From 28c16e4805489848f891b1f838968bf59aee3761 Mon Sep 17 00:00:00 2001 From: peekpi <894646171@qq.com> Date: Fri, 1 Jul 2022 18:19:21 +0800 Subject: [PATCH 1/8] [txpool] fix #4215, support allowed transaction list. --- cmd/harmony/config_migrations_test.go | 1 + cmd/harmony/config_test.go | 1 + cmd/harmony/default.go | 1 + cmd/harmony/flags.go | 9 +++++ cmd/harmony/flags_test.go | 8 ++++- cmd/harmony/main.go | 44 +++++++++++++++++++++-- cmd/harmony/main_test.go | 50 +++++++++++++++++++++++++++ core/tx_pool.go | 25 ++++++++++++-- internal/configs/harmony/harmony.go | 1 + node/node.go | 2 ++ 10 files changed, 136 insertions(+), 6 deletions(-) create mode 100644 cmd/harmony/main_test.go diff --git a/cmd/harmony/config_migrations_test.go b/cmd/harmony/config_migrations_test.go index 075cfa8ec5..72db5d7900 100644 --- a/cmd/harmony/config_migrations_test.go +++ b/cmd/harmony/config_migrations_test.go @@ -313,6 +313,7 @@ Version = "1.0.4" [TxPool] BlacklistFile = "./.hmy/blacklist.txt" LocalAccountsFile = "./.hmy/locals.txt" + AllowedTxsFile = "./.hmy/allowedtxs.txt" [WS] Enabled = true diff --git a/cmd/harmony/config_test.go b/cmd/harmony/config_test.go index 1f669fef58..ae88089f73 100644 --- a/cmd/harmony/config_test.go +++ b/cmd/harmony/config_test.go @@ -84,6 +84,7 @@ Version = "1.0.4" [TxPool] BlacklistFile = "./.hmy/blacklist.txt" LocalAccountsFile = "./.hmy/locals.txt" + AllowedTxsFile = "./.hmy/allowedtxs.txt" [Sync] Downloader = false diff --git a/cmd/harmony/default.go b/cmd/harmony/default.go index c94fd4bdb7..a6686f5def 100644 --- a/cmd/harmony/default.go +++ b/cmd/harmony/default.go @@ -70,6 +70,7 @@ var defaultConfig = harmonyconfig.HarmonyConfig{ }, TxPool: harmonyconfig.TxPoolConfig{ BlacklistFile: "./.hmy/blacklist.txt", + AllowedTxsFile: "./.hmy/allowedtxs.txt", RosettaFixFile: "", AccountSlots: 16, LocalAccountsFile: "./.hmy/locals.txt", diff --git a/cmd/harmony/flags.go b/cmd/harmony/flags.go index c7f07b104e..257420967f 100644 --- a/cmd/harmony/flags.go +++ b/cmd/harmony/flags.go @@ -135,6 +135,7 @@ var ( tpBlacklistFileFlag, legacyTPBlacklistFileFlag, localAccountsFileFlag, + allowedTxsFileFlag, } pprofFlags = []cli.Flag{ @@ -1080,6 +1081,11 @@ var ( Usage: "file of local wallet addresses", DefValue: defaultConfig.TxPool.LocalAccountsFile, } + allowedTxsFileFlag = cli.StringFlag{ + Name: "txpool.allowedtxs", + Usage: "file of allowed transactions", + DefValue: defaultConfig.TxPool.AllowedTxsFile, + } ) func applyTxPoolFlags(cmd *cobra.Command, config *harmonyconfig.HarmonyConfig) { @@ -1101,6 +1107,9 @@ func applyTxPoolFlags(cmd *cobra.Command, config *harmonyconfig.HarmonyConfig) { if cli.IsFlagChanged(cmd, localAccountsFileFlag) { config.TxPool.LocalAccountsFile = cli.GetStringFlagValue(cmd, localAccountsFileFlag) } + if cli.IsFlagChanged(cmd, allowedTxsFileFlag) { + config.TxPool.AllowedTxsFile = cli.GetStringFlagValue(cmd, allowedTxsFileFlag) + } } // pprof flags diff --git a/cmd/harmony/flags_test.go b/cmd/harmony/flags_test.go index ee40438958..854db09f0a 100644 --- a/cmd/harmony/flags_test.go +++ b/cmd/harmony/flags_test.go @@ -106,6 +106,7 @@ func TestHarmonyFlags(t *testing.T) { }, TxPool: harmonyconfig.TxPoolConfig{ BlacklistFile: "./.hmy/blacklist.txt", + AllowedTxsFile: "./.hmy/allowedtxs.txt", RosettaFixFile: "", AccountSlots: 16, LocalAccountsFile: "./.hmy/locals.txt", @@ -875,15 +876,17 @@ func TestTxPoolFlags(t *testing.T) { args: []string{}, expConfig: harmonyconfig.TxPoolConfig{ BlacklistFile: defaultConfig.TxPool.BlacklistFile, + AllowedTxsFile: defaultConfig.TxPool.AllowedTxsFile, RosettaFixFile: defaultConfig.TxPool.RosettaFixFile, AccountSlots: defaultConfig.TxPool.AccountSlots, LocalAccountsFile: defaultConfig.TxPool.LocalAccountsFile, }, }, { - args: []string{"--txpool.blacklist", "blacklist.file", "--txpool.rosettafixfile", "rosettafix.file"}, + args: []string{"--txpool.blacklist", "blacklist.file", "--txpool.rosettafixfile", "rosettafix.file", "--txpool.allowedtxs", "allowedtxs.txt"}, expConfig: harmonyconfig.TxPoolConfig{ BlacklistFile: "blacklist.file", + AllowedTxsFile: "allowedtxs.txt", RosettaFixFile: "rosettafix.file", AccountSlots: 16, // default LocalAccountsFile: defaultConfig.TxPool.LocalAccountsFile, @@ -894,6 +897,7 @@ func TestTxPoolFlags(t *testing.T) { expConfig: harmonyconfig.TxPoolConfig{ BlacklistFile: "blacklist.file", RosettaFixFile: "rosettafix.file", + AllowedTxsFile: defaultConfig.TxPool.AllowedTxsFile, AccountSlots: 16, // default LocalAccountsFile: defaultConfig.TxPool.LocalAccountsFile, }, @@ -903,6 +907,7 @@ func TestTxPoolFlags(t *testing.T) { expConfig: harmonyconfig.TxPoolConfig{ AccountSlots: 5, BlacklistFile: "blacklist.file", + AllowedTxsFile: defaultConfig.TxPool.AllowedTxsFile, RosettaFixFile: "rosettafix.file", LocalAccountsFile: defaultConfig.TxPool.LocalAccountsFile, }, @@ -911,6 +916,7 @@ func TestTxPoolFlags(t *testing.T) { args: []string{"--txpool.locals", "locals.txt"}, expConfig: harmonyconfig.TxPoolConfig{ BlacklistFile: defaultConfig.TxPool.BlacklistFile, + AllowedTxsFile: defaultConfig.TxPool.AllowedTxsFile, RosettaFixFile: defaultConfig.TxPool.RosettaFixFile, AccountSlots: defaultConfig.TxPool.AccountSlots, LocalAccountsFile: "locals.txt", diff --git a/cmd/harmony/main.go b/cmd/harmony/main.go index 57282f620c..d586dc65a5 100644 --- a/cmd/harmony/main.go +++ b/cmd/harmony/main.go @@ -667,6 +667,10 @@ func setupConsensusAndNode(hc harmonyconfig.HarmonyConfig, nodeConfig *nodeconfi if err != nil { utils.Logger().Warn().Msgf("Blacklist setup error: %s", err.Error()) } + allowedTxs, err := setupAllowedTxs(hc) + if err != nil { + utils.Logger().Warn().Msgf("AllowedTxs setup error: %s", err.Error()) + } localAccounts, err := setupLocalAccounts(hc, blacklist) if err != nil { @@ -687,7 +691,7 @@ func setupConsensusAndNode(hc harmonyconfig.HarmonyConfig, nodeConfig *nodeconfi chainDBFactory = &shardchain.LDBFactory{RootDir: nodeConfig.DBDir} } - currentNode := node.New(myHost, currentConsensus, chainDBFactory, blacklist, localAccounts, nodeConfig.ArchiveModes(), &hc) + currentNode := node.New(myHost, currentConsensus, chainDBFactory, blacklist, allowedTxs, localAccounts, nodeConfig.ArchiveModes(), &hc) if hc.Legacy != nil && hc.Legacy.TPBroadcastInvalidTxn != nil { currentNode.BroadcastInvalidTx = *hc.Legacy.TPBroadcastInvalidTxn @@ -842,7 +846,7 @@ func setupBlacklist(hc harmonyconfig.HarmonyConfig) (map[ethCommon.Address]struc for _, line := range strings.Split(string(dat), "\n") { if len(line) != 0 { // blacklist file may have trailing empty string line b32 := strings.TrimSpace(strings.Split(string(line), "#")[0]) - addr, err := common.Bech32ToAddress(b32) + addr, err := common.ParseAddr(b32) if err != nil { return nil, err } @@ -852,6 +856,42 @@ func setupBlacklist(hc harmonyconfig.HarmonyConfig) (map[ethCommon.Address]struc return addrMap, nil } +func parseAllowedTxs(data []byte) (map[ethCommon.Address]core.AllowedTxData, error) { + allowedTxs := make(map[ethCommon.Address]core.AllowedTxData) + for _, line := range strings.Split(string(data), "\n") { + line = strings.TrimSpace(line) + if len(line) != 0 { // AllowedTxs file may have trailing empty string line + substrings := strings.Split(string(line), "->") + fromStr := strings.TrimSpace(substrings[0]) + txSubstrings := strings.Split(substrings[1], ":") + toStr := strings.TrimSpace(txSubstrings[0]) + dataStr := strings.TrimSpace(txSubstrings[1]) + from, err := common.ParseAddr(fromStr) + if err != nil { + return nil, err + } + to, err := common.ParseAddr(toStr) + if err != nil { + return nil, err + } + allowedTxs[from] = core.AllowedTxData{ + To: to, + Data: ethCommon.FromHex(dataStr), + } + } + } + return allowedTxs, nil +} + +func setupAllowedTxs(hc harmonyconfig.HarmonyConfig) (map[ethCommon.Address]core.AllowedTxData, error) { + utils.Logger().Debug().Msgf("Using AllowedTxs file at `%s`", hc.TxPool.AllowedTxsFile) + data, err := ioutil.ReadFile(hc.TxPool.AllowedTxsFile) + if err != nil { + return nil, err + } + return parseAllowedTxs(data) +} + func setupLocalAccounts(hc harmonyconfig.HarmonyConfig, blacklist map[ethCommon.Address]struct{}) ([]ethCommon.Address, error) { file := hc.TxPool.LocalAccountsFile // check if file exist diff --git a/cmd/harmony/main_test.go b/cmd/harmony/main_test.go new file mode 100644 index 0000000000..0ee836f337 --- /dev/null +++ b/cmd/harmony/main_test.go @@ -0,0 +1,50 @@ +package main + +import ( + "bytes" + "testing" + + "github.com/ethereum/go-ethereum/common" + ethCommon "github.com/ethereum/go-ethereum/common" + "github.com/harmony-one/harmony/core" +) + +func TestAllowedTxsParse(t *testing.T) { + testData := []byte(` + 0x7A6Ed0a905053A21C15cB5b4F39b561B6A3FE50f->0x855Ac656956AF761439f4a451c872E812E3900a4:0x + 0x7A6Ed0a905053A21C15cB5b4F39b561B6A3FE50f->one1np293efrmv74xyjcz0kk3sn53x0fm745f2hsuc:0xa9059cbb + one1s4dvv454dtmkzsulffz3epewsyhrjq9y0g3fqz->0x985458E523dB3d53125813eD68c274899e9DfAb4:0xa9059cbb + one1s4dvv454dtmkzsulffz3epewsyhrjq9y0g3fqz->one10fhdp2g9q5azrs2ukk608x6krd4rleg0ueskug:0x + `) + expected := map[ethCommon.Address]core.AllowedTxData{ + common.HexToAddress("0x7A6Ed0a905053A21C15cB5b4F39b561B6A3FE50f"): core.AllowedTxData{ + To: common.HexToAddress("0x855Ac656956AF761439f4a451c872E812E3900a4"), + Data: common.FromHex("0x"), + }, + common.HexToAddress("0x7A6Ed0a905053A21C15cB5b4F39b561B6A3FE50f"): core.AllowedTxData{ + To: common.HexToAddress("0x985458E523dB3d53125813eD68c274899e9DfAb4"), + Data: common.FromHex("0xa9059cbb"), + }, + common.HexToAddress("0x855Ac656956AF761439f4a451c872E812E3900a4"): core.AllowedTxData{ + To: common.HexToAddress("0x985458E523dB3d53125813eD68c274899e9DfAb4"), + Data: common.FromHex("0xa9059cbb"), + }, + common.HexToAddress("0x855Ac656956AF761439f4a451c872E812E3900a4"): core.AllowedTxData{ + To: common.HexToAddress("0x7A6Ed0a905053A21C15cB5b4F39b561B6A3FE50f"), + Data: common.FromHex("0x"), + }, + } + got, err := parseAllowedTxs(testData) + if err != nil { + t.Fatal(err) + } + if len(got) != len(expected) { + t.Errorf("lenght of allowed transactions not equal, got: %d expected: %d", len(got), len(expected)) + } + for from, txData := range got { + expectedTxData := expected[from] + if expectedTxData.To != txData.To || !bytes.Equal(expectedTxData.Data, txData.Data) { + t.Errorf("txData not equal: got: %v expected: %v", txData, expectedTxData) + } + } +} diff --git a/core/tx_pool.go b/core/tx_pool.go index 11e0c3a6b8..2a69872778 100644 --- a/core/tx_pool.go +++ b/core/tx_pool.go @@ -17,6 +17,7 @@ package core import ( + "bytes" "fmt" "math" "math/big" @@ -145,6 +146,11 @@ type blockChain interface { SubscribeChainHeadEvent(ch chan<- ChainHeadEvent) event.Subscription } +type AllowedTxData struct { + To common.Address + Data []byte +} + // TxPoolConfig are the configuration parameters of the transaction pool. type TxPoolConfig struct { Locals []common.Address // Addresses that should be treated by default as local @@ -162,7 +168,8 @@ type TxPoolConfig struct { Lifetime time.Duration // Maximum amount of time non-executable transaction are queued - Blacklist map[common.Address]struct{} // Set of accounts that cannot be a part of any transaction + Blacklist map[common.Address]struct{} // Set of accounts that cannot be a part of any transaction + AllowedTxs map[common.Address]AllowedTxData // Set of allowed transactions can break the blocklist } // DefaultTxPoolConfig contains the default configurations for the transaction @@ -181,7 +188,8 @@ var DefaultTxPoolConfig = TxPoolConfig{ Lifetime: 30 * time.Minute, - Blacklist: map[common.Address]struct{}{}, + Blacklist: map[common.Address]struct{}{}, + AllowedTxs: map[common.Address]AllowedTxData{}, } // sanitize checks the provided user configurations and changes anything that's @@ -213,6 +221,10 @@ func (config *TxPoolConfig) sanitize() TxPoolConfig { utils.Logger().Warn().Msg("Sanitizing nil blacklist set") conf.Blacklist = DefaultTxPoolConfig.Blacklist } + if conf.AllowedTxs == nil { + utils.Logger().Warn().Msg("Sanitizing nil allowedTxs set") + conf.AllowedTxs = DefaultTxPoolConfig.AllowedTxs + } if conf.AccountSlots == 0 { utils.Logger().Warn(). Uint64("provided", conf.AccountSlots). @@ -707,8 +719,15 @@ func (pool *TxPool) validateTx(tx types.PoolTransaction, local bool) error { } return ErrInvalidSender } + + inAllowedTxs := false + if allowedTx, exists := pool.config.AllowedTxs[from]; exists { + to := tx.To() + inAllowedTxs = to != nil && *to == allowedTx.To && bytes.Equal(tx.Data(), allowedTx.Data) + } + // Make sure transaction does not have blacklisted addresses - if _, exists := (pool.config.Blacklist)[from]; exists { + if _, exists := (pool.config.Blacklist)[from]; exists && !inAllowedTxs { if b32, err := hmyCommon.AddressToBech32(from); err == nil { return errors.WithMessagef(ErrBlacklistFrom, "transaction sender is %s", b32) } diff --git a/internal/configs/harmony/harmony.go b/internal/configs/harmony/harmony.go index 7e83a7ec1b..f44a19dd4a 100644 --- a/internal/configs/harmony/harmony.go +++ b/internal/configs/harmony/harmony.go @@ -98,6 +98,7 @@ type BlsConfig struct { type TxPoolConfig struct { BlacklistFile string + AllowedTxsFile string RosettaFixFile string AccountSlots uint64 LocalAccountsFile string diff --git a/node/node.go b/node/node.go index 07f9c1da03..b28e5c51a8 100644 --- a/node/node.go +++ b/node/node.go @@ -956,6 +956,7 @@ func New( consensusObj *consensus.Consensus, chainDBFactory shardchain.DBFactory, blacklist map[common.Address]struct{}, + allowedTxs map[common.Address]core.AllowedTxData, localAccounts []common.Address, isArchival map[uint32]bool, harmonyconfig *harmonyconfig.HarmonyConfig, @@ -1031,6 +1032,7 @@ func New( } txPoolConfig.Blacklist = blacklist + txPoolConfig.AllowedTxs = allowedTxs txPoolConfig.Journal = fmt.Sprintf("%v/%v", node.NodeConfig.DBDir, txPoolConfig.Journal) node.TxPool = core.NewTxPool(txPoolConfig, node.Blockchain().Config(), blockchain, node.TransactionErrorSink) node.CxPool = core.NewCxPool(core.CxPoolSize) From bf64234cc967de83f44cc0d6ed8ad932b447e77e Mon Sep 17 00:00:00 2001 From: MaxMustermann2 <82761650+MaxMustermann2@users.noreply.github.com> Date: Fri, 1 Jul 2022 13:06:38 +0000 Subject: [PATCH 2/8] test: fix node tests for allowlist of txs --- node/node_handler_test.go | 6 +++--- node/node_newblock_test.go | 2 +- node/node_test.go | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/node/node_handler_test.go b/node/node_handler_test.go index 4158ca88da..1534355bf4 100644 --- a/node/node_handler_test.go +++ b/node/node_handler_test.go @@ -39,7 +39,7 @@ func TestAddNewBlock(t *testing.T) { t.Fatalf("Cannot craeate consensus: %v", err) } nodeconfig.SetNetworkType(nodeconfig.Devnet) - node := New(host, consensus, testDBFactory, nil, nil, nil, nil) + node := New(host, consensus, testDBFactory, nil, nil, nil, nil, nil) txs := make(map[common.Address]types.Transactions) stks := staking.StakingTransactions{} @@ -88,7 +88,7 @@ func TestVerifyNewBlock(t *testing.T) { archiveMode := make(map[uint32]bool) archiveMode[0] = true archiveMode[1] = false - node := New(host, consensus, testDBFactory, nil, nil, archiveMode, nil) + node := New(host, consensus, testDBFactory, nil, nil, nil, archiveMode, nil) txs := make(map[common.Address]types.Transactions) stks := staking.StakingTransactions{} @@ -134,7 +134,7 @@ func TestVerifyVRF(t *testing.T) { archiveMode := make(map[uint32]bool) archiveMode[0] = true archiveMode[1] = false - node := New(host, consensus, testDBFactory, nil, nil, archiveMode, nil) + node := New(host, consensus, testDBFactory, nil, nil, nil, archiveMode, nil) consensus.Blockchain = node.Blockchain() txs := make(map[common.Address]types.Transactions) diff --git a/node/node_newblock_test.go b/node/node_newblock_test.go index 9d1f2c57f0..031fc0132c 100644 --- a/node/node_newblock_test.go +++ b/node/node_newblock_test.go @@ -40,7 +40,7 @@ func TestFinalizeNewBlockAsync(t *testing.T) { t.Fatalf("Cannot craeate consensus: %v", err) } var testDBFactory = &shardchain.MemDBFactory{} - node := New(host, consensus, testDBFactory, nil, nil, nil, nil) + node := New(host, consensus, testDBFactory, nil, nil, nil, nil, nil) node.Worker.UpdateCurrent() diff --git a/node/node_test.go b/node/node_test.go index 0160e31224..185ca9e95d 100644 --- a/node/node_test.go +++ b/node/node_test.go @@ -39,7 +39,7 @@ func TestNewNode(t *testing.T) { if err != nil { t.Fatalf("Cannot craeate consensus: %v", err) } - node := New(host, consensus, testDBFactory, nil, nil, nil, nil) + node := New(host, consensus, testDBFactory, nil, nil, nil, nil, nil) if node.Consensus == nil { t.Error("Consensus is not initialized for the node") } @@ -216,7 +216,7 @@ func TestAddBeaconPeer(t *testing.T) { archiveMode := make(map[uint32]bool) archiveMode[0] = true archiveMode[1] = false - node := New(host, consensus, testDBFactory, nil, nil, archiveMode, nil) + node := New(host, consensus, testDBFactory, nil, nil, nil, archiveMode, nil) for _, p := range peers1 { ret := node.AddBeaconPeer(p) if ret { From 1bc29b757a9bc3968d8276b41f67b60011d35695 Mon Sep 17 00:00:00 2001 From: peekpi <894646171@qq.com> Date: Sat, 2 Jul 2022 12:57:43 +0800 Subject: [PATCH 3/8] add error checking of tx.data --- cmd/harmony/main.go | 7 ++++++- test/configs/local-resharding.txt | 2 ++ test/deploy.sh | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/cmd/harmony/main.go b/cmd/harmony/main.go index d586dc65a5..02a4e73cf6 100644 --- a/cmd/harmony/main.go +++ b/cmd/harmony/main.go @@ -22,6 +22,7 @@ import ( rpc_common "github.com/harmony-one/harmony/rpc/common" ethCommon "github.com/ethereum/go-ethereum/common" + "github.com/ethereum/go-ethereum/common/hexutil" "github.com/ethereum/go-ethereum/log" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -874,9 +875,13 @@ func parseAllowedTxs(data []byte) (map[ethCommon.Address]core.AllowedTxData, err if err != nil { return nil, err } + data, err := hexutil.Decode(dataStr) + if err != nil { + return nil, err + } allowedTxs[from] = core.AllowedTxData{ To: to, - Data: ethCommon.FromHex(dataStr), + Data: data, } } } diff --git a/test/configs/local-resharding.txt b/test/configs/local-resharding.txt index ba9fa717a9..2aca233925 100644 --- a/test/configs/local-resharding.txt +++ b/test/configs/local-resharding.txt @@ -10,6 +10,7 @@ 127.0.0.1 9009 validator .hmy/49d15743b36334399f9985feb0753430a2b287b2d68b84495bbb15381854cbf01bca9d1d9f4c9c8f18509b2bfa6bd40f.key 127.0.0.1 9010 validator .hmy/95117937cd8c09acd2dfae847d74041a67834ea88662a7cbed1e170350bc329e53db151e5a0ef3e712e35287ae954818.key 127.0.0.1 9011 validator .hmy/68ae289d73332872ec8d04ac256ca0f5453c88ad392730c5741b6055bc3ec3d086ab03637713a29f459177aaa8340615.key +127.0.0.1 9024 external bin/.hmy/blskeys/0 127.0.0.1 9099 explorer null 0 127.0.0.1 9100 validator .hmy/52ecce5f64db21cbe374c9268188f5d2cdd5bec1a3112276a350349860e35fb81f8cfe447a311e0550d961cf25cb988d.key @@ -22,4 +23,5 @@ 127.0.0.1 9107 validator .hmy/f47238daef97d60deedbde5302d05dea5de67608f11f406576e363661f7dcbc4a1385948549b31a6c70f6fde8a391486.key 127.0.0.1 9108 validator .hmy/fc4b9c535ee91f015efff3f32fbb9d32cdd9bfc8a837bb3eee89b8fff653c7af2050a4e147ebe5c7233dc2d5df06ee0a.key 127.0.0.1 9109 validator .hmy/ca86e551ee42adaaa6477322d7db869d3e203c00d7b86c82ebee629ad79cb6d57b8f3db28336778ec2180e56a8e07296.key +127.0.0.1 9024 external bin/.hmy/blskeys/1 127.0.0.1 9098 explorer null 1 \ No newline at end of file diff --git a/test/deploy.sh b/test/deploy.sh index 272675baa8..4eb709403b 100755 --- a/test/deploy.sh +++ b/test/deploy.sh @@ -166,7 +166,7 @@ DURATION=60000 MIN=3 SHARDS=2 DRYRUN= -NETWORK=localnet +NETWORK=testnet VERBOSE=false NOBUILD=false EXPOSEAPIS=false From c24a05ceea9fa9683fb34fa3c641850fb5e99020 Mon Sep 17 00:00:00 2001 From: peekpi <894646171@qq.com> Date: Sat, 2 Jul 2022 16:36:52 +0800 Subject: [PATCH 4/8] recover test scripts --- test/configs/local-resharding.txt | 2 -- test/deploy.sh | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/test/configs/local-resharding.txt b/test/configs/local-resharding.txt index 2aca233925..ba9fa717a9 100644 --- a/test/configs/local-resharding.txt +++ b/test/configs/local-resharding.txt @@ -10,7 +10,6 @@ 127.0.0.1 9009 validator .hmy/49d15743b36334399f9985feb0753430a2b287b2d68b84495bbb15381854cbf01bca9d1d9f4c9c8f18509b2bfa6bd40f.key 127.0.0.1 9010 validator .hmy/95117937cd8c09acd2dfae847d74041a67834ea88662a7cbed1e170350bc329e53db151e5a0ef3e712e35287ae954818.key 127.0.0.1 9011 validator .hmy/68ae289d73332872ec8d04ac256ca0f5453c88ad392730c5741b6055bc3ec3d086ab03637713a29f459177aaa8340615.key -127.0.0.1 9024 external bin/.hmy/blskeys/0 127.0.0.1 9099 explorer null 0 127.0.0.1 9100 validator .hmy/52ecce5f64db21cbe374c9268188f5d2cdd5bec1a3112276a350349860e35fb81f8cfe447a311e0550d961cf25cb988d.key @@ -23,5 +22,4 @@ 127.0.0.1 9107 validator .hmy/f47238daef97d60deedbde5302d05dea5de67608f11f406576e363661f7dcbc4a1385948549b31a6c70f6fde8a391486.key 127.0.0.1 9108 validator .hmy/fc4b9c535ee91f015efff3f32fbb9d32cdd9bfc8a837bb3eee89b8fff653c7af2050a4e147ebe5c7233dc2d5df06ee0a.key 127.0.0.1 9109 validator .hmy/ca86e551ee42adaaa6477322d7db869d3e203c00d7b86c82ebee629ad79cb6d57b8f3db28336778ec2180e56a8e07296.key -127.0.0.1 9024 external bin/.hmy/blskeys/1 127.0.0.1 9098 explorer null 1 \ No newline at end of file diff --git a/test/deploy.sh b/test/deploy.sh index 4eb709403b..272675baa8 100755 --- a/test/deploy.sh +++ b/test/deploy.sh @@ -166,7 +166,7 @@ DURATION=60000 MIN=3 SHARDS=2 DRYRUN= -NETWORK=testnet +NETWORK=localnet VERBOSE=false NOBUILD=false EXPOSEAPIS=false From d52a963052f55f2606b9b1b2fec919bb7cdc1f54 Mon Sep 17 00:00:00 2001 From: peekpi <894646171@qq.com> Date: Mon, 4 Jul 2022 22:06:56 +0800 Subject: [PATCH 5/8] config migration --- cmd/harmony/config_migrations.go | 7 ++++++ cmd/harmony/default.go | 2 +- rosetta/infra/harmony-mainnet.conf | 36 +++++++++++++++++------------- rosetta/infra/harmony-pstn.conf | 35 ++++++++++++++++------------- 4 files changed, 48 insertions(+), 32 deletions(-) diff --git a/cmd/harmony/config_migrations.go b/cmd/harmony/config_migrations.go index 30ed261df2..54cbce6697 100644 --- a/cmd/harmony/config_migrations.go +++ b/cmd/harmony/config_migrations.go @@ -259,5 +259,12 @@ func init() { confTree.Set("Version", "2.5.3") return confTree } + migrations["2.5.3"] = func(confTree *toml.Tree) *toml.Tree { + if confTree.Get("TxPool.AllowedTxsFile") == nil { + confTree.Set("TxPool.AllowedTxsFile", defaultConfig.TxPool.AllowedTxsFile) + } + confTree.Set("Version", "2.5.4") + return confTree + } } diff --git a/cmd/harmony/default.go b/cmd/harmony/default.go index a6686f5def..c24ebfe300 100644 --- a/cmd/harmony/default.go +++ b/cmd/harmony/default.go @@ -5,7 +5,7 @@ import ( nodeconfig "github.com/harmony-one/harmony/internal/configs/node" ) -const tomlConfigVersion = "2.5.3" // bump from 2.5.2 for rpc filters +const tomlConfigVersion = "2.5.4" // bump from 2.5.2 for rpc filters const ( defNetworkType = nodeconfig.Mainnet diff --git a/rosetta/infra/harmony-mainnet.conf b/rosetta/infra/harmony-mainnet.conf index f2b3903aec..b73d86c5e0 100644 --- a/rosetta/infra/harmony-mainnet.conf +++ b/rosetta/infra/harmony-mainnet.conf @@ -1,4 +1,4 @@ -Version = "2.5.3" +Version = "2.5.4" [BLSKeys] KMSConfigFile = "" @@ -12,6 +12,10 @@ Version = "2.5.3" PassSrcType = "auto" SavePassphrase = false +[Consensus] + AggregateSig = false + MinPeers = 5 + [DNSSync] Client = true LegacySyncing = false @@ -22,6 +26,7 @@ Version = "2.5.3" [General] DataDir = "/data" + EnablePruneBeaconChain = false IsArchival = true IsBackup = false IsBeaconArchival = true @@ -29,9 +34,7 @@ Version = "2.5.3" NoStaking = true NodeType = "explorer" ShardID = 0 - -[Consensus] - MinPeers = 5 + TraceEnable = false [HTTP] AuthPort = 9501 @@ -57,12 +60,12 @@ Version = "2.5.3" NetworkType = "mainnet" [P2P] + DisablePrivateIPScan = false DiscConcurrency = 0 IP = "0.0.0.0" KeyFile = "./.hmykey" MaxConnsPerIP = 10 Port = 9000 - DisablePrivateIPScan = false [Pprof] Enabled = false @@ -75,11 +78,18 @@ Version = "2.5.3" [RPCOpt] DebugEnabled = false EthRPCsEnabled = true - StakingRPCsEnabled = true LegacyRPCsEnabled = true - RpcFilterFile = "./.hmy/rpc_filter.txt" RateLimterEnabled = true RequestsPerSecond = 1000 + RpcFilterFile = "./.hmy/rpc_filter.txt" + StakingRPCsEnabled = true + +[ShardData] + CacheSize = 512 + CacheTime = 10 + DiskCount = 8 + EnableShardData = true + ShardCount = 4 [Sync] Concurrency = 7 @@ -93,17 +103,11 @@ Version = "2.5.3" MinPeers = 5 [TxPool] - BlacklistFile = "./.hmy/blacklist.txt" - RosettaFixFile = "./rosetta_local_fix.csv" AccountSlots = 16 + AllowedTxsFile = "./.hmy/allowedtxs.txt" + BlacklistFile = "./.hmy/blacklist.txt" LocalAccountsFile = "./.hmy/locals.txt" - -[ShardData] - EnableShardData = true - DiskCount = 8 - ShardCount = 4 - CacheTime = 10 - CacheSize = 512 + RosettaFixFile = "./rosetta_local_fix.csv" [WS] AuthPort = 9801 diff --git a/rosetta/infra/harmony-pstn.conf b/rosetta/infra/harmony-pstn.conf index f6b3ef06de..67cf266181 100644 --- a/rosetta/infra/harmony-pstn.conf +++ b/rosetta/infra/harmony-pstn.conf @@ -1,4 +1,4 @@ -Version = "2.5.3" +Version = "2.5.4" [BLSKeys] KMSConfigFile = "" @@ -12,6 +12,10 @@ Version = "2.5.3" PassSrcType = "auto" SavePassphrase = false +[Consensus] + AggregateSig = false + MinPeers = 2 + [DNSSync] Client = true LegacySyncing = false @@ -22,6 +26,7 @@ Version = "2.5.3" [General] DataDir = "/data" + EnablePruneBeaconChain = false IsArchival = true IsBackup = false IsBeaconArchival = true @@ -29,9 +34,7 @@ Version = "2.5.3" NoStaking = true NodeType = "explorer" ShardID = 0 - -[Consensus] - MinPeers = 2 + TraceEnable = false [HTTP] AuthPort = 9501 @@ -57,12 +60,12 @@ Version = "2.5.3" NetworkType = "partner" [P2P] + DisablePrivateIPScan = false DiscConcurrency = 0 IP = "0.0.0.0" KeyFile = "./.hmykey" MaxConnsPerIP = 10 Port = 9000 - DisablePrivateIPScan = false [Pprof] Enabled = false @@ -75,11 +78,18 @@ Version = "2.5.3" [RPCOpt] DebugEnabled = false EthRPCsEnabled = true - StakingRPCsEnabled = true LegacyRPCsEnabled = true - RpcFilterFile = "./.hmy/rpc_filter.txt" RateLimterEnabled = true RequestsPerSecond = 1000 + RpcFilterFile = "./.hmy/rpc_filter.txt" + StakingRPCsEnabled = true + +[ShardData] + CacheSize = 512 + CacheTime = 10 + DiskCount = 8 + EnableShardData = false + ShardCount = 4 [Sync] Concurrency = 7 @@ -93,16 +103,11 @@ Version = "2.5.3" MinPeers = 2 [TxPool] - BlacklistFile = "./.hmy/blacklist.txt" AccountSlots = 16 + AllowedTxsFile = "./.hmy/allowedtxs.txt" + BlacklistFile = "./.hmy/blacklist.txt" LocalAccountsFile = "./.hmy/locals.txt" - -[ShardData] - EnableShardData = false - DiskCount = 8 - ShardCount = 4 - CacheTime = 10 - CacheSize = 512 + RosettaFixFile = "" [WS] AuthPort = 9801 From 915944ee384b083b79c1cf484d9e30cce82a158e Mon Sep 17 00:00:00 2001 From: peekpi <894646171@qq.com> Date: Tue, 5 Jul 2022 14:17:45 +0800 Subject: [PATCH 6/8] add tx.data to error info --- core/tx_pool.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/tx_pool.go b/core/tx_pool.go index 2a69872778..818461595a 100644 --- a/core/tx_pool.go +++ b/core/tx_pool.go @@ -737,7 +737,7 @@ func (pool *TxPool) validateTx(tx types.PoolTransaction, local bool) error { if tx.To() != nil { if _, exists := (pool.config.Blacklist)[*tx.To()]; exists { if b32, err := hmyCommon.AddressToBech32(*tx.To()); err == nil { - return errors.WithMessagef(ErrBlacklistTo, "transaction receiver is %s", b32) + return errors.WithMessagef(ErrBlacklistTo, "transaction receiver is %s with data: %x", b32, tx.Data()) } return ErrBlacklistTo } From bcc5efda060adf089181303a239de8d41465cd23 Mon Sep 17 00:00:00 2001 From: MaxMustermann2 <82761650+MaxMustermann2@users.noreply.github.com> Date: Tue, 5 Jul 2022 12:08:51 +0000 Subject: [PATCH 7/8] [pool] refactor: log more if `from` in denylist --- core/tx_pool.go | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/core/tx_pool.go b/core/tx_pool.go index 818461595a..a2023e1b34 100644 --- a/core/tx_pool.go +++ b/core/tx_pool.go @@ -26,6 +26,7 @@ import ( "time" "github.com/ethereum/go-ethereum/common" + "github.com/ethereum/go-ethereum/common/hexutil" "github.com/ethereum/go-ethereum/common/prque" "github.com/ethereum/go-ethereum/event" "github.com/ethereum/go-ethereum/metrics" @@ -96,7 +97,7 @@ var ( ErrInvalidMsgForStakingDirective = errors.New("staking message does not match directive message") // ErrBlacklistFrom is returned if a transaction's from/source address is blacklisted - ErrBlacklistFrom = errors.New("`from` address of transaction in blacklist") + ErrBlacklistFrom = errors.New("`from` address of transaction in blacklist and not in allowlist") // ErrBlacklistTo is returned if a transaction's to/destination address is blacklisted ErrBlacklistTo = errors.New("`to` address of transaction in blacklist") @@ -728,18 +729,20 @@ func (pool *TxPool) validateTx(tx types.PoolTransaction, local bool) error { // Make sure transaction does not have blacklisted addresses if _, exists := (pool.config.Blacklist)[from]; exists && !inAllowedTxs { - if b32, err := hmyCommon.AddressToBech32(from); err == nil { - return errors.WithMessagef(ErrBlacklistFrom, "transaction sender is %s", b32) - } - return ErrBlacklistFrom + return errors.WithMessagef( + ErrBlacklistFrom, + "transaction sender: %s, receiver: %s, data %s", + from.Hex(), tx.To().Hex(), hexutil.Encode(tx.Data()), + ) } // Make sure transaction does not burn funds by sending funds to blacklisted address if tx.To() != nil { if _, exists := (pool.config.Blacklist)[*tx.To()]; exists { - if b32, err := hmyCommon.AddressToBech32(*tx.To()); err == nil { - return errors.WithMessagef(ErrBlacklistTo, "transaction receiver is %s with data: %x", b32, tx.Data()) - } - return ErrBlacklistTo + return errors.WithMessagef( + ErrBlacklistTo, + "transaction receiver: %s, sender: %s, data %s", + tx.To().Hex(), from.Hex(), hexutil.Encode(tx.Data()), + ) } } // Drop non-local transactions under our own minimal accepted gas price From c48d618111918a3a39ce35175b060e60fd498691 Mon Sep 17 00:00:00 2001 From: peekpi <894646171@qq.com> Date: Thu, 7 Jul 2022 12:59:21 +0800 Subject: [PATCH 8/8] reject tx if it does not pass the allowed whiltelist check --- core/tx_pool.go | 49 +++++++++++++++++++++++++++---------------------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/core/tx_pool.go b/core/tx_pool.go index a2023e1b34..a01426c1b3 100644 --- a/core/tx_pool.go +++ b/core/tx_pool.go @@ -26,7 +26,6 @@ import ( "time" "github.com/ethereum/go-ethereum/common" - "github.com/ethereum/go-ethereum/common/hexutil" "github.com/ethereum/go-ethereum/common/prque" "github.com/ethereum/go-ethereum/event" "github.com/ethereum/go-ethereum/metrics" @@ -101,6 +100,8 @@ var ( // ErrBlacklistTo is returned if a transaction's to/destination address is blacklisted ErrBlacklistTo = errors.New("`to` address of transaction in blacklist") + + ErrAllowedTxs = errors.New("transaction allowed whitelist check failed.") ) var ( @@ -721,28 +722,32 @@ func (pool *TxPool) validateTx(tx types.PoolTransaction, local bool) error { return ErrInvalidSender } - inAllowedTxs := false + // do whitelist check first, if tx not in whitelist, do blacklist check if allowedTx, exists := pool.config.AllowedTxs[from]; exists { - to := tx.To() - inAllowedTxs = to != nil && *to == allowedTx.To && bytes.Equal(tx.Data(), allowedTx.Data) - } - - // Make sure transaction does not have blacklisted addresses - if _, exists := (pool.config.Blacklist)[from]; exists && !inAllowedTxs { - return errors.WithMessagef( - ErrBlacklistFrom, - "transaction sender: %s, receiver: %s, data %s", - from.Hex(), tx.To().Hex(), hexutil.Encode(tx.Data()), - ) - } - // Make sure transaction does not burn funds by sending funds to blacklisted address - if tx.To() != nil { - if _, exists := (pool.config.Blacklist)[*tx.To()]; exists { - return errors.WithMessagef( - ErrBlacklistTo, - "transaction receiver: %s, sender: %s, data %s", - tx.To().Hex(), from.Hex(), hexutil.Encode(tx.Data()), - ) + if to := tx.To(); to == nil || *to != allowedTx.To || !bytes.Equal(tx.Data(), allowedTx.Data) { + toAddr := common.Address{} + if to != nil { + toAddr = *to + } + return errors.WithMessagef(ErrAllowedTxs, "transaction sender: %x, receiver: %x, input: %x", tx.From(), toAddr, tx.Data()) + } + } else { + // do blacklist check + // Make sure transaction does not have blacklisted addresses + if _, exists := (pool.config.Blacklist)[from]; exists { + if b32, err := hmyCommon.AddressToBech32(from); err == nil { + return errors.WithMessagef(ErrBlacklistFrom, "transaction sender is %s", b32) + } + return ErrBlacklistFrom + } + // Make sure transaction does not burn funds by sending funds to blacklisted address + if tx.To() != nil { + if _, exists := (pool.config.Blacklist)[*tx.To()]; exists { + if b32, err := hmyCommon.AddressToBech32(*tx.To()); err == nil { + return errors.WithMessagef(ErrBlacklistTo, "transaction receiver is %s with data: %x", b32, tx.Data()) + } + return ErrBlacklistTo + } } } // Drop non-local transactions under our own minimal accepted gas price