-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
message validation #1289
message validation #1289
Changes from 6 commits
d18d04f
25bf475
21f8ff3
9b15c6b
4d2e538
94273ca
e2aee38
bc58d42
113b00f
a61080b
5ab88eb
c60e78e
ed7f82d
abc4ae0
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,7 +12,7 @@ import ( | |
|
||
"github.com/onflow/flow-go/module" | ||
"github.com/onflow/flow-go/network/message" | ||
_ "github.com/onflow/flow-go/utils/binstat" | ||
validator "github.com/onflow/flow-go/network/validator/pubsub" | ||
) | ||
|
||
// readSubscription reads the messages coming in on the subscription and calls the given callback until | ||
|
@@ -79,26 +79,17 @@ func (r *readSubscription) receiveLoop(wg *sync.WaitGroup) { | |
return | ||
} | ||
|
||
pid, err := messageSigningID(rawMsg) | ||
if err != nil { | ||
r.log.Err(err).Msg("failed to validate peer ID of incoming message") | ||
return | ||
validatorData, ok := rawMsg.ValidatorData.(validator.ValidatorData) | ||
if !ok { | ||
r.log.Fatal().Str("raw_msg", rawMsg.String()).Msg("validator data missing") | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Not a fan of the log fatal here. This would be triggered by an independent modification of There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We can, but personally I would consider it a bug if the validator returned There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. My issue is neither with checking that the validation data is here, nor with considering this a bug. We should certainly transmit the message that "something is rotten in the state of Denmark" far and wide. My issue is with crashing the node based on the input of one (externally controlled) message. A validator that accepts without populating the data has a bug, yes, but should its impact be to lose the entire blockchain? |
||
} | ||
|
||
var msg message.Message | ||
// convert the incoming raw message payload to Message type | ||
//bs := binstat.EnterTimeVal(binstat.BinNet+":wire>1protobuf2message", int64(len(rawMsg.Data))) | ||
err = msg.Unmarshal(rawMsg.Data) | ||
//binstat.Leave(bs) | ||
if err != nil { | ||
r.log.Err(err).Str("topic_message", msg.String()).Msg("failed to unmarshal message") | ||
return | ||
} | ||
msg := validatorData.Message | ||
|
||
// log metrics | ||
r.metrics.NetworkMessageReceived(msg.Size(), msg.ChannelID, msg.Type) | ||
|
||
// call the callback | ||
r.callback(&msg, pid) | ||
r.callback(msg, validatorData.From) | ||
} | ||
} |
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package validator | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/libp2p/go-libp2p-core/peer" | ||
pubsub "github.com/libp2p/go-libp2p-pubsub" | ||
|
||
"github.com/onflow/flow-go/model/flow" | ||
"github.com/onflow/flow-go/network/message" | ||
) | ||
|
||
func StakedValidator(getIdentity func(peer.ID) (*flow.Identity, bool)) MessageValidator { | ||
return func(ctx context.Context, from peer.ID, msg *message.Message) pubsub.ValidationResult { | ||
huitseeker marked this conversation as resolved.
Show resolved
Hide resolved
|
||
if _, ok := getIdentity(from); ok { | ||
return pubsub.ValidationAccept | ||
} | ||
return pubsub.ValidationReject | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we just deprecate this, we're not removing the field and are still allowing its use.
Which means, technically, that we could still have
OriginID
claims in this field, which would still be ser/deser-ialized, and that we should still report if different from the result of the validation logic.Is it possible to just remove this field and mark the release that would include this PR as breaking? I think it's worth it.
/cc @ramtinms @vishalchangrani for advice on the Message format change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, although I'm hoping we can eventually remove all of these fields except
Payload
, and I think this is something that can wait until later and we can remove them all in one fell swoop.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK. Do we have an issue for that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not exactly, but it is part of https://github.com/dapperlabs/flow-go/issues/5847
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As long as the network layer is passing the application layer the origin ID (which we are), it doesn't matter if we remove the field now or later.