Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Valid the authorized nodes in the node shared secret #715

Merged
merged 5 commits into from
Nov 30, 2022
Merged

Valid the authorized nodes in the node shared secret #715

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3c42830
Valid the authorized nodes in the node shared secret
tenmoves Nov 24, 2022
607e38a
refactoring
tenmoves Nov 29, 2022
0a58b91
Merge branch 'develop' into make_sure_new_authorized_nodes_in_transac…
tenmoves Nov 29, 2022
3cd6d1e
added test
tenmoves Nov 30, 2022
2031619
Merge branch 'develop' into make_sure_new_authorized_nodes_in_transac…
tenmoves Nov 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 11 additions & 9 deletions lib/archethic/mining/pending_transaction_validation.ex
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -394,8 +394,6 @@ defmodule Archethic.Mining.PendingTransactionValidation do
validation_time
)
when is_binary(secret) and byte_size(secret) > 0 and map_size(authorized_keys) > 0 do
nodes = P2P.authorized_nodes() ++ NodeRenewal.candidates()

last_scheduling_date = SharedSecrets.get_last_scheduling_date(validation_time)

genesis_address =
Expand All @@ -404,14 +402,18 @@ defmodule Archethic.Mining.PendingTransactionValidation do

{last_address, _} = DB.get_last_chain_address(genesis_address)

sorted_authorized_keys =
authorized_keys
|> Map.keys()
|> Enum.sort()

sorted_node_renewal_authorized_keys =
NodeRenewal.next_authorized_node_public_keys()
|> Enum.sort()

with {^last_address, _} <- DB.get_last_chain_address(genesis_address, last_scheduling_date),
{:ok, _, _} <-
NodeRenewal.decode_transaction_content(content),
true <-
Enum.all?(
Map.keys(authorized_keys),
&Utils.key_in_node_list?(nodes, &1)
) do
{:ok, _, _} <- NodeRenewal.decode_transaction_content(content),
true <- sorted_authorized_keys == sorted_node_renewal_authorized_keys do
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You may add a unit test to ensure the error when both list are different.
Otherwise it works well 👍

:ok
else
:error ->
Expand Down
54 changes: 53 additions & 1 deletion test/archethic/mining/pending_transaction_validation_test.exs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,9 @@ defmodule Archethic.Mining.PendingTransactionValidationTest do
available?: true
})

MockDB
|> expect(:get_latest_tps, fn -> 1000.0 end)

tx =
Transaction.new(
:node_shared_secrets,
Expand All @@ -205,7 +208,9 @@ defmodule Archethic.Mining.PendingTransactionValidationTest do
secret: :crypto.strong_rand_bytes(32),
authorized_keys: %{
"node_key1" => "",
"node_key2" => ""
"node_key2" => "",
# we started and connected this node in setup
Crypto.last_node_public_key() => ""
}
}
]
Expand All @@ -218,6 +223,53 @@ defmodule Archethic.Mining.PendingTransactionValidationTest do
:persistent_term.put(:node_shared_secrets_gen_addr, nil)
end

test "should return error when authorized nodes are not the same as the candidates" do
P2P.add_and_connect_node(%Node{
ip: {127, 0, 0, 1},
port: 3000,
http_port: 4000,
first_public_key: "node_key1",
last_public_key: "node_key1",
available?: true
})

MockDB
|> expect(:get_latest_tps, fn -> 1000.0 end)

tx =
Transaction.new(
:node_shared_secrets,
%TransactionData{
content:
<<0, 0, 219, 82, 144, 35, 140, 59, 161, 231, 225, 145, 111, 203, 173, 197, 200, 150,
213, 145, 87, 209, 98, 25, 28, 148, 198, 77, 174, 48, 16, 117, 253, 15, 0, 0, 105,
113, 238, 128, 201, 90, 172, 230, 46, 99, 215, 130, 104, 26, 196, 222, 157, 89,
101, 74, 248, 245, 118, 36, 194, 213, 108, 141, 175, 248, 6, 120>>,
code: """
condition inherit: [
type: node_shared_secrets
]
""",
ownerships: [
%Ownership{
secret: :crypto.strong_rand_bytes(32),
authorized_keys: %{
# we started and connected this node in setup
Crypto.last_node_public_key() => ""
}
}
]
}
)

:persistent_term.put(:node_shared_secrets_gen_addr, Transaction.previous_address(tx))

assert {:error, "Invalid node shared secrets transaction authorized nodes"} =
PendingTransactionValidation.validate(tx)

:persistent_term.put(:node_shared_secrets_gen_addr, nil)
end

test "should return :ok when a origin transaction is made" do
P2P.add_and_connect_node(%Node{
ip: {127, 0, 0, 1},
Expand Down
2 changes: 0 additions & 2 deletions test/archethic/shared_secrets/node_renewal_test.exs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,6 @@ defmodule Archethic.SharedSecrets.NodeRenewalTest do
alias Archethic.TransactionChain.TransactionData
alias Archethic.TransactionChain.TransactionData.Ownership

alias Archethic.SharedSecrets.NodeRenewal

import Mox

test "new_node_shared_secrets_transaction/4 should create a new node shared secrets transaction" do
Expand Down