A follow-up to #32487 (review), after which validating the hash of a read block from disk doesn’t incur the cost of calculating its hash anymore.
Summary
This PR adds explicit checks that the read block header’s hash matches the one we were expecting.
Context
After the previous PR, validating a block’s hash during read operations became essentially free. This PR leverages that by requiring callers to provide a block’s expected hash (or std::nullopt
), preventing silent failures caused by corrupted or mismatched data. Most ReadBlock
usages were updated with expected hashes and now fail on mismatch.
Changes
- added hash assertions in
ProcessGetBlockData
andProcessMessage
to validate that the block read from disk matches the expected hash; - updated tests and benchmark to pass the correct block hash to
ReadBlock()
, ensuring the hash validation is tested - or none if we already expect PoW failure; - removed the default value for
expected_hash
, requiring an explicit hash for all block reads.
Why is the hash still optional
- for header-error tests, where the goal is to trigger failures early in the parsing process;
- for out-of-order orphan blocks, where the child hash isn’t available before the initial disk read.