Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify BLS signature provided in Handshake messages #2735

Merged
merged 19 commits into from
Feb 15, 2024
Merged

Verify BLS signature provided in Handshake messages #2735

merged 19 commits into from
Feb 15, 2024

Conversation

StephenButtolph
Copy link
Contributor

@StephenButtolph StephenButtolph commented Feb 13, 2024
edited
Loading

Why this should be merged

This enforces that nodes are signing their IPs with their BLS keys after the activation of Durango on mainnet. This enforces the mainnet upgrade time rather than the currently running network to provide Fuji operators a time period to update their nodes since the Fuji Durango upgrade has already happened.

If a node provides a BLS signature. It will be verified regardless of the Durango upgrade time.

How this works

  • Optionally parses BLS signatures from the handshake message.
  • Verifies provided BLS signatures against validator BLS public keys.
  • Requires BLS signatures to be provided by validators with BLS public keys after the mainnet Durango activation.

How this was tested

  • Additional unit tests
  • CI

@StephenButtolph StephenButtolph added networking This involves networking Durango durango fork labels Feb 13, 2024
@StephenButtolph StephenButtolph added this to the v1.11.0 milestone Feb 13, 2024
@StephenButtolph StephenButtolph self-assigned this Feb 13, 2024
StephenButtolph
StephenButtolph commented Feb 13, 2024
View reviewed changes
network/peer/peer.go
Comment on lines -969 to -977
if err := p.VersionCompatibility.Compatible(p.version); err != nil {
p.Log.Verbo("peer version not compatible",
zap.Stringer("nodeID", p.id),
zap.Stringer("peerVersion", p.version),
zap.Error(err),
)
p.StartClose()
return
}
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now done in the below p.shouldDisconnect() check

@StephenButtolph StephenButtolph marked this pull request as ready for review February 13, 2024 23:23
aaronbuchwald
aaronbuchwald approved these changes Feb 14, 2024
View reviewed changes
Copy link
Collaborator

@aaronbuchwald aaronbuchwald left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - agree with @patrick-ogrady 's comment https://github.com/ava-labs/avalanchego/pull/2735/files#r1488716828 on verifying the signature when a validator is added as opposed to periodically when sending ping messages.

marun
marun reviewed Feb 14, 2024
View reviewed changes
Copy link
Contributor

@marun marun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice testing improvements!

patrick-ogrady
patrick-ogrady reviewed Feb 14, 2024
View reviewed changes
network/peer/peer.go
}

// If Durango hasn't activated on mainnet yet, we don't require BLS
// signatures to be provided. However, if they are provided, verify that
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❤️

Base automatically changed from check-p2p-bls-key to master February 15, 2024 00:48
@StephenButtolph StephenButtolph added this pull request to the merge queue Feb 15, 2024
Merged via the queue into master with commit 8d95adc Feb 15, 2024
17 checks passed
@StephenButtolph StephenButtolph deleted the verify-p2p-bls-key branch February 15, 2024 17:58
mboben pushed a commit to mboben/avalanchego that referenced this pull request Apr 7, 2024
@StephenButtolph
Remove unused EngineTypes from p2p messages (ava-labs#2735)
b6c16e1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marun marun marun left review comments

@patrick-ogrady patrick-ogrady patrick-ogrady approved these changes

@aaronbuchwald aaronbuchwald aaronbuchwald approved these changes

@danlaine danlaine Awaiting requested review from danlaine danlaine is a code owner

@joshua-kim joshua-kim Awaiting requested review from joshua-kim joshua-kim is a code owner

@gyuho gyuho Awaiting requested review from gyuho

Assignees

@StephenButtolph StephenButtolph

Labels
Durango durango fork networking This involves networking
Projects
Platform Engineering Group
Archived in project
Milestone
v1.11.0
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@StephenButtolph @marun @patrick-ogrady @aaronbuchwald