- package light_test
-
- import (
- "sync"
- "testing"
- "time"
-
- "github.com/stretchr/testify/assert"
- "github.com/stretchr/testify/require"
-
- dbm "github.com/tendermint/tm-db"
-
- "github.com/tendermint/tendermint/libs/log"
- "github.com/tendermint/tendermint/light"
- "github.com/tendermint/tendermint/light/provider"
- mockp "github.com/tendermint/tendermint/light/provider/mock"
- dbs "github.com/tendermint/tendermint/light/store/db"
- "github.com/tendermint/tendermint/types"
- )
-
- const (
- chainID = "test"
- )
-
- var (
- keys = genPrivKeys(4)
- vals = keys.ToValidators(20, 10)
- bTime, _ = time.Parse(time.RFC3339, "2006-01-02T15:04:05Z")
- h1 = keys.GenSignedHeader(chainID, 1, bTime, nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys))
- // 3/3 signed
- h2 = keys.GenSignedHeaderLastBlockID(chainID, 2, bTime.Add(30*time.Minute), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys), types.BlockID{Hash: h1.Hash()})
- // 3/3 signed
- h3 = keys.GenSignedHeaderLastBlockID(chainID, 3, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys), types.BlockID{Hash: h2.Hash()})
- trustPeriod = 4 * time.Hour
- trustOptions = light.TrustOptions{
- Period: 4 * time.Hour,
- Height: 1,
- Hash: h1.Hash(),
- }
- valSet = map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- 3: vals,
- 4: vals,
- }
- headerSet = map[int64]*types.SignedHeader{
- 1: h1,
- // interim header (3/3 signed)
- 2: h2,
- // last header (3/3 signed)
- 3: h3,
- }
- fullNode = mockp.New(
- chainID,
- headerSet,
- valSet,
- )
- deadNode = mockp.NewDeadMock(chainID)
- largeFullNode = mockp.New(GenMockNode(chainID, 10, 3, 0, bTime))
- )
-
- func TestValidateTrustOptions(t *testing.T) {
- testCases := []struct {
- err bool
- to light.TrustOptions
- }{
- {
- false,
- trustOptions,
- },
- {
- true,
- light.TrustOptions{
- Period: -1 * time.Hour,
- Height: 1,
- Hash: h1.Hash(),
- },
- },
- {
- true,
- light.TrustOptions{
- Period: 1 * time.Hour,
- Height: 0,
- Hash: h1.Hash(),
- },
- },
- {
- true,
- light.TrustOptions{
- Period: 1 * time.Hour,
- Height: 1,
- Hash: []byte("incorrect hash"),
- },
- },
- }
-
- for _, tc := range testCases {
- err := tc.to.ValidateBasic()
- if tc.err {
- assert.Error(t, err)
- } else {
- assert.NoError(t, err)
- }
- }
-
- }
-
- func TestClient_SequentialVerification(t *testing.T) {
- newKeys := genPrivKeys(4)
- newVals := newKeys.ToValidators(10, 1)
-
- testCases := []struct {
- name string
- otherHeaders map[int64]*types.SignedHeader // all except ^
- vals map[int64]*types.ValidatorSet
- initErr bool
- verifyErr bool
- }{
- {
- "good",
- headerSet,
- valSet,
- false,
- false,
- },
- {
- "bad: different first header",
- map[int64]*types.SignedHeader{
- // different header
- 1: keys.GenSignedHeader(chainID, 1, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys)),
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- },
- true,
- false,
- },
- {
- "bad: 1/3 signed interim header",
- map[int64]*types.SignedHeader{
- // trusted header
- 1: h1,
- // interim header (1/3 signed)
- 2: keys.GenSignedHeader(chainID, 2, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), len(keys)-1, len(keys)),
- // last header (3/3 signed)
- 3: keys.GenSignedHeader(chainID, 3, bTime.Add(2*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys)),
- },
- valSet,
- false,
- true,
- },
- {
- "bad: 1/3 signed last header",
- map[int64]*types.SignedHeader{
- // trusted header
- 1: h1,
- // interim header (3/3 signed)
- 2: keys.GenSignedHeader(chainID, 2, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys)),
- // last header (1/3 signed)
- 3: keys.GenSignedHeader(chainID, 3, bTime.Add(2*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), len(keys)-1, len(keys)),
- },
- valSet,
- false,
- true,
- },
- {
- "bad: different validator set at height 3",
- headerSet,
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- 3: newVals,
- },
- false,
- true,
- },
- }
-
- for _, tc := range testCases {
- tc := tc
- t.Run(tc.name, func(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- trustOptions,
- mockp.New(
- chainID,
- tc.otherHeaders,
- tc.vals,
- ),
- []provider.Provider{mockp.New(
- chainID,
- tc.otherHeaders,
- tc.vals,
- )},
- dbs.New(dbm.NewMemDB(), chainID),
- light.SequentialVerification(),
- light.Logger(log.TestingLogger()),
- )
-
- if tc.initErr {
- require.Error(t, err)
- return
- }
-
- require.NoError(t, err)
-
- _, err = c.VerifyHeaderAtHeight(3, bTime.Add(3*time.Hour))
- if tc.verifyErr {
- assert.Error(t, err)
- } else {
- assert.NoError(t, err)
- }
- })
- }
- }
-
- func TestClient_SkippingVerification(t *testing.T) {
- // required for 2nd test case
- newKeys := genPrivKeys(4)
- newVals := newKeys.ToValidators(10, 1)
-
- // 1/3+ of vals, 2/3- of newVals
- transitKeys := keys.Extend(3)
- transitVals := transitKeys.ToValidators(10, 1)
-
- testCases := []struct {
- name string
- otherHeaders map[int64]*types.SignedHeader // all except ^
- vals map[int64]*types.ValidatorSet
- initErr bool
- verifyErr bool
- }{
- {
- "good",
- map[int64]*types.SignedHeader{
- // trusted header
- 1: h1,
- // last header (3/3 signed)
- 3: h3,
- },
- valSet,
- false,
- false,
- },
- {
- "good, but val set changes by 2/3 (1/3 of vals is still present)",
- map[int64]*types.SignedHeader{
- // trusted header
- 1: h1,
- 3: transitKeys.GenSignedHeader(chainID, 3, bTime.Add(2*time.Hour), nil, transitVals, transitVals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(transitKeys)),
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- 3: transitVals,
- },
- false,
- false,
- },
- {
- "good, but val set changes 100% at height 2",
- map[int64]*types.SignedHeader{
- // trusted header
- 1: h1,
- // interim header (3/3 signed)
- 2: keys.GenSignedHeader(chainID, 2, bTime.Add(1*time.Hour), nil, vals, newVals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys)),
- // last header (0/4 of the original val set signed)
- 3: newKeys.GenSignedHeader(chainID, 3, bTime.Add(2*time.Hour), nil, newVals, newVals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(newKeys)),
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- 3: newVals,
- },
- false,
- false,
- },
- {
- "bad: last header signed by newVals, interim header has no signers",
- map[int64]*types.SignedHeader{
- // trusted header
- 1: h1,
- // last header (0/4 of the original val set signed)
- 2: keys.GenSignedHeader(chainID, 2, bTime.Add(1*time.Hour), nil, vals, newVals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, 0),
- // last header (0/4 of the original val set signed)
- 3: newKeys.GenSignedHeader(chainID, 3, bTime.Add(2*time.Hour), nil, newVals, newVals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(newKeys)),
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- 3: newVals,
- },
- false,
- true,
- },
- }
-
- for _, tc := range testCases {
- tc := tc
- t.Run(tc.name, func(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- trustOptions,
- mockp.New(
- chainID,
- tc.otherHeaders,
- tc.vals,
- ),
- []provider.Provider{mockp.New(
- chainID,
- tc.otherHeaders,
- tc.vals,
- )},
- dbs.New(dbm.NewMemDB(), chainID),
- light.SkippingVerification(light.DefaultTrustLevel),
- light.Logger(log.TestingLogger()),
- )
- if tc.initErr {
- require.Error(t, err)
- return
- }
-
- require.NoError(t, err)
-
- _, err = c.VerifyHeaderAtHeight(3, bTime.Add(3*time.Hour))
- if tc.verifyErr {
- assert.Error(t, err)
- } else {
- assert.NoError(t, err)
- }
- })
- }
-
- }
-
- // start from a large header to make sure that the pivot height doesn't select a height outside
- // the appropriate range
- func TestClientLargeBisectionVerification(t *testing.T) {
- veryLargeFullNode := mockp.New(GenMockNode(chainID, 100, 3, 1, bTime))
- h1, err := veryLargeFullNode.SignedHeader(90)
- require.NoError(t, err)
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 4 * time.Hour,
- Height: 90,
- Hash: h1.Hash(),
- },
- veryLargeFullNode,
- []provider.Provider{veryLargeFullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.SkippingVerification(light.DefaultTrustLevel),
- )
- require.NoError(t, err)
- h, err := c.Update(bTime.Add(100 * time.Minute))
- assert.NoError(t, err)
- h2, err := veryLargeFullNode.SignedHeader(100)
- require.NoError(t, err)
- assert.Equal(t, h, h2)
- }
-
- func TestClientBisectionBetweenTrustedHeaders(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 4 * time.Hour,
- Height: 1,
- Hash: h1.Hash(),
- },
- fullNode,
- []provider.Provider{fullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.SkippingVerification(light.DefaultTrustLevel),
- )
- require.NoError(t, err)
-
- _, err = c.VerifyHeaderAtHeight(3, bTime.Add(2*time.Hour))
- require.NoError(t, err)
-
- // confirm that the client already doesn't have the header
- _, err = c.TrustedHeader(2)
- require.Error(t, err)
-
- // verify using bisection the header between the two trusted headers
- _, err = c.VerifyHeaderAtHeight(2, bTime.Add(1*time.Hour))
- assert.NoError(t, err)
- }
-
- func TestClient_Cleanup(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{fullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
- _, err = c.TrustedHeader(1)
- require.NoError(t, err)
-
- err = c.Cleanup()
- require.NoError(t, err)
-
- // Check no headers/valsets exist after Cleanup.
- h, err := c.TrustedHeader(1)
- assert.Error(t, err)
- assert.Nil(t, h)
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.Error(t, err)
- assert.Nil(t, valSet)
- }
-
- // trustedHeader.Height == options.Height
- func TestClientRestoresTrustedHeaderAfterStartup1(t *testing.T) {
- // 1. options.Hash == trustedHeader.Hash
- {
- trustedStore := dbs.New(dbm.NewMemDB(), chainID)
- err := trustedStore.SaveSignedHeaderAndValidatorSet(h1, vals)
- require.NoError(t, err)
-
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{fullNode},
- trustedStore,
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- h, err := c.TrustedHeader(1)
- assert.NoError(t, err)
- assert.NotNil(t, h)
- assert.Equal(t, h.Hash(), h1.Hash())
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.NoError(t, err)
- assert.NotNil(t, valSet)
- if assert.NotNil(t, valSet) {
- assert.Equal(t, h.ValidatorsHash.Bytes(), valSet.Hash())
- }
- }
-
- // 2. options.Hash != trustedHeader.Hash
- {
- trustedStore := dbs.New(dbm.NewMemDB(), chainID)
- err := trustedStore.SaveSignedHeaderAndValidatorSet(h1, vals)
- require.NoError(t, err)
-
- // header1 != header
- header1 := keys.GenSignedHeader(chainID, 1, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys))
-
- primary := mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- // trusted header
- 1: header1,
- },
- valSet,
- )
-
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 4 * time.Hour,
- Height: 1,
- Hash: header1.Hash(),
- },
- primary,
- []provider.Provider{primary},
- trustedStore,
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- h, err := c.TrustedHeader(1)
- assert.NoError(t, err)
- if assert.NotNil(t, h) {
- assert.Equal(t, h.Hash(), header1.Hash())
- }
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.NoError(t, err)
- assert.NotNil(t, valSet)
- if assert.NotNil(t, valSet) {
- assert.Equal(t, h.ValidatorsHash.Bytes(), valSet.Hash())
- }
- }
- }
-
- // trustedHeader.Height < options.Height
- func TestClientRestoresTrustedHeaderAfterStartup2(t *testing.T) {
- // 1. options.Hash == trustedHeader.Hash
- {
- trustedStore := dbs.New(dbm.NewMemDB(), chainID)
- err := trustedStore.SaveSignedHeaderAndValidatorSet(h1, vals)
- require.NoError(t, err)
-
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 4 * time.Hour,
- Height: 2,
- Hash: h2.Hash(),
- },
- fullNode,
- []provider.Provider{fullNode},
- trustedStore,
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- // Check we still have the 1st header (+header+).
- h, err := c.TrustedHeader(1)
- assert.NoError(t, err)
- assert.NotNil(t, h)
- assert.Equal(t, h.Hash(), h1.Hash())
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.NoError(t, err)
- assert.NotNil(t, valSet)
- if assert.NotNil(t, valSet) {
- assert.Equal(t, h.ValidatorsHash.Bytes(), valSet.Hash())
- }
- }
-
- // 2. options.Hash != trustedHeader.Hash
- // This could happen if previous provider was lying to us.
- {
- trustedStore := dbs.New(dbm.NewMemDB(), chainID)
- err := trustedStore.SaveSignedHeaderAndValidatorSet(h1, vals)
- require.NoError(t, err)
-
- // header1 != header
- diffHeader1 := keys.GenSignedHeader(chainID, 1, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys))
-
- diffHeader2 := keys.GenSignedHeader(chainID, 2, bTime.Add(2*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys))
-
- primary := mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: diffHeader1,
- 2: diffHeader2,
- },
- valSet,
- )
-
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 4 * time.Hour,
- Height: 2,
- Hash: diffHeader2.Hash(),
- },
- primary,
- []provider.Provider{primary},
- trustedStore,
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- // Check we no longer have the invalid 1st header (+header+).
- h, err := c.TrustedHeader(1)
- assert.Error(t, err)
- assert.Nil(t, h)
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.Error(t, err)
- assert.Nil(t, valSet)
- }
- }
-
- // trustedHeader.Height > options.Height
- func TestClientRestoresTrustedHeaderAfterStartup3(t *testing.T) {
- // 1. options.Hash == trustedHeader.Hash
- {
- // load the first three headers into the trusted store
- trustedStore := dbs.New(dbm.NewMemDB(), chainID)
- err := trustedStore.SaveSignedHeaderAndValidatorSet(h1, vals)
- require.NoError(t, err)
-
- err = trustedStore.SaveSignedHeaderAndValidatorSet(h2, vals)
- require.NoError(t, err)
-
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{fullNode},
- trustedStore,
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- // Check we still have the 1st header (+header+).
- h, err := c.TrustedHeader(1)
- assert.NoError(t, err)
- assert.NotNil(t, h)
- assert.Equal(t, h.Hash(), h1.Hash())
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.NoError(t, err)
- assert.NotNil(t, valSet)
- if assert.NotNil(t, valSet) {
- assert.Equal(t, h.ValidatorsHash.Bytes(), valSet.Hash())
- }
-
- // Check we no longer have 2nd header (+header2+).
- h, err = c.TrustedHeader(2)
- assert.Error(t, err)
- assert.Nil(t, h)
-
- valSet, _, err = c.TrustedValidatorSet(2)
- assert.Error(t, err)
- assert.Nil(t, valSet)
-
- h, err = c.TrustedHeader(3)
- assert.Error(t, err)
- assert.Nil(t, h)
- }
-
- // 2. options.Hash != trustedHeader.Hash
- // This could happen if previous provider was lying to us.
- {
- trustedStore := dbs.New(dbm.NewMemDB(), chainID)
- err := trustedStore.SaveSignedHeaderAndValidatorSet(h1, vals)
- require.NoError(t, err)
-
- // header1 != header
- header1 := keys.GenSignedHeader(chainID, 1, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys))
-
- header2 := keys.GenSignedHeader(chainID, 2, bTime.Add(2*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys))
- err = trustedStore.SaveSignedHeaderAndValidatorSet(header2, vals)
- require.NoError(t, err)
-
- primary := mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: header1,
- },
- valSet,
- )
-
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 4 * time.Hour,
- Height: 1,
- Hash: header1.Hash(),
- },
- primary,
- []provider.Provider{primary},
- trustedStore,
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- // Check we have swapped invalid 1st header (+header+) with correct one (+header1+).
- h, err := c.TrustedHeader(1)
- assert.NoError(t, err)
- assert.NotNil(t, h)
- assert.Equal(t, h.Hash(), header1.Hash())
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.NoError(t, err)
- assert.NotNil(t, valSet)
- if assert.NotNil(t, valSet) {
- assert.Equal(t, h.ValidatorsHash.Bytes(), valSet.Hash())
- }
-
- // Check we no longer have invalid 2nd header (+header2+).
- h, err = c.TrustedHeader(2)
- assert.Error(t, err)
- assert.Nil(t, h)
-
- valSet, _, err = c.TrustedValidatorSet(2)
- assert.Error(t, err)
- assert.Nil(t, valSet)
- }
- }
-
- func TestClient_Update(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{fullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- // should result in downloading & verifying header #3
- h, err := c.Update(bTime.Add(2 * time.Hour))
- assert.NoError(t, err)
- if assert.NotNil(t, h) {
- assert.EqualValues(t, 3, h.Height)
- }
-
- valSet, _, err := c.TrustedValidatorSet(3)
- assert.NoError(t, err)
- if assert.NotNil(t, valSet) {
- assert.Equal(t, h.ValidatorsHash.Bytes(), valSet.Hash())
- }
- }
-
- func TestClient_Concurrency(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{fullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- _, err = c.VerifyHeaderAtHeight(2, bTime.Add(2*time.Hour))
- require.NoError(t, err)
-
- var wg sync.WaitGroup
- for i := 0; i < 100; i++ {
- wg.Add(1)
- go func() {
- defer wg.Done()
-
- // NOTE: Cleanup, Stop, VerifyHeaderAtHeight and Verify are not supposed
- // to be concurrenly safe.
-
- assert.Equal(t, chainID, c.ChainID())
-
- _, err := c.LastTrustedHeight()
- assert.NoError(t, err)
-
- _, err = c.FirstTrustedHeight()
- assert.NoError(t, err)
-
- h, err := c.TrustedHeader(1)
- assert.NoError(t, err)
- assert.NotNil(t, h)
-
- vals, _, err := c.TrustedValidatorSet(2)
- assert.NoError(t, err)
- assert.NotNil(t, vals)
- }()
- }
-
- wg.Wait()
- }
-
- func TestClientReplacesPrimaryWithWitnessIfPrimaryIsUnavailable(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- trustOptions,
- deadNode,
- []provider.Provider{fullNode, fullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- light.MaxRetryAttempts(1),
- )
-
- require.NoError(t, err)
- _, err = c.Update(bTime.Add(2 * time.Hour))
- require.NoError(t, err)
-
- assert.NotEqual(t, c.Primary(), deadNode)
- assert.Equal(t, 1, len(c.Witnesses()))
- }
-
- func TestClient_BackwardsVerification(t *testing.T) {
- {
- trustHeader, _ := largeFullNode.SignedHeader(6)
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 4 * time.Minute,
- Height: trustHeader.Height,
- Hash: trustHeader.Hash(),
- },
- largeFullNode,
- []provider.Provider{largeFullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- // 1) verify before the trusted header using backwards => expect no error
- h, err := c.VerifyHeaderAtHeight(5, bTime.Add(6*time.Minute))
- require.NoError(t, err)
- if assert.NotNil(t, h) {
- assert.EqualValues(t, 5, h.Height)
- }
-
- // 2) untrusted header is expired but trusted header is not => expect no error
- h, err = c.VerifyHeaderAtHeight(3, bTime.Add(8*time.Minute))
- assert.NoError(t, err)
- assert.NotNil(t, h)
-
- // 3) already stored headers should return the header without error
- h, err = c.VerifyHeaderAtHeight(5, bTime.Add(6*time.Minute))
- assert.NoError(t, err)
- assert.NotNil(t, h)
-
- // 4a) First verify latest header
- _, err = c.VerifyHeaderAtHeight(9, bTime.Add(9*time.Minute))
- require.NoError(t, err)
-
- // 4b) Verify backwards using bisection => expect no error
- _, err = c.VerifyHeaderAtHeight(7, bTime.Add(10*time.Minute))
- assert.NoError(t, err)
- // shouldn't have verified this header in the process
- _, err = c.TrustedHeader(8)
- assert.Error(t, err)
-
- // 5) trusted header has expired => expect error
- _, err = c.VerifyHeaderAtHeight(1, bTime.Add(20*time.Minute))
- assert.Error(t, err)
-
- // 6) Try bisection method, but closest header (at 7) has expired
- // so change to backwards => expect no error
- _, err = c.VerifyHeaderAtHeight(8, bTime.Add(12*time.Minute))
- assert.NoError(t, err)
-
- }
- {
- testCases := []struct {
- provider provider.Provider
- }{
- {
- // 7) provides incorrect height
- mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: h1,
- 2: keys.GenSignedHeader(chainID, 1, bTime.Add(1*time.Hour), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys)),
- 3: h3,
- },
- valSet,
- ),
- },
- {
- // 8) provides incorrect hash
- mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: h1,
- 2: keys.GenSignedHeader(chainID, 2, bTime.Add(30*time.Minute), nil, vals, vals,
- hash("app_hash"), hash("cons_hash"), hash("results_hash"), 0, len(keys)),
- 3: h3,
- },
- valSet,
- ),
- },
- }
-
- for _, tc := range testCases {
- c, err := light.NewClient(
- chainID,
- light.TrustOptions{
- Period: 1 * time.Hour,
- Height: 3,
- Hash: h3.Hash(),
- },
- tc.provider,
- []provider.Provider{tc.provider},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
-
- _, err = c.VerifyHeaderAtHeight(2, bTime.Add(1*time.Hour).Add(1*time.Second))
- assert.Error(t, err)
- }
- }
- }
-
- func TestClient_NewClientFromTrustedStore(t *testing.T) {
- // 1) Initiate DB and fill with a "trusted" header
- db := dbs.New(dbm.NewMemDB(), chainID)
- err := db.SaveSignedHeaderAndValidatorSet(h1, vals)
- require.NoError(t, err)
-
- c, err := light.NewClientFromTrustedStore(
- chainID,
- trustPeriod,
- deadNode,
- []provider.Provider{deadNode},
- db,
- )
- require.NoError(t, err)
-
- // 2) Check header exists (deadNode is being used to ensure we're not getting
- // it from primary)
- h, err := c.TrustedHeader(1)
- assert.NoError(t, err)
- assert.EqualValues(t, 1, h.Height)
-
- valSet, _, err := c.TrustedValidatorSet(1)
- assert.NoError(t, err)
- assert.NotNil(t, valSet)
- if assert.NotNil(t, valSet) {
- assert.Equal(t, h.ValidatorsHash.Bytes(), valSet.Hash())
- }
- }
-
- func TestClientRemovesWitnessIfItSendsUsIncorrectHeader(t *testing.T) {
- // different headers hash then primary plus less than 1/3 signed (no fork)
- badProvider1 := mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: h1,
- 2: keys.GenSignedHeaderLastBlockID(chainID, 2, bTime.Add(30*time.Minute), nil, vals, vals,
- hash("app_hash2"), hash("cons_hash"), hash("results_hash"),
- len(keys), len(keys), types.BlockID{Hash: h1.Hash()}),
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- },
- )
- // header is empty
- badProvider2 := mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: h1,
- 2: h2,
- 3: {Header: nil, Commit: nil},
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- },
- )
-
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{badProvider1, badProvider2},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- light.MaxRetryAttempts(1),
- )
- // witness should have behaved properly -> no error
- require.NoError(t, err)
- assert.EqualValues(t, 2, len(c.Witnesses()))
-
- // witness behaves incorrectly -> removed from list, no error
- h, err := c.VerifyHeaderAtHeight(2, bTime.Add(2*time.Hour))
- assert.NoError(t, err)
- assert.EqualValues(t, 1, len(c.Witnesses()))
- // header should still be verified
- assert.EqualValues(t, 2, h.Height)
-
- // remaining witnesses doesn't have header -> error
- _, err = c.VerifyHeaderAtHeight(3, bTime.Add(2*time.Hour))
- if assert.Error(t, err) {
- assert.Equal(t, "awaiting response from all witnesses exceeded dropout time", err.Error())
- }
- // witness does not have a header -> left in the list
- assert.EqualValues(t, 1, len(c.Witnesses()))
- }
-
- func TestClient_TrustedValidatorSet(t *testing.T) {
- noValSetNode := mockp.New(
- chainID,
- headerSet,
- map[int64]*types.ValidatorSet{
- 1: nil,
- 2: nil,
- 3: nil,
- },
- )
-
- differentVals, _ := types.RandValidatorSet(10, 100)
-
- badValSetNode := mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: h1,
- // 3/3 signed, but validator set at height 2 below is invalid -> witness
- // should be removed.
- 2: keys.GenSignedHeaderLastBlockID(chainID, 2, bTime.Add(30*time.Minute), nil, vals, vals,
- hash("app_hash2"), hash("cons_hash"), hash("results_hash"),
- 0, len(keys), types.BlockID{Hash: h1.Hash()}),
- 3: h3,
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: differentVals,
- 3: differentVals,
- },
- )
-
- c, err := light.NewClient(
- chainID,
- trustOptions,
- noValSetNode,
- []provider.Provider{fullNode, badValSetNode, fullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- )
- require.NoError(t, err)
- assert.Equal(t, 2, len(c.Witnesses()))
-
- _, err = c.VerifyHeaderAtHeight(2, bTime.Add(2*time.Hour).Add(1*time.Second))
- assert.NoError(t, err)
- assert.Equal(t, 1, len(c.Witnesses()))
-
- valSet, height, err := c.TrustedValidatorSet(0)
- assert.NoError(t, err)
- assert.NotNil(t, valSet)
- assert.EqualValues(t, 2, height)
- }
-
- func TestClientReportsConflictingHeadersEvidence(t *testing.T) {
- // fullNode2 sends us different header
- altH2 := keys.GenSignedHeaderLastBlockID(chainID, 2, bTime.Add(30*time.Minute), nil, vals, vals,
- hash("app_hash2"), hash("cons_hash"), hash("results_hash"),
- 0, len(keys), types.BlockID{Hash: h1.Hash()})
- fullNode2 := mockp.New(
- chainID,
- map[int64]*types.SignedHeader{
- 1: h1,
- 2: altH2,
- },
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- },
- )
-
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{fullNode2},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- light.MaxRetryAttempts(1),
- )
- require.NoError(t, err)
-
- // Check verification returns an error.
- _, err = c.VerifyHeaderAtHeight(2, bTime.Add(2*time.Hour))
- if assert.Error(t, err) {
- assert.Contains(t, err.Error(), "does not match one")
- }
-
- // Check evidence was sent to both full nodes.
- ev := &types.ConflictingHeadersEvidence{H1: h2, H2: altH2}
- assert.True(t, fullNode2.HasEvidence(ev))
- assert.True(t, fullNode.HasEvidence(ev))
- }
-
- func TestClientPrunesHeadersAndValidatorSets(t *testing.T) {
- c, err := light.NewClient(
- chainID,
- trustOptions,
- fullNode,
- []provider.Provider{fullNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.Logger(log.TestingLogger()),
- light.PruningSize(1),
- )
- require.NoError(t, err)
- _, err = c.TrustedHeader(1)
- require.NoError(t, err)
-
- h, err := c.Update(bTime.Add(2 * time.Hour))
- require.NoError(t, err)
- require.Equal(t, int64(3), h.Height)
-
- _, err = c.TrustedHeader(1)
- assert.Error(t, err)
- }
-
- func TestClientEnsureValidHeadersAndValSets(t *testing.T) {
- emptyValSet := &types.ValidatorSet{
- Validators: nil,
- Proposer: nil,
- }
-
- testCases := []struct {
- headers map[int64]*types.SignedHeader
- vals map[int64]*types.ValidatorSet
- err bool
- }{
- {
- headerSet,
- valSet,
- false,
- },
- {
- headerSet,
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- 3: nil,
- },
- true,
- },
- {
- map[int64]*types.SignedHeader{
- 1: h1,
- 2: h2,
- 3: nil,
- },
- valSet,
- true,
- },
- {
- headerSet,
- map[int64]*types.ValidatorSet{
- 1: vals,
- 2: vals,
- 3: emptyValSet,
- },
- true,
- },
- }
-
- for _, tc := range testCases {
- badNode := mockp.New(
- chainID,
- tc.headers,
- tc.vals,
- )
- c, err := light.NewClient(
- chainID,
- trustOptions,
- badNode,
- []provider.Provider{badNode, badNode},
- dbs.New(dbm.NewMemDB(), chainID),
- light.MaxRetryAttempts(1),
- )
- require.NoError(t, err)
-
- _, err = c.VerifyHeaderAtHeight(3, bTime.Add(2*time.Hour))
- if tc.err {
- assert.Error(t, err)
- } else {
- assert.NoError(t, err)
- }
- }
-
- }
|