Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix recoverer and tx broadcasting race #651

Closed
wants to merge 1 commit into from
Closed

Fix recoverer and tx broadcasting race #651

wants to merge 1 commit into from

Conversation

danielgranhao
Copy link
Contributor

@danielgranhao danielgranhao commented Jan 9, 2025
edited
Loading

Addresses #647

This PR:

  • Changes the order in which we fetch the onchain wallet tx map and the swaps histories in the recoverer implementation. There could be a race condition where a refund tx (for a send swap) was broadcasted in between the 2 steps, causing the swap history to include the refund tx, but for it to be missing in the onchain wallet tx map. This would then cause us to think the refund tx was a claim tx because we assume a claim tx is the one that does not spend to or from our wallet.
  • Adds a log for when we cannot get the swap preimage from the claim tx. We were simply ignoring this error, making it hard to understand that the preimage was not being found.

Open questions:

  • Should we use the preimage as a final check that a tx is indeed a claim tx? If we fail to get the preimage, we could clear the claim tx id from the swap.

@roeierez
Copy link
Member

@danielgranhao while this mitigate some of the cases I can still see races. For example:

  1. The recoverer starts and sync wallet and fetches scripts history
  2. Then the status stream triggers the swap claim/refund and update the swap
  3. The recoverer update again the swap with stale data.

This PR though makes it less likely to happen.
In my mind we need to think of ways to prevent this stale update, one option I was thinking of which would interested to get your opinion is:

  1. Recoverer fetch the swaps to recover from the db (already does it)
  2. At the end only updates swaps that haven't been updated since the fetch.

The next recoverer process should be good since we already broadcasted the claim/refund transaction.

@roeierez
Copy link
Member

  • Should we use the preimage as a final check that a tx is indeed a claim tx? If we fail to get the preimage, we could clear the claim tx id from the swap.

Yes, good catch. I think this is needed. the claim tx can be persisted in the db only with the preimage.

@danielgranhao
Copy link
Contributor Author

In my mind we need to think of ways to prevent this stale update, one option I was thinking of which would interested to get your opinion is:

Recoverer fetch the swaps to recover from the db (already does it)

  • At the end only updates swaps that haven't been updated since the fetch.
  • The next recoverer process should be good since we already broadcasted the claim/refund transaction.

Yes, I agree this PR doesn't entirely fix the underlying issue. I think an optimistic approach like the one you propose could work well. I'll work on it.

@danielgranhao
Copy link
Contributor Author

Dropped in favor of #652 and #653

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@roeierez roeierez Awaiting requested review from roeierez

@dangeross dangeross Awaiting requested review from dangeross

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@danielgranhao @roeierez