package types import ( "bytes" "fmt" "github.com/tendermint/go-crypto" "github.com/tendermint/tmlibs/merkle" ) // ErrEvidenceInvalid wraps a piece of evidence and the error denoting how or why it is invalid. type ErrEvidenceInvalid struct { Evidence Evidence ErrorValue error } func NewEvidenceInvalidErr(ev Evidence, err error) *ErrEvidenceInvalid { return &ErrEvidenceInvalid{ev, err} } // Error returns a string representation of the error. func (err *ErrEvidenceInvalid) Error() string { return fmt.Sprintf("Invalid evidence: %v. Evidence: %v", err.ErrorValue, err.Evidence) } //------------------------------------------- // Evidence represents any provable malicious activity by a validator type Evidence interface { Address() []byte Hash() []byte Verify(chainID string) error Equal(Evidence) bool String() string } //------------------------------------------- type Evidences []Evidence func (evs Evidences) Hash() []byte { // Recursive impl. // Copied from tmlibs/merkle to avoid allocations switch len(evs) { case 0: return nil case 1: return evs[0].Hash() default: left := Evidences(evs[:(len(evs)+1)/2]).Hash() right := Evidences(evs[(len(evs)+1)/2:]).Hash() return merkle.SimpleHashFromTwoHashes(left, right) } } func (evs Evidences) String() string { s := "" for _, e := range evs { s += fmt.Sprintf("%s\t\t", e) } return s } func (evs Evidences) Has(evidence Evidence) bool { for _, ev := range evs { if ev.Equal(evidence) { return true } } return false } //------------------------------------------- // DuplicateVoteEvidence contains evidence a validator signed two conflicting votes. type DuplicateVoteEvidence struct { PubKey crypto.PubKey VoteA *Vote VoteB *Vote } // String returns a string representation of the evidence. func (dve *DuplicateVoteEvidence) String() string { return fmt.Sprintf("VoteA: %v; VoteB: %v", dve.VoteA, dve.VoteB) } // Address returns the address of the validator. func (dve *DuplicateVoteEvidence) Address() []byte { return dve.PubKey.Address() } // Hash returns the hash of the evidence. func (dve *DuplicateVoteEvidence) Hash() []byte { return merkle.SimpleHashFromBinary(dve) } // Verify returns an error if the two votes aren't conflicting. // To be conflicting, they must be from the same validator, for the same H/R/S, but for different blocks. func (dve *DuplicateVoteEvidence) Verify(chainID string) error { // H/R/S must be the same if dve.VoteA.Height != dve.VoteB.Height || dve.VoteA.Round != dve.VoteB.Round || dve.VoteA.Type != dve.VoteB.Type { return fmt.Errorf("DuplicateVoteEvidence Error: H/R/S does not match. Got %v and %v", dve.VoteA, dve.VoteB) } // Address must be the same if !bytes.Equal(dve.VoteA.ValidatorAddress, dve.VoteB.ValidatorAddress) { return fmt.Errorf("DuplicateVoteEvidence Error: Validator addresses do not match. Got %X and %X", dve.VoteA.ValidatorAddress, dve.VoteB.ValidatorAddress) } // XXX: Should we enforce index is the same ? if dve.VoteA.ValidatorIndex != dve.VoteB.ValidatorIndex { return fmt.Errorf("DuplicateVoteEvidence Error: Validator indices do not match. Got %d and %d", dve.VoteA.ValidatorIndex, dve.VoteB.ValidatorIndex) } // BlockIDs must be different if dve.VoteA.BlockID.Equals(dve.VoteB.BlockID) { return fmt.Errorf("DuplicateVoteEvidence Error: BlockIDs are the same (%v) - not a real duplicate vote!", dve.VoteA.BlockID) } // Signatures must be valid if !dve.PubKey.VerifyBytes(SignBytes(chainID, dve.VoteA), dve.VoteA.Signature) { return ErrVoteInvalidSignature } if !dve.PubKey.VerifyBytes(SignBytes(chainID, dve.VoteB), dve.VoteB.Signature) { return ErrVoteInvalidSignature } return nil } // Equal checks if two pieces of evidence are equal. func (dve *DuplicateVoteEvidence) Equal(ev Evidence) bool { if _, ok := ev.(*DuplicateVoteEvidence); !ok { return false } // just check their hashes return bytes.Equal(merkle.SimpleHashFromBinary(dve), merkle.SimpleHashFromBinary(ev)) }