optimize and security audit the market health function

Question

optimize and security audit the market health function

Closed this issue 4 years ago · 2 comments

Ivshti commented 6 years ago

perform a detailed (security focused) review on the market health functions and it's tests - @samparsky and @elpiel - you should each do that
rewrite it in rust in a more efficient way and use that in the Supermarket - @elpiel you should do that

it can be optimized by:

not querying the validators if not needed (e.g. channel is expired)
by using the heartbeats returned in last-approved
only retrieving latest NewState/RejectState individually when the ones in last-approved are not recent (to distinct between Invalid and just not having a new New/Approve pair)

In terms of types, this can be represented much more cleanly as an enum of:

Initializing
Waiting
Active
Finalized - should contain another enum containing { Expired, Exhausted }
Unsound - should contain another enum with a struct { disconnected, offline, rejectedState, unhealthy } - where all of those are booleans

This will be implemented in the supermarket first, then the logic should be backported to the JS implementation - we'll figure out how to translate the type considering JS does not have sum types

Answer 1 · 2020-04-07T11:57:09.000Z

As we've discussed with @Ivshti some of the missing statuses, we now have:

#[derive(Debug)]
pub enum Status {
    // Active and Ready combined
    Active,
    Pending,
    Initializing,
    Waiting,
    Finalized(Finalized),
    Unsound {
        disconnected: bool,
        offline: bool,
        rejected_state: bool,
        unhealthy: bool,
    },
}

#[derive(Debug)]
pub enum Finalized {
    Expired,
    Exhausted,
    Withdraw,
}

Answer 2 · 2020-07-14T04:44:17.000Z

get_status in Supermarket (https://github.com/AdExNetwork/adex-supermarket/blob/d323869806f1705e92fe46e173e5a13e8e8c73c4/src/status.rs#L234-L290) was implemented and tested, while secure auditing the JS impl in the process