Skip to content

Handle BCS serialization failure gracefully in the bridge burn monitor#6584

Closed
ma2bd wants to merge 1 commit into
mainfrom
ma2bd/bridge-bcs-serialize-graceful
Closed

Handle BCS serialization failure gracefully in the bridge burn monitor#6584
ma2bd wants to merge 1 commit into
mainfrom
ma2bd/bridge-bcs-serialize-graceful

Conversation

@ma2bd

@ma2bd ma2bd commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Motivation

Part of #147 (make sure the code handles bcs::to_bytes failures gracefully). BCS
serialization is fallible — it errors on containers nested deeper than
MAX_CONTAINER_DEPTH (500) or sequences longer than MAX_SEQUENCE_LENGTH (2³¹−1) — so
production code should not .expect() on it.

persist_cert_bytes in the bridge's Linera burn monitor serialized a
ConfirmedBlockCertificate with .expect("BCS-serialize cert"). It runs in the
long-lived burn-processor loop, so a serialization failure would panic and abort the
whole monitor task — even though the very next thing the function does (and the
certificate read in its caller) already logs and skips on error. This makes the
serialization failure path consistent with the surrounding infrastructure-error handling.

Proposal

Replace the .expect() with a match that logs a warning and returns, skipping the
height without consuming any burn's retry budget — mirroring how the caller handles a
failed certificate read.

Test Plan

CI (cargo check/cargo clippy/cargo +nightly fmt). The change is a local
error-handling swap with no behavioral change on the success path.

Release Plan

  • These changes should be backported to the latest testnet branch, then
    • be released in a validator hotfix.

Links

@ma2bd ma2bd requested a review from deuszx July 3, 2026 23:10
@ma2bd ma2bd closed this Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant