Refactor/rollup node refactor

[frisitano]

No description provided.

[codspeed-hq]

CodSpeed Performance Report

Merging #351 will degrade performances by 97.16%

_{Comparing refactor/rollup-node-refactor (6ff7d55) with main (6852bf6)}

Summary

⚡ 1 improvement
❌ 1 regression

⚠️ Please fix the performance issues or acknowledge them on CodSpeed.

Benchmarks breakdown

	Benchmark	BASE	HEAD	Change
❌	pipeline_derive_in_file_blobs	27.4 ms	965.2 ms	-97.16%
⚡	pipeline_derive_s3_blobs	16,914.8 ms	79.3 ms	×210

[jonastheis]

This PR is great! Simplifies the readability and concepts in the flow of the code so much! imo it's much easier to reason about the state of the node than before.

A few things:

• we should add an in-depth description of the changes, new features, simplifications -> this will also allow us to systematically evaluate whether we have everything tested or need to add some tests later. + it will help with reviewing
• I left a bunch of comments inline.
• I'm a bit concerned about performance in some cases but we need to evaluate with benchmarks
• I think this PR addresses a few issues at once, we should link that to the description above and then close these issues accordingly:
  • #294
  • #269
  • maybe?: #245
  • maybe?: #174

[jonastheis]

Why change this from a Stream to a Future?

[frisitano]

Previously the rollup node manager would drive the ScrollNetworkManager future, which would yield NetworkManagerEvent's. Now we spawn the ScrollNetworkManager as a separate task and use channels to send events to the ChainOrchestrator. It's a slightly different architecture but achieves a similar goal. As such we don't need a stream on the ScrollNetworkManager as it doesn't yeild events anymore.

[jonastheis]

remove

[jonastheis]

why is this commented out?

[frisitano]

I've removed it, we no longer need it as now we include the block number associated with derived attributes which allows us to do our reconciliation. Previously we were relying on the safe_block_numer to do the association which was messy and error prone.

[jonastheis]

why commented?

[frisitano]

removed

[jonastheis]

there is a lot of stuff happening in this function and it would be great to add some comments as to what on a high-level is happening in each branch and why.

[frisitano]

done

[jonastheis]

why is this commented out?

[jonastheis]

Suggested change

	let mut new_headers = if received_block_number > self.engine.fcs().head_block_info().number
	let mut new_headers = if received_block_number > current_head_number

[jonastheis]

sure we only want to log this in debug?

[frisitano]

updated

[jonastheis]

sure we only want to log this in debug?

[frisitano]

updated

[jonastheis]

Isn't this just a reorg of depth 1? Shouldn't this case also be handled by the reorg logic below? I think the code flow here could be a bit better to make it clearer which conditions are met and which path is taken. especially in the reorg case and with the fork-choice condition if block_with_peer.block.header.timestamp <= current_head.header.timestamp {

[frisitano]

It's not a reorg of depth one, it's a reorg of arbitrary depth, i.e. the new chain has length one, but the depth is arbitrary. As a consequence of this comment, I added a check to ensure that the depth would not result in a safe block reorg. You are correct that we could delegate this to the reorg logic below, but it seems inefficient and a waste, as we already have all the information we need to reconcile the reorg. With some refactoring, I agree we could combine this condition and the reorg logic below in a more readable and efficient manner. For now, I think it's pragmatic to keep it as is.

[jonastheis]

here we start optimistic sync but also do the other consolidation. is that intended?

[frisitano]

good catch, fixed.

[jonastheis]

Is this a valid operation in optimistic sync mode? what if the L1 messages contained in the chain are garbage?

[frisitano]

I've updated the logic such that now we only persist and gossip blocks if they have been validated and we have fully synced L1 / L2 and consolidated the chain.

[jonastheis]

do we need to check if the result is valid? above we already check whether it is invalid and return

[frisitano]

Yes, because there is also the case that it could be Syncing, so in that case, we will want to defer until a later point at which we've fully synced.

[jonastheis]

don't we already persist the signature in handle_block_from_peer

[frisitano]

Good catch, I've removed persisting the signature here

[jonastheis]

How do we currently react to this event?

[frisitano]

The event itself is exclusively used for testing.

[greged93]

Great refactor, this is soooo much easier to read and nicer to go through then the previous state of the orchestrator and even node in general!

Left some inline comments and a small nit.

[greged93]

I think this can go, this check was used before in order to check that the block we received from the L2 was the child block of the safe head in the Engine Driver. Here all we are doing is check block.parent_hash == block.parent_hash.

[greged93]

nit: this can collapsed into one arm

[greged93]

small note here: I think this works in the case of Reth because payloads built from attributes are automatically inserted here.

One concern we might have which isn't handled here but mentioned in the Op stack docs, is the case where the data from the batch contains invalid transaction data and the execution node fails to build a payload. I believe in this case, the result we get here would be valid, but trying to call get_payload(id) would return an error.

[frisitano]

This is an important nuance. This will have implications in the Reorg branch of the consolidation logic:

rollup-node/crates/chain-orchestrator/src/lib.rs

Lines 425 to 469 in 44424d6

	BlockConsolidationAction::Reorg(attributes) => {
	tracing::info!(target: "scroll::chain_orchestrator", block_number = ?attributes.block_number, "Reorging chain to derived block");
	// We reorg the head to the safe block and then build the payload for the
	// attributes.
	let head = *self.engine.fcs().safe_block_info();
	if head.number != attributes.block_number - 1 {
	return Err(ChainOrchestratorError::InvalidBatchReorg {
	batch_info,
	safe_block_number: head.number,
	derived_block_number: attributes.block_number,
	});
	}
	let fcu = self.engine.build_payload(Some(head), attributes.attributes).await?;
	let payload = self
	.engine
	.get_payload(fcu.payload_id.expect("payload_id can not be None"))
	.await?;
	let block: ScrollBlock = try_into_block(
	ExecutionData { payload: payload.into(), sidecar: Default::default() },
	self.config.chain_spec().clone(),
	)
	.expect("block must be valid");
	let result = self.engine.new_payload(&block).await?;
	if result.is_invalid() {
	return Err(ChainOrchestratorError::InvalidBatch(
	(&block).into(),
	batch_info,
	));
	}
	// Update the forkchoice state to the new head.
	let block_info: L2BlockInfoWithL1Messages = (&block).into();
	self.engine
	.update_fcs(
	Some(block_info.block_info),
	Some(block_info.block_info),
	Some(block_info.block_info),
	)
	.await?;
	reorg_results.push(block_info.clone());
	BlockConsolidationOutcome::Reorged(block_info)
	}
	};

Whilst this is an important nuance, I consider accounting for corrupt transaction data to be out of scope of this PR due to the fact that batch submission is permissioned (in the happy case). I propose that we create an issue to track this and address this in a future PR, possibly in the context of a ninfallible derivation pipeline (which we currently don't have).

What do you think?

[greged93]

I propose that we create an issue to track this and address this in a future PR, possibly in the context of a ninfallible derivation pipeline (which we currently don't have).

Agreed, let's track it and leave as is for now.

[greged93]

Should the payload_building_job have higher priority in the polling order? If the payload is ready and the trigger as well, the current order means we decide to skip the next slot. If we invert them, we would return the payload to the chain orchestrator, and would catch the trigger on the next polling (might be a little late, but at least we won't completely miss it).

[frisitano]

good catch

[greged93]

One additional comment

[greged93]

I think the signature is already persisted in handle_block_from_peer, which is the only place where this method is called.

[greged93]

I propose that we create an issue to track this and address this in a future PR, possibly in the context of a ninfallible derivation pipeline (which we currently don't have).

Agreed, let's track it and leave as is for now.

[greged93]

no further comment, lgtm!