fix: let internal govobj/vote inv request trackers expire after 60 sec #6156
Conversation
src/governance/governance.h
Outdated
| @@ -270,8 +270,8 @@ class CGovernanceManager : public GovernanceStore | |||
| int nCachedBlockHeight; | |||
| std::map<uint256, CGovernanceObject> mapPostponedObjects; | |||
| hash_s_t setAdditionalRelayObjects; | |||
| hash_s_t setRequestedObjects; | |||
| hash_s_t setRequestedVotes; | |||
| std::map<uint256, int64_t> mapRequestedObjects; | |||
There was a problem hiding this comment.
if set is giving information what that's just a set of requested object, the map as a member name prefix doesn't give a context.
Consider renaming mapRequestedObjects to requestedObjectsWithTime or timeOfRequestedObjects or something else.
Same for AcceptMessage: mapHash -> hashesWithTime ?
There was a problem hiding this comment.
Good point 👍 Also the logic for these 2 maps is essentially the same so I took it a bit further and squashed them into one, see dea1395.
src/governance/governance.cpp
Outdated
| break; | ||
| default: | ||
| return false; | ||
| } | ||
|
|
||
| const auto& [_itr, inserted] = setHash->insert(inv.hash); | ||
| const auto& [_itr, inserted] = mapHash->emplace(inv.hash, GetTime<std::chrono::seconds>().count() + RELIABLE_PROPAGATION_TIME); |
There was a problem hiding this comment.
note for myself: GetTime return mocked time here
src/governance/governance.cpp
Outdated
| } | ||
|
|
||
| const auto& [_itr, inserted] = setHash->insert(inv.hash); | ||
| const auto valid_until = GetTime<std::chrono::seconds>().count() + RELIABLE_PROPAGATION_TIME; |
There was a problem hiding this comment.
maybe we keep the times here in std::chrono types?
|
Could someone please explain simply what this fix means in terms of the user pipeline for Real-World, Implemented-in-Production Use CaseI created the following proposal with a This was to avoid the following, documented-as-dangerous UX bug: // This command is dangerous because it consumes 5 DASH irreversibly.
// If params are lost, it's very hard to bruteforce them and yet
// users ignore all instructions on dashcentral etc. and do not save them...
// Let's log them here and hope users do not mess with debug.logThe code for generating the timestamps to circumvent that bug is here: /**
* Creates a draft object with reasonable and default values
* @param {Uint53} now - use Date.now(), except in testing
* @param {Uint53} startEpochMs - used to create a deterministic gobject time
* @param {GObjectData} data - will be sorted and hex-ified
* @param {GObject} [gobj] - override values
*/
DashGov.proposal.draft = function (now, startEpochMs, data, gobj) {
let dataHex = gobj?.dataHex || DashGov.proposal.sortAndEncodeJson(data);
let time = DashGov.proposal._selectKnownTime(now, startEpochMs);
/** @type {DashGov.GObject} */
let normalGObj = {
hashParent: 0,
revision: 1,
time: time,
dataHex: "",
masternodeOutpoint: null,
collateralTxId: null,
collateralTxOutputIndex: null,
signature: null,
};
Object.assign(normalGObj, gobj, { dataHex });
return normalGObj;
};/**
* The arbitrary use of random times is a leading cause of lost money during
* the proposal process, so instead we use the 'start epoch' when appropriate,
* or otherwise a UTC day interval of the start epoch
* @param {Uint53} now
* @param {Uint53} startMs
*/
DashGov.proposal._selectKnownTime = function (now, startMs) {
let startEpochDate = new Date(startMs);
let today = new Date();
if (today < startEpochDate) {
let date = today.getUTCDate();
startEpochDate.setUTCFullYear(today.getUTCFullYear());
startEpochDate.setUTCMonth(today.getUTCMonth());
startEpochDate.setUTCDate(date - 1);
}
let knownTimeMs = startEpochDate.valueOf();
let knownSecs = knownTimeMs / 1000;
knownSecs = Math.floor(knownSecs);
return knownSecs;
};AssumptionI believe what this issue is saying is just that it's going to ignore inventory spam based on actual MN message time from the (supposed) edit: hmm... not sure why github isn't unfurling those code blocks like it normally does, updated with code |
|
@coolaj86 this PR has nothing to do with the proposal data itself, it's dealing with an observed misbehaviour on p2p level only. Basically, a peer says "I have a governance object/vote with hash X", we remember this and request it. The object with hash X never arrives but we kept waiting for it forever (not really waiting in networking terms, just remembering that we asked for it earlier). This PR simply lets us forget about such requests after 60 seconds. |
UdjinM6
force-pushed
the
clean_req_gobj
branch
from
057aff3
to
303b323
Compare
|
let's rebase I guess to have CI green? may just be a flaky failure, restarting. |
UdjinM6
force-pushed
the
clean_req_gobj
branch
from
303b323
to
3b171fd
Compare
UdjinM6
force-pushed
the
clean_req_gobj
branch
from
3b171fd
to
d41d87a
Compare
There was a problem hiding this comment.
utACK d41d87a; changes to tests for this expiration logic would be appreciated
UdjinM6
force-pushed
the
clean_req_gobj
branch
from
fd68a7a
to
1f4e1a1
Compare
Issue being fixed or feature implemented
Another issue noticed during recent sb voting period. Lots of inv are coming from peers that never send the object/vote they announced. Let's not wait for these forever, 60 seconds should be enough.
What was done?
Add a "timer" to each request.
How Has This Been Tested?
Run tests, run a MN on mainnet and check logs.
Breaking Changes
n/a
Checklist: