feat: proof upgrade testing #1284
Conversation
cryptonemo
force-pushed
the
upgrade-testing
branch
from
a27661c
to
439dc81
Compare
filecoin-proofs/src/api/post.rs
Outdated
| } | ||
| }) | ||
| }) | ||
| .collect::<Result<_>>()?; |
There was a problem hiding this comment.
I think the problem with this change is that it assumed each sector could only appear once in the set of challenged sectors. But in the case of Winning PoSt, there is just one sector, yet it is challenged repeatedly (each time with only a single challenge).
Yes, this is strange and confusing. Yes, the pervasive naming makes this almost impossible to understand.
filecoin-proofs/src/api/post.rs
Outdated
| @@ -452,6 +452,7 @@ pub fn generate_fallback_sector_challenges<Tree: 'static + MerkleTreeTrait>( | |||
| randomness: &ChallengeSeed, | |||
| pub_sectors: &[SectorId], | |||
| _prover_id: ProverId, | |||
| is_winning: bool, | |||
There was a problem hiding this comment.
If we want to avoid completely splitting Window and Winning PoSt, we need to be able to signal which we are using. We could try to 'detect' somehow based on the actual values, but that would be very brittle and a bad path to follow.
filecoin-proofs/src/api/post.rs
Outdated
| .collect::<Result<_>>()?; | ||
| }); | ||
| } | ||
| } |
There was a problem hiding this comment.
We need to roll this back. Winning PoSt will not actually change its behavior. We need the challenges of Winning PoSt to be sensitive to order, because otherwise they would all be the same. This is because a single challenge appears repeatedly at different positions within the list of challenged sectors. Each instance needs fresh challenges.
| i | ||
| } else { | ||
| challenge_index | ||
| } as u64, |
There was a problem hiding this comment.
This works, but it's a hack which now depends on each Winning PoSt sector being challenged only once. To be more correct, the true branch of this conditional should fully restore previous behavior. In practice, this won't matter with current parameterization, but we shouldn't depend on that. Certainly we would need at least an assertion if we intended to. That might actually be preferable. We have an enormous amount of complexity in place to support a generality I don't think we need. If we can close off some possibilities for the sake of simpler, clearer, code that might be worth doing.
| @@ -234,6 +238,7 @@ mod tests { | |||
| sector_size: sector_size as u64, | |||
| challenge_count, | |||
| sector_count, | |||
| is_winning: false, | |||
There was a problem hiding this comment.
For the sake of getting this working quickly, I ended up specializing all the tests to Window PoSt (is_winning: false). To be thorough, they should probably be extended to exercise both code paths.
cryptonemo
force-pushed
the
upgrade-testing
branch
from
1a3b591
to
0fc5c7c
Compare
cryptonemo
changed the title
| }); | ||
| // Winning PoSt and Window PoSt have different proof shapes regarding inclusion | ||
| // and sector proofs, so we are careful to partition them appropriately. | ||
| if pub_params.is_winning { |
There was a problem hiding this comment.
My experience of reading this whole section now is that it feels obfuscated and is very hard to follow. I am starting to suspect it would be better to just select on type (is_winning) then clearly and concisely perform the appropriate work in each branch. Treating these as 'same but different' with all the conditionals, hidden assumptions, and gymnastics doesn't seem worth it. If nothing else, it makes the code hard to follow — and it also makes it hard to reason about well enough to gain confidence. I think that goal might be more achievable with the alternate structure I just proposed. What do you think?
There was a problem hiding this comment.
It's a good idea for sure -- but the reason I'd hold off is because we already do something like this here (arguably the 'improved' version, or at least inspired by the idea): https://github.com/filecoin-project/rust-fil-proofs/blob/master/filecoin-proofs/src/api/post.rs#L672 and ideally, as part of a larger re-factor, we can share code across as needed better (rather than duplicating).
There was a problem hiding this comment.
Do you want to do that now then? My concern is trying to avoid accidentally releasing broken code. I'm not saying I believe this code is necessarily broken, but if we let the mandate of an upgrade complicate the code base, then we're at risk of making it very hard to continue maintaining in case further change becomes required.
I would personally prefer to maximize simplicity, even at the cost of some 'duplication' which can be refactored away later. Or do the refactor now, if not too difficult. The only reason the code isn't duplicated now is because we have two different methods, one of which is very hard to comprehend.
cryptonemo
force-pushed
the
upgrade-testing
branch
2 times, most recently
from
218b615
to
cf50b17
Compare
porcuquine
force-pushed
the
upgrade-testing
branch
4 times, most recently
from
69eb6ed
to
ea56e52
Compare
|
@cryptonemo I think my previous commit is ready for review. This is about all the refactoring that feels needed for now (apart from whatever is logically implied that I might have overlooked). |
porcuquine
force-pushed
the
upgrade-testing
branch
from
ea56e52
to
ca6d31a
Compare
cryptonemo
force-pushed
the
upgrade-testing
branch
3 times, most recently
from
910651e
to
27a5563
Compare
cryptonemo
force-pushed
the
upgrade-testing
branch
from
27a5563
to
750f845
Compare
| @@ -313,18 +317,18 @@ fn generate_params(i: &ProdbenchInputs) { | |||
| sector_size, | |||
| partitions, | |||
| porep_id: dummy_porep_id, | |||
| api_version: FIXED_API_VERSION, | |||
There was a problem hiding this comment.
this should probably a parameter of the tooling
| @@ -514,6 +516,7 @@ pub fn run_window_post_bench<Tree: 'static + MerkleTreeTrait>( | |||
| .expect("unknown sector size"), | |||
| typ: PoStType::Window, | |||
| priority: true, | |||
| api_version: APIVersion::V1_1, | |||
There was a problem hiding this comment.
should probably a parameter
cryptonemo
force-pushed
the
upgrade-testing
branch
from
750f845
to
10d247a
Compare
|
|
||
| impl FromStr for APIVersion { | ||
| type Err = anyhow::Error; | ||
| fn from_str(api_version: &str) -> Result<Self> { |
There was a problem hiding this comment.
Lets associate a Semver version with each of the enum and use that for parsing using: https://docs.rs/semver/
There was a problem hiding this comment.
For this, do we want ApiVersion::{V1_0_0, V1_1_0} for the constants also?
There was a problem hiding this comment.
good question, I am not sure tbh
| @@ -1,5 +1,21 @@ | |||
| use anyhow::{self, Result}; | |||
| use std::str::FromStr; | |||
|
|
|||
| #[derive(Debug, Copy, Clone)] | |||
| pub enum APIVersion { | |||
There was a problem hiding this comment.
Lets call this ApiVersion, it is a little bit more consistent with naming conventions in rust
feat: add tests paths for both v1_0 and v1_1 versions
cryptonemo
force-pushed
the
upgrade-testing
branch
from
faf72ff
to
43dad7f
Compare
This PR is NOT intended to be merged, as it contains incompatible proofs behaviour. At the moment, this branch is for testing.