blockpersister fork recovery (#216)

Author: freemans13

services/blockpersister/Server.go

@@ -246,10 +246,15 @@ func (u *Server) getNextBlockToProcess(ctx context.Context) (*model.Block, error
 	// This detects blockchain reorganizations that may have occurred since the last persistence
 	// This check can be disabled via settings for testing or special scenarios
 	if u.settings.Block.BlockPersisterEnableDefensiveReorgCheck && lastPersistedHeight > 0 && lastPersistedHash != nil {
+		needsRecovery := false
+		var recoveryReason string
+
 		// Get the block to obtain its ID
 		lastBlock, err := u.blockchainClient.GetBlock(ctx, lastPersistedHash)
 		if err != nil {
-			u.logger.Warnf("[BlockPersister] Could not retrieve last persisted block %s for reorg check: %v. Continuing with next block.", lastPersistedHash.String(), err)
+			// If we can't retrieve the block, it's likely been pruned because it's on an orphaned chain
+			needsRecovery = true
+			recoveryReason = fmt.Sprintf("last persisted block %s not found in blockchain store (likely pruned orphan)", lastPersistedHash.String())
 		} else {
 			// Check if this block is still on the current chain using its ID
 			onCurrentChain, err := u.blockchainClient.CheckBlockIsInCurrentChain(ctx, []uint32{lastBlock.ID})
@@ -258,14 +263,53 @@ func (u *Server) getNextBlockToProcess(ctx context.Context) (*model.Block, error
 			}
 
 			if !onCurrentChain {
-				// Reorg detected - last persisted block is no longer on the current chain
-				// We must return nil to trigger recovery logic - continuing would cause an infinite loop
-				// because the parent hash validation will fail (new chain block's parent != orphaned block)
-				u.logger.Infof("[BlockPersister] Detected reorg: last persisted block %s at height %d is no longer on current chain. Returning nil to trigger recovery.",
-					lastPersistedHash.String(), lastPersistedHeight)
-				// Return nil to prevent infinite loop - manual intervention or proper reorg recovery needed
-				return nil, nil
+				needsRecovery = true
+				recoveryReason = fmt.Sprintf("last persisted block %s at height %d is no longer on current chain", lastPersistedHash.String(), lastPersistedHeight)
+			}
+		}
+
+		if needsRecovery {
+			// Reorg detected - trigger recovery
+			u.logger.Infof("[BlockPersister] Detected reorg: %s. Starting recovery...", recoveryReason)
+
+			// Find common ancestor by walking backward and trying to rollback to each current chain block
+			// This approach works even if the orphaned blocks have been pruned from the blockchain store
+			var commonAncestorHeight uint32
+			var commonAncestorHash *chainhash.Hash
+
+			// Walk backward from last persisted height
+			for height := lastPersistedHeight; height > 0; height-- {
+				// Get the block from the current chain at this height
+				currentChainBlock, err := u.blockchainClient.GetBlockByHeight(ctx, height)
+				if err != nil {
+					// Blockchain service should be reliable during recovery
+					// If it's failing, there's likely a real infrastructure problem that needs attention
+					return nil, errors.NewProcessingError("blockchain service unavailable during reorg recovery at height %d", height, err)
+				}
+
+				// Try to rollback to this block's hash
+				// This will succeed if the hash exists in our state file (meaning it's a common ancestor)
+				if err := u.state.RollbackToHash(currentChainBlock.Hash()); err == nil {
+					// Success - found common ancestor
+					commonAncestorHeight = height
+					commonAncestorHash = currentChainBlock.Hash()
+					break
+				}
+				// If rollback failed, this block isn't in our state file, continue backward
+			}
+
+			if commonAncestorHash == nil {
+				return nil, errors.NewProcessingError("no common ancestor found during reorg recovery - could not find any current chain block in state file", nil)
 			}
+
+			// Calculate how many blocks we rolled back
+			blocksRolledBack := lastPersistedHeight - commonAncestorHeight
+
+			u.logger.Infof("[BlockPersister] Reorg recovery complete: rolled back %d blocks from height %d to common ancestor at height %d (hash: %s). Will resume processing from height %d.",
+				blocksRolledBack, lastPersistedHeight, commonAncestorHeight, commonAncestorHash.String(), commonAncestorHeight+1)
+
+			// Return nil to trigger next iteration, which will start processing from common ancestor + 1
+			return nil, nil
 		}
 	}
 

services/blockpersister/Server_test.go

@@ -1231,33 +1231,165 @@ func TestGetNextBlockToProcess_ReorgDetected(t *testing.T) {
 	// Create mock blockchain client
 	mockClient := &blockchain.Mock{}
 
-	// Create mock block for the last persisted block (height 100)
-	lastPersistedHash, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000064")
+	// Create common ancestor header first so we can use its computed hash
+	dummyHash, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000001")
+	nBits, _ := model.NewNBitFromString("1d00ffff")
+	commonAncestorHeader := &model.BlockHeader{
+		Version:        1,
+		HashPrevBlock:  dummyHash,
+		HashMerkleRoot: dummyHash,
+		Timestamp:      1234567890,
+		Bits:           *nBits,
+		Nonce:          1,
+	}
+
+	// Use the computed hash as the last persisted hash
+	lastPersistedHash := commonAncestorHeader.Hash()
 	lastPersistedBlock := &model.Block{
 		Height: 100,
 		ID:     100,
 	}
 
-	// Mock the GetBlock call for reorg detection
+	// Mock the GetBlock call for reorg detection - using computed hash
 	mockClient.On("GetBlock", ctx, lastPersistedHash).Return(
 		lastPersistedBlock, nil)
 	// Mock the CheckBlockIsInCurrentChain call - returning false to simulate reorg
 	mockClient.On("CheckBlockIsInCurrentChain", ctx, []uint32{uint32(100)}).Return(
 		false, nil) // false indicates block is NOT on current chain (reorg detected)
-	// GetBestBlockHeader should NOT be called because we return early
+
+	// Mock recovery flow - new approach walks backward trying each height
+	// It will try to get the block at height 100 from current chain
+	// and that will match our state file, so recovery succeeds immediately
+	mockClient.On("GetBlockByHeight", ctx, uint32(100)).Return(
+		&model.Block{Height: 100, Header: commonAncestorHeader}, nil)
 
 	server := New(ctx, logger, tSettings, nil, nil, nil, mockClient)
 
-	// Set initial persisted height with the orphaned hash
+	// Set initial persisted height with the computed hash
+	// This ensures the hash in the state file matches what we'll try to rollback to
 	err := server.state.AddBlock(100, lastPersistedHash.String())
 	require.NoError(t, err)
 
 	// Call getNextBlockToProcess
 	block, err := server.getNextBlockToProcess(ctx)
 
-	// Verify that we return nil block and nil error (triggering recovery)
+	// Verify that we return nil block and nil error after recovery
+	require.NoError(t, err)
+	assert.Nil(t, block, "Should return nil block after recovery to trigger retry")
+
+	// Verify state wasn't changed since common ancestor is same as last persisted
+	height, hash, err := server.state.GetLastPersistedBlock()
+	require.NoError(t, err)
+	require.Equal(t, uint32(100), height)
+	require.Equal(t, commonAncestorHeader.Hash().String(), hash.String())
+
+	// Verify mock expectations
+	mockClient.AssertExpectations(t)
+}
+
+// TestGetNextBlockToProcess_ReorgRecovery tests the full reorg recovery flow using block locators
+func TestGetNextBlockToProcess_ReorgRecovery(t *testing.T) {
+	ctx := context.Background()
+	logger := ulogger.TestLogger{}
+	tSettings := test.CreateBaseTestSettings(t)
+
+	// Create temp directory for state file
+	tempDir := t.TempDir()
+	tSettings.Block.StateFile = tempDir + "/blocks.dat"
+	tSettings.Block.BlockPersisterPersistAge = 2
+
+	// Create mock blockchain client
+	mockClient := &blockchain.Mock{}
+
+	// Simulate state with blocks up to height 105 (on old chain)
+	// Common ancestor is at height 100
+	// Reorg occurred at height 101
+
+	// Create common ancestor header first so we can use its computed hash everywhere
+	dummyHash, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000001")
+	nBits, _ := model.NewNBitFromString("1d00ffff")
+	commonAncestorHeader := &model.BlockHeader{
+		Version:        1,
+		HashPrevBlock:  dummyHash,
+		HashMerkleRoot: dummyHash,
+		Timestamp:      1234567890,
+		Bits:           *nBits,
+		Nonce:          1,
+	}
+	commonAncestorHash := commonAncestorHeader.Hash()
+
+	// Old chain hashes (blocks after the fork)
+	oldChainHash101, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000101")
+	oldChainHash102, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000102")
+	oldChainHash103, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000103")
+	oldChainHash104, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000104")
+	oldChainHash105, _ := chainhash.NewHashFromStr("0000000000000000000000000000000000000000000000000000000000000105")
+
+	server := New(ctx, logger, tSettings, nil, nil, nil, mockClient)
+
+	// Set up state with blocks from old chain using the computed common ancestor hash
+	require.NoError(t, server.state.AddBlock(100, commonAncestorHash.String()))
+	require.NoError(t, server.state.AddBlock(101, oldChainHash101.String()))
+	require.NoError(t, server.state.AddBlock(102, oldChainHash102.String()))
+	require.NoError(t, server.state.AddBlock(103, oldChainHash103.String()))
+	require.NoError(t, server.state.AddBlock(104, oldChainHash104.String()))
+	require.NoError(t, server.state.AddBlock(105, oldChainHash105.String()))
+
+	// Verify initial state
+	height, hash, err := server.state.GetLastPersistedBlock()
+	require.NoError(t, err)
+	require.Equal(t, uint32(105), height)
+	require.Equal(t, oldChainHash105.String(), hash.String())
+
+	// Mock the reorg detection sequence
+	lastPersistedBlock := &model.Block{
+		Height: 105,
+		ID:     105,
+	}
+
+	// 1. GetBlock call for last persisted block
+	mockClient.On("GetBlock", ctx, oldChainHash105).Return(lastPersistedBlock, nil)
+
+	// 2. CheckBlockIsInCurrentChain returns false (reorg detected)
+	mockClient.On("CheckBlockIsInCurrentChain", ctx, []uint32{uint32(105)}).Return(false, nil)
+
+	// 3. Mock recovery flow - new approach walks backward from height 105
+	// trying to find a block from current chain that exists in our state file
+	// Heights 105, 104, 103, 102, 101 won't match (different hashes)
+	// Height 100 will match (common ancestor)
+	newChainHash105, _ := chainhash.NewHashFromStr("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")
+	newChainHash104, _ := chainhash.NewHashFromStr("bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb")
+	newChainHash103, _ := chainhash.NewHashFromStr("cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc")
+	newChainHash102, _ := chainhash.NewHashFromStr("dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd")
+	newChainHash101, _ := chainhash.NewHashFromStr("eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee")
+
+	// Mock GetBlockByHeight for each height during backward search
+	// Create proper block headers for each height on the new chain
+	mockClient.On("GetBlockByHeight", ctx, uint32(105)).Return(
+		&model.Block{Height: 105, Header: &model.BlockHeader{Version: 1, HashPrevBlock: oldChainHash104, HashMerkleRoot: newChainHash105, Timestamp: 1234567890, Bits: *nBits, Nonce: 1}}, nil)
+	mockClient.On("GetBlockByHeight", ctx, uint32(104)).Return(
+		&model.Block{Height: 104, Header: &model.BlockHeader{Version: 1, HashPrevBlock: oldChainHash103, HashMerkleRoot: newChainHash104, Timestamp: 1234567890, Bits: *nBits, Nonce: 1}}, nil)
+	mockClient.On("GetBlockByHeight", ctx, uint32(103)).Return(
+		&model.Block{Height: 103, Header: &model.BlockHeader{Version: 1, HashPrevBlock: oldChainHash102, HashMerkleRoot: newChainHash103, Timestamp: 1234567890, Bits: *nBits, Nonce: 1}}, nil)
+	mockClient.On("GetBlockByHeight", ctx, uint32(102)).Return(
+		&model.Block{Height: 102, Header: &model.BlockHeader{Version: 1, HashPrevBlock: oldChainHash101, HashMerkleRoot: newChainHash102, Timestamp: 1234567890, Bits: *nBits, Nonce: 1}}, nil)
+	mockClient.On("GetBlockByHeight", ctx, uint32(101)).Return(
+		&model.Block{Height: 101, Header: &model.BlockHeader{Version: 1, HashPrevBlock: commonAncestorHash, HashMerkleRoot: newChainHash101, Timestamp: 1234567890, Bits: *nBits, Nonce: 1}}, nil)
+	mockClient.On("GetBlockByHeight", ctx, uint32(100)).Return(
+		&model.Block{Height: 100, Header: commonAncestorHeader}, nil)
+
+	// Call getNextBlockToProcess - should trigger reorg recovery
+	block, err := server.getNextBlockToProcess(ctx)
+
+	// Should return nil (to retry on next iteration)
+	require.NoError(t, err)
+	assert.Nil(t, block, "Should return nil after recovery to trigger retry")
+
+	// Verify state was rolled back to common ancestor (height 100)
+	height, hash, err = server.state.GetLastPersistedBlock()
 	require.NoError(t, err)
-	assert.Nil(t, block, "Should return nil block when reorg is detected")
+	require.Equal(t, uint32(100), height)
+	require.Equal(t, commonAncestorHeader.Hash().String(), hash.String())
 
 	// Verify mock expectations
 	mockClient.AssertExpectations(t)

services/blockpersister/state/state.go

@@ -23,6 +23,7 @@
 package state
 
 import (
+	"bufio"
 	"bytes"
 	"fmt"
 	"io"
@@ -229,6 +230,125 @@ func (s *State) AddBlock(height uint32, hash string) error {
 	return nil
 }
 
+// RollbackToHash truncates the state file to the specified block hash
+// This removes all blocks after the first occurrence of the target hash
+// Uses streaming to minimize memory usage - only one line in memory at a time
+// Parameters:
+//   - targetHash: the hash of the block to rollback to
+//
+// Returns:
+//   - error: any error encountered (including if hash is not found)
+func (s *State) RollbackToHash(targetHash *chainhash.Hash) (err error) {
+	s.fileLock.Lock()
+	defer s.fileLock.Unlock()
+
+	// Open source file for reading
+	srcFile, err := os.Open(s.filePath)
+	if err != nil {
+		if os.IsNotExist(err) {
+			return errors.NewProcessingError("cannot rollback to hash %s: state file does not exist", targetHash.String())
+		}
+		return errors.NewProcessingError("failed to open blocks file", err)
+	}
+	defer srcFile.Close()
+
+	srcDeferFn, err := s.lockFile(srcFile, syscall.LOCK_SH)
+	if err != nil {
+		return errors.NewProcessingError("could not lock file for reading", err)
+	}
+	defer srcDeferFn()
+
+	// Create temporary file for writing
+	dir := filepath.Dir(s.filePath)
+	tmpFile, err := os.CreateTemp(dir, "blocks.*.tmp")
+	if err != nil {
+		return errors.NewProcessingError("failed to create temporary file", err)
+	}
+	tmpPath := tmpFile.Name()
+	defer os.Remove(tmpPath) // Always cleanup temp file (fails silently if renamed)
+
+	// Defer tmpFile.Close() - will be skipped on success via tmpFileClosed flag
+	tmpFileClosed := false
+	defer func() {
+		if !tmpFileClosed {
+			tmpFile.Close()
+		}
+	}()
+
+	tmpDeferFn, err := s.lockFile(tmpFile, syscall.LOCK_EX)
+	if err != nil {
+		return errors.NewProcessingError("could not lock temporary file", err)
+	}
+	defer tmpDeferFn()
+
+	// Stream copy line by line until we hit the target hash
+	scanner := bufio.NewScanner(srcFile)
+	linesWritten := 0
+	hashFound := false
+
+	for scanner.Scan() {
+		line := scanner.Bytes()
+
+		if len(line) == 0 {
+			continue
+		}
+
+		// Parse hash from the line (format: height,hash)
+		commaIndex := bytes.IndexByte(line, ',')
+		if commaIndex != -1 {
+			// Extract and check hash
+			hashStr := string(bytes.TrimSpace(line[commaIndex+1:]))
+			hash, err := chainhash.NewHashFromStr(hashStr)
+			if err == nil && hash.IsEqual(targetHash) {
+				// Found target hash - write this line and stop
+				if _, err := tmpFile.Write(line); err != nil {
+					return errors.NewProcessingError("failed to write to temporary file", err)
+				}
+				if _, err := tmpFile.WriteString("\n"); err != nil {
+					return errors.NewProcessingError("failed to write newline to temporary file", err)
+				}
+				linesWritten++
+				hashFound = true
+				break
+			}
+		}
+
+		// Write line and continue
+		if _, err := tmpFile.Write(line); err != nil {
+			return errors.NewProcessingError("failed to write to temporary file", err)
+		}
+		if _, err := tmpFile.WriteString("\n"); err != nil {
+			return errors.NewProcessingError("failed to write newline to temporary file", err)
+		}
+		linesWritten++
+	}
+
+	if err = scanner.Err(); err != nil {
+		return errors.NewProcessingError("failed to read blocks file", err)
+	}
+
+	if !hashFound {
+		return errors.NewProcessingError("cannot rollback to hash %s: hash not found in state file", targetHash.String())
+	}
+
+	// Sync temp file to disk
+	if err = tmpFile.Sync(); err != nil {
+		return errors.NewProcessingError("failed to sync temporary file", err)
+	}
+
+	// Close temp file before rename (locks will be released by defers)
+	tmpFile.Close()
+	tmpFileClosed = true
+
+	// Atomically replace the original file
+	if err = os.Rename(tmpPath, s.filePath); err != nil {
+		return errors.NewProcessingError("failed to rename temporary file", err)
+	}
+
+	s.logger.Infof("[BlockPersister State] Rolled back to hash %s (%d blocks in final state)", targetHash.String(), linesWritten)
+	return nil
+}
+
 // lockFile implements file locking for concurrent access
 // Parameters:
 //   - file: file to lock