backing-availability-audit: Move ErasureChunk Proof to BoundedVec

[Lldenaurois]

Addresses: https://github.com/paritytech/srlabs_findings/issues/100

This PR moved the proof field in ErasureChunk to a nested set of BoundedVecs.

[Lldenaurois]

Note: I am not sure what the best approach is here.

Since the obtain_chunks function (c.f. here) and branches function (c.f. here returns an AsRef<[u8]> and Vec<Vec> respectively, it may be prudent to modify those functions to return the actual Proof object. However, this is a failable conversion and would need proper error-handling, e.g. modifying the .map above to .filter_map

One option would be to have the erasure-coding return the Proof as oppose to the AsRef<[u8]> and the Vec<Vec<u8>>. But before I go ahead and do that it maybe be best to sync up regarding the proper approach.

[Lldenaurois]

Since there's no use of this trait anywhere (it seems), I believe it may be incorrect to implement the TryFrom trait as oppose to just making a Method on Proof.

[drahnr]

How would it be incorrect?

[Lldenaurois]

This is not the tersest way to store Merkle proofs, but it works. I wanted to have something working quickly in order to get some of the higher-level questions out of the way.

Strangely, the Merkle proofs generated in the polkadot tests seem to always an outer length 2, which I currently don't fully understand. The inner length varies from 3 to 347 and I also don't fully understand why.

Based on how we store these proofs as a Vec<Vec>, we can choose the best way to bound the inner and out vectors.

[Lldenaurois]

Note that these constants would not work in practice. I've just set them to what I observed being crated in the tests. It is my belief that the depth is no more than 3 (in fact it's not more than 2) throughout all tests because we don't ever create a Merkle Tree with that many elements, i.e. intermediate nodes.

The correct values to use here are:

MERKLE_NODE_MAX_SIZE = 512;
MERKLE_PROOF_MAX_DEPTH = 8;

I just found it interesting that the node max size was uneven. I may be mistaken, but I'm quite certain the max proof node created is 347 bytes.

[eskimor]

With the limits in place, how big can a proof become now?

[Lldenaurois]

4096 (= 512 * 8) bytes is the maximum size of the Proof with this change, as oppose to the 500KB protocol-level limit.

[drahnr]

I would prefer the error handling to not be static strings, with the exception of CodecError unless there is a particular requirement to do so.

Besides that, 👍

[drahnr]

Adding comments as to why these were chosen as they are would be appreciated.

[drahnr]

I would argue for a

#[derive(thiserror::Error)]
enum Error {
    #[error("erkle max proof depth exceeded {0} > {} .", MERKLE_PROOF_MAX_DEPTH)]
    MerkleProofDepthExceeded(depth),
    // ..
}

[drahnr]

CC

[drahnr]

Suggested change

	Ok(Proof(BoundedVec::from_vec(out).expect("Buffer size is deterined above. QED")))
	Ok(Proof(BoundedVec::from_vec(out).expect("Buffer size is already checked; qed")))

[drahnr]

nit/future: Do we truely require a Vec<Vec<_>>? Or could we avoid all those allocations by employing a single BoundedVec<_> and providing a Vec<&[]> or even &[&[]]? Again, not for this PR, a potential future optimization.

[eskimor]

Not sure it is the right behavior to just let the iterator end if the Proof could not be constructed. Can this even happen, without the code having a logic error?

[eskimor]

Can't we fix branch_hash in order to get rid of that conversion?

[eskimor]

I am missing tests, to make sure Encode/Decode works and is compatible to what we had before.