authority-discovery: Populate DHT records with public listen addresses

[lexnv]

This PR's main goal is to add public listen addresses to the DHT authorities records. This change improves the discoverability of validators that did not provide the --public-addresses flag.

This PR populates the authority DHT records with public listen addresses if any.

The change effectively ensures that addresses are added to the DHT record in following order:

1. Public addresses provided by CLI --public-addresses
2. Maximum of 4 public (global) listen addresses (if any)
3. Any external addresses discovered from the network (ie from /identify protocol)

While at it, this PR adds the following constraints on the number of addresses:

• Total number of addresses cached is bounded at 16 (increased from 10).
• A maximum number of 32 addresses are published to DHT records (previously unbounded).
• A maximum of 4 global listen addresses are utilized.

This PR also removes the following warning:
WARNING: No public address specified, validator node may not be reachable.

Next Steps

• deploy and monitor in versi network

Closes: #6280
Part of: #5266

cc @paritytech/networking

[dmitry-markin]

Honestly, I would keep this warning, because there is no guarantee we will have a global listen address nor that the external address will be discovered correctly (with libp2p address translation). Especially since there is a practice of "hiding" validators behind firewalls / NATs.

[lexnv]

Versi Network Triage Report

Repo	Count	Level	Triage report
polkadot-sdk	10000	error	🥩 for session starting at block .* no BEEFY authority key found in store
polkadot-sdk	144	warn	Report .: . to .. Reason: .. Banned, disconnecting. ( Invalid justification. Banned, disconnecting.)
polkadot-sdk	50	error	Warp sync failed. Continuing with full sync.
polkadot-sdk	50	error	Can't use warp sync mode with a partially synced database. Reverting to full sync mode.
polkadot-sdk	18	warn	Report .: . to .. Reason: .. Banned, disconnecting. ( Peer disconnected with inflight after backoffs. Banned, disconnecting.)
polkadot-sdk	4	error	💔 Called on_validated_block_announce with a bad peer ID .*
polkadot-sdk	3	error	Call to DetermineUndisputedChain failed
polkadot-sdk	3	warn	Received msg before first active leaves update. This is not expected - message will be dropped.
polkadot-sdk	3	warn	Re-finalized block #.* (.) in the canonical chain, current best finalized is #.

• 🥩 for session starting at block .* no BEEFY authority key found in store versi is misconfigured after a scale up and down some time ago
• Warp sync failed and Can't use warp sync mode with a partially synced database. - believe these are related to deploying a new version and having old databases available

[lexnv]

I have moved the warning to the authority-discovery mechanism instead of removing it.

This has the following implications:

• warning is printed only once, with the first authority record publish to DHT if any
• libp2p: Local listen addresses are propagated via swarm events, and therefore the libp2p object needs to be polled a few times. On my local machine, the libp2p backend produces listen addresses before authority-discovery is started.
• litep2p: Liten addresses are available immediately via API calls

[dmitry-markin]

• warning is printed only once, with the first authority record publish to DHT if any

Is it printed soon enough for a node operator to notice?

[lexnv]

From my testing it should be printed roughly within 10 seconds:

2024-11-01 15:17:15.675  INFO main sc_cli::runner: Parity Polkadot
...
2024-11-01 15:17:26.671  WARN tokio-runtime-worker sub-authority-discovery: No public addresses configured and no global...

I used cumulus/zombienet/tests/0003-full_node_catching_up.toml to double check this:

• alice and bob relay chain validators: they print the warning one single time
• charlie parachain collator: no warning
• dave and eve parachain full node: no warning
• ferdie: cumulus node with embedded light client: no warning

[kianenigma]

Who would be a good second reviewer of this code? I would love to get it approved, but it is too far from my domain to review in a meaningful way.

[dmitry-markin]

I would ask @alexggh

[lexnv]

Alex and Sebastian are on holiday for quite some time

Would love if maybe @alindima and @bkchr could have a look since I'm not that familiar with collators 🙏

[paritytech-cmd-bot-polkadot-sdk]

Created backport PR for stable2407:

• [stable2407] Backport #6298 #6363 with remaining conflicts!

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin backport-6298-to-stable2407
git worktree add --checkout .worktree/backport-6298-to-stable2407 backport-6298-to-stable2407
cd .worktree/backport-6298-to-stable2407
git reset --hard HEAD^
git cherry-pick -x 762f824cb3adf23c72a6645f575057bfb543850b
git push --force-with-lease

[paritytech-cmd-bot-polkadot-sdk]

Successfully created backport PR for stable2409:

• [stable2409] Backport #6298 #6364

[michalkucharczyk]

This line for sure breaks this test:

polkadot-sdk/substrate/zombienet/0002-validators-warp-sync/test-validators-warp-sync.zndsl

Line 38 in 52a7325

alice: count of log lines containing "error" is 0 within 10 seconds

Does it need to be error? If so, I can adjust the condition in test to be 1.

[lexnv]

I can change it back to warning for now, sorry missed that 🙏

[lexnv]

The error is coming from the validator setup:

2024-11-05 20:07:15.454	
2024-11-05 18:07:15.454 ERROR tokio-runtime-worker sub-authority-discovery: No public addresses configured and no global listen addresses found. Authority DHT record may contain unreachable addresses. Consider setting `--public-addr` to the public IP address of this node. This will become a hard requirement in future versions for authorities.    

Will adjust the testing instead to accommodate this 🙏