Skip to content

GitLab

Last edited by Volodymyr Shamray
Page history
This is an old version of this page. You can view the most recent version or browse the history.

19.01.18 Testnet Fork Report

Timeline

Time Events
19.01 08:35 Proposal test8 for 42 tCRW starting block 57750 is submitted by Volodymyr
19.01 08:35 Block 57664 is mined. It includes 25 tCRW fee for test8 submission
19.01 08:44 Proposal test8 receives 2 votes
19.01 09:39 Final budget A is submitted by one of vshamray's nodes. The only proposal it includes is test8
19.01 09:39 Block 57721 is mined. It includes 25 tCRW as final budget submission fee
19.01 09:55 Final budget A receives 3 votes from masternodes
19.01 10:25 Block 57749 is mined. Mining stops until late in the evening
19.01 19:23 Block 57750(A) is mined. It contains 42 tCRW payment by proposal test8 (final budget A)
19.01 19:24 Block 57750(A) reaches Volodymyr's masternodes. Both nodes reject it as it doesn't contain payment to DevFund Address
19.01 19:27 Masternodes keep rejecting the block, so does (apparently) testnet explorer
20.01 10:24 Block 57750(B) is mined (how? by which node?). It contains 50 tCRW payment to DevFund (failsafe) and does not contain payment by test8 proposal
22.01 Both Volodymyr's masternodes have full information about test8 and its votes. The consensus on budget seems to be at final budget A, yet the blockchain is on chain B

Hash reference

Object Hash
block 57664 00000000055297a028ed7f74f05de37e49d6f5e3b56a1f5744a1daaec7828737
block 57721 000000001453978d77294ebadf1cbb1d4fc7174059e9407072a671e7e9684bdc
block 57749 00000000112defd05ff138031ff5bff7a4967118c6acdb1d03541d356ef58804
block 57750(A) 00000000ff4cc3d7506c5b48ab3aca7aea2da0e1876494187dd99b6f9090f8ef
block 57750(B) 000000002856e18e100e7c56d5486fcbd537a4a87da2e5b393409d046393c9c0
test8 560297e695d6615ca5f1c861d1c91b0b04be9c76fa9404300fa6689037eb692b
Final Budget A 1f2995bdd6597a4fc5ba9f5a4813d14174733c512369c4adf0d2821a215a8526

Address reference

Label Address
DevFund Address mr59c3aniaN3qHXej5L8UBsssRZbiUUMnz

Interpretation

Current hypothesis is that the fork happened because of budget being inconsistent across the network: block 57750(A) that contained budget payment was rejected by several nodes in the network; later those nodes accepted block 57750(B) that contained failsafe payment.

Due to sloppy use of integer arithmetics in function CBudgetManager::IsTransactionValid superblock payment validity checks of all nodes that were online and synced at the moment (except for Volodymyr's wallet which was patched) rejected block 57750(A) by error. Mining pool node, however, produced the block before it had time to sync, so it still payed the budget that it had saved, but didn't run any masternode or budget related checks. Later, all the nodes that received block 57750(A) before they finished syncing ended up on chain A, others ended up on chain B.

So far, this is the only logical explanation, however there are few questions to be answered

Further research directions

  1. Why Volodymyr's masternodes rejected block 57750(A)? The obvious explanation would be that they didn't have the final budget, but they actually gave votes for Final Budget A! (todo: confirm with solid evidence)
  • Because of the failsafe payment code. Due to sloppy use of integer arithmetics in function CBudgetManager::IsTransactionValid superblock payment validity checks won't work properly when there are less then 20 masternodes in the network. Specificly, any budget payments in superblock that are not devfund payments will be considered invalid.
  1. What caused issuing of block 57750(B) the next day? Which node mined it? Probably, it won't help us understanding the problem, but it's just a strange unexplained event
  2. Why the failsafe even worked? Based on code analysis done independently both by Volodymyr and Ashot the failsafe relies on impossible combination of events to work. In fact this was one of the reasons to eradicate it. We must have missed something
  • Apparently, the "impossible" combination of events includes includes having less then 20 masternodes (see the answer to Q1). I suppose, this is exactly how it worked when it was tested in testnet
  1. The last block on chain A is 58772 (01/20/2018 @ 11:54pm UTC), however Volodymyr's wallet received up to 57756 on Jan 22 and up to 58228 on Jan 23. Why? Probably it's due to the network being split, but it would be nice to have a more detailed explanation
  2. What mining pool has been doing since issuing block 58772? No new blocks have been issued, but the pool is still working (Jan 23, morning)
  3. Is it a bug? If yes - how severe it is? The testnet setup (little amount of nodes, unstable mining) obviously contributed in the fork, so it would be nice to know: to what extent?
  • If I'm right about Q1 - yes, it is, and it's rather urgent, because it limits our capabilities of testing governance in the testnet
  1. How likely is it to reproduce in mainnet? Hopefully, having answers for questions 1 - 6, it would be easy to answer this one.
  • If I'm right about Q1 - very unlikely

Next Actions

Following steps aim to test the hypothesis and fix the problem:

  1. In the next couple of days Volodymyr will create an update that will fix incorrect superblock processing with small amount of masternodes.
  2. This update will pass code review and will be merged into master
  3. Mining pool node, testnet explorer and Volodymyr's masternodes will be updated to this version and restarted
  4. If those nodes switch to chain A, the hypothesis is comfirmed. If no, we will need further investigation
  5. We might need to test superblock payment several times and we will try to reproduce the situation before the fork as accurately as possible. If updated nodes are on the correct chain - hypothesis is confirmed, problem is fixed