
592 lines
17 KiB
Raw Normal View History

2018-09-02 19:03:02 +08:00
package pstoreds
import (
2018-09-02 19:10:55 +08:00
ds "github.com/ipfs/go-datastore"
2020-03-06 20:07:36 +08:00
2021-11-27 21:40:23 +08:00
logging "github.com/ipfs/go-log/v2"
2020-03-06 20:07:36 +08:00
pstore "github.com/libp2p/go-libp2p-core/peerstore"
pb "github.com/libp2p/go-libp2p-peerstore/pb"
2020-03-06 20:07:36 +08:00
lru "github.com/hashicorp/golang-lru"
2019-03-01 02:33:47 +08:00
b32 "github.com/multiformats/go-base32"
ma "github.com/multiformats/go-multiaddr"
2018-09-01 01:35:23 +08:00
type ttlWriteMode int
const (
ttlOverride ttlWriteMode = iota
var (
log = logging.Logger("peerstore/ds")
2019-02-06 00:52:27 +08:00
// Peer addresses are stored db key pattern:
// /peers/addrs/<b32 peer id no padding>
addrBookBase = ds.NewKey("/peers/addrs")
// addrsRecord decorates the AddrBookRecord with locks and metadata.
type addrsRecord struct {
dirty bool
2018-09-19 02:01:24 +08:00
2019-02-06 00:52:27 +08:00
// flush writes the record to the datastore by calling ds.Put, unless the record is
// marked for deletion, in which case we call ds.Delete. To be called within a lock.
2019-02-06 00:53:23 +08:00
func (r *addrsRecord) flush(write ds.Write) (err error) {
key := addrBookBase.ChildString(b32.RawStdEncoding.EncodeToString([]byte(r.Id.ID)))
2020-03-06 20:07:36 +08:00
if len(r.Addrs) == 0 {
if err = write.Delete(context.TODO(), key); err == nil {
r.dirty = false
return err
data, err := r.Marshal()
if err != nil {
return err
if err = write.Put(context.TODO(), key, data); err != nil {
return err
// write succeeded; record is no longer dirty.
r.dirty = false
return nil
2018-09-19 02:01:24 +08:00
2019-02-06 22:40:51 +08:00
// clean is called on records to perform housekeeping. The return value indicates if the record was changed
// as a result of this call.
2019-02-06 22:40:51 +08:00
// clean does the following:
// * sorts addresses by expiration (soonest expiring first).
// * removes expired addresses.
// It short-circuits optimistically when there's nothing to do.
2019-02-06 22:40:51 +08:00
// clean is called from several points:
// * when accessing an entry.
// * when performing periodic GC.
// * after an entry has been modified (e.g. addresses have been added or removed, TTLs updated, etc.)
// If the return value is true, the caller should perform a flush immediately to sync the record with the store.
2019-02-06 22:40:51 +08:00
func (r *addrsRecord) clean() (chgd bool) {
now := time.Now().Unix()
2020-03-06 20:07:36 +08:00
addrsLen := len(r.Addrs)
if !r.dirty && !r.hasExpiredAddrs(now) {
// record is not dirty, and we have no expired entries to purge.
return false
2020-03-06 20:07:36 +08:00
if addrsLen == 0 {
// this is a ghost record; let's signal it has to be written.
2019-02-06 00:52:27 +08:00
// flush() will take care of doing the deletion.
return true
2020-03-06 20:07:36 +08:00
if r.dirty && addrsLen > 1 {
sort.Slice(r.Addrs, func(i, j int) bool {
return r.Addrs[i].Expiry < r.Addrs[j].Expiry
2020-03-06 20:07:36 +08:00
r.Addrs = removeExpired(r.Addrs, now)
return r.dirty || len(r.Addrs) != addrsLen
func (r *addrsRecord) hasExpiredAddrs(now int64) bool {
if len(r.Addrs) > 0 && r.Addrs[0].Expiry <= now {
return true
return false
func removeExpired(entries []*pb.AddrBookRecord_AddrEntry, now int64) []*pb.AddrBookRecord_AddrEntry {
// since addresses are sorted by expiration, we find the first
// survivor and split the slice on its index.
pivot := -1
2020-03-06 20:07:36 +08:00
for i, addr := range entries {
if addr.Expiry > now {
pivot = i
2018-06-27 07:06:05 +08:00
2020-03-06 20:07:36 +08:00
return entries[pivot+1:]
// dsAddrBook is an address book backed by a Datastore with a GC procedure to purge expired entries. It uses an
// in-memory address stream manager. See the NewAddrBook for more information.
type dsAddrBook struct {
ctx context.Context
opts Options
2018-09-01 01:35:23 +08:00
cache cache
ds ds.Batching
gc *dsAddrBookGc
subsManager *pstoremem.AddrSubManager
// controls children goroutine lifetime.
childrenDone sync.WaitGroup
cancelFn func()
var _ pstore.AddrBook = (*dsAddrBook)(nil)
2020-03-06 20:07:36 +08:00
var _ pstore.CertifiedAddrBook = (*dsAddrBook)(nil)
2018-09-01 01:35:23 +08:00
// NewAddrBook initializes a new datastore-backed address book. It serves as a drop-in replacement for pstoremem
// (memory-backed peerstore), and works with any datastore implementing the ds.Batching interface.
// Addresses and peer records are serialized into protobuf, storing one datastore entry per peer, along with metadata
// to control address expiration. To alleviate disk access and serde overhead, we internally use a read/write-through
// ARC cache, the size of which is adjustable via Options.CacheSize.
// The user has a choice of two GC algorithms:
// - lookahead GC: minimises the amount of full store traversals by maintaining a time-indexed list of entries that
// need to be visited within the period specified in Options.GCLookaheadInterval. This is useful in scenarios with
// considerable TTL variance, coupled with datastores whose native iterators return entries in lexicographical key
// order. Enable this mode by passing a value Options.GCLookaheadInterval > 0. Lookahead windows are jumpy, not
// sliding. Purges operate exclusively over the lookahead window with periodicity Options.GCPurgeInterval.
// - full-purge GC (default): performs a full visit of the store with periodicity Options.GCPurgeInterval. Useful when
// the range of possible TTL values is small and the values themselves are also extreme, e.g. 10 minutes or
// permanent, popular values used in other libp2p modules. In this cited case, optimizing with lookahead windows
// makes little sense.
func NewAddrBook(ctx context.Context, store ds.Batching, opts Options) (ab *dsAddrBook, err error) {
ctx, cancelFn := context.WithCancel(ctx)
2019-02-06 00:52:27 +08:00
ab = &dsAddrBook{
ctx: ctx,
ds: store,
opts: opts,
cancelFn: cancelFn,
subsManager: pstoremem.NewAddrSubManager(),
if opts.CacheSize > 0 {
if ab.cache, err = lru.NewARC(int(opts.CacheSize)); err != nil {
return nil, err
} else {
ab.cache = new(noopCache)
if ab.gc, err = newAddressBookGc(ctx, ab); err != nil {
return nil, err
2019-02-06 00:52:27 +08:00
return ab, nil
func (ab *dsAddrBook) Close() error {
return nil
// loadRecord is a read-through fetch. It fetches a record from cache, falling back to the
2018-11-28 08:56:51 +08:00
// datastore upon a miss, and returning a newly initialized record if the peer doesn't exist.
// loadRecord calls clean() on an existing record before returning it. If the record changes
// as a result and the update argument is true, the resulting state is saved in the datastore.
2019-02-06 00:52:27 +08:00
// If the cache argument is true, the record is inserted in the cache when loaded from the datastore.
func (ab *dsAddrBook) loadRecord(id peer.ID, cache bool, update bool) (pr *addrsRecord, err error) {
if err := id.Validate(); err != nil {
return nil, err
if e, ok := ab.cache.Get(id); ok {
pr = e.(*addrsRecord)
defer pr.Unlock()
2019-02-06 22:40:51 +08:00
if pr.clean() && update {
err = pr.flush(ab.ds)
return pr, err
2018-09-01 01:35:23 +08:00
2019-02-06 00:52:27 +08:00
pr = &addrsRecord{AddrBookRecord: &pb.AddrBookRecord{}}
key := addrBookBase.ChildString(b32.RawStdEncoding.EncodeToString([]byte(id)))
data, err := ab.ds.Get(context.TODO(), key)
2019-02-06 00:52:27 +08:00
switch err {
case ds.ErrNotFound:
err = nil
2019-02-06 00:52:27 +08:00
pr.Id = &pb.ProtoPeerID{ID: id}
case nil:
if err = pr.Unmarshal(data); err != nil {
return nil, err
// this record is new and local for now (not in cache), so we don't need to lock.
2019-02-06 22:40:51 +08:00
if pr.clean() && update {
err = pr.flush(ab.ds)
2019-02-06 00:52:27 +08:00
return nil, err
2018-09-01 01:35:23 +08:00
2018-06-27 07:06:05 +08:00
if cache {
ab.cache.Add(id, pr)
2018-09-01 01:35:23 +08:00
return pr, err
2018-09-01 01:35:23 +08:00
// AddAddr will add a new address if it's not already in the AddrBook.
func (ab *dsAddrBook) AddAddr(p peer.ID, addr ma.Multiaddr, ttl time.Duration) {
ab.AddAddrs(p, []ma.Multiaddr{addr}, ttl)
// AddAddrs will add many new addresses if they're not already in the AddrBook.
func (ab *dsAddrBook) AddAddrs(p peer.ID, addrs []ma.Multiaddr, ttl time.Duration) {
if ttl <= 0 {
addrs = cleanAddrs(addrs)
2020-03-06 20:07:36 +08:00
ab.setAddrs(p, addrs, ttl, ttlExtend, false)
// ConsumePeerRecord adds addresses from a signed peer.PeerRecord (contained in
// a record.Envelope), which will expire after the given TTL.
// See https://godoc.org/github.com/libp2p/go-libp2p-core/peerstore#CertifiedAddrBook for more details.
func (ab *dsAddrBook) ConsumePeerRecord(recordEnvelope *record.Envelope, ttl time.Duration) (bool, error) {
r, err := recordEnvelope.Record()
if err != nil {
return false, err
rec, ok := r.(*peer.PeerRecord)
if !ok {
return false, fmt.Errorf("envelope did not contain PeerRecord")
if !rec.PeerID.MatchesPublicKey(recordEnvelope.PublicKey) {
return false, fmt.Errorf("signing key does not match PeerID in PeerRecord")
// ensure that the seq number from envelope is >= any previously received seq no
// update when equal to extend the ttls
if ab.latestPeerRecordSeq(rec.PeerID) > rec.Seq {
2020-03-06 20:07:36 +08:00
return false, nil
addrs := cleanAddrs(rec.Addrs)
err = ab.setAddrs(rec.PeerID, addrs, ttl, ttlExtend, true)
if err != nil {
return false, err
err = ab.storeSignedPeerRecord(rec.PeerID, recordEnvelope, rec)
if err != nil {
return false, err
return true, nil
func (ab *dsAddrBook) latestPeerRecordSeq(p peer.ID) uint64 {
pr, err := ab.loadRecord(p, true, false)
if err != nil {
2021-07-17 06:40:47 +08:00
// We ignore the error because we don't want to fail storing a new record in this
// case.
log.Errorw("unable to load record", "peer", p, "error", err)
return 0
defer pr.RUnlock()
if len(pr.Addrs) == 0 || pr.CertifiedRecord == nil || len(pr.CertifiedRecord.Raw) == 0 {
2020-03-06 20:07:36 +08:00
return 0
return pr.CertifiedRecord.Seq
func (ab *dsAddrBook) storeSignedPeerRecord(p peer.ID, envelope *record.Envelope, rec *peer.PeerRecord) error {
envelopeBytes, err := envelope.Marshal()
if err != nil {
return err
// reload record and add routing state
// this has to be done after we add the addresses, since if
// we try to flush a datastore record with no addresses,
// it will just get deleted
pr, err := ab.loadRecord(p, true, false)
if err != nil {
return err
defer pr.Unlock()
2020-03-06 20:07:36 +08:00
pr.CertifiedRecord = &pb.AddrBookRecord_CertifiedRecord{
Seq: rec.Seq,
Raw: envelopeBytes,
pr.dirty = true
err = pr.flush(ab.ds)
return err
// GetPeerRecord returns a record.Envelope containing a peer.PeerRecord for the
// given peer id, if one exists.
// Returns nil if no signed PeerRecord exists for the peer.
func (ab *dsAddrBook) GetPeerRecord(p peer.ID) *record.Envelope {
pr, err := ab.loadRecord(p, true, false)
if err != nil {
log.Errorf("unable to load record for peer %s: %v", p.Pretty(), err)
return nil
defer pr.RUnlock()
2020-03-06 20:07:36 +08:00
if pr.CertifiedRecord == nil || len(pr.CertifiedRecord.Raw) == 0 || len(pr.Addrs) == 0 {
return nil
state, _, err := record.ConsumeEnvelope(pr.CertifiedRecord.Raw, peer.PeerRecordEnvelopeDomain)
if err != nil {
log.Errorf("error unmarshaling stored signed peer record for peer %s: %v", p.Pretty(), err)
return nil
return state
// SetAddr will add or update the TTL of an address in the AddrBook.
func (ab *dsAddrBook) SetAddr(p peer.ID, addr ma.Multiaddr, ttl time.Duration) {
ab.SetAddrs(p, []ma.Multiaddr{addr}, ttl)
// SetAddrs will add or update the TTLs of addresses in the AddrBook.
func (ab *dsAddrBook) SetAddrs(p peer.ID, addrs []ma.Multiaddr, ttl time.Duration) {
addrs = cleanAddrs(addrs)
if ttl <= 0 {
ab.deleteAddrs(p, addrs)
2020-03-06 20:07:36 +08:00
ab.setAddrs(p, addrs, ttl, ttlOverride, false)
// UpdateAddrs will update any addresses for a given peer and TTL combination to
// have a new TTL.
func (ab *dsAddrBook) UpdateAddrs(p peer.ID, oldTTL time.Duration, newTTL time.Duration) {
pr, err := ab.loadRecord(p, true, false)
if err != nil {
log.Errorf("failed to update ttls for peer %s: %s\n", p.Pretty(), err)
2019-04-17 05:11:14 +08:00
defer pr.Unlock()
newExp := time.Now().Add(newTTL).Unix()
for _, entry := range pr.Addrs {
if entry.Ttl != int64(oldTTL) {
entry.Ttl, entry.Expiry = int64(newTTL), newExp
pr.dirty = true
2019-02-06 22:40:51 +08:00
if pr.clean() {
2019-02-06 00:52:27 +08:00
// Addrs returns all of the non-expired addresses for a given peer.
func (ab *dsAddrBook) Addrs(p peer.ID) []ma.Multiaddr {
pr, err := ab.loadRecord(p, true, true)
if err != nil {
2020-02-18 00:32:02 +08:00
log.Warn("failed to load peerstore entry for peer %v while querying addrs, err: %v", p, err)
return nil
defer pr.RUnlock()
2020-03-06 20:07:36 +08:00
addrs := make([]ma.Multiaddr, len(pr.Addrs))
for i, a := range pr.Addrs {
addrs[i] = a.Addr
return addrs
// Peers returns all of the peer IDs for which the AddrBook has addresses.
func (ab *dsAddrBook) PeersWithAddrs() peer.IDSlice {
ids, err := uniquePeerIds(ab.ds, addrBookBase, func(result query.Result) string {
return ds.RawKey(result.Key).Name()
if err != nil {
log.Errorf("error while retrieving peers with addresses: %v", err)
2018-06-14 07:27:14 +08:00
return ids
// AddrStream returns a channel on which all new addresses discovered for a
// given peer ID will be published.
func (ab *dsAddrBook) AddrStream(ctx context.Context, p peer.ID) <-chan ma.Multiaddr {
initial := ab.Addrs(p)
return ab.subsManager.AddrStream(ctx, p, initial)
// ClearAddrs will delete all known addresses for a peer ID.
func (ab *dsAddrBook) ClearAddrs(p peer.ID) {
if err := p.Validate(); err != nil {
// nothing to do
key := addrBookBase.ChildString(b32.RawStdEncoding.EncodeToString([]byte(p)))
if err := ab.ds.Delete(context.TODO(), key); err != nil {
log.Errorf("failed to clear addresses for peer %s: %v", p.Pretty(), err)
2018-09-01 01:35:23 +08:00
2020-03-06 20:07:36 +08:00
func (ab *dsAddrBook) setAddrs(p peer.ID, addrs []ma.Multiaddr, ttl time.Duration, mode ttlWriteMode, signed bool) (err error) {
if len(addrs) == 0 {
return nil
pr, err := ab.loadRecord(p, true, false)
if err != nil {
return fmt.Errorf("failed to load peerstore entry for peer %v while setting addrs, err: %v", p, err)
defer pr.Unlock()
2020-03-06 20:07:36 +08:00
// // if we have a signed PeerRecord, ignore attempts to add unsigned addrs
// if !signed && pr.CertifiedRecord != nil {
// return nil
// }
2020-03-06 20:07:36 +08:00
newExp := time.Now().Add(ttl).Unix()
addrsMap := make(map[string]*pb.AddrBookRecord_AddrEntry, len(pr.Addrs))
for _, addr := range pr.Addrs {
addrsMap[string(addr.Addr.Bytes())] = addr
updateExisting := func(incoming ma.Multiaddr) *pb.AddrBookRecord_AddrEntry {
existingEntry := addrsMap[string(incoming.Bytes())]
if existingEntry == nil {
return nil
switch mode {
case ttlOverride:
existingEntry.Ttl = int64(ttl)
existingEntry.Expiry = newExp
case ttlExtend:
if int64(ttl) > existingEntry.Ttl {
existingEntry.Ttl = int64(ttl)
if newExp > existingEntry.Expiry {
existingEntry.Expiry = newExp
panic("BUG: unimplemented ttl mode")
return existingEntry
2020-03-06 20:07:36 +08:00
var entries []*pb.AddrBookRecord_AddrEntry
for _, incoming := range addrs {
existingEntry := updateExisting(incoming)
2020-03-06 20:07:36 +08:00
if existingEntry == nil {
// if signed {
// entries = append(entries, existingEntry)
// }
// } else {
// new addr, add & broadcast
entry := &pb.AddrBookRecord_AddrEntry{
Addr: &pb.ProtoAddr{Multiaddr: incoming},
Ttl: int64(ttl),
Expiry: newExp,
entries = append(entries, entry)
// note: there's a minor chance that writing the record will fail, in which case we would've broadcast
// the addresses without persisting them. This is very unlikely and not much of an issue.
ab.subsManager.BroadcastAddr(p, incoming)
2020-03-06 20:07:36 +08:00
// if signed {
// // when adding signed addrs, we want to keep _only_ the incoming addrs
// pr.Addrs = entries
// } else {
pr.Addrs = append(pr.Addrs, entries...)
// }
pr.dirty = true
2019-02-06 22:40:51 +08:00
2019-02-06 00:52:27 +08:00
return pr.flush(ab.ds)
2020-03-06 20:07:36 +08:00
// deletes addresses in place, avoiding copies until we encounter the first deletion.
// does not preserve order, but entries are re-sorted before flushing to disk anyway.
func deleteInPlace(s []*pb.AddrBookRecord_AddrEntry, addrs []ma.Multiaddr) []*pb.AddrBookRecord_AddrEntry {
if s == nil || len(addrs) == 0 {
return s
survived := len(s)
for i, addr := range s {
for _, del := range addrs {
if !addr.Addr.Equal(del) {
// if there are no survivors, bail out
if survived == 0 {
break Outer
s[i] = s[survived]
// we've already dealt with s[i], move to the next
continue Outer
return s[:survived]
func (ab *dsAddrBook) deleteAddrs(p peer.ID, addrs []ma.Multiaddr) (err error) {
pr, err := ab.loadRecord(p, false, false)
if err != nil {
return fmt.Errorf("failed to load peerstore entry for peer %v while deleting addrs, err: %v", p, err)
2018-09-01 01:35:23 +08:00
defer pr.Unlock()
if pr.Addrs == nil {
return nil
2018-09-01 01:35:23 +08:00
2020-03-06 20:07:36 +08:00
pr.Addrs = deleteInPlace(pr.Addrs, addrs)
2018-09-01 01:35:23 +08:00
pr.dirty = true
2019-02-06 22:40:51 +08:00
2019-02-06 00:52:27 +08:00
return pr.flush(ab.ds)
2018-09-01 01:35:23 +08:00
func cleanAddrs(addrs []ma.Multiaddr) []ma.Multiaddr {
clean := make([]ma.Multiaddr, 0, len(addrs))
for _, addr := range addrs {
if addr == nil {
clean = append(clean, addr)
2018-09-01 01:35:23 +08:00
return clean
2018-09-01 01:35:23 +08:00