|
14 | 14 | // You should have received a copy of the GNU General Public License |
15 | 15 | // along with Polkadot. If not, see <http://www.gnu.org/licenses/>. |
16 | 16 |
|
17 | | -//! The paras pallet is responsible for storing data on parachains and parathreads. |
| 17 | +//! The paras pallet acts as the main registry of paras. |
18 | 18 | //! |
19 | | -//! It tracks which paras are parachains, what their current head data is in |
20 | | -//! this fork of the relay chain, what their validation code is, and what their past and upcoming |
21 | | -//! validation code is. |
| 19 | +//! # Tracking State of Paras |
22 | 20 | //! |
23 | | -//! A para is not considered live until it is registered and activated in this pallet. Activation can |
24 | | -//! only occur at session boundaries. |
| 21 | +//! The most important responsibility of this module is to track which parachains and parathreads |
| 22 | +//! are active and what their current state is. The current state of a para consists of the current |
| 23 | +//! head data and the current validation code (AKA Parachain Validation Function (PVF)). |
| 24 | +//! |
| 25 | +//! A para is not considered live until it is registered and activated in this pallet. |
| 26 | +//! |
| 27 | +//! The set of parachains and parathreads cannot change except at session boundaries. This is |
| 28 | +//! primarily to ensure that the number and meaning of bits required for the availability bitfields |
| 29 | +//! does not change except at session boundaries. |
| 30 | +//! |
| 31 | +//! # Validation Code Upgrades |
| 32 | +//! |
| 33 | +//! When a para signals the validation code upgrade it will be processed by this module. This can |
| 34 | +//! be in turn split into more fine grained items: |
| 35 | +//! |
| 36 | +//! - Part of the acceptance criteria checks if the para can indeed signal an upgrade, |
| 37 | +//! |
| 38 | +//! - When the candidate is enacted, this module schedules code upgrade, storing the prospective |
| 39 | +//! validation code. |
| 40 | +//! |
| 41 | +//! - Actually assign the prospective validation code to be the current one after all conditions are |
| 42 | +//! fulfilled. |
| 43 | +//! |
| 44 | +//! The conditions that must be met before the para can use the new validation code are: |
| 45 | +//! |
| 46 | +//! 1. The validation code should have been "soaked" in the storage for a given number of blocks. That |
| 47 | +//! is, the validation code should have been stored in on-chain storage for some time, so that in |
| 48 | +//! case of a revert with a non-extreme height difference, that validation code can still be |
| 49 | +//! found on-chain. |
| 50 | +//! |
| 51 | +//! 2. The validation code was vetted by the validators and declared as non-malicious in a processes |
| 52 | +//! known as PVF pre-checking. |
| 53 | +//! |
| 54 | +//! # Validation Code Management |
| 55 | +//! |
| 56 | +//! Potentially, one validation code can be used by several different paras. For example, during |
| 57 | +//! initial stages of deployment several paras can use the same "shell" validation code, or |
| 58 | +//! there can be shards of the same para that use the same validation code. |
| 59 | +//! |
| 60 | +//! In case a validation code ceases to have any users it must be pruned from the on-chain storage. |
| 61 | +//! |
| 62 | +//! # Para Lifecycle Management |
| 63 | +//! |
| 64 | +//! A para can be in one of the two stable states: it is either a parachain or a parathread. |
| 65 | +//! |
| 66 | +//! However, in order to get into one of those two states, it must first be onboarded. Onboarding |
| 67 | +//! can be only enacted at session boundaries. Onboarding must take at least one full session. |
| 68 | +//! Moreover, a brand new validation code should go through the PVF pre-checking process. |
| 69 | +//! |
| 70 | +//! Once the para is in one of the two stable states, it can switch to the other stable state or to |
| 71 | +//! initiate offboarding process. The result of offboarding is removal of all data related to that |
| 72 | +//! para. |
| 73 | +//! |
| 74 | +//! # PVF Pre-checking |
| 75 | +//! |
| 76 | +//! As was mentioned above, a brand new validation code should go through a process of approval. |
| 77 | +//! As part of this process, validators from the active set will take the validation code and |
| 78 | +//! check if it is malicious. Once they did that and have their judgement, either accept or reject, |
| 79 | +//! they issue a statement in a form of an unsigned extrinsic. This extrinsic is processed by this |
| 80 | +//! pallet. Once supermajority is gained for accept, then the process that initiated the check |
| 81 | +//! is resumed (as mentioned before this can be either upgrading of validation code or onboarding). |
| 82 | +//! If supermajority is gained for reject, then the process is canceled. |
25 | 83 |
|
26 | 84 | use crate::{configuration, initializer::SessionChangeNotification, shared}; |
27 | 85 | use bitvec::{order::Lsb0 as BitOrderLsb0, vec::BitVec}; |
|
0 commit comments