server: Add suspending sessions that did not pass the pHash verification#2103
Conversation
jailuthra
left a comment
jailuthra
left a comment
There was a problem hiding this comment.
LGTM. Made an unrelated sidecomment
| return untrustedResult.Session, untrustedResult.TranscodeResult, untrustedResult.Err | ||
| } else if monitor.Enabled { | ||
| monitor.FastVerificationFailed() | ||
| } else { |
There was a problem hiding this comment.
Not related to this exact issue or very high priority, so maybe we should open a new issue/PR for this:
Maybe we should reset our verifiedSession to nil if the hash it sends doesn't match?
| } else { | |
| } else { | |
| if (bsm.verifiedSession == untrustedResult.Session) { | |
| bsm.verifiedSession = nil | |
| } |
There was a problem hiding this comment.
I see one issue with adding this condition. If we add it, then a false-negative will cause bsm.verifiedSession = nil and in a result, we'll start looking for a new session. That can in turn cause bouncing between sessions if we encounter many false-negative scenarios.
We decided that we'll suspend sessions only if it failed p-hash verification but at the same time the other untrusted sessions passed the verification. We could do the same and maybe set verifiedSession to nil when we suspend the session, but technically it does not matter, because this condition takes into consideration both bsm.verifiedSession = nil and excluding suspended sessions.
There was a problem hiding this comment.
Good point about false negatives causing swaps, and yeah we'd anyway suspend a verified session and look for a new one if the other untrusted session passes. LGTM feel free to merge 👍
yondonfu
left a comment
yondonfu
left a comment
There was a problem hiding this comment.
Just a few nits, but looks good!
Co-authored-by: Yondon Fu <yondon.fu@gmail.com>
…eszko/go-livepeer into 2097-suspend-untrusted-session
yondonfu
left a comment
yondonfu
left a comment
There was a problem hiding this comment.
LGTM! Let's just cleanup the last few commits either via squashing and/or a rebase + push prior to merging.
Yeah, sure I'll clean it up |
… 2097-suspend-untrusted-session
4 participants
What does this pull request do? Explain your changes. (required)
Suspend untrusted session when the following conditions are correct:
It would be nice to add some automated tests for this change, however, it's hard to do it with the current design. I think we should tackle it separately while refactoring
broadcast.go.Specific updates (required)
Suspend the untrusted session that returned incorrect p-hash
How did you test each of these updates (required)
Does this pull request close any open issues?
Checklist:
makeruns successfully./test.shpass