spec: Shwap

[Wondertan]

Introduces Shwap page that points to the CIP. This PR integrates it nicely with mdbook engine like it is a local document in the node. It integrates multiple mdbook preprocessors into rendering pipeline and GH CI.

Rendered on GH pages

[github-actions]

PR Preview Action v1.4.7
🚀 Deployed preview to https://celestiaorg.github.io/celestia-node/pr-preview/pr-3205/
on branch gh-pages at 2024-03-26 16:57 UTC

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 51.59%. Comparing base (1809680) to head (5a818be).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3205      +/-   ##
==========================================
- Coverage   51.92%   51.59%   -0.34%     
==========================================
  Files         178      178              
  Lines       11316    11316              
==========================================
- Hits         5876     5838      -38     
- Misses       4942     4971      +29     
- Partials      498      507       +9     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[oblique]

In your current Shwap PR little endian is used. We also implemented it with little endian. Which one should we use?

[Wondertan]

We will use the big endian. I did a slight research on that and found out that its is used in IP and QUIC with rationale that its just faster on most architectures, so decided to follow that here.

[zvolin]

what would you say for enforcing the package fields in proto definitions in the spec?

[Wondertan]

@zvolin, I find it unnecessary, but might missing some context from other languages.

[zvolin]

so it usually affects the namespace in which the generated types will be. In our case we are generating and exposing all protos in a single crate (package) and all the messages without a package will be in a root namespace (even if they are generated separately). It sounds like something that will not hurt but can be useful.
In celestia-app protos are organized using pattern celestia.module.version and that ends up in types like celestia::blob::v1::MsgPayForBlobs in rust.
In node they usually look similar to the go module they are in, so we have header::pb::ExtendedHeader or share::p2p::shrex::nd::GetSharesByNamespaceRequest.
It would look nice on our end if shwap would have package share.p2p.shwap or something like so to be consistent.

[oblique]

Because the verification is done in the Bitswap level, the only way knowing that data sampling failed and block should be rejected, is to have a timeout. So, how many seconds the timeout should be? Should we define it here?

[Wondertan]

Interesting thought. I think this timeout is out of Shwap's scope. The actual sampling logic - how, how many samples are selected, and what the timeout for sampling deserves as separate spec/cip that depends on Shwap protocol.

[Wondertan]

Shwap is a transport for specialized DA messaging. The sampling logic/details are out of its scope

[Wondertan]

@zvolin, my hesitation with package share.p2p.shwap is that it enforces a certain package structure for the client implementations. I aim for the spec to be as language-agnostic as possible and broadly free from any non-protocol constraints.

Making all the proto follow the same package forces all the types to be generated in a single place, like what the core and lumina are doing. Node on the other hand is more modular and we keep proto-types together with the protocols, where each protocol is its own independent module/package. This is an example of an architecture decision that implementers are free to make and enforcing package structure through package directive breaks that.

It's nice to be consistent and I see why consistency is good to follow in general, but not in this case.

[walldiss]

Does "1/n" means that there needs to be at least one peer out of N, or something else?
Also, clarification is needed on whether peers must be both honest and possess the requested data shares. For example, an honest light node might lack the relevant data shares, impacting sampling efficiency. Clarifying these points would strengthen the protocol's specifications.

[Wondertan]

Does "1/n" means that there needs to be at least one peer out of N, or something else?

1 honest peer.

Also, clarification is needed on whether peers must be both honest and possess the requested data shares

1/n is a pretty common assumption in p2p networks. In this context honesty assumes possession. Nevertheless, clarifying it makes. Thanks for pointing this out.

[walldiss]

Suggested change

	and data request patterns. In some way, it hacks into multihash abstraction to make it contain data that isn't in fact a
	and data request patterns. In some way, it hacks into multihash abstraction to make it contain arbitrary message fields that isn't in fact a

We might want to be more specific here

[Wondertan]

Not sure how this change anything to message I tried to convery. Arbitrary message fields are also quite general and can mean anything.

Maybe something like "identification data" may improve it

[walldiss]

Perhaps it is worth to explain that the reason why Identifiers MUST have a fixed size is bitswap internal architecture.

[Wondertan]

That's a good point. I really would like not to have bitswap as a rationale for this, as this breaks Shwap protocol independence. Ideally, we would find a way to avoid this limitation until the CIP is finalized or find another rationale for why this is necessary.

[walldiss]

Just for nice aligment, why not those not ordered by desc multihash/codec?

[Wondertan]

I agree. I wanted to keep the order of IDs as defined in the spec and I didn't want to break what was already implemented, but as we break other things, it may not hurt to break this one.

[walldiss]

Suggested change

	hash. Furthermore, the protocol does not include hash digests in the multihashes. The authentication of the messages
	hash. Furthermore, the protocol does not include hash digests in the multihashes. The verification of the messages

My understanding is that authentication is verifying who provided data, rather than content in response. What do you think to replace authentication -> verification

[Wondertan]

Both terms work in this case. I've seen data/message authentication used to describe data that is not being tampered with and is coming from the right source. In this case, we authenticate messages against DAH, which assures us the data is correct and is coming from/produced by consensus/validators

[Wondertan]

Noting that spec fully migrated to celestiaorg/CIPs#77, so all the comments and discussions should move there as well. Check the description for more on new changes here

[Wondertan]

@rootulp, the theme dir can be similarly .gitignored in the app's repo

[rootulp]

thanks! Created celestiaorg/celestia-app#3151