-
Notifications
You must be signed in to change notification settings - Fork 71
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Non Interactive Proof of Replication #1537
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks to be on the right track, though missing some considerations. I assume it's just WIP, but thought I'd take a look anyway.
- Validation of anything that would have been checked at PreCommit and is still relevant (e.g. sector number, expiration epoch, ...)
- Different path for aggregate vs batched proofs
- Fetch chain randomness according to the epoch specified for each sector
actors/miner/src/lib.rs
Outdated
state.put_sectors(store, sectors_to_add).map_err(|e| { | ||
e.downcast_default(ExitCode::USR_ILLEGAL_STATE, "failed to put new sectors") | ||
})?; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Avoid map_err
and downcast_default
. Use with_context_code
and similar instead for new code.
actors/miner/src/lib.rs
Outdated
state | ||
.add_initial_pledge(&total_pledge) | ||
.map_err(|e| actor_error!(illegal_state, "failed to add initial pledge: {}", e))?; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Check for sufficient balance first!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd defer thorough review until this is complete (especially handling aggregate proofs), but still looking good so far.
frc46_token = "9.0.0" | ||
fvm_actor_utils = "10.0.0" | ||
frc42_dispatch = "6.0.0" | ||
frc46_token = "10.0.0" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please make these and other dependency updates against main
as a separate PR, that you can create and land now. Remove this noise from the semantic changes introduced in this PR.
actors/miner/src/lib.rs
Outdated
miner: miner_id, | ||
number: sector.sector_number, | ||
}, | ||
randomness: Randomness(Vec::new()), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This one needs to be initialised properly, though the interactive_randomness below doesn't.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, even interactive_randomness
should be initialized to commr right? https://github.com/filecoin-project/FIPs/blob/master/FIPS/fip-0090.md#specification
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would have expected that to happen inside the proofs library. I think we need to ask someone else.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's internally ignored, so it can be the same as comm_r. I believe if you pass all zeroes, it should fail as that's marked as invalid.
actors/miner/src/lib.rs
Outdated
randomness: Randomness(Vec::new()), | ||
proof: proof.into(), | ||
sealed_cid: sector.sealed_cid, | ||
unsealed_cid: CompactCommD::empty().get_cid(params.seal_proof_type).unwrap(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Calculate empty CommD just once outside the iteration
expected_storage_pledge: storage_pledge.clone(), | ||
power_base_epoch: activation_epoch, | ||
replaced_day_reward: TokenAmount::zero(), | ||
sector_key_cid: None, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Kubuxu this is how current CC sectors are represented, just confirming we want to keep doing the same thing. Whether a sector can be updated is determined by [verified_]deal_weight == 0, and if so the sealed_cid is copied into this sector key cid upon the first update.
actors/miner/src/lib.rs
Outdated
|
||
rt.transaction(|state: &mut State, rt| { | ||
let current_balance = rt.current_balance(); | ||
if current_balance < total_pledge { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You need to check the available balance. Use state.get_unlocked_balance(¤t_balance)
.with_context_code(ExitCode::USR_ILLEGAL_STATE, || "failed to put new sectors")?; | ||
|
||
state | ||
.assign_sectors_to_deadlines( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've proposed in Slack that we allow the caller to specify the deadline, which would be a change here.
actors/miner/src/policy.rs
Outdated
@@ -158,6 +162,10 @@ pub fn qa_power_for_sector(size: SectorSize, sector: &SectorOnChainInfo) -> Stor | |||
qa_power_for_weight(size, duration, §or.deal_weight, §or.verified_deal_weight) | |||
} | |||
|
|||
pub fn base_power_for_sector(size: SectorSize) -> StoragePower { | |||
BigInt::from(size as u64) * &*QUALITY_BASE_MULTIPLIER |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this multiplication is valid. My interpretation of QUALITY_BASE_MULTIPLIER is that it's supposed to be a denominator, when multiplying by either DEAL_WEIGHT_MULTIPLIER
or VERIFIED_DEAL_WEIGHT_MULTIPLIER
. In any case, multiplying size by 10 isn't what we want here.
Just do StoragePower::from(size) at the call sites.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You are right. My math is invalid. I'd still like to keep the function base_power_for_sector
so we have an clear way for getting CC sector power consistent with QA power function.
@@ -135,6 +135,34 @@ pub struct ProveCommitSectorParams { | |||
pub proof: RawBytes, | |||
} | |||
|
|||
// Note no UnsealedCID because it must be "zero" data. | |||
#[derive(Clone, Debug, Eq, PartialEq, Serialize_tuple, Deserialize_tuple)] | |||
pub struct SectorNIActivationInfo { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This has changed in the FIP since you wrote this. Add sealing_number separate from sector_number.
@@ -2,7 +2,7 @@ use fil_actors_integration_tests::tests::prove_commit_sectors2_test; | |||
use fil_actors_runtime::test_blockstores::MemoryBlockstore; | |||
use test_vm::TestVM; | |||
|
|||
#[test] | |||
#[test_log::test] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I assume you will revert the test_log usage and dependencies when preparing for merge. If we want to use test_log, I think that's a separate consideration that we should execute in main
ahead of this PR, and uniformly across all tests. Feel free to start an issue/discussion about doing that.
actors/miner/src/types.rs
Outdated
pub sector_number: SectorNumber, | ||
pub sealed_cid: Cid, // CommR |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these two are out of order from the FIP; as it's tuple encoding, order matters
actors/miner/src/types.rs
Outdated
// Note no UnsealedCID because it must be "zero" data. | ||
#[derive(Clone, Debug, Eq, PartialEq, Serialize_tuple, Deserialize_tuple)] | ||
pub struct SectorNIActivationInfo { | ||
pub sealer_id: Option<ActorID>, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is not nullable in the FIP, does this assume filecoin-project/FIPs#993 is accepted?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In fact, this isn't even used in this PR; and I see no mention of SealerID
/ sealer_id
in the text of https://github.com/filecoin-project/FIPs/blob/master/FIPS/fip-0090.md other than in the description of this struct. The only thing it says about it is "Must be set to ID of receiving actor for now", so I guess it's a placeholder waiting for filecoin-project/FIPs#993? If so, I guess it needs to be checked against the receiving actor in prove_commit_sectors_ni
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes it's a placeholder that must be checked. Shouldn't be optional.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we fail a whole batch if sealer_id
of some sector is different that receiving miner ID, or just filter them out?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The question is relevant only when not using aggregate proof. I think having aggregate proof for sectors intended for different receiver doesn't make sense and should fail.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree, just fail if sealer_id doesn't match receiver.
#[cfg(feature = "fake-proofs")] | ||
fn batch_verify_ni_seals(&self, batch: &[NISealVerifyInfo]) -> anyhow::Result<Vec<bool>> { | ||
Ok(batch.iter().map(|_| true).collect()) | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this can go, right? we're just using batch_verify_seals
now with the NI proof types
AggregateSealVerifyProofAndInfos, NISealVerifyInfo, RegisteredSealProof, ReplicaUpdateInfo, | ||
SealVerifyInfo, WindowPoStVerifyInfo, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AggregateSealVerifyProofAndInfos, NISealVerifyInfo, RegisteredSealProof, ReplicaUpdateInfo, | |
SealVerifyInfo, WindowPoStVerifyInfo, | |
AggregateSealVerifyProofAndInfos, RegisteredSealProof, ReplicaUpdateInfo, SealVerifyInfo, | |
WindowPoStVerifyInfo, |
pub prove_commit_ni_sector_batch_max_size: usize, | ||
pub max_prove_commit_ni_randomness_lookback: ChainEpoch, | ||
pub valid_prove_commit_ni_proof_type: ProofSet, | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these need documenting and should be moved below pre_commit_challenge_delay
so they are consistently placed with the policy_constants
(and we can match their placement in go-state-types so it's easier to look them up)
pub const PROVE_COMMIT_NI_SECTOR_BATCH_MAX_SIZE: usize = 256; | ||
pub const MAX_PROVE_COMMIT_NI_LOOKBACK: ChainEpoch = 365 * EPOCHS_IN_DAY + CHAIN_FINALITY; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
needs commenting, and I believe this should be 30
and not 365
as per FIP-0090
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as per shared doc, current proposal is to change FIP to 180 days
I had a go at documenting the constants in go-state-types here: filecoin-project/go-state-types#270 I'd appreciate feedback on them to make sure I'm understanding and describing them well. |
.collect::<Vec<SectorOnChainInfo>>(); | ||
|
||
let total_pledge = BigInt::from(sectors_to_add.len()) * initial_pledge; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let mut needs_cron = false; |
state | ||
.check_balance_invariants(&rt.current_balance()) | ||
.map_err(balance_invariants_broken)?; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
needs_cron = !state.deadline_cron_active; | |
state.deadline_cron_active = true; | |
|
||
Ok(()) | ||
})?; | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if needs_cron { | |
let new_dl_info = state.deadline_info(rt.policy(), curr_epoch); | |
enroll_cron_event( | |
rt, | |
new_dl_info.last(), | |
CronEventPayload { event_type: CRON_EVENT_PROVING_DEADLINE }, | |
)?; | |
} | |
See also filecoin-project/ref-fvm#1999