You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

443 lines
13 KiB

package state
import (
"bytes"
"errors"
"fmt"
"time"
. "github.com/tendermint/tendermint/binary"
. "github.com/tendermint/tendermint/blocks"
. "github.com/tendermint/tendermint/common"
db_ "github.com/tendermint/tendermint/db"
"github.com/tendermint/tendermint/merkle"
)
var (
ErrStateInvalidAccountId = errors.New("Error State invalid account id")
ErrStateInvalidSignature = errors.New("Error State invalid signature")
ErrStateInvalidSequenceNumber = errors.New("Error State invalid sequence number")
ErrStateInvalidAccountState = errors.New("Error State invalid account state")
ErrStateInsufficientFunds = errors.New("Error State insufficient funds")
stateKey = []byte("stateKey")
minBondAmount = uint64(1) // TODO adjust
defaultAccountDetailsCacheCapacity = 1000 // TODO adjust
unbondingPeriodBlocks = uint32(60 * 24 * 365) // TODO probably better to make it time based.
validatorTimeoutBlocks = uint32(10) // TODO adjust
)
//-----------------------------------------------------------------------------
type InvalidTxError struct {
Tx Tx
Reason error
}
func (txErr InvalidTxError) Error() string {
return fmt.Sprintf("Invalid tx: [%v] reason: [%v]", txErr.Tx, txErr.Reason)
}
//-----------------------------------------------------------------------------
// NOTE: not goroutine-safe.
type State struct {
DB db_.DB
LastBlockHeight uint32
LastBlockHash []byte
LastBlockParts PartSetHeader
LastBlockTime time.Time
BondedValidators *ValidatorSet
UnbondingValidators *ValidatorSet
accountDetails merkle.Tree // Shouldn't be accessed directly.
}
func LoadState(db db_.DB) *State {
s := &State{DB: db}
buf := db.Get(stateKey)
if len(buf) == 0 {
return nil
} else {
reader := bytes.NewReader(buf)
var n int64
var err error
s.LastBlockHeight = ReadUInt32(reader, &n, &err)
s.LastBlockHash = ReadByteSlice(reader, &n, &err)
s.LastBlockParts = ReadPartSetHeader(reader, &n, &err)
s.LastBlockTime = ReadTime(reader, &n, &err)
s.BondedValidators = ReadValidatorSet(reader, &n, &err)
s.UnbondingValidators = ReadValidatorSet(reader, &n, &err)
accountDetailsHash := ReadByteSlice(reader, &n, &err)
s.accountDetails = merkle.NewIAVLTree(BasicCodec, AccountDetailCodec, defaultAccountDetailsCacheCapacity, db)
s.accountDetails.Load(accountDetailsHash)
if err != nil {
panic(err)
}
// TODO: ensure that buf is completely read.
}
return s
}
// Save this state into the db.
func (s *State) Save() {
s.accountDetails.Save()
var buf bytes.Buffer
var n int64
var err error
WriteUInt32(&buf, s.LastBlockHeight, &n, &err)
WriteByteSlice(&buf, s.LastBlockHash, &n, &err)
WriteBinary(&buf, s.LastBlockParts, &n, &err)
WriteTime(&buf, s.LastBlockTime, &n, &err)
WriteBinary(&buf, s.BondedValidators, &n, &err)
WriteBinary(&buf, s.UnbondingValidators, &n, &err)
WriteByteSlice(&buf, s.accountDetails.Hash(), &n, &err)
if err != nil {
panic(err)
}
s.DB.Set(stateKey, buf.Bytes())
}
func (s *State) Copy() *State {
return &State{
DB: s.DB,
LastBlockHeight: s.LastBlockHeight,
LastBlockHash: s.LastBlockHash,
LastBlockParts: s.LastBlockParts,
LastBlockTime: s.LastBlockTime,
BondedValidators: s.BondedValidators.Copy(),
UnbondingValidators: s.UnbondingValidators.Copy(),
accountDetails: s.accountDetails.Copy(),
}
}
// If the tx is invalid, an error will be returned.
// Unlike AppendBlock(), state will not be altered.
func (s *State) ExecTx(tx Tx) error {
accDet := s.GetAccountDetail(tx.GetSignature().SignerId)
if accDet == nil {
return ErrStateInvalidAccountId
}
// Check signature
if !accDet.Verify(tx) {
return ErrStateInvalidSignature
}
// Check and update sequence
if tx.GetSequence() <= accDet.Sequence {
return ErrStateInvalidSequenceNumber
} else {
// TODO consider prevSequence for tx chaining.
accDet.Sequence = tx.GetSequence()
}
// Subtract fee from balance.
if accDet.Balance < tx.GetFee() {
return ErrStateInsufficientFunds
} else {
accDet.Balance -= tx.GetFee()
}
// Exec tx
switch tx.(type) {
case *SendTx:
stx := tx.(*SendTx)
toAccDet := s.GetAccountDetail(stx.To)
// Accounts must be nominal
if accDet.Status != AccountStatusNominal {
return ErrStateInvalidAccountState
}
if toAccDet.Status != AccountStatusNominal {
return ErrStateInvalidAccountState
}
// Check account balance
if accDet.Balance < stx.Amount {
return ErrStateInsufficientFunds
}
// Check existence of destination account
if toAccDet == nil {
return ErrStateInvalidAccountId
}
// Good!
accDet.Balance -= stx.Amount
toAccDet.Balance += stx.Amount
s.SetAccountDetail(accDet)
s.SetAccountDetail(toAccDet)
return nil
//case *NameTx
case *BondTx:
//btx := tx.(*BondTx)
// Account must be nominal
if accDet.Status != AccountStatusNominal {
return ErrStateInvalidAccountState
}
// Check account balance
if accDet.Balance < minBondAmount {
return ErrStateInsufficientFunds
}
// Good!
accDet.Status = AccountStatusBonded
s.SetAccountDetail(accDet)
added := s.BondedValidators.Add(&Validator{
Account: accDet.Account,
BondHeight: s.LastBlockHeight,
VotingPower: accDet.Balance,
Accum: 0,
})
if !added {
panic("Failed to add validator")
}
return nil
case *UnbondTx:
//utx := tx.(*UnbondTx)
// Account must be bonded.
if accDet.Status != AccountStatusBonded {
return ErrStateInvalidAccountState
}
// Good!
s.unbondValidator(accDet.Id, accDet)
s.SetAccountDetail(accDet)
return nil
case *DupeoutTx:
{
// NOTE: accDet is the one who created this transaction.
// Subtract any fees, save, and forget.
s.SetAccountDetail(accDet)
accDet = nil
}
dtx := tx.(*DupeoutTx)
// Verify the signatures
if dtx.VoteA.SignerId != dtx.VoteB.SignerId {
return ErrStateInvalidSignature
}
accused := s.GetAccountDetail(dtx.VoteA.SignerId)
if !accused.Verify(&dtx.VoteA) || !accused.Verify(&dtx.VoteB) {
return ErrStateInvalidSignature
}
// Verify equivocation
if dtx.VoteA.Height != dtx.VoteB.Height {
return errors.New("DupeoutTx height must be the same.")
}
if dtx.VoteA.Type == VoteTypeCommit && dtx.VoteA.Round < dtx.VoteB.Round {
// Check special case.
// Validators should not sign another vote after committing.
} else {
if dtx.VoteA.Round != dtx.VoteB.Round {
return errors.New("DupeoutTx rounds don't match")
}
if dtx.VoteA.Type != dtx.VoteB.Type {
return errors.New("DupeoutTx types don't match")
}
if bytes.Equal(dtx.VoteA.BlockHash, dtx.VoteB.BlockHash) {
return errors.New("DupeoutTx blockhash shouldn't match")
}
}
// Good! (Bad validator!)
if accused.Status == AccountStatusBonded {
_, removed := s.BondedValidators.Remove(accused.Id)
if !removed {
panic("Failed to remove accused validator")
}
} else if accused.Status == AccountStatusUnbonding {
_, removed := s.UnbondingValidators.Remove(accused.Id)
if !removed {
panic("Failed to remove accused validator")
}
} else {
panic("Couldn't find accused validator")
}
accused.Status = AccountStatusDupedOut
updated := s.SetAccountDetail(accused)
if !updated {
panic("Failed to update accused validator account")
}
return nil
default:
panic("Unknown Tx type")
}
}
// accDet optional
func (s *State) unbondValidator(accountId uint64, accDet *AccountDetail) {
if accDet == nil {
accDet = s.GetAccountDetail(accountId)
}
accDet.Status = AccountStatusUnbonding
s.SetAccountDetail(accDet)
val, removed := s.BondedValidators.Remove(accDet.Id)
if !removed {
panic("Failed to remove validator")
}
val.UnbondHeight = s.LastBlockHeight
added := s.UnbondingValidators.Add(val)
if !added {
panic("Failed to add validator")
}
}
func (s *State) releaseValidator(accountId uint64) {
accDet := s.GetAccountDetail(accountId)
if accDet.Status != AccountStatusUnbonding {
panic("Cannot release validator")
}
accDet.Status = AccountStatusNominal
// TODO: move balance to designated address, UnbondTo.
s.SetAccountDetail(accDet)
_, removed := s.UnbondingValidators.Remove(accountId)
if !removed {
panic("Couldn't release validator")
}
}
// "checkStateHash": If false, instead of checking the resulting
// state.Hash() against block.StateHash, it *sets* the block.StateHash.
// (used for constructing a new proposal)
// NOTE: If an error occurs during block execution, state will be left
// at an invalid state. Copy the state before calling AppendBlock!
func (s *State) AppendBlock(block *Block, blockPartsHeader PartSetHeader, checkStateHash bool) error {
// Basic block validation.
err := block.ValidateBasic(s.LastBlockHeight, s.LastBlockHash, s.LastBlockParts, s.LastBlockTime)
if err != nil {
return err
}
// Validate block Validation.
if block.Height == 1 {
if len(block.Validation.Commits) != 0 {
return errors.New("Block at height 1 (first block) should have no Validation commits")
}
} else {
if uint(len(block.Validation.Commits)) != s.BondedValidators.Size() {
return errors.New("Invalid block validation size")
}
var sumVotingPower uint64
s.BondedValidators.Iterate(func(index uint, val *Validator) bool {
rsig := block.Validation.Commits[index]
if rsig.IsZero() {
return false
} else {
if rsig.SignerId != val.Id {
err = errors.New("Invalid validation order")
return true
}
vote := &Vote{
Height: block.Height,
Round: rsig.Round,
Type: VoteTypeCommit,
BlockHash: block.LastBlockHash,
BlockParts: block.LastBlockParts,
Signature: rsig.Signature,
}
if val.Verify(vote) {
sumVotingPower += val.VotingPower
return false
} else {
err = errors.New("Invalid validation signature")
return true
}
}
})
if err != nil {
return err
}
if sumVotingPower <= s.BondedValidators.TotalVotingPower()*2/3 {
return errors.New("Insufficient validation voting power")
}
}
// Commit each tx
for _, tx := range block.Data.Txs {
err := s.ExecTx(tx)
if err != nil {
return InvalidTxError{tx, err}
}
}
// Update Validator.LastCommitHeight as necessary.
for _, rsig := range block.Validation.Commits {
_, val := s.BondedValidators.GetById(rsig.SignerId)
if val == nil {
return ErrStateInvalidSignature
}
val.LastCommitHeight = block.Height
updated := s.BondedValidators.Update(val)
if !updated {
panic("Failed to update validator LastCommitHeight")
}
}
// If any unbonding periods are over,
// reward account with bonded coins.
toRelease := []*Validator{}
s.UnbondingValidators.Iterate(func(index uint, val *Validator) bool {
if val.UnbondHeight+unbondingPeriodBlocks < block.Height {
toRelease = append(toRelease, val)
}
return false
})
for _, val := range toRelease {
s.releaseValidator(val.Id)
}
// If any validators haven't signed in a while,
// unbond them, they have timed out.
toTimeout := []*Validator{}
s.BondedValidators.Iterate(func(index uint, val *Validator) bool {
if val.LastCommitHeight+validatorTimeoutBlocks < block.Height {
toTimeout = append(toTimeout, val)
}
return false
})
for _, val := range toTimeout {
s.unbondValidator(val.Id, nil)
}
// Increment validator AccumPowers
s.BondedValidators.IncrementAccum()
// Check or set block.StateHash
stateHash := s.Hash()
if checkStateHash {
// State hash should match
if !bytes.Equal(stateHash, block.StateHash) {
return Errorf("Invalid state hash. Got %X, block says %X",
stateHash, block.StateHash)
}
} else {
// Set the state hash.
if block.StateHash != nil {
panic("Cannot overwrite block.StateHash")
}
block.StateHash = stateHash
}
s.LastBlockHeight = block.Height
s.LastBlockHash = block.Hash()
s.LastBlockParts = blockPartsHeader
s.LastBlockTime = block.Time
return nil
}
// The returned AccountDetail is a copy, so mutating it
// has no side effects.
func (s *State) GetAccountDetail(accountId uint64) *AccountDetail {
_, accDet := s.accountDetails.Get(accountId)
if accDet == nil {
return nil
}
return accDet.(*AccountDetail).Copy()
}
// Returns false if new, true if updated.
// The accDet is copied before setting, so mutating it
// afterwards has no side effects.
func (s *State) SetAccountDetail(accDet *AccountDetail) (updated bool) {
return s.accountDetails.Set(accDet.Id, accDet.Copy())
}
// Returns a hash that represents the state data,
// excluding LastBlock*
func (s *State) Hash() []byte {
hashables := []merkle.Hashable{
s.BondedValidators,
s.UnbondingValidators,
s.accountDetails,
}
return merkle.HashFromHashables(hashables)
}