fix: skip expired ipns records in GetIPNS#154
Open
lidel wants to merge 2 commits into
Open
Conversation
parallelRouter.GetIPNS returned the first record a router produced without checking its validity, so an expired record could be served. Treat an EOL-passed record as not found and keep waiting for a valid one from another router.
every backend already validates the record it returns, but EOL is time-varying while signatures are not: a record can expire between a backend's check and the moment the aggregator returns it. parallelRouter is first-result-wins with no revalidation, so document why the re-check guards against expired records winning the race.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Note
This is belt-and-suspenders, optional fix in addition to the upstream:
Problem
parallelRouter.GetIPNSraces the DHT and the delegated HTTP routers and returned the first record any router produced, without checking its validity. An IPNS record whose EOL has already passed could therefore be returned even when a valid record was available from another router. The record is cryptographically invalid, so a validating consumer rejects it, which surfaced as sporadic failures downstream (e.g. service-worker gateway 500s).Fix
isExpiredIPNSRecord, which reports whether an EOL-type record has passed its validity.routing.ErrNotFoundin both the single-router path and the multi-router race.GetIPNSnever returns a record past its EOL; first-valid-record-wins behavior and latency are otherwise unchanged.