@claude

Claude finished @varex83's task in 3m 54s —— View job

Code Review

• Read changed files
• Review signeddata.rs changes
• Review types.rs changes
• Review parasigdb/ module (memory, metrics, mod)
• Review testutils.rs and testutil/random.rs
• Review Cargo.toml dependency additions
• Summarize findings

Summary

This PR erases the SignedData<Error> associated type in favor of a fixed SignedDataError, makes ParSignedData/ParSignedDataSet type-erased via Box<dyn SignedData>, and wires up a new in-memory ParSigDB. The core design is sound, but there are a few issues worth addressing before merge.

Findings

[High] keys_by_duty accumulates duplicate entries on every store

Impact: Unbounded memory growth proportional to the number of partial signatures received per key (not per unique key). After N signatures for the same (duty, pubkey), keys_by_duty[duty] contains N copies of the same Key. During trim, entries.remove(&key) is called N times (only the first has any effect). On a busy validator, this could grow large.

Evidence: crates/core/src/parasigdb/memory.rs:342-352

inner.entries.entry(k.clone()).or_insert_with(Vec::new).push(value.clone());
inner.keys_by_duty.entry(k.duty.clone()).or_insert_with(Vec::new).push(k.clone());  // ← always pushed

Recommendation: Only push to keys_by_duty when entries[k] was previously empty (i.e., first signature for that key):

let slot = inner.entries.entry(k.clone()).or_insert_with(Vec::new);
if slot.is_empty() {
    inner.keys_by_duty.entry(k.duty.clone()).or_insert_with(Vec::new).push(k.clone());
}
slot.push(value.clone());

Fix this →

[High] as u64 casts violate cast_lossless = "deny" workspace lint

Impact: Will cause cargo clippy to fail.

Evidence: crates/core/src/parasigdb/memory.rs:369,375,395

if (sigs.len() as u64) < threshold {        // line 369
if sigs.len() as u64 == threshold {          // line 375
if set.len() as u64 == threshold {           // line 395

The workspace Cargo.toml:123 has cast_lossless = "deny". usize as u64 is a lossless cast and Clippy will reject it. The rest of the codebase uses u64::try_from(...).expect("...") (see memory_internal_test.rs:23-26).

Recommendation: Replace with u64::try_from(sigs.len()).unwrap_or(u64::MAX) (or .expect("len fits in u64") since this is production code and unwrap is allowed in tests only per clippy.toml:1).

Fix this →

[Medium] SignedDataError::Custom uses non-Send inner type

Impact: Any async future that propagates a Custom error through ? will not be Send, causing compile errors when spawning tasks. MemDB::store_external calls get_threshold_matching which returns Result<_, MemDBError> and MemDBError wraps SignedDataError. If Custom is ever returned in that path, tokio::spawn calls wrapping store_external will fail to compile.

Evidence: crates/core/src/signeddata.rs:53

Custom(Box<dyn std::error::Error>),  // not Send + Sync

Recommendation: Change to Box<dyn std::error::Error + Send + Sync>.

Fix this →

[Medium] Threshold logic requires exactly threshold matching signatures

Impact: If threshold + 1 or more identical signatures are collected simultaneously (e.g., in a catch-up scenario), get_threshold_matching returns None and the threshold callback is never triggered. Confirmed by the test case "all identical above threshold" → Vec::new().

Evidence: crates/core/src/parasigdb/memory.rs:394-398

for set in sigs_by_msg_root.values() {
    if set.len() as u64 == threshold {   // ← requires exact match, not >=
        return Ok(Some(set.clone()));
    }
}

Recommendation: Verify this matches Go's parsigmem.go behavior. If Go uses >= instead of ==, this is a parity gap. If intentional, a comment explaining the rationale (e.g., "prevents double-firing of threshold callbacks") would help.

[Low] Reviewer comment from iamquang95 may be partially resolved

The review comment "can derive directly" on types.rs likely refers to ParSignedData's manual Clone, PartialEq, and Eq impls. These are necessary because Box<dyn SignedData> cannot auto-derive them — the manual impls are correct. The related ParSignedDataSet already uses #[derive(..., Default)]. No action needed, but worth acknowledging the reviewer so they know it was considered.

[Low] parasigdb module lacks a descriptive doc comment

Evidence: crates/core/src/lib.rs:27

/// parasigdb
pub mod parasigdb;

Recommendation: Expand to something like: /// Partial signature database for collecting and threshold-checking partial BLS signatures.

[Low] Metrics only tracks exits

Evidence: crates/core/src/parasigdb/metrics.rs — only exit_total is tracked.

The Go implementation tracks additional metrics (total entries, threshold reached counts, etc.). This is a partial implementation; please add a TODO comment or track in a follow-up issue if other metrics are planned.

Parity Check

Tests

Tests in memory_internal_test.rs cover: threshold matching with multiple variants, full lifecycle with deadliner expiry, and both SyncCommitteeMessage and BeaconCommitteeSelection types. Good coverage overall.

Shouldn't it be parsigdb (without addional 'a')?