mulit: remove voting public key from config and check fee public key on start up #422
Conversation
|
Hmm. rpc tests are a little more than I bargained for. It's on my todo list... I will test a little more manually. |
JoeGruffins
force-pushed
the
checkpubs
branch
3 times, most recently
from
2c90725 to
da980ec
Compare
|
Ok. The coldwalletextpub is checked to not belong to the voting wallets. The votingwalletextpub is found automatically. votingwalletextpub is deprecated and there is a warning if set. It has been removed from the readme and a warning is in the config file. |
JoeGruffins
changed the title
|
I'm not sure that this travis build error is my fault. Google says I can close and reopen the issue to trigger a rebuild. Trying. |
I didnt know you could trigger a rebuild like that. Alternatively you can just log into travis with your github ID and it should allow you to press a button which rebuilds. Not sure if you need any repo permissions to do that though... |
I just do what google tells me to do. I should start a new religion. Would you too like to become a Goober? |
|
Should this increment the api version major, since it is a breaking change? |
Yes please. |
|
The latest changes look good, just the API version to increment and one outstanding comment from me. Needs to be rebased also, some conflicts have popped up. |
|
Rebased and breaking this pr into its parts. The final check will also be broken into two methods. |
JoeGruffins
changed the title
JoeGruffins
force-pushed
the
checkpubs
branch
2 times, most recently
from
1edecf6 to
8e2d812
Compare
|
@jholdstock what do you think? |
JoeGruffins
force-pushed
the
checkpubs
branch
3 times, most recently
from
d57e816 to
55b3d77
Compare
|
@chappjc thank you for the review and sorry about the basic formatting mistakes. They won't happen again. |
JoeGruffins
changed the title
|
Oh, no worries. It's small stuff. |
JoeGruffins
force-pushed
the
checkpubs
branch
3 times, most recently
from
9aae095 to
1748d12
Compare
There was a problem hiding this comment.
Two more minor things noted. Otherwise I am happy with this. @chappjc are you satisfied all of your points were addressed?
|
Will rebase after release. |
| // error if pubkeys for the "default" account are not the same accross all | ||
| // stakepoold wallets or any gRPC commands fail. | ||
| func (s *StakepooldManager) DefaultAccountPubKey() (string, error) { | ||
| var pubkey string |
There was a problem hiding this comment.
Could rename to validDefaultAccountPubKey to signify that
- the pubkey of interest is for the default account (should be obvious but could become confusing if my previous suggestion is applied)
- the value stored here at the end of the day ought to be the same for all stakepoold instances (hence the
validprefix)
Could probably just use named return variables as well.
There was a problem hiding this comment.
jholdstock isn't a fan of naked returns.
There was a problem hiding this comment.
Could just rename the variable then
There was a problem hiding this comment.
Named return variables (as suggested by itswisdomagain) are fine. I actually kind of wish naming return values was enforced and not optional.
It's just naked returns which are icky.
There was a problem hiding this comment.
I was thinking of it as a package deal, but you mean naming them, and then placing their names in the return I guess. Never even thought about that.
@itswisdomagain sorry, my naked comments on your pr are in the wrong place.
| } | ||
| for _, v := range resp.MasterPubKeys { | ||
| if fn(v.Account, v.PubKey) { | ||
| return true, nil |
There was a problem hiding this comment.
This return statement in this loop implies that the grpc request may likely not be made to ALL stakepoold instances. Not sure if this was intended, PR description says After stakepools are confirmed running, loop through them sending a grpc request to perform rpc requests on their respective dcrd to get maps of master pubkeys to account; which I read to mean perform the grpc request on ALL stakepoold instances.
It's also important to check all instances to confirm/verify that the wallets on each backend server were all restored from the same seed; i.e. checking that the master pub key is the same across all the backend server wallets.
There was a problem hiding this comment.
The first true is sufficient for what I use it for. Return true if a default xpub is different and return true if xpub is found. Once a true if found there is no need to continue, and if no trues then all accounts on all wallets have been iterated.
It is checking that the master pub key for the default account is the same across all servers.
There was a problem hiding this comment.
I wrote it like this to avoid iterating the map twice. Perhaps the complexity is not worth it?
There was a problem hiding this comment.
Don't really quite get you. What I mean to confirm is this:
Does this code retrieve the voting wallet xpub key from ALL stakepoold instances and confirm that the xpub key is the same across ALL stakepoold instances?
There was a problem hiding this comment.
Yes.
It should. Does it not? 😬
|
|
||
| // WalletsHavePubKey sends gRPC commands to all stakepoold and returns whether | ||
| // pubkey exists on any wallets. Returns an error if any gRPC commands fail. | ||
| func (s *StakepooldManager) WalletsHavePubKey(pubkey string) (bool, error) { |
There was a problem hiding this comment.
I see that this is only used to confirm that the coldwalletextpub does not belong to the voting wallets. I think this check can be done at the same time as the master pub key for the default account is read to prevent performing the stakepoold WalletMasterPubKeys grpc request more than once.
1 idea is to invoke that grpc method once for ALL instances, ensuring that all the stakepoold instances return the same result (equal number of account-key pairs, with the same key value for each account on each backend server). Then the vetted account-key map is parsed to retrieve the default account pub key and also checked to ensure it does not contain the coldwalletextpub.
There was a problem hiding this comment.
I would rather keep the functions separate, for easier testing and such, but you are right that we only need to call the grpc once. Because this operation only ever happens on start-up, I didn't think it was necessary, but we could cache the results, or use a clever closure scheme.
There was a problem hiding this comment.
If it's all the same, I've already had numerous reviews on this pr, and it's working ok. Unless you think the gRPC commands will need to change, I'd rather further changes be made in another pr. That alright @itswisdomagain ?
There was a problem hiding this comment.
Sure, haven't tested myself but if others have tested and it works ok, further changes can be made in a subsequent PR.
- set votingWalletVoteKey - check that coldwalletextpub does not belong to the pool
JoeGruffins
force-pushed
the
checkpubs
branch
from
144fdeb to
1e6210f
Compare
| @@ -33,8 +33,8 @@ const ( | |||
| // collection cycle to also trigger a timeout but the current allocation | |||
| // pattern of stakepoold is not known to cause such conditions at this time. | |||
| GRPCCommandTimeout = time.Millisecond * 100 | |||
| semverString = "8.0.0" | |||
| semverMajor = 8 | |||
| semverString = "9.0.0" | |||
There was a problem hiding this comment.
Needs to be updated to 9.1.0. We incremented to 9.0.0 in #526, and this PR adds a new method without breaking backwards compatability.
|
I think I will close this because I think this change will ultimately become pointless. It's not worth the time to rebase and review. |
After stakepools are confirmed running, loop through them sending a grpc request to perform rpc requests on their respective dcrd to get maps of master pubkeys to account. found pairs are printed and then the user defined key values are compared to the found keys. The voting key must be found to continue, the fee key must not be found.
Still want to write some tests for the grpc and rpc methods.
closes #407