mirror of
https://gitlab.com/pulsechaincom/prysm-pulse.git
synced 2025-01-03 08:37:37 +00:00
ef21d3adf8
* `EpochFromString`: Use already defined `Uint64FromString` function. * `Test_uint64FromString` => `Test_FromString` This test function tests more functions than `Uint64FromString`. * Slashing protection history: Remove unreachable code. The function `NewKVStore` creates, via `kv.UpdatePublicKeysBuckets`, a new item in the `proposal-history-bucket-interchange`. IMO there is no real reason to prefer `proposal` than `attestation` as a prefix for this bucket, but this is the way it is done right now and renaming the bucket will probably be backward incompatible. An `attestedPublicKey` cannot exist without the corresponding `proposedPublicKey`. Thus, the `else` portion of code removed in this commit is not reachable. We raise an error if we get there. This is also probably the reason why the removed `else` portion was not tested. * `NewKVStore`: Switch items in `createBuckets`. So the order corresponds to `schema.go` * `slashableAttestationCheck`: Fix comments and logs. * `ValidatorClient.db`: Use `iface.ValidatorDB`. * BoltDB database: Implement `GraffitiFileHash`. * Filesystem database: Creates `db.go`. This file defines the following structs: - `Store` - `Graffiti` - `Configuration` - `ValidatorSlashingProtection` This files implements the following public functions: - `NewStore` - `Close` - `Backup` - `DatabasePath` - `ClearDB` - `UpdatePublicKeysBuckets` This files implements the following private functions: - `slashingProtectionDirPath` - `configurationFilePath` - `configuration` - `saveConfiguration` - `validatorSlashingProtection` - `saveValidatorSlashingProtection` - `publicKeys` * Filesystem database: Creates `genesis.go`. This file defines the following public functions: - `GenesisValidatorsRoot` - `SaveGenesisValidatorsRoot` * Filesystem database: Creates `graffiti.go`. This file defines the following public functions: - `SaveGraffitiOrderedIndex` - `GraffitiOrderedIndex` * Filesystem database: Creates `migration.go`. This file defines the following public functions: - `RunUpMigrations` - `RunDownMigrations` * Filesystem database: Creates proposer_settings.go. This file defines the following public functions: - `ProposerSettings` - `ProposerSettingsExists` - `SaveProposerSettings` * Filesystem database: Creates `attester_protection.go`. This file defines the following public functions: - `EIPImportBlacklistedPublicKeys` - `SaveEIPImportBlacklistedPublicKeys` - `SigningRootAtTargetEpoch` - `LowestSignedTargetEpoch` - `LowestSignedSourceEpoch` - `AttestedPublicKeys` - `CheckSlashableAttestation` - `SaveAttestationForPubKey` - `SaveAttestationsForPubKey` - `AttestationHistoryForPubKey` * Filesystem database: Creates `proposer_protection.go`. This file defines the following public functions: - `HighestSignedProposal` - `LowestSignedProposal` - `ProposalHistoryForPubKey` - `ProposalHistoryForSlot` - `ProposedPublicKeys` * Ensure that the filesystem store implements the `ValidatorDB` interface. * `slashableAttestationCheck`: Check the database type. * `slashableProposalCheck`: Check the database type. * `slashableAttestationCheck`: Allow usage of minimal slashing protection. * `slashableProposalCheck`: Allow usage of minimal slashing protection. * `ImportStandardProtectionJSON`: Check the database type. * `ImportStandardProtectionJSON`: Allow usage of min slashing protection. * Implement `RecursiveDirFind`. * Implement minimal<->complete DB conversion. 3 public functions are implemented: - `IsCompleteDatabaseExisting` - `IsMinimalDatabaseExisting` - `ConvertDatabase` * `setupDB`: Add `isSlashingProtectionMinimal` argument. The feature addition is located in `validator/node/node_test.go`. The rest of this commit consists in minimal slashing protection testing. * `setupWithKey`: Add `isSlashingProtectionMinimal` argument. The feature addition is located in `validator/client/propose_test.go`. The rest of this commit consists in tests wrapping. * `setup`: Add `isSlashingProtectionMinimal` argument. The added feature is located in the `validator/client/propose_test.go` file. The rest of this commit consists in tests wrapping. * `initializeFromCLI` and `initializeForWeb`: Factorize db init. * Add `convert-complete-to-minimal` command. * Creates `--enable-minimal-slashing-protection` flag. * `importSlashingProtectionJSON`: Check database type. * `exportSlashingProtectionJSON`: Check database type. * `TestClearDB`: Test with minimal slashing protection. * KeyManager: Test with minimal slashing protection. * RPC: KeyManager: Test with minimal slashing protection. * `convert-complete-to-minimal`: Change option names. Options were: - `--source` (for source data directory), and - `--target` (for target data directory) However, since this command deals with slashing protection, which has source (epochs) and target (epochs), the initial option names may confuse the user. In this commit: `--source` ==> `--source-data-dir` `--target` ==> `--target-data-dir` * Set `SlashableAttestationCheck` as an iface method. And delete `CheckSlashableAttestation` from iface. * Move helpers functions in a more general directory. No functional change. * Extract common structs out of `kv`. ==> `filesystem` does not depend anymore on `kv`. ==> `iface` does not depend anymore on `kv`. ==> `slashing-protection` does not depend anymore on `kv`. * Move `ValidateMetadata` in `validator/helpers`. * `ValidateMetadata`: Test with mock. This way, we can: - Avoid any circular import for tests. - Implement once for all `iface.ValidatorDB` implementations the `ValidateMetadata`function. - Have tests (and coverage) of `ValidateMetadata`in its own package. The ideal solution would have been to implement `ValidateMetadata` as a method with the `iface.ValidatorDB`receiver. Unfortunately, golang does not allow that. * `iface.ValidatorDB`: Implement ImportStandardProtectionJSON. The whole purpose of this commit is to avoid the `switch validatorDB.(type)` in `ImportStandardProtectionJSON`. * `iface.ValidatorDB`: Implement `SlashableProposalCheck`. * Remove now useless `slashableProposalCheck`. * Delete useless `ImportStandardProtectionJSON`. * `file.Exists`: Detect directories and return an error. Before, `Exists` was only able to detect if a file exists. Now, this function takes an extra `File` or `Directory` argument. It detects either if a file or a directory exists. Before, if an error was returned by `os.Stat`, the the file was considered as non existing. Now, it is treated as a real error. * Replace `os.Stat` by `file.Exists`. * Remove `Is{Complete,Minimal}DatabaseExisting`. * `publicKeys`: Add log if unexpected file found. * Move `{Source,Target}DataDirFlag`in `db.go`. * `failedAttLocalProtectionErr`: `var`==> `const` * `signingRoot`: `32`==> `fieldparams.RootLength`. * `validatorClientData`==> `validator-client-data`. To be consistent with `slashing-protection`. * Add progress bars for `import` and `convert`. * `parseBlocksForUniquePublicKeys`: Move in `db/kv`. * helpers: Remove unused `initializeProgressBar` function.
145 lines
4.9 KiB
Go
145 lines
4.9 KiB
Go
package local
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
"github.com/fsnotify/fsnotify"
|
|
"github.com/pkg/errors"
|
|
"github.com/prysmaticlabs/prysm/v5/async"
|
|
"github.com/prysmaticlabs/prysm/v5/config/features"
|
|
fieldparams "github.com/prysmaticlabs/prysm/v5/config/fieldparams"
|
|
"github.com/prysmaticlabs/prysm/v5/crypto/bls"
|
|
"github.com/prysmaticlabs/prysm/v5/encoding/bytesutil"
|
|
"github.com/prysmaticlabs/prysm/v5/io/file"
|
|
"github.com/prysmaticlabs/prysm/v5/validator/keymanager"
|
|
keystorev4 "github.com/wealdtech/go-eth2-wallet-encryptor-keystorev4"
|
|
)
|
|
|
|
// Listen for changes to the all-accounts.keystore.json file in our wallet
|
|
// to load in new keys we observe into our keymanager. This uses the fsnotify
|
|
// library to listen for file-system changes and debounces these events to
|
|
// ensure we can handle thousands of events fired in a short time-span.
|
|
func (km *Keymanager) listenForAccountChanges(ctx context.Context) {
|
|
debounceFileChangesInterval := features.Get().KeystoreImportDebounceInterval
|
|
accountsFilePath := filepath.Join(km.wallet.AccountsDir(), AccountsPath, AccountsKeystoreFileName)
|
|
exists, err := file.Exists(accountsFilePath, file.Regular)
|
|
|
|
if err != nil {
|
|
log.WithError(err).Errorf("Could not check if file exists: %s", accountsFilePath)
|
|
return
|
|
}
|
|
|
|
if !exists {
|
|
log.Warnf("Starting without accounts located in wallet at %s", accountsFilePath)
|
|
return
|
|
}
|
|
|
|
watcher, err := fsnotify.NewWatcher()
|
|
if err != nil {
|
|
log.WithError(err).Error("Could not initialize file watcher")
|
|
return
|
|
}
|
|
defer func() {
|
|
if err := watcher.Close(); err != nil {
|
|
log.WithError(err).Error("Could not close file watcher")
|
|
}
|
|
}()
|
|
if err := watcher.Add(accountsFilePath); err != nil {
|
|
log.WithError(err).Errorf("Could not add file %s to file watcher", accountsFilePath)
|
|
return
|
|
}
|
|
ctx, cancel := context.WithCancel(ctx)
|
|
defer cancel()
|
|
fileChangesChan := make(chan interface{}, 100)
|
|
defer close(fileChangesChan)
|
|
|
|
// We debounce events sent over the file changes channel by an interval
|
|
// to ensure we are not overwhelmed by a ton of events fired over the channel in
|
|
// a short span of time.
|
|
go async.Debounce(ctx, debounceFileChangesInterval, fileChangesChan, func(event interface{}) {
|
|
ev, ok := event.(fsnotify.Event)
|
|
if !ok {
|
|
log.Errorf("Type %T is not a valid file system event", event)
|
|
return
|
|
}
|
|
km.reloadAccountsFromKeystoreFile(ev.Name)
|
|
})
|
|
for {
|
|
select {
|
|
case event := <-watcher.Events:
|
|
// If a file was modified, we attempt to read that file
|
|
// and parse it into our accounts store.
|
|
fileChangesChan <- event
|
|
case err := <-watcher.Errors:
|
|
log.WithError(err).Errorf("Could not watch for file changes for: %s", accountsFilePath)
|
|
case <-ctx.Done():
|
|
return
|
|
}
|
|
}
|
|
}
|
|
|
|
func (km *Keymanager) reloadAccountsFromKeystoreFile(accountsFilePath string) {
|
|
if km.wallet == nil {
|
|
log.Error("Could not reload accounts because wallet was undefined")
|
|
return
|
|
}
|
|
fileBytes, err := os.ReadFile(filepath.Clean(accountsFilePath))
|
|
if err != nil {
|
|
log.WithError(err).Errorf("Could not read file at path: %s", accountsFilePath)
|
|
return
|
|
}
|
|
if fileBytes == nil {
|
|
log.WithError(err).Errorf("Loaded in an empty file: %s", accountsFilePath)
|
|
return
|
|
}
|
|
accountsKeystore := &AccountsKeystoreRepresentation{}
|
|
if err := json.Unmarshal(fileBytes, accountsKeystore); err != nil {
|
|
log.WithError(
|
|
err,
|
|
).Errorf("Could not read valid, EIP-2335 keystore json file at path: %s", accountsFilePath)
|
|
return
|
|
}
|
|
if err := km.reloadAccountsFromKeystore(accountsKeystore); err != nil {
|
|
log.WithError(
|
|
err,
|
|
).Error("Could not replace the accounts store from keystore file")
|
|
}
|
|
}
|
|
|
|
// Replaces the accounts store struct in the local keymanager with
|
|
// the contents of a keystore file by decrypting it with the accounts password.
|
|
func (km *Keymanager) reloadAccountsFromKeystore(keystore *AccountsKeystoreRepresentation) error {
|
|
decryptor := keystorev4.New()
|
|
encodedAccounts, err := decryptor.Decrypt(keystore.Crypto, km.wallet.Password())
|
|
if err != nil {
|
|
return errors.Wrap(err, "could not decrypt keystore file")
|
|
}
|
|
newAccountsStore := &accountStore{}
|
|
if err := json.Unmarshal(encodedAccounts, newAccountsStore); err != nil {
|
|
return err
|
|
}
|
|
if len(newAccountsStore.PublicKeys) != len(newAccountsStore.PrivateKeys) {
|
|
return errors.New("number of public and private keys in keystore do not match")
|
|
}
|
|
|
|
pubKeys := make([][fieldparams.BLSPubkeyLength]byte, len(newAccountsStore.PublicKeys))
|
|
for i := 0; i < len(newAccountsStore.PrivateKeys); i++ {
|
|
privKey, err := bls.SecretKeyFromBytes(newAccountsStore.PrivateKeys[i])
|
|
if err != nil {
|
|
return errors.Wrap(err, "could not initialize private key")
|
|
}
|
|
pubKeyBytes := privKey.PublicKey().Marshal()
|
|
pubKeys[i] = bytesutil.ToBytes48(pubKeyBytes)
|
|
}
|
|
km.accountsStore = newAccountsStore
|
|
if err := km.initializeKeysCachesFromKeystore(); err != nil {
|
|
return err
|
|
}
|
|
log.Info(keymanager.KeysReloaded)
|
|
km.accountsChangedFeed.Send(pubKeys)
|
|
return nil
|
|
}
|