You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

189 lines
5.3 KiB

  1. package state
  2. import (
  3. "bytes"
  4. "errors"
  5. "fmt"
  6. "github.com/tendermint/tendermint/crypto/tmhash"
  7. dbm "github.com/tendermint/tendermint/libs/db"
  8. "github.com/tendermint/tendermint/types"
  9. )
  10. //-----------------------------------------------------
  11. // Validate block
  12. func validateBlock(stateDB dbm.DB, state State, block *types.Block) error {
  13. // Validate internal consistency.
  14. if err := block.ValidateBasic(); err != nil {
  15. return err
  16. }
  17. // Validate basic info.
  18. if block.ChainID != state.ChainID {
  19. return fmt.Errorf(
  20. "Wrong Block.Header.ChainID. Expected %v, got %v",
  21. state.ChainID,
  22. block.ChainID,
  23. )
  24. }
  25. if block.Height != state.LastBlockHeight+1 {
  26. return fmt.Errorf(
  27. "Wrong Block.Header.Height. Expected %v, got %v",
  28. state.LastBlockHeight+1,
  29. block.Height,
  30. )
  31. }
  32. // Validate prev block info.
  33. if !block.LastBlockID.Equals(state.LastBlockID) {
  34. return fmt.Errorf(
  35. "Wrong Block.Header.LastBlockID. Expected %v, got %v",
  36. state.LastBlockID,
  37. block.LastBlockID,
  38. )
  39. }
  40. newTxs := int64(len(block.Data.Txs))
  41. if block.TotalTxs != state.LastBlockTotalTx+newTxs {
  42. return fmt.Errorf(
  43. "Wrong Block.Header.TotalTxs. Expected %v, got %v",
  44. state.LastBlockTotalTx+newTxs,
  45. block.TotalTxs,
  46. )
  47. }
  48. // Validate app info
  49. if !bytes.Equal(block.AppHash, state.AppHash) {
  50. return fmt.Errorf(
  51. "Wrong Block.Header.AppHash. Expected %X, got %v",
  52. state.AppHash,
  53. block.AppHash,
  54. )
  55. }
  56. if !bytes.Equal(block.ConsensusHash, state.ConsensusParams.Hash()) {
  57. return fmt.Errorf(
  58. "Wrong Block.Header.ConsensusHash. Expected %X, got %v",
  59. state.ConsensusParams.Hash(),
  60. block.ConsensusHash,
  61. )
  62. }
  63. if !bytes.Equal(block.LastResultsHash, state.LastResultsHash) {
  64. return fmt.Errorf(
  65. "Wrong Block.Header.LastResultsHash. Expected %X, got %v",
  66. state.LastResultsHash,
  67. block.LastResultsHash,
  68. )
  69. }
  70. if !bytes.Equal(block.ValidatorsHash, state.Validators.Hash()) {
  71. return fmt.Errorf(
  72. "Wrong Block.Header.ValidatorsHash. Expected %X, got %v",
  73. state.Validators.Hash(),
  74. block.ValidatorsHash,
  75. )
  76. }
  77. if !bytes.Equal(block.NextValidatorsHash, state.NextValidators.Hash()) {
  78. return fmt.Errorf("Wrong Block.Header.NextValidatorsHash. Expected %X, got %v", state.NextValidators.Hash(), block.NextValidatorsHash)
  79. }
  80. // Validate block LastCommit.
  81. if block.Height == 1 {
  82. if len(block.LastCommit.Precommits) != 0 {
  83. return errors.New("Block at height 1 (first block) should have no LastCommit precommits")
  84. }
  85. } else {
  86. if len(block.LastCommit.Precommits) != state.LastValidators.Size() {
  87. return fmt.Errorf(
  88. "Invalid block commit size. Expected %v, got %v",
  89. state.LastValidators.Size(),
  90. len(block.LastCommit.Precommits),
  91. )
  92. }
  93. err := state.LastValidators.VerifyCommit(
  94. state.ChainID, state.LastBlockID, block.Height-1, block.LastCommit)
  95. if err != nil {
  96. return err
  97. }
  98. }
  99. // Validate block Time
  100. if block.Height > 1 {
  101. if !block.Time.After(state.LastBlockTime) {
  102. return fmt.Errorf(
  103. "Block time %v not greater than last block time %v",
  104. block.Time,
  105. state.LastBlockTime,
  106. )
  107. }
  108. medianTime := MedianTime(block.LastCommit, state.LastValidators)
  109. if !block.Time.Equal(medianTime) {
  110. return fmt.Errorf(
  111. "Invalid block time. Expected %v, got %v",
  112. medianTime,
  113. block.Time,
  114. )
  115. }
  116. }
  117. // Validate all evidence.
  118. // TODO: Each check requires loading an old validator set.
  119. // We should cap the amount of evidence per block
  120. // to prevent potential proposer DoS.
  121. for _, ev := range block.Evidence.Evidence {
  122. if err := VerifyEvidence(stateDB, state, ev); err != nil {
  123. return types.NewEvidenceInvalidErr(ev, err)
  124. }
  125. }
  126. // NOTE: We can't actually verify it's the right proposer because we dont
  127. // know what round the block was first proposed. So just check that it's
  128. // a legit address and a known validator.
  129. if len(block.ProposerAddress) != tmhash.Size ||
  130. !state.Validators.HasAddress(block.ProposerAddress) {
  131. return fmt.Errorf(
  132. "Block.Header.ProposerAddress, %X, is not a validator",
  133. block.ProposerAddress,
  134. )
  135. }
  136. return nil
  137. }
  138. // VerifyEvidence verifies the evidence fully by checking:
  139. // - it is sufficiently recent (MaxAge)
  140. // - it is from a key who was a validator at the given height
  141. // - it is internally consistent
  142. // - it was properly signed by the alleged equivocator
  143. func VerifyEvidence(stateDB dbm.DB, state State, evidence types.Evidence) error {
  144. height := state.LastBlockHeight
  145. evidenceAge := height - evidence.Height()
  146. maxAge := state.ConsensusParams.EvidenceParams.MaxAge
  147. if evidenceAge > maxAge {
  148. return fmt.Errorf("Evidence from height %d is too old. Min height is %d",
  149. evidence.Height(), height-maxAge)
  150. }
  151. valset, err := LoadValidators(stateDB, evidence.Height())
  152. if err != nil {
  153. // TODO: if err is just that we cant find it cuz we pruned, ignore.
  154. // TODO: if its actually bad evidence, punish peer
  155. return err
  156. }
  157. // The address must have been an active validator at the height.
  158. // NOTE: we will ignore evidence from H if the key was not a validator
  159. // at H, even if it is a validator at some nearby H'
  160. ev := evidence
  161. height, addr := ev.Height(), ev.Address()
  162. _, val := valset.GetByAddress(addr)
  163. if val == nil {
  164. return fmt.Errorf("Address %X was not a validator at height %d", addr, height)
  165. }
  166. if err := evidence.Verify(state.ChainID, val.PubKey); err != nil {
  167. return err
  168. }
  169. return nil
  170. }