You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

202 lines
6.0 KiB

state: add more tests for block validation (#3674) * Expose priv validators for use in testing * Generalize block header validation test past height 1 * Remove ineffectual assignment * Remove redundant SaveState call * Reorder comment for clarity * Use the block executor ApplyBlock function instead of implementing a stripped-down version of it * Remove commented-out code * Remove unnecessary test The required tests already appear to be implemented (implicitly) through the TestValidateBlockHeader test. * Allow for catching of specific error types during TestValidateBlockCommit * Make return error testable * Clean up and add TestValidateBlockCommit code * Fix formatting * Extract function to create a new mock test app * Update comment for clarity * Fix comment * Add skeleton code for evidence-related test * Allow for addressing priv val by address * Generalize test beyond a single validator * Generalize TestValidateBlockEvidence past first height * Reorder code to clearly separate tests and utility code * Use a common constant for stop height for testing in state/validation_test.go * Refactor errors to resemble existing conventions * Fix formatting * Extract common helper functions Having the tests littered with helper functions makes them less easily readable imho, so I've pulled them out into a separate file. This also makes it easier to see what helper functions are available during testing, so we minimize the chance of duplication when writing new tests. * Remove unused parameter * Remove unused parameters * Add field keys * Remove unused height constant * Fix typo * Fix incorrect return error * Add field keys * Use separate package for tests This refactors all of the state package's tests into a state_test package, so as to keep any usage of the state package's internal methods explicit. Any internal methods/constants used by tests are now explicitly exported in state/export_test.go * Refactor: extract helper function to make, validate, execute and commit a block * Rename state function to makeState * Remove redundant constant for number of validators * Refactor mock evidence registration into TestMain * Remove extraneous nVals variable * Replace function-level TODOs with file-level TODO and explanation * Remove extraneous comment * Fix linting issues brought up by GolangCI (pulled in from latest merge from develop)
6 years ago
  1. package state
  2. import (
  3. "bytes"
  4. "errors"
  5. "fmt"
  6. "github.com/tendermint/tendermint/crypto"
  7. dbm "github.com/tendermint/tendermint/libs/db"
  8. "github.com/tendermint/tendermint/types"
  9. )
  10. //-----------------------------------------------------
  11. // Validate block
  12. func validateBlock(evidencePool EvidencePool, stateDB dbm.DB, state State, block *types.Block) error {
  13. // Validate internal consistency.
  14. if err := block.ValidateBasic(); err != nil {
  15. return err
  16. }
  17. // Validate basic info.
  18. if block.Version != state.Version.Consensus {
  19. return fmt.Errorf("Wrong Block.Header.Version. Expected %v, got %v",
  20. state.Version.Consensus,
  21. block.Version,
  22. )
  23. }
  24. if block.ChainID != state.ChainID {
  25. return fmt.Errorf("Wrong Block.Header.ChainID. Expected %v, got %v",
  26. state.ChainID,
  27. block.ChainID,
  28. )
  29. }
  30. if block.Height != state.LastBlockHeight+1 {
  31. return fmt.Errorf("Wrong Block.Header.Height. Expected %v, got %v",
  32. state.LastBlockHeight+1,
  33. block.Height,
  34. )
  35. }
  36. // Validate prev block info.
  37. if !block.LastBlockID.Equals(state.LastBlockID) {
  38. return fmt.Errorf("Wrong Block.Header.LastBlockID. Expected %v, got %v",
  39. state.LastBlockID,
  40. block.LastBlockID,
  41. )
  42. }
  43. newTxs := int64(len(block.Data.Txs))
  44. if block.TotalTxs != state.LastBlockTotalTx+newTxs {
  45. return fmt.Errorf("Wrong Block.Header.TotalTxs. Expected %v, got %v",
  46. state.LastBlockTotalTx+newTxs,
  47. block.TotalTxs,
  48. )
  49. }
  50. // Validate app info
  51. if !bytes.Equal(block.AppHash, state.AppHash) {
  52. return fmt.Errorf("Wrong Block.Header.AppHash. Expected %X, got %v",
  53. state.AppHash,
  54. block.AppHash,
  55. )
  56. }
  57. if !bytes.Equal(block.ConsensusHash, state.ConsensusParams.Hash()) {
  58. return fmt.Errorf("Wrong Block.Header.ConsensusHash. Expected %X, got %v",
  59. state.ConsensusParams.Hash(),
  60. block.ConsensusHash,
  61. )
  62. }
  63. if !bytes.Equal(block.LastResultsHash, state.LastResultsHash) {
  64. return fmt.Errorf("Wrong Block.Header.LastResultsHash. Expected %X, got %v",
  65. state.LastResultsHash,
  66. block.LastResultsHash,
  67. )
  68. }
  69. if !bytes.Equal(block.ValidatorsHash, state.Validators.Hash()) {
  70. return fmt.Errorf("Wrong Block.Header.ValidatorsHash. Expected %X, got %v",
  71. state.Validators.Hash(),
  72. block.ValidatorsHash,
  73. )
  74. }
  75. if !bytes.Equal(block.NextValidatorsHash, state.NextValidators.Hash()) {
  76. return fmt.Errorf("Wrong Block.Header.NextValidatorsHash. Expected %X, got %v",
  77. state.NextValidators.Hash(),
  78. block.NextValidatorsHash,
  79. )
  80. }
  81. // Validate block LastCommit.
  82. if block.Height == 1 {
  83. if len(block.LastCommit.Precommits) != 0 {
  84. return errors.New("Block at height 1 can't have LastCommit precommits")
  85. }
  86. } else {
  87. if len(block.LastCommit.Precommits) != state.LastValidators.Size() {
  88. return types.NewErrInvalidCommitPrecommits(state.LastValidators.Size(), len(block.LastCommit.Precommits))
  89. }
  90. err := state.LastValidators.VerifyCommit(
  91. state.ChainID, state.LastBlockID, block.Height-1, block.LastCommit)
  92. if err != nil {
  93. return err
  94. }
  95. }
  96. // Validate block Time
  97. if block.Height > 1 {
  98. if !block.Time.After(state.LastBlockTime) {
  99. return fmt.Errorf("Block time %v not greater than last block time %v",
  100. block.Time,
  101. state.LastBlockTime,
  102. )
  103. }
  104. medianTime := MedianTime(block.LastCommit, state.LastValidators)
  105. if !block.Time.Equal(medianTime) {
  106. return fmt.Errorf("Invalid block time. Expected %v, got %v",
  107. medianTime,
  108. block.Time,
  109. )
  110. }
  111. } else if block.Height == 1 {
  112. genesisTime := state.LastBlockTime
  113. if !block.Time.Equal(genesisTime) {
  114. return fmt.Errorf("Block time %v is not equal to genesis time %v",
  115. block.Time,
  116. genesisTime,
  117. )
  118. }
  119. }
  120. // Limit the amount of evidence
  121. maxNumEvidence, _ := types.MaxEvidencePerBlock(state.ConsensusParams.Block.MaxBytes)
  122. numEvidence := int64(len(block.Evidence.Evidence))
  123. if numEvidence > maxNumEvidence {
  124. return types.NewErrEvidenceOverflow(maxNumEvidence, numEvidence)
  125. }
  126. // Validate all evidence.
  127. for _, ev := range block.Evidence.Evidence {
  128. if err := VerifyEvidence(stateDB, state, ev); err != nil {
  129. return types.NewErrEvidenceInvalid(ev, err)
  130. }
  131. if evidencePool != nil && evidencePool.IsCommitted(ev) {
  132. return types.NewErrEvidenceInvalid(ev, errors.New("evidence was already committed"))
  133. }
  134. }
  135. // NOTE: We can't actually verify it's the right proposer because we dont
  136. // know what round the block was first proposed. So just check that it's
  137. // a legit address and a known validator.
  138. if len(block.ProposerAddress) != crypto.AddressSize ||
  139. !state.Validators.HasAddress(block.ProposerAddress) {
  140. return fmt.Errorf("Block.Header.ProposerAddress, %X, is not a validator",
  141. block.ProposerAddress,
  142. )
  143. }
  144. return nil
  145. }
  146. // VerifyEvidence verifies the evidence fully by checking:
  147. // - it is sufficiently recent (MaxAge)
  148. // - it is from a key who was a validator at the given height
  149. // - it is internally consistent
  150. // - it was properly signed by the alleged equivocator
  151. func VerifyEvidence(stateDB dbm.DB, state State, evidence types.Evidence) error {
  152. height := state.LastBlockHeight
  153. evidenceAge := height - evidence.Height()
  154. maxAge := state.ConsensusParams.Evidence.MaxAge
  155. if evidenceAge > maxAge {
  156. return fmt.Errorf("Evidence from height %d is too old. Min height is %d",
  157. evidence.Height(), height-maxAge)
  158. }
  159. valset, err := LoadValidators(stateDB, evidence.Height())
  160. if err != nil {
  161. // TODO: if err is just that we cant find it cuz we pruned, ignore.
  162. // TODO: if its actually bad evidence, punish peer
  163. return err
  164. }
  165. // The address must have been an active validator at the height.
  166. // NOTE: we will ignore evidence from H if the key was not a validator
  167. // at H, even if it is a validator at some nearby H'
  168. // XXX: this makes lite-client bisection as is unsafe
  169. // See https://github.com/tendermint/tendermint/issues/3244
  170. ev := evidence
  171. height, addr := ev.Height(), ev.Address()
  172. _, val := valset.GetByAddress(addr)
  173. if val == nil {
  174. return fmt.Errorf("Address %X was not a validator at height %d", addr, height)
  175. }
  176. if err := evidence.Verify(state.ChainID, val.PubKey); err != nil {
  177. return err
  178. }
  179. return nil
  180. }