ref-fvm icon indicating copy to clipboard operation
ref-fvm copied to clipboard

Published 20 hours ago verified publisher icon filecoin-project

Rethink `invoke` signature

Open Stebalien opened this issue 3 years ago • 4 comments

Currently, invoke's signature is:

fn invoke(params_id: i32) -> i32 /* ret_id */;

However:

  1. It would be nice to take the method number in the parameters.
  2. It would be nice to be able to return an error instead of only being able to long-jump exit:
fn invoke(method_num: i32, params_id: i32) -> (i32 /* exit code */, i32 /* ret_id */);

But to do this, we'd need to investigate wasm support for multiple return values. Last time we checked, it wasn't great. But then again, we were trying to use multiple return values in syscalls. Using multiple return values to return to the host is likely significantly better (there are existing wrapper shims for rust that will just "make this work").

We can also take it even further:

fn invoke(
    method_num: i32,
    params_id: i32,
    params_len: i32,
    params_codec: u64,
    ) -> (i32 /* exit code */, i32 /* ret_id */);

or even

fn invoke(
    from: u64,
    to: u64,
    method_num: i32,
    params_id: i32,
    params_len: i32,
    params_codec: u64,
    ) -> (i32 /* exit code */, i32 /* ret_id */);

Stebalien avatar Nov 29 '22 22:11 Stebalien

So, I've been thinking about this for a bit:

  1. We're introducing a new entrypoint for constructors: https://github.com/filecoin-project/ref-fvm/issues/746.
  2. We're going to be doing the same thing for upgrades.

And in both cases, we're trying to keep the API the same fn(param_block: i32) -> i32 /* ret block */.

It would be nice to keep the general signature of "IPLD-block in, IPLD-block out" the same in all cases.

NOTE: I could see a benefit of adding an error number to the return value... or we could, and probably should, treat negative return values as error codes.

Stebalien avatar Aug 15 '23 22:08 Stebalien

An alternative to the whole "multiple entrypoint" saga ("invoke", "constructor", "upgrade", and eventually "validate") is to reserve negative method numbers for "system" entrypoints. I.e.:

  1. Users can invoke actors with methods 0+
  2. The system can invoke actors with methods <0:
    1. invoke(-1, params) -> constructor.
    2. invoke(-2, params) -> upgrade.
    3. invoke(-3, params) -> validate.

But... I hate it.

Stebalien avatar Aug 15 '23 23:08 Stebalien

We could also change the signature to:

fn some_entrypoint(
    params_id: i32,
    params_len: i32,
    params_codec: u64,
    ) -> i32 /* ret id or error */

That means we don't have to "stat" the block to get the length/codec and lets us keep the same parameters across all entrypoints (saving a syscall).

It doesn't solve the issue of not passing the method number.

Stebalien avatar Aug 15 '23 23:08 Stebalien

We (@arajasek and @fridrik01 and I) talked about this and agreed on... negative method numbers. Because it:

  1. Reduces complexity (one entry point).
  2. Clearly calls out which methods are special "system" methods (we forbid users from calling these method numbers).

The full signature I plan to propose is:

fn invoke(method_num: i64, param_id: u32, param_codec: u64, param_len: u32) -> u32 /* ret block */;

However, still TBD, is how to handle errors. Unfortunately, non-zero exit codes can coexist with error return values (a required feature for EVM support). So... yeah...

I'd like to propose:

fn invoke(method_num: i64, param_id: u32, param_codec: u64, param_len: u32) -> (u32 /* return value id */, u32 /* exit code */);

But implementing this method can be tricky in most languages as it requires multiple return-value support in the language's wasm toolchain.

Stebalien avatar Aug 16 '23 17:08 Stebalien