Skip to content

chore(replication): log audit challenge responses#157

Merged
jacderida merged 1 commit into
mainfrom
hermes/audit-challenge-logging
Jun 22, 2026
Merged

chore(replication): log audit challenge responses#157
jacderida merged 1 commit into
mainfrom
hermes/audit-challenge-logging

Conversation

@dirvine

@dirvine dirvine commented Jun 22, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Log each incoming responsible audit challenge at INFO level with a stable Audit challenge received phrase.
  • Log whether the corresponding audit reply was accepted by the existing response send path, using Audit challenge reply sent / Audit challenge reply not sent phrases.
  • Keep fields bounded and count-friendly: challenge kind, key count, bootstrapping state, response kind, and request-response path flag. No peer IDs or raw transport errors are added.

Why

PROD logs currently show audit outcomes from the auditor side, but the responder path is silent on successful incoming audit challenges and replies. These two stable log lines let ES answer hourly averages for:

  • incoming audit challenges received
  • audit challenge replies sent

without changing protocol behaviour.

Review team

  • Multi-model review: initial review flagged that the direct use of send_replication_response_checked needed context and suggested lowering cardinality/clarifying field names.
  • Applied follow-up: removed stored_chunks from the log message, renamed rr to request_response, and made failed sends WARN while successful sends remain INFO.
  • Final multi-model review: Go. No blockers; noted the change is behaviour-identical because the old wrapper already called send_replication_response_checked and discarded its boolean.

Verification

  • cargo fmt --all
  • cargo check
  • cargo test replication::audit::tests --lib — 32 passed
  • git diff --check
  • cargo clippy --all-features -- -D clippy::panic -D clippy::unwrap_used -D clippy::expect_used

Copilot AI review requested due to automatic review settings June 22, 2026 16:30
Copilot AI reviewed Jun 22, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds responder-side logging for incoming replication audit challenges and whether the corresponding audit reply was successfully accepted by the existing send path, enabling production log-based counts of audit traffic/outcomes without changing protocol behavior.

Changes:

  • Log each received audit challenge at INFO with a stable “Audit challenge received” phrase and bounded fields (key count, bootstrapping, request-response flag).
  • Send audit responses via the checked send helper to capture a success boolean and log “Audit challenge reply sent” (INFO) vs “Audit challenge reply not sent” (WARN).
  • Add a small helper to log a stable response kind label derived from protocol::AuditResponse.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@jacderida jacderida merged commit 0b89867 into main Jun 22, 2026
13 checks passed
@jacderida jacderida deleted the hermes/audit-challenge-logging branch June 22, 2026 16:43
jacderida added a commit to grumbach/ant-node that referenced this pull request Jun 22, 2026
@jacderida @claude
Merge main into audit-on-gossip (resolve conflicts; add WithAutonomi#157
c7a6882 
 logging to subtree/byte audits)

Resolve conflicts after main advanced (incl. WithAutonomi#157 audit-challenge logging,
WithAutonomi#135 aged repair hints, the prune-proof/admission gate, and the neighbor-sync
hints refactor):

- neighbor_sync: thread the gossiped commitment through main's hints-based
  sync path (sync_with_peer_with_hints). The commitment piggybacks on
  NeighborSync messages, so this is load-bearing for the gossip-triggered
  subtree audit (ADR-0002), not optional. Fixes a silent (non-marker)
  auto-merge breakage that referenced `commitment` without a parameter.
- mod.rs: keep the ADR-0002 gossip-audit trigger; combine main's per-batch
  sync hints with the per-round my_commitment snapshot at every sync call
  site; take main's new VERIFICATION_CYCLE_SLOW_LOG_MS.
- pruning: keep main's record_prune_lookup_groups prune-proof/admission gate
  AND re-apply the ADR-0002 commitment-retention veto (is_held) so a key still
  committed under a recently-gossiped commitment is never pruned.
- tests/e2e: union both sides' prune tests; fill the merged PrunePassContext
  (repair_proof_now + commitment_state) on every literal.

Fold WithAutonomi#157's audit-challenge logging convention into the subtree and byte
challenge responders (received + reply sent/not-sent via
send_replication_response_checked) and the capacity-dropped paths.

Verified: cargo fmt --check, cargo check --all-targets (+test-utils), and
cargo clippy --all-targets --features test-utils all clean; cargo test --lib
--features test-utils -> 674 passed, 0 failed.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@jacderida jacderida mentioned this pull request Jun 23, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments
@mickvandijke mickvandijke mickvandijke approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@dirvine @mickvandijke @jacderida @Rafa-Ross