Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

API server TLS support #1555

Merged
merged 2 commits into from
Aug 14, 2024
Merged

API server TLS support #1555

merged 2 commits into from
Aug 14, 2024

Conversation

ch1bo
Copy link
Member

@ch1bo ch1bo commented Aug 9, 2024
edited
Loading

  • Adds --tls-cert and --tls-key command line options to provide a certificate (chain) and key to the hydra-node

  • API server switches to accepting TLS connections when --tls-cert AND --tls-key are configured

  • Updated docs and fixed some errors in the https://hydra.family/head-protocol/api-reference/ introduction.

This was requested by @Quantumplation for the hydra-doom demo, so will be backported to doom branch.

  • CHANGELOG updated
  • Documentation updated
  • Haddocks updated
  • No new TODOs introduced or explained herafter
    • TODO for the error handling if only cert or key is given could be improved

@ch1bo ch1bo requested review from a team and Quantumplation August 9, 2024 08:05
@ch1bo ch1bo force-pushed the api-server-tls-support branch 2 times, most recently from 2fbb0f4 to e92d2f8 Compare August 9, 2024 08:07
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 9, 2024
edited
Loading

Transaction costs

Sizes and execution budgets for Hydra protocol transactions. Note that unlisted parameters are currently using arbitrary values and results are not fully deterministic and comparable to previous runs.

Metadata
Generated at 2024-08-14 08:12:40.678191077 UTC
Max. memory units 14000000
Max. CPU units 10000000000
Max. tx size (kB) 16384

Script summary

Name Hash Size (Bytes)
νInitial 2fac819a1f4f14e29639d1414220d2a18b6abd6b8e444d88d0dda8ff 3799
νCommit 2043a9f1a685bcf491413a5f139ee42e335157c8c6bc8d9e4018669d 1743
νHead bd9fad235c871fb7f837c767593018a84be3083ff80f9dab5f1c55f9 10194
μHead c8038945816586c4d38926ee63bba67821eb863794220ebbd0bf79ee* 4607
  • The minting policy hash is only usable for comparison. As the script is parameterized, the actual script is unique per head.

Init transaction costs

Parties Tx size % max Mem % max CPU Min fee ₳
1 5186 5.93 2.35 0.44
2 5389 7.03 2.77 0.46
3 5588 8.37 3.30 0.49
5 5994 11.12 4.39 0.54
10 6998 18.02 7.12 0.66
56 16244 81.63 32.29 1.76

Commit transaction costs

This uses ada-only outputs for better comparability.

UTxO Tx size % max Mem % max CPU Min fee ₳
1 556 10.52 4.15 0.29
2 748 13.86 5.65 0.34
3 937 17.33 7.20 0.38
5 1313 24.65 10.44 0.48
10 2242 45.22 19.36 0.75
20 4101 95.99 40.76 1.40

CollectCom transaction costs

Parties UTxO (bytes) Tx size % max Mem % max CPU Min fee ₳
1 57 549 22.14 8.66 0.42
2 114 659 32.95 13.05 0.54
3 169 773 43.87 17.60 0.67
4 227 879 61.14 24.63 0.86
5 281 989 73.72 30.03 1.01
6 337 1100 93.13 38.08 1.23

Cost of Decrement Transaction

Parties Tx size % max Mem % max CPU Min fee ₳
1 631 17.96 7.89 0.38
2 820 20.22 9.48 0.42
3 848 19.13 9.75 0.41
5 1315 25.12 13.50 0.51
10 2086 34.48 20.85 0.67
48 7721 94.82 71.96 1.77

Close transaction costs

Parties Tx size % max Mem % max CPU Min fee ₳
1 644 20.98 9.40 0.42
2 826 22.86 11.13 0.45
3 936 23.96 12.24 0.47
5 1194 26.86 15.03 0.53
10 2051 35.76 23.36 0.70
50 7900 98.92 83.33 1.90

Contest transaction costs

Parties Tx size % max Mem % max CPU Min fee ₳
1 696 27.14 11.67 0.48
2 807 28.94 13.18 0.51
3 953 30.74 14.71 0.55
5 1311 35.10 18.41 0.62
10 1964 43.63 25.83 0.78
40 6431 99.91 74.23 1.78

Abort transaction costs

There is some variation due to the random mixture of initial and already committed outputs.

Parties Tx size % max Mem % max CPU Min fee ₳
1 5080 17.43 7.59 0.57
2 5176 28.46 12.47 0.70
3 5364 42.87 18.97 0.87
4 5471 57.74 25.62 1.04
5 5670 73.90 32.86 1.23
6 5735 92.48 41.09 1.45

FanOut transaction costs

Involves spending head output and burning head tokens. Uses ada-only UTxO for better comparability.

Parties UTxO UTxO (bytes) Tx size % max Mem % max CPU Min fee ₳
5 0 0 5022 7.95 3.36 0.46
5 1 56 5055 9.08 4.08 0.48
5 5 284 5192 13.01 6.67 0.53
5 10 570 5362 19.26 10.48 0.62
5 20 1140 5703 30.58 17.60 0.78
5 30 1709 6044 41.70 24.63 0.93
5 40 2275 6379 53.03 31.76 1.09
5 50 2846 6721 64.56 38.97 1.25
5 81 4611 7772 99.53 61.01 1.74

End-to-end benchmark results

This page is intended to collect the latest end-to-end benchmark results produced by Hydra's continuous integration (CI) system from the latest master code.

Please note that these results are approximate as they are currently produced from limited cloud VMs and not controlled hardware. Rather than focusing on the absolute results, the emphasis should be on relative results, such as how the timings for a scenario evolve as the code changes.

Generated at 2024-08-14 08:15:36.352962756 UTC

Baseline Scenario

Number of nodes 1
Number of txs 3000
Avg. Confirmation Time (ms) 4.888381247
P99 8.939781999999985ms
P95 6.735072549999997ms
P50 4.6460695ms
Number of Invalid txs 0

Three local nodes

Number of nodes 3
Number of txs 9000
Avg. Confirmation Time (ms) 22.880042749
P99 106.62544674000019ms
P95 31.110194999999997ms
P50 20.5485435ms
Number of Invalid txs 0

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 9, 2024
edited
Loading

Test Results

468 tests  +1   461 ✅ +1   17m 49s ⏱️ -13s
149 suites +1     7 💤 ±0 
  5 files   ±0     0 ❌ ±0 

Results for commit a083224. ± Comparison against base commit 30148ce.

♻️ This comment has been updated with latest results.

v0d1ch
v0d1ch previously requested changes Aug 9, 2024
View reviewed changes
Copy link
Contributor

@v0d1ch v0d1ch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Option parsing should use correct wording tls-cert vs. tls-chain

hydra-node/src/Hydra/Options.hs Outdated Show resolved Hide resolved
@ch1bo ch1bo force-pushed the api-server-tls-support branch from 7d01ffe to a22f9ec Compare August 13, 2024 06:32
@ch1bo ch1bo requested review from v0d1ch and a team August 13, 2024 10:36
ch1bo and others added 2 commits August 14, 2024 09:06
@ch1bo @locallycompact
Switch API server to TLS if --tls-chain and --tls-key given
8cafc9c 
Tested with a wss-capable client and a self-signed cert, but with voided
checks on the certificate.

Also updates changelog and documentation accordingly.
@ch1bo @v0d1ch @locallycompact
Fix typo in --tls-cert command line option
a083224 
Co-authored-by: Sasha Bogicevic <Sasha.Bogicevic@iohk.io>
@locallycompact locallycompact force-pushed the api-server-tls-support branch from a22f9ec to a083224 Compare August 14, 2024 08:06
@locallycompact locallycompact enabled auto-merge (squash) August 14, 2024 08:07
@locallycompact locallycompact merged commit fe2c625 into master Aug 14, 2024
21 checks passed
@locallycompact locallycompact deleted the api-server-tls-support branch August 14, 2024 09:51
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@locallycompact locallycompact locallycompact approved these changes

@Quantumplation Quantumplation Awaiting requested review from Quantumplation

@v0d1ch v0d1ch Awaiting requested review from v0d1ch

Assignees
No one assigned
Labels
None yet
Projects
☕ Hydra Team Work
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ch1bo @locallycompact @v0d1ch