zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6622 Commits
183 Branches
291 MiB
Tree: 54fe6ef73c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '54fe6ef73c'
${ noResults }
tendermint/privval/priv_validator.go

361 lines
11 KiB
Raw Normal View History

Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
crypto: Refactor to move files out of the top level directory Currently the top level directory contains basically all of the code for the crypto package. This PR moves the crypto code into submodules in a similar manner to what `golang/x/crypto` does. This improves code organization. Ref discussion: https://github.com/tendermint/tendermint/pull/1966 Closes #1956
6 years ago
fix import paths
6 years ago
overwrite pubkey and address for convenience Closes #1829
6 years ago
Implement BFT time (#2203) * Implement BFT time * set LastValidators when creating state in state helper for heights >= 2
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
crypto: Remove interface from crypto.Signature Signatures are now []byte, which saves on the number of bytes after amino encoding (squash this) address Ismail's comment
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
crypto: Remove Ed25519 and Secp256k1 suffix on GenPrivKey
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
libs: Remove usage of custom Fmt, in favor of fmt.Sprintf (#2199) * libs: Remove usage of custom Fmt, in favor of fmt.Sprintf Closes #2193 * Fix bug that was masked by custom Fmt!
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
overwrite pubkey and address for convenience Closes #1829
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
crypto: Remove interface from crypto.Signature Signatures are now []byte, which saves on the number of bytes after amino encoding (squash this) address Ismail's comment
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
libs: Remove usage of custom Fmt, in favor of fmt.Sprintf (#2199) * libs: Remove usage of custom Fmt, in favor of fmt.Sprintf Closes #2193 * Fix bug that was masked by custom Fmt!
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
crypto: Remove interface from crypto.Signature Signatures are now []byte, which saves on the number of bytes after amino encoding (squash this) address Ismail's comment
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
revert back to Jae's original payload size limit except now we calculate the max size using the maxPacketMsgSize() function, which frees developers from having to know amino encoding details. plus, 10 additional bytes are added to leave the room for amino upgrades (both making it more efficient / less efficient)
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
Implement BFT time (#2203) * Implement BFT time * set LastValidators when creating state in state helper for heights >= 2
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
Implement BFT time (#2203) * Implement BFT time * set LastValidators when creating state in state helper for heights >= 2
6 years ago
Revert "delete everything" (includes everything non-go-crypto) This reverts commit 96a3502
6 years ago
 
  1. package privval
  2. 

  3. import (
  4. 	"bytes"
  5. 	"errors"
  6. 	"fmt"
  7. 	"io/ioutil"
  8. 	"sync"
  9. 	"time"
  10. 

  11. 	"github.com/tendermint/tendermint/crypto"
  12. 	"github.com/tendermint/tendermint/crypto/ed25519"
  13. 	cmn "github.com/tendermint/tendermint/libs/common"
  14. 	"github.com/tendermint/tendermint/types"
  15. 	tmtime "github.com/tendermint/tendermint/types/time"
  16. )
  17. 

  18. // TODO: type ?

  19. const (
  20. 	stepNone      int8 = 0 // Used to distinguish the initial state

  21. 	stepPropose   int8 = 1
  22. 	stepPrevote   int8 = 2
  23. 	stepPrecommit int8 = 3
  24. )
  25. 

  26. func voteToStep(vote *types.Vote) int8 {
  27. 	switch vote.Type {
  28. 	case types.VoteTypePrevote:
  29. 		return stepPrevote
  30. 	case types.VoteTypePrecommit:
  31. 		return stepPrecommit
  32. 	default:
  33. 		cmn.PanicSanity("Unknown vote type")
  34. 		return 0
  35. 	}
  36. }
  37. 

  38. // FilePV implements PrivValidator using data persisted to disk

  39. // to prevent double signing.

  40. // NOTE: the directory containing the pv.filePath must already exist.

  41. type FilePV struct {
  42. 	Address       types.Address  `json:"address"`
  43. 	PubKey        crypto.PubKey  `json:"pub_key"`
  44. 	LastHeight    int64          `json:"last_height"`
  45. 	LastRound     int            `json:"last_round"`
  46. 	LastStep      int8           `json:"last_step"`
  47. 	LastSignature []byte         `json:"last_signature,omitempty"` // so we dont lose signatures XXX Why would we lose signatures?

  48. 	LastSignBytes cmn.HexBytes   `json:"last_signbytes,omitempty"` // so we dont lose signatures XXX Why would we lose signatures?

  49. 	PrivKey       crypto.PrivKey `json:"priv_key"`
  50. 

  51. 	// For persistence.

  52. 	// Overloaded for testing.

  53. 	filePath string
  54. 	mtx      sync.Mutex
  55. }
  56. 

  57. // GetAddress returns the address of the validator.

  58. // Implements PrivValidator.

  59. func (pv *FilePV) GetAddress() types.Address {
  60. 	return pv.Address
  61. }
  62. 

  63. // GetPubKey returns the public key of the validator.

  64. // Implements PrivValidator.

  65. func (pv *FilePV) GetPubKey() crypto.PubKey {
  66. 	return pv.PubKey
  67. }
  68. 

  69. // GenFilePV generates a new validator with randomly generated private key

  70. // and sets the filePath, but does not call Save().

  71. func GenFilePV(filePath string) *FilePV {
  72. 	privKey := ed25519.GenPrivKey()
  73. 	return &FilePV{
  74. 		Address:  privKey.PubKey().Address(),
  75. 		PubKey:   privKey.PubKey(),
  76. 		PrivKey:  privKey,
  77. 		LastStep: stepNone,
  78. 		filePath: filePath,
  79. 	}
  80. }
  81. 

  82. // LoadFilePV loads a FilePV from the filePath.  The FilePV handles double

  83. // signing prevention by persisting data to the filePath.  If the filePath does

  84. // not exist, the FilePV must be created manually and saved.

  85. func LoadFilePV(filePath string) *FilePV {
  86. 	pvJSONBytes, err := ioutil.ReadFile(filePath)
  87. 	if err != nil {
  88. 		cmn.Exit(err.Error())
  89. 	}
  90. 	pv := &FilePV{}
  91. 	err = cdc.UnmarshalJSON(pvJSONBytes, &pv)
  92. 	if err != nil {
  93. 		cmn.Exit(fmt.Sprintf("Error reading PrivValidator from %v: %v\n", filePath, err))
  94. 	}
  95. 

  96. 	// overwrite pubkey and address for convenience

  97. 	pv.PubKey = pv.PrivKey.PubKey()
  98. 	pv.Address = pv.PubKey.Address()
  99. 

  100. 	pv.filePath = filePath
  101. 	return pv
  102. }
  103. 

  104. // LoadOrGenFilePV loads a FilePV from the given filePath

  105. // or else generates a new one and saves it to the filePath.

  106. func LoadOrGenFilePV(filePath string) *FilePV {
  107. 	var pv *FilePV
  108. 	if cmn.FileExists(filePath) {
  109. 		pv = LoadFilePV(filePath)
  110. 	} else {
  111. 		pv = GenFilePV(filePath)
  112. 		pv.Save()
  113. 	}
  114. 	return pv
  115. }
  116. 

  117. // Save persists the FilePV to disk.

  118. func (pv *FilePV) Save() {
  119. 	pv.mtx.Lock()
  120. 	defer pv.mtx.Unlock()
  121. 	pv.save()
  122. }
  123. 

  124. func (pv *FilePV) save() {
  125. 	outFile := pv.filePath
  126. 	if outFile == "" {
  127. 		panic("Cannot save PrivValidator: filePath not set")
  128. 	}
  129. 	jsonBytes, err := cdc.MarshalJSONIndent(pv, "", "  ")
  130. 	if err != nil {
  131. 		panic(err)
  132. 	}
  133. 	err = cmn.WriteFileAtomic(outFile, jsonBytes, 0600)
  134. 	if err != nil {
  135. 		panic(err)
  136. 	}
  137. }
  138. 

  139. // Reset resets all fields in the FilePV.

  140. // NOTE: Unsafe!

  141. func (pv *FilePV) Reset() {
  142. 	var sig []byte
  143. 	pv.LastHeight = 0
  144. 	pv.LastRound = 0
  145. 	pv.LastStep = 0
  146. 	pv.LastSignature = sig
  147. 	pv.LastSignBytes = nil
  148. 	pv.Save()
  149. }
  150. 

  151. // SignVote signs a canonical representation of the vote, along with the

  152. // chainID. Implements PrivValidator.

  153. func (pv *FilePV) SignVote(chainID string, vote *types.Vote) error {
  154. 	pv.mtx.Lock()
  155. 	defer pv.mtx.Unlock()
  156. 	if err := pv.signVote(chainID, vote); err != nil {
  157. 		return fmt.Errorf("Error signing vote: %v", err)
  158. 	}
  159. 	return nil
  160. }
  161. 

  162. // SignProposal signs a canonical representation of the proposal, along with

  163. // the chainID. Implements PrivValidator.

  164. func (pv *FilePV) SignProposal(chainID string, proposal *types.Proposal) error {
  165. 	pv.mtx.Lock()
  166. 	defer pv.mtx.Unlock()
  167. 	if err := pv.signProposal(chainID, proposal); err != nil {
  168. 		return fmt.Errorf("Error signing proposal: %v", err)
  169. 	}
  170. 	return nil
  171. }
  172. 

  173. // returns error if HRS regression or no LastSignBytes. returns true if HRS is unchanged

  174. func (pv *FilePV) checkHRS(height int64, round int, step int8) (bool, error) {
  175. 	if pv.LastHeight > height {
  176. 		return false, errors.New("Height regression")
  177. 	}
  178. 

  179. 	if pv.LastHeight == height {
  180. 		if pv.LastRound > round {
  181. 			return false, errors.New("Round regression")
  182. 		}
  183. 

  184. 		if pv.LastRound == round {
  185. 			if pv.LastStep > step {
  186. 				return false, errors.New("Step regression")
  187. 			} else if pv.LastStep == step {
  188. 				if pv.LastSignBytes != nil {
  189. 					if pv.LastSignature == nil {
  190. 						panic("pv: LastSignature is nil but LastSignBytes is not!")
  191. 					}
  192. 					return true, nil
  193. 				}
  194. 				return false, errors.New("No LastSignature found")
  195. 			}
  196. 		}
  197. 	}
  198. 	return false, nil
  199. }
  200. 

  201. // signVote checks if the vote is good to sign and sets the vote signature.

  202. // It may need to set the timestamp as well if the vote is otherwise the same as

  203. // a previously signed vote (ie. we crashed after signing but before the vote hit the WAL).

  204. func (pv *FilePV) signVote(chainID string, vote *types.Vote) error {
  205. 	height, round, step := vote.Height, vote.Round, voteToStep(vote)
  206. 	signBytes := vote.SignBytes(chainID)
  207. 

  208. 	sameHRS, err := pv.checkHRS(height, round, step)
  209. 	if err != nil {
  210. 		return err
  211. 	}
  212. 

  213. 	// We might crash before writing to the wal,

  214. 	// causing us to try to re-sign for the same HRS.

  215. 	// If signbytes are the same, use the last signature.

  216. 	// If they only differ by timestamp, use last timestamp and signature

  217. 	// Otherwise, return error

  218. 	if sameHRS {
  219. 		if bytes.Equal(signBytes, pv.LastSignBytes) {
  220. 			vote.Signature = pv.LastSignature
  221. 		} else if timestamp, ok := checkVotesOnlyDifferByTimestamp(pv.LastSignBytes, signBytes); ok {
  222. 			vote.Timestamp = timestamp
  223. 			vote.Signature = pv.LastSignature
  224. 		} else {
  225. 			err = fmt.Errorf("Conflicting data")
  226. 		}
  227. 		return err
  228. 	}
  229. 

  230. 	// It passed the checks. Sign the vote

  231. 	sig, err := pv.PrivKey.Sign(signBytes)
  232. 	if err != nil {
  233. 		return err
  234. 	}
  235. 	pv.saveSigned(height, round, step, signBytes, sig)
  236. 	vote.Signature = sig
  237. 	return nil
  238. }
  239. 

  240. // signProposal checks if the proposal is good to sign and sets the proposal signature.

  241. // It may need to set the timestamp as well if the proposal is otherwise the same as

  242. // a previously signed proposal ie. we crashed after signing but before the proposal hit the WAL).

  243. func (pv *FilePV) signProposal(chainID string, proposal *types.Proposal) error {
  244. 	height, round, step := proposal.Height, proposal.Round, stepPropose
  245. 	signBytes := proposal.SignBytes(chainID)
  246. 

  247. 	sameHRS, err := pv.checkHRS(height, round, step)
  248. 	if err != nil {
  249. 		return err
  250. 	}
  251. 

  252. 	// We might crash before writing to the wal,

  253. 	// causing us to try to re-sign for the same HRS.

  254. 	// If signbytes are the same, use the last signature.

  255. 	// If they only differ by timestamp, use last timestamp and signature

  256. 	// Otherwise, return error

  257. 	if sameHRS {
  258. 		if bytes.Equal(signBytes, pv.LastSignBytes) {
  259. 			proposal.Signature = pv.LastSignature
  260. 		} else if timestamp, ok := checkProposalsOnlyDifferByTimestamp(pv.LastSignBytes, signBytes); ok {
  261. 			proposal.Timestamp = timestamp
  262. 			proposal.Signature = pv.LastSignature
  263. 		} else {
  264. 			err = fmt.Errorf("Conflicting data")
  265. 		}
  266. 		return err
  267. 	}
  268. 

  269. 	// It passed the checks. Sign the proposal

  270. 	sig, err := pv.PrivKey.Sign(signBytes)
  271. 	if err != nil {
  272. 		return err
  273. 	}
  274. 	pv.saveSigned(height, round, step, signBytes, sig)
  275. 	proposal.Signature = sig
  276. 	return nil
  277. }
  278. 

  279. // Persist height/round/step and signature

  280. func (pv *FilePV) saveSigned(height int64, round int, step int8,
  281. 	signBytes []byte, sig []byte) {
  282. 

  283. 	pv.LastHeight = height
  284. 	pv.LastRound = round
  285. 	pv.LastStep = step
  286. 	pv.LastSignature = sig
  287. 	pv.LastSignBytes = signBytes
  288. 	pv.save()
  289. }
  290. 

  291. // SignHeartbeat signs a canonical representation of the heartbeat, along with the chainID.

  292. // Implements PrivValidator.

  293. func (pv *FilePV) SignHeartbeat(chainID string, heartbeat *types.Heartbeat) error {
  294. 	pv.mtx.Lock()
  295. 	defer pv.mtx.Unlock()
  296. 	sig, err := pv.PrivKey.Sign(heartbeat.SignBytes(chainID))
  297. 	if err != nil {
  298. 		return err
  299. 	}
  300. 	heartbeat.Signature = sig
  301. 	return nil
  302. }
  303. 

  304. // String returns a string representation of the FilePV.

  305. func (pv *FilePV) String() string {
  306. 	return fmt.Sprintf("PrivValidator{%v LH:%v, LR:%v, LS:%v}", pv.GetAddress(), pv.LastHeight, pv.LastRound, pv.LastStep)
  307. }
  308. 

  309. //-------------------------------------

  310. 

  311. // returns the timestamp from the lastSignBytes.

  312. // returns true if the only difference in the votes is their timestamp.

  313. func checkVotesOnlyDifferByTimestamp(lastSignBytes, newSignBytes []byte) (time.Time, bool) {
  314. 	var lastVote, newVote types.CanonicalJSONVote
  315. 	if err := cdc.UnmarshalJSON(lastSignBytes, &lastVote); err != nil {
  316. 		panic(fmt.Sprintf("LastSignBytes cannot be unmarshalled into vote: %v", err))
  317. 	}
  318. 	if err := cdc.UnmarshalJSON(newSignBytes, &newVote); err != nil {
  319. 		panic(fmt.Sprintf("signBytes cannot be unmarshalled into vote: %v", err))
  320. 	}
  321. 

  322. 	lastTime, err := time.Parse(types.TimeFormat, lastVote.Timestamp)
  323. 	if err != nil {
  324. 		panic(err)
  325. 	}
  326. 

  327. 	// set the times to the same value and check equality

  328. 	now := types.CanonicalTime(tmtime.Now())
  329. 	lastVote.Timestamp = now
  330. 	newVote.Timestamp = now
  331. 	lastVoteBytes, _ := cdc.MarshalJSON(lastVote)
  332. 	newVoteBytes, _ := cdc.MarshalJSON(newVote)
  333. 

  334. 	return lastTime, bytes.Equal(newVoteBytes, lastVoteBytes)
  335. }
  336. 

  337. // returns the timestamp from the lastSignBytes.

  338. // returns true if the only difference in the proposals is their timestamp

  339. func checkProposalsOnlyDifferByTimestamp(lastSignBytes, newSignBytes []byte) (time.Time, bool) {
  340. 	var lastProposal, newProposal types.CanonicalJSONProposal
  341. 	if err := cdc.UnmarshalJSON(lastSignBytes, &lastProposal); err != nil {
  342. 		panic(fmt.Sprintf("LastSignBytes cannot be unmarshalled into proposal: %v", err))
  343. 	}
  344. 	if err := cdc.UnmarshalJSON(newSignBytes, &newProposal); err != nil {
  345. 		panic(fmt.Sprintf("signBytes cannot be unmarshalled into proposal: %v", err))
  346. 	}
  347. 

  348. 	lastTime, err := time.Parse(types.TimeFormat, lastProposal.Timestamp)
  349. 	if err != nil {
  350. 		panic(err)
  351. 	}
  352. 

  353. 	// set the times to the same value and check equality

  354. 	now := types.CanonicalTime(tmtime.Now())
  355. 	lastProposal.Timestamp = now
  356. 	newProposal.Timestamp = now
  357. 	lastProposalBytes, _ := cdc.MarshalJSON(lastProposal)
  358. 	newProposalBytes, _ := cdc.MarshalJSON(newProposal)
  359. 

  360. 	return lastTime, bytes.Equal(newProposalBytes, lastProposalBytes)
  361. }