linera_base/
ownership.rs

1// Copyright (c) Zefchain Labs, Inc.
2// SPDX-License-Identifier: Apache-2.0
3
4//! Structures defining the set of owners and super owners, as well as the consensus
5//! round types and timeouts for chains.
6
7use std::{
8    collections::{BTreeMap, BTreeSet},
9    iter,
10};
11
12use allocative::Allocative;
13use custom_debug_derive::Debug;
14use linera_witty::{WitLoad, WitStore, WitType};
15use serde::{Deserialize, Serialize};
16use thiserror::Error;
17
18use crate::{
19    data_types::{Round, TimeDelta},
20    doc_scalar,
21    identifiers::AccountOwner,
22};
23
24/// The timeout configuration: how long fast, multi-leader and single-leader rounds last.
25#[derive(
26    PartialEq,
27    Eq,
28    Clone,
29    Hash,
30    Debug,
31    Serialize,
32    Deserialize,
33    WitLoad,
34    WitStore,
35    WitType,
36    Allocative,
37)]
38pub struct TimeoutConfig {
39    /// The duration of the fast round.
40    #[debug(skip_if = Option::is_none)]
41    pub fast_round_duration: Option<TimeDelta>,
42    /// The duration of the first single-leader and all multi-leader rounds.
43    pub base_timeout: TimeDelta,
44    /// The duration by which the timeout increases after each single-leader round.
45    pub timeout_increment: TimeDelta,
46    /// The age of an incoming tracked or protected message after which the validators start
47    /// transitioning the chain to fallback mode.
48    pub fallback_duration: TimeDelta,
49}
50
51impl Default for TimeoutConfig {
52    fn default() -> Self {
53        Self {
54            fast_round_duration: None,
55            base_timeout: TimeDelta::from_secs(10),
56            timeout_increment: TimeDelta::from_secs(1),
57            // This is `MAX` because the validators are not currently expected to start clients for
58            // every chain with an old tracked message in the inbox.
59            fallback_duration: TimeDelta::MAX,
60        }
61    }
62}
63
64/// Represents the owner(s) of a chain.
65#[derive(
66    PartialEq,
67    Eq,
68    Clone,
69    Hash,
70    Debug,
71    Default,
72    Serialize,
73    Deserialize,
74    WitLoad,
75    WitStore,
76    WitType,
77    Allocative,
78)]
79pub struct ChainOwnership {
80    /// Super owners can propose fast blocks in the first round, and regular blocks in any round.
81    #[debug(skip_if = BTreeSet::is_empty)]
82    pub super_owners: BTreeSet<AccountOwner>,
83    /// The regular owners, with their weights that determine how often they are round leader.
84    #[debug(skip_if = BTreeMap::is_empty)]
85    pub owners: BTreeMap<AccountOwner, u64>,
86    /// The number of rounds in which all owners are allowed to propose blocks.
87    pub multi_leader_rounds: u32,
88    /// Whether the multi-leader rounds are unrestricted, i.e. not limited to chain owners.
89    /// This should only be `true` on chains with restrictive application permissions and an
90    /// application-based mechanism to select block proposers.
91    pub open_multi_leader_rounds: bool,
92    /// The timeout configuration: how long fast, multi-leader and single-leader rounds last.
93    pub timeout_config: TimeoutConfig,
94}
95
96impl ChainOwnership {
97    /// Creates a `ChainOwnership` with a single super owner.
98    pub fn single_super(owner: AccountOwner) -> Self {
99        ChainOwnership {
100            super_owners: iter::once(owner).collect(),
101            owners: BTreeMap::new(),
102            multi_leader_rounds: 2,
103            open_multi_leader_rounds: false,
104            timeout_config: TimeoutConfig::default(),
105        }
106    }
107
108    /// Creates a `ChainOwnership` with a single regular owner.
109    pub fn single(owner: AccountOwner) -> Self {
110        ChainOwnership {
111            super_owners: BTreeSet::new(),
112            owners: iter::once((owner, 100)).collect(),
113            multi_leader_rounds: 2,
114            open_multi_leader_rounds: false,
115            timeout_config: TimeoutConfig::default(),
116        }
117    }
118
119    /// Creates a `ChainOwnership` with the specified regular owners.
120    pub fn multiple(
121        owners_and_weights: impl IntoIterator<Item = (AccountOwner, u64)>,
122        multi_leader_rounds: u32,
123        timeout_config: TimeoutConfig,
124    ) -> Self {
125        ChainOwnership {
126            super_owners: BTreeSet::new(),
127            owners: owners_and_weights.into_iter().collect(),
128            multi_leader_rounds,
129            open_multi_leader_rounds: false,
130            timeout_config,
131        }
132    }
133
134    /// Adds a regular owner.
135    pub fn with_regular_owner(mut self, owner: AccountOwner, weight: u64) -> Self {
136        self.owners.insert(owner, weight);
137        self
138    }
139
140    /// Returns whether there are any owners or super owners or it is a public chain.
141    pub fn is_active(&self) -> bool {
142        !self.super_owners.is_empty()
143            || !self.owners.is_empty()
144            || self.timeout_config.fallback_duration == TimeDelta::ZERO
145    }
146
147    /// Returns `true` if this is an owner or super owner.
148    pub fn verify_owner(&self, owner: &AccountOwner) -> bool {
149        self.super_owners.contains(owner) || self.owners.contains_key(owner)
150    }
151
152    /// Returns `true` if this owner can participate in multi-leader rounds, i.e. it
153    /// is a regular owner or super owner or `open_multi_leader_rounds == true`.
154    pub fn can_propose_in_multi_leader_round(&self, owner: &AccountOwner) -> bool {
155        self.open_multi_leader_rounds
156            || self.owners.contains_key(owner)
157            || self.super_owners.contains(owner)
158    }
159
160    /// Returns the duration of the given round.
161    pub fn round_timeout(&self, round: Round) -> Option<TimeDelta> {
162        let tc = &self.timeout_config;
163        if round.is_fast() && self.owners.is_empty() {
164            return None; // Fast round only times out if there are regular owners.
165        }
166        match round {
167            Round::Fast => tc.fast_round_duration,
168            Round::MultiLeader(r) if r.saturating_add(1) == self.multi_leader_rounds => {
169                Some(tc.base_timeout)
170            }
171            Round::MultiLeader(_) => None,
172            Round::SingleLeader(r) | Round::Validator(r) => {
173                let increment = tc.timeout_increment.saturating_mul(u64::from(r));
174                Some(tc.base_timeout.saturating_add(increment))
175            }
176        }
177    }
178
179    /// Returns the first consensus round for this configuration.
180    pub fn first_round(&self) -> Round {
181        if !self.super_owners.is_empty() {
182            Round::Fast
183        } else if self.owners.is_empty() {
184            Round::Validator(0)
185        } else if self.multi_leader_rounds > 0 {
186            Round::MultiLeader(0)
187        } else {
188            Round::SingleLeader(0)
189        }
190    }
191
192    /// Returns an iterator over all super owners, followed by all owners.
193    pub fn all_owners(&self) -> impl Iterator<Item = &AccountOwner> {
194        self.super_owners.iter().chain(self.owners.keys())
195    }
196
197    /// Returns the round following the specified one, if any.
198    pub fn next_round(&self, round: Round) -> Option<Round> {
199        let next_round = match round {
200            Round::Fast if self.multi_leader_rounds == 0 => Round::SingleLeader(0),
201            Round::Fast => Round::MultiLeader(0),
202            Round::MultiLeader(r) => r
203                .checked_add(1)
204                .filter(|r| *r < self.multi_leader_rounds)
205                .map_or(Round::SingleLeader(0), Round::MultiLeader),
206            Round::SingleLeader(r) => r
207                .checked_add(1)
208                .map_or(Round::Validator(0), Round::SingleLeader),
209            Round::Validator(r) => Round::Validator(r.checked_add(1)?),
210        };
211        Some(next_round)
212    }
213
214    /// Returns whether the given owner a super owner and there are no regular owners.
215    pub fn is_super_owner_no_regular_owners(&self, owner: &AccountOwner) -> bool {
216        self.owners.is_empty() && self.super_owners.contains(owner)
217    }
218}
219
220/// Errors that can happen when attempting to close a chain.
221#[derive(Clone, Copy, Debug, Error, WitStore, WitType)]
222pub enum CloseChainError {
223    /// The application wasn't allowed to close the chain.
224    #[error("Unauthorized attempt to close the chain")]
225    NotPermitted,
226}
227
228/// Errors that can happen when attempting to change the chain ownership.
229#[derive(Clone, Copy, Debug, Error, WitStore, WitType)]
230pub enum ChangeOwnershipError {
231    /// The application wasn't allowed to change the chain ownership.
232    #[error("Unauthorized attempt to change the chain ownership")]
233    NotPermitted,
234}
235
236/// Errors that can happen when attempting to change the application permissions.
237#[derive(Clone, Copy, Debug, Error, WitStore, WitType)]
238pub enum ChangeApplicationPermissionsError {
239    /// The application wasn't allowed to change the application permissions.
240    #[error("Unauthorized attempt to change the application permissions")]
241    NotPermitted,
242}
243
244/// Errors that can happen when verifying the authentication of an operation over an
245/// account.
246#[derive(Clone, Copy, Debug, Error, WitStore, WitType)]
247pub enum AccountPermissionError {
248    /// Operations on this account are not permitted in the current execution context.
249    #[error("Unauthorized attempt to access account owned by {0}")]
250    NotPermitted(AccountOwner),
251}
252
253#[cfg(test)]
254mod tests {
255    use super::*;
256    use crate::crypto::{Ed25519SecretKey, Secp256k1SecretKey};
257
258    #[test]
259    fn test_ownership_round_timeouts() {
260        let super_pub_key = Ed25519SecretKey::generate().public();
261        let super_owner = AccountOwner::from(super_pub_key);
262        let pub_key = Secp256k1SecretKey::generate().public();
263        let owner = AccountOwner::from(pub_key);
264
265        let ownership = ChainOwnership {
266            super_owners: BTreeSet::from_iter([super_owner]),
267            owners: BTreeMap::from_iter([(owner, 100)]),
268            multi_leader_rounds: 10,
269            open_multi_leader_rounds: false,
270            timeout_config: TimeoutConfig {
271                fast_round_duration: Some(TimeDelta::from_secs(5)),
272                base_timeout: TimeDelta::from_secs(10),
273                timeout_increment: TimeDelta::from_secs(1),
274                fallback_duration: TimeDelta::from_secs(60 * 60),
275            },
276        };
277
278        assert_eq!(
279            ownership.round_timeout(Round::Fast),
280            Some(TimeDelta::from_secs(5))
281        );
282        assert_eq!(ownership.round_timeout(Round::MultiLeader(8)), None);
283        assert_eq!(
284            ownership.round_timeout(Round::MultiLeader(9)),
285            Some(TimeDelta::from_secs(10))
286        );
287        assert_eq!(
288            ownership.round_timeout(Round::SingleLeader(0)),
289            Some(TimeDelta::from_secs(10))
290        );
291        assert_eq!(
292            ownership.round_timeout(Round::SingleLeader(1)),
293            Some(TimeDelta::from_secs(11))
294        );
295        assert_eq!(
296            ownership.round_timeout(Round::SingleLeader(8)),
297            Some(TimeDelta::from_secs(18))
298        );
299    }
300}
301
302doc_scalar!(ChainOwnership, "Represents the owner(s) of a chain");
linera_base/ownership.rs

linera_base/
ownership.rs
