💥 Proposal
Our partially verified transactions cache is not protected from the following hypothetical scenario:
- Initiate
check_transaction and create the cache_key
- A dynamically imported
Stack gets upgraded, used within check_transaction, and then reverted
- At the end of
check_transaction, partially_verified_transactions gets populated with a stale cache_key.
If the revert happens due to a non-deterministic issue such as hardware failure, I posit that it is unlikely to hit a quorum of validators at the same time.
If the revert happens due to a deterministic issue, I posit that a quorum of validators will halt - as all they can do is rerun atomic_speculate on the same state, and manual intervention + restarts will be required.
So therefore this is low priority at the moment. Some possible solutions are:
- Add a
Notify mechanism in check_transaction which can prevent partially_verified_transactions to be populated if Stacks are reverted
- Add a block height to
partially_verified_transactions entries, so in the case of any revert we will never again use entries at that block height or lower
- Enable
check_transaction to track an immutable map of Stacks
💥 Proposal
Our partially verified transactions cache is not protected from the following hypothetical scenario:
check_transactionand create thecache_keyStackgets upgraded, used withincheck_transaction, and then revertedcheck_transaction,partially_verified_transactionsgets populated with a stalecache_key.If the revert happens due to a non-deterministic issue such as hardware failure, I posit that it is unlikely to hit a quorum of validators at the same time.
If the revert happens due to a deterministic issue, I posit that a quorum of validators will halt - as all they can do is rerun
atomic_speculateon the same state, and manual intervention + restarts will be required.So therefore this is low priority at the moment. Some possible solutions are:
Notifymechanism incheck_transactionwhich can preventpartially_verified_transactionsto be populated if Stacks are revertedpartially_verified_transactionsentries, so in the case of any revert we will never again use entries at that block height or lowercheck_transactionto track an immutable map of Stacks