Merge pull request #1252 from dusk-network/fix-1243

Verify candidate block header

consensus/src/consensus.rs

@@ -6,7 +6,7 @@
 
 use crate::commons::{ConsensusError, Database, QuorumMsgSender, RoundUpdate};
 use crate::config::CONSENSUS_MAX_ITER;
-use crate::contract_state::Operations;
+use crate::operations::Operations;
 use crate::phase::Phase;
 
 use node_data::ledger::Block;

consensus/src/execution_ctx.rs

@@ -6,10 +6,10 @@
 
 use crate::commons::{ConsensusError, Database, QuorumMsgSender, RoundUpdate};
 
-use crate::contract_state::Operations;
 use crate::iteration_ctx::IterationCtx;
 use crate::msg_handler::HandleMsgOutput::{Pending, Ready};
 use crate::msg_handler::MsgHandler;
+use crate::operations::Operations;
 use crate::queue::Queue;
 use crate::step_votes_reg::SafeCertificateInfoRegistry;
 use crate::user::committee::Committee;

consensus/src/lib.rs

@@ -12,9 +12,9 @@ pub mod user;
 
 mod aggregator;
 pub mod config;
-pub mod contract_state;
 mod execution_ctx;
 mod msg_handler;
+pub mod operations;
 mod phase;
 mod proposal;
 mod queue;

consensus/src/contract_state.rs → consensus/src/operations.rs

@@ -6,7 +6,7 @@
 
 use std::fmt;
 
-use node_data::ledger::{SpentTransaction, Transaction};
+use node_data::ledger::{Header, SpentTransaction, Transaction};
 
 pub type StateRoot = [u8; 32];
 pub type EventHash = [u8; 32];
@@ -49,6 +49,12 @@ impl fmt::Display for VerificationOutput {
 
 #[async_trait::async_trait]
 pub trait Operations: Send + Sync {
+    async fn verify_block_header(
+        &self,
+        candidate_header: &Header,
+        disable_winning_cert_check: bool,
+    ) -> Result<(), Error>;
+
     async fn verify_state_transition(
         &self,
         params: CallParams,

consensus/src/phase.rs

@@ -5,8 +5,8 @@
 // Copyright (c) DUSK NETWORK. All rights reserved.
 
 use crate::commons::{ConsensusError, Database};
-use crate::contract_state::Operations;
 use crate::execution_ctx::ExecutionCtx;
+use crate::operations::Operations;
 
 use node_data::message::Message;
 use node_data::StepName;

consensus/src/proposal/block_generator.rs

@@ -5,12 +5,12 @@
 // Copyright (c) DUSK NETWORK. All rights reserved.
 
 use crate::commons::RoundUpdate;
-use crate::contract_state::CallParams;
+use crate::operations::CallParams;
 use node_data::ledger::{to_str, Block, Certificate, IterationsInfo, Seed};
 
 use crate::config;
-use crate::contract_state::Operations;
 use crate::merkle::merkle_root;
+use crate::operations::Operations;
 
 use dusk_bytes::Serializable;
 use node_data::ledger;
@@ -35,7 +35,7 @@ impl<T: Operations> Generator<T> {
         ru: &RoundUpdate,
         iteration: u8,
         failed_iterations: Vec<Option<Certificate>>,
-    ) -> Result<Message, crate::contract_state::Error> {
+    ) -> Result<Message, crate::operations::Error> {
         // Sign seed
         let seed = ru
             .secret_key
@@ -82,7 +82,7 @@ impl<T: Operations> Generator<T> {
         seed: Seed,
         iteration: u8,
         failed_iterations: Vec<Option<Certificate>>,
-    ) -> Result<Block, crate::contract_state::Error> {
+    ) -> Result<Block, crate::operations::Error> {
         let start_time = Instant::now();
 
         let call_params = CallParams {

consensus/src/proposal/step.rs

@@ -5,9 +5,9 @@
 // Copyright (c) DUSK NETWORK. All rights reserved.
 
 use crate::commons::{ConsensusError, Database};
-use crate::contract_state::Operations;
 use crate::execution_ctx::ExecutionCtx;
 use crate::msg_handler::{HandleMsgOutput, MsgHandler};
+use crate::operations::Operations;
 use node_data::message::Message;
 use std::cmp;
 use std::sync::Arc;
@@ -44,7 +44,7 @@ impl<T: Operations + 'static, D: Database> ProposalStep<T, D> {
         round: u64,
         iteration: u8,
     ) {
-        debug!(event = "init", name = self.name(), round, iteration,)
+        debug!(event = "init", name = self.name(), round, iter = iteration,)
     }
 
     pub async fn run(

consensus/src/ratification/step.rs

@@ -5,8 +5,8 @@
 // Copyright (c) DUSK NETWORK. All rights reserved.
 
 use crate::commons::{ConsensusError, Database, RoundUpdate};
-use crate::contract_state::Operations;
 use crate::execution_ctx::ExecutionCtx;
+use crate::operations::Operations;
 use std::marker::PhantomData;
 
 use crate::msg_handler::{HandleMsgOutput, MsgHandler};
@@ -18,7 +18,7 @@ use node_data::message::{AsyncQueue, Message, Payload, Topics};
 use std::sync::Arc;
 use tokio::sync::Mutex;
 
-use tracing::{debug, error};
+use tracing::{error, info, Instrument};
 
 pub struct RatificationStep<T, DB> {
     handler: Arc<Mutex<handler::RatificationHandler>>,
@@ -54,12 +54,8 @@ impl<T: Operations + 'static, DB: Database> RatificationStep<T, DB> {
             },
         );
 
-        debug!(
-            event = "voting",
-            vtype = "ratification",
-            hash = to_str(&result.hash),
-            validation_bitset = result.sv.bitset
-        );
+        // Publish ratification vote
+        info!(event = "send_vote", validation_bitset = result.sv.bitset);
 
         // Publish
         outbound.send(msg.clone()).await.unwrap_or_else(|err| {
@@ -106,7 +102,7 @@ impl<T: Operations + 'static, DB: Database> RatificationStep<T, DB> {
             event = "init",
             name = self.name(),
             round = round,
-            iteration = iteration,
+            iter = iteration,
             hash = to_str(&handler.validation_result().hash),
             fsv_bitset = handler.validation_result().sv.bitset,
             quorum_type = format!("{:?}", handler.validation_result().quorum)
@@ -123,13 +119,15 @@ impl<T: Operations + 'static, DB: Database> RatificationStep<T, DB> {
 
         if ctx.am_member(committee) {
             let mut handler = self.handler.lock().await;
+            let hash = to_str(&handler.validation_result().hash);
 
             let vote_msg = Self::try_vote(
                 &ctx.round_update,
                 ctx.iteration,
                 handler.validation_result(),
                 ctx.outbound.clone(),
             )
+            .instrument(tracing::info_span!("ratification", hash,))
             .await;
 
             // Collect my own vote

consensus/src/validation/step.rs

@@ -6,8 +6,8 @@
 
 use crate::commons::{ConsensusError, Database, RoundUpdate};
 use crate::config;
-use crate::contract_state::{CallParams, Operations};
 use crate::execution_ctx::ExecutionCtx;
+use crate::operations::{CallParams, Operations};
 use crate::validation::handler;
 use anyhow::anyhow;
 use dusk_bytes::DeserializableSlice;
@@ -17,7 +17,7 @@ use node_data::message::{self, AsyncQueue, Message, Payload, Topics};
 use std::sync::Arc;
 use tokio::sync::Mutex;
 use tokio::task::JoinSet;
-use tracing::{debug, error, Instrument};
+use tracing::{debug, error, info, Instrument};
 
 pub struct ValidationStep<T> {
     handler: Arc<Mutex<handler::ValidationHandler>>,
@@ -42,7 +42,7 @@ impl<T: Operations + 'static> ValidationStep<T> {
                 )
                 .await
             }
-            .instrument(tracing::info_span!("voting", hash)),
+            .instrument(tracing::info_span!("validation", hash,)),
         );
     }
 
@@ -54,20 +54,42 @@ impl<T: Operations + 'static> ValidationStep<T> {
         inbound: AsyncQueue<Message>,
         executor: Arc<Mutex<T>>,
     ) {
-        // TODO: Verify Block Header
-        let hash = candidate.header().hash;
-
-        // Call VST for non-empty blocks
-        if hash != [0u8; 32] {
-            if let Err(err) = Self::call_vst(candidate, ru, executor).await {
-                error!(
-                    event = "failed_vst_call",
-                    reason = format!("{:?}", err)
-                );
-                return;
-            }
+        let header = candidate.header();
+
+        // A Validation step with empty/default Block produces a Nil Vote
+        if header.hash == [0u8; 32] {
+            Self::cast_vote([0u8; 32], ru, iteration, outbound, inbound).await;
+            return;
         }
 
+        // Verify candidate header (all fields except the winning certificate)
+        // NB: Winning certificate is produced only on reaching consensus
+        if let Err(err) = executor
+            .lock()
+            .await
+            .verify_block_header(header, true)
+            .await
+        {
+            error!(event = "invalid_header", ?err, ?header);
+            return;
+        };
+
+        // Call Verify State Transition to make sure transactions set is valid
+        if let Err(err) = Self::call_vst(candidate, ru, executor).await {
+            error!(event = "failed_vst_call", ?err);
+            return;
+        }
+
+        Self::cast_vote(header.hash, ru, iteration, outbound, inbound).await;
+    }
+
+    async fn cast_vote(
+        hash: [u8; 32],
+        ru: &RoundUpdate,
+        iteration: u8,
+        outbound: AsyncQueue<Message>,
+        inbound: AsyncQueue<Message>,
+    ) {
         let hdr = message::Header {
             pubkey_bls: ru.pubkey_bls.clone(),
             round: ru.round,
@@ -85,7 +107,7 @@ impl<T: Operations + 'static> ValidationStep<T> {
         );
 
         // Publish validation vote
-        debug!(event = "voting", vtype = "validation", hash = to_str(&hash));
+        info!(event = "send_vote");
 
         // Publish
         outbound.send(msg.clone()).await.unwrap_or_else(|err| {
@@ -183,7 +205,7 @@ impl<T: Operations + 'static> ValidationStep<T> {
             event = "init",
             name = self.name(),
             round,
-            iteration,
+            iter = iteration,
             hash = to_str(&handler.candidate.header().hash),
         )
     }

node/src/chain.rs

@@ -10,12 +10,13 @@ mod fallback;
 mod fsm;
 mod genesis;
 
+mod header_validation;
+
 use self::acceptor::Acceptor;
 use self::fsm::SimpleFSM;
 use crate::database::Ledger;
 use crate::{database, vm, Network};
 use crate::{LongLivedService, Message};
-pub use acceptor::verify_block_cert;
 use anyhow::Result;
 use async_trait::async_trait;
 use dusk_consensus::commons::ConsensusError;