Kura IO fails, what should be done?

[SamHSmith]

What assumptions should we make about the storage medium Kura uses? Is it reliable, is it always online? These are important questions that impact the design of kura and by extension the whole program.

In my opinion the correct and simplest way forward is this. We assume that IO is always available and reliable. If that is detected to not be the case, aka any read or write fails, we shutdown gracefully. This way our code becomes vastly simpler because we don't have to handle a vast number of cases. We only need to handle two cases, IO works as expected or it doesn't. If it doesn't we can't run iroha.

The other alternative is that we can try to handle these errors. In the case that someone unmounts the drive containing the block store, we don't simply crash. Instead we start buffering new blocks in memory hoping that the drive will get remounted and our writes will start succeeding again. This is just one example of the things we would have to do and the complications that ensue.

I think this is a premature optimization of sorts because almost all usecases of iroha can assume correctly functioning hardware. Our time is better spent elsewhere than handling hypothetical errors.

[appetrosyan]

Do full error handling.

Good user feedback for things that we can't handle. Try to recover otherwise.