Allows using aliases within the config file

[sr-gi]

The goal of this PR is to allow aliases to be used throughout the config file to identify nodes, so the file is more human-readable. This involves:

• Allow aliases to be defined as node identifiers
• Allow aliases to be used as source of activities
• Allow aliases to be used as destination of activities as long as we control those nodes*
• Include both aliases and short versions of public keys when logging activities

* We cannot use aliases as destination for nodes we don't control, given we have no way of mapping the aliases to the nodes' public keys. Notice aliases here do not have to match node aliases, they are just user-defined identifiers, and even if they did, node aliases don't have to be unique.

[sr-gi]

@carlaKC @okjodom I've added the changes to allow aliases to be used as ids in the config file (check 8b65670 for the code and rationale).

Looking for an Approach ACK/ tACK of this before moving along with the logging, given the data passed to the simulator to be able to handle logging both PKs and aliases is dependant on how we approach this.

[okjodom]

Why do we assert that pubkey used as ID must match the node pubkey, but for the alias, we prefer the user provided value, ignoring the actual node alias

[sr-gi]

I had a conversation w/ @carlaKC regarding this. We argued that the "alias" provided by the user can be anything, and does not really have to match the node alias, but in case it is not defined, we can default to that (tho a warning would be good to have).

I'm happy to go any alternative route

[carlaKC]

I do like it like this, reasoning being:

• Public key is very easily verifiable and unique - if you set this value, you've intentionally fetched it and it should be correct.
• Alias is inherently less strictly defined (it's not guaranteed to be unique in our network), so we can take advantage of this looser mapping to have an easier UX (ie, just call it Alice or cln1). When I test things, I often name nodes in my head without setting an alias.

tho a warning would be good to have

• this clears up any ambiguity for the users IMO (if they did want it to match).

Also think that this the type of decision where we just do something and then see how it goes in user testing since there's no clear technical "right way".

[sr-gi]

I've rebased ce036fa and added the warning

[okjodom]

just realized these should be SimulationError::ValidationError

[sr-gi]

Agreed, tho that does not exist, we may want to move it.

[okjodom]

maybe we could just return a SimulationError. No need to panic :)

[okjodom]

We can message this as "NodeId is not a PublicKey. Please prefer to use actual node pubkey for the node aliased as {}".

Any dependent on sim-lib who passes in activity definition with aliases knows what to change, instead of reporting (?)

[sr-gi]

Ups, I forgot to change that to an error.

Regarding encouraging one or the other, I don't think we should. I'm happy with getting rid of the reporting stuff if we think of this as something that can be used by a third party, but we actually don't care whether they use one variant or the other, we cast everything to PK internally

[sr-gi]

Fixed

[okjodom]

okay but can we avoid the assumption of having called validate_activity before this point?
Same sentiment for the other get_pk.unwrap() points

[sr-gi]

Can we? Sure, but I don't think we should. validate_activity is our sanity checker, we could modify all these calls to account for an alias being here, but that's exactly what is not supposed to happen. If any NodeId contains an alias at this point, it means the code is wrong (hence why there was a "report message").

I could patch the code so it does not unwrap and it fails more "elegantly", but all in all we want it to fail if that happens

[sr-gi]

Alternatively, we could have two different classes to account for node definition and activity definition, one that interfaces with the config file, and where we allow aliases and pks (data is parsed as NodeId), and an internal one that gets constructed from the former, and only accepts pks. In that way, we can be sure at compile time that everything is identified by pk internally.

[carlaKC]

where we allow aliases and pks (data is parsed as NodeId), and an internal one that gets constructed from the former, and only accepts pks.

I think that this has nice layering separation - the simulation library only really cares about public keys, and allowing user-friendly parsing of pubkey/alias is a CLI responsibility/feature.

[sr-gi]

I've split this into two sets of data structures in 75795ca. The Parsers that interact directly with the config file and allow NodeIds to be loaded, and the regular ones which roll back to use PublicKeys and can be built from the former.

This commit can be squashed with the previous one. Also, I'm happy to replace Parser with any other better term we can come up with (Loader, Reader, ...)

[okjodom]

cACK on e2d5fb3 allowing aliases as source or destination.

we internally identify activities using PK, so we do an additional mapping
step once the data is loaded to go from NodeId{PK, Alias} to NodeId(PK), hence, once data
is passed to the simulator it is always identified by NodeId(PK)

Sounds to me like a specific feature offering of sim-cli, or any other UI we build on top of sim-lib

after Simulation::validate_activity it is safe to call NodeId::get_pk::unwrap(),
given no NodeId::Alias should have passed validation.

I have strong reactions against this. Had suggestions to better communicate the error case and avoid the panic, but that doesn't seem sufficient.

[carlaKC]

Concept ACK, with a slight preference to shift some handling to the cli as mentioned here.

[carlaKC]

nit: full stop / lower case for errors?

[carlaKC]

I do like it like this, reasoning being:

• Public key is very easily verifiable and unique - if you set this value, you've intentionally fetched it and it should be correct.
• Alias is inherently less strictly defined (it's not guaranteed to be unique in our network), so we can take advantage of this looser mapping to have an easier UX (ie, just call it Alice or cln1). When I test things, I often name nodes in my head without setting an alias.

tho a warning would be good to have

• this clears up any ambiguity for the users IMO (if they did want it to match).

Also think that this the type of decision where we just do something and then see how it goes in user testing since there's no clear technical "right way".

[carlaKC]

where we allow aliases and pks (data is parsed as NodeId), and an internal one that gets constructed from the former, and only accepts pks.

I think that this has nice layering separation - the simulation library only really cares about public keys, and allowing user-friendly parsing of pubkey/alias is a CLI responsibility/feature.

[carlaKC]

And sorry or the rebase conflicts :')

[carlaKC]

Just done a high level read through of the new approach, cACK!

[sr-gi]

I've added the last bit here. Notice how the last commit is pretty opinionated. I'm happy to re-visit the approach or even changing it as long as it does not end up being super messy (which has been my experience when trying to go for some of the alternatives).

[sr-gi]

Addressed the latest comments from @carlaKC plus the pending ones from the last review.

The issue with the repeated source/destination in an activity should be fixed now

[okjodom]

change read through, lgtm

[sr-gi]

Only major comment is allowing multiple activity descriptions for the same source (last commit). Really happy with the way everything else turned out.

Tested with the following config to sanity check that we do actually fail with repeated sources:

{
    "nodes": [
        {
            "LND": {
                "id": "alice",
                "address": "https://localhost:10011",
                "macaroon": "~/alice/admin.macaroon",
                "cert": "~/alice/tls.cert"
            }
        },
		{
            "LND": {
                "id": "dave",
                "address": "https://localhost:10014",
                "macaroon": "~/dave/admin.macaroon",
                "cert": "~/dave/tls.cert"
            }
        }
],
	"activity": [
		{
			"source": "alice",
			"destination": "03fd1854561cfd7e3b58714f4f8c597bba29428100352b207c0d2baef832bdf390",
			"interval_secs": 2,
			"amount_msat": 100
		},
		{
			"source": "alice",
			"destination": "0374f63bfb1a0e9607b05ac6a7fb5393216e6ffcdf80700ec6da7131815249881c",
			"interval_secs": 5,
			"amount_msat": 1000
		},
		{
			"source": "dave",
			"destination": "alice",
			"interval_secs": 2,
			"amount_msat": 100
		}

	]
}

-> Error: Config validation failed: unknown activity source: alice.

tested with a similar setup to this one, can confirm it does not crash anymore

[sr-gi]

FYI #120 needs to go in before this, given otherwise we cannot rebase main without setting the network field for nodes we don't control to something meaningful.

[carlaKC]

tACK f17662d pending rebase on #120.

Tested out various scenarios and everything is looking great. When I test this PR the easy config makes me so happy 🎆

• Duplicate alias: Error: Config validation failed: duplicated node: alice.
• Alias mismatch warning: WARN [sim_lib] The provided alias does not match the one returned by the backend (cln != BLUESQUIRREL-v23.05-175-g910630c)
• Bad pubkey: Error: Config validation failed: the provided node id does not match the one returned by the backend (0255b34764dbe7a9d5ad4e1fd7fb069bb7992128cd55467e4db50796b318a9bc9e != 037359ab1279636979218125289e5abf832c1809cb80bbb33d8982e95e597d8127).
• Unknown destination alias: Error: Config validation failed: unknown activity destination: loser

Also tested out positive paths of:

• Alias/Pubkey -> Alias/Pubkey.
• Multiple activities for a single source.

[sr-gi]

Sorry, rebasing this took me longer than I wanted to. I was trying to move the validated_activities creation inside the Simulator so the validation happens internally but it has proven to be a pretty nasty change that involves passing along multiple maps and making validate_activity pretty messy.

I think keeping the Simulator interface simple is one of the design goals, and the way we personally parse information from our config in the CLI should not interfere with it, so I decided not to go for the change, at least for now.

I've squeezed a fix for #126 in 5c5497d since being able to check that depended on having NodeInfo around.

[carlaKC]

Only comment is on the final commit adding validation.

Would be happy to drop that off of this and open it in a separate PR so that we can hit the button on this one.

[carlaKC]

I would have thought we want to do this validation much higher up?

Like nodes that don't have enough capacity, if a node doesn't support keysend when we start running it never will so we should just exclude it from the start (and log a warning so the user knows why).

If we do this validation here, we could also theoretically end up effectively running with one node (in the case of two nodes and one doesn't have keysend) and then just run without ever sending a payment.

[sr-gi]

We can run this much higher up, as long as we are ok with compromising with --accept-keysend being enabled for both source and destination nodes. Otherwise, we cannot know if keysend receiving is really going to be necessary until a node is picked as a payment destination, and that happens on the fly.

[carlaKC]

compromising with --accept-keysend being enabled for both source and destination nodes.

In the case of random activity I think that's okay because every sending node can reasonably be expected to also receive?

[sr-gi]

Fair enough. 279ad56 should have fixed that

[carlaKC]

🐑 it !

[sr-gi]

Let's go 👶 !