Add Verification + Tracking Logic To Simplex Blocks

[samliok]

Why this should be merged

In addition to calling Verify on the blocks inner vmBlock, we need to do some additional checks to ensure a simplex block can be verified. Furthermore, we need to ensure that any verified blocks are eventually accepted or rejected.

How this works

In simplex we do some pre-verification logic. However this is not enough, as we do not have access to the inner vmBlock pointed to by the prev field in the ProtocolMetadata. This means our verification logic in avalanchego must verify that prev for the block we are currently verifying points to that blocks parent. To understand more about why this important, see this test.

This PR also introduces a blockTracker struct to keep track of blocks that have been verified. When index is called on a digest, the blockTracker calls Accept on that block and Reject on any competing blocks.

How this was tested

Need to be documented in RELEASES.md?

[Copilot]

Pull Request Overview

This PR refactors change tracking in the Merkle DB view and history layers, replacing the old keyChanges+sortedKeys approach with a unified values map and a new recordValueChange method. It also updates the view iterator to reflect the map-based storage and overhauls history retrieval functions to collapse and filter changes via the new map structure.

• Replaces keyChanges and sortedKeys with values map and recordValueChange in view.go
• Updates NewIteratorWithStartAndPrefix to iterate over values and then sort the results in view_iterator.go
• Refactors history functions (getValueChanges, getChangesToGetToRoot) to use the new map-based change summary in history.go and updates tests

Reviewed Changes

Copilot reviewed 89 out of 91 changed files in this pull request and generated 1 comment.

File	Description
x/merkledb/view.go	Introduced recordValueChange method and values map
x/merkledb/view_iterator.go	Changed iterator to range over values and sort KeyChanges
x/merkledb/history.go	Refactored history change accumulation to use changeSummary
x/merkledb/history_test.go	Updated tests to assert on values instead of slices

Comments suppressed due to low confidence (2)

x/merkledb/view_iterator.go:27

• [nitpick] The local variable changes shadows v.changes and may be confusing. Consider renaming it to something like result or filteredChanges.

		changes   = make([]KeyChange, 0, len(v.changes.values))

[yacovm]

Can we move vms/proposervm/tree to somewhere like snow/tree ? It's a bit insanitary that Simplex uses something that is in proposervm

[samliok]

moved to utils

[yacovm]

Instead of doing that can't we load the last accepted to simplexDigestsToBlock upon creation? This way we also don't depend on the implementation of the VM's LastAccepted in this method, for instance if the VM doesn't implement this efficiently.

But the bigger benefit is that we should always find the previous block this way (unless it's the genesis block) and we have less special handling.

[samliok]

added

[yacovm]

I would very much like us to explicitly make sure that the chain induced by Simplex is aligned with the chain induced by the VM, and not only the inner VMs are aligned:

prevBlock.BlockHeader().Digest == b.metadata.Prev && prevBlock.vmBlock.ID() == b.vmBlock.Parent()

[yacovm]

this case isn't covered by tests. Can we add a test for this?

[yacovm]

shouldn't we update these two values once we we call indexBlock?

Can we make a test that is like TestVerifyInnerBlockBreaksHashChain but goes through several blocks?

[samliok]

i dont think we need to update them, since we will have always have the last accepted id/digest in the block trackers memory. I do think the name is misleading though. Added to this test

[yacovm]

I think we need to grab the context lock here, because we're executing this function asynchronously.

I think that there is something I overlooked, please see comment.

[StephenButtolph]

When can b.metadata.Prev != prevBlock.digest ever be true? Removing this check doesn't break any tests.

[StephenButtolph]

Suggested change

	simplexDigestsToBlock := make(map[simplex.Digest]*Block)
	simplexDigestsToBlock[latestBlock.digest] = latestBlock
	return &blockTracker{
	tree: tree.New(),
	simplexDigestsToBlock: simplexDigestsToBlock,
	}
	return &blockTracker{
	tree: tree.New(),
	simplexDigestsToBlock: map[simplex.Digest]*Block{
	latestBlock.digest: latestBlock,
	},
	}

[StephenButtolph]

I have found in other tests that having various newBlockWithXXX(, newBlock( ect scales really annoyingly.

If we don't foresee adding more things here, then feel free to ignore... But it might make sense to make a single newBlock function which takes in a config with reasonable zero values.

That has proven to be much more flexible in my experience.

[StephenButtolph]

Don't we still need to add b to the simplexDigestsToBlock map here?

[StephenButtolph]

For simple checks like these (where err shouldn't be referenced later) I think we typically try to use inline if statements. The only exception to this is with very long (multi-line) statements, which are hard to read imo.

Suggested change

	err := b.verifyParentMatchesPrevBlock()
	if err != nil {
	if err := b.verifyParentMatchesPrevBlock(); err != nil {

[StephenButtolph]

See above comment

Suggested change

	err = b.vmBlock.Verify(ctx)
	if err != nil {
	if err := b.vmBlock.Verify(ctx); err != nil {

[StephenButtolph]

I know that maps return the zero value when looking up something fails, and that we never expect to actually place a nil value in the map. But in avalanchego we typically do explicit success checks (so prevBlock, ok := ...)