[ADR] PeerTransport

[xla]

First iteration in #2067 and an attempt to liberate the Switch from connection handling and low-level network concenrs.

[codecov-io]

Codecov Report

Merging #2069 into develop will decrease coverage by 0.03%.
The diff coverage is n/a.

@@             Coverage Diff             @@
##           develop    #2069      +/-   ##
===========================================
- Coverage    61.36%   61.32%   -0.04%     
===========================================
  Files          197      197              
  Lines        15678    15663      -15     
===========================================
- Hits          9621     9606      -15     
- Misses        5246     5248       +2     
+ Partials       811      809       -2

Impacted Files	Coverage Δ
libs/common/cmap.go	88% <0%> (-2.48%)	⬇️
consensus/state.go	77.09% <0%> (-0.37%)	⬇️
libs/common/kvpair.go	0% <0%> (ø)	⬆️
libs/events/event_cache.go	100% <0%> (ø)	⬆️
p2p/peer.go	61.36% <0%> (+1.13%)	⬆️
consensus/reactor.go	79.01% <0%> (+1.33%)	⬆️
rpc/client/helpers.go	91.3% <0%> (+3.06%)	⬆️

[ValarDragon]

Do we have a list of low level guards we want to enforce anywhere? Its not clear to me what the scope of "low-level" guards is.

[ValarDragon]

I'm having trouble understanding Accept. Is Accept supposed to evaluate an incoming connection? If so why doesn't it have connection as a parameter.

It seems to me that this should be doing the handshake and secret connection stuff.

[xla]

I'm having trouble understanding Accept. Is Accept supposed to evaluate an incoming connection? If so why doesn't it have connection as a parameter.

It has nothing to do with connections as the PeerTransport only hands back peers, which may or may not be based on a tcp connection over the wire. Accept is the way for the caller to signal that they are ready to deal with one more incoming Peer.

It seems to me that this should be doing the handshake and secret connection stuff.

The default implementation it will, other transports may not need to that:

tendermint/p2p/transport.go

Lines 101 to 111 in 791c15b

	func (mt *multiplexTransport) Accept(cfg peerConfig) (Peer, error) {
	a := <-mt.acceptc
	if a.err != nil {
	return nil, a.err
	}
	cfg.mConfig = mt.mConfig
	cfg.nodeInfo = mt.nodeInfo
	cfg.nodeKey = mt.nodeKey
	return upgrade(a.conn, mt.handshakeTimeout, cfg)

[ValarDragon]

Accept is the way for the caller to signal that they are ready to deal with one more incoming Peer.

Ohh I see. Perhaps this may be more clearly named as "GetPeer"?

[xla]

Trying to avoid getter semantics when possible, in the domain of transport accept and dial are very well understood and the signature already communicates what is returned.

[ValarDragon]

Sounds good! Thank you for the explanations :)

[ValarDragon]

Thanks for listing out the intended low-level guards! I still don't really understand what low-level means here.

Are these the set of checks that can only be determined from information in the handshake and the local nodes' configuration? (No knowledge of other peers that this is node is connected to, or how many peers it is currently connected to?)

[ValarDragon]

More concretely, I'm confused about why the following aren't here:

"Ensure this isn't a duplicate connection from the same IP" or "Ensure that we don't already have too many peers"

[xla]

Very good point. Indeed the use of low-level might be missleading as it actually should say domain-specific. As long as we only handle aspects that belong to the transport domain it should be clear. This might result in that protocol/app version check is down somewhere else. Most certainly the check if we already are connected to too many peers belongs in the switch.

Will add the duplicate ip check and rephrase low-level.

[ebuchman]

Should also filter based on:

• duplicate ID
• node info compatibility

could also clarify that it doesn't handle max-peers, thats for the switch

[liamsi]

Will there be another ADR explaining why these are the right choices?

[xla]

@liamsi Which choices are you referring to?

[liamsi]

The choices of what was previously called "guards".

[ebuchman]

Would be valuable to include some explanation in here as to the "why" for sure

[melekes]

nodeAddr

[melekes]

I prefer acceptCh, but feel free to ignore

[liamsi]

If you don't ignore: also, closeCh and listenCh for consistency.

[liamsi]

Can you link to some code (ideally) with a perma-link? I'm not familiar with the current implementation and it makes it easier to read and understand this. e.g. Switch (not only for me but other people reading the ADRs as documentation etc)

[ebuchman]

While I appreciate this point, we need to strike a balance in these ADRs between being an efficient document for design and including enough information for an outsider to keep up. I think to some extent, readers of the ADR should be expected to have some familiarity with the codebase, so that we don't need to worry too much about adding too many links.

[liamsi]

I know what you mean but could we use another word here? pluggable transports often means sth. else.

[xla]

What would you prefer?

[liamsi]

For me the words pluggable transport is overloaded by what I linked above (means tor obfuscate tor traffic as regular https traffic). But yeah in this context it describes correctly what this is about: the ability to plug in different transport implementations. So that's fine.

[liamsi]

Given my limited knowledge about the current p2p layer this looks like a thought through and well-written, concise ADR. In general, I'm in favour of writing these with readers in mind that are not knee deep in the current p2p stack (or, more general, whatever code snippets the ADR is addressing). This only means adding a few links or summarizing with very words where more appropriate.

[liamsi]

Link would be helpful again.

[xla]

Link to what in that section would you like to see?

[liamsi]

config.P2PConfig