Fork choice compliance test integration, "Production" part #9790
Conversation
|
All contributors have signed the CLA ✍️ ✅ |
|
I have read the CLA Document and I hereby sign the CLA |
1 similar comment
|
I have read the CLA Document and I hereby sign the CLA |
This flag allows to run spec tests with BLS disabled flag. The flat is particularly utilized in the following places: * AbstractBlockProcessor.processAndValidateBlock when processing a block * ForkChoiceUtil.validate when validating an attestation * BeaconStateAccessorsAltair.getNextSyncCommitteeIndices when computing a sync committee aggregate pubkey The decision to put it this way is mainly because of a lot of boilerplate code that would be required to propagate signature verifier to the downstream method calls. Instead of propagating it is read from the spec config instance available at hand. TestDefinition exposes an interface to create a spec with blsDisabled flag.
This method returns viable fork choice heads as per the spec. For instance, getChainHeads(/*includeNonViableHeads=*/ false) would return heads that aren't necesserily justified root descendants which isn't spec compliant.
ericsson49
force-pushed
the
fc-integration-pr1
branch
from
3f4ac2a to
150e262
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
| public Spec getSpec(final Boolean blsDisabled) { | ||
| if (spec == null) { | ||
| createSpec(); | ||
| createSpec(blsDisabled); |
There was a problem hiding this comment.
Bug: Test Caching Ignores BLS Configuration
The TestDefinition class caches the spec field, but the caching logic doesn't account for the blsDisabled parameter. This means different blsDisabled configurations can return the same cached spec instance, potentially causing tests to run with unintended BLS settings.
There was a problem hiding this comment.
This caching mismatch seems to be a potential cause of problems. I am not sure of the impact but maybe we need to be mindful of caching two versions of the spec (with and without blsDisabled) and returning the appropriate one?
lucassaldanha
left a comment
lucassaldanha
left a comment
There was a problem hiding this comment.
Overall changes are ok. Just added a few comments for discussion. I'll also ask others in the team to take a look.
| final Bytes4 fuluForkVersion, | ||
| final UInt64 fuluForkEpoch) { | ||
| final UInt64 fuluForkEpoch, | ||
| final boolean blsDisabled) { |
There was a problem hiding this comment.
Maybe we can have a constructor without the blsDisabled parameter, and one constructor overload with the parameter and annotated with @VisibleForTests or something to make it clear that it is only used on tests?
This way we also don't need to change existing calls to the constructor.
There was a problem hiding this comment.
We can also add a unit test to check that the default constructor (without the paramater) will always create a spec with blsDisabled = false.
| int getReorgParentWeightThreshold(); | ||
|
|
||
| // Handle spec tests with BLS disabled | ||
| boolean isBlsDisabled(); |
There was a problem hiding this comment.
NIT: Can the double-negative be misleading? Usually we default to isSomethingEnabled. Not sure what is the answer in this case, just thought I'd raise the question :)
There was a problem hiding this comment.
I've got a fairly strong dislike of this kind of code where theres 'test only' stuff in production code. i think i'd make a test class that disables bls in preference to changing a production class to not use BLS.
There was a problem hiding this comment.
should be largely addressed by #9805 if looking for the pr i merged
|
|
||
| int getReorgParentWeightThreshold(); | ||
|
|
||
| // Handle spec tests with BLS disabled |
There was a problem hiding this comment.
I think we need to make it more explicit that this is only used when testing.
| // Copy the previous aggregatePubkey if BLS is disabled | ||
| if (altairConfig.isBlsDisabled()) { | ||
| aggregatePubkey = | ||
| BeaconStateAltair.required(state) | ||
| .getNextSyncCommittee() | ||
| .getAggregatePubkey() | ||
| .getBLSPublicKey(); |
There was a problem hiding this comment.
do we really need special logic here?
There was a problem hiding this comment.
The problem is that aggregatePubkey should be computed regardless of whether BLS disabled or not. Probably, we should define a SignatureVerifier that does fake signature verification only but aggregates pubkeys as usual
Thanks a lot @rolfyone! let us rebase this one |
4 participants
PR Description
This PR includes three commits from the draft #8419 PR, which affect code run in production.
Documentation
doc-change-requiredlabel to this PR if updates are required.Changelog