Improve change proof context management #1709
Description
Address the following feedback:
I think this is a lot better, but I think we can even do more here. I'll approve this PR so you can merge it, but we should consider the following for the next release.
I don't like the current split state variables (ChangeProofContext -> VerifiedChangeProofContext -> ProposedChangeProofContext). I think we can do this with a single stateful struct that supports idempotent verification, proposal preparation, commit, and next-range introspection.
I think this simplifies the design a bit, as there are odd edge cases in this design. An example might be that verification is not idempotent. Calling verify again on the same ChangeProofContext returns ProofIsNone because the proof was consumed.
It might make the rust code a tiny bit more complicated but is likely to simplify the ffi interface significantly. I'd have to try it to see.
Maybe something like this:
pub struct ChangeProofContext<'db> {
proof: FrozenChangeProof,
// Cached verification context to support idempotent verify calls.
verification: Option<VerificationContext>,
// Proposal/commit lifecycle state.
proposal_state: ProposalState<'db>,
}
struct VerificationContext {
start_root: HashKey,
end_root: HashKey,
start_key: Option<Box<[u8]>>,
end_key: Option<Box<[u8]>>,
max_length: Option<NonZeroUsize>,
}
enum ProposalState<'db> {
// No prepared proposal yet.
Unprepared,
// Proposal prepared against a DB snapshot, not committed yet.
Proposed(crate::ProposalHandle<'db>),
// Already committed; value is resulting root (None => empty trie).
Committed(Option<HashKey>),
}
Originally posted by @rkuris in #1641 (comment)