Simple Geolocation Probing #445
Conversation
…zed geolocation data.
SendCoordinateInfo RPC Sends geolocation data to pruntime to initialize a secret message channel toward geolocation contract. Echo RPC can be used to measure network RTT. Relevant to Phala-Network/phala-blockchain#445
|
The Protobuf changes is proposed in Phala-Network/prpc-protos#2 |
|
ping @kvinwang, will close the previous PR. This PR is currently finalized. |
|
Could you rebase to the latest master branch? Now it's full of history and hard to review. |
Done. Now this PR will be merged into |
| .send_mq | ||
| .channel(sender, id_pair); | ||
| let secret_mq = SecretMessageChannel::new(&ecdh_key, | ||
| &mq, |
There was a problem hiding this comment.
Looks like this will break the deterministic of the mq egress?
Is it better that pherry directly report the infomation to the chain?
There was a problem hiding this comment.
I previously implemented a version that uses pallets to redirect contract commands, but later I with @shelvenzhou decided to refactor the code to initialize the contract command call directly in pRuntime, mainly to take advantages of SecretMessageChannel.
There was a problem hiding this comment.
(For @kvinwang and @shelvenzhou)
Need some general discussion about feeding external data to the consensus system.
Maybe we should allow the sender to feed "loosely consistent" messages to the blockchain. The message is still signed by the sender (e.g. a worker), and has a ingress sequence id associated with it. However the sender no longer send it deterministically. The determinism only start to take effect since the message arrives the blockchain and thus permanently timestamped. Before arriving the blockchain, there's no guarantee on if the message will be processed or now.
A very naive implementation on this specific case can be:
- pherry gets the geolocation in some way
- pherry gets the latest ingress sequence of
WorkerLoose(worker_pubkey) - pherry sends the geolocation data to pruntime by RPC
- pruntime encrypts the data, and signs it with the worker identity key, return the pherry
- pherry sends the signed payload to the blockchain
This process is not guaranteed to be deterministic. If it fails, we can just redo it a bit later. And if we think one step further, probably we can also let not only pherry, but also any components to initiate a non-deterministic message to the mq. Examples are:
- A simple query can results in some data feed back to the blockchain
- An on-chain command can trigger an async action (e.g. sending a http request), and once the action is finished, it can sends the result back to the blockchain.
- Of course, the above example can be slightly modified to be originated from pruntime itself rather than pherry.
Other thoughts?
There was a problem hiding this comment.
Besides all the in-line comments, I found the geolocation never get removed. Let's consider adding a TTL to each report, and let the client to refresh the data before it gets expired.
Summary:
- TTL of the geolocation records
- Admin permission to read the raw data (or remove the ability to read raw data completely)
- Non-deterministic message submission
| @@ -0,0 +1,3 @@ | |||
| Download GeoLite-City.mmdb database at https://drive.google.com/file/d/1UDKHuZ2KQSaDvy34LMKlUPKgToZPoNUk/view?usp=sharing | |||
There was a problem hiding this comment.
Need to figure out the license of the database. Then maybe we can redistribute on our end.
There was a problem hiding this comment.
Unfortunately we may not. Redistributing of the geolite2 database needs to purchase a "GeoLite2 Commercial Redistribution License".
There was a problem hiding this comment.
No worry. I see if we meet some criteria we are fine:
- Auto update (we can do it later now)
- Not used to identify individuals or households (we only output aggregated data!)
In any case, we may consider to buy a commercial license in the future.
|
The geolocation report ttl is added to the |
…zed geolocation data.
…zed geolocation data.
…zed geolocation data.
h4x3rotab
force-pushed
the
dev-geo-probing-v2
branch
from
4d77e22 to
f46824d
Compare
|
I'm ok with this PR. A few follow-ups as discussed:
|
SendCoordinateInfo RPC Sends geolocation data to pruntime to initialize a secret message channel toward geolocation contract. Echo RPC can be used to measure network RTT. Relevant to Phala-Network/phala-blockchain#445
This PR tries to implement simple geolocation probing in Phala Network.
Goal:
Currently this PR is considered to be merged into
geo-probingbranch for safety, but if you think it is ready, feel free to merge it into the master branch.