This can happen under heavy load - no value in warning here.
Scenario this happens:
- New slot
- We get asked about what fork to build on
- We start building (create inherent gets called)
- We learn about a better fork (but Babe does not care as it already has a fork)
- 6 seconds passed - New slot
- Babe asks about what for to build on - we answer with the best block we learned about 6 seconds ago (slightly after we got asked the last time)
- We start building (on that old block)
- Milliseconds later we learn about a new block (the one from the slot we are actually in now)
- We kick the old leaf -> create inherent fails
Full discussion: https://github.com/paritytech/substrate/issues/12375
* Add `DisputeState` to `DisputeCoordinatorMessage::RecentDisputes`
The new signature of the message is:
```
RecentDisputes(oneshot::Sender<Vec<(SessionIndex, CandidateHash, DisputeStatus)>>),
```
As part of the change also add `DispiteStatus` to
`polkadot_node_primitives`.
* Move dummy_signature() in primitives/test-helpers
* Enable staging runtime api on Rococo
* Implementation
* Move disputes to separate module
* Vote prioritisation
* Duplicates handling
* Double vote handling
* Unit tests
* Logs and metrics
* Code review feedback
* Fix ACTIVE/INACTIVE separation and update partition names
* Add `fn dispute_is_inactive` to node primitives and refactor `fn get_active_with_status()` logic
* Keep the 'old' logic if the staging api is not enabled
* Fix some comments in tests
* Add warning message if there are any inactive_unknown_onchain disputes
* Add file headers and remove `use super::*;` usage outside tests
* Adding doc comments
* Fix test methods names
* Fix staging api usage
* Fix `get_disputes` runtime function implementation
* Fix compilation error
* Fix arithmetic operations in tests
* Use smaller test data
* Rename `RuntimeApiRequest::StagingDisputes` to `RuntimeApiRequest::Disputes`
* Remove `staging-client` feature flag
* fmt
* Remove `vstaging` feature flag
* Some comments regarding the staging api
* Rename dispute selection modules in provisioner
with_staging_api -> prioritized_selection
without_staging_api -> random_selection
* Comments for staging api
* Comments
* Additional logging
* Code review feedback
process_selected_disputes -> into_multi_dispute_statement_set
typo
In trait VoteType: vote_value -> is_valid
* Code review feedback
* Fix metrics
* get_disputes -> disputes
* Get time only once during partitioning
* Fix partitioning
* Comments
* Reduce the number of hardcoded api versions
* Code review feedback
* Unused import
* Comments
* More precise log messages
* Code review feedback
* Code review feedback
* Code review feedback - remove `trait VoteType`
* Code review feedback
* Trace log for DisputeCoordinatorMessage::QueryCandidateVotes counter in vote_selection
* Don't store available data on disputes
If there are lots of disputes, this leads to blowing up disk space on
validators. Rob luckily remembered that we do store the full
availability in participation.
The argument in the code does not make too much sense with the current
implementation, as no validator will ever request anything else from us,
than the one piece we are meant to posess.
* Fix warnings.
* Fix compile warnings
* Remove redundant field.
Co-authored-by: Vsevolod Stakhov <vsevolod.stakhov@parity.io>
* Bump crate versions
* Bump spec_version to 9280 for kusama
* Bump spec_version to 9280 for polkadot
* Bump spec_version to 9280 for rococo
* Bump spec_version to 9280 for westend
* update Cargo.lock
Co-authored-by: parity-processbot <>
* Don't import backing statements directly
into the dispute coordinator. This also gets rid of a redundant
signature check. Both should have some impact on backing performance.
In general this PR should make us scale better in the number of parachains.
Reasoning (aka why this is fine):
For the signature check: As mentioned, it is a redundant check. The
signature has already been checked at this point. This is even made
obvious by the used types. The smart constructor is not perfect as
discussed [here](https://github.com/paritytech/polkadot/issues/3455),
but is still a reasonable security.
For not importing to the dispute-coordinator: This should be good as the
dispute coordinator does scrape backing votes from chain. This suffices
in practice as a super majority of validators must have seen a backing
fork in order for a candidate to get included and only included
candidates pose a threat to our system. The import from chain is
preferable over direct import of backing votes for two reasons:
1. The import is batched, greatly improving import performance. All
backing votes for a candidate are imported with a single import.
And indeed we were able to see in metrics that importing votes
from chain is fast.
2. We do less work in general as not every candidate for which
statements are gossiped might actually make it on a chain. The
dispute coordinator as with the current implementation would still
import and keep those votes around for six sessions.
While redundancy is good for reliability in the event of bugs, this also
comes at a non negligible cost. The dispute-coordinator right now is the
subsystem with the highest load, despite the fact that it should not be
doing much during mormal operation and it is only getting worse
with more parachains as the load is a direct function of the number of statements.
We'll see on Versi how much of a performance improvement this PR
* Get rid of dead code.
* Dont send approval vote
* Make it pass CI
* Bring back tests for fixing them later.
* Explicit signature check.
* Resurrect approval-voting tests (not fixed yet)
* Send out approval votes in dispute-distribution.
Use BTreeMap for ordered dispute votes.
* Bring back an important warning.
* Fix approval voting tests.
* Don't send out dispute message on import + test
+ Some cleanup.
* Guide changes.
Note that the introduced complexity is actually redundant.
* WIP: guide changes.
* Finish guide changes about dispute-coordinator
conceputally. Requires more proof read still.
Also removed obsolete implementation details, where the code is better
suited as the source of truth.
* Finish guide changes for now.
* Remove own approval vote import logic.
* Implement logic for retrieving approval-votes
into approval-voting and approval-distribution subsystems.
* Update roadmap/implementers-guide/src/node/disputes/dispute-coordinator.md
Co-authored-by: asynchronous rob <rphmeier@gmail.com>
* Review feedback.
In particular: Add note about disputes of non included candidates.
* Incorporate Review Remarks
* Get rid of superfluous space.
* Tidy up import logic a bit.
Logical vote import is now separated, making the code more readable and
maintainable.
Also: Accept import if there is at least one invalid signer that has not
exceeded its spam slots, instead of requiring all of them to not exceed
their limits. This is more correct and a preparation for vote batching.
* We don't need/have empty imports.
* Fix tests and bugs.
* Remove error prone redundancy.
* Import approval votes on dispute initiated/concluded.
* Add test for approval vote import.
* Make guide checker happy (hopefully)
* Another sanity check + better logs.
* Reasoning about boundedness.
* Use `CandidateIndex` as opposed to `CoreIndex`.
* Remove redundant import.
* Review remarks.
* Add metric for calls to request signatures
* More review remarks.
* Add metric on imported approval votes.
* Include candidate hash in logs.
* More trace log
* Break cycle.
* Add some tracing.
* Cleanup allowed messages.
* fmt
* Tracing + timeout for get inherent data.
* Better error.
* Break cycle in all places.
* Clarified comment some more.
* Typo.
* Break cycle approval-distribution - approval-voting.
Co-authored-by: asynchronous rob <rphmeier@gmail.com>
* Limit number of elements loaded from the stagnant key
This will likely be required if we enable stagnant prunning as currently database has way
too many entries to be prunned in a single iteration
* Fmt run
* Slightly improve logging
* Some more debug nits
* Fmt pass
* Add stagnant prunning delay
* Enable stagnant check worker
* Implement stagnant pruning without stagnant checks
* Update node/core/chain-selection/src/tree.rs
Co-authored-by: Andronik <write@reusable.software>
* Apply suggestions from code review
Co-authored-by: Andronik <write@reusable.software>
Co-authored-by: Andronik <write@reusable.software>
* Limit number of elements loaded from the stagnant key
This will likely be required if we enable stagnant prunning as currently database has way
too many entries to be prunned in a single iteration
* Fmt run
* Slightly improve logging
* Some more debug nits
* Fmt pass
We are awaiting on the oneshot anyways, so we have back pressure. By
using the unbounded channel make log messages like the following less
likely (due to higher priority):
2022-05-30 13:46:38
2022-05-30 11:46:38.565 WARN tokio-runtime-worker parachain::provisioner: failed to assemble or send inherent data err=CanceledBackedCandidates(Canceled)
* Add some meaningful logging to the force approval to understand why it fails
* Add original block into the log to simplify logs lurking
* Update node/core/approval-voting/src/import.rs
Co-authored-by: asynchronous rob <rphmeier@gmail.com>
Co-authored-by: asynchronous rob <rphmeier@gmail.com>
Andronik