introduce nocache and ristretto-based cache #1173 (#1174)

Signed-off-by: Angelo De Caro <adc@zurich.ibm.com>

Author: adecaro

go.mod

@@ -9,6 +9,7 @@ require (
 	github.com/IBM/idemix v0.0.2-0.20250313153527-832db18b9478
 	github.com/IBM/idemix/bccsp/types v0.0.0-20250313153527-832db18b9478
 	github.com/IBM/mathlib v0.0.3-0.20241219051532-81539b287cf5
+	github.com/dgraph-io/ristretto/v2 v2.2.0
 	github.com/gin-gonic/gin v1.10.0
 	github.com/gobuffalo/packr/v2 v2.7.1
 	github.com/hashicorp/go-uuid v1.0.3
@@ -34,6 +35,7 @@ require (
 	go.uber.org/dig v1.18.0
 	go.uber.org/zap v1.27.0
 	golang.org/x/crypto v0.38.0
+	golang.org/x/sync v0.14.0
 	google.golang.org/protobuf v1.36.6
 	gopkg.in/yaml.v2 v2.4.0
 	modernc.org/sqlite v1.33.1
@@ -274,7 +276,6 @@ require (
 	golang.org/x/mod v0.24.0 // indirect
 	golang.org/x/net v0.40.0 // indirect
 	golang.org/x/oauth2 v0.27.0 // indirect
-	golang.org/x/sync v0.14.0 // indirect
 	golang.org/x/sys v0.33.0 // indirect
 	golang.org/x/text v0.25.0 // indirect
 	golang.org/x/time v0.8.0 // indirect

go.sum

@@ -761,6 +761,10 @@ github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5il
 github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg=
 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
+github.com/dgraph-io/ristretto/v2 v2.2.0 h1:bkY3XzJcXoMuELV8F+vS8kzNgicwQFAaGINAEJdWGOM=
+github.com/dgraph-io/ristretto/v2 v2.2.0/go.mod h1:RZrm63UmcBAaYWC1DotLYBmTvgkrs0+XhBd7Npn7/zI=
+github.com/dgryski/go-farm v0.0.0-20240924180020-3414d57e47da h1:aIftn67I1fkbMa512G+w+Pxci9hJPB8oMnkcP3iZF38=
+github.com/dgryski/go-farm v0.0.0-20240924180020-3414d57e47da/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
 github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
 github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
 github.com/docker/docker v27.2.0+incompatible h1:Rk9nIVdfH3+Vz4cyI/uhbINhEZ/oLmc+CBXmH6fbNk4=

token/services/db/sql/common/identity.go

@@ -25,6 +25,7 @@ import (
 	tdriver "github.com/hyperledger-labs/fabric-token-sdk/token/driver"
 	"github.com/hyperledger-labs/fabric-token-sdk/token/services/db/driver"
 	driver3 "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/driver"
+	cache2 "github.com/hyperledger-labs/fabric-token-sdk/token/services/utils/cache"
 	"github.com/pkg/errors"
 )
 
@@ -73,6 +74,17 @@ func NewCachedIdentityStore(readDB, writeDB *sql.DB, tables TableNames, ci commo
 	)
 }
 
+func NewNoCacheIdentityStore(readDB, writeDB *sql.DB, tables TableNames, ci common3.CondInterpreter) (*IdentityStore, error) {
+	return NewIdentityStore(
+		readDB,
+		writeDB,
+		tables,
+		cache2.NewNoCache[bool](),
+		cache2.NewNoCache[[]byte](),
+		ci,
+	)
+}
+
 func NewIdentityStore(readDB, writeDB *sql.DB, tables TableNames, signerInfoCache cache[bool], auditInfoCache cache[[]byte], ci common3.CondInterpreter) (*IdentityStore, error) {
 	return newIdentityStore(
 		readDB,

token/services/identity/provider.go

@@ -10,8 +10,8 @@ import (
 	"context"
 	"runtime/debug"
 	"slices"
-	"sync"
 
+	"github.com/hyperledger-labs/fabric-smart-client/platform/common/utils/cache/secondcache"
 	"github.com/hyperledger-labs/fabric-token-sdk/token/driver"
 	idriver "github.com/hyperledger-labs/fabric-token-sdk/token/services/identity/driver"
 	"github.com/hyperledger-labs/fabric-token-sdk/token/services/logging"
@@ -46,6 +46,11 @@ type storage interface {
 	StoreIdentityData(ctx context.Context, id []byte, identityAudit []byte, tokenMetadata []byte, tokenMetadataAudit []byte) error
 }
 
+type cache[T any] interface {
+	Get(key string) (T, bool)
+	Add(key string, value T)
+}
+
 // Provider implements the driver.IdentityProvider interface.
 // Provider handles the long-term identities on top of which wallets are defined.
 type Provider struct {
@@ -55,8 +60,7 @@ type Provider struct {
 	Storage    storage
 
 	enrollmentIDUnmarshaler enrollmentIDUnmarshaler
-	isMeCacheLock           sync.RWMutex
-	isMeCache               map[string]bool
+	isMeCache               cache[bool]
 }
 
 // NewProvider creates a new identity provider implementing the driver.IdentityProvider interface.
@@ -74,7 +78,7 @@ func NewProvider(
 		SigService:              sigService,
 		Binder:                  binder,
 		enrollmentIDUnmarshaler: enrollmentIDUnmarshaler,
-		isMeCache:               make(map[string]bool),
+		isMeCache:               secondcache.NewTyped[bool](1000),
 	}
 }
 
@@ -96,9 +100,7 @@ func (p *Provider) RegisterRecipientData(ctx context.Context, data *driver.Recip
 
 func (p *Provider) RegisterSigner(ctx context.Context, identity driver.Identity, signer driver.Signer, verifier driver.Verifier, signerInfo []byte) error {
 	defer func() {
-		p.isMeCacheLock.Lock()
-		p.isMeCache[identity.String()] = true
-		p.isMeCacheLock.Unlock()
+		p.isMeCache.Add(identity.UniqueID(), true)
 	}()
 	return p.SigService.RegisterSigner(ctx, identity, signer, verifier, signerInfo)
 }
@@ -109,29 +111,22 @@ func (p *Provider) AreMe(ctx context.Context, identities ...driver.Identity) []s
 	result := make([]string, 0)
 	notFound := make([]driver.Identity, 0)
 
-	p.isMeCacheLock.RLock()
 	for _, id := range identities {
-		if isMe, ok := p.isMeCache[id.UniqueID()]; !ok {
+		uniqueID := id.UniqueID()
+		if isMe, ok := p.isMeCache.Get(uniqueID); !ok {
 			notFound = append(notFound, id)
 		} else if isMe {
-			result = append(result, id.UniqueID())
+			result = append(result, uniqueID)
 		}
 	}
 	if len(notFound) == 0 {
-		defer p.isMeCacheLock.RUnlock()
 		return result
 	}
-	p.isMeCacheLock.RUnlock()
-
-	p.isMeCacheLock.Lock()
-
-	// TODO: Look up cache under write lock
-
-	defer p.isMeCacheLock.Unlock()
 
 	found := p.SigService.AreMe(ctx, notFound...)
 	for _, id := range notFound {
-		p.isMeCache[id.UniqueID()] = slices.Contains(found, id.UniqueID())
+		uniqueID := id.UniqueID()
+		p.isMeCache.Add(uniqueID, slices.Contains(found, uniqueID))
 	}
 	return append(result, found...)
 }
@@ -142,18 +137,14 @@ func (p *Provider) IsMe(ctx context.Context, identity driver.Identity) bool {
 
 func (p *Provider) RegisterRecipientIdentity(id driver.Identity) error {
 	p.Logger.Debugf("Registering identity [%s]", id)
-	p.isMeCacheLock.Lock()
-	p.isMeCache[id.String()] = false
-	p.isMeCacheLock.Unlock()
+	p.isMeCache.Add(id.UniqueID(), false)
 	return nil
 }
 
 func (p *Provider) GetSigner(ctx context.Context, identity driver.Identity) (driver.Signer, error) {
 	found := false
 	defer func() {
-		p.isMeCacheLock.Lock()
-		p.isMeCache[identity.String()] = found
-		p.isMeCacheLock.Unlock()
+		p.isMeCache.Add(identity.UniqueID(), found)
 	}()
 	signer, err := p.SigService.GetSigner(ctx, identity)
 	if err != nil {

token/services/network/common/finality.go

@@ -70,7 +70,7 @@ func (t *FinalityListener) runOnStatus(ctx context.Context, txID string, status
 		txStatus = driver.Confirmed
 		t.logger.DebugfContext(ctx, "get token request for [%s]", txID)
 
-		tr := t.tokens.GetCachedTokenRequest(txID)
+		tr, msgToSign := t.tokens.GetCachedTokenRequest(txID)
 		if tr == nil {
 			// load it
 			tokenRequestRaw, err := t.ttxDB.GetTokenRequest(ctx, txID)
@@ -87,9 +87,13 @@ func (t *FinalityListener) runOnStatus(ctx context.Context, txID string, status
 			if err != nil {
 				return fmt.Errorf("failed retrieving token request [%s]: [%w]", txID, err)
 			}
+			msgToSign, err = tr.MarshalToSign()
+			if err != nil {
+				return fmt.Errorf("failed retrieving token request [%s]: [%w]", txID, err)
+			}
 		}
 		t.logger.DebugfContext(ctx, "Check token request")
-		if err := t.checkTokenRequest(txID, tr, tokenRequestHash); err != nil {
+		if err := t.checkTokenRequest(txID, msgToSign, tokenRequestHash); err != nil {
 			t.logger.ErrorfContext(ctx, "tx [%s], %s", txID, err)
 			txStatus = driver.Deleted
 			message = err.Error()
@@ -113,11 +117,7 @@ func (t *FinalityListener) runOnStatus(ctx context.Context, txID string, status
 	return nil
 }
 
-func (t *FinalityListener) checkTokenRequest(txID string, request *token.Request, reference []byte) error {
-	trToSign, err := request.MarshalToSign()
-	if err != nil {
-		return errors.Errorf("can't get request hash '%s'", txID)
-	}
+func (t *FinalityListener) checkTokenRequest(txID string, trToSign []byte, reference []byte) error {
 	if base64.StdEncoding.EncodeToString(reference) != hash.Hashable(trToSign).String() {
 		t.logger.Errorf("tx [%s], tr hashes [%s][%s]", txID, base64.StdEncoding.EncodeToString(reference), hash.Hashable(trToSign))
 		// no further processing of the tokens of these transactions

token/services/tokens/tokens.go

@@ -46,9 +46,10 @@ type Cache interface {
 }
 
 type CacheEntry struct {
-	Request  *token.Request
-	ToSpend  []*token2.ID
-	ToAppend []TokenToAppend
+	Request   *token.Request
+	ToSpend   []*token2.ID
+	ToAppend  []TokenToAppend
+	MsgToSign []byte
 }
 
 // Service is the interface for the token service
@@ -147,20 +148,25 @@ func (t *Service) CacheRequest(ctx context.Context, tmsID token.TMSID, request *
 	}
 	logger.DebugfContext(ctx, "cache request [%s]", request.ID())
 	// append to cache
+	msgToSign, err := request.MarshalToSign()
+	if err != nil {
+		return errors.WithMessagef(err, "failed to marshal token request [%s]", request.ID())
+	}
 	t.RequestsCache.Add(string(request.Anchor), &CacheEntry{
-		Request:  request,
-		ToSpend:  toSpend,
-		ToAppend: toAppend,
+		Request:   request,
+		ToSpend:   toSpend,
+		ToAppend:  toAppend,
+		MsgToSign: msgToSign,
 	})
 	return nil
 }
 
-func (t *Service) GetCachedTokenRequest(txID string) *token.Request {
+func (t *Service) GetCachedTokenRequest(txID string) (*token.Request, []byte) {
 	res, ok := t.RequestsCache.Get(txID)
 	if !ok {
-		return nil
+		return nil, nil
 	}
-	return res.Request
+	return res.Request, res.MsgToSign
 }
 
 // AppendTransaction appends the content of the passed transaction to the token db.

token/services/utils/cache/nocache.go

@@ -0,0 +1,35 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package cache
+
+import (
+	"github.com/hyperledger-labs/fabric-smart-client/platform/common/utils"
+)
+
+// NoCache implements a dummy cache that does nothing
+type NoCache[T any] struct {
+}
+
+// NewNoCache returns a new instance of NoCache
+func NewNoCache[T any]() *NoCache[T] {
+	return &NoCache[T]{}
+}
+
+func (n *NoCache[T]) Get(key string) (T, bool) {
+	return utils.Zero[T](), false
+}
+
+func (n *NoCache[T]) GetOrLoad(key string, loader func() (T, error)) (T, bool, error) {
+	v, err := loader()
+	return v, false, err
+}
+
+func (n *NoCache[T]) Add(key string, value T) {
+}
+
+func (n *NoCache[T]) Delete(key string) {
+}

token/services/utils/cache/nocache_test.go

@@ -0,0 +1,82 @@
+/*
+Copyright IBM Corp. All Rights Reserved.
+
+SPDX-License-Identifier: Apache-2.0
+*/
+
+package cache
+
+import (
+	"errors"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestNoCache_Get_Int(t *testing.T) {
+	cache := NewNoCache[int]()
+
+	val, found := cache.Get("pineapple")
+
+	require.False(t, found)
+	require.Equal(t, 0, val)
+}
+
+func TestNoCache_Get_String(t *testing.T) {
+	cache := NewNoCache[string]()
+
+	val, found := cache.Get("pineapple")
+
+	require.False(t, found)
+	require.Equal(t, "", val)
+}
+
+func TestNoCache_GetOrLoad_Success(t *testing.T) {
+	cache := NewNoCache[string]()
+
+	loader := func() (string, error) {
+		return "loaded", nil
+	}
+
+	val, found, err := cache.GetOrLoad("key", loader)
+
+	require.NoError(t, err)
+	require.False(t, found)
+	require.Equal(t, "loaded", val)
+}
+
+func TestNoCache_GetOrLoad_Error(t *testing.T) {
+	cache := NewNoCache[float64]()
+
+	expectedErr := errors.New("load failed")
+
+	loader := func() (float64, error) {
+		return 0.0, expectedErr
+	}
+
+	val, found, err := cache.GetOrLoad("key", loader)
+
+	require.ErrorIs(t, err, expectedErr)
+	require.False(t, found)
+	require.Equal(t, 0.0, val)
+}
+
+func TestNoCache_Add_DoesNothing(t *testing.T) {
+	cache := NewNoCache[bool]()
+
+	cache.Add("key", true)
+
+	val, found := cache.Get("key")
+	require.False(t, found)
+	require.Equal(t, false, val)
+}
+
+func TestNoCache_Delete_DoesNothing(t *testing.T) {
+	cache := NewNoCache[string]()
+
+	cache.Delete("key")
+
+	val, found := cache.Get("key")
+	require.False(t, found)
+	require.Equal(t, "", val)
+}