cothority
cothority copied to clipboard
dedis
how to terminate a byzcoin ledger?
As long as a ledger exists in the database a conode will try to extend it. That means it will try to become leader if there's no other communication from the cothority, and then it will poll the followers for transactions.
It should be possible to terminate a ledger that is no longer wanted.
But just telling one conode to stop acting as a leader won't do anything; another conode will just start trying to poll for transactions... what's needed is some kind of config update that reduces the roster to 0, but how would such a request be authorized?
I would add an operation "halt" which can be invoked by the DARC of the admin and nodes will simply run consensus on it. When halt gets added in the blockchain cothority nodes stop. Of course there can be a cothority server that has not yet received the final block who will try to view-change, so maybe some nodes should halt but remain available to route the final block to the strugglers.
Στις Τετ, 6 Μαρ 2019 στις 5:04 μ.μ., ο/η Jeff R. Allen < [email protected]> έγραψε:
As long as a ledger exists in the database a conode will try to extend it. That means it will try to become leader if there's no other communication from the cothority, and then it will poll the followers for transactions.
It should be possible to terminate a ledger that is no longer wanted.
But just telling one conode to stop acting as a leader won't do anything; another conode will just start trying to poll for transactions... what's needed is some kind of config update that reduces the roster to 0, but how would such a request be authorized?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/dedis/cothority/issues/1750, or mute the thread https://github.com/notifications/unsubscribe-auth/AK70sv3eAaWFMqFBL1x9mljKYtMc--tiks5vT-cEgaJpZM4bhPYj .
--
Kokoris-Kogias Eleftherios PhD Candidate at School of Computer and Communication Sciences EPFL
One of my PRs added this:
https://github.com/dedis/cothority/blob/master/byzcoin/bcadmin/main.go#L98
So if you do
bcadmin debug remove private.toml byzcoin-id
on all nodes, the byzcoin-instance will be gone.
We should also start to use
scmgr follow add byzcoin-id conode-ip:port
to restrict the creation of new byzcoin IDs.
Just a thought: we can't allow one conode to shut down an entire ledger so we need a way to tell "this conode wants to stop" until enough of them agreed and then everyone can stop listening for this ledger. You still keep the blocks to propagate them if required by someone but you stop the heartbeats.
Basically an admin would tell its conode to stop listening for a ledger, the conode would then send a transaction with a proof he wants to stop. Other conodes would need to receive the same command to propagate their own proof until we have everyone or a threshold on agreement.
I'm just not sure about the proof ..
I would not overthink this. If a ledger is to be killed, that's quite an important issue, and should not be done lightheartedly. It is also something that should not happen on a too frequent basis. I suppose that most nodes will run one ledger, and rarely a node will run more than one. So taking some time and coordination to do so should not be a problem.