[RFC] Genesis ledger export #14213
[RFC] Genesis ledger export #14213
Conversation
Sventimir
added
RFC
Sventimir
force-pushed
the
sventimir/genesis-ledger-export
branch
2 times, most recently
from
4f405db to
f7a6f6b
Compare
rfcs/0050-genesis-ledger-export.md
Outdated
| `compatible` and `berkeley` branches' configuration files are | ||
| compatible with each other (see: [PR #13768](https://github.com/MinaProtocol/mina/pull/13768)). | ||
|
|
||
| The `fork_config` field has been added to GraphQL in [PR #13787](https://github.com/MinaProtocol/mina/pull/13787). |
There was a problem hiding this comment.
I see that the command gets best-tip data. I think we need height/slot as input as well to get the required protocol state- otherwise you have ~4mins before the best tip changes.
There was a problem hiding this comment.
You're right. I realised recently that what I did to compute the previous blockchain length and global slot was wrong. I'm on my way to fix it. I'll open a PR shortly.
Sventimir
force-pushed
the
sventimir/genesis-ledger-export
branch
from
adfe8f7 to
85f1515
Compare
|
I added a few more words on compatibility issues that arise from exporting epoch data and also from some recent changes to the |
|
@Sventimir In order to deal with the difference in epoch seed representation, we can just have a simple migration tool that is aware of both versions of the epoch seed representation, and convert between those 2. We can import the V1 type from |
Looking at the changes to the relevant code ( |
It turns out there's no incompatibility after all. It's just that I used the wrong |
- Epoch seeds' encoding is incompatible - Some Runtime_config fields have been renamed
Sventimir
force-pushed
the
sventimir/genesis-ledger-export
branch
from
85f1515 to
ba12db3
Compare
|
!ci-build-me |
|
!ci-build-me |
|
!ci-build-me |
rfcs/0050-genesis-ledger-export.md
Outdated
| The genesis ledger export is achieved using a GraphQL field named | ||
| `fork_config`. This field, if asked for, contains a new runtime | ||
| configuration, automatically updated with: |
There was a problem hiding this comment.
If we are putting this in GraphQL, we should have an explicit required property for the implementation that handling this GraphQL request does not incur a long async job > 1 second. Our GraphQL server is not very well optimized, and we have had issues in the past where long running GraphQL tasks can actually break a node. We should be careful to make sure this GraphQL request is safe to make once implemented.
There was a problem hiding this comment.
Sadly, it does take a couple of seconds to complete. I don't know, how it could be helped though. GraphQL seems to me to be the only way to retrieve the data and it takes time to dump all the accounts in the ledger into JSON. We could try to partition this job into multiple GQL requests and assemble the JSON in a separate program/script, but this seems cumbersome. Another option would be to only enable this query if a certain runtime flag is passed, and instantly return null if it isn't. Not very elegant solution, but what else can we do?
There was a problem hiding this comment.
I think it's that the account/ledger retrieval functions should be carefully implemented. But wondering if a CLI command would fare better? You'd still have to get the accounts the same way and serialize it to json but no GQL overhead? There already exists cli commands to export ledgers (mina ledger export)
There was a problem hiding this comment.
The issue isn't that the GQL request can't take longer than 1sec, it's that it cannot incur a > 1 sec async cycle. There are logs for when this happens. To test this, just run the GQL query, and then inspect the logs to look for "long async cycle" or "long async job".
There was a problem hiding this comment.
There are no such messages in the logs that I can find while generating the config.
rfcs/0050-genesis-ledger-export.md
Outdated
| `fork_config`. This field, if asked for, contains a new runtime | ||
| configuration, automatically updated with: | ||
|
|
||
| * the dump of the current **staged ledger**, which will become the |
There was a problem hiding this comment.
I don't think it should be the current staged ledger. As per the hard fork specification, we need to get the staged ledger of the final block before the transaction stop slot. This ledger will only be available for 2*k blocks after the transaction stop slot, and is not finalized until the network hits the stop network slot. Ideally, we would be able to send a GraphQL request of the form "give me the fork configuration for the latest block in the canonical chain where the slot is not greater than X" (and then provide the transaction stop slot as the value of X).
There was a problem hiding this comment.
I thought the staged ledger is not supposed to change anymore after the transaction stop slot. I think the network stop mechanism is implemented such that no more transactions are accepted, no more SNARK work is purchased and no coinbase rewards are paid anymore. Is this correct, @joaosreis ?
There was a problem hiding this comment.
If that's the case, it doesn't matter which ledger do we take, all of them will be identical, won't they?
There was a problem hiding this comment.
@Sventimir yes, that's correct. However, @nholland94 observations are also correct. We want to export the staged ledger of the final block before the transaction stop slot. We stop including any new transactions on succeeding blocks because those would not be included in the HF chain, but we keep producing those blocks so that we can achieve consensus on that final block before the stop transaction slot.
There was a problem hiding this comment.
Okay then, I'll add a parameter to the query, allowing the user to specify which block they're interested in.
There was a problem hiding this comment.
Could you update the RFC to reflect this?
There was a problem hiding this comment.
I did:
Asking for this field requires providing a slot or a
state hash of the block that we want to base the exported ledger on.
(line 22-23)
It needs to be extended to return the blockchain state for a given block (height
or state hash) so that we can export the desired ledger after the
blockchain has moved on.
(line 51-54)
There was a problem hiding this comment.
Ah, I forgot to push that change. Sorry.
rfcs/0050-genesis-ledger-export.md
Outdated
| The generated genesis ledger is prone to malevolent manual | ||
| modifications. Beyond containing the hash of the previous ledger, it's | ||
| unprotected from tampering with. However, at the moment there is no | ||
| mechanism which could improve the situation. The system considers | ||
| genesis ledger the initial state of the blockchain, so there is no | ||
| previous state it could refer to. Also, because we dump the **staged | ||
| ledger**, it is never snarked. It can only be verified manually by end | ||
| users, which is cumbersome at best. |
There was a problem hiding this comment.
This can be mitigated by providing the program which migrates the captured genesis ledger from the prior chain into the generated genesis ledger for the new chain. With this tool, users can re-execute the program themselves to verify the results, and read the logic of the program to verify it matches what was published by the generating party.
There was a problem hiding this comment.
I don't think I understand. The genesis ledger file generated by the node is fed directly (except perhaps for manual setting the genesis ledger timestamp) into new nodes. No conversion is required.
There was a problem hiding this comment.
This is referring to the case where there are ledger changes in the HF in which case you can't directly use the exported ledger. For example, adding/removing a field or any hash function changes changes the ledger hash of the genesis ledger in the HF. So you'd convert the exported ledger to the format that the HF daemon takes. This conversion can be verified by a program that takes the exported ledger, does the conversion itself and verify that the generated ledger has the same hash as the one used in. Assuming the program is simple enough to read and understand how the conversion is taking place. Of course, users can check their accounts to confirm that there are no balance or nonce changes.
There was a problem hiding this comment.
I see. Adeed in 6b1e886.
Sventimir
force-pushed
the
sventimir/genesis-ledger-export
branch
from
41bedcd to
0dc8375
Compare
|
!ci-build-me |
|
!ci-build-me |
Explain your changes:
Explain how you tested your changes:
Closes the issue: MinaFoundation#95