add remaining ADRs

Author: evan-forbes

docs/celestia-architecture/adr-001-block-propagation.md

@@ -0,0 +1,124 @@
+# ADR 001: Erasure Coding Block Propagation
+
+## Changelog
+
+- 16-2-2021: Created
+
+## Context
+
+Block propagation is currently done by splitting the block into arbitrary chunks and gossiping them to validators via a gossip routine. While this does not have downsides it does not meet the needs of the Celestia chain. The celestia chain requires blocks to be encoded in a different way and for the proposer to not propagate the chunks to peers.
+
+Celestia wants validators to pull the block from a IPFS network. What does this mean? As I touched on earlier the proposer pushes the block to the network, this in turn means that each validator downloads and reconstructs the block each time to verify it. Instead Celestia will encode and split up the block via erasure codes, stored locally in the nodes IPFS daemon. After the proposer has sent the block to IPFS and received the CIDs it will include them into the proposal. This proposal will be gossiped to other validators, once a validator receives the proposal it will begin requesting the CIDs included in the proposal.
+
+There are two forms of a validator, one that downloads the block and one that samples it. What does sampling mean? Sampling is the act of checking that a portion or entire block is available for download.
+
+## Detailed Design
+
+The proposed design is as follows.
+
+### Types
+
+The proposal and vote types have a BlockID, this will be replaced with a header hash. The proposal will contain add fields.
+
+The current proposal will be updated to include required fields. The entirety of the message will be reworked at a later date. To see the extent of the needed changes you can visit the [spec repo](https://github.com/celestiaorg/celestia-specs/blob/master/specs/proto/consensus.proto#L19)
+
+```proto
+message Proposal {
+  SignedMsgType             type      = 1;
+  int64                     height    = 2;
+  int32                     round     = 3;
+  int32                     pol_round = 4;
+
+  +++
+    // 32-byte hash
+  bytes last_header_hash = 5;
+  // 32-byte hash
+  bytes last_commit_hash = 6;
+    // 32-byte hash
+  bytes consensus_root = 7;
+  FeeHeader fee_header = 8;
+  // 32-byte hash
+  bytes state_commitment = 9;
+  uint64 available_data_original_shares_used = 10;
+  AvailableDataHeader available_data_header = 11;
+  +++
+
+  google.protobuf.Timestamp timestamp = 12
+      [(gogoproto.nullable) = false, (gogoproto.stdtime) = true];
+  bytes signature = 12;
+}
+```
+
+```proto
+// Vote represents a prevote, precommit, or commit vote from validators for
+// consensus.
+message Vote {
+  SignedMsgType type     = 1;
+  int64         height   = 2;
+  int32         round    = 3;
+  +++
+  bytes header_hash      = 4;
+  +++
+  google.protobuf.Timestamp timestamp = 5
+      [(gogoproto.nullable) = false, (gogoproto.stdtime) = true];
+  bytes validator_address = 6;
+  int32 validator_index   = 7;
+  bytes signature         = 8;
+}
+```
+
+See [specs](https://github.com/celestiaorg/celestia-specs/blob/master/specs/data_structures.md#vote) for more details on the vote.
+
+### Disk Storage
+
+Currently celestia-core stores all blocks in its store. Going forward only the headers of the blocks within the unbonding period will be stored. This will drastically reduce the amount of storage required by a celestia-core node. After the unbonding period all headers will have the option of being pruned.
+
+Proposed amendment to `BlockStore` interface
+
+```go
+type BlockStore interface {
+ Base() int64
+ Height() int64
+ Size() int64
+
+ LoadBlockMeta(height int64) *types.BlockMeta
+ LoadHeader(height int64) *types.Header
+ LoadDAHeader(height int64) *types.DataAvailabilityHeader
+
+ SaveHeaders(header *types.Header, daHeader *types.DataAvailabilityHeader, seenCommit *types.Commit)
+
+ PruneHeaders(height int64) (uint64, error)
+
+ LoadBlockCommit(height int64) *types.Commit
+ LoadSeenCommit(height int64) *types.Commit
+}
+```
+
+Along side these changes the rpc layer will need to change. Instead of querying the LL-core store, the node will redirect the query through IPFS.
+
+Example:
+
+When a user requests a block from the LL node, the request will be set to the IPLD plugin. If the IPLD does not have the requested block, it will make a request to the celestia IPFS network for the required CIDs. If the full node does not have the DAheader they will not be able to request the block data.
+
+![user request flow](./assets/user-request.png)
+
+The goal is to not change the public interface for RPC's. It is yet to be seen if this possible. This means that CIDs will need to be set and loaded from the store in order to get all the related block information an user requires.
+
+## Status
+
+Proposed
+
+
+### Positive
+
+- Minimal breakage to public interface
+- Only store the block in a single place (IPFS)
+- Reduce the public interface of the storage within Celestia.
+
+### Negative
+
+- User requests may take more time to process
+
+### Neutral
+
+## References

docs/celestia-architecture/adr-002-ipld-da-sampling.md

@@ -0,0 +1,280 @@
+# ADR 002: Sampling erasure coded Block chunks
+
+## Changelog
+
+- 26-2-2021: Created
+
+## Context
+
+In Tendermint's block gossiping each peer gossips random parts of block data to peers.
+For Celestia, we need nodes (from light-clients to validators) to be able to sample row-/column-chunks of the erasure coded
+block (aka the extended data square) from the network.
+This is necessary for Data Availability proofs.
+
+![extended_square.png](img/extended_square.png)
+
+A high-level, implementation-independent formalization of above mentioned sampling and Data Availability proofs can be found in:
+[_Fraud and Data Availability Proofs: Detecting Invalid Blocks in Light Clients_](https://fc21.ifca.ai/papers/83.pdf).
+
+For the time being, besides the academic paper, no other formalization or specification of the protocol exists.
+Currently, the Celestia specification itself only describes the [erasure coding](https://github.com/celestiaorg/celestia-specs/blob/master/specs/data_structures.md#erasure-coding)
+and how to construct the extended data square from the block data.
+
+This ADR:
+- describes the high-level requirements
+- defines the API that and how it can be used by different components of Celestia (block gossiping, block sync, DA proofs)
+- documents decision on how to implement this.
+
+
+The core data structures and the erasure coding of the block are already implemented in celestia-core ([#17], [#19], [#83]).
+While there are no ADRs for these changes, we can refer to the Celestia specification in this case.
+For this aspect, the existing implementation and specification should already be on par for the most part.
+The exact arrangement of the data as described in this [rationale document](https://github.com/celestiaorg/celestia-specs/blob/master/rationale/message_block_layout.md)
+in the specification can happen at app-side of the ABCI boundary.
+The latter was implemented in [celestiaorg/celestia-app#21](https://github.com/celestiaorg/celestia-app/pull/21)
+leveraging a new ABCI method, added in [#110](https://github.com/celestiaorg/celestia-core/pull/110).
+This new method is a sub-set of the proposed ABCI changes aka [ABCI++](https://github.com/tendermint/spec/pull/254).
+
+Mustafa Al-Bassam (@musalbas) implemented a [prototype](https://github.com/celestiaorg/celestia-prototype)
+whose main purpose is to realistically analyse the protocol.
+Although the prototype does not make any network requests and only operates locally, it can partly serve as a reference implementation.
+It uses the [rsmt2d] library.
+
+The implementation will essentially use IPFS' APIs. For reading (and writing) chunks it
+will use the IPLD [`DagService`](https://github.com/ipfs/go-ipld-format/blob/d2e09424ddee0d7e696d01143318d32d0fb1ae63/merkledag.go#L54),
+more precisely the [`NodeGetter`](https://github.com/ipfs/go-ipld-format/blob/d2e09424ddee0d7e696d01143318d32d0fb1ae63/merkledag.go#L18-L27)
+and [`NodeAdder`](https://github.com/ipfs/go-ipld-format/blob/d2e09424ddee0d7e696d01143318d32d0fb1ae63/merkledag.go#L29-L39).
+As an optimization, we can also use a [`Batch`](https://github.com/ipfs/go-ipld-format/blob/d2e09424ddee0d7e696d01143318d32d0fb1ae63/batch.go#L29)
+to batch adding and removing nodes.
+This will be achieved by passing around a [CoreAPI](https://github.com/ipfs/interface-go-ipfs-core/blob/b935dfe5375eac7ea3c65b14b3f9a0242861d0b3/coreapi.go#L15)
+object, which derive from the IPFS node which is created along a with a tendermint node (see [#152]).
+This code snippet does exactly that (see the [go-ipfs documentation] for more examples):
+```go
+// This constructs an IPFS node instance
+node, _ := core.NewNode(ctx, nodeOptions)
+// This attaches the Core API to the constructed node
+coreApi := coreapi.NewCoreAPI(node)
+```
+
+The above mentioned IPLD methods operate on so called [ipld.Nodes].
+When computing the data root, we can pass in a [`NodeVisitor`](https://github.com/celestia/nmt/blob/b22170d6f23796a186c07e87e4ef9856282ffd1a/nmt.go#L22)
+into the Namespaced Merkle Tree library to create these (each inner- and leaf-node in the tree becomes an ipld node).
+As a peer that requests such an IPLD node, the Celestia IPLD plugin provides the [function](https://github.com/celestiaorg/celestia-core/blob/ceb881a177b6a4a7e456c7c4ab1dd0eb2b263066/p2p/ipld/plugin/nodes/nodes.go#L175)
+`NmtNodeParser` to transform the retrieved raw data back into an `ipld.Node`.
+
+A more high-level description on the changes required to rip out the current block gossiping routine,
+including changes to block storage-, RPC-layer, and potential changes to reactors is either handled in [ADR 001](./adr-001-block-propagation.md),
+and/or in a few smaller, separate followup ADRs.
+
+## Alternative Approaches
+
+Instead of creating a full IPFS node object and passing it around as explained above
+ - use API (http)
+ - use ipld-light
+ - use alternative client
+
+Also, for better performance
+ - use [graph-sync], [IPLD selectors], e.g. via [ipld-prime]
+
+Also, there is the idea, that nodes only receive the [Header] with the data root only
+and, in an additional step/request, download the DA header using the library, too.
+While this feature is not considered here, and we assume each node that uses this library has the DA header, this assumption
+is likely to change when flesh out other parts of the system in more detail.
+Note that this also means that light clients would still need to validate that the data root and merkelizing the DA header yield the same result.
+
+## Decision
+
+> This section records the decision that was made.
+> It is best to record as much info as possible from the discussion that happened. This aids in not having to go back to the Pull Request to get the needed information.
+
+> - TODO: briefly summarize github, discord, and slack discussions (?)
+> - also mention Mustafa's prototype and compare both apis briefly (RequestSamples, RespondSamples, ProcessSamplesResponse)
+> - mention [ipld experiments]
+
+
+
+## Detailed Design
+
+Add a package to the library that provides the following features:
+ 1. sample a given number of random row/col indices of extended data square given a DA header and indicate if successful or timeout/other error occurred
+ 2. store the block in the network by adding it to the peer's local Merkle-DAG whose content is discoverable via a DHT
+ 3. store the sampled chunks in the network
+ 4. reconstruct the whole block from a given DA header
+ 5. get all messages of a particular namespace ID.
+
+We mention 5. here mostly for completeness. Its details will be described / implemented in a separate ADR / PR.
+
+Apart from the above mentioned features, we informally collect additional requirements:
+- where randomness is needed, the randomness source should be configurable
+- all replies by the network should be verified if this is not sufficiently covered by the used libraries already (IPFS)
+- where possible, the requests to the network should happen in parallel (without DoSing the proposer for instance).
+
+This library should be implemented as two new packages:
+
+First, a sub-package should be added to the layzledger-core [p2p] package
+which does not know anything about the core data structures (Block, DA header etc).
+It handles the actual network requests to the IPFS network and operates on IPFS/IPLD objects
+directly and hence should live under [p2p/ipld].
+To a some extent this part of the stack already exists.
+
+Second, a high-level API that can "live" closer to the actual types, e.g., in a sub-package in [celestia-core/types]
+or in a new sub-package `da`.
+
+We first describe the high-level library here and describe functions in
+more detail inline with their godoc comments below.
+
+### API that operates on celestia-core types
+
+As mentioned above this part of the library has knowledge of the core types (and hence depends on them).
+It does not deal with IPFS internals.
+
+```go
+// ValidateAvailability implements the protocol described in https://fc21.ifca.ai/papers/83.pdf.
+// Specifically all steps of the protocol described in section
+// _5.2 Random Sampling and Network Block Recovery_ are carried out.
+//
+// In more detail it will first create numSamples random unique coordinates.
+// Then, it will ask the network for the leaf data corresponding to these coordinates.
+// Additionally to the number of requests, the caller can pass in a callback,
+// which will be called on for each retrieved leaf with a verified Merkle proof.
+//
+// Among other use-cases, the callback can be useful to monitoring (progress), or,
+// to process the leaf data the moment it was validated.
+// The context can be used to provide a timeout.
+// TODO: Should there be a constant = lower bound for #samples
+func ValidateAvailability(
+    ctx contex.Context,
+    dah *DataAvailabilityHeader,
+    numSamples int,
+    onLeafValidity func(namespace.PrefixedData8),
+) error { /* ... */}
+
+// RetrieveBlockData can be used to recover the block Data.
+// It will carry out a similar protocol as described for ValidateAvailability.
+// The key difference is that it will sample enough chunks until it can recover the
+// full extended data square, including original data (e.g. by using rsmt2d.RepairExtendedDataSquare).
+func RetrieveBlockData(
+    ctx contex.Context,
+    dah *DataAvailabilityHeader,
+    api coreiface.CoreAPI,
+    codec rsmt2d.Codec,
+    ) (types.Data, error) {/* ... */}
+
+// PutBlock operates directly on the Block.
+// It first computes the erasure coding, aka the extended data square.
+// Row by row ir calls a lower level library which handles adding the
+// the row to the Merkle Dag, in our case a Namespaced Merkle Tree.
+// Note, that this method could also fill the DA header.
+// The data will be pinned by default.
+func (b *Block) PutBlock(ctx contex.Context, nodeAdder ipld.NodeAdder) error
+```
+
+We now describe the lower-level library that will be used by above methods.
+Again we provide more details inline in the godoc comments directly.
+
+`PutBlock` is a method on `Block` as the erasure coding can then be cached, e.g. in a private field
+in the block.
+
+### Changes to the lower level API closer to IPFS (p2p/ipld)
+
+```go
+// GetLeafData takes in a Namespaced Merkle tree root transformed into a Cid
+// and the leaf index to retrieve.
+// Callers also need to pass in the total number of leaves of that tree.
+// Internally, this will be translated to a IPLD path and corresponds to
+// an ipfs dag get request, e.g. namespacedCID/0/1/0/0/1.
+// The retrieved data should be pinned by default.
+func GetLeafData(
+    ctx context.Context,
+    rootCid cid.Cid,
+    leafIndex uint32,
+    totalLeafs uint32, // this corresponds to the extended square width
+    api coreiface.CoreAPI,
+) ([]byte, error)
+```
+
+`GetLeafData` can be used by above `ValidateAvailability` and `RetrieveBlock` and
+`PutLeaves` by `PutBlock`.
+
+### A Note on IPFS/IPLD
+
+In IPFS all data is _content addressed_ which basically means the data is identified by its hash.
+Particularly, in the Celestia case, the root CID identifies the Namespaced Merkle tree including all its contents (inner and leaf nodes).
+This means that if a `GetLeafData` request succeeds, the retrieved leaf data is in fact the leaf data in the tree.
+We do not need to additionally verify Merkle proofs per leaf as this will essentially be done via IPFS on each layer while
+resolving and getting to the leaf data.
+
+> TODO: validate this assumption and link to code that shows how this is done internally
+
+### Implementation plan
+
+As fully integrating Data Available proofs into tendermint, is a rather larger change we break up the work into the
+following packages (not mentioning the implementation work that was already done):
+
+1. Flesh out the changes in the consensus messages ([celestia-specs#126], [celestia-specs#127])
+2. Flesh out the changes that would be necessary to replace the current block gossiping ([ADR 001](./adr-001-block-propagation.md))
+3. Add the possibility of storing and retrieving block data (samples or whole block) to celestia-core (this ADR and related PRs).
+4. Integrate above API (3.) as an addition into celestia-core without directly replacing the tendermint counterparts (block gossip etc).
+5. Rip out each component that will be redundant with above integration in one or even several smaller PRs:
+    - block gossiping (see ADR 001)
+    - modify block store (see ADR 001)
+    - make downloading full Blocks optional (flag/config)
+    - route some RPC requests to IPFS (see ADR 001)
+
+
+## Status
+
+Proposed
+
+## Consequences
+
+### Positive
+
+- simplicity & ease of implementation
+- can re-use an existing networking and p2p stack (go-ipfs)
+- potential support of large, cool, and helpful community
+- high-level API definitions independent of the used stack
+
+### Negative
+
+- latency
+- being connected to the public IPFS network might be overkill if peers should in fact only care about a subset that participates in the Celestia protocol
+- dependency on a large code-base with lots of features and options of which we only need a small subset of
+
+### Neutral
+- two different p2p layers exist in celestia-core
+
+## References
+
+- https://github.com/celestiaorg/celestia-core/issues/85
+- https://github.com/celestiaorg/celestia-core/issues/167
+
+- https://docs.ipld.io/#nodes
+- https://arxiv.org/abs/1809.09044
+- https://fc21.ifca.ai/papers/83.pdf
+- https://github.com/tendermint/spec/pull/254
+
+
+[#17]: https://github.com/celestiaorg/celestia-core/pull/17
+[#19]: https://github.com/celestiaorg/celestia-core/pull/19
+[#83]: https://github.com/celestiaorg/celestia-core/pull/83
+
+[#152]: https://github.com/celestiaorg/celestia-core/pull/152
+
+[celestia-specs#126]: https://github.com/celestiaorg/celestia-specs/issues/126
+[celestia-specs#127]: https://github.com/celestiaorg/celestia-specs/pulls/127
+[Header]: https://github.com/celestiaorg/celestia-specs/blob/master/specs/data_structures.md#header
+
+[go-ipfs documentation]: https://github.com/ipfs/go-ipfs/tree/master/docs/examples/go-ipfs-as-a-library#use-go-ipfs-as-a-library-to-spawn-a-node-and-add-a-file
+[ipld experiments]: https://github.com/celestia/ipld-plugin-experiments
+[ipld.Nodes]: https://github.com/ipfs/go-ipld-format/blob/d2e09424ddee0d7e696d01143318d32d0fb1ae63/format.go#L22-L45
+[graph-sync]: https://github.com/ipld/specs/blob/master/block-layer/graphsync/graphsync.md
+[IPLD selectors]: https://github.com/ipld/specs/blob/master/selectors/selectors.md
+[ipld-prime]: https://github.com/ipld/go-ipld-prime
+
+[rsmt2d]: https://github.com/celestia/rsmt2d
+
+
+[p2p]: https://github.com/celestiaorg/celestia-core/tree/0eccfb24e2aa1bb9c4428e20dd7828c93f300e60/p2p
+[p2p/ipld]: https://github.com/celestiaorg/celestia-core/tree/0eccfb24e2aa1bb9c4428e20dd7828c93f300e60/p2p/ipld
+[celestia-core/types]: https://github.com/celestiaorg/celestia-core/tree/0eccfb24e2aa1bb9c4428e20dd7828c93f300e60/types

docs/celestia-architecture/adr-003-application-data-retrieval.md

@@ -0,0 +1,141 @@
+# ADR 003: Retrieving Application messages
+
+## Changelog
+
+- 2021-04-25: initial draft
+
+## Context
+
+This ADR builds on top of [ADR 002](adr-002-ipld-da-sampling.md) and will use the implemented APIs described there.
+The reader should familiarize themselves at least with the high-level concepts the as well as in the [specs](https://github.com/celestiaorg/celestia-specs/blob/master/specs/data_structures.md#2d-reed-solomon-encoding-scheme).
+
+The academic [paper](https://arxiv.org/abs/1905.09274) describes the motivation and context for this API.
+The main motivation can be quoted from section 3.3 of that paper:
+
+> (Property1) **Application message retrieval partitioning.** Client nodes must be able to download all of the messages relevant to the applications they use [...], without needing to downloading any messages for other applications.
+
+> (Property2) **Application message retrieval completeness.** When client nodes download messages relevant to the applications they use [...], they must be able to verify that the messages they received are the complete set of messages relevant to their applications, for specific
+blocks, and that there are no omitted messages.
+
+
+
+The main data structure that enables above properties is called a Namespaced Merkle Tree (NMT), an ordered binary Merkle tree where:
+1. each node in the tree includes the range of namespaces of the messages in all descendants of each node
+2. leaves in the tree are ordered by the namespace identifiers of the leaf messages
+
+A more formal description can be found the [specification](https://github.com/celestiaorg/celestia-specs/blob/de5f4f74f56922e9fa735ef79d9e6e6492a2bad1/specs/data_structures.md#namespace-merkle-tree).
+An implementation can be found in [this repository](https://github.com/celestiaorg/nmt).
+
+This ADR basically describes version of the [`GetWithProof`](https://github.com/celestiaorg/nmt/blob/ddcc72040149c115f83b2199eafabf3127ae12ac/nmt.go#L193-L196) of the NMT that leverages the fact that IPFS uses content addressing and that we have implemented an [IPLD plugin](https://github.com/celestiaorg/celestia-core/tree/37502aac69d755c189df37642b87327772f4ac2a/p2p/ipld) for an NMT.
+
+**Note**: The APIs defined here will be particularly relevant for Optimistic Rollup (full) nodes that want to download their Rollup's data (see [celestiaorg/optimint#48](https://github.com/celestiaorg/optimint/issues/48)).
+Another potential use-case of this API could be for so-called [light validator nodes](https://github.com/celestiaorg/celestia-specs/blob/master/specs/node_types.md#node-type-definitions) that want to download and replay the state-relevant portion of the block data, i.e. transactions with [reserved namespace IDs](https://github.com/celestiaorg/celestia-specs/blob/master/specs/consensus.md#reserved-namespace-ids).
+
+## Alternative Approaches
+
+The approach described below will rely on IPFS' block exchange protocol (bitswap) and DHT; IPFS's implementation will be used as a black box to find peers that can serve the requested data.
+This will likely be much slower than it potentially could be and for a first implementation we intentionally do not incorporate the optimizations that we could.
+
+We briefly mention potential optimizations for the future here:
+- Use of [graphsync](https://github.com/ipld/specs/blob/5d3a3485c5fe2863d613cd9d6e18f96e5e568d16/block-layer/graphsync/graphsync.md) instead of [bitswap](https://docs.ipfs.io/concepts/bitswap/) and use of [IPLD selectors](https://github.com/ipld/specs/blob/5d3a3485c5fe2863d613cd9d6e18f96e5e568d16/design/history/exploration-reports/2018.10-selectors-design-goals.md)
+- expose an API to be able to download application specific data by namespace (including proofs) with the minimal number of round-trips (e.g. finding nodes that expose an RPC endpoint like [`GetWithProof`](https://github.com/celestiaorg/nmt/blob/ddcc72040149c115f83b2199eafabf3127ae12ac/nmt.go#L193-L196))
+
+## Decision
+
+Most discussions on this particular API happened either on calls or on other non-documented way.
+We only describe the decision in this section.
+
+We decide to implement the simplest approach first.
+We first describe the protocol informally here and explain why this fulfils (Property1) and (Property2) in the [Context](#context) section above.
+
+In the case that leaves with the requested namespace exist, this basically boils down to the following: traverse the tree starting from the root until finding first leaf (start) with the namespace in question, then directly request and download all leaves coming after the start until the namespace changes to a greater than the requested one again.
+In the case that no leaves with the requested namespace exist in the tree, we traverse the tree to find the leaf in the position in the tree where the namespace would have been and download the neighbouring leaves.
+
+This is pretty much what the [`ProveNamespace`](https://github.com/celestiaorg/nmt/blob/ddcc72040149c115f83b2199eafabf3127ae12ac/nmt.go#L132-L146) method does but using IPFS we can simply locate and then request the leaves, and the corresponding inner proof nodes will automatically be downloaded on the way, too.
+
+## Detailed Design
+
+We define one function that returns all shares of a block belonging to a requested namespace and block (via the block's data availability header).
+See [`ComputeShares`](https://github.com/celestiaorg/celestia-core/blob/1a08b430a8885654b6e020ac588b1080e999170c/types/block.go#L1371) for reference how encode the block data into namespace shares.
+
+```go
+// RetrieveShares returns all raw data (raw shares) of the passed-in
+// namespace ID nID and included in the block with the DataAvailabilityHeader dah.
+func RetrieveShares(
+    ctx context.Context,
+    nID namespace.ID,
+    dah *types.DataAvailabilityHeader,
+    api coreiface.CoreAPI,
+) ([][]byte, error) {
+    // 1. Find the row root(s) that contains the namespace ID nID
+    // 2. Traverse the corresponding tree(s) according to the
+    //    above informally described algorithm and get the corresponding
+    //    leaves (if any)
+    // 3. Return all (raw) shares corresponding to the nID
+}
+
+```
+
+Additionally, we define two functions that use the first one above to:
+1. return all the parsed (non-padding) data with [reserved namespace IDs](https://github.com/celestiaorg/celestia-specs/blob/de5f4f74f56922e9fa735ef79d9e6e6492a2bad1/specs/consensus.md#reserved-namespace-ids): transactions, intermediate state roots, evidence.
+2. return all application specific blobs (shares) belonging to one namespace ID parsed as a slice of Messages ([specification](https://github.com/celestiaorg/celestia-specs/blob/de5f4f74f56922e9fa735ef79d9e6e6492a2bad1/specs/data_structures.md#message) and [code](https://github.com/celestiaorg/celestia-core/blob/1a08b430a8885654b6e020ac588b1080e999170c/types/block.go#L1336)).
+
+The latter two methods might require moving or exporting a few currently unexported functions that (currently) live in [share_merging.go](https://github.com/celestiaorg/celestia-core/blob/1a08b430a8885654b6e020ac588b1080e999170c/types/share_merging.go#L57-L76) and could be implemented in a separate pull request.
+
+```go
+// RetrieveStateRelevantMessages returns all state-relevant transactions
+// (transactions, intermediate state roots, and evidence) included in a block
+// with the DataAvailabilityHeader dah.
+func RetrieveStateRelevantMessages(
+    ctx context.Context,
+    nID namespace.ID,
+    dah *types.DataAvailabilityHeader,
+    api coreiface.CoreAPI,
+) (Txs, IntermediateStateRoots, EvidenceData, error) {
+    // like RetrieveShares but for all reserved namespaces
+    // additionally the shares are parsed (merged) into the
+    // corresponding types in the return arguments
+}
+```
+
+```go
+// RetrieveMessages returns all Messages of the passed-in
+// namespace ID and included in the block with the DataAvailabilityHeader dah.
+func RetrieveMessages(
+    ctx context.Context,
+    nID namespace.ID,
+    dah *types.DataAvailabilityHeader,
+    api coreiface.CoreAPI,
+) (Messages, error) {
+    // like RetrieveShares but this additionally parsed the shares
+    // into the Messages type
+}
+```
+
+## Status
+
+Proposed
+
+## Consequences
+
+This API will most likely be used by Rollups too.
+We should document it properly and move it together with relevant parts from ADR 002 into a separate go-package.
+
+### Positive
+
+- easy to implement with the existing code (see [ADR 002](https://github.com/celestiaorg/celestia-core/blob/47d6c965704e102ae877b2f4e10aeab782d9c648/docs/adr/adr-002-ipld-da-sampling.md#detailed-design))
+- resilient data retrieval via a p2p network
+- dependence on a mature and well-tested code-base with a large and welcoming community
+
+### Negative
+
+- with IPFS, we inherit the fact that potentially a lot of round-trips are done until the data is fully downloaded; in other words: this could end up way slower than potentially possible
+- anyone interacting with that API needs to run an IPFS node
+
+### Neutral
+
+- optimizations can happen incrementally once we have an initial working version
+
+## References
+
+We've linked to all references throughout the ADR.

docs/celestia-architecture/adr-004-mvp-light-client.md

@@ -0,0 +1,47 @@
+# ADR 005: Decouple the PartSetHeader from the BlockID
+
+## Changelog
+
+- 2021-08-01: Initial Draft
+
+## Context
+
+Celestia has multiple commits to the block data via the `DataHash` and the `PartSetHeader` in the `BlockID`. As stated in the [#184](https://github.com/celestiaorg/lazyledger-core/issues/184), we no longer need the `PartSetHeader` for this additional commitment to the block's data. However, we are still planning to use the `PartSetHeader` for block propagation during consensus in the short-medium term. This means that we will remove the `PartSetHeader` from as many places as possible, but keep it in the `Proposal` struct.
+
+## Alternative Approaches
+
+It’s worth noting that there are proposed changes to remove the `PartSetHeader` entirely, and instead use the already existing commitment to block data, the `DataAvailabilityHeader`, to propagate blocks in parallel during consensus. Discussions regarding the detailed differences entailed in each approach are documented in that ADR's PR. The current direction that is described in this ADR is significantly more conservative in its approach, but it is not strictly an alternative to other designs. This is because other designs would also require removal of the `PartSethHeader`, which is a project in and of itself due to the `BlockID` widespread usage throughout tendermint and the bugs that pop up when attempting to remove it. 
+
+## Decision
+
+While we build other better designs to experiment with, we will continue to implement the design specified here as it is not orthogonal. https://github.com/celestiaorg/lazyledger-core/pull/434#issuecomment-869158788
+
+## Detailed Design
+
+- [X] Decouple the BlockID and the PartSetHeader [#441](https://github.com/celestiaorg/lazyledger-core/pull/441)
+- [ ] Remove the BlockID from every possible struct other than the `Proposal`
+  - [X] Stop signing over the `PartSetHeader` while voting [#457](https://github.com/celestiaorg/lazyledger-core/pull/457)
+  - [X] Remove the `PartSetHeader` from the Header [#457](https://github.com/celestiaorg/lazyledger-core/pull/457)
+  - [X] Remove the `PartSetHeader` from `VoteSetBits`, `VoteSetMaj23`, and `state.State` [#479](https://github.com/celestiaorg/lazyledger-core/pull/479)
+  - [ ] Remove the `PartSetHeader` from other structs
+
+
+## Status
+
+Proposed
+
+### Positive
+
+- Conservative and easy to implement
+- Acts as a stepping stone for other better designs
+- Allows us to use 64kb sized chunks, which are well tested
+
+### Negative
+
+- Not an ideal design as we still have to include an extra commitment to the block's data in the proposal
+
+## References
+
+Alternative ADR [#434](https://github.com/celestiaorg/lazyledger-core/pull/434)  
+Alternative implementation [#427](https://github.com/celestiaorg/lazyledger-core/pull/427) and [#443](https://github.com/celestiaorg/lazyledger-core/pull/443)  
+[Comment](https://github.com/celestiaorg/lazyledger-core/pull/434#issuecomment-869158788) that summarizes decision  

docs/celestia-architecture/adr-005-decouple-blockid-and-partsetheader.md

@@ -0,0 +1,202 @@
+# ADR 006: Consensus Block Gossiping with Rows
+
+## Changelog
+* 24.06.2021 - Initial description
+* 07.07.2021 - More important details were added
+* 18.08.2021 - Mention alternative approaches briefly
+
+## Context
+It's a long story of relations between Celestia, Tendermint, and consensus block gossiping. Celestia's team discussed
+multiple ideas, several ADRs were made, and nothing yet was finalized. This ADR is another attempt to bring valuable
+changes into block gossiping and hopefully successful.
+
+Currently, we inherit the following from Tendermint. Our codebase relies on the blocks Parts notion. Each Part is a
+piece of an entire serialized block. Those Parts are gossiped between nodes in consensus and committed with
+`PartSetHeader` containing a Merkle Root of the Parts. However, Parts gossiping wasn't designed for Celestia blocks.
+
+Celestia comes with a different block representation from Tendermint. It lays out Blocks as a table of data shares,
+where Rows or Columns can be and should be gossiped instead of Parts, keeping only one system-wide commitment to data.
+
+## Alternative Approaches
+### ["nah it works just don't touch it"](https://ahseeit.com//king-include/uploads/2020/11/121269295_375504380484919_2997236194077828589_n-6586327691.jpg) approach
+
+It turns out that we could fully treat the Tendermint consensus as a black box, keeping two data commitments: one for
+consensus with `PartSetHeader` and another for the world outside the consensus with `DAHeader`.
+
+#### Pros
+* Less work
+
+### Others
+* get rid of the PartsHeader from BlockID without changing block propagation at all (see [ADR 005](https://github.com/celestiaorg/celestia-core/blob/58a3901827afbf97852d807de34a2b66f93e0eb6/docs/lazy-adr/adr-005-decouple-blockid-and-partsetheader.md#adr-005-decouple-the-partsetheader-from-the-blockid))
+* change block propagation to fixed-sized chunks but based on the ODS instead of how Parts are built currently (for this we have empirical evidence of how it performs in practice)
+* send the block as a whole (only works with smaller blocks)
+* block propagation-based on sending the header and Tx-IDs and then requesting the Tx/Messages that are missing from the local mempool of a node on demand
+
+#### Cons
+* Pulls two data commitments to Celestia's specs
+* Brings ambiguity to data integrity verification
+* Controversial from software design perspective
+* Brings DOSing vector for big Blocks. Every Block would need to be represented in two formats in RAM
+* Wastes more resources on building and verifying additional
+
+## Decision
+The decision is to still treat Tendermint's consensus as a black box, but with few amendments to gossiping mechanism:
+* Introduce `RowSet` that mimics `PartSet`.
+
+  `RowSet` is a helper structure that wraps DAHeader and tracks received Rows with their integrity against DAHeader and
+  tells its user when the block is complete and/or can be recovered. Mostly it is a helper and is not a high-level
+  concept.
+* Replace `PartSet` with `RowSet` within consensus.
+* Keep `DAHeader` in `Proposal`
+* Remove `PartSetHeader` from `Proposal`
+
+The changes above are required to implement the decision. At later point, other changes listed below are
+likely to be implemented as a clean-up:
+* Entirely removing `PartSetHeader`, as redundant data commitment
+* Removing `PartSet`
+* Relying on `DAHeader` instead of `PartSetHeader`
+
+## Detailed Design
+The detailed design section demonstrates the design and supporting changes package by package. Fortunately, the
+design does not affect any public API and changes are solely internal.
+
+### `types`
+#### RowSet and Row
+First and essential part is to implement `RowSet` and `Row`, fully mimicking semantics of `PartSet` and `Part` to
+decrease the number of required changes. Below, implementation semantics are presented:
+
+```go
+// Row represents a blob of multiple ExtendedDataSquare shares.
+// Practically, it is half of an extended row, as other half can be recomputed.
+type Row struct {
+// Index is an top-to-bottom index of a Row in ExtendedDataSquare.
+// NOTE: Row Index is unnecessary, as we can determine it's Index by hash from DAHeader. However, Index removal
+// would bring more changes to Consensus Reactor with arguable pros of less bandwidth usage.
+Index int
+// The actual share blob.
+Data []byte
+}
+
+// NewRow creates new Row from flattened shares and index.
+func NewRow(idx int, row [][]byte) *Row
+
+// RowSet wraps DAHeader and tracks added Rows with their integrity against DAHeader.
+// It allows user to check whenever rsmt2d.ExtendedDataSquare can be recovered.
+//
+// RowSet tracks the whole ExtendedDataSquare, Where Q0 is the original block data:
+//  ----  ----
+// | Q0 || Q1 |
+//  ----  ----
+// | Q2 || Q3 |
+//  ----  ----
+//
+// But its AddRow and GetRow methods accepts and returns only half of the Rows - Q0 and Q2. Q1 and Q3 are recomputed.
+//  ----
+// | Q0 |
+//  ----
+// | Q2 |
+//  ----
+//
+type RowSet interface {
+// NOTE: The RowSet is defined as an interface for simplicity. In practice it should be a struct with one and only
+// implementation.
+
+// AddRow adds a Row to the set. It returns true with nil error in case Row was successfully added.
+// The logic for Row is:
+//  * Check if it was already added
+//  * Verify its size corresponds to DAHeader
+//  * Extend it with erasure coding and compute a NMT Root over it
+//  * Verify that the NMT Root corresponds to DAHeader Root under its Index
+//  * Finally add it to set and mark as added.
+//
+AddRow(*Row) (bool, error)
+
+// GetRow return of a Row by its index, if exist.
+GetRow(i int) *Row
+
+// Square checks if enough rows were added and returns recomputed ExtendedDataSquare if enough
+Square() (*rsmt2d.ExtendedDataSquare, error)
+
+// other helper methods are omitted
+}
+
+// NewRowSet creates full RowSet from rsmt2d.ExtendedDataSquare to gossip it to others through GetRow.
+func NewRowSet(eds *rsmt2d.ExtendedDataSquare) *RowSet
+
+// NewRowSetFromHeader creates empty RowSet from a DAHeader to receive and verify gossiped Rows against the DAHeader
+// with AddRow.
+func NewRowSetFromHeader(dah *ipld.DataAvailabilityHeader) *RowSet
+```
+
+#### Vote
+`Vote` should include a commitment to data. Previously, it relied on `PartSetHeader` in `BlockId`, instead it relies on
+added `DAHeader`. Protobuf schema is updated accordingly.
+
+#### Proposal
+`Proposal` is extended with `NumOriginalDataShares`. This is an optimization that
+helps Validators to populate Header without counting original data shares themselves from a block received form a
+Proposer. Potentially, that introduce a vulnerability by which a Proposer can send wrong value, leaving the populated
+Header of Validators wrong. This part of the decision is optional.
+
+### `consenSUS`
+#### Reactor
+##### Messages
+The decision affects two messages on consensus reactor:
+* `BlockPartMessage` -> `BlockRowMessage`
+  * Instead of `Part` it carries `Row` defined above.
+* `NewValidBlockMessage`
+  * Instead of `PartSetHeader` it carries `DAHeader`
+  * `BitArray` of `RowSet` instead of `PartSet`
+    Protobuf schema for both is updated accordingly.
+
+##### PeerRoundState
+`PeerRoundState` tracks state of each known peer in a round, specifically what commitment it has for a Block and what
+chunks peer holds. The decision changes it to track `DAHeader` instead of `PartSetHeader`, along with `BitArray` of
+`RowSet` instead of `PartSet`.
+
+##### BlockCatchup
+The Reactor helps its peers to catchup if they go out of sync. Instead of sending random `Part` it now sends random
+`Row` by `BlockRowMessage`. Unfortunately, that requires the Reactor to load whole Block from store. As an optimization,
+an ability to load Row only from the store could be introduced at later point.
+
+#### State
+##### RoundState
+The RoundState keeps Proposal, Valid and Lock Block's data. Along with an entire Block and its Parts, the RoundState
+also keeps Rows using `RowSet`. At later point, `PartSet` that tracks part can be removed.
+
+##### Proposal Stage
+Previously, the State in proposal stage waited for all Parts to assemble the entire Block. Instead, the State waits for
+the half of all Rows from a proposer and/or peers to recompute the Block's data and notifies them back that no more
+needs to be sent. Also, through Rows, only minimally required amount of information is gossiped. Everything else to
+assemble the full Block is collected from own chain State and Proposal.
+
+## Status
+Proposed
+
+## Consequences
+### Positive
+* Hardening of consensus gossiping with erasure coding
+* Blocks exceeding the size limit are immediately rejected on Proposal, without the need to download an entire Block.
+* More control over Row message size during consensus, comparing to Part message, as last part of the block always has
+  unpredictable size. `DAHeader`, on the other hand, allows knowing precisely the size of Row messages.
+* Less bandwidth usage
+  * Only required Block's data is gossiped.
+  * Merkle proofs of Parts are not sent on the wire
+* Only one system-wide block data commitment schema
+* We don't abandon the work we were doing for months and taking profits out of it
+  * PR [#287](https://github.com/celestiaorg/lazyledger-core/pull/287)
+  * PR [#312](https://github.com/celestiaorg/lazyledger-core/pull/312)
+  * PR [#427](https://github.com/celestiaorg/lazyledger-core/pull/427)
+  * and merged others
+
+### Negative
+* We invest some more time(~1.5 weeks).
+  * Most of the work is done. Only few changes left in the implementation along with peer reviews.
+
+### Neutral
+* Rows vs Parts on the wire
+  * Previously, parts were propagated with max size of 64KiB. Let's now take a Row of the largest 128x128 block in
+    comparison. The actual data size in such a case for the Row would be 128x256(shares_per_row*share_size)=32KiB, which
+    is exactly two times smaller than a Part.
+* Gossiped chunks are no longer constant size. Instead, their size is proportional to the size of Block's data.
+* Another step back from original Tendermint's codebases

docs/celestia-architecture/adr-006-row-propagation.md

@@ -0,0 +1,72 @@
+# ADR {ADR-NUMBER}: {TITLE}
+
+## Changelog
+
+- {date}: {changelog}
+
+## Context
+
+> This section contains all the context one needs to understand the current state, and why there is a problem. It should be as succinct as possible and introduce the high level idea behind the solution.
+
+## Alternative Approaches
+
+> This section contains information around alternative options that are considered before making a decision. It should contain a explanation on why the alternative approach(es) were not chosen.
+
+## Decision
+
+> This section records the decision that was made.
+> It is best to record as much info as possible from the discussion that happened. This aids in not having to go back to the Pull Request to get the needed information.
+
+## Detailed Design
+
+> This section does not need to be filled in at the start of the ADR, but must be completed prior to the merging of the implementation.
+>
+> Here are some common questions that get answered as part of the detailed design:
+>
+> - What are the user requirements?
+>
+> - What systems will be affected?
+>
+> - What new data structures are needed, what data structures will be changed?
+>
+> - What new APIs will be needed, what APIs will be changed?
+>
+> - What are the efficiency considerations (time/space)?
+>
+> - What are the expected access patterns (load/throughput)?
+>
+> - Are there any logging, monitoring or observability needs?
+>
+> - Are there any security considerations?
+>
+> - Are there any privacy considerations?
+>
+> - How will the changes be tested?
+>
+> - If the change is large, how will the changes be broken up for ease of review?
+>
+> - Will these changes require a breaking (major) release?
+>
+> - Does this change require coordination with the Celestia fork of the SDK or celestia-app?
+
+## Status
+
+> A decision may be "proposed" if it hasn't been agreed upon yet, or "accepted" once it is agreed upon. Once the ADR has been implemented mark the ADR as "implemented". If a later ADR changes or reverses a decision, it may be marked as "deprecated" or "superseded" with a reference to its replacement.
+
+{Deprecated|Proposed|Accepted|Declined}
+
+## Consequences
+
+> This section describes the consequences, after applying the decision. All consequences should be summarized here, not just the "positive" ones.
+
+### Positive
+
+### Negative
+
+### Neutral
+
+## References
+
+> Are there any relevant PR comments, issues that led up to this, or articles referenced for why we made the given design choice? If so link them here!
+
+- {reference link}