1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
|
/**
* Copyright 2018 VMware
* Copyright 2018 Ted Yin
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef _HOTSTUFF_CONSENSUS_H
#define _HOTSTUFF_CONSENSUS_H
#include <cassert>
#include <set>
#include <unordered_map>
#include "hotstuff/promise.hpp"
#include "hotstuff/type.h"
#include "hotstuff/entity.h"
#include "hotstuff/crypto.h"
namespace hotstuff {
struct Proposal;
struct Vote;
struct Finality;
/** Abstraction for HotStuff protocol state machine (without network implementation). */
class HotStuffCore {
block_t b0; /** the genesis block */
/* === state variables === */
/** block containing the QC for the highest block having one */
std::pair<block_t, quorum_cert_bt> hqc; /**< highest QC */
block_t b_lock; /**< locked block */
block_t b_exec; /**< last executed block */
uint32_t vheight; /**< height of the block last voted for */
/* === auxilliary variables === */
privkey_bt priv_key; /**< private key for signing votes */
std::set<block_t, BlockHeightCmp> tails; /**< set of tail blocks */
ReplicaConfig config; /**< replica configuration */
/* === async event queues === */
std::unordered_map<block_t, promise_t> qc_waiting;
promise_t propose_waiting;
promise_t receive_proposal_waiting;
promise_t hqc_update_waiting;
/* == feature switches == */
/** always vote negatively, useful for some PaceMakers */
bool vote_disabled;
block_t get_delivered_blk(const uint256_t &blk_hash);
void sanity_check_delivered(const block_t &blk);
void update(const block_t &nblk);
void update_hqc(const block_t &_hqc, const quorum_cert_bt &qc);
void on_hqc_update();
void on_qc_finish(const block_t &blk);
void on_propose_(const Proposal &prop);
void on_receive_proposal_(const Proposal &prop);
protected:
ReplicaID id; /**< identity of the replica itself */
public:
BoxObj<EntityStorage> storage;
HotStuffCore(ReplicaID id, privkey_bt &&priv_key);
virtual ~HotStuffCore() {
b0->qc_ref = nullptr;
}
/* Inputs of the state machine triggered by external events, should called
* by the class user, with proper invariants. */
/** Call to initialize the protocol, should be called once before all other
* functions. */
void on_init(uint32_t nfaulty);
/* TODO: better name for "delivery" ? */
/** Call to inform the state machine that a block is ready to be handled.
* A block is only delivered if itself is fetched, the block for the
* contained qc is fetched and all parents are delivered. The user should
* always ensure this invariant. The invalid blocks will be dropped by this
* function.
* @return true if valid */
bool on_deliver_blk(const block_t &blk);
/** Call upon the delivery of a proposal message.
* The block mentioned in the message should be already delivered. */
void on_receive_proposal(const Proposal &prop);
/** Call upon the delivery of a vote message.
* The block mentioned in the message should be already delivered. */
void on_receive_vote(const Vote &vote);
/** Call to submit new commands to be decided (executed). "Parents" must
* contain at least one block, and the first block is the actual parent,
* while the others are uncles/aunts */
block_t on_propose(const std::vector<uint256_t> &cmds,
const std::vector<block_t> &parents,
bytearray_t &&extra = bytearray_t());
/* Functions required to construct concrete instances for abstract classes.
* */
/* Outputs of the state machine triggering external events. The virtual
* functions should be implemented by the user to specify the behavior upon
* the events. */
protected:
/** Called by HotStuffCore upon the decision being made for cmd. */
virtual void do_decide(Finality &&fin) = 0;
virtual void do_consensus(const block_t &blk) = 0;
/** Called by HotStuffCore upon broadcasting a new proposal.
* The user should send the proposal message to all replicas except for
* itself. */
virtual void do_broadcast_proposal(const Proposal &prop) = 0;
/** Called upon sending out a new vote to the next proposer. The user
* should send the vote message to a *good* proposer to have good liveness,
* while safety is always guaranteed by HotStuffCore. */
virtual void do_vote(ReplicaID last_proposer, const Vote &vote) = 0;
/* The user plugs in the detailed instances for those
* polymorphic data types. */
public:
/** Create a partial certificate that proves the vote for a block. */
virtual part_cert_bt create_part_cert(const PrivKey &priv_key, const uint256_t &blk_hash) = 0;
/** Create a partial certificate from its seralized form. */
virtual part_cert_bt parse_part_cert(DataStream &s) = 0;
/** Create a quorum certificate that proves 2f+1 votes for a block. */
virtual quorum_cert_bt create_quorum_cert(const uint256_t &blk_hash) = 0;
/** Create a quorum certificate from its serialized form. */
virtual quorum_cert_bt parse_quorum_cert(DataStream &s) = 0;
/** Create a command object from its serialized form. */
//virtual command_t parse_cmd(DataStream &s) = 0;
public:
/** Add a replica to the current configuration. This should only be called
* before running HotStuffCore protocol. */
void add_replica(ReplicaID rid, const NetAddr &addr, pubkey_bt &&pub_key);
/** Try to prune blocks lower than last committed height - staleness. */
void prune(uint32_t staleness);
/* PaceMaker can use these functions to monitor the core protocol state
* transition */
/** Get a promise resolved when the block gets a QC. */
promise_t async_qc_finish(const block_t &blk);
/** Get a promise resolved when a new block is proposed. */
promise_t async_wait_proposal();
/** Get a promise resolved when a new proposal is received. */
promise_t async_wait_receive_proposal();
/** Get a promise resolved when hqc is updated. */
promise_t async_hqc_update();
/* Other useful functions */
const block_t &get_genesis() { return b0; }
const block_t &get_hqc() { return hqc.first; }
const ReplicaConfig &get_config() { return config; }
ReplicaID get_id() const { return id; }
const std::set<block_t, BlockHeightCmp> get_tails() const { return tails; }
operator std::string () const;
void set_vote_disabled(bool f) { vote_disabled = f; }
};
/** Abstraction for proposal messages. */
struct Proposal: public Serializable {
ReplicaID proposer;
/** block being proposed */
block_t blk;
/** handle of the core object to allow polymorphism. The user should use
* a pointer to the object of the class derived from HotStuffCore */
HotStuffCore *hsc;
Proposal(): blk(nullptr), hsc(nullptr) {}
Proposal(ReplicaID proposer,
const block_t &blk,
HotStuffCore *hsc):
proposer(proposer),
blk(blk), hsc(hsc) {}
void serialize(DataStream &s) const override {
s << proposer
<< *blk;
}
void unserialize(DataStream &s) override {
assert(hsc != nullptr);
s >> proposer;
Block _blk;
_blk.unserialize(s, hsc);
blk = hsc->storage->add_blk(std::move(_blk), hsc->get_config());
}
operator std::string () const {
DataStream s;
s << "<proposal "
<< "rid=" << std::to_string(proposer) << " "
<< "blk=" << get_hex10(blk->get_hash()) << ">";
return std::move(s);
}
};
/** Abstraction for vote messages. */
struct Vote: public Serializable {
ReplicaID voter;
/** block being voted */
uint256_t blk_hash;
/** proof of validity for the vote */
part_cert_bt cert;
/** handle of the core object to allow polymorphism */
HotStuffCore *hsc;
Vote(): cert(nullptr), hsc(nullptr) {}
Vote(ReplicaID voter,
const uint256_t &blk_hash,
part_cert_bt &&cert,
HotStuffCore *hsc):
voter(voter),
blk_hash(blk_hash),
cert(std::move(cert)), hsc(hsc) {}
Vote(const Vote &other):
voter(other.voter),
blk_hash(other.blk_hash),
cert(other.cert ? other.cert->clone() : nullptr),
hsc(other.hsc) {}
Vote(Vote &&other) = default;
void serialize(DataStream &s) const override {
s << voter << blk_hash << *cert;
}
void unserialize(DataStream &s) override {
assert(hsc != nullptr);
s >> voter >> blk_hash;
cert = hsc->parse_part_cert(s);
}
bool verify() const {
assert(hsc != nullptr);
return cert->verify(hsc->get_config().get_pubkey(voter)) &&
cert->get_obj_hash() == blk_hash;
}
promise_t verify(VeriPool &vpool) const {
assert(hsc != nullptr);
return cert->verify(hsc->get_config().get_pubkey(voter), vpool).then([this](bool result) {
return result && cert->get_obj_hash() == blk_hash;
});
}
operator std::string () const {
DataStream s;
s << "<vote "
<< "rid=" << std::to_string(voter) << " "
<< "blk=" << get_hex10(blk_hash) << ">";
return std::move(s);
}
};
struct Finality: public Serializable {
ReplicaID rid;
int8_t decision;
uint32_t cmd_idx;
uint32_t cmd_height;
uint256_t cmd_hash;
uint256_t blk_hash;
public:
Finality() = default;
Finality(ReplicaID rid,
int8_t decision,
uint32_t cmd_idx,
uint32_t cmd_height,
uint256_t cmd_hash,
uint256_t blk_hash):
rid(rid), decision(decision),
cmd_idx(cmd_idx), cmd_height(cmd_height),
cmd_hash(cmd_hash),
|