docs: P2P network ADR 001 #66
Conversation
rach-id
added
documentation
| **Producer**: Orchestrator, which will be signing attestations: | ||
|
|
||
| - Sign an attestation | ||
| - Create the attestation confirm struct |
| - Create the attestation confirm struct | ||
| - Post it to the blockstore | ||
| - Create a `SignatureIndex` | ||
| - Put the Signature index in the DHT. |
There was a problem hiding this comment.
Either SignatureIndex if we want to explicitly refer to type, or signature index (small case)
There was a problem hiding this comment.
I don't want to block too much on this ADR as getting the implementation out the door is a priority, but we might want to slowly flesh this out over time as I do think writing these things down is a good forcing function to really nail down the reasoning for the approach that we've so far only discussed in calls. that would also give us more time to add details to the implementation portion.
|
|
||
| ### Positive | ||
|
|
||
| - Use a well tested/maintained project, libP2P implementation of DHT. |
There was a problem hiding this comment.
[nit non blocking]
we could perhaps be a bit clearer here, or I'm a tad confused. Is this a benefit relative to what exactly? would we implement our own DHT using the other option? alternatively, here's a suggestion for better wording
| - Use a well tested/maintained project, libP2P implementation of DHT. | |
| - Use a well tested/maintained implementation of DHT. |
|
|
||
| ### Validators | ||
|
|
||
| To add an extra layer of security when exchanging the data, we will define validators which will validate the confirms before storing/querying them: |
There was a problem hiding this comment.
[nit]
I'm not sure this adds any level of security, but perhaps that's a definitions thing. What do we mean here by "security"?
before storing/querying
the wording was a bit confusing here imo. We run these after we query them, correct? or perhaps during, but I don't think we run these before
| func (vv ValsetValidator) Validate(key string, value []byte) error { | ||
| // TODO Should verify that the valset is valid, i.e. running stateless checks on it. | ||
| // The checks should include: | ||
| // - Correct signature verification | ||
| // - Correct fields checks. Example, checking if an address field as a correctly formatted address. | ||
| return nil | ||
| } | ||
|
|
||
| func (vv ValsetValidator) Select(key string, values [][]byte) (int, error) { | ||
| // TODO Should run the same stateless checks as the `Validate` function to avoid querying | ||
| // faulty values. | ||
| return 0, nil | ||
| } | ||
| ``` |
There was a problem hiding this comment.
[non blocking question]
what happens to a peer if these return an error?
[nit]
the naming of these seem redundant or confusing because of the double use of the word validator (valset and Validator) which mean very different things. I would prefer that we find a different name, but not going to block. I feel like we don't have to name something a validator just because that the role it plays in libp2p. The method names are already descriptive enough imo, so we can use decorator, signatureChecker, verifier etc
| - A DAG-syncer: which syncs DAG nodes between nodes and publishes new ones. IPFS will be used for this. | ||
| - A broadcaster: which sends messages to all the peers. This will be LibP2P PubSub. | ||
| - Limitations: | ||
| - Ever-growing DAG: shouldn't be a problem in our case since we only have small unrelated key values. |
There was a problem hiding this comment.
as discussed in the initial call, we would definitely prune, each peer just has to prune the same
| - Ever-growing DAG: shouldn't be a problem in our case since we only have small unrelated key values. | ||
| - Merkle clock sorting: having access to a logical clock to sort events as they happen. This shouldn't cause us any issue since the signatures are not order dependent. | ||
| - TBD. | ||
| - We should take a deeper look at the repo [go-ds-crdt](https://github.com/ipfs/go-ds-crdt) as there isn't much activity: |
There was a problem hiding this comment.
might want to reword this a bit to describe what is meant here in a clearer way. Also, while that repo might not have a lot of usage or issues, it is using standard libp2p components which have been tested heavily. Its more like a configured version of ipfs-lite, not unlike what we're suggesting we do here
| confirm, err := exchange.GetBlock(ctx, index.CID) | ||
| ``` | ||
|
|
||
| ### Limitations |
There was a problem hiding this comment.
this title feels out of place
| - `orchestrator`: orchestrator address | ||
| - `type`: data commitment confirm or valset confirm | ||
|
|
||
| The issue with using a P2P network is that there is no way of knowing the CID of a signature beforehand. So, relayers will not be able to get the confirms directly from the network. |
There was a problem hiding this comment.
there's no way of knowing the hash before hand, but if we define a custom CID format (similar to the plugin), then we can know the CID ahead of time!
also, mind clarifying why we can't know the hash ahead of time to readers of this document?
|
|
||
| ## Possible solutions | ||
|
|
||
| The standard solution is to use Libp2p kadDHT implementation for discovery and routing, then using a Bitswap exchange to publish attestation signatures and get them using CIDs. However, in our case, the CIDs will be unknown until the moment of signature creation making it impossible to rely on Bitswap alone. So, we will need to use another mechanism to know the CIDs or to get them. |
There was a problem hiding this comment.
| The standard solution is to use Libp2p kadDHT implementation for discovery and routing, then using a Bitswap exchange to publish attestation signatures and get them using CIDs. However, in our case, the CIDs will be unknown until the moment of signature creation making it impossible to rely on Bitswap alone. So, we will need to use another mechanism to know the CIDs or to get them. | |
| The standard solution is to use libp2p kadDHT implementation for discovery and routing, then using a Bitswap exchange to publish attestation signatures and get them using CIDs. However, in our case, the CIDs will be unknown until the moment of signature creation making it impossible to rely on Bitswap alone. So, we will need to use another mechanism to know the CIDs or to get them. |
There was a problem hiding this comment.
we used a few different formats of libp2p, such as libP2P, and should likely just stick to a single one.
| - Consumers will have to know when to query the network: | ||
| - This won't be an issue since we can define a delay to start querying: the time when the attestation request was created in the state machine + a few minutes |
There was a problem hiding this comment.
if this isn't an issue, then we might not want to list it as a limitation. Also, don't we have to know when to query for all approaches?
|
|
||
| ### Option 4: IPNS | ||
|
|
||
| Instead of using the DHT for storing the indexes, we could use IPNS where each peer would publish its list of signatures, and upon every signature, update what it's publishing. |
There was a problem hiding this comment.
I think we could flesh this out a bit more, as I'm not sure how this works still.
|
I think we can close this as unplanned since I don't think its worth finishing this any longer |
Overview
Closes #4
Checklist