Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Responding to audits #61

Closed
wants to merge 13 commits into from
Closed
Show file tree
Hide file tree
Changes from 12 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions light-client/src/client.rs
Original file line number Diff line number Diff line change
Expand Up @@ -559,7 +559,7 @@ mod test {
fn test_success_create_client() {
let client_state = hex!("0a272f6962632e6c69676874636c69656e74732e7061726c69612e76312e436c69656e745374617465124d08381214151f3951fa218cac426edfe078fa9e5c6dcea5001a2000000000000000000000000000000000000000000000000000000000000000002205109b9ea90f2a040880a305320410c0843d").to_vec();
let consensus_state = hex!("0a2a2f6962632e6c69676874636c69656e74732e7061726c69612e76312e436f6e73656e7375735374617465126c0a2056e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b42110de82d5a8061a209c59cf0b5717cb6e2bd8620b7f3481605c8abcd45636bdf45c86db06338f0c5e22207a1dede35f5c835fecdc768324928cd0d9d9161e8529e1ba1e60451f3a9d088a").to_vec();
let client = ParliaLightClient::default();
let client = ParliaLightClient;
let mock_consensus_state = BTreeMap::new();
let ctx = MockClientReader {
client_state: None,
Expand Down Expand Up @@ -641,7 +641,7 @@ mod test {
) {
let any: Any = header.try_into().unwrap();
let header = Header::try_from(any.clone()).unwrap();
let client = ParliaLightClient::default();
let client = ParliaLightClient;
let client_id = ClientId::new(&client.client_type(), 1).unwrap();
let mut mock_consensus_state = BTreeMap::new();
let trusted_cs = ConsensusState {
Expand Down Expand Up @@ -711,7 +711,7 @@ mod test {
#[rstest]
#[case::localnet(localnet())]
fn test_success_update_state_continuous(#[case] hp: Box<dyn Network>) {
let client = ParliaLightClient::default();
let client = ParliaLightClient;
let client_id = ClientId::new(&client.client_type(), 1).unwrap();
let header_groups = hp.success_update_client_continuous_input();

Expand Down Expand Up @@ -768,7 +768,7 @@ mod test {
let header = input.header;
let any: Any = header.try_into().unwrap();

let client = ParliaLightClient::default();
let client = ParliaLightClient;
let client_id = ClientId::new(&client.client_type(), 1).unwrap();
let mut mock_consensus_state = BTreeMap::new();

Expand Down Expand Up @@ -845,7 +845,7 @@ mod test {
let header = Header::try_from(input.clone()).unwrap();
let trusted_height = header.trusted_height();

let client = ParliaLightClient::default();
let client = ParliaLightClient;
let client_id = ClientId::new(&client.client_type(), 1).unwrap();
let mut mock_consensus_state = BTreeMap::new();
mock_consensus_state.insert(trusted_height, ConsensusState::default());
Expand Down Expand Up @@ -945,7 +945,7 @@ mod test {
latest_height: Height,
frozen: bool,
) -> Result<VerifyMembershipResult, light_client::Error> {
let client = ParliaLightClient::default();
let client = ParliaLightClient;
let client_id = ClientId::new(client.client_type().as_str(), 0).unwrap();
let mut mock_consensus_state = BTreeMap::new();
mock_consensus_state.insert(
Expand Down Expand Up @@ -976,7 +976,7 @@ mod test {

#[test]
fn test_success_submit_misbehavior() {
let client = ParliaLightClient::default();
let client = ParliaLightClient;
let client_id = ClientId::new(client.client_type().as_str(), 1).unwrap();

// Detect misbehavior
Expand Down Expand Up @@ -1039,7 +1039,7 @@ mod test {
consensus_state: BTreeMap::new(),
};

let client = ParliaLightClient::default();
let client = ParliaLightClient;
let client_id = ClientId::new(client.client_type().as_str(), 1).unwrap();

// fail: exactly same block
Expand Down
18 changes: 7 additions & 11 deletions light-client/src/errors.rs
Original file line number Diff line number Diff line change
Expand Up @@ -80,11 +80,10 @@ pub enum Error {
MissingTurnLengthInEpochBlock(BlockNumber),
MissingEpochInfoInEpochBlock(BlockNumber),
MissingNextValidatorSet(BlockNumber),
MissingCurrentValidatorSet(BlockNumber),
UnexpectedPreviousValidatorsHash(Height, Height, Hash, Hash),
UnexpectedCurrentValidatorsHash(Height, Height, Hash, Hash),
InvalidVerifyingHeaderLength(BlockNumber, usize),
InsufficientTrustedValidatorsInUntrustedValidators(Hash, usize, usize),
InsufficientHonestValidator(Hash, usize, usize),
MissingValidatorToVerifySeal(BlockNumber),
MissingValidatorToVerifyVote(BlockNumber),
UnexpectedNextCheckpointHeader(BlockNumber, BlockNumber),
Expand All @@ -94,6 +93,7 @@ pub enum Error {
UnexpectedDifficultyNoTurn(BlockNumber, u64, usize),
UnexpectedUntrustedValidatorsHashInEpoch(Height, Height, Hash, Hash),
UnexpectedCurrentValidatorsHashInEpoch(Height, Height, Hash, Hash),
UnexpectedUntrustedValidators(BlockNumber, BlockNumber),

// Vote attestation
UnexpectedTooManyHeadersToFinalize(BlockNumber, usize),
Expand Down Expand Up @@ -309,19 +309,12 @@ impl core::fmt::Display for Error {
Error::UnexpectedVoteRelation(e1, e2, e3) => {
write!(f, "UnexpectedVoteRelation : {} {} {:?}", e1, e2, e3)
}
Error::InsufficientTrustedValidatorsInUntrustedValidators(e1, e2, e3) => {
write!(
f,
"InsufficientTrustedValidatorsInUntrustedValidators : {:?} {} {}",
e1, e2, e3
)
Error::InsufficientHonestValidator(e1, e2, e3) => {
write!(f, "InsufficientHonestValidator : {:?} {} {}", e1, e2, e3)
}
Error::MissingNextValidatorSet(e1) => {
write!(f, "MissingNextValidatorSet : {}", e1)
}
Error::MissingCurrentValidatorSet(e1) => {
write!(f, "MissingCurrentValidatorSet : {}", e1)
}
Error::MissingValidatorToVerifySeal(e1) => {
write!(f, "MissingValidatorToVerifySeal : {:?}", e1)
}
Expand Down Expand Up @@ -372,6 +365,9 @@ impl core::fmt::Display for Error {
e1, e2, e3, e4
)
}
Error::UnexpectedUntrustedValidators(e1, e2) => {
write!(f, "UnexpectedUntrustedValidators : {} {}", e1, e2)
}
}
}
}
Expand Down
116 changes: 55 additions & 61 deletions light-client/src/header/epoch.rs
Original file line number Diff line number Diff line change
Expand Up @@ -57,53 +57,56 @@ impl<'a> TrustedEpoch<'a> {
pub fn new(inner: &'a Epoch) -> Self {
Self { inner }
}
}

#[derive(Clone, Debug, PartialEq)]
pub struct UntrustedEpoch<'a> {
inner: &'a Epoch,
}

impl<'a> UntrustedEpoch<'a> {
pub fn new(inner: &'a Epoch) -> Self {
Self { inner }
}
pub fn checkpoint(&self) -> u64 {
self.inner.checkpoint()
}
pub fn try_borrow(&'a self, trusted_epoch: &TrustedEpoch) -> Result<&'a Epoch, Error> {
let (result, found, required) = self.contains(trusted_epoch);
pub fn verify_untrusted_voters(&self, untrusted_voter: &Validators) -> Result<(), Error> {
let (result, found, required) =
self.contains_at_least_one_honest_validator(untrusted_voter);
if result {
return Ok(self.inner);
return Ok(());
}
Err(Error::InsufficientTrustedValidatorsInUntrustedValidators(
Err(Error::InsufficientHonestValidator(
self.inner.hash,
found,
required,
))
}

fn contains(&self, trusted_epoch: &TrustedEpoch) -> (bool, usize, usize) {
let trusted_validators = trusted_epoch.validators();
pub fn contains_at_least_one_honest_validator(
&self,
untrusted_voters: &Validators,
) -> (bool, usize, usize) {
let mut trusted_validator_count = 0;
for x1 in self.inner.validators() {
if trusted_validators.contains(x1) {
for x1 in untrusted_voters {
if self.validators().contains(x1) {
trusted_validator_count += 1;
}
}
let required = Self::threshold(trusted_validators.len());
let required = Self::threshold(self.validators().len());
(
trusted_validator_count >= required,
trusted_validator_count,
required,
)
}

fn threshold(validators_len: usize) -> usize {
validators_len - ceil_div(validators_len * 2, 3) + 1
}
}

#[derive(Clone, Debug, PartialEq)]
pub struct UntrustedEpoch<'a> {
inner: &'a Epoch,
}

impl<'a> UntrustedEpoch<'a> {
pub fn new(inner: &'a Epoch) -> Self {
Self { inner }
}
pub fn checkpoint(&self) -> u64 {
self.inner.checkpoint()
}
}

#[derive(Clone, Debug, PartialEq)]
pub enum EitherEpoch<'a> {
Trusted(TrustedEpoch<'a>),
Expand All @@ -117,16 +120,23 @@ impl<'a> EitherEpoch<'a> {
EitherEpoch::Untrusted(v) => v.checkpoint(),
}
}

pub fn epoch(&self) -> &'a Epoch {
match self {
EitherEpoch::Trusted(v) => v.inner,
EitherEpoch::Untrusted(v) => v.inner,
}
}
}

#[cfg(test)]
mod test {
use crate::errors::Error;
use crate::header::epoch::{Epoch, TrustedEpoch, UntrustedEpoch, ValidatorSet};
use crate::header::epoch::{Epoch, TrustedEpoch, ValidatorSet};

#[test]
pub fn test_untrusted_epoch_try_borrow() {
let mut _assert_trusted = |x, y, c_val_borrowable| {
pub fn test_verify_voter() {
let mut _assert_trusted = |x, y, success: bool| {
let trusted_validators: ValidatorSet = vec![
vec![1],
vec![2],
Expand All @@ -139,34 +149,18 @@ mod test {
.into();
let trusted_epoch = Epoch::new(trusted_validators, 1);
let trusted_epoch = TrustedEpoch::new(&trusted_epoch);
let untrusted_epoch = Epoch::new(
ValidatorSet {
validators: x,
hash: [0; 32],
},
1,
);
let untrusted_epoch = UntrustedEpoch::new(&untrusted_epoch);
let (result, count, required) = untrusted_epoch.contains(&trusted_epoch);
assert_eq!(result, c_val_borrowable);
let (result, count, required) =
trusted_epoch.contains_at_least_one_honest_validator(&x);
assert_eq!(result, success);
assert_eq!(count, y);
assert_eq!(required, 3);
match untrusted_epoch.try_borrow(&trusted_epoch) {
Ok(borrowed) => {
if c_val_borrowable {
assert_eq!(borrowed, untrusted_epoch.inner);
} else {
unreachable!("unexpected borrowed")
}
}
match trusted_epoch.verify_untrusted_voters(&x) {
Ok(_) => assert!(success),
Err(e) => {
if c_val_borrowable {
unreachable!("unexpected error {:?}", e);
} else {
match e {
Error::InsufficientTrustedValidatorsInUntrustedValidators(_, _, _) => {}
e => unreachable!("unexpected error type {:?}", e),
}
assert!(!success);
match e {
Error::InsufficientHonestValidator(_, _, _) => {}
e => unreachable!("unexpected error type {:?}", e),
}
}
}
Expand Down Expand Up @@ -302,15 +296,15 @@ mod test {

#[test]
pub fn test_trust_threshold() {
assert_eq!(1, UntrustedEpoch::threshold(1));
assert_eq!(1, UntrustedEpoch::threshold(2));
assert_eq!(2, UntrustedEpoch::threshold(3));
assert_eq!(2, UntrustedEpoch::threshold(4));
assert_eq!(2, UntrustedEpoch::threshold(5));
assert_eq!(3, UntrustedEpoch::threshold(6));
assert_eq!(3, UntrustedEpoch::threshold(7));
assert_eq!(3, UntrustedEpoch::threshold(8));
assert_eq!(4, UntrustedEpoch::threshold(9));
assert_eq!(8, UntrustedEpoch::threshold(21));
assert_eq!(1, TrustedEpoch::threshold(1));
assert_eq!(1, TrustedEpoch::threshold(2));
assert_eq!(2, TrustedEpoch::threshold(3));
assert_eq!(2, TrustedEpoch::threshold(4));
assert_eq!(2, TrustedEpoch::threshold(5));
assert_eq!(3, TrustedEpoch::threshold(6));
assert_eq!(3, TrustedEpoch::threshold(7));
assert_eq!(3, TrustedEpoch::threshold(8));
assert_eq!(4, TrustedEpoch::threshold(9));
assert_eq!(8, TrustedEpoch::threshold(21));
}
}
Loading
Loading