refactor: deglobalization of bls_legacy_scheme 2/N #5443
Conversation
knst
changed the title
knst
requested review from
ogabrielides and
UdjinM6
and removed request for
ogabrielides
|
Looks good |
|
hmm... so one of my suggestions was wrong https://gitlab.com/dashpay/dash/-/jobs/4505250574#L2394 and we need to partially revert 668d00d now (pls see 140c1cb). EDIT: On the bright side, I reindex both on mainnet and testnet with no issues :) |
So far as I understand, the RPC |
src/evo/providertx.h
Outdated
| @@ -167,7 +167,7 @@ class CProUpServTx | |||
| } | |||
| if (!(s.GetType() & SER_GETHASH)) { | |||
| READWRITE( | |||
| CBLSSignatureVersionWrapper(const_cast<CBLSSignature&>(obj.sig), (obj.nVersion == LEGACY_BLS_VERSION), true) | |||
| CBLSSignatureVersionWrapper(const_cast<CBLSSignature&>(obj.sig), (obj.nVersion == LEGACY_BLS_VERSION)) | |||
There was a problem hiding this comment.
I'd request dropping b2d41f6 (maybe modulo this line's change) as it's not related to the deglobalization and it may be something we SHOULD use when reindexing... I'll have to check perf at some point.
There was a problem hiding this comment.
There's big dangerous of how it is implemented right now.
Currently, there are 2 methods Unserialize, that has both default arguments:
template
inline void Unserialize(Stream& s, const bool specificLegacyScheme, bool checkMalleable = true);
template
inline void Unserialize(Stream& s, bool checkMalleable = true);
Let's assume that I am calling Unserialize(s, true) - it's very non-obvious which one will be called and not error prune at all.
It should be re-implemented, and there should not be default argument. Let's create an issue "check performance of Unserialize with/without checkMalleable flag" - but I really want to remove this confusing method in this PR
Reverting this change and adding new interface in future won't be difficult task so far as changes are quite trivial.
src/evo/providertx.h
Outdated
| if (obj.nVersion != BASIC_BLS_VERSION && obj.nType == MnType::HighPerformance) { | ||
| // for HPMN should be only BASIC bls, bail out early | ||
| return; | ||
| } |
There was a problem hiding this comment.
5989de8 should probably be it's own PR... maybe even a backport?
There was a problem hiding this comment.
why do backporting only this commit but not other commits in this PR? What's a difference?
src/llmq/dkgsession.cpp
Outdated
| @@ -989,14 +989,15 @@ void CDKGSession::SendCommitment(CDKGPendingMessages& pendingMessages) | |||
| qc.sig = WITH_LOCK(activeMasternodeInfoCs, return activeMasternodeInfo.blsKeyOperator->Sign(commitmentHash)); | |||
| qc.quorumSig = skShare.Sign(commitmentHash); | |||
|
|
|||
| const bool is_bls_legacy = bls::bls_legacy_scheme.load(); | |||
There was a problem hiding this comment.
please do this at the call site to avoid an atomic read when we basically never lie
| const auto pindex = llmq::utils::V19ActivationIndex(::ChainActive().Tip()); | ||
| bool is_bls_legacy_scheme = pindex == nullptr || nTime < pindex->pprev->nTime; |
There was a problem hiding this comment.
this would need cs_main locked?
There was a problem hiding this comment.
should it? if so, probably there's bug also in this commit:
bool CGovernanceVote::CheckSignature(const CBLSPublicKey& pubKey) const
{
- if (!CBLSSignature(vchSig).VerifyInsecure(pubKey, GetSignatureHash())) {
+ CBLSSignature sig;
+ const auto pindex = llmq::utils::V19ActivationIndex(::ChainActive().Tip());
+ bool is_bls_legacy_scheme = pindex == nullptr || nTime < pindex->nTime;
+ sig.SetByteVector(vchSig, is_bls_legacy_scheme);
+ if (!sig.VerifyInsecure(pubKey, GetSignatureHash())) {
LogPrintf("CGovernanceVote::CheckSignature -- VerifyInsecure() failed\n");
return false;
}
| @@ -7,6 +7,7 @@ | |||
|
|
|||
| #include <batchedlogger.h> | |||
|
|
|||
| #include <bls/bls.h> | |||
There was a problem hiding this comment.
Because CDGKContribution has members of type CBLSSignature:
CBLSSignature quorumSig; // threshold sig share of quorumHash+validMembers+pubKeyHash+vvecHash
CBLSSignature sig; // single member sig of quorumHash+validMembers+pubKeyHash+vvecHash
This object is declared in bls/bls.h that is missing to be in list of includes.
Code is compilable because bls/bls_ies.h includes recursively bls/bls.h, but better to include it explicitly.
|
@knst In ac5af56 you did the opposite of what @PastaPastaPasta suggested I think. The idea was to move atomic read inside |
as pasta says:
Updated, thanks for notice. |
|
Still not super happy here... This PR is just doing too many things imo; options are to split into a few different PRs that only really do 1 thing or get the git log to be clean enough so that it'd make sense to merge via a merge commit. I think preference is multiple PRs. (I think I'm okay with all the actual code changes, just not the PR :) ) |
…ead using global variable
txmempool.h is widely used header and the dependency bls.h should not be spread to all usages of mempool. It also noticeable improve compilation speed of project if bls.h has been changed.
There was a problem hiding this comment.
it looks like you (unintentionally?) dropped some related changes on rebase
|
Probably lost after rebase. Let me check... |
+partiall revert "refactor: simplification of rpc/quorums.cpp bcs pindex can't be nullptr" in some cases - can!
## Issue being fixed or feature implemented Current implementation of BLS wrapper has an unclear interface related to `checkMalleable` flag. There are 2 methods Unserialize, that has both default arguments: ``` template inline void Unserialize(Stream& s, const bool specificLegacyScheme, bool checkMalleable = true); template inline void Unserialize(Stream& s, bool checkMalleable = true); ``` Let's assume that I am calling `Unserialize(s, true)` - it's very non-obvious which one will be called and not error prune at all. It should be re-implemented, and there should not be default argument. Pasta noticed that this flag can be useful from performance point of view - let's have better new method such as `UnserializeNoMalleable` or similar and use it when reindexing/etc. It should be specified explicit. Reverting this change and adding new interface in future won't be difficult task so far as changes are quite trivial. ## What was done? Removed flag checkMalleable to simplify code because it's always true. It splits from #5443 ## How Has This Been Tested? Run unit functional tests. ## Breaking Changes No breaking changes - flag is always true. ## Checklist: - [x] I have performed a self-review of my own code - [ ] I have commented my code, particularly in hard-to-understand areas - [ ] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone
…Evo Nodes (#5463) ## Issue being fixed or feature implemented #5471 ## What was done? It splits from #5443 Adds extra unit tests for BLS basic scheme; enforces BLS basic for Evo Nodes in serialization/unserialization of CProRegTx, CProUpServTx. ## How Has This Been Tested? Run functional/unit tests + added new unit tests. ## Breaking Changes Serialization slightly changed, but it should be not breaking change ## Checklist: - [x] I have performed a self-review of my own code - [x] I have commented my code, particularly in hard-to-understand areas - [x] I have added or updated relevant unit/integration/functional/e2e tests - [ ] I have made corresponding changes to the documentation - [x] I have assigned this pull request to a milestone
Issue being fixed or feature implemented
Many usages of
CBLS{Signature,PrivateKey,PublicKey}assume using global variable, even if can be specified explicitly.Some of these usages have been deglobalized in this PR.
Some prior improvements and fixes are here: #5403
What was done?
bls_legacy_schemefromSetHex,SetByteVector, some rpc calls.checkMalleableto simplify code because it's alwaystrue.txmempool.honbls.hto speed up compilation.How Has This Been Tested?
Run unit/functional tests.
Breaking Changes
No breaking changes assumed. But in theory behaviour of some RPC can be more explicit and predictable.
Checklist: