Commit 6a3792e
fix: v25 — handshake ack units-mismatch + parallel verify + sync coordination
Critical (forensic h=1261 deadlock): receiver-side ProducerReady ack check
compared absolute HIGHEST_CERTIFIED_ROUND[mb_idx] against relative `round`
from the message. Bug masked while baseline_round[mb_idx] == 0; after first
non-zero rotation closed a block in the macroblock, baseline became > 0 and
every subsequent ProducerReady was rejected by every receiver.
Observed at mb=14 → h=1261: HIGHEST=3 (abs), baseline=2, producer relative=1,
receiver compared 3 != 1 → acks=1/4 forever, 213+ rotation cycles, chain stuck
2.5 h. Fix: receiver applies the same get_baseline_round(mb_idx) subtraction
the producer uses, then strict equality between relative rounds. v16.2 safety
invariant preserved; no wire change.
Additional v25 hardening:
* H8 parallel Dilithium3 verify worker pool in block_pipeline
* H8b spawn_blocking offload for consensus/timeout/heartbeat handlers
* H9/H16 validator liveness tracker; opt-in ejection via QNET_LIVENESS_EJECTION
* H10 sync_blocks coordination gate (per-range cooldown + concurrency bound)
* H12 per-chunk forward-once dedup (cascade depth bound, no wire change)
* H14 sig_pre_verified flag skips redundant verify after worker pre-verify
* H1+H11 joint IP+node_id rate-limit key (anti NAT cross-throttle)
* H3 multi-gap sync queue (DashMap, lock-free)
* H4 SHRED_CHUNK_CACHE_SIZE 100 → 5000
* H5 per-block Fisher-Yates routing tree shuffle (deterministic)
* H6 decoupled chunk #0 cert from parity reconstruction
* R1 removed adaptive producer throttle (1.107 s → 1.000 s slot)
cargo build --release: clean, 0 warnings, 17m 44s.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent a8d2339 commit 6a3792e
3 files changed
Lines changed: 1356 additions & 194 deletions
0 commit comments