flex-error: resolve conflicts with master (#945)

* Implement full-duplex secret connection (#938)

* Implement thread-safe cloning of a secret connection

Signed-off-by: Thane Thomson <[email protected]>

* Expand documentation for SecretConnection on threading considerations

Signed-off-by: Thane Thomson <[email protected]>

* Extract peer construction into its own method

Signed-off-by: Thane Thomson <[email protected]>

* Add test for cloned SecretConnection

This adds a `TcpStream`-based test for parallelizing operations on a
`SecretConnection`. I used `TcpStream` instead of the buffered reader in
the other tests because it wasn't feasible to implement the `TryClone`
trait for that buffered pipe implementation.

Signed-off-by: Thane Thomson <[email protected]>

* Add more messages to test

Signed-off-by: Thane Thomson <[email protected]>

* Expand comment for clarity

Signed-off-by: Thane Thomson <[email protected]>

* Add .changelog entry

Signed-off-by: Thane Thomson <[email protected]>

* Restore half-duplex operations

Signed-off-by: Thane Thomson <[email protected]>

* Extract encrypt/decrypt fns as independent methods

Signed-off-by: Thane Thomson <[email protected]>

* Remove unnecessary trait bounds

Signed-off-by: Thane Thomson <[email protected]>

* Extract send/receive state

Signed-off-by: Thane Thomson <[email protected]>

* Extract read/write functionality as standalone methods

Signed-off-by: Thane Thomson <[email protected]>

* Add logic to facilitate splitting SecretConnection into its sending and receiving halves

Signed-off-by: Thane Thomson <[email protected]>

* Restore split SecretConnection test using new semantics

Signed-off-by: Thane Thomson <[email protected]>

* Update changelog entry

Signed-off-by: Thane Thomson <[email protected]>

* Update docs for `SecretConnection`

Signed-off-by: Thane Thomson <[email protected]>

* Condense error reporting

Signed-off-by: Thane Thomson <[email protected]>

* Extract TryClone trait into its own crate

As per the discussion at
#938 (comment),
this extracts the `TryClone` trait into a new crate called
`tendermint-std-ext` in the `std-ext` directory.

This new crate is intended to contain any code that we need that extends
the Rust standard library.

Signed-off-by: Thane Thomson <[email protected]>

* Reorder imports

Signed-off-by: Thane Thomson <[email protected]>

* Assert validation regardless of debug build

This introduces the internal encryption assertions at runtime regardless
of build type. This may introduce a small performance hit, but it's
probably worth it to ensure correctness.

Effectively this is keeping an eye on the code in the
`encrypt_and_write` fn to ensure its correctness.

Signed-off-by: Thane Thomson <[email protected]>

* Remove remote_pubkey optionality from sender/receiver halves

Signed-off-by: Thane Thomson <[email protected]>

* Update SecretConnection docs with comment content

Signed-off-by: Thane Thomson <[email protected]>

* Fix doc link to TryClone trait

Signed-off-by: Thane Thomson <[email protected]>

* Fix doc link to TryClone trait

Signed-off-by: Thane Thomson <[email protected]>

* Add docs on SecretConnection failures and connection integrity

Signed-off-by: Thane Thomson <[email protected]>

* Synchronize sending/receiving failures to comply with crypto algorithm constraints

Signed-off-by: Thane Thomson <[email protected]>

* Rename try_split method to split for SecretConnection

Signed-off-by: Thane Thomson <[email protected]>

* Remove redundant field name prefixes

Signed-off-by: Thane Thomson <[email protected]>

* Fix broken link in docs

Signed-off-by: Thane Thomson <[email protected]>

* Fix recent clippy errors on `master` (#941)

* Fix needless borrows in codebase

Signed-off-by: Thane Thomson <[email protected]>

* Ignore needless collect warning (we do actually seem to need it)

Signed-off-by: Thane Thomson <[email protected]>

* Remove trailing semicolon in macro to fix docs compiling

Signed-off-by: Thane Thomson <[email protected]>

.changelog/unreleased/improvements/814-clonable-secret-conn.md

@@ -0,0 +1,4 @@
+- `[tendermint-p2p]` The `SecretConnection` can now be split into two halves to
+  facilitate full-duplex communication (must be facilitated by using each half
+  in a separate thread).
+  ([#938](https://github.com/informalsystems/tendermint-rs/pull/938))

Cargo.toml

@@ -8,6 +8,7 @@ members = [
     "pbt-gen",
     "proto",
     "rpc",
+    "std-ext",
     "tendermint",
     "test",
     "testgen"

light-client/src/components/verifier.rs

@@ -119,8 +119,8 @@ impl Verifier for ProdVerifier {
             &*self.voting_power_calculator,
             &*self.commit_validator,
             &*self.hasher,
-            &trusted,
-            &untrusted,
+            trusted,
+            untrusted,
             options,
             now,
         )

light-client/src/macros.rs

@@ -4,7 +4,7 @@
 #[macro_export]
 macro_rules! bail {
     ($kind:expr) => {
-        return Err($kind.into());
+        return Err($kind.into())
     };
 }
 

light-client/src/peer_list.rs

@@ -111,7 +111,7 @@ impl<T> PeerList<T> {
     /// - The given peer id must not be the primary peer id.
     /// - The given peer must be in the witness list
     #[pre(faulty_witness != self.primary && self.witnesses.contains(&faulty_witness))]
-    #[post(Self::invariant(&self))]
+    #[post(Self::invariant(self))]
     pub fn replace_faulty_witness(&mut self, faulty_witness: PeerId) -> Option<PeerId> {
         let mut result = None;
 
@@ -133,7 +133,7 @@ impl<T> PeerList<T> {
     ///
     /// ## Errors
     /// - If there are no witness left, returns `ErrorKind::NoWitnessLeft`.
-    #[post(ret.is_ok() ==> Self::invariant(&self))]
+    #[post(ret.is_ok() ==> Self::invariant(self))]
     pub fn replace_faulty_primary(
         &mut self,
         primary_error: Option<Error>,

light-client/src/predicates.rs

@@ -233,10 +233,10 @@ pub fn verify(
     vp.is_header_from_past(&untrusted.signed_header.header, options.clock_drift, now)?;
 
     // Ensure the header validator hashes match the given validators
-    vp.validator_sets_match(&untrusted, &*hasher)?;
+    vp.validator_sets_match(untrusted, &*hasher)?;
 
     // Ensure the header next validator hashes match the given next validators
-    vp.next_validators_match(&untrusted, &*hasher)?;
+    vp.next_validators_match(untrusted, &*hasher)?;
 
     // Ensure the header matches the commit
     vp.header_matches_commit(&untrusted.signed_header, hasher)?;
@@ -259,7 +259,7 @@ pub fn verify(
     if untrusted.height() == trusted_next_height {
         // If the untrusted block is the very next block after the trusted block,
         // check that their (next) validator sets hashes match.
-        vp.valid_next_validator_set(&untrusted, trusted)?;
+        vp.valid_next_validator_set(untrusted, trusted)?;
     } else {
         // Otherwise, ensure that the untrusted block has a greater height than
         // the trusted block.

light-client/src/store/memory.rs

@@ -81,6 +81,7 @@ impl LightStore for MemoryStore {
             .map(|(_, e)| e.light_block.clone())
     }
 
+    #[allow(clippy::needless_collect)]
     fn all(&self, status: Status) -> Box<dyn Iterator<Item = LightBlock>> {
         let light_blocks: Vec<_> = self
             .store

light-client/src/supervisor.rs

@@ -319,7 +319,7 @@ impl Supervisor {
             .collect();
 
         self.fork_detector
-            .detect_forks(verified_block, &trusted_block, witnesses)
+            .detect_forks(verified_block, trusted_block, witnesses)
     }
 
     /// Run the supervisor event loop in the same thread.

p2p/Cargo.toml

@@ -50,6 +50,7 @@ flex-error = { version = "0.4.1", default-features = false }
 # path dependencies
 tendermint = { path = "../tendermint", version = "0.21.0" }
 tendermint-proto = { path = "../proto", version = "0.21.0" }
+tendermint-std-ext = { path = "../std-ext", version = "0.21.0" }
 
 # optional dependencies
 prost-amino = { version = "0.6", optional = true }

p2p/src/error.rs

@@ -63,5 +63,15 @@ define_error! {
         SmallOutputBuffer
             | _ | { "output buffer is too small" },
 
+        TransportClone
+            { detail: String }
+            | e | { format_args!("failed to clone underlying transport: {}", e.detail) }
+
+    }
+}
+
+impl From<std::io::Error> for Error {
+    fn from(e: std::io::Error) -> Self {
+        Self::io(e)
     }
 }