Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Post certifier service #144

Merged
merged 13 commits into from
Nov 10, 2023
Merged

Post certifier service #144

merged 13 commits into from
Nov 10, 2023

Conversation

poszu
Copy link
Collaborator

@poszu poszu commented Nov 2, 2023
edited
Loading

Closes #146

A certifier service that creates certificates for a node confirming it holds a valid POST proof.

The client (presumably the spacemesh node) submits a POST proof with its metadata to the certifier on /certify HTTP endpoint. The certifier validates the proof and, if valid - signs the nodeID and returns the signature. If the proof is invalid it returns a 403 status code.

The client can later use this certificate to register in a poet. The poet is supposed to know the certifier's public key and verify the signature over a node ID.

@poszu poszu force-pushed the post-certifier-service branch from dc9932b to e883bf0 Compare November 2, 2023 11:11
@poszu poszu changed the base branch from main to change-scrypt-params-in-config November 2, 2023 11:13
@codecov Codecov
Copy link

codecov bot commented Nov 2, 2023
edited
Loading

Codecov Report

Merging #144 (bdbae9e) into main (7d5b235) will decrease coverage by 0.42%.
The diff coverage is 54.34%.

@@            Coverage Diff             @@
##             main     #144      +/-   ##
==========================================
- Coverage   94.25%   93.84%   -0.42%     
==========================================
  Files          22       24       +2     
  Lines        2978     3004      +26     
==========================================
+ Hits         2807     2819      +12     
- Misses        171      185      +14
Files Coverage Δ
src/metadata.rs 100.00% <100.00%> (+1.49%) ⬆️
src/prove.rs 98.40% <100.00%> (+0.20%) ⬆️
src/verification.rs 96.70% <50.00%> (-0.16%) ⬇️
src/config.rs 82.35% <0.00%> (ø)
certifier/src/certifier.rs 73.33% <73.33%> (ø)
certifier/src/configuration.rs 0.00% <0.00%> (ø)

... and 1 file with indirect coverage changes

Base automatically changed from change-scrypt-params-in-config to main November 2, 2023 16:40
@poszu poszu self-assigned this Nov 3, 2023
@poszu poszu force-pushed the post-certifier-service branch from 9f9a32e to 58d4d17 Compare November 3, 2023 14:17
@poszu poszu changed the base branch from main to refactor-post-config November 3, 2023 14:17
Base automatically changed from refactor-post-config to main November 3, 2023 15:57
@poszu poszu marked this pull request as ready for review November 9, 2023 07:31
fasmat
fasmat approved these changes Nov 9, 2023
View reviewed changes
certifier/README.md
Comment on lines +37 to +46
init_cfg:
min_num_units: 4
max_num_units: 99999
labels_per_unit: 4294967296
scrypt:
n: 8192
r: 1
p: 1

metrics: "127.0.0.1:9090"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can this somehow be gamed by only init the minimum amount generating a proof of that to get a certificate and then keep initializing, i.e. the effort to get a certificate isn't dependent on the post size?

Would this lead to reasonable smeshers to always init the minimum for the certificate (unless they already have a proof for a bigger size)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It probably is OK though since the PoW is also the same difficulty independent of PoST size.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, one could initialize 4 units, create a POST proof, certify with it, and then keep initializing. It doesn't matter because we only want to confirm that a smesher spent significant resources and has a valid POST (at some point in time).

src/metadata.rs
pub challenge: [u8; 32],
pub num_units: u32,
pub labels_per_unit: u64,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this cause the value to also be dropped from the json file? We should check if that breaks the node internal initializer in the "supervised" setup.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It won't break because I removed labels_per_unit from the proof metadata structure. The initializer uses a different structure for the post metadata.

@poszu poszu merged commit 0495b2c into main Nov 10, 2023
14 of 16 checks passed
@poszu poszu deleted the post-certifier-service branch November 10, 2023 09:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fasmat fasmat fasmat approved these changes

Assignees

@poszu poszu

Labels
area/post feat/poet-register-with-certs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

implement certifier web service
2 participants
@poszu @fasmat