Implement EIP-1459: DNS peer discovery

[cgewecke]

#1043

Implements core logic needed to quickly acquire testnet (or mainnet) peers from the DNS ENR tree per EIP-1459.

Have followed EIP recommendations to

• randomize the peer search
• avoid downloading the entire DNS tree at once

Basic idea is that instead of making findNeighbour requests in DPT, we query a set of DNS records organized as merkle tree of ip addresses & ports maintained by geth clients. These trees are url addressed by network so the number of unusable peer contacts made during peer discovery is greatly reduced.

Locally have been able to acquire btw 5 and 7 mainnet peers within 3 or 4 minutes. Atm the client is unable to sync with any of the canonical testnets for reasons unrelated to peer discovery (see notes below). However, initial testing suggests that these can take a bit longer to find peers in b/c their networks are smaller.

To watch peer acquisition:

DEBUG=devp2p:dpt npm run client:start

To watch DNS tree traversal

DEBUG-devp2p:dns:dns npm run client:start

PR adds

• two cli options for DNS server configuration (in practice these should be unnecessary)
• a getDnsPeers method for DPT which is run during client bootstrap and during the dpt refresh cycle

TODO:

• Wire into RPLx
• Add default config info for EF DNS trees (as in geth's bootnodes config)
• Add error case tests for DNS class
• Fix webpack of DNS module
• Begin syncing a testnet correctly
• Add cli flag to enable user to spec. any ENR DNS tree url
• Make neighbour finding opt-in

[codecov]

Codecov Report

Merging #1070 (48d7a07) into master (3f6d488) will increase coverage by 0.07%.
The diff coverage is 90.41%.

Flag	Coverage Δ
block	81.33% <ø> (-0.19%)	⬇️
blockchain	83.55% <ø> (ø)
client	86.95% <55.55%> (-0.48%)	⬇️
common	?
devp2p	83.99% <94.63%> (+1.25%)	⬆️
ethash	?
tx	90.00% <ø> (ø)
vm	83.94% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

[cgewecke]

[EDIT - Resolved in 9bbc676 by adding an option to DNS class which let you specify the DNS server's ip address]

Triage note: wrote an e2e test for this which resolves peers from all.goerli.ethdisco.net. It works locally (for me) but errors in CI with ESERVFAIL. It's possible this is a limitation of the CI container (not certain).

Querying dns servers locally shows:

dns.getServers() // Node DNS api
> [
 "2001:558:feed::1",
 "2001:558:feed::2",
 "75.75.75.75",
 "75.75.76.76"
]

...in CI

[
 "127.0.0.53"
]

This stack overflow discussion about DNS resolution failures suggests that localhost DNS servers in a docker container don't work and fixing this would require a special container config.

[cgewecke]

Another small update here. Have had a lot of trouble getting this actually improve peer discovery for the testnets but am making headway.

Several things going on:

• devp2p's findNeighbour requests (following ping/pong) get peers from any network. The vast majority are irrelevant and trigger a mismatched network id error. Locally I've disabled this neighbour finding stuff because it creates way too much noise. DNS discover is able to iteratively build a healthy sized peer table and everything's in the correct network so perhaps neighbour discovery is something we should consider making optional.
• Most peers in the Rinkeby network are over-subscribed, e.g. they reject with TOO_MANY_PEERS. Have had better luck with goerli.
• None of the testnets sync correctly (Mainnet is fine). Am investigating this...the main symptom is that the blocks are not executing and errors cascade from there.

[cgewecke]

Example of goerli sync failure (on block 1)

INFO [02-02|00:00:27] Imported blocks count=50 number=1 hash=e26ba58f... hardfork=petersburg peers=2 
  devp2p:eth Received BLOCK_BODIES message from 178.62.39.130:30303: f896c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2... +189ms
  devp2p:eth Received BLOCK_HEADERS message from 3.140.248.200:30303: f97579f90256a0fe50915c6b8f9ad2b4b7a94574bef70540f42f30bc1380... +56ms
  devp2p:eth Received BLOCK_BODIES message from 3.140.248.200:30303: f896c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2... +116ms
WARN [02-02|00:00:28] Deleted block number=1 hash=e26ba58f... on failed execution
ERROR [02-02|00:00:28] VM execution error=Error: invalid block stateRoot stack=Error: invalid block stateRoot
    at VM.runBlock (/Users/cgewecke/code/ef/ethereumjs-monorepo/packages/vm/dist/runBlock.js:97:19)
    at async /Users/cgewecke/code/ef/ethereumjs-monorepo/packages/client/dist/lib/sync/execution/vmexecution.js:96:21
    at async /Users/cgewecke/code/ef/ethereumjs-monorepo/packages/blockchain/dist/index.js:909:21
    at async Blockchain.runWithLock (/Users/cgewecke/code/ef/ethereumjs-monorepo/packages/blockchain/dist/index.js:262:27)
    at async Blockchain.initAndLock (/Users/cgewecke/code/ef/ethereumjs-monorepo/packages/blockchain/dist/index.js:250:16)
    at async Blockchain._iterator (/Users/cgewecke/code/ef/ethereumjs-monorepo/packages/blockchain/dist/index.js:891:16)
    at async VMExecution.run (/Users/cgewecke/code/ef/ethereumjs-monorepo/packages/client/dist/lib/sync/execution/vmexecution.js:115:28)
    at async Chain.<anonymous> (/Users/cgewecke/code/ef/ethereumjs-monorepo/packages/client/dist/lib/sync/fullsync.js:29:21)

Edit: One component of this is that blockchain.update is unable to retrieve the totalDifficulty for header or block hashes starting w/ block 1 - this is the origin of the key not found error discussed on discord last Friday.

This td problem on occurs on Goerli/Rinkeby (not ropsten or mainnet) so it may be POA related.

Ropsten fails with invalid receipt tree on block 11

INFO [02-02|00:12:43] Imported blocks count=50 number=1 hash=41800b5c... hardfork=tangerineWhistle peers=5 
  devp2p:eth Received BLOCK_HEADERS message from 128.230.208.73:30296: f967ccf90211a082c2ba4fc8ff30d183715134009744d7988b21da0ffba8... +281ms
  devp2p:eth Received BLOCK_HEADERS message from 95.216.10.211:30303: f9676af9020fa01813be1e8bd6f666eeae2006e8fb0448691b090af57c22... +11ms
  devp2p:eth Received TX message from 95.216.10.211:30303: f934b9f931d82a843b9aca00832a83008080b93186608060405234801561... +2ms
INFO [02-02|00:12:44] Execution hardfork switch on block number=10 hash=b3074f93... old=tangerineWhistle new=spuriousDragon 
INFO [02-02|00:12:44] Execution hardfork switch on block number=11 hash=da882aef... old=tangerineWhistle new=spuriousDragon 
  devp2p:eth Received BLOCK_BODIES message from 128.230.208.73:30296: f906dcc2c0c0f90218c0f90214f90211a0c335b7fb547046c07fede411af... +100ms
WARN [02-02|00:12:44] Deleted block number=11 hash=da882aef... on failed execution
WARN [02-02|00:12:44] Set back hardfork along block deletion number=11 hash=da882aef... old=tangerineWhistle new=spuriousDragon 
ERROR [02-02|00:12:44] VM execution error=Error: invalid receiptTrie stack=Error: invalid receiptTrie
    at VM.runBlock (/Users/cgewecke/code/ef/ethereumjs-monorepo/packages/vm/dist/runBlock.js:88:19)

[holgerd77]

@cgewecke thanks for the update!

Yes, if my understanding here is correct, the non-awareness of a chain ID is the biggest flaw along discovery v4 and its message types like the findNeighbours call. So I would assume that it makes a lot of sense to leave findNeightbours out if DNS discovery can build up a stable collection of peers on its own.

Will also circle in Felix @fjl from the geth team, maybe he finds some time to give this a short read as well.

@fjl: Actually I have a side question here: if discovery v5 is such a heavy protocol change and this is still not ready for mainnet (or at least not activated yet) - as we discussed lately in the geth chat - have you guys every considered to do a very low-level v4.1 discovery version and e.g. just add an additional byte with the chain ID to the various calls (ping, pong, findNeighbours) (I am no network protocol designer, so bear with me if this is thought too simple)? I wonder if something like this might be easier for everyone to jump on board and eventually already goes 70-80% of the way? 🤔

@cgewecke the VM execution on the non-mainnet networks is still completely untested and from the perspective of this PR "the problem is solved" once you reach the point that the client DOES get some blocks imported and fails on execution, so feel very free to stop here for now. You can of course also give this some attention (maybe in a different PR though).

[holgerd77]

Whew, has this gotten extensive. 😀 Would have never expected that this would touch 30 files. 😛

[holgerd77]

Code changes look really great though, looking forward to give this a try at some point and get a bit of a better feeling on how this behaves.

[cgewecke]

Not sure why this was commented out (maybe perceived redundancy?).

Peer descriptions obtained via DNS do not have an id (unlike peers from findNeighbours) so without synthesizing this ip based key they aren't being banned consistently.

[holgerd77]

I commented this out since there was just no port parameter on the object and I wasn't sure if to add the tcp or udp port instead.

[cgewecke]

@holgerd77 Oh great, yes I was going to ask if you'd run it at some point to see if performance seems comparable to what's normal. It's hard to tell if it's slower (or faster?)

Will take this out of WIP now anyway...

[holgerd77]

@cgewecke yeah, sure, running it on what network? Dedicatedly the PoA networks or mainnet included?

[holgerd77]

Did a super-short test, for now I wasn't able to get a connection to both of the PoA networks. Did only one respective run though and waited for ~2 min. How long did this take for you?

[cgewecke]

@holgerd77 Goerli is usually less than minute, Rinkeby sometimes more. If you run with

DEBUG=devp2p:eth npm run client:start -- --network=goerli

...you should see downloading begin but processing the block fails. Without the debug flag on it can seem like nothing's happening.

I just ran it and almost instantly connected, getting this kind of output

INFO [02-05|10:20:50] Data directory: /Users/cgewecke/Library/Ethereum/ethereumjs
INFO [02-05|10:20:50] Initializing Ethereumjs client...
INFO [02-05|10:20:50] Full sync mode
INFO [02-05|10:20:50] Connecting to network: goerli
INFO [02-05|10:20:51] Initializing VM execution hardfork=petersburg 
INFO [02-05|10:20:51] Latest local block: number=0 td=1 hash=bf7e331f... hardfork=petersburg 
INFO [02-05|10:20:51] Synchronizing blockchain...
INFO [02-05|10:20:51] Started rlpx server.
INFO [02-05|10:20:51] Started libp2p server.
INFO [02-05|10:20:53] Listener up transport=rlpx url=enode://d4515bc229fb89c806aca2b8b2a8a0ee80498ec08aa22fffe2cc0421d7b2780e994a821eb5ddfe1d93ef2e7bd02dd1290352597e040f5eefa0dbe6b7c6842f62@[::]:30303 
INFO [02-05|10:20:53] Listener up transport=libp2p url=/p2p-circuit/ipfs/Qmem3RydnXS7mUkJhdoM9xd4dwxqYrKDYELrrtx3L2iUoc 
INFO [02-05|10:20:53] Listener up transport=libp2p url=/p2p-circuit/ip4/127.0.0.1/tcp/50580/ws/ipfs/Qmem3RydnXS7mUkJhdoM9xd4dwxqYrKDYELrrtx3L2iUoc 
INFO [02-05|10:20:53] Listener up transport=libp2p url=/ip4/127.0.0.1/tcp/50580/ws/ipfs/Qmem3RydnXS7mUkJhdoM9xd4dwxqYrKDYELrrtx3L2iUoc 
  devp2p:eth Send STATUS message to 3.11.147.67:30303 (eth64): [V:64, NID:5, TD:1, BestH:bf7e331, GenH:bf7e331, ForkHash: 0x0xa3f5ab08, ForkNext: 1561651] +0ms
INFO [02-05|10:21:05] Started eth service.
  devp2p:eth Send STATUS message to 64.225.119.97:30303 (eth64): [V:64, NID:5, TD:1, BestH:bf7e331, GenH:bf7e331, ForkHash: 0x0xa3f5ab08, ForkNext: 1561651] +13s
  devp2p:eth Received STATUS message from 64.225.119.97:30303: : [V:64, NID:5, TD:5988698, BestH:cd6c58d, GenH:bf7e331, ForkHash: 0x0xc25efa5c, ForkNext: NaN] +46ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c78335ffff018080 +43ms
  devp2p:eth Send STATUS message to 134.209.153.148:30303 (eth64): [V:64, NID:5, TD:1, BestH:bf7e331, GenH:bf7e331, ForkHash: 0x0xa3f5ab08, ForkNext: 1561651] +6s
  devp2p:eth Received STATUS message from 134.209.153.148:30303: : [V:64, NID:5, TD:5522635, BestH:275f7d5, GenH:bf7e331, ForkHash: 0x0xc25efa5c, ForkNext: NaN] +661ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 134.209.153.148:30303: c78335ffff018080 +5ms
  devp2p:eth Received TX message from 134.209.153.148:30303: f907a2f86c80850861c468008288b894cbd4129c027d8b2412f49a88ace3... +324ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e86c181c08080 +3s
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e890181c08080 +129ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e8a8181c08080 +117ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e8c0181c08080 +73ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e8d8181c08080 +116ms
  devp2p:eth Received GET_BLOCK_BODIES message from 64.225.119.97:30303: f842a058a99bbdc58cdd952db09dd6698ef6840118f4e3f0b3855c0bd6bc... +40ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e908181c08080 +36ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e938181c08080 +125ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e950181c08080 +118ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e974181c08080 +119ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e980181c08080 +117ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e998181c08080 +115ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e9b0181c08080 +116ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e9a4181c08080 +115ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e9e0181c08080 +131ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e95c181c08080 +118ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833e9ec181c08080 +119ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ea40181c08080 +121ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ea58181c08080 +116ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ea88181c08080 +116ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ea70181c08080 +116ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833eae8181c08080 +119ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833eb18181c08080 +78ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833eb6c181c08080 +115ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833eb9c181c08080 +117ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ebd8181c08080 +126ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ec20181c08080 +117ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ec74181c08080 +118ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ecb0181c08080 +114ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ed04181c08080 +120ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ed10181c08080 +70ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ed64181c08080 +115ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833edac181c08080 +117ms
  devp2p:eth Received BLOCK_HEADERS message from 64.225.119.97:30303: f9025ff9025ca02cc6673c75b93d4eb1b5cd8cd034aae099cf5a0e763404... +114ms
  devp2p:eth Received GET_BLOCK_HEADERS message from 64.225.119.97:30303: c8833ee00181c08080 +2ms
  devp2p:eth Received BLOCK_HEADERS message from 64.225.119.97:30303: f97562f90256a0bf7e331f7f7c1dd2e05159666b3bf8bc7a8a3a9eb1d518... +283ms
  devp2p:eth Received BLOCK_BODIES message from 64.225.119.97:30303: f896c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2c0c0c2... +91ms
ERROR [02-05|10:21:21] Error: could not find parent header
    at BlockHeader.validate (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/block/dist/header.js:315:19)
    at async Block.validate (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/block/dist/block.js:195:9)
    at async /Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/blockchain/dist/index.js:601:17
    at async Blockchain.runWithLock (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/blockchain/dist/index.js:262:27)
    at async Blockchain._putBlockOrHeader (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/blockchain/dist/index.js:583:9)
    at async Blockchain.putBlock (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/blockchain/dist/index.js:541:9)
    at async Blockchain.putBlocks (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/blockchain/dist/index.js:528:13)
    at async Chain.putBlocks (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/client/dist/lib/blockchain/chain.js:172:9)
    at async BlockFetcher.store (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/client/dist/lib/sync/fetcher/blockfetcher.js:72:9)
    at async Writable._write (/Users/cgewecke/code/ef/1459/ethereumjs-monorepo/packages/client/dist/lib/sync/fetcher/fetcher.js:169:17)
  devp2p:eth Received BLOCK_HEADERS message from 64.225.119.97:30303: f97579f90256a0fe50915c6b8f9ad2b4b7a94574bef70540f42f30bc1380... +172ms

[fjl]

I checked the code a bit, it looks mostly OK. I like that you didn't implement the tree building and focused only on client.
It looks like the JS client doesn't support linked trees yet. It's not super important because the EF's DNS lists don't use links yet, but you'll need to implement that at some point.

Regarding the unit test failing because of DNS settings: you should probably include a mock resolver and not query the real DNS in the test.

[fjl]

@holgerd77

Actually I have a side question here: if discovery v5 is such a heavy protocol change and this is still not ready for mainnet (or at least not activated yet) - as we discussed lately in the geth chat - have you guys every considered to do a very low-level v4.1 discovery version and e.g. just add an additional byte with the chain ID to the various calls (ping, pong, findNeighbours) (I am no network protocol designer, so bear with me if this is thought too simple)? I wonder if something like this might be easier for everyone to jump on board and eventually already goes 70-80% of the way?

We are working on enabling discv5 on mainnet, it will be enabled for LES server nodes in the next geth release. We have also enabled the discv4 ENR extension a long time ago, so if you want to pre-filter discv4 nodes using ENR, you can do that now.

[cgewecke]

Regarding the unit test failing because of DNS settings: you should probably include a mock resolver and not query the real DNS in the test.

Resolved this in CI by adding a default DNS server ip (8.8.8.8 - Google). But perhaps there shouldn't be a default.

The main tests for this mock DNS as suggested and the live network integration test is removable. It's just a sanity check that it works in another context (e.g Linux, container, etc).

It looks like the JS client doesn't support linked trees yet

👍

Will add this rn.

[holgerd77]

@fjl thanks for taking the time and taking a short look, that is super helpful! 😊 Short follow-up question: the Discovery v5 will then be the same as the Eth 2.0 Discovery v5 specification, right? Because then we would have a look into the ChainSafe implementation and see if we can bridge this with our RLPx implementation. (@cgewecke this might be a good follow-up task? 😋 )

@cgewecke tested again and I am now able to get connection - after just slightly more time to wait - with both Goerli and Rinkeby. I will directly merge this in here. Felix already had a short look and I think this is one of these PRs where nothing is lost if there is still some evolving improvement happening over time since this doesn't touch critical core logic and just improves the status quo on networking. And atm the effort to review from someone from the outside is disproportionally high, I'll try to get familiar with the code base over time though and eventually give some post-merge feedback.

[holgerd77]

LGTM (see previous comment)

[holgerd77]

For Goerli (and I think for Rinkey as well) interestingly enough sync starts with block number 2 (and not 1, so the first after genesis) which obviously fails? 🤔

Hmm, should be traceable though towards some root cause I guess with some following of the execution chain.