package tezos-protocol-plugin-015-PtLimaPt

  1. Overview
  2. Docs

Module Tezos_protocol_plugin_015_PtLimaPt.MempoolSource

Sourcetype error_classification = [
  1. | `Branch_delayed of Tezos_base.TzPervasives.tztrace
  2. | `Branch_refused of Tezos_base.TzPervasives.tztrace
  3. | `Refused of Tezos_base.TzPervasives.tztrace
  4. | `Outdated of Tezos_base.TzPervasives.tztrace
]
Sourcetype nanotez = Q.t
Sourceval nanotez_enc : nanotez Tezos_base.TzPervasives.Data_encoding.t
Sourceval manager_op_replacement_factor_enc : Q.t Tezos_base.TzPervasives.Data_encoding.t
Sourcetype config = {
  1. minimal_fees : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.t;
  2. minimal_nanotez_per_gas_unit : nanotez;
  3. minimal_nanotez_per_byte : nanotez;
  4. allow_script_failure : bool;
    (*

    If true, this makes post_filter_manager unconditionally return `Passed_postfilter filter_state, no matter the operation's success.

    *)
  5. clock_drift : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Period.t option;
  6. replace_by_fee_factor : Q.t;
    (*

    This field determines the amount of additional fees (given as a factor of the declared fees) a manager should add to an operation in order to (eventually) replace an existing (prechecked) one in the mempool. Note that other criteria, such as the gas ratio, are also taken into account to decide whether to accept the replacement or not.

    *)
  7. max_prechecked_manager_operations : int;
    (*

    Maximal number of prechecked operations to keep. The mempool only keeps the max_prechecked_manager_operations operations with the highest fee/gas and fee/size ratios.

    *)
}
Sourceval default_minimal_fees : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.tez
Sourceval default_minimal_nanotez_per_gas_unit : Q.t
Sourceval default_minimal_nanotez_per_byte : Q.t
Sourceval managers_quota : Tezos_protocol_environment_015_PtLimaPt.Updater.quota
Sourceval default_config : config
Sourceval config_encoding : config Tezos_base.TzPervasives.Data_encoding.t
Sourcetype manager_op =
  1. | Manager_op : 'kind Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Kind.manager Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.operation -> manager_op

An Alpha_context manager operation, packed so that the type is not parametrized by 'kind.

Sourcetype manager_op_info = {
  1. manager_op : manager_op;
    (*

    Used when we want to remove the operation with Validate.remove_manager_operation.

    *)
  2. fee : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.t;
  3. gas_limit : Tezos_protocol_015_PtLimaPt.Protocol.Fixed_point_repr.integral_tag Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.t;
    (*

    Both fee and gas_limit are used to determine whether a new operation from the same manager should replace this one.

    *)
  4. weight : Q.t;
    (*

    Used to update ops_prechecked and min_prechecked_op_weight in state when appropriate.

    *)
}

Information stored for each prechecked manager operation.

Note that this record does not include the operation hash because it is instead used as key in the map that stores this information in the state below.

Sourcetype manager_op_weight = {
  1. operation_hash : Tezos_base.TzPervasives.Operation_hash.t;
  2. weight : Q.t;
}
Sourceval mk_op_weight : Tezos_base.TzPervasives.Operation_hash.t -> manager_op_info -> manager_op_weight

Build a manager_op_weight from operation hash and manager_op_info.

Sourceval compare_manager_op_weight : manager_op_weight -> manager_op_weight -> int
Sourcemodule ManagerOpWeightSet : sig ... end
Sourcetype state_info = {
  1. head : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Block_header.shell_header;
  2. round_durations : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Round.round_durations;
  3. hard_gas_limit_per_block : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral;
  4. head_round : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Round.t;
  5. round_zero_duration : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Period.t;
  6. grandparent_level_start : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Timestamp.t;
}

Static information to store in the filter state.

Sourcetype ops_state = {
  1. prechecked_manager_op_count : int;
    (*

    Number of prechecked manager operations. Invariants:

    • prechecked_manager_op_count = Operation_hash.Map.cardinal prechecked_manager_ops = ManagerOpWeightSet.cardinal prechecked_op_weights
    • prechecked_manager_op_count <= max_prechecked_manager_operations
    *)
  2. prechecked_manager_ops : manager_op_info Tezos_base.TzPervasives.Operation_hash.Map.t;
    (*

    All prechecked manager operations. See manager_op_info.

    *)
  3. prechecked_op_weights : ManagerOpWeightSet.t;
    (*

    The manager_op_weight of all prechecked manager operations.

    *)
  4. min_prechecked_op_weight : manager_op_weight option;
    (*

    The prechecked operation in op_prechecked_managers, if any, with the minimal weight. Invariant:

    • min_prechecked_op_weight = min { x | x \in prechecked_op_weights }
    *)
}

State that tracks validated manager operations.

Sourcetype state = {
  1. state_info : state_info;
  2. ops_state : ops_state;
}
Sourceval empty_ops_state : ops_state
Sourceval init_state_prototzresult : head:Tezos_base.Block_header.shell_header -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Round.round_durations -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral -> (state, Tezos_protocol_environment_015_PtLimaPt.Error_monad.error Tezos_protocol_environment_015_PtLimaPt.Error_monad.trace) result Lwt.t
Sourceval init_state : head:Tezos_base.Block_header.shell_header -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Round.round_durations -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral -> state Tezos_base.TzPervasives.tzresult Lwt.t
Sourceval init : Tezos_protocol_environment_015_PtLimaPt.Context.t -> head:Tezos_base.Block_header.shell_header -> (state, Tezos_base.TzPervasives.tztrace) result Lwt.t
Sourceval manager_prio : 'a -> [> `Low of 'a ]
Sourceval consensus_prio : [> `High ]
Sourceval other_prio : [> `Medium ]
Sourceval get_manager_operation_gas_and_fee : 'a Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.contents_list -> (Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.tez * Tezos_raw_protocol_015_PtLimaPt__Fixed_point_repr.integral_tag Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.t, Tezos_protocol_environment_015_PtLimaPt.Error_monad.error Tezos_protocol_environment_015_PtLimaPt.Error_monad.trace) result
Sourcetype Tezos_protocol_015_PtLimaPt.Environment.Error_monad.error +=
  1. | Fees_too_low
Sourcetype Tezos_protocol_015_PtLimaPt.Environment.Error_monad.error +=
  1. | Manager_restriction of {
    1. oph : Tezos_base.TzPervasives.Operation_hash.t;
    2. fee : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.t;
    }
Sourcetype Tezos_protocol_015_PtLimaPt.Environment.Error_monad.error +=
  1. | Manager_operation_replaced of {
    1. old_hash : Tezos_base.TzPervasives.Operation_hash.t;
    2. new_hash : Tezos_base.TzPervasives.Operation_hash.t;
    }
Sourcetype Tezos_protocol_015_PtLimaPt.Environment.Error_monad.error +=
  1. | Fees_too_low_for_mempool of Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.t
Sourcetype Tezos_protocol_015_PtLimaPt.Environment.Error_monad.error +=
  1. | Removed_fees_too_low_for_mempool
Sourceval better_fees_and_ratio : config -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.tez -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.tez -> bool
Sourceval size_of_operation : Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Operation.packed_protocol_data -> int
Sourceval weight_and_resources_manager_operation : hard_gas_limit_per_block: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral -> ?size:int -> fee:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.tez -> gas:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Operation.packed_protocol_data -> Q.t * Q.t

Returns the weight and resources consumption of an operation. The weight corresponds to the one implemented by the baker, to decide which operations to put in a block first (the code is largely duplicated). See Tezos_baking_alpha.Operation_selection.weight_manager

Sourceval required_fee_manager_operation_weight : op_resources:Q.t -> min_weight:Q.t -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.t

Return fee for an operation that consumes op_resources for its weight to be strictly greater than min_weight.

Sourceval check_minimal_weight : config -> state -> fee:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Tez.tez -> gas_limit: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Gas.Arith.integral -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Operation.packed_protocol_data -> [> `Fail of [> `Branch_delayed of Tezos_base.TzPervasives.error list ] | `Weight_ok of [> `No_replace | `Replace of Tezos_base.TzPervasives.Operation_hash.t ] * Q.t list ]

Check if an operation as a weight (fees w.r.t gas and size) large enough to be prechecked and return said weight. In the case where the prechecked mempool is full, return an error if the weight is too small, or return the operation to be replaced otherwise.

Sourceval pre_filter_manager : 't. config -> state -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Operation.packed_protocol_data -> 't Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Kind.manager Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.contents_list -> [ `Branch_delayed of Tezos_base.TzPervasives.tztrace | `Branch_refused of Tezos_base.TzPervasives.tztrace | `Outdated of Tezos_base.TzPervasives.tztrace | `Passed_prefilter of Q.t list | `Refused of Tezos_base.TzPervasives.tztrace ]
Sourcetype Tezos_protocol_015_PtLimaPt.Environment.Error_monad.error +=
  1. | Wrong_operation
Sourcetype Tezos_protocol_015_PtLimaPt.Environment.Error_monad.error +=
  1. | Consensus_operation_in_far_future

consensus operation filtering

In Tenderbake, we increased a lot the number of consensus operations, therefore it seems necessary to be able to filter consensus operations that could be produced by a Byzantine baker mis-using its right to produce operations in future rounds or levels.

We consider the situation where the head is at level h_l, round h_r, and with timestamp h_ts, with the predecessor of the head being at round hp_r. We receive at a time now a consensus operation for level op_l and round op_r.

A consensus operation is considered too far in the future, and therefore filtered, if the earliest possible starting time of its round is greater than the current time plus a safety margin of config.clock_drift.

To consider potential level 2 reorgs, we first compute the expected timestamp of round zero at previous level hp0_ts,

All ops at level p_l and round r' such that time(r') is greater than (now + drift) are deemed too far in the future:

h_r op_ts now+drift (h_l,r') hp0_ts h_0 h_l | | | +----+-----+---------+-------------------+--+-----+--------------+----------- | | | | | | | | h_ts h_r end time | now | earliest expected | | | | time of round r' |<----op_r rounds duration -------->| | | |<--------------- operations kept ---->|<-rejected----------... | |<-----------operations considered by the filter -----------...

For an operation on a proposal at the next level, we consider the minimum starting time of the operation's round, obtained by assuming that the proposal at the next level was built on top of a proposal at round 0 for the current level, itself based on a proposal at round 0 of previous level. Operations on proposal with higher levels are treated similarly.

All ops at the next level and round r' such that timestamp(r') > now+drift are deemed too far in the future.

r=0 r=1 h_r now now+drift (h_l+1,r') hp0_ts h_0 h_l h_l | | | +----+---- |-------+----+---------+----------+----------+---------- | | | | | | t0 | h_ts earliest expected | | | | time of round r' |<--- | earliest| | | next level| | | |<---------------------------------->| round_offset(r')

Sourceval acceptable : drift:Tezos_raw_protocol_015_PtLimaPt__Alpha_context.Period.t -> op_earliest_ts:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Timestamp.t -> now_timestamp: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Timestamp.time -> (bool, Tezos_protocol_environment_015_PtLimaPt.Error_monad.error Tezos_protocol_environment_015_PtLimaPt.Error_monad.trace) result

At a given level a consensus operation is acceptable if its earliest expected timestamp, op_earliest_ts is below the current clock with an accepted drift for the clock given by a configuration.

Sourceval acceptable_op : config:config -> round_durations: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Round.round_durations -> round_zero_duration: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Period.t -> proposal_level:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Raw_level.t -> proposal_round:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Round.t -> proposal_timestamp: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Timestamp.t -> proposal_predecessor_level_start: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Timestamp.t -> op_level: Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Raw_level.raw_level -> op_round:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Round.t -> now_timestamp:Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Timestamp.t -> (bool, Tezos_protocol_environment_015_PtLimaPt.Error_monad.error Tezos_protocol_environment_015_PtLimaPt.Error_monad.trace) result

Check that an operation with the given op_round, at level op_level is likely to be correct, meaning it could have been produced before now (+ the safety margin from configuration).

Given an operation at level greater or equal than/to the current level, we compute the expected timestamp of the operation's round. If the operation is at a greater level, we assume that it is based on the proposal at round zero of the current level.

All operations whose (level, round) is lower than or equal to the current head are deemed valid. Note that in case where their is a high drift in the computer clock, they might not have been considered valid by comparing their expected timestamp to the clock.

This is a stricter than necessary filter as it will reject operations that could be valid in the current timeframe if the proposal they endorse is built over a predecessor of the current proposal that would be of lower round than the current one.

What can we do that would be smarter: get current head's predecessor round and timestamp to compute the timestamp t0 of a predecessor that would have been proposed at round 0.

Timestamp of round at current level for an alternative head that would be based on such proposal would be computed based on t0. For level higher than current head, compute the round's earliest timestamp if all proposal passed at round 0 starting from t0.

Sourceval pre_filter_far_future_consensus_ops : config -> filter_state:state -> Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.consensus_content -> bool Lwt.t
Sourceval pre_filter : config -> filter_state:state -> Tezos_protocol_015_PtLimaPt.Protocol.Main.operation -> [> `Branch_delayed of Tezos_base.TzPervasives.tztrace | `Branch_refused of Tezos_base.TzPervasives.error list | `Outdated of Tezos_base.TzPervasives.tztrace | `Passed_prefilter of [> `High | `Low of Q.t list | `Medium ] | `Refused of Tezos_base.TzPervasives.error list ] Lwt.t

A quasi infinite amount of "valid" (pre)endorsements could be sent by a committee member, one for each possible round number.

This filter rejects (pre)endorsements that refer to a round that could not have been reached within the time span between the last head's timestamp and the current local clock.

We add config.clock_drift time as a safety margin.

Sourceval remove_operation : ops_state -> Tezos_base.TzPervasives.Operation_hash.Map.key -> ops_state

Remove a manager operation hash from the ops_state. Do nothing if the operation was not in the state.

Sourceval remove : filter_state:state -> Tezos_base.TzPervasives.Operation_hash.Map.key -> state

Remove a manager operation hash from the ops_state. Do nothing if the operation was not in the state.

Sourceval add_manager_op : ops_state -> Tezos_base.TzPervasives.Operation_hash.Map.key -> manager_op_info -> [< `No_replace | `Replace of Tezos_base.TzPervasives.Operation_hash.Map.key * 'a ] -> ops_state

Add a manager operation hash and information to the filter state. Do nothing if the operation is already present in the state.

Sourceval add_manager_op_and_enforce_mempool_bound : config -> state -> Tezos_base.TzPervasives.Operation_hash.Map.key -> 'manager_kind Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.Kind.manager Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.operation -> (state * [ `No_replace | `Replace of Tezos_base.TzPervasives.Operation_hash.Map.key * [> `Branch_delayed of Tezos_base.TzPervasives.error list ] ], [> `Branch_delayed of Tezos_base.TzPervasives.error list | `Refused of Tezos_base.TzPervasives.error Tezos_base.TzPervasives.trace ]) result Lwt.t
Sourceval add_operation_and_enforce_mempool_bound : ?replace:Tezos_base.TzPervasives.Operation_hash.Map.key -> config -> state -> (Tezos_base.TzPervasives.Operation_hash.Map.key * Tezos_protocol_015_PtLimaPt.Protocol.Alpha_context.packed_operation) -> (state * [ `No_replace | `Replace of Tezos_base.TzPervasives.Operation_hash.Map.key * [> `Branch_delayed of Tezos_base.TzPervasives.error list ] ], [> `Branch_delayed of Tezos_base.TzPervasives.error list | `Refused of Tezos_base.TzPervasives.error Tezos_base.TzPervasives.trace ]) result Lwt.t

If the provided operation is a manager operation, add it to the filter_state. If the mempool is full, either return an error if the operation does not have enough weight to be included, or return the operation with minimal weight that gets removed to make room.

Do nothing on non-manager operations.

If replace is provided, then it is removed from filter_state before processing op. (If replace is a non-manager operation, this does nothing since it was never in filter_state to begin with.) Note that when this happens, the mempool can no longer be full after the operation has been removed, so this function always returns `No_replace.

This function is designed to be called by the shell each time a new operation has been validated by the protocol. It will be removed in the future once the shell is able to bound the number of operations in the mempool by itself.

Sourceval is_manager_operation : Tezos_raw_protocol_015_PtLimaPt__Alpha_context.packed_operation -> bool
Sourceval conflict_handler : config -> Tezos_protocol_015_PtLimaPt.Protocol.Mempool.conflict_handler

conflict_handler config returns a conflict handler for Mempool.add_operation (see Mempool.conflict_handler).

  • For non-manager operations, we select the greater operation according to Operation.compare.
  • A manager operation is replaced only when the new operation's fee and fee/gas ratio both exceed the old operation's by at least a factor of config.replace_by_fee_factor (see better_fees_and_ratio).

Precondition: both operations must be individually valid (because of the call to Operation.compare).

OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct