With the current implementation we pull proposals directly from nodes which created the proposal.
Gossip protocol reverts the process so we push proposals to nodes through other nodes which means that we can get someone's proposal from other node which is not the original proposer. It is in general secured by signature chain.
According to what we agreed on error handling - there is a case when we want to make pull (if node didn't get proposal and has "gap") with a difference that we can pull not only from original proposer (as it was in pre-gossip implementation) but we would like to pull from any of nodes which already received a proposal.
Example:
A makes proposal at height 10 and sends it to B-> C-> D (via Gossip) but C->D fails.
Standard retrying/error handling doesn't work so proposal never reaches D. Assuming that D is aware of missing proposal 10 from A it should then pull proposal from A or B or C.
EDIT: The standard retrying doesn't work because the proposer left the cluster in the meantime, so there is no one to bisect and retry.
To make that secure, all the nodes should store not only proposal in form of hash but rather hash+signature. Thanks to that even if we fetch proposal A from B (so not from the original proposer) then we can still check if B didn't malform A's proposal by checking signature. It can be achieved by storing and signing whole SnapshotProposalGossip with signature as SignedSnapshotProposalGossip class instead of just storing height+hash and get rid of case class PersistedSnapshotProposal(hash: String, reputation: SortedMap[Id, Double])
With the current implementation we pull proposals directly from nodes which created the proposal. Gossip protocol reverts the process so we push proposals to nodes through other nodes which means that we can get someone's proposal from other node which is not the original proposer. It is in general secured by signature chain.
According to what we agreed on error handling - there is a case when we want to make pull (if node didn't get proposal and has "gap") with a difference that we can pull not only from original proposer (as it was in pre-gossip implementation) but we would like to pull from any of nodes which already received a proposal.
Example:
Amakes proposal at height10and sends it toB->C->D(via Gossip) butC->Dfails.Standard retrying/error handling doesn't work so proposal never reaches
D. Assuming thatDis aware of missing proposal10fromAit should then pull proposal fromAorBorC. EDIT: The standard retrying doesn't work because the proposer left the cluster in the meantime, so there is no one to bisect and retry.To make that secure, all the nodes should store not only proposal in form of
hashbut ratherhash+signature. Thanks to that even if we fetch proposalAfromB(so not from the original proposer) then we can still check ifBdidn't malformA's proposal by checking signature. It can be achieved by storing and signing wholeSnapshotProposalGossipwith signature asSignedSnapshotProposalGossipclass instead of just storingheight+hashand get rid ofcase class PersistedSnapshotProposal(hash: String, reputation: SortedMap[Id, Double])