Skip to content
This repository has been archived by the owner on Mar 5, 2024. It is now read-only.

Commit

Permalink
reject poc requests txns if chainvar set
Browse files Browse the repository at this point in the history
  • Loading branch information
@andymck
andymck committed May 11, 2022
1 parent 5b74177 commit 0e3b006
Show file tree
Hide file tree
Showing 3 changed files with 73 additions and 56 deletions.
3 changes: 3 additions & 0 deletions include/blockchain_vars.hrl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,9 @@
%% from POC targets :: boolean()
-define(poc_activity_filter_enabled, poc_activity_filter_enabled).

%% If set to true, all incoming poc request txns will be rejected : boolean
-define(poc_reject_requests, poc_reject_requests).

%% Number of blocks to wait before a hotspot can be eligible to participate in a poc
%% challenge. This would avoid new hotspots getting challenged before they sync to an
%% acceptable height.
Expand Down
119 changes: 64 additions & 55 deletions src/transactions/v1/blockchain_txn_poc_request_v1.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,66 +153,76 @@ is_valid(Txn, Chain) ->
PubKey = libp2p_crypto:bin_to_pubkey(Challenger),
BaseTxn = Txn#blockchain_txn_poc_request_v1_pb{signature = <<>>},
EncodedTxn = blockchain_txn_poc_request_v1_pb:encode_msg(BaseTxn),

case blockchain_txn:validate_fields([{{secret_hash, ?MODULE:secret_hash(Txn)}, {binary, 32}},
{{onion_key_hash, ?MODULE:secret_hash(Txn)}, {binary, 32}},
{{block_hash, ?MODULE:secret_hash(Txn)}, {binary, 32}}]) of
ok ->
case libp2p_crypto:verify(EncodedTxn, ChallengerSignature, PubKey) of
false ->
{error, bad_signature};
true ->
StartFind = maybe_start_duration(),
case blockchain_ledger_v1:find_gateway_info(Challenger, Ledger) of
{error, not_found} ->
{error, missing_gateway};
{error, _Reason}=Error ->
Error;
{ok, Info} ->
StartCap = maybe_log_duration(fetch_gw, StartFind),
%% check the gateway mode to determine if its allowed to issue POC requests
Mode = blockchain_ledger_gateway_v2:mode(Info),
case blockchain_ledger_gateway_v2:is_valid_capability(Mode, ?GW_CAPABILITY_POC_CHALLENGER, Ledger) of
false -> {error, {gateway_not_allowed, blockchain_ledger_gateway_v2:mode(Info)}};
true ->
StartRest = maybe_log_duration(check_cap, StartCap),
case blockchain_ledger_gateway_v2:location(Info) of
undefined ->
lager:info("no loc for challenger: ~p ~p", [Challenger, Info]),
{error, no_gateway_location};
_Location ->
{ok, Height} = blockchain_ledger_v1:current_height(Ledger),
LastChallenge = blockchain_ledger_gateway_v2:last_poc_challenge(Info),
PoCInterval = blockchain_utils:challenge_interval(Ledger),
case LastChallenge == undefined orelse LastChallenge =< (Height+1 - PoCInterval) of
false ->
{error, too_many_challenges};
true ->
BlockHash = ?MODULE:block_hash(Txn),
case blockchain:get_block_height(BlockHash, Chain) of
{error, not_found} ->
{error, missing_challenge_block_hash};
{error, _}=Error ->
Error;
{ok, BlockHeight} ->
case (BlockHeight + PoCInterval) > (Height+1) of
false ->
{error, replaying_request};
true ->
Fee = ?MODULE:fee(Txn),
Owner = blockchain_ledger_gateway_v2:owner_address(Info),
R = blockchain_ledger_v1:check_dc_balance(Owner, Fee, Ledger),
maybe_log_duration(rest, StartRest),
R
MaybeRejectPocRequests =
case blockchain:config(?poc_reject_requests, Ledger) of
{ok, V} -> V;
_ -> false
end,
%% doh sorry for adding another case to this crazy nest but these txns are going away....
case MaybeRejectPocRequests of
false ->
case blockchain_txn:validate_fields([{{secret_hash, ?MODULE:secret_hash(Txn)}, {binary, 32}},
{{onion_key_hash, ?MODULE:secret_hash(Txn)}, {binary, 32}},
{{block_hash, ?MODULE:secret_hash(Txn)}, {binary, 32}}]) of
ok ->
case libp2p_crypto:verify(EncodedTxn, ChallengerSignature, PubKey) of
false ->
{error, bad_signature};
true ->
StartFind = maybe_start_duration(),
case blockchain_ledger_v1:find_gateway_info(Challenger, Ledger) of
{error, not_found} ->
{error, missing_gateway};
{error, _Reason}=Error ->
Error;
{ok, Info} ->
StartCap = maybe_log_duration(fetch_gw, StartFind),
%% check the gateway mode to determine if its allowed to issue POC requests
Mode = blockchain_ledger_gateway_v2:mode(Info),
case blockchain_ledger_gateway_v2:is_valid_capability(Mode, ?GW_CAPABILITY_POC_CHALLENGER, Ledger) of
false -> {error, {gateway_not_allowed, blockchain_ledger_gateway_v2:mode(Info)}};
true ->
StartRest = maybe_log_duration(check_cap, StartCap),
case blockchain_ledger_gateway_v2:location(Info) of
undefined ->
lager:info("no loc for challenger: ~p ~p", [Challenger, Info]),
{error, no_gateway_location};
_Location ->
{ok, Height} = blockchain_ledger_v1:current_height(Ledger),
LastChallenge = blockchain_ledger_gateway_v2:last_poc_challenge(Info),
PoCInterval = blockchain_utils:challenge_interval(Ledger),
case LastChallenge == undefined orelse LastChallenge =< (Height+1 - PoCInterval) of
false ->
{error, too_many_challenges};
true ->
BlockHash = ?MODULE:block_hash(Txn),
case blockchain:get_block_height(BlockHash, Chain) of
{error, not_found} ->
{error, missing_challenge_block_hash};
{error, _}=Error ->
Error;
{ok, BlockHeight} ->
case (BlockHeight + PoCInterval) > (Height+1) of
false ->
{error, replaying_request};
true ->
Fee = ?MODULE:fee(Txn),
Owner = blockchain_ledger_gateway_v2:owner_address(Info),
R = blockchain_ledger_v1:check_dc_balance(Owner, Fee, Ledger),
maybe_log_duration(rest, StartRest),
R
end
end
end
end
end
end
end
end;
Error -> Error
end;
Error -> Error
end.
true ->
{error, poc_requests_not_accepted}
end.
%%--------------------------------------------------------------------
%% @doc
%% @end
Expand Down Expand Up @@ -274,7 +284,6 @@ maybe_log_duration(Type, Start) ->
_ -> ok
end.


%% ------------------------------------------------------------------
%% EUNIT Tests
%% ------------------------------------------------------------------
Expand Down
7 changes: 6 additions & 1 deletion src/transactions/v1/blockchain_txn_vars_v1.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1036,7 +1036,12 @@ validate_var(?poc_proposal_gc_window_check, Value) ->
false -> ok;
_ -> throw({error, {poc_proposal_gc_window_check, Value}})
end;

validate_var(?poc_reject_requests, Value) ->
case Value of
true -> ok;
false -> ok;
_ -> throw({error, {poc_reject_requests, Value}})
end;
validate_var(?poc_challenge_sync_interval, Value) ->
validate_int(Value, "poc_challenge_sync_interval", 10, 1440, false);
validate_var(?poc_path_limit, undefined) ->
Expand Down

0 comments on commit 0e3b006

Please sign in to comment.