Implement simultaneous open extension

[vyzo]

For libp2p/go-libp2p#1039.

Implements this Spec: libp2p/specs#196

TBD:

• tests!
• use parallel goroutines for writing in simultaneous read/write paths

[vyzo]

ping @Stebalien @raulk

[raulk]

I did a quick read through this and it looks sane. Nice job! I want to do a more thorough review — this is mildly intricate in terms of possible branching and it’ll be on our critical path to everything. Can we add fuzzing tests?

[vyzo]

@raulk what scenarios do you want to test? We can certainly add more tests.

[aarshkshah1992]

@vyzo When can this EOF happen ? I mean, why do we treat this error separately ?

[Stebalien]

EOF will happen when the remote side gives up because we have no protocols in common. In general, it's best to avoid returning EOF for actual error cases anyways (usually, you want to either return ErrUnexpectedEOF, or a better error like we're doing here).

[aarshkshah1992]

Ping @Stebalien @marten-seemann for review.

[Stebalien]

The idea is sound. I'd actually go a bit further and break much of this out into helper functions that can be reused with the other functions.

• We seem to write and send multiple delimited strings at once quite frequently, that should have a helper.
• Some of this code now duplicates existing code.

[Stebalien]

Nit: SelectProtoOrFailSimultanious, or something like that.

• It's unclear that this is "select proto or fail".
• We're not paying by the letter.

[aarshkshah1992]

This is done.

[Stebalien]

There's really no point in re-trying, or even building that into the protocol. If we collide, our randomness sources are likely identical and we'll never finish.

[aarshkshah1992]

I agree, the likelihood is abysmal. Have removed this.

[Stebalien]

We should skip exactly one protocol. Otherwise, if someone names their protocol select:, we'll have problems.

[aarshkshah1992]

@Stebalien I am not sure what you mean here.

Are you talking about the exact scenario where a peer sends "mutlsitream"|"iamclient"|"select:"|"select:nonce"

where that first "select:" is a security protocol the user wants to negotiate ? I agree this scenario will create problems.

But, is this the ONLY scenario you have in mind ? Does this really warrant fixing ?

[Stebalien]

Yes, that's the scenario I have in mind. My concern isn't really "fixing a bug" but rather "simplifying the spec". If we go with the current approach, the multistream-select spec would need to say "protocols beginning with select: are reserved" and "iamclient" would become an integral part of the spec. If we simply skip exactly one protocol, we can define "iamclient" to be it's own protocol.

The "iamclient" (maybe /bootstrap/simultaneous?) protocol:

1. Send exactly one preferred protocol.
2. Send exactly one select:nonce message to pick the winner.
3. The winner recursively uses multistream-select to pick the final protocol. NOTE: this would require sending a new multistream header as well.

The beauty of this approach is that there's nothing inherently special about the "iamclient" protocol from a spec standpoint. The implementation can take advantage of the multistream-select ambiguity and pipeline "iamclient" with the "preferred protocol" from step 1, but that's not required. A simpler implementation could just:

1. Negotiate one of "iamclient" or a set of other security transports (one round-trip per step).
2. If "iamclient" is selected, send the preferred protocol and a nonce.
3. Once the winner is picked, the winner negotiates their chosen protocol, potentially using the "preferred" protocol.

This version takes an extra round-trip but can be implemented as two compossible protocols. Later, as the libp2p implementation matures, it can be re-implemented to remove the extra round-trip without changing the spec.

[Stebalien]

TL;DR: it allows us to write the spec as follows:

1. Multistream protocol.
2. "iamclient" protocol for selecting a initiator when a simultaneous connect happens.
3. Optional: oh, by the way, you can combine these as follows ... to save a round-trip.

[aarshkshah1992]

@Stebalien This is done.

[Stebalien]

https://golang.org/pkg/bytes/#Compare

[aarshkshah1992]

This is done.

[aarshkshah1992]

@Stebalien

Have addresses your review save one comment(#42 (comment)).

Please take a look.

[aarshkshah1992]

This is done.

[aarshkshah1992]

I agree, the likelihood is abysmal. Have removed this.

[aarshkshah1992]

This is done.

[aarshkshah1992]

@Stebalien I am not sure what you mean here.

Are you talking about the exact scenario where a peer sends "mutlsitream"|"iamclient"|"select:"|"select:nonce"

where that first "select:" is a security protocol the user wants to negotiate ? I agree this scenario will create problems.

But, is this the ONLY scenario you have in mind ? Does this really warrant fixing ?

[aarshkshah1992]

@Stebalien Have addressed all your comments. Please can you take a look ?

[marten-seemann]

Some nits here, but one more serious point: I really think we should reduce the size of the random value we send. A collision probability of 2^-32 should be good enough here, and would simplify things quite a bit.

[marten-seemann]

Will this yield the correct result if one peer sends a "2" and the other one a "0000001"?

On a more general note (and as I've argued on the specs PR), I still believe that using a 256-bit number here is excessive. We definitely can live with a collision probability of 2^-64 (for that matter, 2^-32 would be totally fine as well, and might simplify stuff in JS, where 64 bit numbers tend to be more problematic), which would allow us to use a simple uint64 / uint32 comparison here.

[vyzo]

why? It doesn't cost anything to use bigger nonces, which makes the probability of collision astronomically low.

[marten-seemann]

Why? Because it simplifies the code. I'm still not sure if bytes.Compare will give the correct result if the number is encoded with leading 0s.

With a 32 bit nonce the chance is already astronomically small. At this probability, you'd expect a collision every 2^31 connection attempts. Assuming you're performing 10 simultaneous connects per second (I don't think any node will ever do this), you'll have to wait for almost 7 years until you get the first collision. With a 64 bit nonce, you'd have to wait about 30 billion years, twice the age of the universe.

[aarshkshah1992]

@vyzo @marten-seemann

I think the idea of using a random uint64 is a reasonable one and have made the change in the PR. Please let me know if there are any strong objections against this and we can discuss this in depth.

[Stebalien]

@marten-seemann the code was correct. It took a random byte string, encoded it, decoded it, then compared the bytes.

Honestly, that's a lot simpler than comparing a 64bit number as we're not relying on encoding order at all.

However, sending a raw number also works and I agree that 32 bytes was overkill for our purposes.

[marten-seemann]

Suggested change

	peernonce, err := base64.StdEncoding.DecodeString(tok[7:])
	peernonce, err := base64.StdEncoding.DecodeString(tok[len(tieBreakerPrefix):])

[aarshkshah1992]

This is done.

[marten-seemann]

I don't think you need a default when using bytes.Compare.

[aarshkshah1992]

This has been removed.

[marten-seemann]

You actually don't need this case, iamserver is already initialized to false.

[aarshkshah1992]

I think this helps readability of the code a bit, so keeping it around.

[marten-seemann]

Maybe make this a const? I see you're using it a few times.

[aarshkshah1992]

This is done for both initiator and responder.

[aarshkshah1992]

@marten-seemann

Have addressed all your review comments. Thanks !

[aarshkshah1992]

I think this helps readability of the code a bit, so keeping it around.

[aarshkshah1992]

This has been removed.

[aarshkshah1992]

This is done for both initiator and responder.

[aarshkshah1992]

This is done.

[aarshkshah1992]

@vyzo @marten-seemann

I think the idea of using a random uint64 is a reasonable one and have made the change in the PR. Please let me know if there are any strong objections against this and we can discuss this in depth.

[marten-seemann]

Probably nicer:

if peerNonce == myNonce {
   return ...
}
iamserver := peerNonce > myNonce

[aarshkshah1992]

Done.

[marten-seemann]

Typo? peerNonce?

[aarshkshah1992]

Done.

[aarshkshah1992]

@marten-seemann @Stebalien

Have addressed all review comments so far. Please approve if happy and we can ship !

[Stebalien]

feel free to ignore the nits.

[Stebalien]

nit: define a string constant.

[Stebalien]

nit: do we need this if err? Or can we just return proto, false, err.

[Stebalien]

nit: fmt.Errorf("unexpected response: %s", tok) is technically more idiomatic (although it really doesn't matter).

[Stebalien]

nit: it's probably slightly simpler to do:

var myNonce uint64
if err := binary.Read(rand.Reader, binary.LittleEndian, &myNonce); err != nil {
    ...
}
``

[Stebalien]

nit: drop this line.

[Stebalien]

EOF will happen when the remote side gives up because we have no protocols in common. In general, it's best to avoid returning EOF for actual error cases anyways (usually, you want to either return ErrUnexpectedEOF, or a better error like we're doing here).

[vyzo]

For the record, I find the use of a uint strictly worse than the original spec from a protocol standpoint; but then again it doesn't matter much at the end of the day.
We do need to update the spec for what was actually implemented however.