Skip to content

core: qbft improvements#4557

Open
pinebit wants to merge 2 commits into
mainfrom
pinebit/qbft-fixes
Open

core: qbft improvements#4557
pinebit wants to merge 2 commits into
mainfrom
pinebit/qbft-fixes

Conversation

@pinebit

@pinebit pinebit commented Jun 11, 2026

Copy link
Copy Markdown
Collaborator

Various qbft fixes.

category: refactor
ticket: none

@pinebit pinebit requested review from KaloyanTanev and Copilot June 11, 2026 14:58
Copilot AI reviewed Jun 11, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR hardens QBFT against post-decision amplification and oversized consensus wire messages by adding explicit rebroadcast/count limits, along with focused internal tests to validate the new bounds.

Changes:

  • Bound post-decision MsgDecided rebroadcasts triggered by ROUND-CHANGE messages (per source, per increasing round, capped).
  • Add early rejection limits in consensus handle for excessive justification and values counts to prevent CPU/memory amplification.
  • Add internal tests covering rebroadcast limits and wire-message amplification limits.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
core/qbft/qbft.go Adds per-source rebroadcast limiting for post-decision MsgDecided to reduce amplification risk.
core/qbft/qbft_internal_test.go Adds tests validating rebroadcast de-duplication, per-source caps, and forged-source tracking bounds.
core/consensus/qbft/qbft.go Adds early size bounds for justification/value counts before expensive verification/unmarshal work.
core/consensus/qbft/qbft_internal_test.go Adds tests ensuring oversized messages are rejected early and max-bounded messages are accepted.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread core/consensus/qbft/qbft_internal_test.go
@pinebit @claude
core/consensus/qbft: pin justification round in test helper
42e3bea 
Set Round explicitly in signedJustification so the test does not depend
on newRandomQBFTMsg's random round being non-zero (verifyMsg rejects
round <= 0), matching the adjacent signedBase helper.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@sonarqubecloud

sonarqubecloud Bot commented Jun 11, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@codecov

codecov Bot commented Jun 11, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 57.08%. Comparing base (576c67b) to head (42e3bea).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4557      +/-   ##
==========================================
- Coverage   57.08%   57.08%   -0.01%     
==========================================
  Files         245      245              
  Lines       33218    33229      +11     
==========================================
+ Hits        18963    18969       +6     
- Misses      11867    11869       +2     
- Partials     2388     2391       +3

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@KaloyanTanev KaloyanTanev Awaiting requested review from KaloyanTanev

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pinebit