conductor block verification; to gossip or not to gossip? #325
Comments
noot
added
conductor
|
I think we use option 1 for now. Rollup nodes will always at a minimum need to be light clients of the sequencing chain, for now we say they must run a full node. We can at a later date design how we would want to make it a light node. |
|
Option 2: as long as the conductor is only interested in finalised blocks, being connected to the cometbft block gossip overlay isn't better than rpc. cometbft gossip allows a node to learn about a block at all stages in cometbft consensus (pre-vote, pre-commit, commit), whereas rpc only gives access to finalised blocks. on the p2p side, the relevant protocol to implement is the peer discovery protocol which cometbft named PEX. (composer may also be interested in implementing the mempool gossip protocol). Option 1: cometbft rpc provides endpoints |
…383) ## Summary This patch replaces gossipnet by a websocket stream of new blocks directly from sequencer. ## Background Adding a p2p layer adds a lot of complexity to astria services. With this patch conductor reads new blocks directly off of cometbft/sequencer, making it much simpler. For background reading, see this issue: #325 ## Changes - Replace gossipnet directly by a stream of new blocks using the cometbft subscrition RPC. - No other changes in regard to how blocks are further processed has been made. ## Testing We are relying on the rust tendermint-rpc crate functioning properly. As a follow-up it makes sense to create blackbox tests for conductor, which are currently absent. ## Breaking Changelist - Reading over p2p is no longer supported. Deployments must be updated and wired to read off of cometbft/sequenceer. ## Related Issues Precursor PRs unblocking this work: #375 #376 #382 closes #332 --------- Co-authored-by: Emilia Hane <emiliaha95@gmail.com>
## Summary Remove all gossipnet functionality from sequencer-relayer. This changes sequencer-relayer from optionally writing to the data availability layer to always writing to the DA. ## Background Adding p2p to astria services adds a low of complexity. #325 contains background information on why it was decided to remove it. ## Changes - Remove functionality to gossip new sequencer blocks over p2p - Remove toggle to submit blocks to celestia: this is now the main (and only) functionality of sequencer-relayer - Update all tests because the removal of gossipnet significantly changes test choreography. ## Testing Blackbox test were updated and are passing. ## Breaking Changelist - This is a breaking change primarily for astria-conductor, which can no longer expect to receive blocks over p2p. - All env vars related to p2p no longer matter - sequencer relayer now must have a valid celestia bearer token and url to the celestia node rpc ## Related Issues closes #333
|
closed by #384 |
Problem
Conductor needs to be able to validate that the data it receives was actually validly proposed and/or committed by the sequencer. To do this, it needs to be able to track the validator set of the sequencer chain.
Currently, the conductor requires an RPC endpoint of a sequencer node, which is how it obtains this data. However this requires all conductor/rollup nodes to also run a sequencer node, or trust a remote node (not ideal).
This also ties into whether we want to keep the gossipnet at all - right now it is redundant since conductor must be run alongisde a sequencer node.
Solutions
Tradeoffs
Option 1 is the simplest to implement engineering-wise, we basically already have it. However, it puts burden on the end-user of a rollup on Astria to run or otherwise obtain a sequencer node. This might be less painful if cometbft light clients exist, but it seems there are none used in production currently?
Option 2 requires us to keep the p2p layer and also add more protocols to it. Sync protocols are non-trivial to implement (cometbft's fast finality makes it easier though). Also keeping the p2p layer will add a lot of engineering work/debugging time down the line - we will need to implement connecting gating, peer scoring, debugging sync, making sure our infra works with another p2p network, etc.
Option 3 is nice in that it allows us to not require rollup users to run sequencer nodes. However, it puts extra burden on validators (relayers) to post data to DA, incurring financial costs. Would need to design incentivization for this. We would need to keep the p2p layer for receiving newly proposed blocks, so would still have the p2p complexity. Also it might delay block verification by Celestia block time, since we need to know the current validator set to verify a block received from gossip, so this is probably not ideal.
Recommendations
Option 1 is easiest by far. Unless we feel strongly about keeping and maintaining another p2p layer (which is somewhat fine, should consider if there would ever be other use cases for it down the line) or not having rollup users run sequencer nodes, we should probably go with that.
Tasks
The text was updated successfully, but these errors were encountered: