Skip to content

canonical: strict validate + halt-on-invalid (never drop a backfilled row)#862

Merged
samcm merged 17 commits into
masterfrom
feat/canonical-strict-validate
Jun 26, 2026
Merged

canonical: strict validate + halt-on-invalid (never drop a backfilled row)#862
samcm merged 17 commits into
masterfrom
feat/canonical-strict-validate

Conversation

@samcm

@samcm samcm commented Jun 26, 2026

Copy link
Copy Markdown
Member

Makes canonical (cannon-backfilled) data strict: a dropped row is a permanent gap in history, so an invalid canonical event now HALTS the writer (cannon doesn't advance its checkpoint; consumoor NAKs for redelivery) instead of being silently dropped or zero-filled. Non-canonical (live/sentry) events are unchanged — they're point-in-time and still drop. The halt keys off the canonical_ table prefix via a non-permanent invalidEventError.

Adds/extends route validate() on 16 canonical tables so every spec-required field is presence-checked (error-if-absent), driven by a field-by-field audit of each table against the beacon-API OpenAPI required: arrays and the consensus-specs SSZ containers. Empty-valid fields (validator index 0, genesis slot/epoch 0, zero/negative rewards, pre-finality ZERO_HASH checkpoint roots, empty lists) are deliberately left untouched so strictness never stalls on legitimate data. Supersedes #860 (this is the spec-verified version of that cleanup).

Also fixes two stale consumoor tests left red on master by b826b35 (canonical distributed_foreground_insert default). The validators table's lossy Nullable→NOT NULL flip + re-derive is handled in a separate follow-up PR.

samcm added 17 commits June 26, 2026 14:56
Canonical (cannon-backfilled) data is authoritative — a dropped row is a
permanent gap in history. For canonical_* tables, route.ErrInvalidEvent now
returns a non-permanent invalidEventError so the caller halts and retries
(cannon: no checkpoint advance; consumoor: NAK/redeliver) rather than
dropping. Non-canonical (live/sentry) invalid events still drop — they are
point-in-time and cannot be re-fetched.

isCanonical() keys off the canonical_ table prefix.
…x aliasing test fixture

Apply the audit's missing guards onto the existing (#851) validate()s rather
than the workflow agents' from-scratch versions (their pre-#851 base
conflicted): consolidation gains block_root/block_version/meta_network_name;
attestation_reward gains epoch_start_date_time/meta_network_name. Enrich the
elaborated-attestation aliasing test fixture to satisfy the new strict
validate (AttestationData + block identity + meta).
…_insert)

b826b35 added distributed_foreground_insert=1 as a canonical_ table default
but left TestTableConfigForAppliesCanonicalDefaults / MergesInsertSettings
asserting the pre-feature settings, leaving master red. Update expectations
to the intended behaviour.
@samcm samcm merged commit 2764443 into master Jun 26, 2026
6 checks passed
@samcm samcm deleted the feat/canonical-strict-validate branch June 26, 2026 05:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant