RTA Flow: Implement Auth Sample Validation on Graftnode (GNRTA-283)

.gitignore

@@ -7,6 +7,7 @@ log/
 # vim swap files
 *.swp
 *.swo
+.ycm*
 TAGS
 !TAGS/
 tags
@@ -103,4 +104,4 @@ local.properties
 .texlipse
 .idea/
 
-/testnet
+/testnet

src/common/CMakeLists.txt

@@ -39,7 +39,9 @@ set(common_sources
   perf_timer.cpp
   task_region.cpp
   thread_group.cpp
-  updates.cpp)
+  updates.cpp
+  rta_kit.cpp
+  )
 
 if (STACK_TRACE)
   list(APPEND common_sources stack_trace.cpp)
@@ -68,7 +70,9 @@ set(common_private_headers
   stack_trace.h
   task_region.h
   thread_group.h
-  updates.h)
+  updates.h
+  rta_kit.h
+  )
 
 monero_private_headers(common
   ${common_private_headers})

src/common/rta_kit.cpp

@@ -0,0 +1,160 @@
+// Copyright (c) 2019, The Graft Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2014-2019 The Monero Project
+
+#include <sstream>
+
+#include "common/rta_kit.h"
+#include "crypto/hash.h"
+#include "crypto/crypto.h"
+#include "misc_log_ex.h"
+#include "cryptonote_basic/cryptonote_basic.h"
+#include "cryptonote_basic/cryptonote_basic_impl.h"
+
+#include "utils/sample_generator.h" // bad idea to include the whole heavy header just 
+// because of one const - graft::generator::AUTH_SAMPLE_SIZE
+// It's better to hold all const's in separate lightweight header
+
+namespace rta::flow2::validation {
+
+bool belongs_to_auth_sample(const std::vector<crypto::public_key>& auth_sample_pkeys, 
+  const rta_header& rta_hdr, const u32 auth_sample_pkeys_off)
+{
+  bool ok = false;  // ok is true when every supernode from rta_hdr is member of auth_sample
+  for(u32 i = auth_sample_pkeys_off, cnt = rta_hdr.keys.size(); i < cnt; ++i)
+  {
+    const auto& key = rta_hdr.keys[i];
+    if(!(ok = std::any_of(auth_sample_pkeys.cbegin(), auth_sample_pkeys.cend(),
+      [&key](const crypto::public_key& k) { return key == k; })))
+    {
+      MERROR("Key " << key << " does not belong to auth-sample");
+      break;
+    }
+  }
+
+#if 0
+  {
+    std::ostringstream m;
+    m << std::endl << "### DBG: keys to be checked against belonging to auth sample (cnt:"
+      << (rta_hdr.keys.size() - auth_sample_pkeys_off) << "):";
+
+    for(u32 i = auth_sample_pkeys_off, cnt = rta_hdr.keys.size(); i < cnt; ++i)
+      m << std::endl << rta_hdr.keys[i];
+
+    m << std::endl << "### DBG: keys of auth sample (cnt:" << auth_sample_pkeys.size() << "):";
+    for(const auto& k : auth_sample_pkeys) m << std::endl << k;
+    MDEBUG(m.str());
+  }
+#endif
+
+  return ok;
+}
+
+bool check_rta_signatures(const std::vector<rta_signature>& rta_signs,
+  const rta_header& rta_hdr, const crypto::hash& txid, const u32 auth_sample_pkeys_off)
+{
+  bool ok = true;
+  for(const auto& rs : rta_signs)
+  {
+    const i32 idx = rs.key_index + auth_sample_pkeys_off;
+
+    if(idx > (i32)(rta_hdr.keys.size() - 1))
+    {
+      MERROR("Fail at check_rta_signatures - out of index!");
+      return false;
+    }
+
+    const auto& key = rta_hdr.keys[idx];
+    if(!crypto::check_signature(txid, key, rs.signature))
+    {
+      MERROR("Failed to validate rta tx " << std::endl
+        << "signature: " << epee::string_tools::pod_to_hex(rs.signature) << std::endl
+        << "for key: " << key << std::endl
+        << "tx-id:    " << epee::string_tools::pod_to_hex(txid));
+      ok = false;
+      break;
+    }
+  }
+  return ok;
+}
+
+bool check_rta_keys_count(const rta_header& rta_hdr, const crypto::hash& txid)
+{
+  const uint32_t cnt = rta_hdr.keys.size();
+
+  // so far there can be cases when we have only graft::generator::AUTH_SAMPLE_SIZE
+  // records (3 starting are missing)
+  const bool ok = (cnt == graft::generator::AUTH_SAMPLE_SIZE) 
+    || (cnt == (3 + graft::generator::AUTH_SAMPLE_SIZE));
+
+  if(!ok)
+    MERROR("Failed to validate rta tx, wrong amount ("
+      << cnt << ") of auth sample keys for tx:" << txid << ". Expected "
+      << (3 + graft::generator::AUTH_SAMPLE_SIZE));
+
+  return ok;
+}
+
+bool check_rta_sign_key_indexes(const std::vector<rta_signature>& rta_signs,
+  const crypto::hash& txid, const u32 auth_sample_pkeys_off)
+{
+  bool ok = true;
+  for(const auto& rs : rta_signs)
+  {
+    if((rs.key_index < auth_sample_pkeys_off)
+      || (rs.key_index > (auth_sample_pkeys_off + graft::generator::AUTH_SAMPLE_SIZE - 1)))
+    {
+      MERROR("Signature: " << rs.signature << " has wrong key index: "
+        << rs.key_index << ", tx: " << txid);
+      ok = false;
+      break;
+    }
+  }
+  return ok;
+}
+
+bool check_rta_sign_count(const std::vector<rta_signature>& rta_signs, const crypto::hash& txid)
+{
+  const uint32_t cnt = rta_signs.size();
+  // according to spec/design there can be 6-8 signatures and we do check it in here
+  const bool ok = !((cnt < 6) || (cnt > graft::generator::AUTH_SAMPLE_SIZE));
+  if(!ok)
+    MERROR("Wrong amount of signatures:" << cnt << " for tx:" << txid << " It should be 6-"
+      << graft::generator::AUTH_SAMPLE_SIZE << ".");
+  return ok;
+}
+
+u32 get_auth_sample_public_key_offset(const rta_header& rta_hdr)
+{
+  return (rta_hdr.keys.size() == 8) ? 0 : 3; // supernode public keys offset
+}
+
+}
+
+

src/common/rta_kit.h

@@ -0,0 +1,56 @@
+// Copyright (c) 2019, The Graft Project
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without modification, are
+// permitted provided that the following conditions are met:
+//
+// 1. Redistributions of source code must retain the above copyright notice, this list of
+//    conditions and the following disclaimer.
+//
+// 2. Redistributions in binary form must reproduce the above copyright notice, this list
+//    of conditions and the following disclaimer in the documentation and/or other
+//    materials provided with the distribution.
+//
+// 3. Neither the name of the copyright holder nor the names of its contributors may be
+//    used to endorse or promote products derived from this software without specific
+//    prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY
+// EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
+// THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+// PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+// THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+// Parts of this file are originally copyright (c) 2014-2019 The Monero Project
+
+#include <cstdint> // for std::uint32_t and such
+#include <vector>
+
+namespace cryptonote { struct rta_signature; struct rta_header; }
+namespace crypto { struct hash; struct public_key; }
+
+namespace rta::flow2::validation {
+
+using i32 = std::int32_t;
+using u32 = std::uint32_t;
+
+using cryptonote::rta_signature;
+using cryptonote::rta_header;
+
+bool belongs_to_auth_sample(const std::vector<crypto::public_key>& auth_sample_pkeys, 
+  const rta_header& rta_hdr, u32 auth_sample_pkeys_off);
+
+bool check_rta_signatures(const std::vector<rta_signature>& rta_signs, const rta_header& rta_hdr, const crypto::hash& txid, u32 auth_sample_pkeys_off);
+
+bool check_rta_sign_count(const std::vector<rta_signature>& rta_signs, const crypto::hash& txid);
+bool check_rta_keys_count(const rta_header& rta_hdr, const crypto::hash& txid);
+bool check_rta_sign_key_indexes(const std::vector<rta_signature>& rta_signs, const crypto::hash& txid, u32 auth_sample_pkeys_off);
+u32 get_auth_sample_public_key_offset(const rta_header& rta_hdr);
+
+}
+

src/cryptonote_core/stake_transaction_processor.cpp

@@ -614,3 +614,18 @@ void StakeTransactionProcessor::invoke_update_blockchain_based_list_handler(bool
 
   invoke_update_blockchain_based_list_handler_impl(depth);
 }
+
+bool StakeTransactionProcessor::get_auth_sample_keys(const uint64_t auth_sample_height,
+  const std::string& payment_id, std::vector<crypto::public_key>& auth_sample_keys) const
+{
+  const size_t depth = m_blockchain_based_list->block_height() - auth_sample_height;
+  auto& tiers = m_blockchain_based_list->tiers(depth);
+  auto bbl_idxs = makeBBLindexes(tiers);
+
+  std::vector<TI> bbqs_idxs;
+  graft::generator::select_AuthSample(payment_id, bbl_idxs, bbqs_idxs);
+  auth_sample_keys = fromIndexes(tiers, bbqs_idxs);
+
+  return (auth_sample_keys.size() == graft::generator::AUTH_SAMPLE_SIZE);
+}
+

src/cryptonote_core/stake_transaction_processor.h

@@ -44,6 +44,8 @@ class StakeTransactionProcessor
   /// Force invoke update handler for blockchain based list
   void invoke_update_blockchain_based_list_handler(bool force = true, size_t depth = 1);
 
+  bool get_auth_sample_keys(uint64_t auth_sample_height, const std::string& payment_id, std::vector<crypto::public_key>& auth_sample_keys) const;
+
 private:
   void init_storages_impl();
   void process_block(uint64_t block_index, const block& block, const crypto::hash& block_hash, bool update_storage = true);

src/cryptonote_core/tx_pool.cpp

@@ -41,6 +41,7 @@
 #include "blockchain_db/blockchain_db.h"
 #include "common/boost_serialization_helper.h"
 #include "common/int-util.h"
+#include "common/rta_kit.h"
 #include "misc_language.h"
 #include "warnings.h"
 #include "common/perf_timer.h"
@@ -1084,17 +1085,35 @@ namespace cryptonote
   {
     return true;
   }
-
   //---------------------------------------------------------------------------------
+
   bool tx_memory_pool::validate_rta_tx(const crypto::hash &txid, const std::vector<rta_signature> &rta_signs, const rta_header &rta_hdr) const
   {
     bool result = true;
 
+    if(!rta::flow2::validation::check_rta_sign_count(rta_signs, txid))
+      return false;
+
+    if(!rta::flow2::validation::check_rta_keys_count(rta_hdr, txid))
+      return false;
+
+    const auto auth_sample_pkeys_off =
+      rta::flow2::validation::get_auth_sample_public_key_offset(rta_hdr);
+
+    if(!rta::flow2::validation::check_rta_sign_key_indexes(rta_signs, txid, auth_sample_pkeys_off))
+      return false;
+
+    if(!rta::flow2::validation::check_rta_signatures(rta_signs, rta_hdr, txid, auth_sample_pkeys_off))
+      return false;
+
+#if 0 
+
     if (rta_hdr.keys.size() == 0) {
       MERROR("Failed to validate rta tx, missing auth sample keys for tx: " << txid );
       return false;
     }
-#if 0  // don't validate signatures for rta mining
+
+    // don't validate signatures for rta mining
     if (rta_hdr.keys.size() != rta_signs.size()) {
       MERROR("Failed to validate rta tx: " << txid << ", keys.size() != signatures.size()");
       return false;
@@ -1116,6 +1135,17 @@ namespace cryptonote
       }
     }
 #endif
+
+    std::vector<crypto::public_key> ask;  // auth sample keys
+    if(!m_stp->get_auth_sample_keys(rta_hdr.auth_sample_height, rta_hdr.payment_id, ask))
+    {
+      MERROR("Obtaining of auth sample keys is failed");
+      return false;
+    }
+
+    if(!rta::flow2::validation::belongs_to_auth_sample(ask, rta_hdr, auth_sample_pkeys_off))
+      return false;
+
     for (const crypto::public_key &key : rta_hdr.keys) {
       result &= validate_supernode(rta_hdr.auth_sample_height, key);
       if (!result) {
@@ -1133,3 +1163,4 @@ namespace cryptonote
     return stake ? stake->amount >= config::graft::TIER1_STAKE_AMOUNT : false;
   };
 }
+

src/utils/sample_generator.h

@@ -134,11 +134,6 @@ bool selectSample(size_t sample_size, const Tiers& bbl_tiers, std::vector<T>& ou
         auto& dst = tier_supernodes[i];
         dst.reserve(sample_size);
         uniform_select(do_not_seed{}, sample_size, src, dst);
-        if (dst.size() != sample_size)
-        {
-          LOG_ERROR("unable to select supernodes for " << prefix << " sample");
-          return false;
-        }
         MDEBUG("..." << dst.size() << " supernodes has been selected for tier " << (i + 1) << " from blockchain based list with " << src.size() << " supernodes");
     }
 

tests/supernode_tests/CMakeLists.txt

@@ -36,6 +36,7 @@ set(supernode_tests_sources
   walletproxy_test.cpp
   graft_wallet_tests.cpp
   graft_splitted_tx_test.cpp
+  rta_tx_validation.cpp
 )
 
 set(supernode_tests_headers
@@ -74,3 +75,4 @@ endif ()
 add_test(
   NAME    supernode_tests
   COMMAND supernode_tests)
+