Skip to content

*: qbft improvements#4560

Open
KaloyanTanev wants to merge 3 commits into
pinebit/qbft-fixesfrom
kalo/qbft-fixes
Open

*: qbft improvements#4560
KaloyanTanev wants to merge 3 commits into
pinebit/qbft-fixesfrom
kalo/qbft-fixes

Conversation

@KaloyanTanev

@KaloyanTanev KaloyanTanev commented Jun 12, 2026

Copy link
Copy Markdown
Collaborator

Refactors and extra checks

category: refactor
ticket: none

@KaloyanTanev KaloyanTanev requested a review from pinebit June 12, 2026 15:39
@github-actions github-actions Bot added the branch-invalid PR raised against invalid branch. Not a main or release branch. label Jun 12, 2026
@sonarqubecloud

sonarqubecloud Bot commented Jun 12, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@KaloyanTanev KaloyanTanev changed the title Kalo/qbft fixes *: qbft fixes Jun 12, 2026
@KaloyanTanev KaloyanTanev changed the title *: qbft fixes *: qbft improvements Jun 12, 2026
@codecov

codecov Bot commented Jun 12, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 89.65517% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 57.11%. Comparing base (42e3bea) to head (0b0a6ca).

Files with missing lines Patch % Lines
core/consensus/qbft/qbft.go 76.92% 2 Missing and 1 partial ⚠️
Additional details and impacted files 
@@                  Coverage Diff                   @@
##           pinebit/qbft-fixes    #4560      +/-   ##
======================================================
+ Coverage               57.08%   57.11%   +0.03%     
======================================================
  Files                     245      245              
  Lines                   33229    33246      +17     
======================================================
+ Hits                    18969    18989      +20     
+ Misses                  11869    11868       -1     
+ Partials                 2391     2389       -2

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@KaloyanTanev KaloyanTanev requested a review from Copilot June 12, 2026 17:01
Copilot AI reviewed Jun 12, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR tightens and refactors QBFT-related p2p handling to better bound resource usage under oversized or adversarial messages, while cleaning up resend/rate-limit logic in the QBFT core algorithm.

Changes:

  • Add a configurable p2p read-size cap (WithReadLimit) and cover it with a unit test.
  • Refactor the post-decision MsgDecided rebroadcast gating into a helper (allowDecidedResend).
  • Add a QBFT consensus wire-message size cap (32MB) and refactor/extend message limit verification and early cancellation checks during justification verification.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
p2p/sender.go Adds WithReadLimit option to cap delimited reader message sizes.
p2p/sender_test.go Adds test ensuring oversized messages are rejected before reaching the handler.
core/qbft/qbft.go Refactors decided rebroadcast limiting into allowDecidedResend.
core/consensus/qbft/qbft.go Applies read-limit to QBFT handler, adds max message size constant, and refactors message limit verification.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread p2p/sender.go
Comment on lines +252 to +258
return func(opts *sendRecvOpts) {
for _, pID := range opts.protocols {
opts.readersByProtocol[pID] = func(s network.Stream) pbio.Reader {
return pbio.NewDelimitedReader(s, limit)
}
}
}
Comment thread core/qbft/qbft.go
Comment on lines +301 to +314
allowDecidedResend := func(source, round int64) bool {
resend, ok := decidedResends[source]
if !ok && len(decidedResends) >= d.Nodes {
return false
}

if round <= resend.Round || resend.Count >= maxDecidedResends {
return false
}

decidedResends[source] = decidedResend{Round: round, Count: resend.Count + 1}

return true
}
pinebit
pinebit reviewed Jun 13, 2026
View reviewed changes
Comment thread core/consensus/qbft/qbft.go
// small justification sub-messages (bounded in handle) plus its values, the largest of
// which is a single block proposal (a few MB on mainnet); 32MB leaves ample margin while
// bounding the receive/decode/allocation cost a malicious peer can inflict per message.
const maxConsensusMsgSize = 32 * 1024 * 1024 // 32 MB.

@pinebit pinebit Jun 13, 2026

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I hope you know this is sufficient.. I saw full blocks ~20Mb in our metrics, it is close to 32...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pinebit pinebit pinebit approved these changes

Assignees

No one assigned

Labels

branch-invalid PR raised against invalid branch. Not a main or release branch.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@KaloyanTanev @pinebit