New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multikey peer authentication sender integration #4394
Multikey peer authentication sender integration #4394
Conversation
Codecov Report
@@ Coverage Diff @@
## feat/multisigner #4394 +/- ##
====================================================
+ Coverage 73.69% 73.71% +0.01%
====================================================
Files 681 683 +2
Lines 87093 87268 +175
====================================================
+ Hits 64187 64333 +146
- Misses 18051 18072 +21
- Partials 4855 4863 +8
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
keysManagement/interface.go
Outdated
|
||
// P2PIdentityGenerator defines the operations of an entity that can generate P2P identities | ||
type P2PIdentityGenerator interface { | ||
CreateRandomP2PIdentity() ([]byte, core.PeerID, error) | ||
IsInterfaceNil() bool | ||
} | ||
|
||
// KeysHolder defines the operations of an entity that holds virtual identities for a node |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this has to be moved where it is used: example: heartbeat package
keysManagement/peerInfo.go
Outdated
@@ -15,6 +16,10 @@ type peerInfo struct { | |||
nodeName string | |||
nodeIdentity string | |||
|
|||
mutPeerAuthenticationData sync.RWMutex |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can remove this sync.RWMutex and use instead the mutChangeableData instance for both isValidator and nextPeerAuthenticationTime
@@ -285,6 +286,54 @@ func (holder *virtualPeersHolder) IsPidManagedByCurrentNode(pid core.PeerID) boo | |||
return found | |||
} | |||
|
|||
// IsKeyValidator returns true if the key validator status was set to true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
missing unit tests for these 4 functions
|
||
data, isHardforkTriggered, err := sender.prepareMessage([]byte(pk), sk) | ||
if err != nil { | ||
setTimeErr := sender.keysHolder.SetNextPeerAuthenticationTime(pkBytes, currentTimeStamp.Add(sender.timeBetweenSendsWhenError)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
in order to simplify the logic, we can make the SetNextPeerAuthenticationTime not output an error, and just ignore the call if the set method did not find the provided public key bytes
if isHardforkTriggered { | ||
nextTimeStamp := currentTimeStamp.Add(sender.computeRandomDuration(sender.hardforkTimeBetweenSends)) | ||
setTimeErr := sender.keysHolder.SetNextPeerAuthenticationTime(pkBytes, nextTimeStamp) | ||
if setTimeErr != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
also here, we can simplify the logic
return fmt.Errorf("%w while seting next peer authentication time", setTimeErr) | ||
} | ||
|
||
setValidatorErr := sender.keysHolder.SetValidatorState(pkBytes, true) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this function can also be simplified
} | ||
isValidatorNow, shardID := sender.getIsValidatorStatusAndShardID(pkBytes) | ||
isHardforkSource := sender.isHardforkSource(pkBytes) | ||
oldIsValidator, err := sender.keysHolder.IsKeyValidator(pkBytes) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this can output only false if the provided key does not belong to this node
} | ||
|
||
func (sender *multikeyPeerAuthenticationSender) sendData(index int, pkBytes []byte, data []byte, isHardforkTriggered bool) { | ||
go func() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
as seen in the next heartbeat sender implementation, we can drop the usage of the go async call and the usage of the index value and just start the call with a fixed time.Sleep call.
This will prevent launching more go routines & should simplify the testing procedure with virtually no drawback.
Pubkey: pkBytes, | ||
} | ||
|
||
hardforkPayload, isTriggered := sender.getHardforkPayload() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this function contains a lot of duplicated code with the original peerAuthenticationSender implementation. Can we extract duplicated code as seen in the heartbeat sender future implementation?
senderInstance, _ := newMultikeyPeerAuthenticationSender(args) | ||
senderInstance.Execute() | ||
|
||
time.Sleep(time.Second * 2) // allow the go routines to finish |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if we remove the go routines all these waits should be removed.
p2pSkBytes []byte, | ||
pidBytes []byte, | ||
) ([]byte, bool, error) { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove first empty line
|
||
p2pSk, pid, err := sender.keysHolder.GetP2PIdentity(pkBytes) | ||
if err != nil { | ||
log.Error("could not get identity for pk", "pk", hex.EncodeToString(pkBytes)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
log the error as well
|
||
nextTimeToCheck, err := sender.keysHolder.GetNextPeerAuthenticationTime(pkBytes) | ||
if err != nil { | ||
log.Error("could not get next peer authentication time for pk", "pk", hex.EncodeToString(pkBytes)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
log the error as well
heartbeat/interface.go
Outdated
@@ -16,8 +16,10 @@ import ( | |||
// P2PMessenger defines a subset of the p2p.Messenger interface | |||
type P2PMessenger interface { | |||
Broadcast(topic string, buff []byte) | |||
BroadcastWithSk(topic string, buff []byte, pid core.PeerID, skBytes []byte) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we raname this into BroadcastUsingSk
(or BroadcastSigningWithSk
)? I know that the naming convention follows libp2p's PublishWithSk
but I find it very misleading, I really thought we were sending the sk over the wire. (SendableData
having an SK member doesn't help either :)) @iulianpascalau thoughts?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
right, let's rename to BroadcastWithPrivateKey
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
pushed
heartbeat/interface.go
Outdated
ID() core.PeerID | ||
Sign(payload []byte) ([]byte, error) | ||
SignWithPrivateKey(skBytes []byte, payload []byte) ([]byte, error) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe also follow the naming convention above (either abbreviation of secret key, or private key)
Description of the reasoning behind the pull request (what feature was missing / how the problem was manifesting itself / what was the motive behind the refactoring)
Proposed Changes
Testing procedure