GH-2142 Use the correct producer schedule for finding block signing a…

…uthorization.
AntelopeIO · Feb 18, 2024 · 83ec46f · 83ec46f
1 parent 89c65ab
commit 83ec46f
Show file tree

Hide file tree

Showing 8 changed files with 22 additions and 20 deletions.
diff --git a/libraries/chain/block_header_state.cpp b/libraries/chain/block_header_state.cpp
@@ -12,7 +12,7 @@ namespace eosio::chain {
 // digest_type           compute_finalizer_digest() const { return id; };
 
 
-producer_authority block_header_state::get_scheduled_producer(block_timestamp_type t) const {
+const producer_authority& block_header_state::get_scheduled_producer(block_timestamp_type t) const {
    return detail::get_scheduled_producer(active_proposer_policy->proposer_schedule.producers, t);
 }
 

diff --git a/libraries/chain/block_header_state_legacy.cpp b/libraries/chain/block_header_state_legacy.cpp
@@ -19,7 +19,7 @@ namespace eosio::chain {
       return blocknums[ index ];
    }
 
-   producer_authority block_header_state_legacy::get_scheduled_producer( block_timestamp_type t ) const {
+   const producer_authority& block_header_state_legacy::get_scheduled_producer( block_timestamp_type t ) const {
       return detail::get_scheduled_producer(active_schedule.producers, t);
    }
 
@@ -34,7 +34,7 @@ namespace eosio::chain {
         (when = header.timestamp).slot++;
       }
 
-      auto proauth = get_scheduled_producer(when);
+      const auto& proauth = get_scheduled_producer(when);
 
       auto itr = producer_to_last_produced.find( proauth.producer_name );
       if( itr != producer_to_last_produced.end() ) {

diff --git a/libraries/chain/block_state.cpp b/libraries/chain/block_state.cpp
@@ -19,13 +19,14 @@ block_state::block_state(const block_header_state& prev, signed_block_ptr b, con
    // ASSUMPTION FROM controller_impl::apply_block = all untrusted blocks will have their signatures pre-validated here
    if( !skip_validate_signee ) {
       auto sigs = detail::extract_additional_signatures(block);
-      verify_signee(sigs);
+      const auto& valid_block_signing_authority = prev.get_scheduled_producer(timestamp()).authority;
+      verify_signee(sigs, valid_block_signing_authority);
    }
 }
 
 block_state::block_state(const block_header_state& bhs, deque<transaction_metadata_ptr>&& trx_metas,
                          deque<transaction_receipt>&& trx_receipts, const std::optional<quorum_certificate>& qc,
-                         const signer_callback_type& signer)
+                         const signer_callback_type& signer, const block_signing_authority& valid_block_signing_authority)
    : block_header_state(bhs)
    , block(std::make_shared<signed_block>(signed_block_header{bhs.header})) // [greg todo] do we need signatures?
    , strong_digest(compute_finalizer_digest())
@@ -40,7 +41,7 @@ block_state::block_state(const block_header_state& bhs, deque<transaction_metada
       emplace_extension(block->block_extensions, quorum_certificate_extension::extension_id(), fc::raw::pack( *qc ));
    }
 
-   sign(signer);
+   sign(signer, valid_block_signing_authority);
 }
 
 // Used for transition from dpos to instant-finality
@@ -214,20 +215,18 @@ void inject_additional_signatures( signed_block& b, const std::vector<signature_
    }
 }
 
-void block_state::sign( const signer_callback_type& signer ) {
+void block_state::sign(const signer_callback_type& signer, const block_signing_authority& valid_block_signing_authority ) {
    auto sigs = signer( block_id );
 
    EOS_ASSERT(!sigs.empty(), no_block_signatures, "Signer returned no signatures");
    block->producer_signature = sigs.back();
    sigs.pop_back();
 
-   verify_signee(sigs);
+   verify_signee(sigs, valid_block_signing_authority);
    inject_additional_signatures(*block, sigs);
 }
 
-void block_state::verify_signee(const std::vector<signature_type>& additional_signatures) const {
-   auto valid_block_signing_authority = get_scheduled_producer(timestamp()).authority;
-
+void block_state::verify_signee(const std::vector<signature_type>& additional_signatures, const block_signing_authority& valid_block_signing_authority) const {
    auto num_keys_in_authority = std::visit([](const auto &a){ return a.keys.size(); }, valid_block_signing_authority);
    EOS_ASSERT(1 + additional_signatures.size() <= num_keys_in_authority, wrong_signing_key,
               "number of block signatures (${num_block_signatures}) exceeds number of keys in block signing authority (${num_keys})",

diff --git a/libraries/chain/controller.cpp b/libraries/chain/controller.cpp
@@ -322,7 +322,7 @@ struct assembled_block {
    }
 
    completed_block complete_block(const protocol_feature_set& pfs, validator_t validator,
-                                  const signer_callback_type& signer) {
+                                  const signer_callback_type& signer, const block_signing_authority& valid_block_signing_authority) {
       return std::visit(overloaded{[&](assembled_block_legacy& ab) {
                                       auto bsp = std::make_shared<block_state_legacy>(
                                          std::move(ab.pending_block_header_state), std::move(ab.unsigned_block),
@@ -332,7 +332,8 @@ struct assembled_block {
                                    },
                                    [&](assembled_block_if& ab) {
                                       auto bsp = std::make_shared<block_state>(ab.bhs, std::move(ab.trx_metas),
-                                                                               std::move(ab.trx_receipts), ab.qc, signer);
+                                                                               std::move(ab.trx_receipts), ab.qc, signer,
+                                                                               valid_block_signing_authority);
                                       return completed_block{std::move(bsp)};
                                    }},
                         v);
@@ -4205,10 +4206,12 @@ void controller::assemble_and_complete_block( block_report& br, const signer_cal
    my->assemble_block();
 
    auto& ab = std::get<assembled_block>(my->pending->_block_stage);
+   const auto& valid_block_signing_authority = my->head_active_schedule_auth().get_scheduled_producer(ab.timestamp()).authority;
    my->pending->_block_stage = ab.complete_block(
       my->protocol_features.get_protocol_feature_set(),
       [](block_timestamp_type timestamp, const flat_set<digest_type>& cur_features, const vector<digest_type>& new_features) {},
-      signer_callback);
+      signer_callback,
+      valid_block_signing_authority);
 
    br = my->pending->_block_report;
 }

diff --git a/libraries/chain/include/eosio/chain/block_header_state.hpp b/libraries/chain/include/eosio/chain/block_header_state.hpp
@@ -82,7 +82,7 @@ struct block_header_state {
 
    flat_set<digest_type> get_activated_protocol_features() const { return activated_protocol_features->protocol_features; }
    const vector<digest_type>& get_new_protocol_feature_activations() const;
-   producer_authority get_scheduled_producer(block_timestamp_type t) const;
+   const producer_authority& get_scheduled_producer(block_timestamp_type t) const;
 };
 
 using block_header_state_ptr = std::shared_ptr<block_header_state>;

diff --git a/libraries/chain/include/eosio/chain/block_header_state_legacy.hpp b/libraries/chain/include/eosio/chain/block_header_state_legacy.hpp
@@ -170,7 +170,7 @@ struct block_header_state_legacy : public detail::block_header_state_legacy_comm
 
    uint32_t             calc_dpos_last_irreversible( account_name producer_of_next_block )const;
 
-   producer_authority     get_scheduled_producer( block_timestamp_type t )const;
+   const producer_authority& get_scheduled_producer( block_timestamp_type t )const;
    const block_id_type&   previous()const { return header.previous; }
    digest_type            sig_digest()const;
    void                   sign( const signer_callback_type& signer );

diff --git a/libraries/chain/include/eosio/chain/block_header_state_utils.hpp b/libraries/chain/include/eosio/chain/block_header_state_utils.hpp
@@ -20,7 +20,7 @@ namespace eosio::chain::detail {
       return block_timestamp_type{t.slot + (config::producer_repetitions - index) + config::producer_repetitions};
    }
 
-   inline producer_authority get_scheduled_producer(const vector<producer_authority>& producers, block_timestamp_type t) {
+   inline const producer_authority& get_scheduled_producer(const vector<producer_authority>& producers, block_timestamp_type t) {
       auto index = t.slot % (producers.size() * config::producer_repetitions);
       index /= config::producer_repetitions;
       return producers[index];

diff --git a/libraries/chain/include/eosio/chain/block_state.hpp b/libraries/chain/include/eosio/chain/block_state.hpp
@@ -66,12 +66,12 @@ struct block_state : public block_header_state {     // block_header_state provi
 
    block_state(const block_header_state& bhs, deque<transaction_metadata_ptr>&& trx_metas,
                deque<transaction_receipt>&& trx_receipts, const std::optional<quorum_certificate>& qc,
-               const signer_callback_type& signer);
+               const signer_callback_type& signer, const block_signing_authority& valid_block_signing_authority);
 
    explicit block_state(const block_state_legacy& bsp);
 
-   void sign(const signer_callback_type& signer);
-   void verify_signee(const std::vector<signature_type>& additional_signatures) const;
+   void sign(const signer_callback_type& signer, const block_signing_authority& valid_block_signing_authority);
+   void verify_signee(const std::vector<signature_type>& additional_signatures, const block_signing_authority& valid_block_signing_authority) const;
 };
 
 using block_state_ptr = std::shared_ptr<block_state>;