually make it to the network).
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
auto &mine = proofs[m_service_node_keys->pub];
Clear our own proof timestamp when loading This restores the more aggressive sending of uptime proofs after a restart.
2019-12-09 19:45:41 +01:00
mine.timestamp = mine.effective_timestamp = 0;
}
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
initialize_x25519_map();
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
MGINFO("Service node data loaded successfully, height: " << m_state.height);
MGINFO(m_state.service_nodes_infos.size()
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
<< " nodes and " << m_transient.state_history.size() << " recent states loaded, " << m_transient.state_archive.size()
Separate long term service node state into archive from recent history set (#815)
2019-08-27 05:28:46 +02:00
<< " historical states loaded, (" << tools::get_human_readable_bytes(bytes_loaded) << ")");
minor fixes to service node data storage
2018-08-16 06:13:57 +02:00
LOG_PRINT_L1("service_node_list::load() returning success");
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
return true;
}
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
void service_node_list::reset(bool delete_db_entry)
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
{
Service Node List reset, should reset all transient fields (#953) * Service Node List reset, should reset all transient fields * Don't clear proofs/x25519 map on reset for robustness
2020-01-09 03:38:18 +01:00
m_transient = {};
m_state = state_t{this};
Increase the age of service node rollbacks we keep Increase the range to mitigate frequent rescanning when reorganising, technically with checkpointing we only need up to the 2nd oldest checkpoint, but I'm sure there's some case we're forgetting that would benefit from a larger rollback range. Also considering there were only 160 events in the month with a mass deregistration- keeping 2 days worth of rollbacks around is not going to be too expensive. Start storing service node list state for past blocks Separate quorums and reduce storage to 1 days worth Don't use pointer, declare m_state by value Fix rebase to dev Fix double serialise of service node state and expensive blob copy std::move quorums into storage, reserve vector size Don't +1 checkpoint finality height Code review Code review 2
2019-07-15 10:08:52 +02:00
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
if (m_blockchain.has_db() && delete_db_entry)
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
{
Store uptime proof data separately from states This extracts uptime proof data entirely from service node states, instead storing (some) proof data as its own first-class object in the code and backed by the database. We now persistently store: - timestamp - version - ip & ports - ed25519 pubkey and update it every time a proof is received. Upon restart, we load all the proofs from the database, which means we no longer lose last proof received times on restart, and always have the most recently received ip and port information (rather than only having whatever it was in the most recently stored state, which could be ~12 blocks ago). It also means we don't need to spam the network with proofs for up to half an hour after a restart because we now know when we last sent (and received) our own proof before restarting. This separation required some restructuring: most notably changing `state_t` to be constructed with a `service_node_list` pointer, which it needs both directly and for BlockchainDB access. Related to this is also eliminating the separate BlockchainDB pointer stored in service_node_list in favour of just accessing it via m_blockchain (which now has a new `has_db()` method to detect when it has been initialized).
2019-12-04 21:50:28 +01:00
cryptonote::db_wtxn_guard txn_guard{m_blockchain.get_db()};
m_blockchain.get_db().clear_service_node_data();
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
}
Add snode revision soft forks & drop hard fork voting code Snode revisions are a secondary version that let us put out a mandatory update for snodes that isn't a hardfork (and so isn't mandatory for wallets/exchanges/etc.). The main point of this is to let us make a 9.2.0 release that includes new mandatory minimums of future versions of storage server (2.2.0) and lokinet (0.9.4) to bring upgrades to the network. This slightly changes the HF7 blocks to 0 (instead of 1) because, apparently, we weren't properly checking the HF value of the pre-first-hf genesis block at all before. (In practice this changes nothing because genesis blocks are v7 anyway). This also changes (slightly) how we check for hard forks: now if we skip some hard forks then we still want to know the height when a hard fork triggers. For example, if the hf tables contains {7,14} then we still need to know that the HF14 block height also is the height that activates HF9, 10, etc.
2021-06-18 01:06:51 +02:00
m_state.height = hard_fork_begins(m_blockchain.nettype(), cryptonote::network_version_9_service_nodes).value_or(1) - 1;
Revert "Revert "Store Service Node State to DB as Blob (#125)" (#127)" This reverts commit c4988f5a1fca4aff2c9ca0cd0988e9dd536f6bd0. This un-reverts the changes to store the service node info in the database. This could easily just be its own commit instead of a revert, but doing a revert is amusing (and easier in this case).
2018-08-16 05:08:36 +02:00
}
Infinite Staking Part 2 (#406) * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add command to print locked key images * Update ui to display lock stakes, query in print cmd blacklist * Modify print stakes to be less slow * Remove autostaking code * Refactor staking into sweep functions It appears staking was derived off stake_main written separately at implementation at the beginning. This merges them back into a common code path, after removing autostake there's only some minor differences. It also makes sure that any changes to sweeping upstream are going to be considered in the staking process which we want. * Display unlock height for stakes * Begin creating output blacklist * Make blacklist output a migration step * Implement get_output_blacklist for lmdb * In wallet output selection ignore blacklisted outputs * Apply blacklisted outputs to output selection * Fix broken tests, switch key image unlock * Fix broken unit_tests * Begin change to limit locked key images to 4 globally * Revamp prepare registration for new min contribution rules * Fix up old back case in prepare registration * Remove debug code * Cleanup debug code and some unecessary changes * Fix migration step on mainnet db * Fix blacklist outputs for pre-existing DB's * Remove irrelevant note * Tweak scanning addresses for locked stakes Since we only now allow contributions from the primary address we can skip checking all subaddress + lookahead to speed up wallet scanning * Define macro for SCNu64 for Mingw * Fix failure on empty DB * Add missing error msg, remove contributor from stake * Improve staking messages * Flush prompt to always display * Return the msg from stake failure and fix stake parsing error * Tweak fork rules for smaller bulletproofs * Tweak pooled nodes minimum amounts * Fix crash on exit, there's no need to store on destructor Since all information about service nodes is derived from the blockchain and we store state every time we receive a block, storing in the destructor is redundant as there is no new information to store. * Make prompt be consistent with CLI * Check max number of key images from per user to node * Implement error message on get_output_blacklist failure * Remove resolved TODO's/comments * Handle infinite staking in print_sn * Atoi->strtol, fix prepare_registration, virtual override, stale msgs
2019-02-14 02:12:57 +01:00
size_t service_node_info::total_num_locked_contributions() const
{
size_t result = 0;
for (service_node_info::contributor_t const &contributor : this->contributors)
result += contributor.locked_contributions.size();
return result;
}
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor_args_t convert_registration_args(cryptonote::network_type nettype,
const std::vector<std::string> &args,
uint64_t staking_requirement,
uint8_t hf_version)
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
{
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor_args_t result = {};
simplewallet: added autostaking
2018-08-16 07:14:28 +02:00
if (args.size() % 2 == 0 || args.size() < 3)
service node list: added initial contribution field to prepare registration and registration arg parsing
2018-08-03 07:17:15 +02:00
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Usage: <operator cut> <address> <fraction> [<address> <fraction> [...]]]");
return result;
service node list: added initial contribution field to prepare registration and registration arg parsing
2018-08-03 07:17:15 +02:00
}
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
simplewallet: added autostaking
2018-08-16 07:14:28 +02:00
if ((args.size()-1)/ 2 > MAX_NUMBER_OF_CONTRIBUTORS)
pooled staking: renamed contributor cut to portions
2018-07-31 04:46:12 +02:00
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Exceeds the maximum number of contributors, which is ") + std::to_string(MAX_NUMBER_OF_CONTRIBUTORS);
return result;
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
}
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
service nodes: added service node operator cut to registration
2018-08-07 04:28:59 +02:00
try
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.portions_for_operator = boost::lexical_cast<uint64_t>(args[0]);
if (result.portions_for_operator > STAKING_PORTIONS)
service nodes: added service node operator cut to registration
2018-08-07 04:28:59 +02:00
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Invalid portion amount: ") + args[0] + tr(". Must be between 0 and ") + std::to_string(STAKING_PORTIONS);
return result;
service nodes: added service node operator cut to registration
2018-08-07 04:28:59 +02:00
}
}
catch (const std::exception &e)
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Invalid portion amount: ") + args[0] + tr(". Must be between 0 and ") + std::to_string(STAKING_PORTIONS);
return result;
service nodes: added service node operator cut to registration
2018-08-07 04:28:59 +02:00
}
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
struct addr_to_portion_t
{
cryptonote::address_parse_info info;
uint64_t portions;
};
std::vector<addr_to_portion_t> addr_to_portions;
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
size_t const OPERATOR_ARG_INDEX = 1;
for (size_t i = OPERATOR_ARG_INDEX, num_contributions = 0;
i < args.size();
i += 2, ++num_contributions)
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
{
cryptonote::address_parse_info info;
if (!cryptonote::get_account_address_from_str(info, nettype, args[i]))
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Failed to parse address: ") + args[i];
return result;
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
}
if (info.has_payment_id)
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Can't use a payment id for staking tx");
return result;
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
}
service node registration: misc bugfixes and pooled registration contributions
2018-07-28 08:27:04 +02:00
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
if (info.is_subaddress)
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Can't use a subaddress for staking tx");
return result;
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
}
try
{
service nodes: changed portions to 64 bits also miner fixes to simplewallet behaviour and interactive registration prompt
2018-08-18 06:36:16 +02:00
uint64_t num_portions = boost::lexical_cast<uint64_t>(args[i+1]);
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
addr_to_portions.push_back({info, num_portions});
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
}
catch (const std::exception &e)
{
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.err_msg = tr("Invalid amount for contributor: ") + args[i] + tr(", with portion amount that could not be converted to a number: ") + args[i+1];
return result;
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
}
}
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
//
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
// FIXME(doyle): FIXME(oxen) !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
// This is temporary code to redistribute the insufficient portion dust
// amounts between contributors. It should be removed in HF12.
//
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
std::array<uint64_t, MAX_NUMBER_OF_CONTRIBUTORS> excess_portions;
std::array<uint64_t, MAX_NUMBER_OF_CONTRIBUTORS> min_contributions;
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
{
// NOTE: Calculate excess portions from each contributor
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
uint64_t oxen_reserved = 0;
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
for (size_t index = 0; index < addr_to_portions.size(); ++index)
{
addr_to_portion_t const &addr_to_portion = addr_to_portions[index];
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
uint64_t min_contribution_portions = service_nodes::get_min_node_contribution_in_portions(hf_version, staking_requirement, oxen_reserved, index);
uint64_t oxen_amount = service_nodes::portions_to_amount(staking_requirement, addr_to_portion.portions);
oxen_reserved += oxen_amount;
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
uint64_t excess = 0;
if (addr_to_portion.portions > min_contribution_portions)
excess = addr_to_portion.portions - min_contribution_portions;
min_contributions[index] = min_contribution_portions;
excess_portions[index] = excess;
}
}
uint64_t portions_left = STAKING_PORTIONS;
uint64_t total_reserved = 0;
for (size_t i = 0; i < addr_to_portions.size(); ++i)
{
addr_to_portion_t &addr_to_portion = addr_to_portions[i];
uint64_t min_portions = get_min_node_contribution_in_portions(hf_version, staking_requirement, total_reserved, i);
uint64_t portions_to_steal = 0;
if (addr_to_portion.portions < min_portions)
{
// NOTE: Steal dust portions from other contributor if we fall below
// the minimum by a dust amount.
uint64_t needed = min_portions - addr_to_portion.portions;
const uint64_t FUDGE_FACTOR = 10;
const uint64_t DUST_UNIT = (STAKING_PORTIONS / staking_requirement);
const uint64_t DUST = DUST_UNIT * FUDGE_FACTOR;
if (needed > DUST)
continue;
for (size_t sub_index = 0; sub_index < addr_to_portions.size(); sub_index++)
{
if (i == sub_index) continue;
uint64_t &contributor_excess = excess_portions[sub_index];
if (contributor_excess > 0)
{
portions_to_steal = std::min(needed, contributor_excess);
addr_to_portion.portions += portions_to_steal;
contributor_excess -= portions_to_steal;
needed -= portions_to_steal;
result.portions[sub_index] -= portions_to_steal;
if (needed == 0)
break;
}
}
// NOTE: Operator is sending in the minimum amount and it falls below
// the minimum by dust, just increase the portions so it passes
Code cleanup & minor reorganization - Replace a bunch of repetitive proof rejection rules with a macro + HF requirement version loop. - Remove mostly unused MAX_KEY_IMAGES_PER_CONTRIBUTOR variable. It has always been set to 1 (and so doesn't actually do anything). If we wanted to increase it at this point we'd have to add multiple HF-guarded versions of it and HF-version guard the code anyway, so seems simpler to just drop it. - Simplify the max contributor/max contribution logic and merge it in with the existing contributor code (this is made easier by the above dropped variable).
2019-10-07 20:10:37 +02:00
if (needed > 0 && addr_to_portions.size() < MAX_NUMBER_OF_CONTRIBUTORS)
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
addr_to_portion.portions += needed;
}
Account for delayed portions subtraction in converted registration args (#531)
2019-03-28 09:22:16 +01:00
if (addr_to_portion.portions < min_portions || (addr_to_portion.portions - portions_to_steal) > portions_left)
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
{
result.err_msg = tr("Invalid amount for contributor: ") + args[i] + tr(", with portion amount: ") + args[i+1] + tr(". The contributors must each have at least 25%, except for the last contributor which may have the remaining amount");
return result;
}
if (min_portions == UINT64_MAX)
{
result.err_msg = tr("Too many contributors specified, you can only split a node with up to: ") + std::to_string(MAX_NUMBER_OF_CONTRIBUTORS) + tr(" people.");
return result;
}
portions_left -= addr_to_portion.portions;
portions_left += portions_to_steal;
result.addresses.push_back(addr_to_portion.info.address);
result.portions.push_back(addr_to_portion.portions);
initial loki -> oxen pass
2021-01-04 01:09:45 +01:00
uint64_t oxen_amount = service_nodes::portions_to_amount(addr_to_portion.portions, staking_requirement);
total_reserved += oxen_amount;
Prepare registration dust failure minimal fix (#523) * Add the minimal fix for prepare registration failing by dust amounts * Add dust redistribution at final step * Comment and clean up useless lines * Add fudge factor for dust amounts * Avoid possible overflow with portions if contributor 1 is insufficient
2019-03-28 08:18:23 +01:00
}
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
result.success = true;
return result;
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
}
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
bool make_registration_cmd(cryptonote::network_type nettype,
Service node checkpointing: rebased on relaxed deregistration (#662) * core: do not commit half constructed batch db txn * Add defer macro * Revert dumb extra copy/move change * Fix pop_blocks not calling hooks, fix BaseTestDB missing prototypes * Merge ServiceNodeCheckpointing5 branch, syncing and integration fixes * Update tests to compile with relaxed-registration changes * Get back to feature parity pre-relaxed registration changes * Remove debug changes noticed in code review and some small bugs
2019-06-26 06:00:05 +02:00
uint8_t hf_version,
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
uint64_t staking_requirement,
const std::vector<std::string>& args,
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
const service_node_keys &keys,
Implement the relaxed contribution rules on the back end (#481) * Implement the relaxed contribution rules on the back end * Code review adjustments
2019-03-13 06:35:02 +01:00
std::string &cmd,
boost::optional -> std::optional
2020-06-02 00:30:19 +02:00
bool make_friendly)
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
{
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
contributor_args_t contributor_args = convert_registration_args(nettype, args, staking_requirement, hf_version);
if (!contributor_args.success)
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
{
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
MERROR(tr("Could not convert registration args, reason: ") << contributor_args.err_msg);
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
return false;
}
Infinite Staking Part 2 (#406) * Cleanup and undoing some protocol breakages * Simplify expiration of nodes * Request unlock schedules entire node for expiration * Fix off by one in expiring nodes * Undo expiring code for pre v10 nodes * Fix RPC returning register as unlock height and not checking 0 * Rename key image unlock height const * Undo testnet hardfork debug changes * Remove is_type for get_type, fix missing var rename * Move serialisable data into public namespace * Serialise tx types properly * Fix typo in no service node known msg * Code review * Fix == to >= on serialising tx type * Code review 2 * Fix tests and key image unlock * Add command to print locked key images * Update ui to display lock stakes, query in print cmd blacklist * Modify print stakes to be less slow * Remove autostaking code * Refactor staking into sweep functions It appears staking was derived off stake_main written separately at implementation at the beginning. This merges them back into a common code path, after removing autostake there's only some minor differences. It also makes sure that any changes to sweeping upstream are going to be considered in the staking process which we want. * Display unlock height for stakes * Begin creating output blacklist * Make blacklist output a migration step * Implement get_output_blacklist for lmdb * In wallet output selection ignore blacklisted outputs * Apply blacklisted outputs to output selection * Fix broken tests, switch key image unlock * Fix broken unit_tests * Begin change to limit locked key images to 4 globally * Revamp prepare registration for new min contribution rules * Fix up old back case in prepare registration * Remove debug code * Cleanup debug code and some unecessary changes * Fix migration step on mainnet db * Fix blacklist outputs for pre-existing DB's * Remove irrelevant note * Tweak scanning addresses for locked stakes Since we only now allow contributions from the primary address we can skip checking all subaddress + lookahead to speed up wallet scanning * Define macro for SCNu64 for Mingw * Fix failure on empty DB * Add missing error msg, remove contributor from stake * Improve staking messages * Flush prompt to always display * Return the msg from stake failure and fix stake parsing error * Tweak fork rules for smaller bulletproofs * Tweak pooled nodes minimum amounts * Fix crash on exit, there's no need to store on destructor Since all information about service nodes is derived from the blockchain and we store state every time we receive a block, storing in the destructor is redundant as there is no new information to store. * Make prompt be consistent with CLI * Check max number of key images from per user to node * Implement error message on get_output_blacklist failure * Remove resolved TODO's/comments * Handle infinite staking in print_sn * Atoi->strtol, fix prepare_registration, virtual override, stale msgs
2019-02-14 02:12:57 +01:00
uint64_t exp_timestamp = time(nullptr) + STAKING_AUTHORIZATION_EXPIRATION_WINDOW;
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
crypto::hash hash;
SN: Move signature validating code to function and use in wallet2 & sn
2020-03-30 05:36:11 +02:00
bool hashed = cryptonote::get_registration_hash(contributor_args.addresses, contributor_args.portions_for_operator, contributor_args.portions, exp_timestamp, hash);
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
if (!hashed)
{
service nodes: added service node operator cut to registration
2018-08-07 04:28:59 +02:00
MERROR(tr("Could not make registration hash from addresses and portions"));
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
return false;
}
crypto::signature signature;
Add unified key container This puts the SN pubkey/privkey into a single struct (which have ed25519/x25519 keys added to it in the future), which simplifies various places to just pass the struct rather than storing and passing the pubkey and privkey separately.
2019-10-07 17:16:20 +02:00
crypto::generate_signature(hash, keys.pub, keys.key, signature);
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
std::stringstream stream;
if (make_friendly)
{
stream << tr("Run this command in the wallet that will fund this registration:\n\n");
}
stream << "register_service_node";
for (size_t i = 0; i < args.size(); ++i)
{
stream << " " << args[i];
}
Remove deprecated epee code
2020-10-23 22:32:28 +02:00
stream << " " << exp_timestamp << " " << tools::type_to_hex(keys.pub) << " " << tools::type_to_hex(signature);
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
if (make_friendly)
{
stream << "\n\n";
time_t tt = exp_timestamp;
Replace gmtime calls with epee::misc_utils::get_gmt_time
2018-12-11 07:42:06 +01:00
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
struct tm tm;
Replace gmtime calls with epee::misc_utils::get_gmt_time
2018-12-11 07:42:06 +01:00
epee::misc_utils::get_gmt_time(tt, tm);
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
char buffer[128];
explicitly specify UTC (#931)
2019-11-25 05:30:12 +01:00
strftime(buffer, sizeof(buffer), "%Y-%m-%d %I:%M:%S %p UTC", &tm);
simplewallet: added autostaking
2018-08-16 07:14:28 +02:00
stream << tr("This registration expires at ") << buffer << tr(".\n");
Remove old line referring to autostake (not relevant) (#505)
2019-03-20 01:18:30 +01:00
stream << tr("This should be in about 2 weeks, if it isn't, check this computer's clock.\n");
Add RPC call for getting snode register command
2018-07-31 08:13:03 +02:00
stream << tr("Please submit your registration into the blockchain before this time or it will be invalid.");
}
cmd = stream.str();
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
return true;
}
Allow state changes if non conflicting states (#718) * Only dupe check state changes against the latest valid change * Check the service node info for dupe state change * Gate dupe state changes behind HF12 * Actually properly gate dupe state change and revert breaking changes * Use is_decommissioned() to get service node state, change msg log level
2019-07-09 05:59:42 +02:00
Handle multi state changes in the pool (#781) * Update state transition check to account for height and universally set timestamp on recommission Reject invalidated state changes by their height after HF13 * Prune invalidated state changes on blockchain increment Simplify check_tx_inputs for state_changes by using service node list Instead of querying the last 60 historical blocks for every transaction, use the service node list and determine the state of the service node and if it can transition to its new state. We also now enforce at hardfork 13, that the network cannot commit transactions to the network if they would have been invalidated by a newer state change that already is already on the blockchain. This is backwards compatible all the way back to hardfork 9. Greatly simplify state change tx pruning on block added Use the new stricter rules for pruning state changes in the txpool We can do so because pruning the TX pool won't cause issues at the protocol level, but the more people we can upgrade the better network behaviour we get in terms of propagating more intrinsically correct ordering of state changes to other peers. * Don't generate state changes if not valid, disallow voting if node is non-votable
2019-08-12 01:48:47 +02:00
bool service_node_info::can_be_voted_on(uint64_t height) const
Allow state changes if non conflicting states (#718) * Only dupe check state changes against the latest valid change * Check the service node info for dupe state change * Gate dupe state changes behind HF12 * Actually properly gate dupe state change and revert breaking changes * Use is_decommissioned() to get service node state, change msg log level
2019-07-09 05:59:42 +02:00
{
Handle multi state changes in the pool (#781) * Update state transition check to account for height and universally set timestamp on recommission Reject invalidated state changes by their height after HF13 * Prune invalidated state changes on blockchain increment Simplify check_tx_inputs for state_changes by using service node list Instead of querying the last 60 historical blocks for every transaction, use the service node list and determine the state of the service node and if it can transition to its new state. We also now enforce at hardfork 13, that the network cannot commit transactions to the network if they would have been invalidated by a newer state change that already is already on the blockchain. This is backwards compatible all the way back to hardfork 9. Greatly simplify state change tx pruning on block added Use the new stricter rules for pruning state changes in the txpool We can do so because pruning the TX pool won't cause issues at the protocol level, but the more people we can upgrade the better network behaviour we get in terms of propagating more intrinsically correct ordering of state changes to other peers. * Don't generate state changes if not valid, disallow voting if node is non-votable
2019-08-12 01:48:47 +02:00
// If the SN expired and was reregistered since the height we'll be voting on it prematurely
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
if (!is_fully_funded()) {
MDEBUG("SN vote at height " << height << " invalid: not fully funded");
return false;
} else if (height <= registration_height) {
MDEBUG("SN vote at height " << height << " invalid: height <= reg height (" << registration_height << ")");
return false;
} else if (is_decommissioned() && height <= last_decommission_height) {
MDEBUG("SN vote at height " << height << " invalid: height <= last decomm height (" << last_decommission_height << ")");
return false;
} else if (is_active()) {
assert(active_since_height >= 0); // should be satisfied whenever is_active() is true
if (height <= static_cast<uint64_t>(active_since_height)) {
MDEBUG("SN vote at height " << height << " invalid: height <= active-since height (" << active_since_height << ")");
return false;
}
Assert should be after info.is_active() is true (#799)
2019-08-15 08:03:32 +02:00
}
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
MTRACE("SN vote at height " << height << " is valid.");
Handle multi state changes in the pool (#781) * Update state transition check to account for height and universally set timestamp on recommission Reject invalidated state changes by their height after HF13 * Prune invalidated state changes on blockchain increment Simplify check_tx_inputs for state_changes by using service node list Instead of querying the last 60 historical blocks for every transaction, use the service node list and determine the state of the service node and if it can transition to its new state. We also now enforce at hardfork 13, that the network cannot commit transactions to the network if they would have been invalidated by a newer state change that already is already on the blockchain. This is backwards compatible all the way back to hardfork 9. Greatly simplify state change tx pruning on block added Use the new stricter rules for pruning state changes in the txpool We can do so because pruning the TX pool won't cause issues at the protocol level, but the more people we can upgrade the better network behaviour we get in terms of propagating more intrinsically correct ordering of state changes to other peers. * Don't generate state changes if not valid, disallow voting if node is non-votable
2019-08-12 01:48:47 +02:00
return true;
}
bool service_node_info::can_transition_to_state(uint8_t hf_version, uint64_t height, new_state proposed_state) const
{
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
if (hf_version >= cryptonote::network_version_13_enforce_checkpoints) {
if (!can_be_voted_on(height)) {
MDEBUG("SN state transition invalid: " << height << " is not a valid vote height");
Regression core tests, missing txs on fork, segfault on detach We can't delete all state change TX's on blockchain increment incase the state change came from an alternative block. We must keep them around even if they would conflict with another state change because if we switch chains, they need to be present for the block to still be considered valid. Add a .size() check when checking for is_migrated_from_v403 because when reinitialise is true, m_state_history does not necessarily have any elements (in tests atleast).
2019-08-12 08:40:04 +02:00
return false;
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
}
Regression core tests, missing txs on fork, segfault on detach We can't delete all state change TX's on blockchain increment incase the state change came from an alternative block. We must keep them around even if they would conflict with another state change because if we switch chains, they need to be present for the block to still be considered valid. Add a .size() check when checking for is_migrated_from_v403 because when reinitialise is true, m_state_history does not necessarily have any elements (in tests atleast).
2019-08-12 08:40:04 +02:00
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
if (proposed_state == new_state::deregister) {
if (height <= registration_height) {
MDEBUG("SN deregister invalid: vote height (" << height << ") <= registration_height (" << registration_height << ")");
Don't allow duplicate ip changes for the same height (#831)
2019-09-11 08:14:24 +02:00
return false;
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
}
} else if (proposed_state == new_state::ip_change_penalty) {
if (height <= last_ip_change_height) {
MDEBUG("SN ip change penality invalid: vote height (" << height << ") <= last_ip_change_height (" << last_ip_change_height << ")");
Don't allow duplicate ip changes for the same height (#831)
2019-09-11 08:14:24 +02:00
return false;
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
}
Don't allow duplicate ip changes for the same height (#831)
2019-09-11 08:14:24 +02:00
}
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
} else { // pre-HF13
if (proposed_state == new_state::deregister) {
if (height < registration_height) {
MDEBUG("SN deregister invalid: vote height (" << height << ") < registration_height (" << registration_height << ")");
return false;
}
Don't allow duplicate ip changes for the same height (#831)
2019-09-11 08:14:24 +02:00
}
Allow state changes if non conflicting states (#718) * Only dupe check state changes against the latest valid change * Check the service node info for dupe state change * Gate dupe state changes behind HF12 * Actually properly gate dupe state change and revert breaking changes * Use is_decommissioned() to get service node state, change msg log level
2019-07-09 05:59:42 +02:00
}
Don't allow duplicate ip changes for the same height (#831)
2019-09-11 08:14:24 +02:00
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
if (is_decommissioned()) {
if (proposed_state == new_state::decommission) {
MDEBUG("SN decommission invalid: already decommissioned");
return false;
} else if (proposed_state == new_state::ip_change_penalty) {
MDEBUG("SN ip change penalty invalid: currently decommissioned");
return false;
Don't allow duplicate ip changes for the same height (#831)
2019-09-11 08:14:24 +02:00
}
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
return true; // recomm or dereg
} else if (proposed_state == new_state::recommission) {
MDEBUG("SN recommission invalid: not recommissioned");
return false;
Allow state changes if non conflicting states (#718) * Only dupe check state changes against the latest valid change * Check the service node info for dupe state change * Gate dupe state changes behind HF12 * Actually properly gate dupe state change and revert breaking changes * Use is_decommissioned() to get service node state, change msg log level
2019-07-09 05:59:42 +02:00
}
Add debugging to SN vote disallowing
2020-12-10 08:07:53 +01:00
MTRACE("SN state change is valid");
return true;
Allow state changes if non conflicting states (#718) * Only dupe check state changes against the latest valid change * Check the service node info for dupe state change * Gate dupe state changes behind HF12 * Actually properly gate dupe state change and revert breaking changes * Use is_decommissioned() to get service node state, change msg log level
2019-07-09 05:59:42 +02:00
}
Pulse: Make generating payouts a standalone function
2020-07-15 09:24:53 +02:00
payout service_node_info_to_payout(crypto::public_key const &key, service_node_info const &info)
{
service_nodes::payout result = {};
result.key = key;
// Add contributors and their portions to winners.
result.payouts.reserve(info.contributors.size());
const uint64_t remaining_portions = STAKING_PORTIONS - info.portions_for_operator;
for (const auto& contributor : info.contributors)
{
uint64_t hi, lo, resulthi, resultlo;
lo = mul128(contributor.amount, remaining_portions, &hi);
div128_64(hi, lo, info.staking_requirement, &resulthi, &resultlo);
if (contributor.address == info.operator_address)
resultlo += info.portions_for_operator;
result.payouts.push_back({contributor.address, resultlo});
}
return result;
}
servicenodes: Added service node list
2018-06-29 06:47:00 +02:00
}
service node registration: add signatures from service node pubkey to registration
2018-07-21 03:27:13 +02:00
Reference in a new issue Copy permalink