-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2701 from bnb-chain/develop
Draft release v1.4.15
- Loading branch information
Showing
38 changed files
with
800 additions
and
177 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
CVE-2024-34478 # "CWE-754: Improper Check for Unusual or Exceptional Conditions." This vulnerability is BTC only, BSC does not have the issue. | ||
CVE-2024-6104 # "CWE-532: Information Exposure Through Log Files" This is caused by the vulnerabilities [email protected], it is only used in cmd devp2p, impact is limited. will upgrade to v0.7.7 later | ||
CVE-2024-8421 # "CWE-400: Uncontrolled Resource Consumption (Resource Exhaustion)" This vulnerability is caused by issues in the golang.org/x/net package. Even the latest version(v0.29.0) has not yet addressed it, but we will continue to monitor updates closely. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
package fakebeacon | ||
|
||
import ( | ||
"context" | ||
"sort" | ||
|
||
"github.com/ethereum/go-ethereum/common" | ||
"github.com/ethereum/go-ethereum/crypto/kzg4844" | ||
"github.com/ethereum/go-ethereum/internal/ethapi" | ||
"github.com/ethereum/go-ethereum/log" | ||
"github.com/ethereum/go-ethereum/rpc" | ||
) | ||
|
||
type BlobSidecar struct { | ||
Blob kzg4844.Blob `json:"blob"` | ||
Index int `json:"index"` | ||
KZGCommitment kzg4844.Commitment `json:"kzg_commitment"` | ||
KZGProof kzg4844.Proof `json:"kzg_proof"` | ||
} | ||
|
||
type APIGetBlobSidecarsResponse struct { | ||
Data []*BlobSidecar `json:"data"` | ||
} | ||
|
||
type ReducedGenesisData struct { | ||
GenesisTime string `json:"genesis_time"` | ||
} | ||
|
||
type APIGenesisResponse struct { | ||
Data ReducedGenesisData `json:"data"` | ||
} | ||
|
||
type ReducedConfigData struct { | ||
SecondsPerSlot string `json:"SECONDS_PER_SLOT"` | ||
} | ||
|
||
type IndexedBlobHash struct { | ||
Index int // absolute index in the block, a.k.a. position in sidecar blobs array | ||
Hash common.Hash // hash of the blob, used for consistency checks | ||
} | ||
|
||
func configSpec() ReducedConfigData { | ||
return ReducedConfigData{SecondsPerSlot: "1"} | ||
} | ||
|
||
func beaconGenesis() APIGenesisResponse { | ||
return APIGenesisResponse{Data: ReducedGenesisData{GenesisTime: "0"}} | ||
} | ||
|
||
func beaconBlobSidecars(ctx context.Context, backend ethapi.Backend, slot uint64, indices []int) (APIGetBlobSidecarsResponse, error) { | ||
var blockNrOrHash rpc.BlockNumberOrHash | ||
header, err := fetchBlockNumberByTime(ctx, int64(slot), backend) | ||
if err != nil { | ||
log.Error("Error fetching block number", "slot", slot, "indices", indices) | ||
return APIGetBlobSidecarsResponse{}, err | ||
} | ||
sideCars, err := backend.GetBlobSidecars(ctx, header.Hash()) | ||
if err != nil { | ||
log.Error("Error fetching Sidecars", "blockNrOrHash", blockNrOrHash, "err", err) | ||
return APIGetBlobSidecarsResponse{}, err | ||
} | ||
sort.Ints(indices) | ||
fullBlob := len(indices) == 0 | ||
res := APIGetBlobSidecarsResponse{} | ||
idx := 0 | ||
curIdx := 0 | ||
for _, sideCar := range sideCars { | ||
for i := 0; i < len(sideCar.Blobs); i++ { | ||
//hash := kZGToVersionedHash(sideCar.Commitments[i]) | ||
if !fullBlob && curIdx >= len(indices) { | ||
break | ||
} | ||
if fullBlob || idx == indices[curIdx] { | ||
res.Data = append(res.Data, &BlobSidecar{ | ||
Index: idx, | ||
Blob: sideCar.Blobs[i], | ||
KZGCommitment: sideCar.Commitments[i], | ||
KZGProof: sideCar.Proofs[i], | ||
}) | ||
curIdx++ | ||
} | ||
idx++ | ||
} | ||
} | ||
|
||
return res, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
package fakebeacon | ||
|
||
import ( | ||
"fmt" | ||
"net/http" | ||
"net/url" | ||
"strconv" | ||
"strings" | ||
|
||
"github.com/prysmaticlabs/prysm/v5/api/server/structs" | ||
field_params "github.com/prysmaticlabs/prysm/v5/config/fieldparams" | ||
"github.com/prysmaticlabs/prysm/v5/network/httputil" | ||
) | ||
|
||
var ( | ||
versionMethod = "/eth/v1/node/version" | ||
specMethod = "/eth/v1/config/spec" | ||
genesisMethod = "/eth/v1/beacon/genesis" | ||
sidecarsMethodPrefix = "/eth/v1/beacon/blob_sidecars/{slot}" | ||
) | ||
|
||
func VersionMethod(w http.ResponseWriter, r *http.Request) { | ||
resp := &structs.GetVersionResponse{ | ||
Data: &structs.Version{ | ||
Version: "", | ||
}, | ||
} | ||
httputil.WriteJson(w, resp) | ||
} | ||
|
||
func SpecMethod(w http.ResponseWriter, r *http.Request) { | ||
httputil.WriteJson(w, &structs.GetSpecResponse{Data: configSpec()}) | ||
} | ||
|
||
func GenesisMethod(w http.ResponseWriter, r *http.Request) { | ||
httputil.WriteJson(w, beaconGenesis()) | ||
} | ||
|
||
func (s *Service) SidecarsMethod(w http.ResponseWriter, r *http.Request) { | ||
indices, err := parseIndices(r.URL) | ||
if err != nil { | ||
httputil.HandleError(w, err.Error(), http.StatusBadRequest) | ||
return | ||
} | ||
segments := strings.Split(r.URL.Path, "/") | ||
slot, err := strconv.ParseUint(segments[len(segments)-1], 10, 64) | ||
if err != nil { | ||
httputil.HandleError(w, "not a valid slot(timestamp)", http.StatusBadRequest) | ||
return | ||
} | ||
|
||
resp, err := beaconBlobSidecars(r.Context(), s.backend, slot, indices) | ||
if err != nil { | ||
httputil.HandleError(w, err.Error(), http.StatusBadRequest) | ||
return | ||
} | ||
httputil.WriteJson(w, resp) | ||
} | ||
|
||
// parseIndices filters out invalid and duplicate blob indices | ||
func parseIndices(url *url.URL) ([]int, error) { | ||
rawIndices := url.Query()["indices"] | ||
indices := make([]int, 0, field_params.MaxBlobsPerBlock) | ||
invalidIndices := make([]string, 0) | ||
loop: | ||
for _, raw := range rawIndices { | ||
ix, err := strconv.Atoi(raw) | ||
if err != nil { | ||
invalidIndices = append(invalidIndices, raw) | ||
continue | ||
} | ||
if ix >= field_params.MaxBlobsPerBlock { | ||
invalidIndices = append(invalidIndices, raw) | ||
continue | ||
} | ||
for i := range indices { | ||
if ix == indices[i] { | ||
continue loop | ||
} | ||
} | ||
indices = append(indices, ix) | ||
} | ||
|
||
if len(invalidIndices) > 0 { | ||
return nil, fmt.Errorf("requested blob indices %v are invalid", invalidIndices) | ||
} | ||
return indices, nil | ||
} |
Oops, something went wrong.