class AcsCommitmentProcessor extends AcsChangeListener with FlagCloseable with NamedLogging

Computes, sends, receives and compares ACS commitments

In more detail:

  • The class computes the participant's ACS commitments (for each of the participant's "counter-participants", i.e., participants who host a stakeholder of some contract in participant's ACS). The commitments are computed at specified (sequencer) times that are configured by the synchronizer and are uniform for all participants connected to the synchronizer. We refer to them as "commitment ticks". The commitments must be computed "online", i.e., after the state of the ACS at a commitment tick becomes known.
  • After the commitments for a tick are computed, they should be distributed to the counter-participants; but this is best-effort.
  • The class processes the ACS commitments from counter-participants (method processBatch):
    • it checks that the commitments are properly signed
    • it checks that they match the locally computed ACS commitments
  • The class must define crash recovery points, such that the class itself combined with startup procedures of the node jointly ensure that the participant doesn't neglect to send its ACS commitments or process the remote ones. We allow the participant to send the same commitments multiple times in case of a crash, and we do allow the participant to not send some commitments in some edge cases due to crashes.
  • Finally, the class supports pruning: it computes the safe timestamps for participant pruning, such that, after pruning, non-repudiation still holds for any contract in the ACS

The first four pieces of class functionality must be appropriately synchronized:

  • ACS commitments for a tick cannot be completely processed before the local commitment for that tick is computed. Note that the class cannot make many assumptions on the received commitments: the counter-participants can send them in any order, and they can either precede or lag behind the local commitment computations.
  • The recovery points must be chosen such that the participant computes its local commitments correctly, and never misses to compute a local commitment for every tick. Otherwise, the participant will start raising false alarms when remote commitments are received (either because it computes the wrong thing, or because it doesn't compute anything at all and thus doesn't expect to receive anything).

Additionally, the startup procedure must ensure that:

On first time startup (no entries in database) a single outstanding row will be generated for a previous fictive period, of length one reconciliation interval; this is to generate a starting point going forward.

Finally, the class requires the reconciliation interval to be a multiple of 1 second.

The commitmentPeriodObserver is called whenever a commitment is computed for a period, except if the participant crashes. If publish is called multiple times for the same timestamp (once before a crash and once after the recovery), the observer may also be called twice for the same period.

When a participant's ACS commitment processor falls behind some counter participants' processors, the participant has the option to enter a so-called "catch-up mode". In catch-up mode, the participant skips sending and checking commitments for some reconciliation intervals. The parameter governing catch-up mode is:

Annotations
@SuppressWarnings()
Linear Supertypes
NamedLogging, FlagCloseable, PerformUnlessClosing, HasSynchronizeWithReaders, HasSynchronizeWithClosing, OnShutdownRunner, HasRunOnClosing, HasUnlessClosing, AutoCloseable, AcsChangeListener, AnyRef, Any
Ordering
  1. Alphabetic
  2. By Inheritance
Inherited
  1. AcsCommitmentProcessor
  2. NamedLogging
  3. FlagCloseable
  4. PerformUnlessClosing
  5. HasSynchronizeWithReaders
  6. HasSynchronizeWithClosing
  7. OnShutdownRunner
  8. HasRunOnClosing
  9. HasUnlessClosing
  10. AutoCloseable
  11. AcsChangeListener
  12. AnyRef
  13. Any
  1. Hide All
  2. Show All
Visibility
  1. Public
  2. Protected

Value Members

  1. final def !=(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  2. final def ##: Int
    Definition Classes
    AnyRef → Any
  3. final def ==(arg0: Any): Boolean
    Definition Classes
    AnyRef → Any
  4. def addReader(reader: String)(implicit traceContext: TraceContext): UnlessShutdown[ReaderHandle]

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  5. final def asInstanceOf[T0]: T0
    Definition Classes
    Any
  6. def clone(): AnyRef
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.CloneNotSupportedException]) @IntrinsicCandidate() @native()
  7. final def close(): Unit

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Definition Classes
    FlagCloseableOnShutdownRunner → AutoCloseable
  8. def closingTimeout: FiniteDuration
    Attributes
    protected
    Definition Classes
    AcsCommitmentProcessorFlagCloseablePerformUnlessClosing
  9. final def eq(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  10. def equals(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef → Any
  11. implicit def errorLoggingContext(implicit traceContext: TraceContext): ErrorLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  12. final def getClass(): Class[_ <: AnyRef]
    Definition Classes
    AnyRef → Any
    Annotations
    @IntrinsicCandidate() @native()
  13. def hashCode(): Int
    Definition Classes
    AnyRef → Any
    Annotations
    @IntrinsicCandidate() @native()
  14. def initializeTicksOnStartup(timestamps: List[EffectiveTime])(implicit traceContext: TraceContext): Unit
  15. def isClosing: Boolean

    Check whether we're closing.

    Check whether we're closing. Susceptible to race conditions; unless you're using this as a flag to the retry lib or you really know what you're doing, prefer performUnlessClosing and friends.

    Definition Classes
    OnShutdownRunnerHasUnlessClosing
  16. final def isInstanceOf[T0]: Boolean
    Definition Classes
    Any
  17. def keepTrackOfReaderCallStack: Boolean

    Set this to true to get detailed information about all futures that did not complete during shutdown.

    Set this to true to get detailed information about all futures that did not complete during shutdown.

    Attributes
    protected[this]
    Definition Classes
    PerformUnlessClosingHasSynchronizeWithReaders
  18. def logger: TracedLogger
    Attributes
    protected
    Definition Classes
    NamedLogging
  19. val loggerFactory: NamedLoggerFactory
    Attributes
    protected
    Definition Classes
    AcsCommitmentProcessorNamedLogging
  20. def nameInternal: String
    Attributes
    protected[this]
    Definition Classes
    PerformUnlessClosingHasSynchronizeWithReaders
  21. implicit def namedLoggingContext(implicit traceContext: TraceContext): NamedLoggingContext
    Attributes
    protected
    Definition Classes
    NamedLogging
  22. final def ne(arg0: AnyRef): Boolean
    Definition Classes
    AnyRef
  23. def noTracingLogger: Logger
    Attributes
    protected
    Definition Classes
    NamedLogging
  24. final def notify(): Unit
    Definition Classes
    AnyRef
    Annotations
    @IntrinsicCandidate() @native()
  25. final def notifyAll(): Unit
    Definition Classes
    AnyRef
    Annotations
    @IntrinsicCandidate() @native()
  26. def onCloseFailure(e: Throwable): Unit
    Attributes
    protected
    Definition Classes
    PerformUnlessClosing
  27. def onClosed(): Unit
    Attributes
    protected
    Definition Classes
    AcsCommitmentProcessorPerformUnlessClosing
  28. final def onFirstClose(): Unit

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Blocks until all earlier tasks have completed and then prevents further tasks from being run.

    Definition Classes
    PerformUnlessClosingOnShutdownRunner
  29. def processBatch(timestamp: CantonTimestamp, batch: Traced[Seq[OpenEnvelope[SignedProtocolMessage[AcsCommitment]]]]): HandlerResult
  30. def processBatchInternal(timestamp: CantonTimestamp, batch: Seq[OpenEnvelope[SignedProtocolMessage[AcsCommitment]]])(implicit traceContext: TraceContext): HandlerResult

    Process incoming commitments.

    Process incoming commitments.

    The caller(s) must jointly ensure that all incoming commitments are passed to this method, in their order of arrival. Upon startup, the method must be called on all incoming commitments whose processing hasn't finished yet, including those whose processing has been aborted due to shutdown.

    There is no special catch-up logic on the incoming queue, because processing was never a bottleneck here. However, the incoming queue is important because it gives us the condition to initiate catch-up by allowing us to look at the timestamp of received commitments.

    Should processing of incoming commitments become a bottleneck, we can do the following:

    • to quickly detect a possible catch-up condition, we validate incoming commitments (including signature) as they come and store them; the catch-up condition looks at the timestamp of incoming commitments in the queue
    • to enable match checks of local and remote commitments, in a separate thread continue processing the commitments by checking matches and buffering them if needed.
      • during catch-up, the processing order is first commitments at catch-up boundaries in increasing timestamp order, then other commitments in increasing timestamp order
      • outside catch-up, process commitments as they come
  31. def publish(toc: RecordTime, acsChangeFactoryO: Option[AcsChangeFactory])(implicit traceContext: TraceContext): Unit
    Definition Classes
    AcsCommitmentProcessorAcsChangeListener
  32. def publish(toc: RecordTime, acsChange: AcsChange)(implicit traceContext: TraceContext): Unit

    ACS change notification.

    ACS change notification. Any response logic needs to happen in the background. The ACS change set may be empty, (e.g., in case of time proofs).

    toc

    time of the change

    acsChange

    active contract set change descriptor

    Definition Classes
    AcsCommitmentProcessorAcsChangeListener
  33. def publishForUpgradeTime(upgradeTime: CantonTimestamp)(implicit traceContext: TraceContext): Unit

    Publish to trigger the persisting of the running commitments.

    Publish to trigger the persisting of the running commitments. Should be called only at logical synchronizer upgrade time.

  34. def reinitializeCommitments(timestamp: CantonTimestamp)(implicit ec: ExecutionContext, traceContext: TraceContext): Boolean

    Reinitialize the running commitments at the given ACS timestamp.

    Reinitialize the running commitments at the given ACS timestamp. This is used to recompute the running commitments from the active contract store. Because the reinitialization task runs on the queue, a reinitialization cannot start before a previous initialization finished.

    Returns false if a reinitialization is already enqueued or executing, true otherwise.

  35. def remainingReaders(): Seq[String]
    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  36. def removeReader(handle: ReaderHandle): Unit

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    TODO(#16601) Make this method private once PerformUnlessClosing doesn't need it any more

    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  37. def runOnClose(task: RunOnClosing): UnlessShutdown[LifeCycleRegistrationHandle]

    Schedules the given task to be run upon closing.

    Schedules the given task to be run upon closing.

    returns

    An com.digitalasset.canton.lifecycle.UnlessShutdown.Outcome indicates that the task will have been run when the LifeCycleManager's closeAsync method completes or when AutoCloseable's close method returns, unless the returned LifeCycleRegistrationHandle was used to cancel the task or the task has been done beforehand. com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if the task is not run due to closing. This always happens if isClosing returns true.

    Definition Classes
    OnShutdownRunnerHasRunOnClosing
  38. def runOnOrAfterClose(task: RunOnClosing)(implicit traceContext: TraceContext): LifeCycleRegistrationHandle

    Register a task to run when closing is initiated, or run it immediately if closing is already ongoing.

    Register a task to run when closing is initiated, or run it immediately if closing is already ongoing. Unlike runOnClose, this method does not guarantee that this task will have run by the time the LifeCycleManager's closeAsync method completes or AutoCloseable's close returns. This is because the task is run immediately if the component has already been closed.

    Definition Classes
    HasRunOnClosing
  39. final def runOnOrAfterClose_(task: RunOnClosing)(implicit traceContext: TraceContext): Unit

    Variant of runOnOrAfterClose that does not return a com.digitalasset.canton.lifecycle.LifeCycleRegistrationHandle.

    Variant of runOnOrAfterClose that does not return a com.digitalasset.canton.lifecycle.LifeCycleRegistrationHandle.

    Definition Classes
    HasRunOnClosing
  40. def runTaskUnlessDone(task: RunOnClosing)(implicit traceContext: TraceContext): Unit
    Attributes
    protected[this]
    Definition Classes
    OnShutdownRunnerHasRunOnClosing
  41. val runningCommitments: RunningCommitments
  42. def scheduleTopologyTick(effectiveTime: Traced[EffectiveTime]): Unit
  43. def synchronizeWithClosing[F[_], A](name: String)(f: => F[A])(implicit traceContext: TraceContext, F: Thereafter[F], A: CanAbortDueToShutdown[F]): F[A]

    Runs the computation f only if the component is not yet closing.

    Runs the computation f only if the component is not yet closing. If so, the component will delay releasing its resources until f has completed (as defined by the com.digitalasset.canton.util.Thereafter instance) or the synchronizeWithClosingPatience has elapsed.

    DO NOT CALL this.close as part of f, because it will result in a deadlock. DO NOT PUT retries, especially indefinite ones, inside f.

    returns

    The computation completes with com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if f has not run. Otherwise it is the result of running f.

    Definition Classes
    HasSynchronizeWithClosing
    See also

    HasRunOnClosing.isClosing

  44. def synchronizeWithClosingF[A](name: String)(f: => Future[A])(implicit ec: ExecutionContext, traceContext: TraceContext): FutureUnlessShutdown[A]

    Convenience method for synchronizing on Futures instead of FutureUnlessShutdowns.

    Convenience method for synchronizing on Futures instead of FutureUnlessShutdowns. Equivalent to

    synchronizeWithClosing(name)(FutureUnlessShutdown.outcomeF(f))
    Definition Classes
    PerformUnlessClosing
  45. def synchronizeWithClosingPatience: FiniteDuration
    Attributes
    protected[this]
    Definition Classes
    PerformUnlessClosingHasSynchronizeWithReaders
  46. def synchronizeWithClosingSync[A](name: String)(f: => A)(implicit traceContext: TraceContext): UnlessShutdown[A]

    Runs the computation f only if the component is not yet closing.

    Runs the computation f only if the component is not yet closing. If so, the component will delay releasing its resources until f has finished or the synchronizeWithClosingPatience has elapsed.

    DO NOT CALL this.close as part of f, because it will result in a deadlock. DO NOT PUT retries, especially indefinite ones, inside f.

    returns

    com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if f has not run.

    Definition Classes
    HasSynchronizeWithClosing
    Annotations
    @SuppressWarnings()
    See also

    HasRunOnClosing.isClosing

  47. def synchronizeWithClosingUS[F[_], A](name: String)(f: => F[A])(implicit traceContext: TraceContext, F: Thereafter[F]): UnlessShutdown[F[A]]

    Runs the computation f only if the component is not yet closing.

    Runs the computation f only if the component is not yet closing. If so, the component will delay releasing its resources until f has completed (as defined by the com.digitalasset.canton.util.Thereafter instance) or the synchronizeWithClosingPatience has elapsed.

    DO NOT CALL this.close as part of f, because it will result in a deadlock. DO NOT PUT retries, especially indefinite ones, inside f.

    returns

    com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if f has not run. Otherwise the result of running f.

    Definition Classes
    PerformUnlessClosingHasSynchronizeWithClosing
    See also

    HasRunOnClosing.isClosing

  48. def synchronizeWithReaders()(implicit traceContext: TraceContext): Boolean
    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders
  49. final def synchronized[T0](arg0: => T0): T0
    Definition Classes
    AnyRef
  50. val timeouts: ProcessingTimeout
    Attributes
    protected
    Definition Classes
    AcsCommitmentProcessorFlagCloseable
  51. def toString(): String
    Definition Classes
    AnyRef → Any
  52. final def unlessClosing[F[_], A](fa: => F[A])(implicit F: CanAbortDueToShutdown[F]): F[A]

    Runs the computation fa unless isClosing returns true.

    Runs the computation fa unless isClosing returns true.

    This method does not delay the closing while fa is running, unlike the methods in HasSynchronizeWithClosing. Accordingly, this method is useful for intermittent checks whether the result of the computation is still relevant.

    returns

    The result of fa or com.digitalasset.canton.lifecycle.UnlessShutdown.AbortedDueToShutdown if isClosing is true

    Definition Classes
    HasUnlessClosing
    Annotations
    @inline()
  53. final def wait(arg0: Long, arg1: Int): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  54. final def wait(arg0: Long): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  55. final def wait(): Unit
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.InterruptedException])
  56. def withReader[F[_], A](name: String)(f: => F[A])(implicit traceContext: TraceContext, F: Thereafter[F]): UnlessShutdown[F[A]]
    Attributes
    protected[this]
    Definition Classes
    HasSynchronizeWithReaders

Deprecated Value Members

  1. def finalize(): Unit
    Attributes
    protected[lang]
    Definition Classes
    AnyRef
    Annotations
    @throws(classOf[java.lang.Throwable]) @Deprecated
    Deprecated

    (Since version 9)

Inherited from NamedLogging

Inherited from FlagCloseable

Inherited from PerformUnlessClosing

Inherited from HasSynchronizeWithReaders

Inherited from HasSynchronizeWithClosing

Inherited from OnShutdownRunner

Inherited from HasRunOnClosing

Inherited from HasUnlessClosing

Inherited from AutoCloseable

Inherited from AcsChangeListener

Inherited from AnyRef

Inherited from Any

Ungrouped