cmd, eth: Add support for `--whitelist <blocknum>=<hash>,...` flag

* Rejects peers that respond with a different hash for any of the passed in block numbers.
* Meant for emergency situations when the network forks unexpectedly.
This commit is contained in:
Ryan Schneider 2018-11-02 13:26:45 -07:00 committed by Péter Szilágyi
parent c1e3fe6b14
commit 48b70ecff1
No known key found for this signature in database
GPG Key ID: E9AE538CEDF8293D
8 changed files with 67 additions and 5 deletions

View File

@ -87,6 +87,7 @@ var (
utils.LightServFlag,
utils.LightPeersFlag,
utils.LightKDFFlag,
utils.WhitelistFlag,
utils.CacheFlag,
utils.CacheDatabaseFlag,
utils.CacheTrieFlag,

View File

@ -81,6 +81,7 @@ var AppHelpFlagGroups = []flagGroup{
utils.LightServFlag,
utils.LightPeersFlag,
utils.LightKDFFlag,
utils.WhitelistFlag,
},
},
{

View File

@ -182,6 +182,10 @@ var (
Name: "lightkdf",
Usage: "Reduce key-derivation RAM & CPU usage at some expense of KDF strength",
}
WhitelistFlag = cli.StringFlag{
Name: "whitelist",
Usage: "Comma separated block number-to-hash mappings to enforce (<number>=<hash>)",
}
// Dashboard settings
DashboardEnabledFlag = cli.BoolFlag{
Name: metrics.DashboardEnabledFlag,
@ -1072,6 +1076,34 @@ func setEthash(ctx *cli.Context, cfg *eth.Config) {
}
}
func setWhitelist(ctx *cli.Context, cfg *eth.Config) {
if ctx.GlobalIsSet(WhitelistFlag.Name) {
entries := strings.Split(ctx.String(WhitelistFlag.Name), ",")
whitelist := make(map[uint64]common.Hash)
for _, entry := range entries {
split := strings.SplitN(entry, "=", 2)
if len(split) != 2 {
Fatalf("invalid whitelist entry: %s", entry)
}
bn, err := strconv.ParseUint(split[0], 0, 64)
if err != nil {
Fatalf("Invalid whitelist block number %s: %v", split[0], err)
}
hash := common.Hash{}
err = hash.UnmarshalText([]byte(split[1]))
if err != nil {
Fatalf("Invalid whitelist hash %s: %v", split[1], err)
}
whitelist[bn] = hash
}
cfg.Whitelist = whitelist
}
}
// checkExclusive verifies that only a single instance of the provided flags was
// set by the user. Each flag might optionally be followed by a string type to
// specialize it further.
@ -1137,6 +1169,7 @@ func SetEthConfig(ctx *cli.Context, stack *node.Node, cfg *eth.Config) {
setGPO(ctx, &cfg.GPO)
setTxPool(ctx, &cfg.TxPool)
setEthash(ctx, cfg)
setWhitelist(ctx, cfg)
if ctx.GlobalIsSet(SyncModeFlag.Name) {
cfg.SyncMode = *GlobalTextMarshaler(ctx, SyncModeFlag.Name).(*downloader.SyncMode)

View File

@ -173,7 +173,7 @@ func New(ctx *node.ServiceContext, config *Config) (*Ethereum, error) {
}
eth.txPool = core.NewTxPool(config.TxPool, eth.chainConfig, eth.blockchain)
if eth.protocolManager, err = NewProtocolManager(eth.chainConfig, config.SyncMode, config.NetworkId, eth.eventMux, eth.txPool, eth.engine, eth.blockchain, chainDb); err != nil {
if eth.protocolManager, err = NewProtocolManager(eth.chainConfig, config.SyncMode, config.NetworkId, eth.eventMux, eth.txPool, eth.engine, eth.blockchain, chainDb, config.Whitelist); err != nil {
return nil, err
}

View File

@ -87,6 +87,9 @@ type Config struct {
SyncMode downloader.SyncMode
NoPruning bool
// Whitelist of required block number -> hash values to accept
Whitelist map[uint64]common.Hash `toml:"-"`
// Light client options
LightServ int `toml:",omitempty"` // Maximum percentage of time allowed for serving LES requests
LightPeers int `toml:",omitempty"` // Maximum number of LES client peers

View File

@ -17,6 +17,7 @@
package eth
import (
"bytes"
"encoding/json"
"errors"
"fmt"
@ -88,6 +89,8 @@ type ProtocolManager struct {
txsSub event.Subscription
minedBlockSub *event.TypeMuxSubscription
whitelist map[uint64]common.Hash
// channels for fetcher, syncer, txsyncLoop
newPeerCh chan *peer
txsyncCh chan *txsync
@ -101,7 +104,7 @@ type ProtocolManager struct {
// NewProtocolManager returns a new Ethereum sub protocol manager. The Ethereum sub protocol manages peers capable
// with the Ethereum network.
func NewProtocolManager(config *params.ChainConfig, mode downloader.SyncMode, networkID uint64, mux *event.TypeMux, txpool txPool, engine consensus.Engine, blockchain *core.BlockChain, chaindb ethdb.Database) (*ProtocolManager, error) {
func NewProtocolManager(config *params.ChainConfig, mode downloader.SyncMode, networkID uint64, mux *event.TypeMux, txpool txPool, engine consensus.Engine, blockchain *core.BlockChain, chaindb ethdb.Database, whitelist map[uint64]common.Hash) (*ProtocolManager, error) {
// Create the protocol manager with the base fields
manager := &ProtocolManager{
networkID: networkID,
@ -110,6 +113,7 @@ func NewProtocolManager(config *params.ChainConfig, mode downloader.SyncMode, ne
blockchain: blockchain,
chainconfig: config,
peers: newPeerSet(),
whitelist: whitelist,
newPeerCh: make(chan *peer),
noMorePeers: make(chan struct{}),
txsyncCh: make(chan *txsync),
@ -307,6 +311,16 @@ func (pm *ProtocolManager) handle(p *peer) error {
}
}()
}
// If we have any explicit whitelist block hashes, request them
for bn := range pm.whitelist {
p.Log().Debug("Requesting whitelist block", "number", bn)
if err := p.RequestHeadersByNumber(bn, 1, 0, false); err != nil {
p.Log().Error("whitelist request failed", "err", err, "number", bn, "peer", p.id)
return err
}
}
// main loop. handle incoming messages.
for {
if err := pm.handleMsg(p); err != nil {
@ -452,6 +466,16 @@ func (pm *ProtocolManager) handleMsg(p *peer) error {
// Filter out any explicitly requested headers, deliver the rest to the downloader
filter := len(headers) == 1
if filter {
// Check for any responses not matching our whitelist
if expected, ok := pm.whitelist[headers[0].Number.Uint64()]; ok {
actual := headers[0].Hash()
if !bytes.Equal(expected.Bytes(), actual.Bytes()) {
p.Log().Info("Dropping peer with non-matching whitelist block", "number", headers[0].Number.Uint64(), "hash", actual, "expected", expected)
return errors.New("whitelist block mismatch")
}
p.Log().Debug("Whitelist block verified", "number", headers[0].Number.Uint64(), "hash", expected)
}
// If it's a potential DAO fork check, validate against the rules
if p.forkDrop != nil && pm.chainconfig.DAOForkBlock.Cmp(headers[0].Number) == 0 {
// Disable the fork drop timer

View File

@ -478,7 +478,7 @@ func testDAOChallenge(t *testing.T, localForked, remoteForked bool, timeout bool
if err != nil {
t.Fatalf("failed to create new blockchain: %v", err)
}
pm, err := NewProtocolManager(config, downloader.FullSync, DefaultConfig.NetworkId, evmux, new(testTxPool), pow, blockchain, db)
pm, err := NewProtocolManager(config, downloader.FullSync, DefaultConfig.NetworkId, evmux, new(testTxPool), pow, blockchain, db, nil)
if err != nil {
t.Fatalf("failed to start test protocol manager: %v", err)
}
@ -559,7 +559,7 @@ func testBroadcastBlock(t *testing.T, totalPeers, broadcastExpected int) {
if err != nil {
t.Fatalf("failed to create new blockchain: %v", err)
}
pm, err := NewProtocolManager(config, downloader.FullSync, DefaultConfig.NetworkId, evmux, new(testTxPool), pow, blockchain, db)
pm, err := NewProtocolManager(config, downloader.FullSync, DefaultConfig.NetworkId, evmux, new(testTxPool), pow, blockchain, db, nil)
if err != nil {
t.Fatalf("failed to start test protocol manager: %v", err)
}

View File

@ -66,7 +66,7 @@ func newTestProtocolManager(mode downloader.SyncMode, blocks int, generator func
panic(err)
}
pm, err := NewProtocolManager(gspec.Config, mode, DefaultConfig.NetworkId, evmux, &testTxPool{added: newtx}, engine, blockchain, db)
pm, err := NewProtocolManager(gspec.Config, mode, DefaultConfig.NetworkId, evmux, &testTxPool{added: newtx}, engine, blockchain, db, nil)
if err != nil {
return nil, nil, err
}