audit : align with lumera changes

j-rafique · j-rafique · commit 95710fc7bf88 · 2026-02-09T20:36:11.000+05:00
diff --git a/pkg/lumera/Readme.md b/pkg/lumera/Readme.md
@@ -26,7 +26,7 @@ Using modules
 - `cli.Action()` – query actions (GetAction, GetActionFee, GetParams)
 - `cli.ActionMsg()` – send action messages (see below)
 - `cli.Audit()` – query `x/audit` (params/epochs/anchors/assignments/reports)
-- `cli.AuditMsg()` – submit `x/audit` txs (`MsgSubmitAuditReport`, `MsgSubmitEvidence`)
+- `cli.AuditMsg()` – submit `x/audit` txs (`MsgSubmitEpochReport`, `MsgSubmitEvidence`)
 - `cli.Auth()` – accounts/verify
 - `cli.SuperNode()` – supernode queries
 - `cli.Tx()` – tx internals (shared by helpers)
diff --git a/pkg/lumera/modules/audit/impl.go b/pkg/lumera/modules/audit/impl.go
@@ -63,13 +63,13 @@ func (m *module) GetAssignedTargets(ctx context.Context, supernodeAccount string
 	return resp, nil
 }
 
-func (m *module) GetAuditReport(ctx context.Context, epochID uint64, supernodeAccount string) (*types.QueryAuditReportResponse, error) {
-	resp, err := m.client.AuditReport(ctx, &types.QueryAuditReportRequest{
+func (m *module) GetEpochReport(ctx context.Context, epochID uint64, supernodeAccount string) (*types.QueryEpochReportResponse, error) {
+	resp, err := m.client.EpochReport(ctx, &types.QueryEpochReportRequest{
 		EpochId:          epochID,
 		SupernodeAccount: supernodeAccount,
 	})
 	if err != nil {
-		return nil, fmt.Errorf("failed to get audit report: %w", err)
+		return nil, fmt.Errorf("failed to get epoch report: %w", err)
 	}
 	return resp, nil
 }
diff --git a/pkg/lumera/modules/audit/interface.go b/pkg/lumera/modules/audit/interface.go
@@ -14,7 +14,7 @@ type Module interface {
 	GetCurrentEpochAnchor(ctx context.Context) (*types.QueryCurrentEpochAnchorResponse, error)
 	GetCurrentEpoch(ctx context.Context) (*types.QueryCurrentEpochResponse, error)
 	GetAssignedTargets(ctx context.Context, supernodeAccount string, epochID uint64) (*types.QueryAssignedTargetsResponse, error)
-	GetAuditReport(ctx context.Context, epochID uint64, supernodeAccount string) (*types.QueryAuditReportResponse, error)
+	GetEpochReport(ctx context.Context, epochID uint64, supernodeAccount string) (*types.QueryEpochReportResponse, error)
 }
 
 // NewModule creates a new Audit module client.
diff --git a/pkg/lumera/modules/audit_msg/audit_msg_mock.go b/pkg/lumera/modules/audit_msg/audit_msg_mock.go
diff --git a/pkg/lumera/modules/audit_msg/impl.go b/pkg/lumera/modules/audit_msg/impl.go
@@ -78,24 +78,23 @@ func (m *module) SubmitEvidence(ctx context.Context, subjectAddress string, evid
 	})
 }
 
-func (m *module) SubmitAuditReport(ctx context.Context, epochID uint64, peerObservations []*audittypes.AuditPeerObservation) (*sdktx.BroadcastTxResponse, error) {
+func (m *module) SubmitEpochReport(ctx context.Context, epochID uint64, hostReport audittypes.HostReport, storageChallengeObservations []*audittypes.StorageChallengeObservation) (*sdktx.BroadcastTxResponse, error) {
 	m.mu.Lock()
 	defer m.mu.Unlock()
 
-	// Intentionally submit 0% usage for CPU/memory/disk so the chain treats these as "unknown"
+	// Intentionally submit 0% usage for CPU/memory so the chain treats these as "unknown"
 	// (see x/audit enforcement semantics).
-	selfReport := audittypes.AuditSelfReport{
-		CpuUsagePercent:  0,
-		MemUsagePercent:  0,
-		DiskUsagePercent: 0,
-	}
+	//
+	// Disk usage is expected to be reported accurately (legacy-aligned); callers provide it.
+	hostReport.CpuUsagePercent = 0
+	hostReport.MemUsagePercent = 0
 
 	return m.txHelper.ExecuteTransaction(ctx, func(creator string) (sdktypes.Msg, error) {
-		return &audittypes.MsgSubmitAuditReport{
-			SupernodeAccount: creator,
-			EpochId:          epochID,
-			SelfReport:       selfReport,
-			PeerObservations: peerObservations,
+		return &audittypes.MsgSubmitEpochReport{
+			Creator:                      creator,
+			EpochId:                      epochID,
+			HostReport:                   hostReport,
+			StorageChallengeObservations: storageChallengeObservations,
 		}, nil
 	})
 }
diff --git a/pkg/lumera/modules/audit_msg/interface.go b/pkg/lumera/modules/audit_msg/interface.go
@@ -15,7 +15,7 @@ import (
 // Module defines the interface for audit-related transactions.
 type Module interface {
 	SubmitEvidence(ctx context.Context, subjectAddress string, evidenceType audittypes.EvidenceType, actionID string, metadataJSON string) (*sdktx.BroadcastTxResponse, error)
-	SubmitAuditReport(ctx context.Context, epochID uint64, peerObservations []*audittypes.AuditPeerObservation) (*sdktx.BroadcastTxResponse, error)
+	SubmitEpochReport(ctx context.Context, epochID uint64, hostReport audittypes.HostReport, storageChallengeObservations []*audittypes.StorageChallengeObservation) (*sdktx.BroadcastTxResponse, error)
 }
 
 // NewModule creates a new audit_msg module instance.
diff --git a/pkg/testutil/lumera.go b/pkg/testutil/lumera.go
@@ -213,8 +213,8 @@ func (m *MockAuditModule) GetAssignedTargets(ctx context.Context, supernodeAccou
 	return &audittypes.QueryAssignedTargetsResponse{}, nil
 }
 
-func (m *MockAuditModule) GetAuditReport(ctx context.Context, epochID uint64, supernodeAccount string) (*audittypes.QueryAuditReportResponse, error) {
-	return &audittypes.QueryAuditReportResponse{}, nil
+func (m *MockAuditModule) GetEpochReport(ctx context.Context, epochID uint64, supernodeAccount string) (*audittypes.QueryEpochReportResponse, error) {
+	return &audittypes.QueryEpochReportResponse{}, nil
 }
 
 type MockAuditMsgModule struct{}
@@ -223,7 +223,7 @@ func (m *MockAuditMsgModule) SubmitEvidence(ctx context.Context, subjectAddress
 	return &sdktx.BroadcastTxResponse{}, nil
 }
 
-func (m *MockAuditMsgModule) SubmitAuditReport(ctx context.Context, epochID uint64, peerObservations []*audittypes.AuditPeerObservation) (*sdktx.BroadcastTxResponse, error) {
+func (m *MockAuditMsgModule) SubmitEpochReport(ctx context.Context, epochID uint64, hostReport audittypes.HostReport, storageChallengeObservations []*audittypes.StorageChallengeObservation) (*sdktx.BroadcastTxResponse, error) {
 	return &sdktx.BroadcastTxResponse{}, nil
 }
 
diff --git a/supernode/cmd/start.go b/supernode/cmd/start.go
@@ -21,9 +21,9 @@ import (
 	"github.com/LumeraProtocol/supernode/v2/pkg/storage/queries"
 	"github.com/LumeraProtocol/supernode/v2/pkg/storage/rqstore"
 	"github.com/LumeraProtocol/supernode/v2/pkg/task"
-	auditReporterService "github.com/LumeraProtocol/supernode/v2/supernode/audit_reporter"
 	cascadeService "github.com/LumeraProtocol/supernode/v2/supernode/cascade"
 	"github.com/LumeraProtocol/supernode/v2/supernode/config"
+	hostReporterService "github.com/LumeraProtocol/supernode/v2/supernode/host_reporter"
 	statusService "github.com/LumeraProtocol/supernode/v2/supernode/status"
 	storageChallengeService "github.com/LumeraProtocol/supernode/v2/supernode/storage_challenge"
 	// Legacy supernode metrics reporter (MsgReportSupernodeMetrics) has been superseded by
@@ -162,14 +162,15 @@ The supernode will connect to the Lumera network and begin participating in the
 		// Create supernode status service with injected tracker
 		statusSvc := statusService.NewSupernodeStatusService(p2pService, lumeraClient, appConfig, tr)
 
-		auditReporter, err := auditReporterService.NewService(
+		hostReporter, err := hostReporterService.NewService(
 			appConfig.SupernodeConfig.Identity,
 			lumeraClient,
 			kr,
 			appConfig.SupernodeConfig.KeyName,
+			appConfig.BaseDir,
 		)
 		if err != nil {
-			logtrace.Fatal(ctx, "Failed to initialize audit reporter", logtrace.Fields{"error": err.Error()})
+			logtrace.Fatal(ctx, "Failed to initialize host reporter", logtrace.Fields{"error": err.Error()})
 		}
 
 		// Legacy on-chain supernode metrics reporting has been superseded by `x/audit`.
@@ -247,7 +248,7 @@ The supernode will connect to the Lumera network and begin participating in the
 		// Start the services using the standard runner and capture exit
 		servicesErr := make(chan error, 1)
 		go func() {
-			services := []service{grpcServer, cService, p2pService, gatewayServer, auditReporter}
+			services := []service{grpcServer, cService, p2pService, gatewayServer, hostReporter}
 			if storageChallengeRunner != nil {
 				services = append(services, storageChallengeRunner)
 			}
diff --git a/supernode/host_reporter/service.go b/supernode/host_reporter/service.go
@@ -1,4 +1,4 @@
-package audit_reporter
+package host_reporter
 
 import (
 	"context"
@@ -12,6 +12,7 @@ import (
 	"github.com/LumeraProtocol/supernode/v2/pkg/logtrace"
 	"github.com/LumeraProtocol/supernode/v2/pkg/lumera"
 	"github.com/LumeraProtocol/supernode/v2/pkg/reachability"
+	statussvc "github.com/LumeraProtocol/supernode/v2/supernode/status"
 	"github.com/cosmos/cosmos-sdk/crypto/keyring"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
@@ -24,7 +25,7 @@ const (
 	maxConcurrentTargets = 8
 )
 
-// Service submits one MsgSubmitAuditReport per epoch for the local supernode.
+// Service submits one MsgSubmitEpochReport per epoch for the local supernode.
 // All runtime behavior is driven by on-chain params/queries; there are no local config knobs.
 type Service struct {
 	identity string
@@ -35,9 +36,12 @@ type Service struct {
 
 	pollInterval time.Duration
 	dialTimeout  time.Duration
+
+	metrics      *statussvc.MetricsCollector
+	storagePaths []string
 }
 
-func NewService(identity string, lumeraClient lumera.Client, kr keyring.Keyring, keyName string) (*Service, error) {
+func NewService(identity string, lumeraClient lumera.Client, kr keyring.Keyring, keyName string, baseDir string) (*Service, error) {
 	identity = strings.TrimSpace(identity)
 	if identity == "" {
 		return nil, fmt.Errorf("identity is empty")
@@ -66,13 +70,21 @@ func NewService(identity string, lumeraClient lumera.Client, kr keyring.Keyring,
 		return nil, fmt.Errorf("identity mismatch: config.identity=%s key(%s)=%s", identity, keyName, got)
 	}
 
+	storagePaths := []string{}
+	if baseDir = strings.TrimSpace(baseDir); baseDir != "" {
+		// Match legacy disk reporting behavior: measure the volume where the supernode stores its data.
+		storagePaths = []string{baseDir}
+	}
+
 	return &Service{
 		identity:     identity,
 		lumera:       lumeraClient,
 		keyring:      kr,
 		keyName:      keyName,
 		pollInterval: defaultPollInterval,
 		dialTimeout:  defaultDialTimeout,
+		metrics:      statussvc.NewMetricsCollector(),
+		storagePaths: storagePaths,
 	}, nil
 }
 
@@ -105,7 +117,7 @@ func (s *Service) tick(ctx context.Context) {
 	}
 
 	// Idempotency: if a report exists for this epoch, do nothing.
-	if _, err := s.lumera.Audit().GetAuditReport(ctx, epochID, s.identity); err == nil {
+	if _, err := s.lumera.Audit().GetEpochReport(ctx, epochID, s.identity); err == nil {
 		return
 	} else if status.Code(err) != codes.NotFound {
 		return
@@ -116,28 +128,49 @@ func (s *Service) tick(ctx context.Context) {
 		return
 	}
 
-	peerObservations := s.buildPeerObservations(ctx, epochID, assignResp.RequiredOpenPorts, assignResp.TargetSupernodeAccounts)
+	storageChallengeObservations := s.buildStorageChallengeObservations(ctx, epochID, assignResp.RequiredOpenPorts, assignResp.TargetSupernodeAccounts)
+
+	hostReport := audittypes.HostReport{
+		// Intentionally submit 0% usage for CPU/memory so the chain treats these as "unknown".
+		// Disk usage is reported accurately (legacy-aligned) so disk-based enforcement can work.
+		CpuUsagePercent: 0,
+		MemUsagePercent: 0,
+	}
+	if diskUsagePercent, ok := s.diskUsagePercent(ctx); ok {
+		hostReport.DiskUsagePercent = diskUsagePercent
+	}
 
-	if _, err := s.lumera.AuditMsg().SubmitAuditReport(ctx, epochID, peerObservations); err != nil {
-		logtrace.Warn(ctx, "audit report submit failed", logtrace.Fields{
+	if _, err := s.lumera.AuditMsg().SubmitEpochReport(ctx, epochID, hostReport, storageChallengeObservations); err != nil {
+		logtrace.Warn(ctx, "epoch report submit failed", logtrace.Fields{
 			"epoch_id": epochID,
 			"error":    err.Error(),
 		})
 		return
 	}
 
-	logtrace.Info(ctx, "audit report submitted", logtrace.Fields{
-		"epoch_id":                epochID,
-		"peer_observations_count": len(peerObservations),
+	logtrace.Info(ctx, "epoch report submitted", logtrace.Fields{
+		"epoch_id":                             epochID,
+		"storage_challenge_observations_count": len(storageChallengeObservations),
 	})
 }
 
-func (s *Service) buildPeerObservations(ctx context.Context, epochID uint64, requiredOpenPorts []uint32, targets []string) []*audittypes.AuditPeerObservation {
+func (s *Service) diskUsagePercent(ctx context.Context) (float64, bool) {
+	if s.metrics == nil || len(s.storagePaths) == 0 {
+		return 0, false
+	}
+	infos := s.metrics.CollectStorageMetrics(ctx, s.storagePaths)
+	if len(infos) == 0 {
+		return 0, false
+	}
+	return infos[0].UsagePercent, true
+}
+
+func (s *Service) buildStorageChallengeObservations(ctx context.Context, epochID uint64, requiredOpenPorts []uint32, targets []string) []*audittypes.StorageChallengeObservation {
 	if len(targets) == 0 {
 		return nil
 	}
 
-	out := make([]*audittypes.AuditPeerObservation, len(targets))
+	out := make([]*audittypes.StorageChallengeObservation, len(targets))
 
 	type workItem struct {
 		index  int
@@ -171,8 +204,8 @@ func (s *Service) buildPeerObservations(ctx context.Context, epochID uint64, req
 		<-done
 	}
 
-	// ensure no nil elements (MsgSubmitAuditReport rejects nil observations)
-	final := make([]*audittypes.AuditPeerObservation, 0, len(out))
+	// ensure no nil elements (MsgSubmitEpochReport rejects nil observations)
+	final := make([]*audittypes.StorageChallengeObservation, 0, len(out))
 	for i := range out {
 		if out[i] != nil {
 			final = append(final, out[i])
@@ -181,15 +214,15 @@ func (s *Service) buildPeerObservations(ctx context.Context, epochID uint64, req
 	return final
 }
 
-func (s *Service) observeTarget(ctx context.Context, epochID uint64, requiredOpenPorts []uint32, target string) *audittypes.AuditPeerObservation {
+func (s *Service) observeTarget(ctx context.Context, epochID uint64, requiredOpenPorts []uint32, target string) *audittypes.StorageChallengeObservation {
 	target = strings.TrimSpace(target)
 	if target == "" {
 		return nil
 	}
 
 	host, err := s.targetHost(ctx, target)
 	if err != nil {
-		logtrace.Warn(ctx, "audit observe target: resolve host failed", logtrace.Fields{
+		logtrace.Warn(ctx, "storage challenge observe target: resolve host failed", logtrace.Fields{
 			"epoch_id": epochID,
 			"target":   target,
 			"error":    err.Error(),
@@ -202,7 +235,7 @@ func (s *Service) observeTarget(ctx context.Context, epochID uint64, requiredOpe
 		portStates = append(portStates, probeTCP(ctx, host, p, s.dialTimeout))
 	}
 
-	return &audittypes.AuditPeerObservation{
+	return &audittypes.StorageChallengeObservation{
 		TargetSupernodeAccount: target,
 		PortStates:             portStates,
 	}
diff --git a/supernode/storage_challenge/README.md b/supernode/storage_challenge/README.md
@@ -34,7 +34,6 @@ For each selected `file_key`:
 
 On failure conditions (recipient error/unreachable, invalid proof, observer quorum failure), and only when enabled:
 - Build `StorageChallengeFailureEvidenceMetadata` JSON.
-- Enforce `sc_evidence_max_bytes` locally before submission.
 - Submit `MsgSubmitEvidence` to `x/audit` using the Supernode’s Cosmos key.
 
 Evidence is chain-verifiable at the policy/assignment level (epoch anchor + deterministic rules), while full transcripts remain
@@ -48,4 +47,3 @@ off-chain (supernode logs and local stores).
   service retries on the next tick.
 - Candidate key lookback: lookback is computed as `lookback_epochs * estimated_epoch_duration`, where epoch duration is
   estimated from recent blocks. If estimation fails, it falls back to `24h * lookback_epochs`.
-
diff --git a/supernode/storage_challenge/service.go b/supernode/storage_challenge/service.go

Original file line number	Diff line number	Diff line change
`@@ -63,13 +63,13 @@ func (m *module) GetAssignedTargets(ctx context.Context, supernodeAccount string`
`63`	`63`	`return resp, nil`
`64`	`64`	`}`
`65`	`65`
`66`		`-func (m module) GetAuditReport(ctx context.Context, epochID uint64, supernodeAccount string) (types.QueryAuditReportResponse, error) {`
`67`		`- resp, err := m.client.AuditReport(ctx, &types.QueryAuditReportRequest{`
	`66`	`+func (m module) GetEpochReport(ctx context.Context, epochID uint64, supernodeAccount string) (types.QueryEpochReportResponse, error) {`
	`67`	`+ resp, err := m.client.EpochReport(ctx, &types.QueryEpochReportRequest{`
`68`	`68`	`EpochId: epochID,`
`69`	`69`	`SupernodeAccount: supernodeAccount,`
`70`	`70`	`})`
`71`	`71`	`if err != nil {`
`72`		`- return nil, fmt.Errorf("failed to get audit report: %w", err)`
	`72`	`+ return nil, fmt.Errorf("failed to get epoch report: %w", err)`
`73`	`73`	`}`
`74`	`74`	`return resp, nil`
`75`	`75`	`}`
Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ type Module interface {`
`14`	`14`	`GetCurrentEpochAnchor(ctx context.Context) (*types.QueryCurrentEpochAnchorResponse, error)`
`15`	`15`	`GetCurrentEpoch(ctx context.Context) (*types.QueryCurrentEpochResponse, error)`
`16`	`16`	`GetAssignedTargets(ctx context.Context, supernodeAccount string, epochID uint64) (*types.QueryAssignedTargetsResponse, error)`
`17`		`- GetAuditReport(ctx context.Context, epochID uint64, supernodeAccount string) (*types.QueryAuditReportResponse, error)`
	`17`	`+ GetEpochReport(ctx context.Context, epochID uint64, supernodeAccount string) (*types.QueryEpochReportResponse, error)`
`18`	`18`	`}`
`19`	`19`
`20`	`20`	`// NewModule creates a new Audit module client.`
Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@ import (`
`15`	`15`	`// Module defines the interface for audit-related transactions.`
`16`	`16`	`type Module interface {`
`17`	`17`	`SubmitEvidence(ctx context.Context, subjectAddress string, evidenceType audittypes.EvidenceType, actionID string, metadataJSON string) (*sdktx.BroadcastTxResponse, error)`
`18`		`- SubmitAuditReport(ctx context.Context, epochID uint64, peerObservations []audittypes.AuditPeerObservation) (sdktx.BroadcastTxResponse, error)`
	`18`	`+ SubmitEpochReport(ctx context.Context, epochID uint64, hostReport audittypes.HostReport, storageChallengeObservations []audittypes.StorageChallengeObservation) (sdktx.BroadcastTxResponse, error)`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`// NewModule creates a new audit_msg module instance.`
Original file line number	Diff line number	Diff line change
`@@ -213,8 +213,8 @@ func (m *MockAuditModule) GetAssignedTargets(ctx context.Context, supernodeAccou`
`213`	`213`	`return &audittypes.QueryAssignedTargetsResponse{}, nil`
`214`	`214`	`}`
`215`	`215`
`216`		`-func (m MockAuditModule) GetAuditReport(ctx context.Context, epochID uint64, supernodeAccount string) (audittypes.QueryAuditReportResponse, error) {`
`217`		`- return &audittypes.QueryAuditReportResponse{}, nil`
	`216`	`+func (m MockAuditModule) GetEpochReport(ctx context.Context, epochID uint64, supernodeAccount string) (audittypes.QueryEpochReportResponse, error) {`
	`217`	`+ return &audittypes.QueryEpochReportResponse{}, nil`
`218`	`218`	`}`
`219`	`219`
`220`	`220`	`type MockAuditMsgModule struct{}`
`@@ -223,7 +223,7 @@ func (m *MockAuditMsgModule) SubmitEvidence(ctx context.Context, subjectAddress`
`223`	`223`	`return &sdktx.BroadcastTxResponse{}, nil`
`224`	`224`	`}`
`225`	`225`
`226`		`-func (m MockAuditMsgModule) SubmitAuditReport(ctx context.Context, epochID uint64, peerObservations []audittypes.AuditPeerObservation) (*sdktx.BroadcastTxResponse, error) {`
	`226`	`+func (m MockAuditMsgModule) SubmitEpochReport(ctx context.Context, epochID uint64, hostReport audittypes.HostReport, storageChallengeObservations []audittypes.StorageChallengeObservation) (*sdktx.BroadcastTxResponse, error) {`
`227`	`227`	`return &sdktx.BroadcastTxResponse{}, nil`
`228`	`228`	`}`
`229`	`229`