Open aszepieniec opened 7 months ago
Currently, nodes refuse to persist blocks to disk until they have verified that they belong to the (currently) canonical chain
I have a few thoughts:
I guess the biggest concern with [1] is that it opens the door to a DOS attack where a peer feeds a continuous stream of non-canonical blocks that could lead to out-of-disk-space issues.
afaict, our problem is that we obtain the block headers and data together from each peer. So we have to somehow store all the block data until we have enough block headers to verify a given block is part of canonical chain.
note: block header and block data are both written in ArchivalState::write_block()
, from a single Block
argument.
bitcoin-core handles this via headers-first sync, where all headers are obtained and stored in a tree of all chains. Then (or concurrently) blocks are requested, but only if/when enough headers are available to indicates the block is part of the canonical (most work) chain.
sipa has a detailed writeup of bitcoin-core's behavior at: https://bitcoin.stackexchange.com/a/121293/49396
Currently, nodes refuse to persist blocks to disk until they have verified that they belong to the (currently) canonical chain. Simultaneously, there is a bound on the number of blocks that can be stored in RAM. If the reorganization is deeper than this bound, nodes will be unable to switch to the longer fork because they cannot test the longest chain rule.
Potential solutions:
This problem should be solved when we have recursive block validation. So this issue more like something to keep in mind than like something to be fixed urgently. That said, it would be nice to have a solution that does not rely on recursive block validation.