8722 provisionPool re-register notifiers #9481
Conversation
Chris-Hibbert
added
bug
Chris-Hibbert
changed the title
Chris-Hibbert
force-pushed
the
8722-provPoolResub
branch
from
b7a696f
to
4c0d25d
Compare
Deploying agoric-sdk with
|
| Latest commit: |
997d72c
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://14c87d62.agoric-sdk.pages.dev |
| Branch Preview URL: | https://8722-provpoolresub.agoric-sdk.pages.dev |
Chris-Hibbert
force-pushed
the
8722-provPoolResub
branch
from
4c0d25d
to
d665a40
Compare
| if (desc.issuerName.match(FIRST_CAP_ASCII)) { | ||
| trace(`Saved Issuer ${desc.issuerName}`); | ||
| await zcf.saveIssuer(desc.issuer, desc.issuerName); | ||
|
|
||
| // see https://github.com/Agoric/agoric-sdk/issues/8238 | ||
| } else if (desc.issuerName.match(FIRST_LOWER_ASCII)) { | ||
| await saveIssuerWithLegalKeyword(desc, zcf); | ||
| } else { | ||
| console.error( | ||
| `unable to save issuer with illegal keyword: ${desc.issuerName}`, | ||
| ); | ||
| } |
There was a problem hiding this comment.
both branch save with a legal keyword. This abstraction makes it look like this branch does something different. I think it would be more clear if you made a valid desc and then saved it consistently.
| if (desc.issuerName.match(FIRST_CAP_ASCII)) { | |
| trace(`Saved Issuer ${desc.issuerName}`); | |
| await zcf.saveIssuer(desc.issuer, desc.issuerName); | |
| // see https://github.com/Agoric/agoric-sdk/issues/8238 | |
| } else if (desc.issuerName.match(FIRST_LOWER_ASCII)) { | |
| await saveIssuerWithLegalKeyword(desc, zcf); | |
| } else { | |
| console.error( | |
| `unable to save issuer with illegal keyword: ${desc.issuerName}`, | |
| ); | |
| } | |
| // let this handle the conditions and log about whether repair was necessary | |
| const goodDesc = repair(desc); | |
| if (goodDesc) { | |
| await zcf.saveIssuer(desc.issuer, desc.issuerName); | |
| } else { | |
| console.error( | |
| `unable to save issuer with illegal keyword: ${desc.issuerName}`, | |
| ); | |
| } |
There was a problem hiding this comment.
Yes, that's better.
| instancePrivateArgsP, | ||
| ]); | ||
| const { adminFacet, instance } = provisionPoolStartResult; | ||
| // const privateArgs = await deeplyFulfilled(instancePrivateArgs.get(instance)); |
| @@ -137,3 +137,8 @@ export const bankSend = (addr, wanted) => { | |||
|
|
|||
| return agd.tx('bank', 'send', VALIDATORADDR, addr, wanted, ...noise); | |||
| }; | |||
|
|
|||
| export const getProvisionPoolMetrics = async () => { | |||
There was a problem hiding this comment.
It hides two things: getQuoteBody() is not exported, and the callers would have to share a definition of the path. I'll make the change if you insist, but you'll have to ask a second time. :-)
There was a problem hiding this comment.
ah, I didn't notice the export privacy aspect
|
|
||
| /** | ||
| * @file | ||
| * The problems to be addressed are that provisionPool won't correctly handle |
There was a problem hiding this comment.
minor: "won't correctly handle" is one problem
| * 2a. if we had been able to null-upgrade provisionPool at this point, we | ||
| * wouldn't have been able to productively add USDC, but the null upgrade fails. |
There was a problem hiding this comment.
IIUC, this would be more clear:
| * 2a. if we had been able to null-upgrade provisionPool at this point, we | |
| * wouldn't have been able to productively add USDC, but the null upgrade fails. | |
| * 2a. verify a provisionPool null upgrade fails (if it passed, we wouldn't have been able to productively add USDC) |
Though I don't understand why
There was a problem hiding this comment.
I attempted to clarify.
| * 3. Do a full upgrade of provisionPool; then deposit USDC, and see IST | ||
| * incremented in totalMintedConverted. | ||
| * | ||
| * 4. Null upgrade vat-bank again, and then see (in logs) that adding a new |
There was a problem hiding this comment.
why not make a deposit to verify that ability?
There was a problem hiding this comment.
We only have assets for currencies that provisionPool already knows about. We can add new currencies, but I haven't found a reasonable way to mint them to be able to deposit them.
There was a problem hiding this comment.
it is trickier since it's a synthetic-chain test. I think you could do it with core-eval that both adds a new currency and with the available powers mints then deposits. But this comment suffices.
| 'brands match', | ||
| ); | ||
| if (expectedToGrow) { | ||
| // I couldn't import AmountMath. dunno why. |
There was a problem hiding this comment.
you'd have to add @agoric/ertp as a dependency of this proposal package. Did you try that?
There was a problem hiding this comment.
I did try that. Lemme try again.
There was a problem hiding this comment.
When I do, I get an error at runtime
ReferenceError: assert is not defined
› file://node_modules/@endo/eventual-send/src/E.js:3:40
without anything I can recognize as indicating where the problem manifested.
There was a problem hiding this comment.
oh yeah, that durn dependency on SES.
You'll also need import "@endo/init/debug.js" before that import.
There was a problem hiding this comment.
I'm not familiar with that one (or I've forgotten). Do you have a pointer to an issue or discussion?
There was a problem hiding this comment.
Ah, it turns out that what we get from vstorage isn't actually an Amount. The brand field contains stringified captp representations. We can compare them for equality, but they're not the brands that AmountMath recognizes.
| } | ||
| }; | ||
|
|
||
| test.serial('add assets before', async t => { |
There was a problem hiding this comment.
are these meant to run in sequence? test.serial just means not in parallel and the order is technically undefined.
if they're in sequence, just put them all into a single test. You can use t.log to show progress
|
|
||
| export default async (homeP, endowments) => { | ||
| const { writeCoreProposal } = await makeHelpers(homeP, endowments); | ||
| await writeCoreProposal('add-STARS-collateral', starsVaultProposalBuilder); |
There was a problem hiding this comment.
doesn't this belong under scripts/inter-protocol like the other add-STARS.js? Please distinguish between them by filename and perhaps a @file comment
There was a problem hiding this comment.
Thinking about moving them there (good idea!) made it clearer that these two are for testing, and shouldn't be confused with the production scripts. Is it enough to put them under a testing directory and add a top-comment?
I also renamed them from STARS since the re-use of an actual currency name is of no value.
| // the contract, so it technically can change between incarnations. | ||
| // That would be a severe bug. | ||
| AmountMath.coerce(poolBrand, params.getPerAccountInitialAmount()); | ||
| void observeNotifier(E(exchangePurse).getCurrentAmountNotifier(), { |
There was a problem hiding this comment.
this is part of a commit titled refactor: but it's changing behavior. It's adding a new feature for upgrade durability so it's a feat:. Though it would have made review easier if the refactor changes were separated.
There was a problem hiding this comment.
fixed. I'll try to make better separations.
There was a problem hiding this comment.
https://github.com/tummychow/git-absorb helps me. E.g. when you had the your review changes, if you ran git add . && git absorb it would make fixups on the previous. That way master doesn't have the iterations of code review.
Chris-Hibbert
force-pushed
the
8722-provPoolResub
branch
from
d665a40
to
04d67a3
Compare
| // the contract, so it technically can change between incarnations. | ||
| // That would be a severe bug. | ||
| AmountMath.coerce(poolBrand, params.getPerAccountInitialAmount()); | ||
| void observeNotifier(E(exchangePurse).getCurrentAmountNotifier(), { |
There was a problem hiding this comment.
https://github.com/tummychow/git-absorb helps me. E.g. when you had the your review changes, if you ran git add . && git absorb it would make fixups on the previous. That way master doesn't have the iterations of code review.
|
|
||
| /** | ||
| * @file | ||
| * *** TESTING ONLY *** NOT FOR PRODUCTION USE *** |
There was a problem hiding this comment.
+1 to scripts/testing. Perhaps even scripts/a3p. There might be some other scripts that belong here but nbd.
That said, I think this line is too scary. There's practically zero risk that somebody is going to find scripts/testing/add-LEMON.js and shepherd it into production.
| * *** TESTING ONLY *** NOT FOR PRODUCTION USE *** |
There was a problem hiding this comment.
Yeah, okay. I added the scary line before I renamed them. It's unneeded now.
| const FIRST_CAP_ASCII = /^[A-Z][a-zA-Z0-9_$]*$/; | ||
| const FIRST_LOWER_ASCII = /^[a-z][a-zA-Z0-9_$]*$/; |
There was a problem hiding this comment.
these are more restricted than ASCII. consider,
| const FIRST_CAP_ASCII = /^[A-Z][a-zA-Z0-9_$]*$/; | |
| const FIRST_LOWER_ASCII = /^[a-z][a-zA-Z0-9_$]*$/; | |
| const FIRST_CAP_KEYWORD = /^[A-Z]/; | |
| const FIRST_LOWER_KEYWORD = /^[a-z]/; |
There was a problem hiding this comment.
I'm changing the names to FIRST_UPPER_KEYWORD and FIRST_LOWER_NEAR_KEYWORD, but keeping the patterns the same. If it's not a keyword pattern, I'd rather take the else fallback.
Chris-Hibbert
added
the
automerge:rebase
repair kyyword names for some issuers convert from console.log() to trace()
Chris-Hibbert
force-pushed
the
8722-provPoolResub
branch
from
87566b6
to
997d72c
Compare
There was a problem hiding this comment.
Why is this test being removed?
closes: #9553 ## Description Restores tests deleted in #9481 and fixes a bug in localchain introduced since ### Security Considerations None ### Scaling Considerations None ### Documentation Considerations None ### Testing Considerations Restoring integration tests ### Upgrade Considerations Needed for upgrade 16
closes: #9553 ## Description Restores tests deleted in #9481 and fixes a bug in localchain introduced since ### Security Considerations None ### Scaling Considerations None ### Documentation Considerations None ### Testing Considerations Restoring integration tests ### Upgrade Considerations Needed for upgrade 16
fixes: #8722
fixes: #8724
fixes: #8238
Description
Upgrade provisionPool so its notifiers are robust to upgrades.
Security Considerations
This is about soundness of the chain and its services.
Scaling Considerations
N/A
Documentation Considerations
No change to functionality.
Testing Considerations
Includes a test in
a3p-integrationthat demonstrates that provisionPool will survive its own or vat-bank's upgrade.Upgrade Considerations
See above.