validate malfeasance proof before saving to db (#4535)

## Motivation Closes #4527
spacemeshos · Jun 17, 2023 · 5a38fdc · 5a38fdc
1 parent 2f7e73e
commit 5a38fdc
Show file tree

Hide file tree

Showing 14 changed files with 265 additions and 162 deletions.
diff --git a/activation/handler.go b/activation/handler.go
@@ -15,6 +15,7 @@ import (
 	"github.com/spacemeshos/go-spacemesh/datastore"
 	"github.com/spacemeshos/go-spacemesh/events"
 	"github.com/spacemeshos/go-spacemesh/log"
+	"github.com/spacemeshos/go-spacemesh/malfeasance"
 	"github.com/spacemeshos/go-spacemesh/metrics"
 	"github.com/spacemeshos/go-spacemesh/p2p"
 	"github.com/spacemeshos/go-spacemesh/p2p/pubsub"
@@ -384,7 +385,9 @@ func (h *Handler) storeAtx(ctx context.Context, atx *types.VerifiedActivationTx)
 						Data: &atxProof,
 					},
 				}
-				if err := h.cdb.AddMalfeasanceProof(atx.SmesherID, proof, dbtx); err != nil {
+				if err := malfeasance.ValidateAndSave(ctx, h.log, h.cdb, dbtx, h.edVerifier, nil, &types.MalfeasanceGossip{
+					MalfeasanceProof: *proof,
+				}); err != nil && !errors.Is(err, malfeasance.ErrKnownProof) {
 					return fmt.Errorf("adding malfeasance proof: %w", err)
 				}
 				h.log.WithContext(ctx).With().Warning("smesher produced more than one atx in the same epoch",

diff --git a/datastore/store.go b/datastore/store.go
@@ -122,7 +122,7 @@ func (db *CachedDB) GetMalfeasanceProof(id types.NodeID) (*types.MalfeasanceProo
 	return proof, err
 }
 
-func (db *CachedDB) AddMalfeasanceProof(id types.NodeID, proof *types.MalfeasanceProof, dbtx *sql.Tx) error {
+func (db *CachedDB) AddMalfeasanceProof(id types.NodeID, proof *types.MalfeasanceProof, exec sql.Executor) error {
 	if id == types.EmptyNodeID {
 		log.Fatal("invalid argument to AddMalfeasanceProof")
 	}
@@ -132,11 +132,6 @@ func (db *CachedDB) AddMalfeasanceProof(id types.NodeID, proof *types.Malfeasanc
 		db.logger.Fatal("failed to encode MalfeasanceProof")
 	}
 
-	var exec sql.Executor = db
-	if dbtx != nil {
-		exec = dbtx
-	}
-
 	db.mu.Lock()
 	defer db.mu.Unlock()
 	if err = identities.SetMalicious(exec, id, encoded); err != nil {

diff --git a/datastore/store_test.go b/datastore/store_test.go
@@ -85,7 +85,7 @@ func TestMalfeasanceProof_Honest(t *testing.T) {
 			},
 		},
 	}
-	require.NoError(t, cdb.AddMalfeasanceProof(nodeID2, proof, nil))
+	require.NoError(t, cdb.AddMalfeasanceProof(nodeID2, proof, cdb))
 	bad, err = cdb.IsMalicious(nodeID2)
 	require.NoError(t, err)
 	require.True(t, bad)
@@ -112,7 +112,7 @@ func TestMalfeasanceProof_Dishonest(t *testing.T) {
 	}
 
 	nodeID1 := types.NodeID{1}
-	require.NoError(t, cdb.AddMalfeasanceProof(nodeID1, proof, nil))
+	require.NoError(t, cdb.AddMalfeasanceProof(nodeID1, proof, cdb))
 	require.Equal(t, 1, cdb.MalfeasanceCacheSize())
 
 	got, err := cdb.GetMalfeasanceProof(nodeID1)

diff --git a/hare/hare.go b/hare/hare.go
@@ -15,6 +15,7 @@ import (
 	"github.com/spacemeshos/go-spacemesh/datastore"
 	"github.com/spacemeshos/go-spacemesh/hare/config"
 	"github.com/spacemeshos/go-spacemesh/log"
+	"github.com/spacemeshos/go-spacemesh/malfeasance"
 	"github.com/spacemeshos/go-spacemesh/p2p/pubsub"
 	"github.com/spacemeshos/go-spacemesh/signing"
 	"github.com/spacemeshos/go-spacemesh/sql"
@@ -80,6 +81,10 @@ func (m defaultMesh) Ballot(bid types.BallotID) (*types.Ballot, error) {
 	return ballots.Get(m, bid)
 }
 
+func (m defaultMesh) Cache() *datastore.CachedDB {
+	return m.CachedDB
+}
+
 // Opt for configuring beacon protocol.
 type Opt func(*Hare)
 
@@ -120,7 +125,8 @@ type Hare struct {
 
 	factory consensusFactory
 
-	nodeID types.NodeID
+	nodeID      types.NodeID
+	sigVerifier malfeasance.SigVerifier
 
 	ctx    context.Context
 	cancel context.CancelFunc
@@ -184,6 +190,7 @@ func New(
 	}
 
 	h.nodeID = nid
+	h.sigVerifier = edVerifier
 	h.ctx, h.cancel = context.WithCancel(context.Background())
 
 	for _, opt := range opts {
@@ -625,21 +632,8 @@ func (h *Hare) malfeasanceLoop(ctx context.Context) {
 			if gossip.Eligibility == nil {
 				h.WithContext(ctx).Fatal("missing hare eligibility")
 			}
-			if malicious, err := h.msh.IsMalicious(gossip.Eligibility.NodeID); err != nil {
-				h.With().Error("failed to check identity",
-					log.Context(ctx),
-					gossip.Eligibility.NodeID,
-					log.Err(err),
-				)
-				continue
-			} else if malicious {
-				h.With().Debug("known malicious identity",
-					log.Context(ctx),
-					gossip.Eligibility.NodeID,
-				)
-				continue
-			}
-			if err := h.msh.AddMalfeasanceProof(gossip.Eligibility.NodeID, &gossip.MalfeasanceProof, nil); err != nil {
+			if err := malfeasance.ValidateAndSave(
+				ctx, h.Log, h.msh.Cache(), h.msh.Cache(), h.sigVerifier, nil, gossip); err != nil && !errors.Is(err, malfeasance.ErrKnownProof) {
 				h.With().Error("failed to save MalfeasanceProof",
 					log.Context(ctx),
 					gossip.Eligibility.NodeID,

diff --git a/hare/hare_test.go b/hare/hare_test.go
@@ -222,31 +222,40 @@ func TestHare_malfeasanceLoop(t *testing.T) {
 	lid := types.LayerID(11)
 	round := uint32(3)
 
+	sig, err := signing.NewEdSigner()
+	require.NoError(t, err)
+	cdb := datastore.NewCachedDB(sql.InMemory(), h.Log)
+	createIdentity(t, cdb.Database, sig)
+	proof := &types.HareProof{
+		Messages: [2]types.HareProofMsg{
+			{
+				InnerMsg: types.HareMetadata{
+					Layer:   lid,
+					Round:   round,
+					MsgHash: types.RandomHash(),
+				},
+				SmesherID: sig.NodeID(),
+				Signature: types.RandomEdSignature(),
+			},
+			{
+				InnerMsg: types.HareMetadata{
+					Layer:   lid,
+					Round:   round,
+					MsgHash: types.RandomHash(),
+				},
+				SmesherID: sig.NodeID(),
+				Signature: types.RandomEdSignature(),
+			},
+		},
+	}
+	proof.Messages[0].Signature = sig.Sign(signing.HARE, proof.Messages[0].SignedBytes())
+	proof.Messages[1].Signature = sig.Sign(signing.HARE, proof.Messages[1].SignedBytes())
 	gossip := types.MalfeasanceGossip{
 		MalfeasanceProof: types.MalfeasanceProof{
 			Layer: lid,
 			Proof: types.Proof{
 				Type: types.HareEquivocation,
-				Data: &types.HareProof{
-					Messages: [2]types.HareProofMsg{
-						{
-							InnerMsg: types.HareMetadata{
-								Layer:   lid,
-								Round:   round,
-								MsgHash: types.RandomHash(),
-							},
-							Signature: types.RandomEdSignature(),
-						},
-						{
-							InnerMsg: types.HareMetadata{
-								Layer:   lid,
-								Round:   round,
-								MsgHash: types.RandomHash(),
-							},
-							Signature: types.RandomEdSignature(),
-						},
-					},
-				},
+				Data: proof,
 			},
 		},
 		Eligibility: &types.HareEligibilityGossip{
@@ -263,8 +272,7 @@ func TestHare_malfeasanceLoop(t *testing.T) {
 	data, err := codec.Encode(&gossip)
 	require.NoError(t, err)
 	done := make(chan struct{})
-	mockMesh.EXPECT().IsMalicious(gossip.Eligibility.NodeID).Return(false, nil)
-	mockMesh.EXPECT().AddMalfeasanceProof(gossip.Eligibility.NodeID, &gossip.MalfeasanceProof, nil).Return(nil)
+	mockMesh.EXPECT().Cache().Return(cdb).AnyTimes()
 	mpubsub.EXPECT().Publish(gomock.Any(), pubsub.MalfeasanceProof, data).DoAndReturn(
 		func(_ context.Context, _ string, _ []byte) error {
 			close(done)

diff --git a/hare/interfaces.go b/hare/interfaces.go
@@ -4,7 +4,7 @@ import (
 	"context"
 
 	"github.com/spacemeshos/go-spacemesh/common/types"
-	"github.com/spacemeshos/go-spacemesh/sql"
+	"github.com/spacemeshos/go-spacemesh/datastore"
 )
 
 //go:generate mockgen -package=mocks -destination=./mocks/mocks.go -source=./interfaces.go
@@ -34,9 +34,8 @@ type mesh interface {
 	GetAtxHeader(types.ATXID) (*types.ActivationTxHeader, error)
 	Proposals(types.LayerID) ([]*types.Proposal, error)
 	Ballot(types.BallotID) (*types.Ballot, error)
-	IsMalicious(types.NodeID) (bool, error)
-	AddMalfeasanceProof(types.NodeID, *types.MalfeasanceProof, *sql.Tx) error
 	GetMalfeasanceProof(nodeID types.NodeID) (*types.MalfeasanceProof, error)
+	Cache() *datastore.CachedDB
 }
 
 type weakCoin interface {

diff --git a/hare/mocks/mocks.go b/hare/mocks/mocks.go