@optimystic/db-p2p 0.3.0 → 0.9.0

package/src/cluster/block-transfer.ts

@@ -1,28 +1,13 @@
-import type { BlockId, IRepo } from '@optimystic/db-core';
-import type { PeerId, IPeerNetwork } from '@optimystic/db-core';
+import type { IRepo, IPeerNetwork } from '@optimystic/db-core';
 import { peerIdFromString } from '@libp2p/peer-id';
 import type { PartitionDetector } from './partition-detector.js';
 import type { RestorationCoordinator } from '../storage/restoration-coordinator-v2.js';
-import { BlockTransferClient, type BlockTransferRequest, type BlockTransferResponse } from './block-transfer-service.js';
+import { BlockTransferClient } from './block-transfer-service.js';
+import type { RebalanceEvent } from './rebalance-monitor.js';
 import { createLogger } from '../logger.js';
 
 const log = createLogger('block-transfer');
 
-/**
- * Rebalance event describing gained/lost block responsibilities.
- * Matches the RebalanceMonitor spec from the sibling ticket.
- */
-export interface RebalanceEvent {
-	/** Block IDs this node has gained responsibility for */
-	gained: string[];
-	/** Block IDs this node has lost responsibility for */
-	lost: string[];
-	/** Peers that are now closer for the lost blocks: blockId → peerId[] */
-	newOwners: Map<string, string[]>;
-	/** Timestamp of the topology change that triggered this */
-	triggeredAt: number;
-}
-
 export interface BlockTransferConfig {
 	/** Max concurrent transfers. Default: 4 */
 	maxConcurrency?: number;
@@ -34,11 +19,6 @@ export interface BlockTransferConfig {
 	enablePush?: boolean;
 }
 
-interface TransferTask {
-	blockId: string;
-	attempt: number;
-}
-
 /**
  * Coordinates block transfers in response to rebalance events.
  *
@@ -84,11 +64,9 @@ export class BlockTransferCoordinator {
 		const succeeded: string[] = [];
 		const failed: string[] = [];
 
-		const tasks = blockIds
-			.filter(id => !this.inFlight.has(`pull:${id}`))
-			.map(id => ({ blockId: id, attempt: 0 }));
+		const ids = blockIds.filter(id => !this.inFlight.has(`pull:${id}`));
 
-		await Promise.all(tasks.map(task => this.executePull(task, succeeded, failed)));
+		await Promise.all(ids.map(id => this.executePull(id, succeeded, failed)));
 
 		return { succeeded, failed };
 	}
@@ -111,11 +89,9 @@ export class BlockTransferCoordinator {
 		const succeeded: string[] = [];
 		const failed: string[] = [];
 
-		const tasks = blockIds
-			.filter(id => !this.inFlight.has(`push:${id}`) && newOwners.has(id))
-			.map(id => ({ blockId: id, attempt: 0 }));
+		const ids = blockIds.filter(id => !this.inFlight.has(`push:${id}`) && newOwners.has(id));
 
-		await Promise.all(tasks.map(task => this.executePush(task, newOwners, succeeded, failed)));
+		await Promise.all(ids.map(id => this.executePush(id, newOwners, succeeded, failed)));
 
 		return { succeeded, failed };
 	}
@@ -139,37 +115,40 @@ export class BlockTransferCoordinator {
 	}
 
 	private async executePull(
-		task: TransferTask,
+		blockId: string,
 		succeeded: string[],
 		failed: string[]
 	): Promise<void> {
-		const key = `pull:${task.blockId}`;
+		const key = `pull:${blockId}`;
 		if (this.inFlight.has(key)) return;
 		this.inFlight.add(key);
 
 		try {
-			await this.acquireSemaphore();
-			try {
-				const archive = await this.withTimeout(
-					this.restorationCoordinator.restore(task.blockId),
-					this.transferTimeoutMs
-				);
+			for (let attempt = 0; ; attempt++) {
+				await this.acquireSemaphore();
+				let archive: Awaited<ReturnType<RestorationCoordinator['restore']>>;
+				try {
+					archive = await this.withTimeout(
+						this.restorationCoordinator.restore(blockId),
+						this.transferTimeoutMs
+					);
+				} finally {
+					this.releaseSemaphore();
+				}
 
 				if (archive) {
-					log('pull:ok block=%s', task.blockId);
-					succeeded.push(task.blockId);
-				} else if (task.attempt < this.maxRetries) {
-					log('pull:retry block=%s attempt=%d', task.blockId, task.attempt + 1);
-					this.inFlight.delete(key);
-					await this.delay(this.backoffMs(task.attempt));
-					await this.executePull({ ...task, attempt: task.attempt + 1 }, succeeded, failed);
+					log('pull:ok block=%s', blockId);
+					succeeded.push(blockId);
 					return;
-				} else {
-					log('pull:failed block=%s', task.blockId);
-					failed.push(task.blockId);
 				}
-			} finally {
-				this.releaseSemaphore();
+				if (attempt < this.maxRetries) {
+					log('pull:retry block=%s attempt=%d', blockId, attempt + 1);
+					await this.delay(this.backoffMs(attempt));
+					continue;
+				}
+				log('pull:failed block=%s', blockId);
+				failed.push(blockId);
+				return;
 			}
 		} finally {
 			this.inFlight.delete(key);
@@ -177,71 +156,73 @@ export class BlockTransferCoordinator {
 	}
 
 	private async executePush(
-		task: TransferTask,
+		blockId: string,
 		newOwners: Map<string, string[]>,
 		succeeded: string[],
 		failed: string[]
 	): Promise<void> {
-		const key = `push:${task.blockId}`;
+		const key = `push:${blockId}`;
 		if (this.inFlight.has(key)) return;
 		this.inFlight.add(key);
 
 		try {
-			await this.acquireSemaphore();
-			try {
-				const owners = newOwners.get(task.blockId);
-				if (!owners || owners.length === 0) {
-					failed.push(task.blockId);
-					return;
-				}
-
-				// Read block data from local storage
-				const result = await this.repo.get({ blockIds: [task.blockId] });
-				const blockResult = result[task.blockId];
-				if (!blockResult?.block) {
-					log('push:no-local-data block=%s', task.blockId);
-					failed.push(task.blockId);
-					return;
-				}
+			for (let attempt = 0; ; attempt++) {
+				await this.acquireSemaphore();
+				let pushed = false;
+				try {
+					const owners = newOwners.get(blockId);
+					if (!owners || owners.length === 0) {
+						failed.push(blockId);
+						return;
+					}
 
-				const blockData = new TextEncoder().encode(JSON.stringify(blockResult.block));
+					// Read block data from local storage
+					const result = await this.repo.get({ blockIds: [blockId] });
+					const blockResult = result[blockId];
+					if (!blockResult?.block) {
+						log('push:no-local-data block=%s', blockId);
+						failed.push(blockId);
+						return;
+					}
 
-				// Push to at least one new owner
-				let pushed = false;
-				for (const ownerPeerIdStr of owners) {
-					try {
-						const peerId = peerIdFromString(ownerPeerIdStr);
-						const client = new BlockTransferClient(peerId, this.peerNetwork, this.protocolPrefix);
-						const response = await this.withTimeout(
-							client.pushBlocks([task.blockId], [blockData]),
-							this.transferTimeoutMs
-						);
-
-						if (response && !response.missing.includes(task.blockId)) {
-							pushed = true;
-							log('push:ok block=%s peer=%s', task.blockId, ownerPeerIdStr);
-							break;
+					const blockData = new TextEncoder().encode(JSON.stringify(blockResult.block));
+
+					// Push to at least one new owner
+					for (const ownerPeerIdStr of owners) {
+						try {
+							const peerId = peerIdFromString(ownerPeerIdStr);
+							const client = new BlockTransferClient(peerId, this.peerNetwork, this.protocolPrefix);
+							const response = await this.withTimeout(
+								client.pushBlocks([blockId], [blockData]),
+								this.transferTimeoutMs
+							);
+
+							if (response && !response.missing.includes(blockId)) {
+								pushed = true;
+								log('push:ok block=%s peer=%s', blockId, ownerPeerIdStr);
+								break;
+							}
+						} catch (err) {
+							log('push:peer-error block=%s peer=%s err=%s',
+								blockId, ownerPeerIdStr, (err as Error).message);
 						}
-					} catch (err) {
-						log('push:peer-error block=%s peer=%s err=%s',
-							task.blockId, ownerPeerIdStr, (err as Error).message);
 					}
+				} finally {
+					this.releaseSemaphore();
 				}
 
 				if (pushed) {
-					succeeded.push(task.blockId);
-				} else if (task.attempt < this.maxRetries) {
-					log('push:retry block=%s attempt=%d', task.blockId, task.attempt + 1);
-					this.inFlight.delete(key);
-					await this.delay(this.backoffMs(task.attempt));
-					await this.executePush({ ...task, attempt: task.attempt + 1 }, newOwners, succeeded, failed);
+					succeeded.push(blockId);
 					return;
-				} else {
-					log('push:failed block=%s', task.blockId);
-					failed.push(task.blockId);
 				}
-			} finally {
-				this.releaseSemaphore();
+				if (attempt < this.maxRetries) {
+					log('push:retry block=%s attempt=%d', blockId, attempt + 1);
+					await this.delay(this.backoffMs(attempt));
+					continue;
+				}
+				log('push:failed block=%s', blockId);
+				failed.push(blockId);
+				return;
 			}
 		} finally {
 			this.inFlight.delete(key);

package/src/cluster/client.ts

@@ -23,7 +23,12 @@ export class ClusterClient extends ProtocolClient implements ICluster {
       response = await this.processMessage<any>(message, preferred)
     } catch (err) {
       if (preferred !== '/db-p2p/cluster/1.0.0') {
-        response = await this.processMessage<any>(message, '/db-p2p/cluster/1.0.0')
+        try {
+          response = await this.processMessage<any>(message, '/db-p2p/cluster/1.0.0')
+        } catch (fallbackErr) {
+          // Throw original error - fallback protocol is likely not registered
+          throw err
+        }
       } else {
         throw err
       }

package/src/cluster/cluster-repo.ts

@@ -237,15 +237,8 @@ export class ClusterMember implements ICluster {
 				log('cluster-member:action-consensus', {
 					messageHash: record.messageHash
 				});
-				// If the incoming record already had our commit, we already executed
-				// (idempotency for duplicate consensus messages)
-				if (inboundPhase !== 'commit') {
-					await this.handleConsensus(currentRecord);
-				} else {
-					log('cluster-member:consensus-skip-already-committed', {
-						messageHash: record.messageHash
-					});
-				}
+				// handleConsensus has its own idempotency guard via executedTransactions
+				await this.handleConsensus(currentRecord);
 				// Don't call clearTransaction here - it happens in handleConsensus
 				shouldPersist = false;
 				break;
@@ -306,7 +299,8 @@ export class ClusterMember implements ICluster {
 	}
 
 	/**
-	 * Merges two records, validating that non-signature fields match
+	 * Merges two records, validating that non-signature fields match.
+	 * Detects equivocation (same peer changing vote type) and applies penalties.
 	 */
 	private async mergeRecords(existing: ClusterRecord, incoming: ClusterRecord): Promise<ClusterRecord> {
 		log('cluster-member:merge-records', {
@@ -327,14 +321,64 @@ export class ClusterMember implements ICluster {
 			throw new Error('Peers mismatch');
 		}
 
-		// Merge signatures, keeping the most recent valid ones
+		// Merge signatures with equivocation detection
+		const mergedPromises = this.detectEquivocation(
+			existing.promises, incoming.promises, 'promise', existing.messageHash
+		);
+		const mergedCommits = this.detectEquivocation(
+			existing.commits, incoming.commits, 'commit', existing.messageHash
+		);
+
 		return {
 			...existing,
-			promises: { ...existing.promises, ...incoming.promises },
-			commits: { ...existing.commits, ...incoming.commits }
+			promises: mergedPromises,
+			commits: mergedCommits
 		};
 	}
 
+	/**
+	 * Compares existing vs incoming signatures for the same peers.
+	 * If a peer's vote type changed (approve↔reject), that's equivocation:
+	 * report a penalty and keep the first-seen signature.
+	 * New peers are accepted normally.
+	 */
+	private detectEquivocation(
+		existing: Record<string, Signature>,
+		incoming: Record<string, Signature>,
+		phase: 'promise' | 'commit',
+		messageHash: string
+	): Record<string, Signature> {
+		const merged = { ...existing };
+
+		for (const [peerId, incomingSig] of Object.entries(incoming)) {
+			const existingSig = existing[peerId];
+			if (existingSig) {
+				if (existingSig.type !== incomingSig.type) {
+					// Equivocation detected: peer changed their vote type
+					log('cluster-member:equivocation-detected', {
+						peerId,
+						phase,
+						messageHash,
+						existingType: existingSig.type,
+						incomingType: incomingSig.type
+					});
+					this.reputation?.reportPeer(
+						peerId,
+						PenaltyReason.Equivocation,
+						`${phase}:${messageHash}:${existingSig.type}->${incomingSig.type}`
+					);
+					// Keep first-seen signature — do not let the peer flip their vote
+				}
+				// Same type: keep existing (no-op, already in merged)
+			} else {
+				// New peer — accept normally
+				merged[peerId] = incomingSig;
+			}
+		}
+
+		return merged;
+	}
+
 	private async validateRecord(record: ClusterRecord): Promise<void> {
 		// Validate message hash matches the message content
 		const expectedHash = await this.computeMessageHash(record.message);
@@ -356,7 +400,7 @@ export class ClusterMember implements ICluster {
 	 * Must match cluster-coordinator.ts createMessageHash().
 	 */
 	private async computeMessageHash(message: RepoMessage): Promise<string> {
-		const msgBytes = new TextEncoder().encode(JSON.stringify(message));
+		const msgBytes = new TextEncoder().encode(ClusterMember.canonicalJson(message));
 		const hashBytes = await sha256.digest(msgBytes);
 		return base58btc.encode(hashBytes.digest);
 	}
@@ -386,14 +430,23 @@ export class ClusterMember implements ICluster {
 		}
 	}
 
+	/** Deterministic JSON: sorts object keys so hash is order-independent */
+	private static canonicalJson(value: unknown): string {
+		return JSON.stringify(value, (_, v) =>
+			v && typeof v === 'object' && !Array.isArray(v)
+				? Object.keys(v).sort().reduce((o: Record<string, unknown>, k) => { o[k] = v[k]; return o; }, {})
+				: v
+		);
+	}
+
 	private async computePromiseHash(record: ClusterRecord): Promise<string> {
-		const msgBytes = new TextEncoder().encode(record.messageHash + JSON.stringify(record.message));
+		const msgBytes = new TextEncoder().encode(record.messageHash + ClusterMember.canonicalJson(record.message));
 		const hashBytes = await sha256.digest(msgBytes);
 		return uint8ArrayToString(hashBytes.digest, 'base64url');
 	}
 
 	private async computeCommitHash(record: ClusterRecord): Promise<string> {
-		const msgBytes = new TextEncoder().encode(record.messageHash + JSON.stringify(record.message) + JSON.stringify(record.promises));
+		const msgBytes = new TextEncoder().encode(record.messageHash + ClusterMember.canonicalJson(record.message) + ClusterMember.canonicalJson(record.promises));
 		const hashBytes = await sha256.digest(msgBytes);
 		return uint8ArrayToString(hashBytes.digest, 'base64url');
 	}
@@ -414,7 +467,9 @@ export class ClusterMember implements ICluster {
 		if (!peerInfo?.publicKey?.length) {
 			throw new Error(`No public key for peer ${peerId}`);
 		}
-		const pubKey = publicKeyFromRaw(peerInfo.publicKey);
+		// publicKey is base64url-encoded string (JSON-serialization safe)
+		const keyBytes = uint8ArrayFromString(peerInfo.publicKey, 'base64url');
+		const pubKey = publicKeyFromRaw(keyBytes);
 		const payload = this.computeSigningPayload(hash, signature.type, signature.rejectReason);
 		const sigBytes = uint8ArrayFromString(signature.signature, 'base64url');
 		return pubKey.verify(payload, sigBytes);

package/src/cluster/rebalance-monitor.ts

@@ -6,6 +6,7 @@ import type { ArachnodeFretAdapter, ArachnodeInfo } from '../storage/arachnode-f
 import { createLogger } from '../logger.js'
 
 const log = createLogger('rebalance-monitor')
+const textEncoder = new TextEncoder()
 
 export interface RebalanceEvent {
 	/** Block IDs this node has gained responsibility for */
@@ -164,7 +165,7 @@ export class RebalanceMonitor implements Startable {
 		const newOwners = new Map<string, string[]>()
 
 		for (const blockId of this.trackedBlocks) {
-			const key = new TextEncoder().encode(blockId)
+			const key = textEncoder.encode(blockId)
 			const coord = await hashKey(key)
 
 			// Get the current cohort — assembleCohort returns peer IDs sorted by distance
@@ -217,9 +218,6 @@ export class RebalanceMonitor implements Startable {
 	 * Update ArachnodeInfo status through the fret adapter.
 	 */
 	setStatus(status: ArachnodeInfo['status']): void {
-		const current = this.deps.fretAdapter.getMyArachnodeInfo()
-		if (current) {
-			this.deps.fretAdapter.setArachnodeInfo({ ...current, status })
-		}
+		this.deps.fretAdapter.setStatus(status)
 	}
 }

package/src/dispute/dispute-service.ts

@@ -63,6 +63,8 @@ export class DisputeService {
 	private activeDisputes: Map<string, DisputeChallenge> = new Map();
 	/** Resolved disputes (disputeId -> resolution) */
 	private resolvedDisputes: Map<string, DisputeResolution> = new Map();
+	/** Challenges retained after resolution for status lookups */
+	private resolvedChallenges: Map<string, DisputeChallenge> = new Map();
 	/** Track which transactions we've already disputed (prevent spam) */
 	private disputedTransactions: Set<string> = new Set();
 
@@ -179,6 +181,7 @@ export class DisputeService {
 		const votes = await this.collectVotes(challenge, arbitrators);
 		const resolution = this.resolveDispute(challenge, votes);
 
+		this.resolvedChallenges.set(disputeId, challenge);
 		this.activeDisputes.delete(disputeId);
 		this.resolvedDisputes.set(disputeId, resolution);
 
@@ -434,11 +437,14 @@ export class DisputeService {
 	private async verifyDisputeSignature(
 		disputeId: string,
 		signature: string,
-		publicKey?: Uint8Array
+		publicKey?: string | Uint8Array
 	): Promise<boolean> {
 		if (!publicKey?.length) return false;
 		try {
-			const pubKey = publicKeyFromRaw(publicKey);
+			const keyBytes = typeof publicKey === 'string'
+				? uint8ArrayFromString(publicKey, 'base64url')
+				: publicKey;
+			const pubKey = publicKeyFromRaw(keyBytes);
 			const payload = new TextEncoder().encode(disputeId);
 			const sigBytes = uint8ArrayFromString(signature, 'base64url');
 			return pubKey.verify(payload, sigBytes);
@@ -448,6 +454,6 @@ export class DisputeService {
 	}
 
 	private findChallengeForDispute(disputeId: string): DisputeChallenge | undefined {
-		return this.activeDisputes.get(disputeId);
+		return this.activeDisputes.get(disputeId) ?? this.resolvedChallenges.get(disputeId);
 	}
 }

package/src/index.ts

@@ -2,6 +2,8 @@ export * from "./cluster/client.js";
 export * from "./cluster/cluster-repo.js";
 export * from "./cluster/service.js";
 export * from "./cluster/rebalance-monitor.js";
+export * from "./cluster/block-transfer.js";
+export * from "./cluster/block-transfer-service.js";
 export * from "./protocol-client.js";
 export * from "./repo/client.js";
 export * from "./repo/cluster-coordinator.js";

package/src/libp2p-key-network.ts

@@ -1,5 +1,5 @@
 import type { AbortOptions, Libp2p, PeerId, Stream } from "@libp2p/interface";
-import { toString as u8ToString } from 'uint8arrays/to-string'
+import { toString as u8ToString, fromString as u8FromString } from 'uint8arrays'
 import type { ClusterPeers, FindCoordinatorOptions, IKeyNetwork, IPeerNetwork } from "@optimystic/db-core";
 import { peerIdFromString } from '@libp2p/peer-id'
 import { multiaddr } from '@multiformats/multiaddr'
@@ -416,12 +416,14 @@ export class Libp2pKeyPeerNetwork implements IKeyNetwork, IPeerNetwork {
 
 		for (const idStr of ids) {
 			if (idStr === this.libp2p.peerId.toString()) {
-				peers[idStr] = { multiaddrs: this.libp2p.getMultiaddrs().map(ma => ma.toString()), publicKey: this.libp2p.peerId.publicKey?.raw ?? new Uint8Array() }
+				const raw = this.libp2p.peerId.publicKey?.raw ?? new Uint8Array()
+				peers[idStr] = { multiaddrs: this.libp2p.getMultiaddrs().map(ma => ma.toString()), publicKey: u8ToString(raw, 'base64url') }
 				continue
 			}
 			const strings = connectedByPeer[idStr] ?? []
 			const remotePeerId = peerIdFromString(idStr)
-			peers[idStr] = { multiaddrs: this.parseMultiaddrs(strings), publicKey: remotePeerId.publicKey?.raw ?? new Uint8Array() }
+			const raw = remotePeerId.publicKey?.raw ?? new Uint8Array()
+			peers[idStr] = { multiaddrs: this.parseMultiaddrs(strings), publicKey: u8ToString(raw, 'base64url') }
 		}
 
 		this.log('findCluster:done key=%s ms=%d peers=%d',

package/src/libp2p-node-base.ts

@@ -315,7 +315,7 @@ export async function createLibp2pNodeBase(
 	);
 
 	// Create callback for querying cluster peers for their latest block revision
-	const clusterLatestCallback: ClusterLatestCallback = async (peerId, blockId) => {
+	const clusterLatestCallback: ClusterLatestCallback = async (peerId, blockId, _context?) => {
 		const syncClient = new SyncClient(peerId, keyNetwork, protocolPrefix);
 		try {
 			const response = await syncClient.requestBlock({ blockId, rev: undefined });

package/src/repo/cluster-coordinator.ts

@@ -58,8 +58,17 @@ export class ClusterCoordinator {
 	/**
 	 * Creates a base 58 BTC string hash for a message to uniquely identify a transaction
 	 */
+	/** Deterministic JSON: sorts object keys so hash is order-independent */
+	private static canonicalJson(value: unknown): string {
+		return JSON.stringify(value, (_, v) =>
+			v && typeof v === 'object' && !Array.isArray(v)
+				? Object.keys(v).sort().reduce((o: Record<string, unknown>, k) => { o[k] = v[k]; return o; }, {})
+				: v
+		);
+	}
+
 	private async createMessageHash(message: RepoMessage): Promise<string> {
-		const msgBytes = new TextEncoder().encode(JSON.stringify(message));
+		const msgBytes = new TextEncoder().encode(ClusterCoordinator.canonicalJson(message));
 		const hashBytes = await sha256.digest(msgBytes);
 		return base58btc.encode(hashBytes.digest);
 	}
@@ -511,26 +520,43 @@ export class ClusterCoordinator {
 				peerCount,
 				threshold: this.cfg.simpleMajorityThreshold
 			});
-			// Simple majority proves commitment - we can return success
-			// Notify local cluster with the final merged record so it can execute operations
-			if (this.localCluster) {
-				try {
-					await this.localCluster.update(record);
-				} catch (err) {
-					// Local execution errors shouldn't fail the transaction since consensus was reached
-					log('cluster-tx:local-execution-error', {
-						messageHash: record.messageHash,
-						error: err instanceof Error ? err.message : String(err)
-					});
+			// Broadcast the merged record (with all commit signatures) to ALL peers
+			// so each peer can independently reach consensus and execute the operations.
+			// Without this, only the coordinator's local cluster executes — remote peers
+			// never see enough commits to reach consensus on their own.
+			const broadcastResults = await Promise.allSettled(
+				peerIds.map(peerIdStr => {
+					const isLocal = this.localCluster && peerIdStr === this.localCluster.peerId.toString();
+					return isLocal
+						? this.localCluster!.update(record)
+						: this.createClusterClient(peerIdFromString(peerIdStr)).update(record).catch(err => {
+							log('cluster-tx:consensus-broadcast-error', { messageHash: record.messageHash, peerId: peerIdStr, error: (err as Error).message });
+							return null;
+						});
+				})
+			);
+
+			// Check for broadcast failures (excluding local)
+			const broadcastFailures: string[] = [];
+			broadcastResults.forEach((result, idx) => {
+				const peerId = peerIds[idx]!;
+				const isLocal = this.localCluster && peerId === this.localCluster.peerId.toString();
+				if (!isLocal && (result.status === 'rejected' || result.value === null)) {
+					broadcastFailures.push(peerId);
 				}
+			});
+			if (broadcastFailures.length > 0) {
+				this.scheduleCommitRetry(record.messageHash, record, broadcastFailures);
+			} else {
+				this.clearRetry(record.messageHash);
 			}
-		}
-
-		const missingPeers = commitFailures.map(entry => entry.peerId);
-		if (missingPeers.length > 0) {
-			this.scheduleCommitRetry(record.messageHash, record, missingPeers);
 		} else {
-			this.clearRetry(record.messageHash);
+			const missingPeers = commitFailures.map(entry => entry.peerId);
+			if (missingPeers.length > 0) {
+				this.scheduleCommitRetry(record.messageHash, record, missingPeers);
+			} else {
+				this.clearRetry(record.messageHash);
+			}
 		}
 		return record;
 	}

package/src/repo/coordinator-repo.ts

@@ -1,4 +1,4 @@
-import type { PendRequest, ActionBlocks, IRepo, MessageOptions, CommitResult, GetBlockResults, PendResult, BlockGets, CommitRequest, RepoMessage, IKeyNetwork, ICluster, ClusterConsensusConfig, BlockId, ActionRev } from "@optimystic/db-core";
+import type { PendRequest, ActionBlocks, IRepo, MessageOptions, CommitResult, GetBlockResults, PendResult, BlockGets, CommitRequest, RepoMessage, IKeyNetwork, ICluster, ClusterConsensusConfig, BlockId, ActionRev, ActionContext } from "@optimystic/db-core";
 import { LruMap } from "@optimystic/db-core";
 import { ClusterCoordinator } from "./cluster-coordinator.js";
 import type { ClusterClient } from "../cluster/client.js";
@@ -22,7 +22,7 @@ interface LocalClusterWithExecutionTracking extends ICluster {
  * Callback to query a cluster peer for their latest revision of a block.
  * Returns the peer's latest ActionRev if they have the block, undefined otherwise.
  */
-export type ClusterLatestCallback = (peerId: PeerId, blockId: BlockId) => Promise<ActionRev | undefined>;
+export type ClusterLatestCallback = (peerId: PeerId, blockId: BlockId, context?: ActionContext) => Promise<ActionRev | undefined>;
 
 interface CoordinatorRepoComponents {
 	storageRepo: IRepo;
@@ -159,7 +159,7 @@ export class CoordinatorRepo implements IRepo {
 				// If block not found locally (no state), try cluster peers
 				if (!localEntry?.state?.latest) {
 					try {
-						await this.fetchBlockFromCluster(blockId);
+						await this.fetchBlockFromCluster(blockId, blockGets.context);
 						// Re-fetch after sync
 						const refreshed = await this.storageRepo.get({ blockIds: [blockId], context: blockGets.context }, options);
 						if (refreshed[blockId]) {
@@ -175,11 +175,11 @@ export class CoordinatorRepo implements IRepo {
 		return localResult;
 	}
 
-	private async fetchBlockFromCluster(blockId: BlockId): Promise<void> {
+	private async fetchBlockFromCluster(blockId: BlockId, context?: ActionContext): Promise<void> {
 		if (!this.clusterLatestCallback) return;
 
 		// Query cluster for the block
-		const clusterLatest = await this.queryClusterForLatest(blockId);
+		const clusterLatest = await this.queryClusterForLatest(blockId, context);
 		if (clusterLatest) {
 			// Found on cluster - trigger restoration to sync the block
 			await this.storageRepo.get({ blockIds: [blockId], context: { committed: [clusterLatest], rev: clusterLatest.rev } });
@@ -190,7 +190,7 @@ export class CoordinatorRepo implements IRepo {
 	/**
 	 * Query cluster peers to find the maximum latest revision for a block.
 	 */
-	private async queryClusterForLatest(blockId: BlockId): Promise<ActionRev | undefined> {
+	private async queryClusterForLatest(blockId: BlockId, context?: ActionContext): Promise<ActionRev | undefined> {
 		const blockIdBytes = new TextEncoder().encode(blockId);
 		const peers = await this.keyNetwork.findCluster(blockIdBytes);
 		if (!peers || Object.keys(peers).length === 0) {
@@ -207,11 +207,11 @@ export class CoordinatorRepo implements IRepo {
 				new Promise<undefined>(resolve => setTimeout(() => resolve(undefined), timeoutMs))
 			]);
 
-		// Query peers in parallel for their latest revision (with 3 second timeout per peer)
+		// Query peers in parallel for their latest revision (with 1s timeout per peer)
 		const latestResults = await Promise.allSettled(
 			peerIds.map(peerIdStr => {
 				const peerId = peerIdFromString(peerIdStr);
-				return withTimeout(this.clusterLatestCallback!(peerId, blockId), 3000);
+				return withTimeout(this.clusterLatestCallback!(peerId, blockId, context), 1000);
 			})
 		);