lighthouse-pulse/validator_client/slashing_protection/tests/migration.rs
Michael Sproul e961ff60b4 Implement standard keystore API (#2736)
## Issue Addressed

Implements the standard key manager API from https://ethereum.github.io/keymanager-APIs/, formerly https://github.com/ethereum/beacon-APIs/pull/151
Related to https://github.com/sigp/lighthouse/issues/2557

## Proposed Changes

- [x] Add all of the new endpoints from the standard API: GET, POST and DELETE.
- [x] Add a `validators.enabled` column to the slashing protection database to support atomic disable + export.
- [x] Add tests for all the common sequential accesses of the API
- [x] Add tests for interactions with remote signer validators
- [x] Add end-to-end tests for migration of validators from one VC to another
- [x] Implement the authentication scheme from the standard (token bearer auth)

## Additional Info

The `enabled` column in the validators SQL database is necessary to prevent a race condition when exporting slashing protection data. Without the slashing protection database having a way of knowing that a key has been disabled, a concurrent request to sign a message could insert a new record into the database. The `delete_concurrent_with_signing` test exercises this code path, and was indeed failing before the `enabled` column was added.

The validator client authentication has been modified from basic auth to bearer auth, with basic auth preserved for backwards compatibility.
2022-01-30 23:22:04 +00:00

69 lines
2.3 KiB
Rust

//! Tests for upgrading a previous version of the database to the latest schema.
use slashing_protection::{NotSafe, SlashingDatabase};
use std::collections::HashMap;
use std::fs;
use std::path::{Path, PathBuf};
use tempfile::tempdir;
use types::Hash256;
fn test_data_dir() -> PathBuf {
Path::new(&std::env::var("CARGO_MANIFEST_DIR").unwrap()).join("migration-tests")
}
/// Copy `filename` from the test data dir to the temporary `dest` for testing.
fn make_copy(filename: &str, dest: &Path) -> PathBuf {
let source_file = test_data_dir().join(filename);
let dest_file = dest.join(filename);
fs::copy(source_file, &dest_file).unwrap();
dest_file
}
#[test]
fn add_enabled_column() {
let tmp = tempdir().unwrap();
let path = make_copy("v0_no_enabled_column.sqlite", tmp.path());
let num_expected_validators = 5;
// Database should open without errors, indicating successfull application of migrations.
// The input file has no `enabled` column, which should get added when opening it here.
let db = SlashingDatabase::open(&path).unwrap();
// Check that exporting an interchange file lists all the validators.
let interchange = db.export_all_interchange_info(Hash256::zero()).unwrap();
assert_eq!(interchange.data.len(), num_expected_validators);
db.with_transaction(|txn| {
// Check that all the validators are enabled and unique.
let uniq_validator_ids = interchange
.data
.iter()
.map(|data| {
let (validator_id, enabled) = db
.get_validator_id_with_status(txn, &data.pubkey)
.unwrap()
.unwrap();
assert!(enabled);
(validator_id, data.pubkey)
})
.collect::<HashMap<_, _>>();
assert_eq!(uniq_validator_ids.len(), num_expected_validators);
// Check that we can disable them all.
for (&validator_id, pubkey) in &uniq_validator_ids {
db.update_validator_status(txn, validator_id, false)
.unwrap();
let (loaded_id, enabled) = db
.get_validator_id_with_status(txn, pubkey)
.unwrap()
.unwrap();
assert_eq!(validator_id, loaded_id);
assert!(!enabled);
}
Ok::<_, NotSafe>(())
})
.unwrap();
}