Skip to content

fix(replication): strengthen audit cadence and penalties#103

Open
mickvandijke wants to merge 3 commits into
WithAutonomi:mainfrom
mickvandijke:fix/replication-audit-cadence-penalty
Open

fix(replication): strengthen audit cadence and penalties#103
mickvandijke wants to merge 3 commits into
WithAutonomi:mainfrom
mickvandijke:fix/replication-audit-cadence-penalty

Conversation

@mickvandijke
Copy link
Copy Markdown
Collaborator

@mickvandijke mickvandijke commented May 19, 2026

Summary:

  • Run replication storage audits every 10-20 minutes instead of 30-60 minutes.
  • Raise confirmed audit failure trust penalty weight from 2.0 to 5.0.
  • Document the audit penalty weight in the replication reference profile.

Semver: patch

Tests:

  • cargo test replication::config --lib

Copilot AI review requested due to automatic review settings May 19, 2026 14:16
Copilot AI reviewed May 19, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR tightens replication storage audit behavior by increasing audit frequency and strengthening the trust penalty applied to confirmed audit failures, while updating the replication design reference profile accordingly.

Changes:

  • Reduce audit scheduler jitter window from 30–60 minutes to 10–20 minutes in the replication reference config.
  • Increase AUDIT_FAILURE_TRUST_WEIGHT from 2.0 to 5.0 and add/adjust unit tests to reflect the new reference profile.
  • Document the audit failure trust penalty weight in REPLICATION_DESIGN.md.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
src/replication/config.rs Updates audit tick interval bounds and the confirmed audit failure trust penalty weight; adjusts/adds tests for the new reference values.
docs/REPLICATION_DESIGN.md Updates the reference profile table to reflect the new audit cadence and documents AUDIT_FAILURE_TRUST_WEIGHT.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/replication/config.rs Outdated
@mickvandijke mickvandijke force-pushed the fix/replication-audit-cadence-penalty branch from a6312aa to 19905fb Compare May 19, 2026 14:47
@mickvandijke
fix(replication): strengthen audit cadence and penalties
909e87f 
Semver: patch

Run closest-node audits more frequently and use the max consumer trust penalty for confirmed audit failures.

Tests: cargo test replication::config --lib
Copilot AI review requested due to automatic review settings May 19, 2026 15:21
@mickvandijke mickvandijke force-pushed the fix/replication-audit-cadence-penalty branch from 19905fb to 909e87f Compare May 19, 2026 15:21
Copilot AI reviewed May 19, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

Comment thread src/replication/config.rs Outdated
@dirvine
Copy link
Copy Markdown
Collaborator

dirvine commented May 19, 2026

Review: fix(replication): strengthen audit cadence and penalties

Overall Verdict

Changes are sensible and well-scoped — tighter audit cadence and stronger penalties should improve data integrity. A few notes below.

Analysis

1. Audit frequency 30-60min → 10-20min (3-6x increase)
Safe given the audit workload scales as floor(sqrt(local_key_count)). For a node with 10K keys, that is ~100 keys per round. At worst cadence (10min) that is 1 key checked every 6 seconds — negligible overhead.

2. AUDIT_FAILURE_TRUST_WEIGHT 2.0 → 5.0 (2.5x increase)
This is the most impactful change. The weight amplifies the trust penalty per confirmed failure. Worth verifying that the eviction/penalty threshold is proportionally tuned — otherwise a small number of transient network failures could trigger premature distrust. Recommend documenting the threshold relationship.

3. New test: audit_failure_weight_matches_max_consumer_trust_event_weight
The f64 bit-pattern comparison via to_bits() is fragile — it passes only for the exact binary representation of 5.0. While 5.0 is exactly representable in binary64, this pattern is brittle to future constant changes. Consider using a semantic comparison or the float-cmp/approx crate pattern if similar tests exist in the codebase. Not a blocker.

4. Test scenario_31_audit_cadence_within_jitter_bounds
Adequately validates jitter produces varying intervals. With 100 samples across a 10-minute range there is effectively zero chance of all being identical. Good.

5. macOS CI: Test (macos-latest) FAILURE
Root cause is Install Foundry step failure (infrastructure/network issue on the macOS runner) — not a code failure. Unit tests were skipped as a result. Not a PR concern.

Summary

Aspect Status
Code correctness
Test coverage ✅ (minor nit on f64 comparison pattern)
Docs updated
Build (all platforms)
Format/Lint
Security audit
CI (macOS) ⚠️ Infrastructure failure only (not code)

The PR is clean and well-targeted. Nice work @mickvandijke.

dirvine
dirvine approved these changes May 19, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@dirvine dirvine left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed via Hermes. Code is clean, well-scoped, all builds/lint/security pass. Test coverage adequate. Changes are sound.

@mickvandijke
fix(replication): adjust audit response timeout configuration
a7c65bb 
Update base audit response timeout to 10s and increase per-chunk allowance to 20ms per challenged key. Modify documentation to reflect these changes.

Semver: patch
Copilot AI review requested due to automatic review settings May 19, 2026 18:05
Copilot AI reviewed May 19, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

Comment thread src/replication/config.rs
Comment on lines 107 to +110
/// Base audit response deadline (independent of challenge size).
const AUDIT_RESPONSE_BASE_SECS: u64 = 6;
const AUDIT_RESPONSE_BASE_SECS: u64 = 10;
/// Per-chunk allowance added to the base audit response deadline.
const AUDIT_RESPONSE_PER_CHUNK_MS: u64 = 10;
const AUDIT_RESPONSE_PER_CHUNK_MS: u64 = 20;
Comment thread src/replication/config.rs
Comment on lines 107 to +110
/// Base audit response deadline (independent of challenge size).
const AUDIT_RESPONSE_BASE_SECS: u64 = 6;
const AUDIT_RESPONSE_BASE_SECS: u64 = 10;
/// Per-chunk allowance added to the base audit response deadline.
const AUDIT_RESPONSE_PER_CHUNK_MS: u64 = 10;
const AUDIT_RESPONSE_PER_CHUNK_MS: u64 = 20;
Comment thread src/replication/config.rs

#[test]
fn audit_failure_weight_is_five() {
assert_eq!(AUDIT_FAILURE_TRUST_WEIGHT.to_bits(), 5.0_f64.to_bits());
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dirvine dirvine dirvine approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mickvandijke @dirvine