diff --git a/.env.example b/.env.example index bd2f870..06ec4cd 100644 --- a/.env.example +++ b/.env.example @@ -1,15 +1,3 @@ # Use a custom docker image name # Default: quilibrium QUILIBRIUM_IMAGE_NAME= - -# Use a custom P2P port. -# Default: 8336 -QUILIBRIUM_P2P_PORT= - -# Use a custom gRPC port. -# Default: 8337 -QUILIBRIUM_GRPC_PORT= - -# Use a custom REST port. -# Default: 8338 -QUILIBRIUM_REST_PORT= diff --git a/DOCKER-README.md b/DOCKER-README.md index 9b7ed97..af2159d 100644 --- a/DOCKER-README.md +++ b/DOCKER-README.md @@ -1,81 +1,37 @@ # Quilibrium Docker Instructions -## WARNING - -> [!WARNING] -> The Quilibrium docker container requires host configuration changes. - -There are extreme buffering requirements, especially during sync, and these in turn require `sysctl` -configuration changes that unfortunately are not supported by Docker. But if these changes are made on -the host machine, then luckily containers seem to automatically have the larger buffers. - -The buffer related `sysctl` settings are `net.core.rmem_max` and `net.core.wmem_max` and they both -should be set to `600,000,000` bytes. This value allows pre-buffering of the entire maximum payload -for sync. - -You can tell that the buffer size is not large enough by noticing this log entry at beginning when -Quilibrium starts, a few lines below the large logo: -> failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). -> See https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes for details. - -To read the currently set values: -```shell -sysctl -n net.core.rmem_max -sysctl -n net.core.wmem_max -``` - -To set new values, this is not a persistent change: -```shell -sudo sysctl -w net.core.rmem_max=600000000 -sudo sysctl -w net.core.wmem_max=600000000 -``` - -To persistently set the new values add a configuration file named `20-quilibrium.conf` to -`/etc/sysctl.d/`. The file content should be: -``` -# Quilibrium buffering requirements, especially during sync. -# The value could be as low as 26214400, but everything would be slower. - -net.core.rmem_max = 600000000 -net.core.wmem_max = 600000000 -``` - - ## Build -The only requirements are `git` (to checkout the repository) and docker (to build the image and run the container). +The only requirements are `git` (to checkout the repository) and docker (to build the image). Golang does not have to be installed, the docker image build process uses a build stage that provides the correct Go environment and compiles the node down to one command. In the repository root folder, where the [Dockerfile](Dockerfile) file is, build the docker image: ```shell -docker build --build-arg GIT_COMMIT=$(git log -1 --format=%h) -t quilibrium -t quilibrium:1.4.2 . +docker build --build-arg GIT_COMMIT=$(git log -1 --format=%h) -t quilibrium -t quilibrium:1.4.16 . ``` -Use latest version instead of `1.4.2`. +Use latest version instead of `1.4.16`. -> [!TIP] -> You can use the `task build` command instead. See the [Task](#task) section below. - -The image that is built is light and safe. It is based on Alpine Linux with the Quilibrium node binary, not the +The image that is built is light and safe. It is based on Alpine Linux with the Quilibrium node binary, no source code, nor the Go development environment. The image also has the `grpcurl` tool that can be used to query the gRPC interface. ### Task -You can also use the [Task](https://taskfile.dev/) tool, it a simple build tool that takes care of extracting -parameters, building the image and running the container. The tasks are all defined in [Taskfile.yaml](Taskfile.yaml). +You can also use the [Task](https://taskfile.dev/) tool, it is a simple build tool that takes care of extracting +parameters and building the image. The tasks are all defined in [Taskfile.yaml](Taskfile.yaml). You can optionally create an `.env` file, in the same repository root folder to override specific parameters. Right now only one optional env var is supported and that is `QUILIBRIUM_IMAGE_NAME`, if you want to change the default -image name from `quilibrium` to something else. If you are pushing your images to Github then you have to follow the -Github naming convention and use a name like `ghcr.io/mscurtescu/ceremonyclient`. +image name from `quilibrium` to something else. If you are pushing your images to GitHub then you have to follow the +GitHub naming convention and use a name like `ghcr.io/mscurtescu/ceremonyclient`. -Bellow there are example interaction with `Task`. +Bellow there are example interactions with `Task`. The node version is extracted from [node/main.go](node/main.go). This version string is used to tag the image. The git -repo, branch and commit are read throught the `git` command and depend on the current state of your working -directory (one what branch and at what commit you are). These last three values are used to label the image. +repo, branch and commit are read through the `git` command and depend on the current state of your working +directory (on what branch and at what commit you are). These last three values are used to label the image. List tasks: ```shell @@ -94,134 +50,4 @@ task build ## Run -You can run Quilibrium on the same machine where you built the image, from the same repository root -folder where [docker-compose.yml](docker-compose.yml) is. - -You can also copy `docker-compose.yml` to a new folder on a server and run it there. In this case you -have to have a way to push your image to a Docker image repo and then pull that image on the server. -Github offers such an image repo and a way to push and pull images using special authentication -tokens. See -[Working with the Container registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry). - -Run Quilibrium in a container: -```shell -docker compose up -d -``` - -> [!TIP] -> You can alternatively use the `task up` command. See the [Task](#task-1) section above. - -A `.config/` subfolder will be created under the current folder, this is mapped inside the container. -Make sure you backup `config.yml` and `keys.yml`. - -### Task - -Similarly to building the image you can also use `Task`. - -Start the container through docker compose: -```shell -task up -``` - -Show the logs through docker compose: -```shell -task logs -``` - -Drop into a shell inside the running container: -```shell -task shell -``` - -Stop the running container(s): -```shell -task down -``` - -Backup the critical configuration: -```shell -task backup -``` - -The above command will create a `backup.tar.gz` archive in the current folder, you still have to copy this -file from the server into a safe location. The command adds the `config.yml` and `keys.yml` files from -the `.config/` subfolder to the archive, with the ownership of the current user. - -### Resource management -To ensure that your client performs optimally within a specific resource configuration, you can specify -resource limits and reservations in the node configuration as illustrated below. - -This configuration helps in deploying the client with controlled resource usage, such as CPU and memory, -to avoid overconsumption of resources in your environment. - -The [docker-compose.yml](docker-compose.yml) file already specifies resources following the currently -recommended hardware requirements. - -```yaml -services: - node: - # Some other configuration sections here - deploy: - resources: - limits: - cpus: '4' # Maximum CPU count that the container can use - memory: '16G' # Maximum memory that the container can use - reservations: - cpus: '2' # CPU count that the container initially requests - memory: '8G' # Memory that the container initially request -``` - - -### Customizing docker-compose.yml - -If you want to change certain parameters in [docker-compose.yml](docker-compose.yml) it is better not -to edit the file directly as new versions pushed through git would overwrite your changes. A more -flexible solution is to create another file called `docker-compose.override.yml` right next to it -and specifying the necessary overriding changes there. - -For example: -```yaml -services: - node: - image: ghcr.io/mscurtescu/ceremonyclient - restart: on-failure:7 -``` - -The above will override the image name and also the restart policy. - -To check if your overrides are being picked up run the following command: -```shell -docker compose config -``` - -This will output the merged and canonical compose file that will be used to run the container(s). - - -## Interact with a running container - -Drop into a shell inside a running container: -```shell -docker compose exec -it node sh -``` - -Watch the logs: -```shell -docker compose logs -f -``` - -Get the node related info (peer id, version, max frame and balance): -```shell -docker compose exec node node -node-info -``` - -Run the DB console: -```shell -docker compose exec node node -db-console -``` - -Run the Quilibrium client: -```shell -docker compose exec node qclient help -docker compose exec node qclient token help -docker compose exec node qclient token balance -``` \ No newline at end of file +In order to run a Quilibrium node using the docker image follow the instructions in the [docker](docker) subfolder. diff --git a/Dockerfile b/Dockerfile index 1cfbdc3..42fa039 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,8 +36,6 @@ LABEL org.opencontainers.image.revision=$GIT_COMMIT COPY --from=build /go/bin/node /usr/local/bin COPY --from=build /go/bin/grpcurl /usr/local/bin -COPY --from=build /opt/ceremonyclient/node/ceremony.json /root -COPY --from=build /opt/ceremonyclient/node/retroactive_peers.json /root COPY --from=build /opt/ceremonyclient/client/qclient /usr/local/bin WORKDIR /root diff --git a/Taskfile.yaml b/Taskfile.yaml index 07bdfcd..a2de09e 100644 --- a/Taskfile.yaml +++ b/Taskfile.yaml @@ -8,8 +8,6 @@ dotenv: vars: VERSION: sh: cat node/config/version.go | grep -A 1 "func GetVersion() \[\]byte {" | grep -Eo '0x[0-9a-fA-F]+' | xargs printf "%d.%d.%d" - PROJECT_NAME: quilibrium - SERVICE_NAME: node GIT_REPO: sh: git config --get remote.origin.url | sed 's/\.git$//' GIT_BRANCH: @@ -46,54 +44,6 @@ tasks: ${QUILIBRIUM_IMAGE_NAME:-quilibrium}:{{.VERSION}} \ >/dev/null 2>/dev/null - up: - desc: Run a new Quilibrium container, through docker compose. - cmds: - - docker compose up -d - - down: - desc: Take down the Quilibrium container, through docker compose. - cmds: - - docker compose down - - shell: - desc: Drop into a shell inside the running container. - cmds: - - docker compose exec -it {{.SERVICE_NAME}} sh - - logs: - desc: Print the logs of the running Quilibrium container. - cmds: - - docker compose logs -f - - logs-folder: - desc: Show where Docker stores the logs for the Quilibrium node. You need root permissions to access the folder. - cmds: - - "docker container inspect {{.PROJECT_NAME}}-{{.SERVICE_NAME}}-1 | grep LogPath | cut -d : -f 2 | cut -d '\"' -f 2 | xargs dirname" - - backup: - desc: Create a backup file with the critical configuration files. - prompt: You will be prompted for root access. Make sure you verify the generated backup file. Continue? - sources: - - '.config/config.yml' - - '.config/keys.yml' - outputs: - - 'backup.tar.gz' - cmds: - - | - export TMP_DIR=$(mktemp -d) - export TASK_DIR=$(pwd) - sudo cp .config/config.yml $TMP_DIR - sudo cp .config/keys.yml $TMP_DIR - sudo chown $(whoami):$(id -gn) $TMP_DIR/* - cd $TMP_DIR - tar -czf $TASK_DIR/backup.tar.gz * - cd $TASK_DIR - sudo rm -rf $TMP_DIR - echo "Backup saved to: backup.tar.gz" - echo "Do not assume you have a backup unless you verify it!!!" - silent: true - github:login: desc: Login to GitHub container registry. cmds: diff --git a/docker/.env.example b/docker/.env.example new file mode 100644 index 0000000..f7337ca --- /dev/null +++ b/docker/.env.example @@ -0,0 +1,18 @@ +# Use a custom docker image name +# Default: quilibrium +QUILIBRIUM_IMAGE_NAME= + +# Use a custom P2P port. +# Default: 8336 +QUILIBRIUM_P2P_PORT= + +# Use a custom gRPC port. +# Default: 8337 +QUILIBRIUM_GRPC_PORT= + +# Use a custom REST port. +# Default: 8338 +QUILIBRIUM_REST_PORT= + +# The public DNS name or IP address for this Quilibrium node. +NODE_PUBLIC_NAME= diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 0000000..fa83b85 --- /dev/null +++ b/docker/README.md @@ -0,0 +1,165 @@ +# Quilibrium Docker Instructions + +## Install Docker on a Server + +> [!IMPORTANT] +> You have to install Docker Engine on your server, you don't want to install Docker Desktop. + +The official Linux installation instructions start here: +https://docs.docker.com/engine/install/ + +For Ubuntu you can start here: +https://docs.docker.com/engine/install/ubuntu/ + +While there are several installation methods, you really want to use the apt repository, this way you get +automatic updates. + +Make sure you also follow the Linux post-installation steps: +https://docs.docker.com/engine/install/linux-postinstall/ + +## Install Docker on a Desktop + +For a Linux desktop follow the server installation steps above, do not install Docker Desktop for Linux unless +you know what you are doing. + +For Mac and Windows follow the corresponding Docker Desktop installation links from the top of: +https://docs.docker.com/engine/install/ + +## Running a Node + +Copy [docker-compose.yml](docker-compose.yml) to a new folder on a server. The official +Docker image provided by Quilibrium Network will be pulled. + +A `.config/` subfolder will be created in this folder, this will hold both configuration +and the node storage. + +Optionally you can also copy [Taskfile.yaml](Taskfile.yaml) and [.env.example](.env.example) to the +server, if you are planning to use them. See below. + +### New Instance + +If you are starting a brand new node then simply run Quilibrium in a container with: +```shell +docker compose up -d +``` + +A `.config/` subfolder will be created under the current folder, this is mapped inside the container. + +> [!IMPORTANT] +> Once the node is running (the `-node-info` command shows a balance) make sure you backup +> `config.yml` and `keys.yml`. + +### Restore Previous Instance + +If you have both `config.yml` and `keys.yml` backed up from a previous instance then follow these +steps to restore them: + +1. Create an empty `.config/` subfolder. +2. Copy `config.yml` and `keys.yml` to `.config/`. +3. Start the node with: + ```shell + docker compose up -d + ``` + +### Task + +You can also use the [Task](https://taskfile.dev/) tool, it is a simple build tool that takes care of running +complex commands and intereacting with the container. The tasks are all defined in +[Taskfile.yaml](Taskfile.yaml). + +You can optionally create an `.env` file, in the same folder to override specific parameters. Right now +only one optional env var is supported with `Task` and that is `QUILIBRIUM_IMAGE_NAME`, if you want to change the +default image name from `quilibrium` to something else. If you are pushing your images to GitHub, for example, then you +have to follow the GitHub naming convention and use a name like `ghcr.io/mscurtescu/ceremonyclient`. See the +[.env.example](.env.example) sample file, and keep in mind that `.env` is shared with +[docker-compose.yml](docker-compose.yml). + +Bellow there are example interactions with `Task`. + +Start the container through docker compose: +```shell +task up +``` + +Show the logs through docker compose: +```shell +task logs +``` + +Drop into a shell inside the running container: +```shell +task shell +``` + +Stop the running container(s): +```shell +task down +``` + +Backup the critical configuration: +```shell +task backup +``` + +The above command will create a `backup.tar.gz` archive in the current folder, you still have to copy this +file from the server into a safe location. The command adds the `config.yml` and `keys.yml` files from +the `.config/` subfolder to the archive, with the ownership of the current user. + + +## Customizing docker-compose.yml + +If you want to change certain parameters in [docker-compose.yml](docker-compose.yml) it is better not +to edit the file directly as new versions pushed through git would overwrite your changes. A more +flexible solution is to create another file called `docker-compose.override.yml` right next to it +and specifying the necessary overriding changes there. + +For example: +```yaml +services: + node: + image: ghcr.io/mscurtescu/ceremonyclient + restart: on-failure:7 +``` + +The above will override the image name and also the restart policy. + +You can optionally create an `.env` file, in the same folder to override specific parameters. See the +[.env.example](.env.example) sample file, and keep in mind that `.env` is shared with +[Taskfile.yaml](Taskfile.yaml). You can customize the image name and port mappings. + +To check if your overrides are being picked up run the following command: +```shell +docker compose config +``` + +This will output the merged and canonical compose file that will be used to run the container(s). + + +## Interact with a running container + +Drop into a shell inside a running container: +```shell +docker compose exec -it node sh +``` + +Watch the logs: +```shell +docker compose logs -f +``` + +Get the node related info (peer id, version, max frame and balance): +```shell +docker compose exec node node -node-info +``` + +Run the DB console: +```shell +docker compose exec node node -db-console +``` + +Run the Quilibrium client: +```shell +docker compose exec node qclient help +docker compose exec node qclient token help +docker compose exec node qclient token balance +``` diff --git a/docker/Taskfile.yaml b/docker/Taskfile.yaml new file mode 100644 index 0000000..d2115ba --- /dev/null +++ b/docker/Taskfile.yaml @@ -0,0 +1,114 @@ +# https://taskfile.dev + +version: '3' + +dotenv: + - '.env' + +vars: + PROJECT_NAME: quilibrium + SERVICE_NAME: node + +tasks: + up: + desc: Run a new Quilibrium and related containers, through docker compose. + cmds: + - docker compose up -d + + down: + desc: Take down the Quilibrium containers, through docker compose. + cmds: + - docker compose down + + pull: + desc: Pull new Docker images corresponding to the Quilibrium containers, through docker compose. + cmds: + - docker compose pull + + update: + desc: Pull new Docker images corresponding to the Quilibrium containers, then restart all containers. + cmds: + - task: pull + - task: down + - task: up + + shell: + desc: Drop into a shell inside the running container. + cmds: + - docker compose exec -it {{.SERVICE_NAME}} sh + + logs: + desc: Print the logs of the running Quilibrium container. + cmds: + - docker compose logs -f + + logs-folder: + desc: Show where Docker stores the logs for the Quilibrium node. You need root permissions to access the folder. + cmds: + - "docker container inspect {{.PROJECT_NAME}}-{{.SERVICE_NAME}}-1 | grep LogPath | cut -d : -f 2 | cut -d '\"' -f 2 | xargs dirname" + + node-info: + desc: Displays node related info for a running node. + cmds: + - docker compose exec node node -node-info + + backup: + desc: Create a backup file with the critical configuration files. + prompt: You will be prompted for root access. Make sure you verify the generated backup file. Continue? + preconditions: + - sh: 'test -d .config' + msg: '.config does not exists!' + - sh: 'test -f .config/config.yml' + msg: '.config/config.yml does not exists!' + - sh: 'test -f .config/keys.yml' + msg: '.config/keys.yml does not exists!' + - sh: '! test -f backup.tar.gz' + msg: 'A previous backup.tar.gz found in the current folder!' + sources: + - '.config/config.yml' + - '.config/keys.yml' + generates: + - 'backup.tar.gz' + cmds: + - | + export TMP_DIR=$(mktemp -d) + export TASK_DIR=$(pwd) + sudo cp .config/config.yml $TMP_DIR + sudo cp .config/keys.yml $TMP_DIR + sudo chown $(whoami):$(id -gn) $TMP_DIR/* + cd $TMP_DIR + tar -czf $TASK_DIR/backup.tar.gz * + cd $TASK_DIR + sudo rm -rf $TMP_DIR + echo "Backup saved to: backup.tar.gz" + echo "Do not assume you have a backup unless you verify it!!!" + silent: true + + restore: + desc: Restores a backup file with the critical configuration files. + preconditions: + - sh: '! test -d .config' + msg: '.config already exists, restore cannot be performed safely!' + - sh: 'test -f backup.tar.gz' + msg: 'backup.tar.gz not found in the current folder!' + sources: + - 'backup.tar.gz' + generates: + - '.config/config.yml' + - '.config/keys.yml' + cmds: + - | + mkdir .config + tar -xzf backup.tar.gz -C .config + echo "Backup restored from: backup.tar.gz" + silent: true + + test:port: + desc: Test if the P2P port is visible to the world. + preconditions: + - sh: 'test -x "$(command -v nc)"' + msg: 'nc is not installed, install with "sudo apt install netcat"' + - sh: 'test -n "$NODE_PUBLIC_NAME"' + msg: 'The public DNS name or IP address of the server must be set in NODE_PUBLIC_NAME.' + cmds: + - 'nc -vzu ${NODE_PUBLIC_NAME} ${QUILIBRIUM_P2P_PORT:=8336}' diff --git a/docker-compose.yml b/docker/docker-compose.yml similarity index 100% rename from docker-compose.yml rename to docker/docker-compose.yml diff --git a/node/config/version.go b/node/config/version.go index c5b5200..f9a1fe2 100644 --- a/node/config/version.go +++ b/node/config/version.go @@ -6,7 +6,7 @@ import ( ) func GetMinimumVersionCutoff() time.Time { - return time.Date(2024, time.May, 24, 4, 0, 0, 0, time.UTC) + return time.Date(2024, time.May, 28, 3, 0, 0, 0, time.UTC) } func GetMinimumVersion() []byte { @@ -27,3 +27,7 @@ func FormatVersion(version []byte) string { version[0], version[1], version[2], ) } + +func GetPatchNumber() byte { + return 0x01 +} diff --git a/node/consensus/master/broadcast_messaging.go b/node/consensus/master/broadcast_messaging.go index b0339ee..7d66767 100644 --- a/node/consensus/master/broadcast_messaging.go +++ b/node/consensus/master/broadcast_messaging.go @@ -132,6 +132,8 @@ func (e *MasterClockConsensusEngine) handleSelfTestReport( e.logger.Warn( "received invalid proof from peer", zap.String("peer_id", peer.ID(peerID).String()), + zap.Int("proof_size", len(report.Proof)), + zap.Uint32("cores", report.Cores), ) e.pubSub.SetPeerScore(peerID, -1000) return errors.Wrap(errors.New("invalid report"), "handle self test report") @@ -148,6 +150,7 @@ func (e *MasterClockConsensusEngine) handleSelfTestReport( return nil } + info.DifficultyMetric = report.DifficultyMetric info.MasterHeadFrame = report.MasterHeadFrame if info.Bandwidth <= 1048576 { @@ -169,7 +172,8 @@ func (e *MasterClockConsensusEngine) handleSelfTestReport( timestamp := binary.BigEndian.Uint64(proof[:8]) proof = proof[8:] - // Ignore outdated reports, give 3 minutes for propagation delay + // Ignore outdated reports, give 3 minutes + proof time for propagation + // delay if int64(timestamp) < (time.Now().UnixMilli() - (480 * 1000)) { return nil } @@ -181,25 +185,16 @@ func (e *MasterClockConsensusEngine) handleSelfTestReport( for i := 0; i < len(proofs); i++ { proofs[i] = proof[i*516 : (i+1)*516] } - if !e.frameProver.VerifyChallengeProof( - challenge, - int64(timestamp), - report.DifficultyMetric, - proofs, - ) { - e.logger.Warn( - "received invalid proof from peer", - zap.String("peer_id", peer.ID(peerID).String()), - ) - e.pubSub.SetPeerScore(peerID, -1000) + go func() { + e.verifyTestCh <- verifyChallenge{ + peerID: peerID, + challenge: challenge, + timestamp: int64(timestamp), + difficultyMetric: report.DifficultyMetric, + proofs: proofs, + } + }() - return errors.Wrap( - errors.New("invalid report"), - "handle self test report", - ) - } - - info.LastSeen = time.Now().UnixMilli() return nil } @@ -264,6 +259,7 @@ func (e *MasterClockConsensusEngine) handleSelfTestReport( return nil } +// This does not publish any longer, frames strictly are picked up from sync func (e *MasterClockConsensusEngine) publishProof( frame *protobufs.ClockFrame, ) error { @@ -274,17 +270,6 @@ func (e *MasterClockConsensusEngine) publishProof( e.masterTimeReel.Insert(frame, false) - peers, err := e.GetMostAheadPeers() - if err != nil || len(peers) == 0 { - // publish if we don't see anyone (empty peer list) or if we're the most - // ahead: - e.report.MasterHeadFrame = frame.FrameNumber - - if err := e.publishMessage(e.filter, e.report); err != nil { - e.logger.Debug("error publishing message", zap.Error(err)) - } - } - e.state = consensus.EngineStateCollecting return nil diff --git a/node/consensus/master/master_clock_consensus_engine.go b/node/consensus/master/master_clock_consensus_engine.go index b82f4bb..bf47b52 100644 --- a/node/consensus/master/master_clock_consensus_engine.go +++ b/node/consensus/master/master_clock_consensus_engine.go @@ -3,6 +3,7 @@ package master import ( "bytes" "context" + gcrypto "crypto" "crypto/rand" "encoding/binary" "encoding/hex" @@ -11,6 +12,8 @@ import ( "sync" "time" + "github.com/iden3/go-iden3-crypto/poseidon" + "github.com/libp2p/go-libp2p/core/peer" "github.com/mr-tron/base58" "github.com/pkg/errors" "go.uber.org/zap" @@ -62,6 +65,7 @@ type MasterClockConsensusEngine struct { report *protobufs.SelfTestReport frameValidationCh chan *protobufs.ClockFrame bandwidthTestCh chan []byte + verifyTestCh chan verifyChallenge currentReceivingSyncPeers int currentReceivingSyncPeersMx sync.Mutex } @@ -126,6 +130,7 @@ func NewMasterClockConsensusEngine( report: report, frameValidationCh: make(chan *protobufs.ClockFrame), bandwidthTestCh: make(chan []byte), + verifyTestCh: make(chan verifyChallenge), } e.addPeerManifestReport(e.pubSub.GetPeerID(), report) @@ -134,6 +139,12 @@ func NewMasterClockConsensusEngine( panic(errors.Wrap(err, "could not parse filter value")) } + e.getProvingKey(engineConfig) + + if err := e.createCommunicationKeys(); err != nil { + panic(err) + } + logger.Info("constructing consensus engine") return e @@ -170,7 +181,8 @@ func (e *MasterClockConsensusEngine) Start() <-chan error { panic(err) } - if head.FrameNumber > newFrame.FrameNumber || newFrame.FrameNumber-head.FrameNumber > 128 { + if head.FrameNumber > newFrame.FrameNumber || + newFrame.FrameNumber-head.FrameNumber > 128 { e.logger.Debug( "frame out of range, ignoring", zap.Uint64("number", newFrame.FrameNumber), @@ -186,6 +198,8 @@ func (e *MasterClockConsensusEngine) Start() <-chan error { e.masterTimeReel.Insert(newFrame, false) case peerId := <-e.bandwidthTestCh: e.performBandwidthTest(peerId) + case verifyTest := <-e.verifyTestCh: + e.performVerifyTest(verifyTest) } } }() @@ -225,6 +239,8 @@ func (e *MasterClockConsensusEngine) Start() <-chan error { go func() { // Let it sit until we at least have a few more peers inbound time.Sleep(30 * time.Second) + difficultyMetric := int64(100000) + skew := (difficultyMetric * 12) / 10 for { head, err := e.masterTimeReel.Head() @@ -233,22 +249,31 @@ func (e *MasterClockConsensusEngine) Start() <-chan error { } e.report.MasterHeadFrame = head.FrameNumber + e.report.DifficultyMetric = difficultyMetric parallelism := e.report.Cores - 1 - skew := (e.report.DifficultyMetric * 12) / 10 + challenge := binary.BigEndian.AppendUint64( []byte{}, e.report.MasterHeadFrame, ) challenge = append(challenge, e.pubSub.GetPeerID()...) - ts, proofs, err := e.frameProver.CalculateChallengeProof( - challenge, - parallelism, - skew, - ) + ts, proofs, nextDifficultyMetric, err := + e.frameProver.CalculateChallengeProof( + challenge, + parallelism, + skew, + ) if err != nil { panic(err) } + e.logger.Info( + "recalibrating difficulty metric", + zap.Int64("previous_difficulty_metric", difficultyMetric), + zap.Int64("next_difficulty_metric", nextDifficultyMetric), + ) + difficultyMetric = nextDifficultyMetric + skew = (nextDifficultyMetric * 12) / 10 proof := binary.BigEndian.AppendUint64([]byte{}, uint64(ts)) for i := 0; i < len(proofs); i++ { @@ -355,6 +380,38 @@ func (e *MasterClockConsensusEngine) Stop(force bool) <-chan error { return errChan } +type verifyChallenge struct { + peerID []byte + challenge []byte + timestamp int64 + difficultyMetric int64 + proofs [][]byte +} + +func (e *MasterClockConsensusEngine) performVerifyTest( + challenge verifyChallenge, +) { + if !e.frameProver.VerifyChallengeProof( + challenge.challenge, + challenge.timestamp, + challenge.difficultyMetric, + challenge.proofs, + ) { + e.logger.Warn( + "received invalid proof from peer", + zap.String("peer_id", peer.ID(challenge.peerID).String()), + ) + e.pubSub.SetPeerScore(challenge.peerID, -1000) + } else { + e.logger.Debug( + "received valid proof from peer", + zap.String("peer_id", peer.ID(challenge.peerID).String()), + ) + info := e.peerInfoManager.GetPeerInfo(challenge.peerID) + info.LastSeen = time.Now().UnixMilli() + } +} + func (e *MasterClockConsensusEngine) performBandwidthTest(peerID []byte) { result := e.pubSub.GetMultiaddrOfPeer(peerID) if result == "" { @@ -606,3 +663,77 @@ func (e *MasterClockConsensusEngine) addPeerManifestReport( e.peerInfoManager.AddPeerInfo(manifest) } + +func (e *MasterClockConsensusEngine) getProvingKey( + engineConfig *config.EngineConfig, +) (gcrypto.Signer, keys.KeyType, []byte, []byte) { + provingKey, err := e.keyManager.GetSigningKey(engineConfig.ProvingKeyId) + if errors.Is(err, keys.KeyNotFoundErr) { + e.logger.Info("could not get proving key, generating") + provingKey, err = e.keyManager.CreateSigningKey( + engineConfig.ProvingKeyId, + keys.KeyTypeEd448, + ) + } + + if err != nil { + e.logger.Error("could not get proving key", zap.Error(err)) + panic(err) + } + + rawKey, err := e.keyManager.GetRawKey(engineConfig.ProvingKeyId) + if err != nil { + e.logger.Error("could not get proving key type", zap.Error(err)) + panic(err) + } + + provingKeyType := rawKey.Type + + h, err := poseidon.HashBytes(rawKey.PublicKey) + if err != nil { + e.logger.Error("could not hash proving key", zap.Error(err)) + panic(err) + } + + provingKeyAddress := h.Bytes() + provingKeyAddress = append( + make([]byte, 32-len(provingKeyAddress)), + provingKeyAddress..., + ) + + return provingKey, provingKeyType, rawKey.PublicKey, provingKeyAddress +} + +func (e *MasterClockConsensusEngine) createCommunicationKeys() error { + _, err := e.keyManager.GetAgreementKey("q-ratchet-idk") + if err != nil { + if errors.Is(err, keys.KeyNotFoundErr) { + _, err = e.keyManager.CreateAgreementKey( + "q-ratchet-idk", + keys.KeyTypeX448, + ) + if err != nil { + return errors.Wrap(err, "create communication keys") + } + } else { + return errors.Wrap(err, "create communication keys") + } + } + + _, err = e.keyManager.GetAgreementKey("q-ratchet-spk") + if err != nil { + if errors.Is(err, keys.KeyNotFoundErr) { + _, err = e.keyManager.CreateAgreementKey( + "q-ratchet-spk", + keys.KeyTypeX448, + ) + if err != nil { + return errors.Wrap(err, "create communication keys") + } + } else { + return errors.Wrap(err, "create communication keys") + } + } + + return nil +} diff --git a/node/crypto/frame_prover.go b/node/crypto/frame_prover.go index 71a2e07..778e233 100644 --- a/node/crypto/frame_prover.go +++ b/node/crypto/frame_prover.go @@ -55,7 +55,7 @@ type FrameProver interface { challenge []byte, parallelism uint32, skew int64, - ) (int64, [][]byte, error) + ) (int64, [][]byte, int64, error) VerifyChallengeProof( challenge []byte, timestamp int64, diff --git a/node/crypto/wesolowski_frame_prover.go b/node/crypto/wesolowski_frame_prover.go index 6b04325..ede59b5 100644 --- a/node/crypto/wesolowski_frame_prover.go +++ b/node/crypto/wesolowski_frame_prover.go @@ -15,6 +15,7 @@ import ( "go.uber.org/zap" "golang.org/x/crypto/sha3" "source.quilibrium.com/quilibrium/monorepo/nekryptology/pkg/vdf" + "source.quilibrium.com/quilibrium/monorepo/node/config" "source.quilibrium.com/quilibrium/monorepo/node/keys" "source.quilibrium.com/quilibrium/monorepo/node/protobufs" "source.quilibrium.com/quilibrium/monorepo/node/tries" @@ -549,7 +550,9 @@ func (w *WesolowskiFrameProver) VerifyWeakRecursiveProof( } filter := proof[:len(frame.Filter)] - check := binary.BigEndian.Uint64(proof[len(frame.Filter) : len(frame.Filter)+8]) + check := binary.BigEndian.Uint64( + proof[len(frame.Filter) : len(frame.Filter)+8], + ) timestamp := binary.BigEndian.Uint64( proof[len(frame.Filter)+8 : len(frame.Filter)+16], ) @@ -600,26 +603,25 @@ func (w *WesolowskiFrameProver) CalculateChallengeProof( challenge []byte, parallelism uint32, skew int64, -) (int64, [][]byte, error) { - now := time.Now().UnixMilli() - input := binary.BigEndian.AppendUint64([]byte{}, uint64(now)) +) (int64, [][]byte, int64, error) { + now := time.Now() + nowMs := now.UnixMilli() + input := binary.BigEndian.AppendUint64([]byte{}, uint64(nowMs)) input = append(input, challenge...) outputs := make([][]byte, parallelism) wg := sync.WaitGroup{} wg.Add(int(parallelism)) + // 4.5 minutes = 270 seconds, one increment should be ten seconds + proofDuration := 270 * 1000 + calibratedDifficulty := (int64(proofDuration) * 10000) / skew for i := uint32(0); i < parallelism; i++ { i := i go func() { instanceInput := binary.BigEndian.AppendUint32([]byte{}, i) instanceInput = append(instanceInput, input...) - b := sha3.Sum256(input) - - // 4.5 minutes = 270 seconds, one increment should be ten seconds - proofDuration := 270 * 1000 - calibratedDifficulty := (int64(proofDuration) / skew) * 10000 - + b := sha3.Sum256(instanceInput) v := vdf.New(uint32(calibratedDifficulty), b) v.Execute() @@ -632,7 +634,10 @@ func (w *WesolowskiFrameProver) CalculateChallengeProof( } wg.Wait() - return now, outputs, nil + after := time.Since(now) + nextSkew := (skew * after.Milliseconds()) / int64(proofDuration) + + return nowMs, outputs, nextSkew, nil } func (w *WesolowskiFrameProver) VerifyChallengeProof( @@ -644,6 +649,10 @@ func (w *WesolowskiFrameProver) VerifyChallengeProof( input := binary.BigEndian.AppendUint64([]byte{}, uint64(timestamp)) input = append(input, challenge...) + if assertedDifficulty < 1 { + return false + } + for i := uint32(0); i < uint32(len(proof)); i++ { if len(proof[i]) != 516 { return false @@ -651,17 +660,28 @@ func (w *WesolowskiFrameProver) VerifyChallengeProof( instanceInput := binary.BigEndian.AppendUint32([]byte{}, i) instanceInput = append(instanceInput, input...) - b := sha3.Sum256(input) + b := sha3.Sum256(instanceInput) // 4.5 minutes = 270 seconds, one increment should be ten seconds proofDuration := 270 * 1000 skew := (assertedDifficulty * 12) / 10 - calibratedDifficulty := (int64(proofDuration) / skew) * 10000 + calibratedDifficulty := (int64(proofDuration) * 10000) / skew v := vdf.New(uint32(calibratedDifficulty), b) check := v.Verify([516]byte(proof[i])) if !check { - return false + // TODO: Remove after 2024-05-28 + if time.Now().Before(config.GetMinimumVersionCutoff()) { + calibratedDifficulty = (int64(proofDuration) / skew) * 10000 + + v = vdf.New(uint32(calibratedDifficulty), sha3.Sum256(input)) + check = v.Verify([516]byte(proof[i])) + if !check { + return false + } + } else { + return false + } } } diff --git a/node/crypto/wesolowski_frame_prover_test.go b/node/crypto/wesolowski_frame_prover_test.go index 78064cb..6bc039c 100644 --- a/node/crypto/wesolowski_frame_prover_test.go +++ b/node/crypto/wesolowski_frame_prover_test.go @@ -30,7 +30,10 @@ func TestMasterProve(t *testing.T) { func TestChallengeProof(t *testing.T) { l, _ := zap.NewProduction() w := crypto.NewWesolowskiFrameProver(l) - now, proofs, err := w.CalculateChallengeProof([]byte{0x01, 0x02, 0x03}, 3, 120000) + now, proofs, nextSkew, err := w.CalculateChallengeProof([]byte{0x01, 0x02, 0x03}, 3, 120000) assert.NoError(t, err) assert.True(t, w.VerifyChallengeProof([]byte{0x01, 0x02, 0x03}, now, 100000, proofs)) + now, proofs, _, err = w.CalculateChallengeProof([]byte{0x01, 0x02, 0x03}, 3, nextSkew*12/10) + assert.NoError(t, err) + assert.True(t, w.VerifyChallengeProof([]byte{0x01, 0x02, 0x03}, now, nextSkew, proofs)) } diff --git a/node/main.go b/node/main.go index 3d4362e..9d52c0a 100644 --- a/node/main.go +++ b/node/main.go @@ -192,7 +192,7 @@ func main() { os.Exit(1) } - fmt.Printf("Signature check passed") + fmt.Println("Signature check passed") } } @@ -735,6 +735,11 @@ func printLogo() { } func printVersion() { + patch := config.GetPatchNumber() + patchString := "" + if patch != 0x00 { + patchString = fmt.Sprintf("-p%d", patch) + } fmt.Println(" ") - fmt.Println(" Quilibrium Node - v" + config.GetVersionString() + " – Nebula") + fmt.Println(" Quilibrium Node - v" + config.GetVersionString() + patchString + " – Nebula") } diff --git a/node/node-1.4.18-darwin-arm64.dgst b/node/node-1.4.18-darwin-arm64.dgst index 41b56a7..93db326 100644 --- a/node/node-1.4.18-darwin-arm64.dgst +++ b/node/node-1.4.18-darwin-arm64.dgst @@ -1 +1 @@ -SHA3-256(node-1.4.18-darwin-arm64)= aee64d1d18c8e5567016d51460cf882005c4a873dbebcd7d608b8d3d9e74c682 +SHA3-256(node-1.4.18-darwin-arm64)= dc14a02268d88540bb364259775743c536d7541011bf26d4630f7fed425b5986 diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.1 b/node/node-1.4.18-darwin-arm64.dgst.sig.1 index e04dc24..2f8bc8a 100644 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.1 and b/node/node-1.4.18-darwin-arm64.dgst.sig.1 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.12 b/node/node-1.4.18-darwin-arm64.dgst.sig.12 new file mode 100644 index 0000000..6cf3d74 Binary files /dev/null and b/node/node-1.4.18-darwin-arm64.dgst.sig.12 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.13 b/node/node-1.4.18-darwin-arm64.dgst.sig.13 index 4ae193e..b51946d 100644 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.13 and b/node/node-1.4.18-darwin-arm64.dgst.sig.13 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.14 b/node/node-1.4.18-darwin-arm64.dgst.sig.14 index a575a90..0be4738 100644 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.14 and b/node/node-1.4.18-darwin-arm64.dgst.sig.14 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.16 b/node/node-1.4.18-darwin-arm64.dgst.sig.16 index a0fb9df..d6ad923 100644 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.16 and b/node/node-1.4.18-darwin-arm64.dgst.sig.16 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.17 b/node/node-1.4.18-darwin-arm64.dgst.sig.17 index fb6a0f3..a36964f 100644 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.17 and b/node/node-1.4.18-darwin-arm64.dgst.sig.17 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.2 b/node/node-1.4.18-darwin-arm64.dgst.sig.2 new file mode 100644 index 0000000..7859d1a Binary files /dev/null and b/node/node-1.4.18-darwin-arm64.dgst.sig.2 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.3 b/node/node-1.4.18-darwin-arm64.dgst.sig.3 new file mode 100644 index 0000000..8f13dc5 Binary files /dev/null and b/node/node-1.4.18-darwin-arm64.dgst.sig.3 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.4 b/node/node-1.4.18-darwin-arm64.dgst.sig.4 index a0e4578..0156159 100644 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.4 and b/node/node-1.4.18-darwin-arm64.dgst.sig.4 differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.6 b/node/node-1.4.18-darwin-arm64.dgst.sig.6 deleted file mode 100644 index 05d3b24..0000000 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.6 and /dev/null differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.7 b/node/node-1.4.18-darwin-arm64.dgst.sig.7 deleted file mode 100644 index 6424f62..0000000 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.7 and /dev/null differ diff --git a/node/node-1.4.18-darwin-arm64.dgst.sig.8 b/node/node-1.4.18-darwin-arm64.dgst.sig.8 index 7d6e423..4deec94 100644 Binary files a/node/node-1.4.18-darwin-arm64.dgst.sig.8 and b/node/node-1.4.18-darwin-arm64.dgst.sig.8 differ diff --git a/node/node-1.4.18-linux-amd64.dgst b/node/node-1.4.18-linux-amd64.dgst index 2e89a8e..cbf1d51 100644 --- a/node/node-1.4.18-linux-amd64.dgst +++ b/node/node-1.4.18-linux-amd64.dgst @@ -1 +1 @@ -SHA3-256(node-1.4.18-linux-amd64)= e24acbaab0dca79a26c1ac80561eb2dc69abf381fff73b5bb4092084143ba2c9 +SHA3-256(node-1.4.18-linux-amd64)= e41bf8538990e201637521b0eb278a1aebfc46e5d8de102f4870de30616b44e6 diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.1 b/node/node-1.4.18-linux-amd64.dgst.sig.1 index 2bfd324..3f61252 100644 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.1 and b/node/node-1.4.18-linux-amd64.dgst.sig.1 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.12 b/node/node-1.4.18-linux-amd64.dgst.sig.12 new file mode 100644 index 0000000..2187f57 Binary files /dev/null and b/node/node-1.4.18-linux-amd64.dgst.sig.12 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.13 b/node/node-1.4.18-linux-amd64.dgst.sig.13 index 84f6ef2..320de72 100644 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.13 and b/node/node-1.4.18-linux-amd64.dgst.sig.13 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.14 b/node/node-1.4.18-linux-amd64.dgst.sig.14 index 1199c5a..3b45334 100644 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.14 and b/node/node-1.4.18-linux-amd64.dgst.sig.14 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.16 b/node/node-1.4.18-linux-amd64.dgst.sig.16 index 8b6e43b..81dc5b2 100644 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.16 and b/node/node-1.4.18-linux-amd64.dgst.sig.16 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.17 b/node/node-1.4.18-linux-amd64.dgst.sig.17 index c6f22f1..a05a3f1 100644 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.17 and b/node/node-1.4.18-linux-amd64.dgst.sig.17 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.2 b/node/node-1.4.18-linux-amd64.dgst.sig.2 new file mode 100644 index 0000000..20b8108 Binary files /dev/null and b/node/node-1.4.18-linux-amd64.dgst.sig.2 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.3 b/node/node-1.4.18-linux-amd64.dgst.sig.3 new file mode 100644 index 0000000..4bdf22e Binary files /dev/null and b/node/node-1.4.18-linux-amd64.dgst.sig.3 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.4 b/node/node-1.4.18-linux-amd64.dgst.sig.4 index 607379d..027bbd4 100644 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.4 and b/node/node-1.4.18-linux-amd64.dgst.sig.4 differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.6 b/node/node-1.4.18-linux-amd64.dgst.sig.6 deleted file mode 100644 index f161967..0000000 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.6 and /dev/null differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.7 b/node/node-1.4.18-linux-amd64.dgst.sig.7 deleted file mode 100644 index 07d6302..0000000 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.7 and /dev/null differ diff --git a/node/node-1.4.18-linux-amd64.dgst.sig.8 b/node/node-1.4.18-linux-amd64.dgst.sig.8 index ea07a8d..5afcbf8 100644 Binary files a/node/node-1.4.18-linux-amd64.dgst.sig.8 and b/node/node-1.4.18-linux-amd64.dgst.sig.8 differ diff --git a/node/node-1.4.18-linux-arm64.dgst b/node/node-1.4.18-linux-arm64.dgst index 33f07f5..0938885 100644 --- a/node/node-1.4.18-linux-arm64.dgst +++ b/node/node-1.4.18-linux-arm64.dgst @@ -1 +1 @@ -SHA3-256(node-1.4.18-linux-arm64)= 888228bb59dc0b7fc103bd886906cfecdf3877dcedc138a1fd4cf694ab527409 +SHA3-256(node-1.4.18-linux-arm64)= de488e85acfd5ced235c8b7994d37cb153251826a52d1b0e964034b80d65b478 diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.1 b/node/node-1.4.18-linux-arm64.dgst.sig.1 index 01bf4ce..27daa5a 100644 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.1 and b/node/node-1.4.18-linux-arm64.dgst.sig.1 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.12 b/node/node-1.4.18-linux-arm64.dgst.sig.12 new file mode 100644 index 0000000..0c7c533 Binary files /dev/null and b/node/node-1.4.18-linux-arm64.dgst.sig.12 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.13 b/node/node-1.4.18-linux-arm64.dgst.sig.13 index e821217..c38670b 100644 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.13 and b/node/node-1.4.18-linux-arm64.dgst.sig.13 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.14 b/node/node-1.4.18-linux-arm64.dgst.sig.14 index ac0054e..9d207f7 100644 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.14 and b/node/node-1.4.18-linux-arm64.dgst.sig.14 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.16 b/node/node-1.4.18-linux-arm64.dgst.sig.16 index 2059001..77b2a17 100644 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.16 and b/node/node-1.4.18-linux-arm64.dgst.sig.16 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.17 b/node/node-1.4.18-linux-arm64.dgst.sig.17 index 7d61205..a7afc99 100644 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.17 and b/node/node-1.4.18-linux-arm64.dgst.sig.17 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.2 b/node/node-1.4.18-linux-arm64.dgst.sig.2 new file mode 100644 index 0000000..7759dc4 Binary files /dev/null and b/node/node-1.4.18-linux-arm64.dgst.sig.2 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.3 b/node/node-1.4.18-linux-arm64.dgst.sig.3 new file mode 100644 index 0000000..170a8da Binary files /dev/null and b/node/node-1.4.18-linux-arm64.dgst.sig.3 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.4 b/node/node-1.4.18-linux-arm64.dgst.sig.4 index be1b26d..9b53b07 100644 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.4 and b/node/node-1.4.18-linux-arm64.dgst.sig.4 differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.6 b/node/node-1.4.18-linux-arm64.dgst.sig.6 deleted file mode 100644 index c1c4b7f..0000000 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.6 and /dev/null differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.7 b/node/node-1.4.18-linux-arm64.dgst.sig.7 deleted file mode 100644 index d620c27..0000000 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.7 and /dev/null differ diff --git a/node/node-1.4.18-linux-arm64.dgst.sig.8 b/node/node-1.4.18-linux-arm64.dgst.sig.8 index a424c7c..275cf53 100644 Binary files a/node/node-1.4.18-linux-arm64.dgst.sig.8 and b/node/node-1.4.18-linux-arm64.dgst.sig.8 differ diff --git a/node/rpc/rpc_server.go b/node/rpc/rpc_server.go index 9831c35..13a53a3 100644 --- a/node/rpc/rpc_server.go +++ b/node/rpc/rpc_server.go @@ -5,6 +5,7 @@ import ( "context" "math/big" "net/http" + "source.quilibrium.com/quilibrium/monorepo/node/config" "github.com/libp2p/go-libp2p/core/peer" @@ -154,19 +155,14 @@ func (r *RPCServer) GetNodeInfo( if err != nil { return nil, errors.Wrap(err, "getting id from bytes") } - - maxFrame := &protobufs.ClockFrame{} - for _, e := range r.executionEngines { - if frame := e.GetFrame(); frame != nil { - if frameNr := frame.GetFrameNumber(); frameNr > maxFrame.GetFrameNumber() { - maxFrame = frame - } - } - } - peerScore := r.pubSub.GetPeerScore(r.pubSub.GetPeerID()) - return &protobufs.NodeInfoResponse{PeerId: peerID.String(), MaxFrame: maxFrame.GetFrameNumber(), PeerScore: uint64(peerScore), Version: config.GetVersion()}, nil + return &protobufs.NodeInfoResponse{ + PeerId: peerID.String(), + MaxFrame: r.masterClock.GetFrame().GetFrameNumber(), + PeerScore: uint64(peerScore), + Version: config.GetVersion(), + }, nil } // GetPeerInfo implements protobufs.NodeServiceServer. @@ -175,13 +171,23 @@ func (r *RPCServer) GetPeerInfo( req *protobufs.GetPeerInfoRequest, ) (*protobufs.PeerInfoResponse, error) { resp := &protobufs.PeerInfoResponse{} - for _, e := range r.executionEngines { - r := e.GetPeerInfo() - resp.PeerInfo = append(resp.PeerInfo, r.PeerInfo...) - resp.UncooperativePeerInfo = append( - resp.UncooperativePeerInfo, - r.UncooperativePeerInfo..., - ) + manifests := r.masterClock.GetPeerManifests() + for _, m := range manifests.PeerManifests { + multiaddr := r.pubSub.GetMultiaddrOfPeer(m.PeerId) + addrs := []string{} + if multiaddr != "" { + addrs = append(addrs, multiaddr) + } + + resp.PeerInfo = append(resp.PeerInfo, &protobufs.PeerInfo{ + PeerId: m.PeerId, + Multiaddrs: addrs, + MaxFrame: m.MasterHeadFrame, + Timestamp: m.LastSeen, + // We can get away with this for this release only, we will want to add + // version info in manifests. + Version: config.GetVersion(), + }) } return resp, nil } diff --git a/signers/Taskfile.yaml b/signers/Taskfile.yaml index dd5b67e..a5d4c3f 100644 --- a/signers/Taskfile.yaml +++ b/signers/Taskfile.yaml @@ -83,24 +83,28 @@ tasks: sources: - '**/*.go' generates: - - node-{{.VERSION}}-*.bin + - node-{{.VERSION}}-darwin-arm64 + - node-{{.VERSION}}-linux-amd64 + - node-{{.VERSION}}-linux-arm64 cmds: - - GOOS=darwin go build -ldflags "-s -w" -o node-{{.VERSION}}-darwin-arm64.bin - - GOOS=linux GOARCH=amd64 go build -ldflags "-s -w" -o node-{{.VERSION}}-linux-amd64.bin - - GOOS=linux GOARCH=arm64 go build -ldflags "-s -w" -o node-{{.VERSION}}-linux-arm64.bin + - GOOS=darwin go build -ldflags "-s -w" -o node-{{.VERSION}}-darwin-arm64 + - GOOS=linux GOARCH=amd64 go build -ldflags "-s -w" -o node-{{.VERSION}}-linux-amd64 + - GOOS=linux GOARCH=arm64 go build -ldflags "-s -w" -o node-{{.VERSION}}-linux-arm64 digest: desc: Generate digests for node binaries. deps: [build] dir: ../node sources: - - node-{{.VERSION}}-*.bin + - node-{{.VERSION}}-darwin-arm64 + - node-{{.VERSION}}-linux-amd64 + - node-{{.VERSION}}-linux-arm64 generates: - node-{{.VERSION}}-*.dgst cmds: - - openssl sha3-256 -out node-{{.VERSION}}-darwin-arm64.dgst node-{{.VERSION}}-darwin-arm64.bin - - openssl sha3-256 -out node-{{.VERSION}}-linux-amd64.dgst node-{{.VERSION}}-linux-amd64.bin - - openssl sha3-256 -out node-{{.VERSION}}-linux-arm64.dgst node-{{.VERSION}}-linux-arm64.bin + - openssl sha3-256 -out node-{{.VERSION}}-darwin-arm64.dgst node-{{.VERSION}}-darwin-arm64 + - openssl sha3-256 -out node-{{.VERSION}}-linux-amd64.dgst node-{{.VERSION}}-linux-amd64 + - openssl sha3-256 -out node-{{.VERSION}}-linux-arm64.dgst node-{{.VERSION}}-linux-arm64 sign: desc: Generate signatures for node binaries. @@ -130,9 +134,9 @@ tasks: - docker:build_image cmds: - docker run --name signers --rm -it -v {{.PARENT_FOLDER}}:/home/{{.USER_NAME}}/ceremonyclient -u {{.USER_NAME}} -w /home/{{.USER_NAME}}/ceremonyclient/signers {{.QUILIBRIUM_SIGNERS_IMAGE_NAME}} task verify:build:container - - diff node-{{.VERSION}}-darwin-arm64.bin node-tmp-darwin-arm64.bin - - diff node-{{.VERSION}}-linux-amd64.bin node-tmp-linux-amd64.bin - - diff node-{{.VERSION}}-linux-arm64.bin node-tmp-linux-arm64.bin + - diff node-{{.VERSION}}-darwin-arm64 node-tmp-darwin-arm64 + - diff node-{{.VERSION}}-linux-amd64 node-tmp-linux-amd64 + - diff node-{{.VERSION}}-linux-arm64 node-tmp-linux-arm64 verify:build:container: desc: Verify that the existing binaries can be rebuilt exactly the same, inside tbe Docker container. @@ -140,22 +144,24 @@ tasks: sources: - '**/*.go' generates: - - node-tmp-*.bin + - node-tmp-darwin-arm64 + - node-tmp-linux-amd64 + - node-tmp-linux-arm64 cmds: - - GOOS=darwin go build -ldflags "-s -w" -o node-tmp-darwin-arm64.bin - - GOOS=linux GOARCH=amd64 go build -ldflags "-s -w" -o node-tmp-linux-amd64.bin - - GOOS=linux GOARCH=arm64 go build -ldflags "-s -w" -o node-tmp-linux-arm64.bin - - diff node-{{.VERSION}}-darwin-arm64.bin node-tmp-darwin-arm64.bin - - diff node-{{.VERSION}}-linux-amd64.bin node-tmp-linux-amd64.bin - - diff node-{{.VERSION}}-linux-arm64.bin node-tmp-linux-arm64.bin + - GOOS=darwin go build -ldflags "-s -w" -o node-tmp-darwin-arm64 + - GOOS=linux GOARCH=amd64 go build -ldflags "-s -w" -o node-tmp-linux-amd64 + - GOOS=linux GOARCH=arm64 go build -ldflags "-s -w" -o node-tmp-linux-arm64 + - diff node-{{.VERSION}}-darwin-arm64 node-tmp-darwin-arm64 + - diff node-{{.VERSION}}-linux-amd64 node-tmp-linux-amd64 + - diff node-{{.VERSION}}-linux-arm64 node-tmp-linux-arm64 verify:digest: desc: Verify that the existing digests are correct. dir: ../node cmds: - - openssl sha3-256 -out node-tmp-darwin-arm64.dgst node-{{.VERSION}}-darwin-arm64.bin - - openssl sha3-256 -out node-tmp-linux-amd64.dgst node-{{.VERSION}}-linux-amd64.bin - - openssl sha3-256 -out node-tmp-linux-arm64.dgst node-{{.VERSION}}-linux-arm64.bin + - openssl sha3-256 -out node-tmp-darwin-arm64.dgst node-{{.VERSION}}-darwin-arm64 + - openssl sha3-256 -out node-tmp-linux-amd64.dgst node-{{.VERSION}}-linux-amd64 + - openssl sha3-256 -out node-tmp-linux-arm64.dgst node-{{.VERSION}}-linux-arm64 - diff node-{{.VERSION}}-darwin-arm64.dgst node-tmp-darwin-arm64.dgst - diff node-{{.VERSION}}-linux-amd64.dgst node-tmp-linux-amd64.dgst - diff node-{{.VERSION}}-linux-arm64.dgst node-tmp-linux-arm64.dgst diff --git a/signers/pems/16.pem b/signers/pems/16.pem new file mode 100644 index 0000000..342ea8f --- /dev/null +++ b/signers/pems/16.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAbihy9zxIaMQoa+97/i9UeaQcQvTgdQXvpIg8eVDHQCUuDup4 +7vEMWEsZsdzaAfd2fTE10HwzJEEA +-----END PUBLIC KEY----- diff --git a/signers/pems/17.pem b/signers/pems/17.pem new file mode 100644 index 0000000..0683f45 --- /dev/null +++ b/signers/pems/17.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAoRSwYfjTXj80l8jEPYO6a0r2eqezm3Q7Gwo18tZhELUFHdPY +b2m1cSKjW2TmJLgYC+5jthUvzkKA +-----END PUBLIC KEY-----