bft blockchain consensus consistency cryptocurrency cryptography db distributed-systems go

History

Zaki Manian 9174fb7892 p2p: make SecretConnection non-malleable (#3668 ) ## Issue: This is an approach to fixing secret connection that is more noise-ish than actually noise. but it essentially fixes the problem that #3315 is trying to solve by making the secret connection handshake non-malleable. It's easy to understand and I think will be acceptable to @jaekwon .. the formal reasoning is basically, if the "view" of the transcript between diverges between the sender and the receiver at any point in the protocol, the handshake would terminate. The base protocol of Station to Station mistakenly assumes that if the sender and receiver arrive at shared secret they have the same view. This is only true for a DH on prime order groups. This robustly solves the problem by having each cryptographic operation commit to operators view of the protocol. Another nice thing about a transcript is it provides the basis for "secure" (barring cryptographic breakages, horrible design flaws, or implementation bugs) downgrades, where a backwards compatible handshake can be used to offer newer protocol features/extensions, peers agree to the common subset of what they support, and both sides have to agree on what the other offered for the transcript MAC to verify. With something like Protos/Amino you already get "extensions" for free (TLS uses a simple TLV format https://tools.ietf.org/html/rfc8446#section-4.2 for extensions not too far off from Protos/Amino), so as long as you cryptographically commit to what they contain in the transcript, it should be possible to extend the protocol in a backwards-compatible manner. ## Commits: * Minimal changes to remove malleability of secret connection removes the need to check for lower order points. Breaks compatibility. Secret connections that have no been updated will fail * Remove the redundant blacklist * remove remainders of blacklist in tests to make the code compile again Signed-off-by: Ismail Khoffi <Ismail.Khoffi@gmail.com> * Apply suggestions from code review Apply Ismail's error handling Co-Authored-By: Ismail Khoffi <Ismail.Khoffi@gmail.com> * fix error check for io.ReadFull Signed-off-by: Ismail Khoffi <Ismail.Khoffi@gmail.com> * Update p2p/conn/secret_connection.go Co-Authored-By: Ismail Khoffi <Ismail.Khoffi@gmail.com> * Update p2p/conn/secret_connection.go Co-Authored-By: Bot from GolangCI <42910462+golangcibot@users.noreply.github.com> * update changelog and format the code * move hkdfInit closer to where it's used		5 years ago
..
conn	p2p: make SecretConnection non-malleable (#3668)	5 years ago
mock	node: allow registration of custom reactors while creating node (#3771)	5 years ago
pex	p2p: log as debug msg when address dialing is already connected (#4082)	5 years ago
trust	tm-cmn to tm-db (#3850)	5 years ago
upnp	Fix linter errors thrown by `lll` (#3970)	5 years ago
README.md	docs: fix p2p readme links (#3109)	6 years ago
base_reactor.go	p2p: peer state init too late and pex message too soon (#3634)	6 years ago
codec.go	Renamed wire.go to codec.go (#3827)	5 years ago
conn_set.go	p2p: file descriptor leaks (#3150)	6 years ago
errors.go	p2p: seed mode refactoring (#3011)	6 years ago
fuzz.go	gocritic (2/2) (#3864)	5 years ago
key.go	remove unnecessary "crypto" import alias (#2940)	6 years ago
key_test.go	fix import paths	6 years ago
metrics.go	p2p: Per channel metrics (#3666) (#3677)	6 years ago
netaddress.go	gocritic (2/2) (#3864)	5 years ago
netaddress_test.go	Fix linter errors thrown by `lll` (#3970)	5 years ago
node_info.go	Bring back NodeInfo NetAddress form the dead (#3545)	6 years ago
node_info_test.go	Fix linter errors thrown by `lll` (#3970)	5 years ago
peer.go	p2p: Per channel metrics (#3666) (#3677)	6 years ago
peer_set.go	p2p: fix peer count mismatch #2332 (#2969)	6 years ago
peer_set_test.go	Fixes tendermint/tendermint#3522	6 years ago
peer_test.go	replace errors.go with github.com/pkg/errors (2/2) (#3890)	5 years ago
switch.go	replace errors.go with github.com/pkg/errors (1/2) (#3888)	5 years ago
switch_test.go	Fix linter errors thrown by `lll` (#3970)	5 years ago
test_util.go	Fix linter errors thrown by `lll` (#3970)	5 years ago
transport.go	p2p: only allow ed25519 pubkeys when connecting	5 years ago
transport_test.go	p2p: remove NewNetAddressStringWithOptionalID (#3711)	6 years ago
types.go	p2p: tmconn->conn and types->p2p	7 years ago

README.md

p2p

The p2p package provides an abstraction around peer-to-peer communication.

Docs:

Connection for details on how connections and multiplexing work
Peer for details on peer ID, handshakes, and peer exchange
Node for details about different types of nodes and how they should work
Pex for details on peer discovery and exchange
Config for details on some config option