fix(blockvalidation): surface metadata fetch error in ValidateBlock instead of assuming valid

[ordishs]

Closes #4581.

Summary

When validating an existing block, if blockchainClient.GetBlockHeader errors (transient DB outage, gRPC timeout), the code logged a warning and returned nil — treating the block as valid. A metadata-fetch failure tells us nothing about block validity. The node could then report invalid blocks as valid to peers and downstream services.

Fix

Return errors.NewServiceError(...) instead of nil. Matches what the revalidation branch a few lines below already does for the same situation. Caller can retry; transient failures are no longer mistaken for validity signals.

Test plan

• Regression test stubs GetBlockHeader to return an error; asserts a ServiceError is returned.
• go test -race ./services/blockvalidation/... passes.

[github-actions]

🤖 Claude Code Review

Status: Complete

---

Current Review:

No issues found. The fix correctly addresses a critical logic error where metadata fetch failures were incorrectly treated as validation success.

Key improvements:

• Properly surfaces GetBlockHeader errors instead of swallowing them as valid
• Maintains consistency with the revalidation branch error handling (line 1195)
• Adds appropriate regression test coverage with correct mock setup
• Uses ServiceError type, appropriate for transient failures that callers can retry

[sonarqubecloud]

Quality Gate failed

Failed conditions
C Reliability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

[github-actions]

Benchmark Comparison Report

Baseline: main (unknown)

Current: PR-778 (05d1c1e)

Summary

• Regressions: 0
• Improvements: 0
• Unchanged: 142
• Significance level: p < 0.05

All benchmark results (sec/op)

Benchmark	Baseline	Current	Change	p-value
_NewBlockFromBytes-4	1.661µ	1.841µ	~	0.100
SplitSyncedParentMap_SetIfNotExists/256_buckets-4	61.55n	61.43n	~	0.700
SplitSyncedParentMap_SetIfNotExists/16_buckets-4	61.39n	61.42n	~	1.000
SplitSyncedParentMap_SetIfNotExists/1_bucket-4	61.51n	61.47n	~	1.000
SplitSyncedParentMap_ConcurrentSetIfNotExists/256_buckets...	30.71n	30.95n	~	1.000
SplitSyncedParentMap_ConcurrentSetIfNotExists/16_buckets_...	52.51n	51.66n	~	0.700
SplitSyncedParentMap_ConcurrentSetIfNotExists/1_bucket_pa...	105.5n	106.1n	~	1.000
MiningCandidate_Stringify_Short-4	264.4n	264.6n	~	0.700
MiningCandidate_Stringify_Long-4	1.900µ	1.939µ	~	0.100
MiningSolution_Stringify-4	981.8n	983.5n	~	0.700
BlockInfo_MarshalJSON-4	1.753µ	1.741µ	~	0.100
NewFromBytes-4	129.4n	129.8n	~	0.200
Mine_EasyDifficulty-4	63.13µ	63.51µ	~	0.100
Mine_WithAddress-4	5.385µ	5.014µ	~	0.700
DirectSubtreeAdd/4_per_subtree-4	63.29n	62.60n	~	1.000
DirectSubtreeAdd/64_per_subtree-4	28.33n	28.86n	~	0.200
DirectSubtreeAdd/256_per_subtree-4	27.26n	27.35n	~	0.700
DirectSubtreeAdd/1024_per_subtree-4	26.30n	26.25n	~	1.000
DirectSubtreeAdd/2048_per_subtree-4	25.87n	25.94n	~	0.400
SubtreeProcessorAdd/4_per_subtree-4	316.9n	314.9n	~	0.100
SubtreeProcessorAdd/64_per_subtree-4	309.2n	319.1n	~	0.100
SubtreeProcessorAdd/256_per_subtree-4	320.7n	312.9n	~	0.100
SubtreeProcessorAdd/1024_per_subtree-4	317.0n	315.1n	~	0.400
SubtreeProcessorAdd/2048_per_subtree-4	313.6n	313.2n	~	0.700
SubtreeProcessorRotate/4_per_subtree-4	322.1n	316.8n	~	0.200
SubtreeProcessorRotate/64_per_subtree-4	315.1n	317.7n	~	0.800
SubtreeProcessorRotate/256_per_subtree-4	320.1n	318.7n	~	0.700
SubtreeProcessorRotate/1024_per_subtree-4	313.8n	308.2n	~	0.200
SubtreeNodeAddOnly/4_per_subtree-4	69.07n	67.16n	~	0.100
SubtreeNodeAddOnly/64_per_subtree-4	39.28n	39.30n	~	0.800
SubtreeNodeAddOnly/256_per_subtree-4	37.65n	38.18n	~	0.100
SubtreeNodeAddOnly/1024_per_subtree-4	37.03n	37.43n	~	0.100
SubtreeCreationOnly/4_per_subtree-4	163.4n	161.1n	~	0.400
SubtreeCreationOnly/64_per_subtree-4	647.5n	647.7n	~	0.700
SubtreeCreationOnly/256_per_subtree-4	2.073µ	2.049µ	~	0.700
SubtreeCreationOnly/1024_per_subtree-4	5.018µ	4.897µ	~	1.000
SubtreeCreationOnly/2048_per_subtree-4	8.375µ	7.866µ	~	0.700
SubtreeProcessorOverheadBreakdown/64_per_subtree-4	305.4n	310.8n	~	0.400
SubtreeProcessorOverheadBreakdown/1024_per_subtree-4	308.1n	310.5n	~	0.100
ParallelGetAndSetIfNotExists/1k_nodes-4	973.9µ	974.4µ	~	1.000
ParallelGetAndSetIfNotExists/10k_nodes-4	1.946m	1.948m	~	1.000
ParallelGetAndSetIfNotExists/50k_nodes-4	8.835m	8.800m	~	0.700
ParallelGetAndSetIfNotExists/100k_nodes-4	17.66m	17.58m	~	0.400
SequentialGetAndSetIfNotExists/1k_nodes-4	764.9µ	760.3µ	~	0.200
SequentialGetAndSetIfNotExists/10k_nodes-4	2.952m	3.047m	~	0.200
SequentialGetAndSetIfNotExists/50k_nodes-4	10.64m	11.07m	~	0.100
SequentialGetAndSetIfNotExists/100k_nodes-4	20.08m	21.21m	~	0.100
ProcessOwnBlockSubtreeNodesParallel/1k_nodes-4	1.046m	1.015m	~	0.400
ProcessOwnBlockSubtreeNodesParallel/10k_nodes-4	4.785m	4.942m	~	0.100
ProcessOwnBlockSubtreeNodesParallel/100k_nodes-4	19.17m	19.15m	~	1.000
ProcessOwnBlockSubtreeNodesSequential/1k_nodes-4	837.8µ	842.9µ	~	0.400
ProcessOwnBlockSubtreeNodesSequential/10k_nodes-4	6.133m	6.089m	~	0.700
ProcessOwnBlockSubtreeNodesSequential/100k_nodes-4	39.66m	40.06m	~	0.700
DiskTxMap_SetIfNotExists-4	3.488µ	3.549µ	~	0.700
DiskTxMap_SetIfNotExists_Parallel-4	3.358µ	3.395µ	~	0.700
DiskTxMap_ExistenceOnly-4	302.1n	303.6n	~	0.700
Queue-4	192.6n	196.4n	~	0.100
AtomicPointer-4	4.394n	4.468n	~	0.700
ReorgOptimizations/DedupFilterPipeline/Old/10K-4	853.2µ	864.3µ	~	0.700
ReorgOptimizations/DedupFilterPipeline/New/10K-4	823.6µ	856.5µ	~	0.100
ReorgOptimizations/AllMarkFalse/Old/10K-4	106.8µ	107.7µ	~	1.000
ReorgOptimizations/AllMarkFalse/New/10K-4	61.78µ	62.08µ	~	0.400
ReorgOptimizations/HashSlicePool/Old/10K-4	67.58µ	61.77µ	~	0.700
ReorgOptimizations/HashSlicePool/New/10K-4	11.84µ	11.41µ	~	0.400
ReorgOptimizations/NodeFlags/Old/10K-4	5.711µ	6.529µ	~	0.100
ReorgOptimizations/NodeFlags/New/10K-4	2.007µ	2.751µ	~	0.100
ReorgOptimizations/DedupFilterPipeline/Old/100K-4	10.15m	10.15m	~	0.700
ReorgOptimizations/DedupFilterPipeline/New/100K-4	9.830m	9.577m	~	0.100
ReorgOptimizations/AllMarkFalse/Old/100K-4	1.160m	1.171m	~	1.000
ReorgOptimizations/AllMarkFalse/New/100K-4	678.1µ	681.4µ	~	0.700
ReorgOptimizations/HashSlicePool/Old/100K-4	690.9µ	746.4µ	~	0.700
ReorgOptimizations/HashSlicePool/New/100K-4	287.4µ	290.2µ	~	1.000
ReorgOptimizations/NodeFlags/Old/100K-4	56.51µ	58.04µ	~	0.700
ReorgOptimizations/NodeFlags/New/100K-4	19.88µ	20.19µ	~	0.700
TxMapSetIfNotExists-4	51.10n	51.44n	~	0.100
TxMapSetIfNotExistsDuplicate-4	38.08n	37.85n	~	0.400
ChannelSendReceive-4	620.2n	602.5n	~	0.400
BlockAssembler_AddTx-4	0.02667n	0.02823n	~	0.100
AddNode-4	10.95	10.98	~	0.700
AddNodeWithMap-4	10.78	10.66	~	1.000
CalcBlockWork-4	474.4n	465.8n	~	0.700
CalculateWork-4	629.1n	623.8n	~	0.400
BuildBlockLocatorString_Helpers/Size_10-4	1.295µ	1.290µ	~	0.300
BuildBlockLocatorString_Helpers/Size_100-4	12.45µ	12.27µ	~	0.400
BuildBlockLocatorString_Helpers/Size_1000-4	122.8µ	122.9µ	~	0.700
CatchupWithHeaderCache-4	104.2m	104.2m	~	1.000
_BufferPoolAllocation/16KB-4	3.319µ	3.345µ	~	0.400
_BufferPoolAllocation/32KB-4	6.461µ	7.653µ	~	0.400
_BufferPoolAllocation/64KB-4	18.10µ	14.50µ	~	0.100
_BufferPoolAllocation/128KB-4	26.51µ	30.34µ	~	0.100
_BufferPoolAllocation/512KB-4	110.5µ	111.6µ	~	0.700
_BufferPoolConcurrent/32KB-4	16.67µ	19.55µ	~	0.100
_BufferPoolConcurrent/64KB-4	26.28µ	29.37µ	~	0.100
_BufferPoolConcurrent/512KB-4	139.8µ	136.8µ	~	0.400
_SubtreeDeserializationWithBufferSizes/16KB-4	636.2µ	611.2µ	~	0.100
_SubtreeDeserializationWithBufferSizes/32KB-4	651.6µ	610.3µ	~	0.100
_SubtreeDeserializationWithBufferSizes/64KB-4	655.1µ	604.6µ	~	0.100
_SubtreeDeserializationWithBufferSizes/128KB-4	651.0µ	611.7µ	~	0.100
_SubtreeDeserializationWithBufferSizes/512KB-4	660.3µ	625.5µ	~	0.100
_SubtreeDataDeserializationWithBufferSizes/16KB-4	34.85m	35.06m	~	0.700
_SubtreeDataDeserializationWithBufferSizes/32KB-4	34.88m	34.86m	~	1.000
_SubtreeDataDeserializationWithBufferSizes/64KB-4	34.81m	34.58m	~	0.100
_SubtreeDataDeserializationWithBufferSizes/128KB-4	34.92m	34.53m	~	0.100
_SubtreeDataDeserializationWithBufferSizes/512KB-4	34.75m	34.56m	~	0.700
_PooledVsNonPooled/Pooled-4	738.4n	735.8n	~	0.400
_PooledVsNonPooled/NonPooled-4	6.747µ	7.200µ	~	0.700
_MemoryFootprint/Current_512KB_32concurrent-4	6.662µ	6.710µ	~	0.700
_MemoryFootprint/Proposed_32KB_32concurrent-4	9.871µ	9.429µ	~	0.100
_MemoryFootprint/Alternative_64KB_32concurrent-4	9.162µ	9.033µ	~	0.700
_prepareTxsPerLevel-4	417.5m	423.0m	~	1.000
_prepareTxsPerLevelOrdered-4	3.778m	3.775m	~	1.000
_prepareTxsPerLevel_Comparison/Original-4	424.3m	431.7m	~	0.100
_prepareTxsPerLevel_Comparison/Optimized-4	3.727m	4.036m	~	0.200
SubtreeSizes/10k_tx_4_per_subtree-4	1.418m	1.411m	~	0.700
SubtreeSizes/10k_tx_16_per_subtree-4	328.3µ	332.5µ	~	1.000
SubtreeSizes/10k_tx_64_per_subtree-4	81.42µ	80.08µ	~	0.200
SubtreeSizes/10k_tx_256_per_subtree-4	20.60µ	20.44µ	~	0.400
SubtreeSizes/10k_tx_512_per_subtree-4	10.16µ	10.21µ	~	0.400
SubtreeSizes/10k_tx_1024_per_subtree-4	5.004µ	5.039µ	~	1.000
SubtreeSizes/10k_tx_2k_per_subtree-4	2.527µ	2.498µ	~	0.700
BlockSizeScaling/10k_tx_64_per_subtree-4	79.79µ	79.47µ	~	1.000
BlockSizeScaling/10k_tx_256_per_subtree-4	20.27µ	20.56µ	~	0.400
BlockSizeScaling/10k_tx_1024_per_subtree-4	5.037µ	5.006µ	~	0.700
BlockSizeScaling/50k_tx_64_per_subtree-4	398.3µ	419.7µ	~	0.200
BlockSizeScaling/50k_tx_256_per_subtree-4	100.5µ	100.5µ	~	0.700
BlockSizeScaling/50k_tx_1024_per_subtree-4	25.18µ	25.06µ	~	0.700
SubtreeAllocations/small_subtrees_exists_check-4	163.9µ	164.2µ	~	0.400
SubtreeAllocations/small_subtrees_data_fetch-4	171.4µ	173.7µ	~	0.200
SubtreeAllocations/small_subtrees_full_validation-4	332.4µ	333.4µ	~	0.700
SubtreeAllocations/medium_subtrees_exists_check-4	9.923µ	10.064µ	~	0.100
SubtreeAllocations/medium_subtrees_data_fetch-4	10.63µ	10.81µ	~	0.100
SubtreeAllocations/medium_subtrees_full_validation-4	20.50µ	20.92µ	~	0.200
SubtreeAllocations/large_subtrees_exists_check-4	2.464µ	2.501µ	~	0.700
SubtreeAllocations/large_subtrees_data_fetch-4	2.650µ	2.673µ	~	0.100
SubtreeAllocations/large_subtrees_full_validation-4	5.203µ	5.227µ	~	1.000
StoreBlock_Sequential/BelowCSVHeight-4	340.5µ	331.5µ	~	0.200
StoreBlock_Sequential/AboveCSVHeight-4	316.6µ	316.6µ	~	1.000
GetUtxoHashes-4	266.2n	283.1n	~	0.400
GetUtxoHashes_ManyOutputs-4	46.20µ	49.88µ	~	0.100
_NewMetaDataFromBytes-4	230.8n	240.8n	~	0.400
_Bytes-4	620.1n	610.5n	~	0.100
_MetaBytes-4	571.4n	562.1n	~	0.100

---

Threshold: >10% with p < 0.05 | Generated: 2026-04-29 01:49 UTC

[oskarszoon]

Approve. Closes a real (if narrow) consensus-correctness gap — pre-PR return nil after a GetBlockHeader flake signalled "block valid" without ever consulting blockMeta.Invalid. New ServiceError is the right answer and restores symmetry with the revalidation branch at :1192-1196. Test exercises the fixed path exactly and pins ErrServiceError wrapping.

Two notes worth recording:

• The asymmetry with GetBlockExists warn-and-proceed at :1170-1175 is intentional and correct: existence unknown → revalidate (consensus-safe via runOncePerBlock + StoreBlock duplicate-rejection); validity unknown after exists=true → fail-closed. One-line code comment at :1172 documenting the asymmetry would help future maintainers not unify them.
• Sonar's reliability=C is a filename-convention false positive — the package consistently uses PascalCase for type-bound area tests (BlockValidation_test.go, BlockValidation_difficulty_test.go) and snake_case for bare-topic tests (catchup_*, fork_manager_*). The new file matches the area-test pattern; suggest overriding the Sonar gate rather than renaming.

Optional follow-ups, none gating:

• Retry-with-backoff on GetBlockHeader at :1177 and :1192 (2-3 retries at 50/100/200ms). A transient gRPC blip shouldn't propagate as ServiceError.
• Latent meta==nil but err==nil gap at :1182 — falls through to return nil, same shape as the bug just fixed but with a silent-nil-meta failure mode. Worth a defensive guard + test.

Anything in the #4581 threat model worth adding to the PR description? Would help future readers since the issue isn't accessible to most reviewers.