# Database Architecture Analysis - BaoLife Backend ## Executive Summary The BaoLife backend uses MySQL for persistence with a mixed approach: - **Connection Management**: Recently implemented connection pooling (database.py) - **Data Persistence**: Primary method is Python pickle serialization stored in BLOB column - **Query Patterns**: Minimal normalized queries; mostly full player object serialization - **Scale Risk Level**: HIGH - Multiple critical scalability concerns identified --- ## 1. CONNECTION HANDLING & POOLING ### Current Implementation (database.py) ```python # Modern connection pool (NEW - recently added) _connection_pool = pooling.MySQLConnectionPool( pool_name="baolife_pool", pool_size=min(config.MAX_CONNECTIONS, 32), # Capped at 32 pool_reset_session=True, host=config.DB_HOST, port=config.DB_PORT, user=config.DB_USER, password=config.DB_PASSWORD, database=config.DB_NAME ) ``` ### Legacy Implementation (functions.py) ```python # OLD: Global singleton connection with manual reconnection logic mydb = None def get_database_connection(): global mydb if mydb is None or not mydb.is_connected(): mydb = connect_to_database() return mydb ``` ### Issues Identified | Issue | Severity | Description | |-------|----------|-------------| | **Dual Connection Systems** | CRITICAL | Both `database.py` (pool) and `functions.py` (singleton) exist; code may use either | | **No Pool Usage** | HIGH | functions.py doesn't use the new pool; it creates/reuses single connection | | **Connection Leaks** | MEDIUM | Cursors never explicitly closed (e.g., lines 440, 448, 456, 468, 480, 658, 665) | | **No Connection Timeout** | MEDIUM | No idle timeout; long-lived connections may become stale | | **Max Connections Hardcoded** | LOW | Limited to 32 by MySQL connector library | ### Cursor Lifecycle Issues ```python def saveGame(player): mydb = get_database_connection() mycursor = mydb.cursor() # CREATED # ... execute query ... mydb.commit() # mycursor NEVER EXPLICITLY CLOSED ❌ def saveConversationMessage(message, character, playerID, sender, player): mydb = get_database_connection() mycursor = mydb.cursor() # CREATED # ... execute query ... mydb.commit() # mycursor NEVER EXPLICITLY CLOSED ❌ def loadGame(id): mydb = get_database_connection() mycursor = mydb.cursor() # CREATED # ... execute query ... # NEVER CLOSED ❌ ``` **Impact**: Can lead to cursor resource exhaustion under load. --- ## 2. QUERY PATTERNS & EFFICIENCY ### Query Count Across Codebase - **Total SQL operations**: Only ~8 queries across all of functions.py - **Normalized queries**: Minimal (only 2 queries use SELECT/INSERT directly) - **ORDER BY/JOIN/GROUP BY queries**: Only 1 (RAND() in random name selection) ### Query List ```python # Line 450: UPDATE (serialize entire player object) UPDATE lifesim_savegames SET firstname=%s, lastname=%s, ageDays=%s, ageYears=%s, json=%s, pickle_data=%s WHERE id=%s # Line 458: SELECT (load entire player object) SELECT pickle_data FROM lifesim_savegames WHERE id=%s # Line 469: SELECT (load all game IDs) SELECT id FROM lifesim_savegames # Line 482: INSERT (messages) INSERT INTO messages (id, partner, player, message, sender, date) VALUES ... # Line 660: SELECT (random lastname) SELECT name FROM lastnames_race WHERE rank < 500 ORDER BY RAND() LIMIT 1 # Line 670: SELECT (random firstname) SELECT Name FROM firstnames WHERE Cnt > 1000000 AND Gender=%s ORDER BY RAND() LIMIT 1 ``` ### Critical Efficiency Issues | Issue | Impact | Severity | |-------|--------|----------| | **Full Object Serialization** | 2862-line Python class serialized as BLOB (~500KB-2MB per save) | CRITICAL | | **No Query Indexing** | 2 queries missing indexes; RAND() queries extremely slow | HIGH | | **Duplicate Serialization** | Both JSON AND pickle stored for same data (redundant) | MEDIUM | | **RAND() Without LIMIT First** | "rank < 500 ORDER BY RAND()" scans 500 rows for 1 result | HIGH | | **No Parameterized SELECT** | While loadGame uses parameterized queries, inefficient table scans possible | MEDIUM | --- ## 3. TRANSACTION MANAGEMENT ### Modern Implementation (database/transactions.py) ```python @contextmanager def transaction(conn=None, isolation_level=None): """Context manager with auto-commit/rollback""" created_connection = conn is None try: if created_connection: conn = get_database_connection() conn.autocommit = False cursor = conn.cursor() if isolation_level: cursor.execute(f"SET TRANSACTION ISOLATION LEVEL {isolation_level}") conn.start_transaction() yield conn, cursor conn.commit() # Auto-commit on success except Exception as e: if conn: conn.rollback() # Auto-rollback on error raise finally: if cursor: cursor.close() if created_connection and conn: conn.close() ``` ### Legacy Implementation (functions.py) ```python def saveGame(player): mydb = get_database_connection() mycursor = mydb.cursor() # ... execute ... mydb.commit() # Manual commit, no rollback handling def saveConversationMessage(...): mydb = get_database_connection() mycursor = mydb.cursor() # ... execute ... mydb.commit() # Manual commit, no error handling ``` ### Issues Identified | Issue | Severity | Description | |-------|----------|-------------| | **No Transaction Support** | HIGH | Legacy saveGame/loadGame don't use transaction context; single failures unhandled | | **Manual Commit** | MEDIUM | No automatic rollback on exception; inconsistent state possible | | **No Isolation Level** | MEDIUM | Default REPEATABLE READ may cause lost update anomalies under concurrency | | **Dual Implementation** | CRITICAL | New transactions.py not integrated with old functions.py | ### Example Race Condition Risk ``` Timeline: T1: getConnection() -> fetch player T2: getConnection() -> fetch same player (gets stale version) T1: saveGame() -> updates player T2: saveGame() -> overwrites T1's changes (lost update) ``` --- ## 4. CONNECT_TO_DATABASE() IMPLEMENTATION ```python # functions.py, line 25 def connect_to_database(): """Connect to database using configuration from environment variables""" return mysql.connector.connect( host=config.DB_HOST, port=config.DB_PORT, user=config.DB_USER, password=config.DB_PASSWORD, database=config.DB_NAME ) # Called from get_database_connection() def get_database_connection(): global mydb try: if mydb is None or not mydb.is_connected(): mydb = connect_to_database() except Error as e: print(f"Error reconnecting to the database: {e}") mydb = connect_to_database() return mydb # Initialized at module load mydb = connect_to_database() # Line 47: SYNCHRONOUS BLOCKING CALL ``` ### Issues 1. **Module-level blocking I/O**: Connection happens at import time (can delay server startup 10-30s) 2. **No connection timeout parameters**: Default timeout is 30s; can hang the entire app 3. **Lazy initialization problem**: All async operations use synchronous blocking connection 4. **No retry logic**: Single attempt fails; then exception printed but retried anyway --- ## 5. SAVEGAME() & LOADGAME() IMPLEMENTATION ### saveGame() - Lines 446-452 ```python def saveGame(player): mydb = get_database_connection() mycursor = mydb.cursor() # Serialize entire 2862-line player object TWICE serialized_player = pickle.dumps(player) sql = "UPDATE lifesim_savegames SET firstname=%s, lastname=%s, ageDays=%s, " \ "ageYears=%s, json=%s, pickle_data=%s WHERE id=%s" mycursor.execute(sql, ( player.c.firstname, player.c.lastname, player.c.ageDays, player.c.ageYears, json.dumps(player.__dict__, default=lambda o: o.__dict__), # JSON SERIALIZATION serialized_player, # PICKLE SERIALIZATION (REDUNDANT) player.id )) print("game saved! at "+str(player.hourOfDay)+":"+str(player.minuteOfHour)+" on "+player.date) mydb.commit() ``` **Performance Impact**: ``` Serialization Cost (estimated): - pickle.dumps(player): ~200-500ms (binary) - json.dumps(player): ~300-700ms (text) - Network round-trip: ~10-50ms - UPDATE execution: ~5-20ms - TOTAL: ~515-1270ms per save ⚠️ Frequency (from app.py): - Every game tick: At least 5 times per game session - Weekly saves: Every 7 real-time days - Daily saves: Every 1 real-time day - Death saves: Unpredictable - TOTAL ESTIMATE: 40-50+ saves per gameplay session ``` ### loadGame() - Lines 453-465 ```python def loadGame(id): """Load game using parameterized query to prevent SQL injection""" mydb = get_database_connection() mycursor = mydb.cursor() sql = "SELECT pickle_data FROM lifesim_savegames WHERE id = %s" mycursor.execute(sql, (id,)) myresult = mycursor.fetchall() if (myresult and myresult[0] and myresult[0][0]): player = pickle.loads(myresult[0][0]) return player else: return False ``` **Deserialization Impact**: ``` Cost per load: - pickle.loads(): ~100-300ms (CPU bound) - Network round-trip: ~10-50ms - SELECT execution: ~1-5ms - TOTAL: ~111-355ms per load ⚠️ Frequency (from app.py): - Server startup: All active games loaded (iterateGames()) - Player reconnection: Initial load (line 582 in app.py) - TOTAL: 1x per session + 1x per reconnection ``` ### loadGames() - Lines 466-475 ```python def loadGames(): mydb = get_database_connection() mycursor = mydb.cursor() string = "SELECT id FROM lifesim_savegames" mycursor.execute(string) myresult = mycursor.fetchall() if (myresult): return myresult else: return False ``` **Issues**: - Full table scan every server startup - No pagination; returns ALL player IDs - Used in `iterateGames()` to process offline players --- ## 6. N+1 QUERY PROBLEMS ### Critical N+1 Issue #1: Offline Player Processing ```python # app.py, lines 56-67 async def iterateGames(): games = loadGames() # Query 1: SELECT id FROM lifesim_savegames (FULL TABLE SCAN) if (games and len(games) > 0): for game in games: # N iterations if (game[0] not in playerRecords or playerRecords[game[0]].connection == 'disconnected'): foundGame = loadGame(game[0]) # Query 2...N: SELECT pickle_data (N queries) if (foundGame.c.status == "alive"): await initLifeSim(False, foundGame) ``` **Impact**: 1 + N queries (where N = number of players) - Server startup with 100 players: 101 queries - Each deserialization: 100-300ms × 100 = 10-30 seconds startup time ### Critical N+1 Issue #2: Random Name Generation ```python # functions.py, lines 658-672 def getRandomName(): mycursor = mydb.cursor() # Query 1 mycursor.execute("SELECT name FROM lastnames_race WHERE rank < 500 ORDER BY RAND() LIMIT 1") mycursor = mydb.cursor() # Query 2 mycursor.execute("SELECT Name FROM firstnames WHERE Cnt > 1000000 AND Gender=%s ORDER BY RAND() LIMIT 1", ...) ``` **Per character generation: 2 queries with RAND() (extremely slow)** - Called during NPC generation - Could be called hundreds of times during city initialization --- ## 7. INDEXING STRATEGY ### Current Indexes (from migrations) | Table | Index | Columns | Purpose | |-------|-------|---------|---------| | energy_refill_purchases | idx_player_timestamp | (player_id, created_at) | ✓ Good | | diamond_transactions | idx_player_timestamp | (player_id, created_at) | ✓ Good | | diamond_transactions | idx_type | (transaction_type) | ✓ Adequate | | match_attempts | idx_player_date | (player_id, attempted_date) | ✓ Good | | match_attempts | idx_target | (target_id) | ✓ Good | | match_attempts | idx_compatibility | (compatibility_score) | ✗ Rarely queried | | player_achievements | idx_player_unlocked | (player_id, unlocked) | ✓ Good | | player_daily_quests | idx_player_date | (player_id, assigned_date) | ✓ Good | | player_photo_album | idx_player_date | (player_id, game_date) | ✓ Good | | date_history | idx_player_date | (player_id, date_timestamp) | ✓ Good | | player_login_streak | PRIMARY KEY | (player_id) | ✓ Good | | persons | idx_bio_update | (last_bio_update) | ⚠️ Selective use | ### CRITICAL Missing Indexes | Table | Missing Index | Why Critical | |-------|---------------|--------------| | lifesim_savegames | PRIMARY KEY (id) | **UNKNOWN** - Not in migrations; must exist but not documented | | lifesim_savegames | Timestamp index | No audit trail; can't query by save time | | messages | player, date | N+1 risk if loading conversation history | | firstnames | PRIMARY KEY, Cnt | RAND() query will full-scan | | lastnames_race | PRIMARY KEY, rank | RAND() query will full-scan 500 rows | --- ## 8. SCHEMA DESIGN ### Core Tables (from migrations) **lifesim_savegames** (UNKNOWN - not in migrations) ``` Presumed structure based on saveGame() calls: - id (VARCHAR) - Player ID [PRIMARY KEY] - firstname (VARCHAR) - lastname (VARCHAR) - ageDays (INT) - ageYears (INT) - json (LONGTEXT) - JSON serialization - pickle_data (LONGBLOB) - Python pickle binary (500KB-2MB typical) ``` **messages** (Line 482 reference) ``` - id (VARCHAR) - UUID - partner (VARCHAR) - NPC character ID - player (VARCHAR) - Player ID - message (TEXT) - Message content - sender (VARCHAR) - Who sent it - date (VARCHAR) - Game date ``` ### Problems 1. **No FK constraints**: lifesim_savegames has no foreign key to players table 2. **Redundant storage**: Both JSON and pickle for same data 3. **No versioning**: No created_at/updated_at timestamps 4. **No soft deletes**: No deletion tracking 5. **No partitioning**: BLOB storage will fragment as tables grow ### Recent Additions (Good Design) ```sql -- Well-designed tables with: - Proper indexes (player_id, created_at) - JSON columns for flexible data - Audit timestamps (created_at, updated_at) - Foreign key constraints - Default values and NOT NULL constraints ``` --- ## 9. DATABASE PERFORMANCE ISSUES ### Severity-Ranked Issues #### CRITICAL (Must fix for any scale) 1. **Full Object Serialization** (~500KB-2MB per save, 40+ saves/session) - 20GB+ database per 1000 players with 10 playthroughs each 2. **N+1 Query Pattern** (1 + N queries on startup) - 100 players = 101 queries, 30+ seconds startup - 1000 players = 1001 queries, 5+ minute startup 3. **RAND() Without LIMIT First** (full table scan) - "WHERE rank < 500 ORDER BY RAND()" scans 500+ rows - 100 NPC generations = 50,000 row scans 4. **No Cursor Cleanup** (resource exhaustion) - Every saveGame/loadGame leaks a cursor - 1000 saves = 1000 leaked cursors = connection pool exhaustion #### HIGH (Significant scale limits) 5. **No Connection Pooling in Functions.py** (single connection bottleneck) - All async operations serialize on global `mydb` variable - Concurrent saves block each other 6. **Dual Serialization** (2x CPU, 2x I/O) - Every save does JSON.dumps() AND pickle.dumps() - Every save writes both to database 7. **No Query Optimization** (missing indexes) - Random name queries full-scan 500 rows each - Message queries might N+1 if loading conversations #### MEDIUM (Affects UX) 8. **Blocking I/O at Module Load** (server startup delay) - connect_to_database() called at import time - Can delay app startup 10-30 seconds 9. **No Batch Operations** (individual row inserts) - Messages saved one-by-one - Conversations with 100+ messages = 100+ round-trips 10. **No Caching** (repeated DB reads) - Daily plans, NPC stats, achievement lists loaded every session - No Redis/memcached integration --- ## 10. SCALABILITY ASSESSMENT ### Current Capacity Estimate ``` Assumptions: - Avg player object: 1.5MB serialized - Avg saves per session: 40 - Avg messages per session: 50 - Session duration: 30 minutes real-time Per Player, Per Month: - Saves: 40 × 60 sessions = 2,400 saves = 3.6 GB - Messages: 50 × 60 sessions = 3,000 messages = 300 KB - Total storage: ~3.9 GB per player per month For 1000 Players (peak): - Database size: 3.9 TB per month (if all play equally) - More realistically: 500 GB/month (accounting for dropoff) - Network bandwidth: 1.5 Gbps during peak hours ❌ - Database connections: 1000 concurrent connections (exceeds 32-pool limit) ❌ - Query latency: >500ms average (serialization + network) ❌ ``` ### Bottleneck Analysis 1. **CPU**: Pickle/JSON serialization at 200-700ms per save 2. **Memory**: 1.5MB × 100 concurrent players = 150MB RAM for active objects 3. **Disk I/O**: Random BLOB writes at 40+ per session 4. **Network**: Large payloads (500KB-2MB per save) × 40 saves 5. **Database Connections**: Pool limited to 32; any concurrent surge fails ### Concurrency Risk ``` Timeline of disaster: T0: 10 players connect (10 loadGame queries) T1: Each starts saveGame (10 UPDATE queries) - takes 1 second each T2: 10 more players connect - wait for pool T3: App becomes unresponsive T4+: Cascade failure as connections timeout ``` --- ## RECOMMENDATIONS ### Immediate (Critical - Fix First) 1. [ ] **Close all cursors explicitly** - Add `mycursor.close()` after every query 2. [ ] **Use transaction context manager** - Replace saveGame/loadGame with `with transaction()` 3. [ ] **Implement connection pooling** - Migrate functions.py to use database.py pool 4. [ ] **Add indexes** - Create `PRIMARY KEY (id)` and `INDEX (created_at)` on lifesim_savegames ### Short Term (High Priority) 5. [ ] **Remove duplicate serialization** - Keep only pickle OR JSON, not both 6. [ ] **Optimize RAND() queries** - Use `SELECT ... LIMIT 1 ORDER BY RAND()` pattern 7. [ ] **Implement batch inserts** - Combine multiple saveConversationMessage calls 8. [ ] **Add transaction isolation** - Use `REPEATABLE READ` or `SERIALIZABLE` for saves ### Medium Term (Important for Scale) 9. [ ] **Lazy load player objects** - Load only changed fields on update 10. [ ] **Implement caching** - Redis for daily plans, NPC data, achievements 11. [ ] **Add async database layer** - Use asyncpg or aiomysql for async queries 12. [ ] **Implement query logging** - Track slow queries; set 100ms threshold alert ### Long Term (Architectural) 13. [ ] **Normalize database schema** - Move away from full object serialization 14. [ ] **Implement sharding** - Split player data by ID range 15. [ ] **Add read replicas** - MySQL replication for read-heavy queries 16. [ ] **Event sourcing** - Store events instead of full state snapshots --- ## SECURITY NOTES ### Credentials Issue - **File**: `/home/user/lichun/ws/tests/test_db_setup.py`, line 37 - **Problem**: Hardcoded database password `H8g6gRA2r/h$[t{6` - **Risk**: CRITICAL - Exposed in source control - **Fix**: Move to `.env` file; never commit credentials ### SQL Injection Risk - **Status**: MOSTLY SAFE - Uses parameterized queries (`%s` placeholders) - **Exception**: `orderby RAND()` in name generation (not exploitable but inefficient) ### Connection String Security - **Status**: GOOD - Uses environment variables (config.py) - **Config**: `.env` file loading implemented with fallback