(Discussion): canonical api draft

[walldiss]

New gRPC API Design Document and Proto Definitions

This PR introduces a comprehensive design document (readme.md) and proto definitions for the new gRPC-based API for Celestia Node. The design focuses on improving security, simplicity, and developer experience while enabling smooth migration from the current JSON-RPC implementation.

Key Features:

• Unified status codes and error handling across all services
• Enhanced data availability verification
• Support for both row root (V0) and data root (V1) verification approaches
• Simplified blob submission and management
• Clear separation between different service domains (blobs, shares, proofs)

Looking for feedback on:

• Overall API structure and design decisions
• Security considerations
• Migration approach (V0/V1)
• Error handling strategy
• Any missing functionality

TODO:
[ ] Header service
[ ] http annotation for http gateway support

Note: The proto definitions and design doc should be reviewed together as they complement each other.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 45.46%. Comparing base (2469e7a) to head (aa44ce7).
Report is 414 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4041      +/-   ##
==========================================
+ Coverage   44.83%   45.46%   +0.62%     
==========================================
  Files         265      309      +44     
  Lines       14620    22173    +7553     
==========================================
+ Hits         6555    10080    +3525     
- Misses       7313    11016    +3703     
- Partials      752     1077     +325     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[liamsi]

I do think we should have the possibility for a dev to know if an error stems from node or e.g. somewhere from app or the cosmos sdk. Maybe that is already possible with the list somehow (e.g. not by the code but via the error string or sth?).

[liamsi]

Could this slow anything down from an app perspective?

ah, nvm. It's optional for cases where this could matter.

[liamsi]

Will the caller be able to differentiate between e.g. sampling timing out, and other cases?

[liamsi]

Both responses below return V0 though?

[liamsi]

Ah, in the protos I see there is also GetRangeResponseV1 etc. Maybe mention that we only list v0 here to keep the readme concise.

[vgonkivs]

I'd make them optional too.

[cmwaters]

Aren't all options optional?

[vgonkivs]

I don't think we need this field. The initial idea was to divide an inclusion proof and the commitment proof(blob proof). The difference between them the blob proof additionally contains subtree roots to build the commitment(link. After discussions with @walldiss we agreed that it makes sense to always return the full(blob) proof.

[vgonkivs]

Let's clarify this: from_height should not be used to get the historical data(we have get methods for these purposes). Subscriptions should be used for the recent data only.

[vgonkivs]

Let's include the tx hash here. iirc, some teams are using SubmitPFB in the state module only bc it additionally provides a tx hash.

[vgonkivs]

What about submitting data under multiple namespaces?

I'd suggest to add one more method:

message SubmitBlobsRequest {
  repeated Blobs blobs = 1; // blobs from different namespaces can be set
 SubmitOptions options = 2;
}

[vgonkivs]

Such a method could be useful in case we support async blob submission. but iirc, it's not feasible rn as error handling in this case might be tricky.

[vgonkivs]

Let's define BlobProof(reference here)

[vgonkivs]

what if the submitted blob is v1,v2...? Maybe it's better to have a generic BlobResponse and extend the blob's message with additional optional fields?

[vgonkivs]

I've got your point the Blob is part of the namespace, and by submitting/getting the blob, the user already has it but I'd anyway make it part of the message for consistency.

[vgonkivs]

As we discussed with @walldiss, he does not want to import data structures from different repos. So, let's copy past it from the tendermint

[ramin]

i hope my comments are welcome. I've added some inline thoughts both from perspective as a keen observer and API user, high level it feels like this first pass is a literal "proto-fication" of the existing APIs vs a clean re-design considering dev ergonomics.

As a user:

• i'd appreciate some aggressive design iterations on naming, there's lots of name stuttering inside files, services, messages
• i think we could consider modularizing more, adding more files (ie: blob/v1 etc) so you could compose / import / use these protos as a developer building against node piecemeal, will then make gradual expansion easier
• some of the proto's defined as *_service.proto should (i think) be just <name>.proto, they can then for example, define a Service, thus reading cleaner, like shares.Service, vs share_service.ShareService. Then, various types could be included there, and even nested in sub folder protos
• i think another sweep or two of usability considerations should be made, that support end user/developer usage (ie: namespace being a messagehelpers etc) being supported in the proto messages to be more complex types, we could also consider protoc-gen-validate to define length and validation of these types etc in the canonical API, vs "needing to know" to submit a good request

that's all for now, thank you 😸

[ramin]

i think it'd be really clean to have a single rpc in the service here

blobs.Subscribe(SubscriptionRequest)

That that would have make any config that differentiates all from a particular namespace or commitment like a filter, ie in plain english "i am subscribing to everything UNLESS i specify some options/filters in my subscription request configuration"

[ramin]

again, cleaner naming here would be to NOT repeat BEFP everywhere, its already in the name of the service,

eg:

BadEncodingFraudProofService.Subscribe() doesn't need the stutter of BEFP again if the service's concern is befp already

[ramin]

proofs.Type imo

[ramin]

DATA_INCLUSION

[ramin]

stylistic: I think i disagree with a types.proto, the types should maybe be defined where the reset of their usage is (mostly)

[vgonkivs]

I think it makes sense to move definitions to the places where they are used.

[cmwaters]

Agree with this (and this is how I see it done in other repos)

[ramin]

i don't love the developer ergonomics V0 and V1 at the end of the messages, could we consider modularizing more,

api/v1/blobs/v0/proofs.proto
api/v1/blobs/v1/proofs.proto

Then be deliberate about which gets imported and referenced wherever? ie: I think we could them simplify the Request to take one of either version and validate and respond properly in the service, would make the interface nice and clean

[ramin]

i've been thinking, it might be nice to make namespace a distinct type, where the API could then support some nicer features, like submitting in raw text, decode/encode, etc etc. At present, it feels very literal and as designed by someone who knows the internals, vs a developer using the API

[cmwaters]

Great work. Just tried to do a first pass of everything.

A more general topic regarding the proof API. What do you think about prioritising the data root based proving system first before releasing this API?

[cmwaters]

Aren't all options optional?

[cmwaters]

Agree with this (and this is how I see it done in other repos)

[cmwaters]

Is this used anywhere?

[cmwaters]

I would prefer separate v0 and v1 proof services (especially if we plan on deprecating v0 in the future)

[cmwaters]

Semantic nit: I know the usage of Commitment is widespread already but I find it both vague and misleading (to commit over data is to sign over it). To make it more understandable to the users I would separate them into the two data structs they are proving inclusion over:

1. BlobInclusionProofs
2. ShareInclusionProofs (I think the way you have this, this can also be a range)

[cmwaters]

Is this only returned by the SharesAvailable method?

[cmwaters]

What would cause this error? (i.e. more specifically)

[cmwaters]

Are all timeouts handed by gRPC itself i.e. contexts in the case of go. Do they need to be included here?

[cmwaters]

We have subscription options for both blob and fraud servies, why not share services?

I can imagine most base rollups (or rollup full nodes in general) will subscribe to all data in one or more namespaces.

[cmwaters]

Will you also be able to reference a share based on an index (rather than rol and col). Some of the responses return the starting index of a blob.