docs(adr): ADR-0003 — full-node detection, penalisation, and eviction#160
Open
mickvandijke wants to merge 1 commit into
Open
docs(adr): ADR-0003 — full-node detection, penalisation, and eviction#160mickvandijke wants to merge 1 commit into
mickvandijke wants to merge 1 commit into
Conversation
Node-side role in the full-node-shunning plan (full == dishonest == evict). After fresh replication, the node tests every responsible close-group peer 5-15 min later for possession; storing earns no positive trust, while not storing is penalised at AuditChallenge severity. Delivery of the push is best-effort (up to 2 retries/peer) but never an exemption: undelivered peers are still tested and penalised alike. Adds a self-closeness gate on client puts, coupled so its width stays >= the client fallback ceiling. Trust-score eviction is already implemented in saorsa-core; this ADR only emits the signal. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
There was a problem hiding this comment.
Pull request overview
Adds a new proposed Architecture Decision Record (ADR-0003) describing the node-side design for detecting full (non-storing) close-group peers, applying attributable penalties, and relying on existing saorsa-core trust-score eviction—while aligning client-put acceptance with a self-closeness gate.
Changes:
- Introduces ADR-0003 detailing delayed possession checks after fresh replication and penalty semantics.
- Specifies delivery retry behavior and clarifies that delivery success is not an exemption from later possession checks.
- Describes a self-closeness gate for client PUT acceptance and its coupling to the client fallback ceiling.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - **Reviewers:** <pending> | ||
| - **Supersedes:** none | ||
| - **Superseded by:** none | ||
| - **Related:** ant-client ADR-0002 (client-side fallback and diagnostics); ADR-0002 (gossip-triggered storage-commitment audit — shares the trust/eviction path); saorsa-core trust-score eviction (the enforcement layer — already implemented, no change required) |
Comment on lines
+25
to
+35
| - A node rejects a put when its disk is full with a **distinct** | ||
| `ProtocolError::StorageFailed`, *before* payment verification | ||
| (`src/storage/handler.rs:274-281`; `src/storage/lmdb.rs:599-621`). | ||
| - A direct client PUT does **not** reject on the node's own storage-responsibility | ||
| view (`src/storage/handler.rs:283-285`). Acceptance is bounded only *indirectly* by | ||
| the issuer-in-local-20-closest test (`src/payment/verifier.rs:942-1003`; | ||
| `PAID_QUOTE_ISSUER_CLOSENESS_WIDTH = K_BUCKET_SIZE = 20`). | ||
| - Fresh replication requires a proof of payment **and** enforces closeness via | ||
| `admission::is_responsible(... storage_admission_width = close_group + margin)`, | ||
| reusing the same `ClientPut` verification path | ||
| (`src/replication/mod.rs:1902-1916, 1987-2007, 2035-2048`). |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds ADR-0003 (Proposed) — the node-side role in the full-node-shunning plan (axiom: full == dishonest == evict).
Docs-only; no code changes. Paired client-side ADR: WithAutonomi/ant-client ADR-0002.
🤖 Generated with Claude Code