You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

308 lines
9.6 KiB

  1. package types
  2. import (
  3. "bytes"
  4. "fmt"
  5. "github.com/pkg/errors"
  6. "github.com/tendermint/tendermint/crypto/tmhash"
  7. amino "github.com/tendermint/go-amino"
  8. "github.com/tendermint/tendermint/crypto"
  9. "github.com/tendermint/tendermint/crypto/merkle"
  10. )
  11. const (
  12. // MaxEvidenceBytes is a maximum size of any evidence (including amino overhead).
  13. MaxEvidenceBytes int64 = 484
  14. )
  15. // ErrEvidenceInvalid wraps a piece of evidence and the error denoting how or why it is invalid.
  16. type ErrEvidenceInvalid struct {
  17. Evidence Evidence
  18. ErrorValue error
  19. }
  20. // NewErrEvidenceInvalid returns a new EvidenceInvalid with the given err.
  21. func NewErrEvidenceInvalid(ev Evidence, err error) *ErrEvidenceInvalid {
  22. return &ErrEvidenceInvalid{ev, err}
  23. }
  24. // Error returns a string representation of the error.
  25. func (err *ErrEvidenceInvalid) Error() string {
  26. return fmt.Sprintf("Invalid evidence: %v. Evidence: %v", err.ErrorValue, err.Evidence)
  27. }
  28. // ErrEvidenceOverflow is for when there is too much evidence in a block.
  29. type ErrEvidenceOverflow struct {
  30. MaxNum int64
  31. GotNum int64
  32. }
  33. // NewErrEvidenceOverflow returns a new ErrEvidenceOverflow where got > max.
  34. func NewErrEvidenceOverflow(max, got int64) *ErrEvidenceOverflow {
  35. return &ErrEvidenceOverflow{max, got}
  36. }
  37. // Error returns a string representation of the error.
  38. func (err *ErrEvidenceOverflow) Error() string {
  39. return fmt.Sprintf("Too much evidence: Max %d, got %d", err.MaxNum, err.GotNum)
  40. }
  41. //-------------------------------------------
  42. // Evidence represents any provable malicious activity by a validator
  43. type Evidence interface {
  44. Height() int64 // height of the equivocation
  45. Address() []byte // address of the equivocating validator
  46. Bytes() []byte // bytes which compromise the evidence
  47. Hash() []byte // hash of the evidence
  48. Verify(chainID string, pubKey crypto.PubKey) error // verify the evidence
  49. Equal(Evidence) bool // check equality of evidence
  50. ValidateBasic() error
  51. String() string
  52. }
  53. func RegisterEvidences(cdc *amino.Codec) {
  54. cdc.RegisterInterface((*Evidence)(nil), nil)
  55. cdc.RegisterConcrete(&DuplicateVoteEvidence{}, "tendermint/DuplicateVoteEvidence", nil)
  56. }
  57. func RegisterMockEvidences(cdc *amino.Codec) {
  58. cdc.RegisterConcrete(MockGoodEvidence{}, "tendermint/MockGoodEvidence", nil)
  59. cdc.RegisterConcrete(MockRandomGoodEvidence{}, "tendermint/MockRandomGoodEvidence", nil)
  60. cdc.RegisterConcrete(MockBadEvidence{}, "tendermint/MockBadEvidence", nil)
  61. }
  62. const (
  63. MaxEvidenceBytesDenominator = 10
  64. )
  65. // MaxEvidencePerBlock returns the maximum number of evidences
  66. // allowed in the block and their maximum total size (limitted to 1/10th
  67. // of the maximum block size).
  68. // TODO: change to a constant, or to a fraction of the validator set size.
  69. // See https://github.com/tendermint/tendermint/issues/2590
  70. func MaxEvidencePerBlock(blockMaxBytes int64) (int64, int64) {
  71. maxBytes := blockMaxBytes / MaxEvidenceBytesDenominator
  72. maxNum := maxBytes / MaxEvidenceBytes
  73. return maxNum, maxBytes
  74. }
  75. //-------------------------------------------
  76. // DuplicateVoteEvidence contains evidence a validator signed two conflicting
  77. // votes.
  78. type DuplicateVoteEvidence struct {
  79. PubKey crypto.PubKey
  80. VoteA *Vote
  81. VoteB *Vote
  82. }
  83. var _ Evidence = &DuplicateVoteEvidence{}
  84. // String returns a string representation of the evidence.
  85. func (dve *DuplicateVoteEvidence) String() string {
  86. return fmt.Sprintf("VoteA: %v; VoteB: %v", dve.VoteA, dve.VoteB)
  87. }
  88. // Height returns the height this evidence refers to.
  89. func (dve *DuplicateVoteEvidence) Height() int64 {
  90. return dve.VoteA.Height
  91. }
  92. // Address returns the address of the validator.
  93. func (dve *DuplicateVoteEvidence) Address() []byte {
  94. return dve.PubKey.Address()
  95. }
  96. // Hash returns the hash of the evidence.
  97. func (dve *DuplicateVoteEvidence) Bytes() []byte {
  98. return cdcEncode(dve)
  99. }
  100. // Hash returns the hash of the evidence.
  101. func (dve *DuplicateVoteEvidence) Hash() []byte {
  102. return tmhash.Sum(cdcEncode(dve))
  103. }
  104. // Verify returns an error if the two votes aren't conflicting.
  105. // To be conflicting, they must be from the same validator, for the same H/R/S, but for different blocks.
  106. func (dve *DuplicateVoteEvidence) Verify(chainID string, pubKey crypto.PubKey) error {
  107. // H/R/S must be the same
  108. if dve.VoteA.Height != dve.VoteB.Height ||
  109. dve.VoteA.Round != dve.VoteB.Round ||
  110. dve.VoteA.Type != dve.VoteB.Type {
  111. return fmt.Errorf("DuplicateVoteEvidence Error: H/R/S does not match. Got %v and %v", dve.VoteA, dve.VoteB)
  112. }
  113. // Address must be the same
  114. if !bytes.Equal(dve.VoteA.ValidatorAddress, dve.VoteB.ValidatorAddress) {
  115. return fmt.Errorf("DuplicateVoteEvidence Error: Validator addresses do not match. Got %X and %X", dve.VoteA.ValidatorAddress, dve.VoteB.ValidatorAddress)
  116. }
  117. // Index must be the same
  118. if dve.VoteA.ValidatorIndex != dve.VoteB.ValidatorIndex {
  119. return fmt.Errorf("DuplicateVoteEvidence Error: Validator indices do not match. Got %d and %d", dve.VoteA.ValidatorIndex, dve.VoteB.ValidatorIndex)
  120. }
  121. // BlockIDs must be different
  122. if dve.VoteA.BlockID.Equals(dve.VoteB.BlockID) {
  123. return fmt.Errorf("DuplicateVoteEvidence Error: BlockIDs are the same (%v) - not a real duplicate vote", dve.VoteA.BlockID)
  124. }
  125. // pubkey must match address (this should already be true, sanity check)
  126. addr := dve.VoteA.ValidatorAddress
  127. if !bytes.Equal(pubKey.Address(), addr) {
  128. return fmt.Errorf("DuplicateVoteEvidence FAILED SANITY CHECK - address (%X) doesn't match pubkey (%v - %X)",
  129. addr, pubKey, pubKey.Address())
  130. }
  131. // Signatures must be valid
  132. if !pubKey.VerifyBytes(dve.VoteA.SignBytes(chainID), dve.VoteA.Signature) {
  133. return fmt.Errorf("DuplicateVoteEvidence Error verifying VoteA: %v", ErrVoteInvalidSignature)
  134. }
  135. if !pubKey.VerifyBytes(dve.VoteB.SignBytes(chainID), dve.VoteB.Signature) {
  136. return fmt.Errorf("DuplicateVoteEvidence Error verifying VoteB: %v", ErrVoteInvalidSignature)
  137. }
  138. return nil
  139. }
  140. // Equal checks if two pieces of evidence are equal.
  141. func (dve *DuplicateVoteEvidence) Equal(ev Evidence) bool {
  142. if _, ok := ev.(*DuplicateVoteEvidence); !ok {
  143. return false
  144. }
  145. // just check their hashes
  146. dveHash := tmhash.Sum(cdcEncode(dve))
  147. evHash := tmhash.Sum(cdcEncode(ev))
  148. return bytes.Equal(dveHash, evHash)
  149. }
  150. // ValidateBasic performs basic validation.
  151. func (dve *DuplicateVoteEvidence) ValidateBasic() error {
  152. if len(dve.PubKey.Bytes()) == 0 {
  153. return errors.New("Empty PubKey")
  154. }
  155. if dve.VoteA == nil || dve.VoteB == nil {
  156. return fmt.Errorf("One or both of the votes are empty %v, %v", dve.VoteA, dve.VoteB)
  157. }
  158. if err := dve.VoteA.ValidateBasic(); err != nil {
  159. return fmt.Errorf("Invalid VoteA: %v", err)
  160. }
  161. if err := dve.VoteB.ValidateBasic(); err != nil {
  162. return fmt.Errorf("Invalid VoteB: %v", err)
  163. }
  164. return nil
  165. }
  166. //-----------------------------------------------------------------
  167. // UNSTABLE
  168. type MockRandomGoodEvidence struct {
  169. MockGoodEvidence
  170. randBytes []byte
  171. }
  172. var _ Evidence = &MockRandomGoodEvidence{}
  173. // UNSTABLE
  174. func NewMockRandomGoodEvidence(height int64, address []byte, randBytes []byte) MockRandomGoodEvidence {
  175. return MockRandomGoodEvidence{
  176. MockGoodEvidence{height, address}, randBytes,
  177. }
  178. }
  179. func (e MockRandomGoodEvidence) Hash() []byte {
  180. return []byte(fmt.Sprintf("%d-%x", e.Height_, e.randBytes))
  181. }
  182. // UNSTABLE
  183. type MockGoodEvidence struct {
  184. Height_ int64
  185. Address_ []byte
  186. }
  187. var _ Evidence = &MockGoodEvidence{}
  188. // UNSTABLE
  189. func NewMockGoodEvidence(height int64, idx int, address []byte) MockGoodEvidence {
  190. return MockGoodEvidence{height, address}
  191. }
  192. func (e MockGoodEvidence) Height() int64 { return e.Height_ }
  193. func (e MockGoodEvidence) Address() []byte { return e.Address_ }
  194. func (e MockGoodEvidence) Hash() []byte {
  195. return []byte(fmt.Sprintf("%d-%x", e.Height_, e.Address_))
  196. }
  197. func (e MockGoodEvidence) Bytes() []byte {
  198. return []byte(fmt.Sprintf("%d-%x", e.Height_, e.Address_))
  199. }
  200. func (e MockGoodEvidence) Verify(chainID string, pubKey crypto.PubKey) error { return nil }
  201. func (e MockGoodEvidence) Equal(ev Evidence) bool {
  202. e2 := ev.(MockGoodEvidence)
  203. return e.Height_ == e2.Height_ &&
  204. bytes.Equal(e.Address_, e2.Address_)
  205. }
  206. func (e MockGoodEvidence) ValidateBasic() error { return nil }
  207. func (e MockGoodEvidence) String() string {
  208. return fmt.Sprintf("GoodEvidence: %d/%s", e.Height_, e.Address_)
  209. }
  210. // UNSTABLE
  211. type MockBadEvidence struct {
  212. MockGoodEvidence
  213. }
  214. func (e MockBadEvidence) Verify(chainID string, pubKey crypto.PubKey) error {
  215. return fmt.Errorf("MockBadEvidence")
  216. }
  217. func (e MockBadEvidence) Equal(ev Evidence) bool {
  218. e2 := ev.(MockBadEvidence)
  219. return e.Height_ == e2.Height_ &&
  220. bytes.Equal(e.Address_, e2.Address_)
  221. }
  222. func (e MockBadEvidence) ValidateBasic() error { return nil }
  223. func (e MockBadEvidence) String() string {
  224. return fmt.Sprintf("BadEvidence: %d/%s", e.Height_, e.Address_)
  225. }
  226. //-------------------------------------------
  227. // EvidenceList is a list of Evidence. Evidences is not a word.
  228. type EvidenceList []Evidence
  229. // Hash returns the simple merkle root hash of the EvidenceList.
  230. func (evl EvidenceList) Hash() []byte {
  231. // These allocations are required because Evidence is not of type Bytes, and
  232. // golang slices can't be typed cast. This shouldn't be a performance problem since
  233. // the Evidence size is capped.
  234. evidenceBzs := make([][]byte, len(evl))
  235. for i := 0; i < len(evl); i++ {
  236. evidenceBzs[i] = evl[i].Bytes()
  237. }
  238. return merkle.SimpleHashFromByteSlices(evidenceBzs)
  239. }
  240. func (evl EvidenceList) String() string {
  241. s := ""
  242. for _, e := range evl {
  243. s += fmt.Sprintf("%s\t\t", e)
  244. }
  245. return s
  246. }
  247. // Has returns true if the evidence is in the EvidenceList.
  248. func (evl EvidenceList) Has(evidence Evidence) bool {
  249. for _, ev := range evl {
  250. if ev.Equal(evidence) {
  251. return true
  252. }
  253. }
  254. return false
  255. }