diff --git a/WORKSPACE b/WORKSPACE index a8ddfa39c..ab3bf592a 100644 --- a/WORKSPACE +++ b/WORKSPACE @@ -1575,3 +1575,10 @@ go_repository( commit = "e180dbdc8da04c4fa04272e875ce64949f38bd3e", importpath = "github.com/shibukawa/configdir", ) + +go_repository( + name = "com_github_libp2p_go_libp2p_noise", + importpath = "github.com/libp2p/go-libp2p-noise", + sum = "h1:J1gHJRNFEk7NdiaPQQqAvxEy+7hhCsVv3uzduWybmqY=", + version = "v0.0.0-20200302201340-8c54356e12c9", +) diff --git a/beacon-chain/p2p/BUILD.bazel b/beacon-chain/p2p/BUILD.bazel index 5d521cd64..b095a4277 100644 --- a/beacon-chain/p2p/BUILD.bazel +++ b/beacon-chain/p2p/BUILD.bazel @@ -34,6 +34,7 @@ go_library( "//beacon-chain/p2p/peers:go_default_library", "//proto/beacon/p2p/v1:go_default_library", "//shared:go_default_library", + "//shared/featureconfig:go_default_library", "//shared/hashutil:go_default_library", "//shared/iputils:go_default_library", "//shared/runutil:go_default_library", @@ -59,6 +60,7 @@ go_library( "@com_github_libp2p_go_libp2p_host//:go_default_library", "@com_github_libp2p_go_libp2p_kad_dht//:go_default_library", "@com_github_libp2p_go_libp2p_kad_dht//opts:go_default_library", + "@com_github_libp2p_go_libp2p_noise//:go_default_library", "@com_github_libp2p_go_libp2p_peerstore//:go_default_library", "@com_github_libp2p_go_libp2p_pubsub//:go_default_library", "@com_github_libp2p_go_libp2p_pubsub//pb:go_default_library", diff --git a/beacon-chain/p2p/options.go b/beacon-chain/p2p/options.go index 03c664b8d..019a20422 100644 --- a/beacon-chain/p2p/options.go +++ b/beacon-chain/p2p/options.go @@ -7,10 +7,12 @@ import ( "time" "github.com/libp2p/go-libp2p" + noise "github.com/libp2p/go-libp2p-noise" filter "github.com/libp2p/go-maddr-filter" "github.com/multiformats/go-multiaddr" ma "github.com/multiformats/go-multiaddr" "github.com/prysmaticlabs/prysm/beacon-chain/p2p/connmgr" + "github.com/prysmaticlabs/prysm/shared/featureconfig" ) // buildOptions for the libp2p host. @@ -28,6 +30,10 @@ func buildOptions(cfg *Config, ip net.IP, priKey *ecdsa.PrivateKey) []libp2p.Opt // water mark and continually trigger pruning. libp2p.ConnectionManager(connmgr.NewConnManager(int(cfg.MaxPeers+2), int(cfg.MaxPeers+2), 1*time.Second)), } + if featureconfig.Get().EnableNoise { + // Enable NOISE for the beacon node + options = append(options, libp2p.Security(noise.ID, noise.New)) + } if cfg.EnableUPnP { options = append(options, libp2p.NATPortMap()) //Allow to use UPnP } diff --git a/shared/featureconfig/config.go b/shared/featureconfig/config.go index 0c5d38c51..c9aee4492 100644 --- a/shared/featureconfig/config.go +++ b/shared/featureconfig/config.go @@ -45,7 +45,7 @@ type Flags struct { EnableDomainDataCache bool // EnableDomainDataCache caches validator calls to DomainData per epoch. EnableStateGenSigVerify bool // EnableStateGenSigVerify verifies proposer and randao signatures during state gen. CheckHeadState bool // CheckHeadState checks the current headstate before retrieving the desired state from the db. - + EnableNoise bool // EnableNoise enables the beacon node to use NOISE instead of SECIO when performing a handshake with another peer. // DisableForkChoice disables using LMD-GHOST fork choice to update // the head of the chain based on attestations and instead accepts any valid received block // as the chain head. UNSAFE, use with caution. @@ -154,6 +154,10 @@ func ConfigureBeaconChain(ctx *cli.Context) { log.Warn("Enabling check head state for chainservice") cfg.CheckHeadState = true } + if ctx.GlobalBool(enableNoiseHandshake.Name) { + log.Warn("Enabling noise handshake for peer") + cfg.EnableNoise = true + } Init(cfg) } diff --git a/shared/featureconfig/flags.go b/shared/featureconfig/flags.go index 769ff9f8c..c7c19300f 100644 --- a/shared/featureconfig/flags.go +++ b/shared/featureconfig/flags.go @@ -106,6 +106,11 @@ var ( Name: "check-head-state", Usage: "Enables the checking of head state in chainservice first before retrieving the desired state from the db.", } + enableNoiseHandshake = cli.BoolFlag{ + Name: "enable-noise", + Usage: "This enables the beacon node to use NOISE instead of SECIO for performing handshakes between peers and " + + "securing transports between peers", + } ) // Deprecated flags list. @@ -279,6 +284,7 @@ var BeaconChainFlags = append(deprecatedFlags, []cli.Flag{ enableByteMempool, enableStateGenSigVerify, checkHeadState, + enableNoiseHandshake, }...) // E2EBeaconChainFlags contains a list of the beacon chain feature flags to be tested in E2E.