From 57cc8107443d696f6c47611cfe01c4b0e87aaccb Mon Sep 17 00:00:00 2001 From: Sergio Mena Date: Tue, 14 Dec 2021 11:52:57 +0100 Subject: [PATCH] Fixed 'bug' in Property 11. Reworked section 'App expectations from Tendermint' --- spec/abci++/abci++_properties_001_draft.md | 40 +++++++++++++++++++--- 1 file changed, 36 insertions(+), 4 deletions(-) diff --git a/spec/abci++/abci++_properties_001_draft.md b/spec/abci++/abci++_properties_001_draft.md index e9439ece6..bec4172a0 100644 --- a/spec/abci++/abci++_properties_001_draft.md +++ b/spec/abci++/abci++_properties_001_draft.md @@ -558,10 +558,10 @@ Additionally, $p$'s `FinalizeBlock` creates a set of transaction results $T_{p,h >(same for consensus params, and validator set) * Property 11 [`FinalizeBlock`, determinism-1]: For any correct process $p$, - the contents of $s_{p,h}$ exclusively depend on $s_{p,h}$ and $v_{p,h}$. + the contents of $s_{p,h}$ exclusively depend on $s_{p,h-1}$ and $v_{p,h}$. * Property 12 [`FinalizeBlock`, determinism-2]: For any correct process $p$, - the contents of $T_{p,h}$ exclusively depend on $s_{p,h}$ and $v_{p,h}$. + the contents of $T_{p,h}$ exclusively depend on $s_{p,h-1}$ and $v_{p,h}$. Note that Properties 11 and 12, combined with Agreement property of consensus ensure the Application state evolves consistently at all correct processes. @@ -579,7 +579,7 @@ Likewise, `ExtendVote` can also be non-deterministic: ### What the Application can expect from Tendermint -The following sections use these definitions: +The following section uses these definitions: * We define the _optimal case_ as a run in which (a) the system behaves synchronously, and (b) there are no Byzantine processes. The optimal case captures the conditions that hold most of the time, but not always. @@ -591,7 +591,39 @@ The following sections use these definitions: (b) it behaves synchronously after some time, denoted _GST_, which is unknown to the processes, and (c) there may be up to _f_ Byzantine processes. -#### `PrepareProposal` and `ProcessProposal`: expectations from the Application +#### `PrepareProposal`: Application's expectations + +Given a block height _h_, process _p_'s Tendermint calls `RequestPrepareProposal` under +the following conditions: + +* _p_'s Tendermint may decide at height _h_, without calling `RequestPrepareProposal`. + In the optimal case, this will happen often, as there will only be one proposer for height _h_ + (the one for round 0). +* _p_'s Tendermint may call `RequestPrepareProposal` with a block with no transactions, if + _ConsensusParams_ is configured to produce empty blocks when there are outstanding transactions. + If _ConsensusParams_ is configured to avoid empty blocks, any block passed with a call to + `RequestPrepareProposal` will contain at lesat one transaction. +* In the optimal case, _p_'s Tendermint will call `RequestPrepareProposal` at most once, + as there is only one round. +* In the suboptimal case, _p_'s Tendermint + * will not call `RequestPrepareProposal` for height _h_, if _p_ is neither the proposer + of round 0, nor round 1 + * will call `RequestPrepareProposal` once for height _h_, if _p_ is either the proposer + of round 0, or round 1 (but not both). + * will call `RequestPrepareProposal` twice for height _h_, in the unlikely case that + _p_ is the proposer of round 0, and round 1. +* In the general case, _p_'s Tendermint will potentially span many rounds. So, it will call + `RequestPrepareProposal` a number of times which is impossible to predict. Thus, the + Application will to return numerous _amended_ blocks via `ResponsePrepareProposal`. + + If the application is fully executing the blocks it returns via `ResponsePrepareProposal`, + it should be careful about its usage of resources (memory, disk, etc.) as the number + of `PrepareProposal` for a particular height is not bounded. + +If `PrepareProposal` is called more than once for a height _h_, the Application _is_ allowed +to return different blocks each time. + +#### `ProcessProposal`: Application's expectations Given a block height _h_, process _p_'s Tendermint calls `RequestProcessProposal` depending on the case: