Commit Graph

200 Commits

Author SHA1 Message Date
Martin HS 55b18e9bc1 cmd/geth: remove unlock commandline flag (#30737)
This is one further step towards removing account management from
`geth`. This PR deprecates the flag `unlock`, and makes the flag moot:
unlock via geth is no longer possible.
2024-11-19 14:50:11 +01:00
Martin HS 21b3400ae5 all: remove `personal` RPC namespace (#30704)
This PR is a first step towards removing account management from geth,
and contains a lot of the user-facing changes.

With this PR, the `personal` namespace disappears. **Note**: `personal`
namespace has been deprecated for quite some time (since
https://github.com/ethereum/go-ethereum/pull/26390 1 year and 8 months
ago), and users who have wanted to use it has been forced to used the
flag `--rpc.enabledeprecatedpersonal`. So I think it's fairly
non-controversial to drop it at this point.

Specifically, this means: 

- Account/wallet listing
  -`personal.getListAccounts`  
  -`personal.listAccounts`     
  -`personal.getListWallets`   
  -`personal.listWallets`      
- Lock/unlock
  -`personal.lockAccount`      
  -`personal.openWallet`       
  -`personal.unlockAccount`
- Sign ops
  -`personal.sign`             
  -`personal.sendTransaction`  
  -`personal.signTransaction`  
- Imports / inits
  -`personal.deriveAccount`    
  -`personal.importRawKey`     
  -`personal.initializeWallet` 
  -`personal.newAccount`       
  -`personal.unpair` 
- Other: 
  -`personal.ecRecover`        


The underlying keystores and account managent code is still in place,
which means that `geth --dev` still works as expected, so that e.g. the
example below still works:

```
> eth.sendTransaction({data:"0x6060", value: 1, from:eth.accounts[0]})
```	

Also, `ethkey` and `clef` are untouched. 

With the removal of `personal`, as far as I know we have no more API
methods which contain credentials, and if we want to implement
logging-capabilities of RPC ingress payload, it would be possible after
this.

---------

Co-authored-by: Felix Lange <fjl@twurst.com>
2024-11-19 14:50:11 +01:00
Péter Szilágyi b7767efed0 core, eth, node: break rawdb -> {leveldb, pebble} dependency (#30689) 2024-11-19 14:50:11 +01:00
Martin HS 7a625d3a08 build: update to golangci-lint 1.61.0 (#30587)
Changelog: https://golangci-lint.run/product/changelog/#1610 

Removes `exportloopref` (no longer needed), replaces it with
`copyloopvar` which is basically the opposite.

Also adds: 
- `durationcheck`
- `gocheckcompilerdirectives`
- `reassign`
- `mirror`
- `tenv`

---------

Co-authored-by: Marius van der Wijden <m.vanderwijden@live.de>
2024-11-19 14:50:11 +01:00
Martin HS c3f13b2a1c
node: fix flaky jwt-test (#30388)
This PR fixes a flaky jwt-test. 

The test is a jwt "from one second in the future". The test passes; the
reason for this is that the CI-system is slow, and by the time the jwt
is actually evaluated, that second has passed, and it's no longer
future.

Alternative to #30380
2024-09-04 16:15:41 +02:00
Felix Lange 6a9158bb1b
p2p/discover: improved node revalidation (#29572)
Node discovery periodically revalidates the nodes in its table by sending PING, checking
if they are still alive. I recently noticed some issues with the implementation of this
process, which can cause strange results such as nodes dropping unexpectedly, certain
nodes not getting revalidated often enough, and bad results being returned to incoming
FINDNODE queries.

In this change, the revalidation process is improved with the following logic:

- We maintain two 'revalidation lists' containing the table nodes, named 'fast' and 'slow'.
- The process chooses random nodes from each list on a randomized interval, the interval being
  faster for the 'fast' list, and performs revalidation for the chosen node.
- Whenever a node is newly inserted into the table, it goes into the 'fast' list.
  Once validation passes, it transfers to the 'slow' list. If a request fails, or the
  node changes endpoint, it transfers back into 'fast'.
- livenessChecks is incremented by one for successful checks. Unlike the old implementation,
  we will not drop the node on the first failing check. We instead quickly decay the
  livenessChecks give it another chance.
- Order of nodes in bucket doesn't matter anymore.

I am also adding a debug API endpoint to dump the node table content.

Co-authored-by: Martin HS <martin@swende.se>
2024-05-23 14:26:09 +02:00
rjl493456442 f46c878441
core/rawdb: implement in-memory freezer (#29135) 2024-04-30 11:33:22 +02:00
imalasong 0dc09da7db
all: replace path.Join with filepath.Join (#29479)
* core/rawdb: replace file.Join with filepath.Join

Signed-off-by: xiaochangbai <704566072@qq.com>

* internal/build: replace file.Join with filepath.Join

Signed-off-by: xiaochangbai <704566072@qq.com>

---------

Signed-off-by: xiaochangbai <704566072@qq.com>
2024-04-08 12:29:49 +03:00
Aaron Chen 74995bf8a1
all: use slices.Contains (#29459)
Co-authored-by: Felix Lange <fjl@twurst.com>
2024-04-06 12:05:06 +02:00
Aaron Chen 723b1e36ad
all: fix mismatched names in comments (#29348)
* all: fix mismatched names in comments

* metrics: fix mismatched name in UpdateIfGt
2024-03-26 21:01:28 +01:00
Felföldi Zsolt aadcb88675
cmd/blsync, beacon/light: beacon chain light client (#28822)
Here we add a beacon chain light client for use by geth.

Geth can now be configured to run against a beacon chain API endpoint,
without pointing a CL to it. To set this up, use the `--beacon.api` flag. Information
provided by the beacon chain is verified, i.e. geth does not blindly trust the beacon
API endpoint in this mode. The root of trust are the beacon chain 'sync committees'.

The configured beacon API endpoint must provide light client data. At this time, only
Lodestar and Nimbus provide the necessary APIs.

There is also a standalone tool, cmd/blsync, which uses the beacon chain light client
to drive any EL implementation via its engine API.

---------

Co-authored-by: Felix Lange <fjl@twurst.com>
2024-03-06 17:50:22 +01:00
Marius van der Wijden 9a0fa8093c
node: remove test which doesn't do a lot (#29159)
* node: fix test if directory already exists

* node: remove test
2024-03-05 14:52:44 +01:00
Undefinedor a6d6e8ac41
rpc: remove deprecated method "Notifier.Closed" (#29162) 2024-03-05 14:44:23 +01:00
yzb db4cf69166
all: replace fmt.Errorf() with errors.New() if no param required (#29126)
replace-fmt-errorf

Co-authored-by: yzb@example.cn <yzb@example.cn>
2024-02-29 11:56:46 +02:00
Felix Lange 69f5d5ba1f
node, rpc: add configurable HTTP request limit (#28948)
Adds a configurable HTTP request limit, and bumps the engine default
2024-02-07 21:06:38 +01:00
Delweng 386cba15b5
node: increase batch limits for auth rpc API (#27924)
This raises the JSON-RPC batch request limits significantly for the engine API endpoint.
The limits are now also hard-coded, so users won't get them wrong. I have chosen these limits:

    maximum batch items: 2000
    maximum batch response size: 250MB

While it would also be possible to disable batch limits completely for the engine API, 
I think having some limits is a good safety net against misbehaving CLs. Since this
 isn't configurable, we really want to ensure this limit will never become an issue in the
 CL/EL communication, so I set them quite high.

---------

Signed-off-by: jsvisa <delweng@gmail.com>
Co-authored-by: Felix Lange <fjl@twurst.com>
2023-08-16 15:26:49 +02:00
Curith 6ca3ef9a7b
node: fix listening on IPv6 address (#27628) (#27635) 2023-07-02 13:21:16 +02:00
Sanghee Choi acc2a2ac61
node: remove unused error return from Attach (#27450)
node: Delete the unused error from return parameters of Node.Attach() func
2023-06-14 08:24:47 -04:00
mmsqe f3314bb6df
rpc: add limit for batch request items and response size (#26681)
This PR adds server-side limits for JSON-RPC batch requests. Before this change, batches
were limited only by processing time. The server would pick calls from the batch and
answer them until the response timeout occurred, then stop processing the remaining batch
items.

Here, we are adding two additional limits which can be configured:

- the 'item limit': batches can have at most N items
- the 'response size limit': batches can contain at most X response bytes

These limits are optional in package rpc. In Geth, we set a default limit of 1000 items
and 25MB response size.

When a batch goes over the limit, an error response is returned to the client. However,
doing this correctly isn't always possible. In JSON-RPC, only method calls with a valid
`id` can be responded to. Since batches may also contain non-call messages or
notifications, the best effort thing we can do to report an error with the batch itself is
reporting the limit violation as an error for the first method call in the batch. If a batch is
too large, but contains only notifications and responses, the error will be reported with
a null `id`.

The RPC client was also changed so it can deal with errors resulting from too large
batches. An older client connected to the server code in this PR could get stuck
until the request timeout occurred when the batch is too large. **Upgrading to a version
of the RPC client containing this change is strongly recommended to avoid timeout issues.**

For some weird reason, when writing the original client implementation, @fjl worked off of
the assumption that responses could be distributed across batches arbitrarily. So for a
batch request containing requests `[A B C]`, the server could respond with `[A B C]` but
also with `[A B] [C]` or even `[A] [B] [C]` and it wouldn't make a difference to the
client.

So in the implementation of BatchCallContext, the client waited for all requests in the
batch individually. If the server didn't respond to some of the requests in the batch, the
client would eventually just time out (if a context was used).

With the addition of batch limits into the server, we anticipate that people will hit this
kind of error way more often. To handle this properly, the client now waits for a single
response batch and expects it to contain all responses to the requests.

---------

Co-authored-by: Felix Lange <fjl@twurst.com>
Co-authored-by: Martin Holst Swende <martin@swende.se>
2023-06-13 13:38:58 +02:00
Seungbae Yu a742943c78
node: fix typos in comments (#27236) 2023-05-10 10:42:55 +02:00
Delweng 8f373227ac
cmd/geth: make account commands not require datadir lock (#27084)
Makes the `geth account ... ` commands usable even if a geth-process is already executing, since the account commands do not read the chaindata, it was not required for those to use the same locking mechanism. 

---
Signed-off-by: jsvisa <delweng@gmail.com>
Co-authored-by: Martin Holst Swende <martin@swende.se>
Co-authored-by: Sina Mahmoodi <itz.s1na@gmail.com>
2023-04-27 06:57:29 -04:00
Péter Szilágyi d3ece3a07c
cmd/utils, node: switch to Pebble as the default db if none exists (#27136)
* cmd/utils, node: switch to Pebble as the default db if none exists

* node: fall back to LevelDB on platforms not supporting Pebble

* core/rawdb, node: default to Pebble at the node level

* cmd/geth: fix some tests explicitly using leveldb

* ethdb/pebble: allow double closes, makes tests simpler
2023-04-21 19:24:18 +03:00
Delweng 117530b0e6
metrics/librato: ensure resp.body closed (#26969)
This change ensures that we call Close on a http response body, in various places in the source code (mostly tests)
2023-03-27 07:44:41 -04:00
Martin Holst Swende 09a9ccdbce
core/rawdb, node: use standalone flock dependency (#26633) 2023-02-23 09:11:50 +02:00
Martin Holst Swende ed51b8c5d3
ethdb: pebble backend (64bit platforms only) (#26517)
* ethdb: use pebble

Co-authored-by: Gary Rong <garyrong0905@gmail.com>

foo

update

* apply suggested changes

* flags: go format

node: fix ddir lookup mistake

accounts/abi/bind: fix go.mod replacement for generated binding

deps: update pebble + with fix 32-bit build

* ethdb/pebble: respect max memtable size

* core/rawdb, ethdb: enable pebble on non-32bit platforms only

* core/rawdb: fix build tags, fix some review concerns

* core/rawdb: refactor methods for database opening

* core/rawdb: remove erroneous build tag

* cmd/geth: fix the flag default handling + testcase

* cmd/geth: improve testing regarding custom backends

* ethdb/pebble, deps: update pebble dependency

* core/rawdb: replace method with Open

* ethdb/pebble: several updates for pebble (#49)

* ethdb/pebble: fix size count in batch

* ethdb/pebble: disable seek compaction

* ethdb/pebble: more fixes

* ethdb, core, cmd: polish and fixes (#50)

* cmd/utils, core/rawdb, ethdb/pebble: address some review concerns

* Update flags.go

* ethdb/pebble: minor refactors

* ethdb/pebble: avoid copy on batch replay

* ethdb: fix compilation flaw

* cmd: fix test fail due to mismatching error message

* cmd/geth, node: rename backingdb to db.engine

---------

Co-authored-by: Jared Wasinger <j-wasinger@hotmail.com>
Co-authored-by: rjl493456442 <garyrong0905@gmail.com>
Co-authored-by: Péter Szilágyi <peterke@gmail.com>
2023-02-09 10:48:34 +02:00
Marius van der Wijden d0a4989a8d
cmd, eth, node: deprecate personal namespace (#26390)
* eth: cmd: deprecate personal namespace

* eth: cmd: move deprecation to node

* node: disable toml of enablepersonal

* node: disable personal on ipc as well

* Update node/node.go

Co-authored-by: Martin Holst Swende <martin@swende.se>

* console: error -> warn

* node: less roulette

---------

Co-authored-by: Martin Holst Swende <martin@swende.se>
2023-02-02 13:52:19 +02:00
Shude Li 163e996d0e
all: use http package to replace http method names (#26535) 2023-01-24 11:12:25 +02:00
Sina Mahmoodi f20eba426a
graphql, node, rpc: improve HTTP write timeout handling (#25457)
Here we add special handling for sending an error response when the write timeout of the
HTTP server is just about to expire. This is surprisingly difficult to get right, since is
must be ensured that all output is fully flushed in time, which needs support from
multiple levels of the RPC handler stack:

The timeout response can't use chunked transfer-encoding because there is no way to write
the final terminating chunk. net/http writes it when the topmost handler returns, but the
timeout will already be over by the time that happens. We decided to disable chunked
encoding by setting content-length explicitly.

Gzip compression must also be disabled for timeout responses because we don't know the
true content-length before compressing all output, i.e. compression would reintroduce
chunked transfer-encoding.
2022-12-07 14:02:14 +01:00
Sina Mahmoodi 3630cafb34
node: drop support for static & trusted node list files (#25610)
This changes the node setup to ignore datadir files

    static-nodes.json
    trusted-nodes.json

When these files are present, it an error will be printed to the log.
2022-10-12 10:50:12 +02:00
Felix Lange 9cddfe92a3
node: prevent exposing engine API on unauthenticated endpoint (#25939)
* node: prevent exposing engine API on unauthenticated endpoint

* node: improve RPC setup
2022-10-06 14:01:04 +02:00
Felix Lange 3db4a13230
node: fix lint issue in rpcstack.go (#25774) 2022-09-15 15:21:44 +02:00
Nicolas Gotchac 25b35c9728
node: fix HTTP server always force closing (#25755)
Co-authored-by: Felix Lange <fjl@twurst.com>
2022-09-14 18:37:53 +02:00
Felix Lange b628d72766
build: upgrade to go 1.19 (#25726)
This changes the CI / release builds to use the latest Go version. It also
upgrades golangci-lint to a newer version compatible with Go 1.19.

In Go 1.19, godoc has gained official support for links and lists. The
syntax for code blocks in doc comments has changed and now requires a
leading tab character. gofmt adapts comments to the new syntax
automatically, so there are a lot of comment re-formatting changes in this
PR. We need to apply the new format in order to pass the CI lint stage with
Go 1.19.

With the linter upgrade, I have decided to disable 'gosec' - it produces
too many false-positive warnings. The 'deadcode' and 'varcheck' linters
have also been removed because golangci-lint warns about them being
unmaintained. 'unused' provides similar coverage and we already have it
enabled, so we don't lose much with this change.
2022-09-10 13:25:40 +02:00
protolambda 90711efb0a
node, rpc: add JWT auth support in client (#24911)
This adds a generic mechanism for 'dial options' in the RPC client,
and also implements a specific dial option for the JWT authentication
mechanism used by the engine API. Some real tests for the server-side
authentication handling are also added.

Co-authored-by: Joshua Gutow <jgutow@optimism.io>
Co-authored-by: Felix Lange <fjl@twurst.com>
2022-09-02 17:40:41 +02:00
Felix Lange 2b6df280de
node: fix regression in TestJWT (#25635) 2022-08-30 16:41:09 +02:00
Seungbae Yu 7813b675f5
node: change JWT error status to 401 Unauthorized (#25629) 2022-08-30 15:25:02 +02:00
Justin Traglia 2c5648d891
all: fix some typos (#25551)
* Fix some typos

* Fix some mistakes

* Revert 4byte.json

* Fix an incorrect fix

* Change files to fails
2022-08-19 09:00:21 +03:00
rjl493456442 e44d6551c3
cmd, core, ethdb, node: move chain freezer one folder deeper (#25487)
* cmd, core, ethdb, node: create chain freezer in a sub folder

* core/rawdb: remove unused code

* core, ethdb, node: add AncientDatadir API back

* cmd, core: extend freezer info dump for sub-ancient-store

* core/rawdb: rework freezer inspector

* core/rawdb: address comments from Peter

* core/rawdb: fix build issue
2022-08-08 12:08:36 +03:00
Delweng 733d76a88d
node: remove noop path.Join (#25475)
Signed-off-by: Delweng <delweng@gmail.com>
2022-08-04 10:42:03 +03:00
Tristan-Wilson 9244f87dc1
node, rpc: add ReadHeaderTimeout config option (#25338)
This change makes http.Server.ReadHeaderTimeout configurable separately
from ReadTimeout for RPC servers. The default is set to the same as
ReadTimeout, which in order to cause no change in existing deployments.
2022-08-03 16:50:12 +02:00
Marius van der Wijden f26b63089a
node: set JWT expiry to 60 seconds (#25416)
* node: set JWT expiry to 60 seconds

* node: rename var
2022-07-28 09:30:50 +03:00
Delweng b196ad1c16
all: add whitespace linter (#25312)
* golangci: typo

Signed-off-by: Delweng <delweng@gmail.com>

* golangci: add whietspace

Signed-off-by: Delweng <delweng@gmail.com>

* *: rm whitesapce using golangci-lint

Signed-off-by: Delweng <delweng@gmail.com>

* cmd/puppeth: revert accidental resurrection

Co-authored-by: Péter Szilágyi <peterke@gmail.com>
2022-07-25 13:14:03 +03:00
Péter Szilágyi b53d38246e
Merge pull request #25096 from lightclient/remove-version-field
all: remove version field
2022-07-14 12:13:59 +03:00
Brion d839515434
rpc: add graceful shutdown timeout for HTTP server (#25258)
This change ensures the HTTP server will always terminate within
at most 5s, even when all connections are busy and do not become
idle.

Co-authored-by: Felix Lange <fjl@twurst.com>
2022-07-08 21:25:12 +02:00
lightclient@protonmail.com 0c6f81f888
all: remove version field from rpc.API 2022-06-27 12:39:46 +02:00
lightclient 119f955686
all: remove `public` field from `rpc.API` (#25059)
all: remove public field from rpc.API
2022-06-27 13:33:13 +03:00
lightclient 10dc5dce08
all: remove concept of public/private API definitions (#25053)
* internal/ethapi: rename PublicEthereumAPI to EthereumAPI

* eth: rename PublicEthereumAPI to EthereumAPI

* internal/ethapi: rename PublicTxPoolAPI to TxPoolAPI

* internal/ethapi: rename PublicAccountAPI to EthereumAccountAPI

* internal/ethapi: rename PrivateAccountAPI to PersonalAccountAPI

* internal/ethapi: rename PublicBlockChainAPI to BlockChainAPI

* internal/ethapi: rename PublicTransactionPoolAPI to TransactionAPI

* internal/ethapi: rename PublicDebugAPI to DebugAPI

* internal/ethapi: move PrivateDebugAPI methods to DebugAPI

* internal/ethapi: rename PublicNetAPI to NetAPI

* les: rename PrivateLightServerAPI to LightServerAPI

* les: rename PrivateLightAPI to LightAPI

* les: rename PrivateDebugAPI to DebugAPI

* les: rename PublicDownloaderAPI to DownloaderAPI

* eth,les: rename PublicFilterAPI to FilterAPI

* eth: rename PublicMinerAPI to MinerAPI

* eth: rename PublicDownloaderAPI to DownloaderAPI

* eth: move PrivateMinerAPI methods to MinerAPI

* eth: rename PrivateAdminAPI to AdminAPI

* eth: rename PublicDebugAPI to DebugAPI

* eth: move PrivateDebugAPI methods to DebugAPI

* node: rename publicAdminAPI to adminAPI

* node: move privateAdminAPI methods to adminAPI

* node: rename publicWeb3API to web3API

* eth,internal/ethapi: sync comments with previous renamings
2022-06-21 12:05:43 +03:00
Martin Holst Swende 21129ec838
node: make jwt tests less time-dependent (#25120) 2022-06-20 10:10:25 +02:00
Marius van der Wijden d78d302f3d
node: add info message when JWT secret is loaded (#25095)
Co-authored-by: Felix Lange <fjl@twurst.com>
2022-06-15 14:35:53 +02:00
Martin Holst Swende a907d7e81a
all: more linters (#24783)
This enables the following linters

- typecheck
- unused
- staticcheck
- bidichk
- durationcheck
- exportloopref
- gosec

WIth a few exceptions.

- We use a deprecated protobuf in trezor. I didn't want to mess with that, since I cannot meaningfully test any changes there.
- The deprecated TypeMux is used in a few places still, so the warning for it is silenced for now.
- Using string type in context.WithValue is apparently wrong, one should use a custom type, to prevent collisions between different places in the hierarchy of callers. That should be fixed at some point, but may require some attention.
- The warnings for using weak random generator are squashed, since we use a lot of random without need for cryptographic guarantees.
2022-06-13 16:24:45 +02:00