-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ping-pong topology fixes #281
Conversation
Downgrading to draft because I may find other stuff as I implement this and will tack on commits to this PR. |
6881879
to
ac50c50
Compare
This is ready for review now and corresponds to what I have implemented in divviup/libprio-rs#683. There are further changes I'd like to suggest to ping-pong, but more immediately, what I think we should do is review and merge this change, and then make a corresponding change to DAP that adapts to these new definitions. Then we can release DAP-06 and VDAF-07 and have published draft versions we can refer to in implementations. Further refinements to ping-pong can wait for subsequent drafts of the pair of documents. |
I think there's a problem with how aggregation parameters are handled in ping-pong. We have:
But at the DAP layer, we always represent aggregation parameters as opaque byte buffers. For example:
I added a commit here that resolves this by aligning ping-pong's handling of agg param with its handling of things like the public share or input shares: the arguments are now |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me! Just some editorial things.
Corresponding DAP changes: ietf-wg-ppm/draft-ietf-ppm-dap#494 |
This change implements the DAP-05 ping-pong topology in which aggregators take turns preprocessing prepare shares into prepare messages. While this topology first appeared in DAP-05, this implementation follows the changes in [1], which should appear in DAP-06. This change depends on the implementation of the VDAF ping-pong topology added to crate `prio` in [2], which in turn conforms to the specification added after VDAF-06 and further tweaked in [3] (we expect this to be published soon as VDAF-07). This commit makes some changes to what intermediate values are stored by aggregators. In the case where an aggregator is continuing, it will have computed a prepare state, a prepare message for the current round and a prepare share for the next round. The existing implementation would store all three objects in the database, significantly increasing the per-report storage requirements. In particular, this makes things worse for the Helper, which previously never needed to store a prepare share because the Leader always took responsibility for combining prepare shares. To mitigate this, we instead have aggregators store a `prio::ping_pong::topology::Transition`, which will contain a prepare state and a prepare message (both of which are generally much smaller than prepare shares), from which the next prepare state and importantly prepare share can be recomputed. The main benefit of this change is to reduce how many round trips between aggregators are needed to prepare reports. Quite a few tests used Prio3 but depended on having the leader or helper in the `Waiting` state after running aggregation initialization. Accordingly, those tests are changed to run Poplar1, which now takes 2 rounds. [1]: ietf-wg-ppm/draft-ietf-ppm-dap#494 [2]: divviup/libprio-rs#683 [3]: cfrg/draft-irtf-cfrg-vdaf#281 Part of #1669
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Let's way to merge until we've checked the corresponding changes in the VDAF spec. I also want to look at libprio's implementation.
Note that there is no representation of the `Start` state as it is never | ||
instantiated in the ping-pong topology. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems confusing, as we just said "the initial state is Start
". It is true that the Start state is ephemeral, and doesn't have to be stored anywhere, but I think it would be clearer to just have class Start(State): pass
declared and move on. We're just defining which fields are held by which states here, and don't provide advice on their serialization.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You and Chris both think it makes more sense, and you're the editors, so I'll add it.
* `Vdaf.decode_agg_param(encoded: bytes) -> Vdaf.AggParam` decodes an | ||
aggregation parameter. | ||
|
||
* `Vdaf.encode_agg_param(agg_param: Vdaf.AggParam) -> bytes` encodes an |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should adjust the definition of encode_agg_param
for Poplar1 in 8.2.6.6 to match this, so it takes in the aggregation parameter as a single tuple argument (rather than two separate arguments).
@tgeoghegan can you squash and summarize the changes in the commit message? |
A handful of fixes to the specification of the ping-pong aggregator communication topology encountered during implementation. - Explicitly describe Python objects for `State` - Describe VDAF methods for encoding and decoding aggregation param - `ping_pong` methods accept aggregation param as encoded bytes - `ping_pong` methods accept ping pong Messages as encoded bytes - `ping_pong` methods must encode `Message` into bytes before returning it - `ping_pong_continued` fails if `state` is not `Continued` - add distinct `pong_pong_leader_continued` and `ping_pong_helper_continued` functions instead of `is_leader` param - fix typo in `ping_pong_transition` - Poplar1's `encode_agg_param` aligns with `Vdaf.encode_agg_param`
ade3d18
to
b8cfd93
Compare
This change implements the DAP-05 ping-pong topology in which aggregators take turns preprocessing prepare shares into prepare messages. While this topology first appeared in DAP-05, this implementation follows the changes in [1], which should appear in DAP-06. This change depends on the implementation of the VDAF ping-pong topology added to crate `prio` in [2], which in turn conforms to the specification added after VDAF-06 and further tweaked in [3] (we expect this to be published soon as VDAF-07). This commit makes some changes to what intermediate values are stored by aggregators. In the case where an aggregator is continuing, it will have computed a prepare state, a prepare message for the current round and a prepare share for the next round. The existing implementation would store all three objects in the database, significantly increasing the per-report storage requirements. In particular, this makes things worse for the Helper, which previously never needed to store a prepare share because the Leader always took responsibility for combining prepare shares. To mitigate this, we instead have aggregators store a `prio::ping_pong::topology::Transition`, which will contain a prepare state and a prepare message (both of which are generally much smaller than prepare shares), from which the next prepare state and importantly prepare share can be recomputed. The main benefit of this change is to reduce how many round trips between aggregators are needed to prepare reports. Quite a few tests used Prio3 but depended on having the leader or helper in the `Waiting` state after running aggregation initialization. Accordingly, those tests are changed to run Poplar1, which now takes 2 rounds. [1]: ietf-wg-ppm/draft-ietf-ppm-dap#494 [2]: divviup/libprio-rs#683 [3]: cfrg/draft-irtf-cfrg-vdaf#281 Part of #1669
A handful of fixes to the specification of the ping-pong aggregator
communication topology encountered during implementation.
ping_pong_leader_init
and_helper_init
returnMessage
, notbytes
ping_pong_transition
always returns aMessage
ping_pong_transition
ping_pong_continued
fails ifstate
is notContinued
is_leader
parameter fromping_pong_transition