all: on-chain oracle checkpoint syncing (#19543)
* all: implement simple checkpoint syncing cmd, les, node: remove callback mechanism cmd, node: remove callback definition les: simplify the registrar les: expose checkpoint rpc services in the light client les, light: don't store untrusted receipt cmd, contracts, les: discard stale checkpoint cmd, contracts/registrar: loose restriction of registeration cmd, contracts: add replay-protection all: off-chain multi-signature contract params: deploy checkpoint contract for rinkeby cmd/registrar: add raw signing mode for registrar cmd/registrar, contracts/registrar, les: fixed messages * cmd/registrar, contracts/registrar: fix lints * accounts/abi/bind, les: address comments * cmd, contracts, les, light, params: minor checkpoint sync cleanups * cmd, eth, les, light: move checkpoint config to config file * cmd, eth, les, params: address comments * eth, les, params: address comments * cmd: polish up the checkpoint admin CLI * cmd, contracts, params: deploy new version contract * cmd/checkpoint-admin: add another flag for clef mode signing * cmd, contracts, les: rename and regen checkpoint oracle with abigen
This commit is contained in:
gary rong
committed by
Péter Szilágyi
Péter Szilágyi
parent
702f52fb99
commit
f7cdea2bdc
335
cmd/checkpoint-admin/exec.go
Normal file
335
cmd/checkpoint-admin/exec.go
Normal file
@ -0,0 +1,335 @@
|
||||
// Copyright 2018 The go-ethereum Authors
|
||||
// This file is part of go-ethereum.
|
||||
//
|
||||
// go-ethereum is free software: you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License as published by
|
||||
// the Free Software Foundation, either version 3 of the License, or
|
||||
// (at your option) any later version.
|
||||
//
|
||||
// go-ethereum is distributed in the hope that it will be useful,
|
||||
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
// GNU General Public License for more details.
|
||||
//
|
||||
// You should have received a copy of the GNU General Public License
|
||||
// along with go-ethereum. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"encoding/binary"
|
||||
"fmt"
|
||||
"math/big"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/ethereum/go-ethereum/accounts"
|
||||
"github.com/ethereum/go-ethereum/accounts/abi/bind"
|
||||
"github.com/ethereum/go-ethereum/cmd/utils"
|
||||
"github.com/ethereum/go-ethereum/common"
|
||||
"github.com/ethereum/go-ethereum/common/hexutil"
|
||||
"github.com/ethereum/go-ethereum/contracts/checkpointoracle"
|
||||
"github.com/ethereum/go-ethereum/contracts/checkpointoracle/contract"
|
||||
"github.com/ethereum/go-ethereum/crypto"
|
||||
"github.com/ethereum/go-ethereum/ethclient"
|
||||
"github.com/ethereum/go-ethereum/log"
|
||||
"github.com/ethereum/go-ethereum/params"
|
||||
"github.com/ethereum/go-ethereum/rpc"
|
||||
"gopkg.in/urfave/cli.v1"
|
||||
)
|
||||
|
||||
var commandDeploy = cli.Command{
|
||||
Name: "deploy",
|
||||
Usage: "Deploy a new checkpoint oracle contract",
|
||||
Flags: []cli.Flag{
|
||||
nodeURLFlag,
|
||||
clefURLFlag,
|
||||
signersFlag,
|
||||
thresholdFlag,
|
||||
keyFileFlag,
|
||||
utils.PasswordFileFlag,
|
||||
},
|
||||
Action: utils.MigrateFlags(deploy),
|
||||
}
|
||||
|
||||
var commandSign = cli.Command{
|
||||
Name: "sign",
|
||||
Usage: "Sign the checkpoint with the specified key",
|
||||
Flags: []cli.Flag{
|
||||
nodeURLFlag,
|
||||
clefURLFlag,
|
||||
indexFlag,
|
||||
hashFlag,
|
||||
oracleFlag,
|
||||
keyFileFlag,
|
||||
signerFlag,
|
||||
utils.PasswordFileFlag,
|
||||
},
|
||||
Action: utils.MigrateFlags(sign),
|
||||
}
|
||||
|
||||
var commandPublish = cli.Command{
|
||||
Name: "publish",
|
||||
Usage: "Publish a checkpoint into the oracle",
|
||||
Flags: []cli.Flag{
|
||||
nodeURLFlag,
|
||||
indexFlag,
|
||||
signaturesFlag,
|
||||
keyFileFlag,
|
||||
utils.PasswordFileFlag,
|
||||
},
|
||||
Action: utils.MigrateFlags(publish),
|
||||
}
|
||||
|
||||
// deploy deploys the checkpoint registrar contract.
|
||||
//
|
||||
// Note the network where the contract is deployed depends on
|
||||
// the network where the connected node is located.
|
||||
func deploy(ctx *cli.Context) error {
|
||||
// Gather all the addresses that should be permitted to sign
|
||||
var addrs []common.Address
|
||||
for _, account := range strings.Split(ctx.String(signersFlag.Name), ",") {
|
||||
if trimmed := strings.TrimSpace(account); !common.IsHexAddress(trimmed) {
|
||||
utils.Fatalf("Invalid account in --signers: '%s'", trimmed)
|
||||
}
|
||||
addrs = append(addrs, common.HexToAddress(account))
|
||||
}
|
||||
// Retrieve and validate the signing threshold
|
||||
needed := ctx.Int(thresholdFlag.Name)
|
||||
if needed == 0 || needed > len(addrs) {
|
||||
utils.Fatalf("Invalid signature threshold %d", needed)
|
||||
}
|
||||
// Print a summary to ensure the user understands what they're signing
|
||||
fmt.Printf("Deploying new checkpoint oracle:\n\n")
|
||||
for i, addr := range addrs {
|
||||
fmt.Printf("Admin %d => %s\n", i+1, addr.Hex())
|
||||
}
|
||||
fmt.Printf("\nSignatures needed to publish: %d\n", needed)
|
||||
|
||||
// Retrieve the private key, create an abigen transactor and an RPC client
|
||||
transactor := bind.NewKeyedTransactor(getKey(ctx).PrivateKey)
|
||||
client := newClient(ctx)
|
||||
|
||||
// Deploy the checkpoint oracle
|
||||
oracle, tx, _, err := contract.DeployCheckpointOracle(transactor, client, addrs, big.NewInt(int64(params.CheckpointFrequency)),
|
||||
big.NewInt(int64(params.CheckpointProcessConfirmations)), big.NewInt(int64(needed)))
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to deploy checkpoint oracle %v", err)
|
||||
}
|
||||
log.Info("Deployed checkpoint oracle", "address", oracle, "tx", tx.Hash().Hex())
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// sign creates the signature for specific checkpoint
|
||||
// with local key. Only contract admins have the permission to
|
||||
// sign checkpoint.
|
||||
func sign(ctx *cli.Context) error {
|
||||
var (
|
||||
offline bool // The indicator whether we sign checkpoint by offline.
|
||||
chash common.Hash
|
||||
cindex uint64
|
||||
address common.Address
|
||||
|
||||
node *rpc.Client
|
||||
oracle *checkpointoracle.CheckpointOracle
|
||||
)
|
||||
if !ctx.GlobalIsSet(nodeURLFlag.Name) {
|
||||
// Offline mode signing
|
||||
offline = true
|
||||
if !ctx.IsSet(hashFlag.Name) {
|
||||
utils.Fatalf("Please specify the checkpoint hash (--hash) to sign in offline mode")
|
||||
}
|
||||
chash = common.HexToHash(ctx.String(hashFlag.Name))
|
||||
|
||||
if !ctx.IsSet(indexFlag.Name) {
|
||||
utils.Fatalf("Please specify checkpoint index (--index) to sign in offline mode")
|
||||
}
|
||||
cindex = ctx.Uint64(indexFlag.Name)
|
||||
|
||||
if !ctx.IsSet(oracleFlag.Name) {
|
||||
utils.Fatalf("Please specify oracle address (--oracle) to sign in offline mode")
|
||||
}
|
||||
address = common.HexToAddress(ctx.String(oracleFlag.Name))
|
||||
} else {
|
||||
// Interactive mode signing, retrieve the data from the remote node
|
||||
node = newRPCClient(ctx.GlobalString(nodeURLFlag.Name))
|
||||
|
||||
checkpoint := getCheckpoint(ctx, node)
|
||||
chash = checkpoint.Hash()
|
||||
cindex = checkpoint.SectionIndex
|
||||
address = getContractAddr(node)
|
||||
|
||||
// Check the validity of checkpoint
|
||||
reqCtx, cancelFn := context.WithTimeout(context.Background(), 10*time.Second)
|
||||
defer cancelFn()
|
||||
|
||||
head, err := ethclient.NewClient(node).HeaderByNumber(reqCtx, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
num := head.Number.Uint64()
|
||||
if num < ((cindex+1)*params.CheckpointFrequency + params.CheckpointProcessConfirmations) {
|
||||
utils.Fatalf("Invalid future checkpoint")
|
||||
}
|
||||
_, oracle = newContract(node)
|
||||
latest, _, h, err := oracle.Contract().GetLatestCheckpoint(nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if cindex < latest {
|
||||
utils.Fatalf("Checkpoint is too old")
|
||||
}
|
||||
if cindex == latest && (latest != 0 || h.Uint64() != 0) {
|
||||
utils.Fatalf("Stale checkpoint, latest registered %d, given %d", latest, cindex)
|
||||
}
|
||||
}
|
||||
var (
|
||||
signature string
|
||||
signer string
|
||||
)
|
||||
// isAdmin checks whether the specified signer is admin.
|
||||
isAdmin := func(addr common.Address) error {
|
||||
signers, err := oracle.Contract().GetAllAdmin(nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
for _, s := range signers {
|
||||
if s == addr {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
return fmt.Errorf("signer %v is not the admin", addr.Hex())
|
||||
}
|
||||
// Print to the user the data thy are about to sign
|
||||
fmt.Printf("Oracle => %s\n", address.Hex())
|
||||
fmt.Printf("Index %4d => %s\n", cindex, chash.Hex())
|
||||
|
||||
switch {
|
||||
case ctx.GlobalIsSet(clefURLFlag.Name):
|
||||
// Sign checkpoint in clef mode.
|
||||
signer = ctx.String(signerFlag.Name)
|
||||
|
||||
if !offline {
|
||||
if err := isAdmin(common.HexToAddress(signer)); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
clef := newRPCClient(ctx.GlobalString(clefURLFlag.Name))
|
||||
p := make(map[string]string)
|
||||
buf := make([]byte, 8)
|
||||
binary.BigEndian.PutUint64(buf, cindex)
|
||||
p["address"] = address.Hex()
|
||||
p["message"] = hexutil.Encode(append(buf, chash.Bytes()...))
|
||||
if err := clef.Call(&signature, "account_signData", accounts.MimetypeDataWithValidator, signer, p); err != nil {
|
||||
utils.Fatalf("Failed to sign checkpoint, err %v", err)
|
||||
}
|
||||
case ctx.GlobalIsSet(keyFileFlag.Name):
|
||||
// Sign checkpoint in raw private key file mode.
|
||||
key := getKey(ctx)
|
||||
signer = key.Address.Hex()
|
||||
|
||||
if !offline {
|
||||
if err := isAdmin(key.Address); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
sig, err := crypto.Sign(sighash(cindex, address, chash), key.PrivateKey)
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to sign checkpoint, err %v", err)
|
||||
}
|
||||
sig[64] += 27 // Transform V from 0/1 to 27/28 according to the yellow paper
|
||||
signature = common.Bytes2Hex(sig)
|
||||
default:
|
||||
utils.Fatalf("Please specify clef URL or private key file path to sign checkpoint")
|
||||
}
|
||||
fmt.Printf("Signer => %s\n", signer)
|
||||
fmt.Printf("Signature => %s\n", signature)
|
||||
return nil
|
||||
}
|
||||
|
||||
// sighash calculates the hash of the data to sign for the checkpoint oracle.
|
||||
func sighash(index uint64, oracle common.Address, hash common.Hash) []byte {
|
||||
buf := make([]byte, 8)
|
||||
binary.BigEndian.PutUint64(buf, index)
|
||||
|
||||
data := append([]byte{0x19, 0x00}, append(oracle[:], append(buf, hash[:]...)...)...)
|
||||
return crypto.Keccak256(data)
|
||||
}
|
||||
|
||||
// ecrecover calculates the sender address from a sighash and signature combo.
|
||||
func ecrecover(sighash []byte, sig []byte) common.Address {
|
||||
sig[64] -= 27
|
||||
defer func() { sig[64] += 27 }()
|
||||
|
||||
signer, err := crypto.SigToPub(sighash, sig)
|
||||
if err != nil {
|
||||
utils.Fatalf("Failed to recover sender from signature %x: %v", sig, err)
|
||||
}
|
||||
return crypto.PubkeyToAddress(*signer)
|
||||
}
|
||||
|
||||
// publish registers the specified checkpoint which generated by connected node
|
||||
// with a authorised private key.
|
||||
func publish(ctx *cli.Context) error {
|
||||
// Print the checkpoint oracle's current status to make sure we're interacting
|
||||
// with the correct network and contract.
|
||||
status(ctx)
|
||||
|
||||
// Gather the signatures from the CLI
|
||||
var sigs [][]byte
|
||||
for _, sig := range strings.Split(ctx.String(signaturesFlag.Name), ",") {
|
||||
trimmed := strings.TrimPrefix(strings.TrimSpace(sig), "0x")
|
||||
if len(trimmed) != 130 {
|
||||
utils.Fatalf("Invalid signature in --signature: '%s'", trimmed)
|
||||
} else {
|
||||
sigs = append(sigs, common.Hex2Bytes(trimmed))
|
||||
}
|
||||
}
|
||||
// Retrieve the checkpoint we want to sign to sort the signatures
|
||||
var (
|
||||
client = newRPCClient(ctx.GlobalString(nodeURLFlag.Name))
|
||||
addr, oracle = newContract(client)
|
||||
checkpoint = getCheckpoint(ctx, client)
|
||||
sighash = sighash(checkpoint.SectionIndex, addr, checkpoint.Hash())
|
||||
)
|
||||
for i := 0; i < len(sigs); i++ {
|
||||
for j := i + 1; j < len(sigs); j++ {
|
||||
signerA := ecrecover(sighash, sigs[i])
|
||||
signerB := ecrecover(sighash, sigs[j])
|
||||
if bytes.Compare(signerA.Bytes(), signerB.Bytes()) > 0 {
|
||||
sigs[i], sigs[j] = sigs[j], sigs[i]
|
||||
}
|
||||
}
|
||||
}
|
||||
// Retrieve recent header info to protect replay attack
|
||||
reqCtx, cancelFn := context.WithTimeout(context.Background(), 10*time.Second)
|
||||
defer cancelFn()
|
||||
|
||||
head, err := ethclient.NewClient(client).HeaderByNumber(reqCtx, nil)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
num := head.Number.Uint64()
|
||||
recent, err := ethclient.NewClient(client).HeaderByNumber(reqCtx, big.NewInt(int64(num-128)))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// Print a summary of the operation that's going to be performed
|
||||
fmt.Printf("Publishing %d => %s:\n\n", checkpoint.SectionIndex, checkpoint.Hash().Hex())
|
||||
for i, sig := range sigs {
|
||||
fmt.Printf("Signer %d => %s\n", i+1, ecrecover(sighash, sig).Hex())
|
||||
}
|
||||
fmt.Println()
|
||||
fmt.Printf("Sentry number => %d\nSentry hash => %s\n", recent.Number, recent.Hash().Hex())
|
||||
|
||||
// Publish the checkpoint into the oracle
|
||||
tx, err := oracle.RegisterCheckpoint(getKey(ctx).PrivateKey, checkpoint.SectionIndex, checkpoint.Hash().Bytes(), recent.Number, recent.Hash(), sigs)
|
||||
if err != nil {
|
||||
utils.Fatalf("Register contract failed %v", err)
|
||||
}
|
||||
log.Info("Successfully registered checkpoint", "tx", tx.Hash().Hex())
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user