Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] #4285: Verifiable Random Function in Sumeragi #4368

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[feature] #4285: Verifiable Random Function in Sumeragi #4368

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
52 changes: 52 additions & 0 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 3 additions & 2 deletions cli/src/lib.rs
View file
Open in desktop
Expand Up @@ -638,14 +638,15 @@ mod tests {

use assertables::{assert_contains, assert_contains_as_result};
use iroha_config::parameters::user::RootPartial as PartialUserConfig;
use iroha_crypto::KeyPair;
use iroha_crypto::{Algorithm, KeyPair};
use iroha_primitives::addr::socket_addr;
use path_absolutize::Absolutize as _;

use super::*;

fn config_factory() -> PartialUserConfig {
let (pubkey, privkey) = KeyPair::random().into_parts();
let (pubkey, privkey) =
KeyPair::random_with_algorithm(Algorithm::Secp256k1).into_parts();

let mut base = PartialUserConfig::default();

Expand Down
4 changes: 2 additions & 2 deletions client/tests/integration/extra_functional/offline_peers.rs
View file
Open in desktop
Expand Up @@ -7,7 +7,7 @@ use iroha_client::{
},
};
use iroha_config::parameters::actual::Root as Config;
use iroha_crypto::KeyPair;
use iroha_crypto::{Algorithm, KeyPair};
use iroha_primitives::addr::socket_addr;
use test_network::*;
use tokio::runtime::Runtime;
Expand Down Expand Up @@ -53,7 +53,7 @@ fn register_offline_peer() -> Result<()> {
check_status(&peer_clients, 1);

let address = socket_addr!(128.0.0.2:8085);
let key_pair = KeyPair::random();
let key_pair = KeyPair::random_with_algorithm(Algorithm::Secp256k1);
let public_key = key_pair.public_key().clone();
let peer_id = PeerId::new(address, public_key);
let register_peer = Register::peer(DataModelPeer::new(peer_id));
Expand Down
12 changes: 6 additions & 6 deletions config/iroha_test_config.toml
View file
Open in desktop
@@ -1,6 +1,6 @@
chain_id = "00000000-0000-0000-0000-000000000000"
public_key = "ed01201C61FAF8FE94E253B93114240394F79A607B7FA55F9E5A41EBEC74B88055768B"
private_key = { algorithm = "ed25519", payload = "282ED9F3CF92811C3818DBC4AE594ED59DC1A2F78E4241E31924E101D6B1FB831C61FAF8FE94E253B93114240394F79A607B7FA55F9E5A41EBEC74B88055768B" }
public_key = "e70121039B861E76EBC90B3348142E3ED6C82DE4F6223A003E19159397D93008CEDB2CF3"
private_key = { algorithm = "secp256k1", payload = "D9CAA39CD8DF8E20BDE9E21CB2A8DFF3DC3F152954E651D96F03E1EC94DFE581" }

[network]
address = "127.0.0.1:1337"
Expand All @@ -15,19 +15,19 @@ address = "127.0.0.1:8080"

[[sumeragi.trusted_peers]]
address = "127.0.0.1:1337"
public_key = "ed01201C61FAF8FE94E253B93114240394F79A607B7FA55F9E5A41EBEC74B88055768B"
public_key = "e7012102E7A461547D04FF0EA7E9A473D67B51A58C41E53F7D9583096052492ABDB430D4"

[[sumeragi.trusted_peers]]
address = "127.0.0.1:1338"
public_key = "ed0120CC25624D62896D3A0BFD8940F928DC2ABF27CC57CEFEB442AA96D9081AAE58A1"
public_key = "e7012103F8DE33E3B492CE14346BCD330A0044FE8C03BFCA03168B513722CCB00BE42734"

[[sumeragi.trusted_peers]]
address = "127.0.0.1:1339"
public_key = "ed0120FACA9E8AA83225CB4D16D67F27DD4F93FC30FFA11ADC1F5C88FD5495ECC91020"
public_key = "e701210390292D847084F39975E805DF70CEEBDF1FEC61C1547C77DC0B2A353C29DD3B97"

[[sumeragi.trusted_peers]]
address = "127.0.0.1:1340"
public_key = "ed01208E351A70B6A603ED285D666B8D689B680865913BA03CE29FB7D13A166C4E7F1F"
public_key = "e701210360E53577CDA472A8873ABFF96376E0A82A5123D718F91499D284A45D57A322EC"

[logger]
format = "pretty"
Expand Down
11 changes: 11 additions & 0 deletions config/src/parameters/user.rs
View file
Open in desktop
Expand Up @@ -142,6 +142,12 @@ impl Root {
let key_pair =
KeyPair::new(self.public_key, self.private_key)
.wrap_err("failed to construct a key pair from `iroha.public_key` and `iroha.private_key` configuration parameters")
.map(|key| {
if key.algorithm() != iroha_crypto::Algorithm::Secp256k1 {
emitter.emit(eyre!("Peer key pair must use algorithm Secp256k1. Problematic public key = {}", key.public_key()));
}
key
})
.map_or_else(|err| {
emitter.emit(err);
None
Expand Down Expand Up @@ -426,6 +432,11 @@ impl Sumeragi {
} = self;

let trusted_peers = construct_unique_vec(trusted_peers.unwrap_or(vec![]))?;
for peer in &trusted_peers {
if peer.public_key.algorithm() != iroha_crypto::Algorithm::Secp256k1 {
return Err(eyre!("Only Secp256k1 key pairs are allowed in the trusted peers. Problematic public key = {}", peer.public_key));
}
}

Ok(actual::Sumeragi {
trusted_peers,
Expand Down
34 changes: 27 additions & 7 deletions config/tests/fixtures.rs
View file
Open in desktop
Expand Up @@ -59,13 +59,24 @@ fn minimal_config_snapshot() -> Result<()> {
),
key_pair: KeyPair {
public_key: PublicKey(
ed25519(
"ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB",
secp256k1(
"e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55",
),
),
private_key: "[REDACTED PrivateKey]",
},
p2p_address: 127.0.0.1:1337,
peer_id: PeerId {
address: 127.0.0.1:1337,
public_key: PublicKey(
secp256k1(
"e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55",
),
),
},
},
network: Network {
address: 127.0.0.1:1337,
idle_timeout: 60s,
},
genesis: Partial {
public_key: PublicKey(
Expand All @@ -89,8 +100,16 @@ fn minimal_config_snapshot() -> Result<()> {
PeerId {
address: 127.0.0.1:1338,
public_key: PublicKey(
ed25519(
"ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB",
secp256k1(
"e7012103756A6D80129A39E94D40E91826D96FE9DAE6F0EE153ADE3BE1246E019394F445",
),
),
},
PeerId {
address: 127.0.0.1:1337,
public_key: PublicKey(
secp256k1(
"e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55",
),
),
},
Expand Down Expand Up @@ -301,8 +320,8 @@ fn full_envs_set_is_consumed() -> Result<()> {
),
public_key: Some(
PublicKey(
ed25519(
"ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB",
secp256k1(
"e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55",
),
),
),
Expand Down Expand Up @@ -363,6 +382,7 @@ fn full_envs_set_is_consumed() -> Result<()> {
block_gossip_period: None,
transaction_gossip_max_size: None,
transaction_gossip_period: None,
idle_timeout: None,
},
logger: LoggerPartial {
level: Some(
Expand Down
6 changes: 3 additions & 3 deletions config/tests/fixtures/base.toml
View file
Open in desktop
@@ -1,7 +1,7 @@
chain_id = "0"
public_key = "ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"
private_key.algorithm = "ed25519"
private_key.payload = "8f4c15e5d664da3f13778801d23d4e89b76e94c1b94b389544168b6cb894f84f8ba62848cf767d72e7f7f4b9d2d7ba07fee33760f79abe5597a51520e292a0cb"
public_key = "e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55"
private_key.algorithm = "secp256k1"
private_key.payload = "BB52C74DC56A2E9028F3BC5B42ECEC6CDDF19DBD3CD11F2A23A0477670944E52"

[network]
address = "127.0.0.1:1337"
Expand Down
2 changes: 1 addition & 1 deletion config/tests/fixtures/base_trusted_peers.toml
View file
Open in desktop
@@ -1,3 +1,3 @@
[[sumeragi.trusted_peers]]
address = "127.0.0.1:1338"
public_key = "ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"
public_key = "e7012103756A6D80129A39E94D40E91826D96FE9DAE6F0EE153ADE3BE1246E019394F445"
6 changes: 3 additions & 3 deletions config/tests/fixtures/full.env
View file
Open in desktop
@@ -1,7 +1,7 @@
CHAIN_ID=0-0
PUBLIC_KEY=ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB
PRIVATE_KEY_ALGORITHM=ed25519
PRIVATE_KEY_PAYLOAD=8f4c15e5d664da3f13778801d23d4e89b76e94c1b94b389544168b6cb894f84f8ba62848cf767d72e7f7f4b9d2d7ba07fee33760f79abe5597a51520e292a0cb
PUBLIC_KEY=e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55
PRIVATE_KEY_ALGORITHM=secp256k1
PRIVATE_KEY_PAYLOAD=BB52C74DC56A2E9028F3BC5B42ECEC6CDDF19DBD3CD11F2A23A0477670944E52
P2P_ADDRESS=127.0.0.1:5432
GENESIS_PUBLIC_KEY=ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB
GENESIS_PRIVATE_KEY_ALGORITHM=ed25519
Expand Down
6 changes: 3 additions & 3 deletions config/tests/fixtures/full.toml
View file
Open in desktop
@@ -1,8 +1,8 @@
# This config has ALL fields specified (except `extends`)

chain_id = "0"
public_key = "ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"
private_key = { algorithm = "ed25519", payload = "8f4c15e5d664da3f13778801d23d4e89b76e94c1b94b389544168b6cb894f84f8ba62848cf767d72e7f7f4b9d2d7ba07fee33760f79abe5597a51520e292a0cb" }
public_key = "e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55"
private_key = { algorithm = "secp256k1", payload = "BB52C74DC56A2E9028F3BC5B42ECEC6CDDF19DBD3CD11F2A23A0477670944E52" }

[genesis]
file = "genesis.json"
Expand Down Expand Up @@ -30,7 +30,7 @@ output_new_blocks = true

[[sumeragi.trusted_peers]]
address = "localhost:8081"
public_key = "ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"
public_key = "e7012103DD678497624AF3F3A3F59F4F0AD3861751E7F3B16CA402E864A1499DD6358C55"

[sumeragi.debug]
force_soft_fork = true
Expand Down
8 changes: 4 additions & 4 deletions config/tests/fixtures/minimal_file_and_env.toml
View file
Open in desktop
@@ -1,14 +1,14 @@
extends = "base_trusted_peers.toml"

chain_id = "0"
public_key = "ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"
private_key.algorithm = "ed25519"
private_key.payload = "8f4c15e5d664da3f13778801d23d4e89b76e94c1b94b389544168b6cb894f84f8ba62848cf767d72e7f7f4b9d2d7ba07fee33760f79abe5597a51520e292a0cb"
public_key = "e7012103756A6D80129A39E94D40E91826D96FE9DAE6F0EE153ADE3BE1246E019394F445"
private_key.algorithm = "secp256k1"
private_key.payload = "1D39F2378F01F87F32AA830B7ABC4262EFEB44C67D7EA7BE277F1EA97C470CAE"

[network]
address = "127.0.0.1:1337"

[genesis]
public_key = "ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"
public_key = "e7012103756A6D80129A39E94D40E91826D96FE9DAE6F0EE153ADE3BE1246E019394F445"

# `torii.address` should be in ENV
32 changes: 16 additions & 16 deletions configs/swarm/docker-compose.local.yml
View file
Open in desktop
Expand Up @@ -8,16 +8,16 @@ services:
platform: linux/amd64
environment:
CHAIN_ID: 00000000-0000-0000-0000-000000000000
PUBLIC_KEY: ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB
PRIVATE_KEY_ALGORITHM: ed25519
PRIVATE_KEY_PAYLOAD: 8f4c15e5d664da3f13778801d23d4e89b76e94c1b94b389544168b6cb894f84f8ba62848cf767d72e7f7f4b9d2d7ba07fee33760f79abe5597a51520e292a0cb
PUBLIC_KEY: e7012102ACB0C88B96BCCD979A31E26967BEC6A2926512B29A753611F6F3CD1350B998F2
PRIVATE_KEY_ALGORITHM: secp256k1
PRIVATE_KEY_PAYLOAD: 8f4c15e5d664da3f13778801d23d4e89b76e94c1b94b389544168b6cb894f84f
P2P_ADDRESS: 0.0.0.0:1337
API_ADDRESS: 0.0.0.0:8080
GENESIS_PUBLIC_KEY: ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4
GENESIS_PRIVATE_KEY_ALGORITHM: ed25519
GENESIS_PRIVATE_KEY_PAYLOAD: 82b3bde54aebeca4146257da0de8d59d8e46d5fe34887dcd8072866792fcb3ad4164bf554923ece1fd412d241036d863a6ae430476c898248b8237d77534cfc4
GENESIS_FILE: /config/genesis.json
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha1:1338","public_key":"ed0120815BBDC9775D28C3633269B25F22D048E2AA2E36017CBE5AD85F15220BEB6F6F"},{"address":"iroha3:1340","public_key":"ed0120A66522370D60B9C09E79ADE2E9BB1EF2E78733A944B999B3A6AEE687CE476D61"},{"address":"iroha2:1339","public_key":"ed0120F417E0371E6ADB32FD66749477402B1AB67F84A8E9B082E997980CC91F327736"}]'
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha2:1339","public_key":"e70121034C80148A515A2BD68C8A7F9501287783565B419331335A45A516C4A681C62DCE"},{"address":"iroha1:1338","public_key":"e70121036813D9B08E4BBC6B29F9106BE53F19702C1E769E3C989C2372A93523622C1EAB"},{"address":"iroha3:1340","public_key":"e701210378BF47D91E4975AF19CFA00278FE1323B9F653DFCFD4DE57B594EA1DB5885B7A"}]'
ports:
- 1337:1337
- 8080:8080
Expand All @@ -36,13 +36,13 @@ services:
platform: linux/amd64
environment:
CHAIN_ID: 00000000-0000-0000-0000-000000000000
PUBLIC_KEY: ed0120815BBDC9775D28C3633269B25F22D048E2AA2E36017CBE5AD85F15220BEB6F6F
PRIVATE_KEY_ALGORITHM: ed25519
PRIVATE_KEY_PAYLOAD: c02ffad5e455e7ec620d74de5769681e4d8385906bce5a437eb67452a9efbbc2815bbdc9775d28c3633269b25f22d048e2aa2e36017cbe5ad85f15220beb6f6f
PUBLIC_KEY: e70121036813D9B08E4BBC6B29F9106BE53F19702C1E769E3C989C2372A93523622C1EAB
PRIVATE_KEY_ALGORITHM: secp256k1
PRIVATE_KEY_PAYLOAD: c02ffad5e455e7ec620d74de5769681e4d8385906bce5a437eb67452a9efbbc2
P2P_ADDRESS: 0.0.0.0:1338
API_ADDRESS: 0.0.0.0:8081
GENESIS_PUBLIC_KEY: ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha0:1337","public_key":"ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"},{"address":"iroha3:1340","public_key":"ed0120A66522370D60B9C09E79ADE2E9BB1EF2E78733A944B999B3A6AEE687CE476D61"},{"address":"iroha2:1339","public_key":"ed0120F417E0371E6ADB32FD66749477402B1AB67F84A8E9B082E997980CC91F327736"}]'
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha0:1337","public_key":"e7012102ACB0C88B96BCCD979A31E26967BEC6A2926512B29A753611F6F3CD1350B998F2"},{"address":"iroha2:1339","public_key":"e70121034C80148A515A2BD68C8A7F9501287783565B419331335A45A516C4A681C62DCE"},{"address":"iroha3:1340","public_key":"e701210378BF47D91E4975AF19CFA00278FE1323B9F653DFCFD4DE57B594EA1DB5885B7A"}]'
ports:
- 1338:1338
- 8081:8081
Expand All @@ -60,13 +60,13 @@ services:
platform: linux/amd64
environment:
CHAIN_ID: 00000000-0000-0000-0000-000000000000
PUBLIC_KEY: ed0120F417E0371E6ADB32FD66749477402B1AB67F84A8E9B082E997980CC91F327736
PRIVATE_KEY_ALGORITHM: ed25519
PRIVATE_KEY_PAYLOAD: 29c5ed1409cb10fd791bc4ff8a6cb5e22a5fae7e36f448ef3ea2988b1319a88bf417e0371e6adb32fd66749477402b1ab67f84a8e9b082e997980cc91f327736
PUBLIC_KEY: e70121034C80148A515A2BD68C8A7F9501287783565B419331335A45A516C4A681C62DCE
PRIVATE_KEY_ALGORITHM: secp256k1
PRIVATE_KEY_PAYLOAD: 29c5ed1409cb10fd791bc4ff8a6cb5e22a5fae7e36f448ef3ea2988b1319a88b
P2P_ADDRESS: 0.0.0.0:1339
API_ADDRESS: 0.0.0.0:8082
GENESIS_PUBLIC_KEY: ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha1:1338","public_key":"ed0120815BBDC9775D28C3633269B25F22D048E2AA2E36017CBE5AD85F15220BEB6F6F"},{"address":"iroha0:1337","public_key":"ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"},{"address":"iroha3:1340","public_key":"ed0120A66522370D60B9C09E79ADE2E9BB1EF2E78733A944B999B3A6AEE687CE476D61"}]'
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha0:1337","public_key":"e7012102ACB0C88B96BCCD979A31E26967BEC6A2926512B29A753611F6F3CD1350B998F2"},{"address":"iroha1:1338","public_key":"e70121036813D9B08E4BBC6B29F9106BE53F19702C1E769E3C989C2372A93523622C1EAB"},{"address":"iroha3:1340","public_key":"e701210378BF47D91E4975AF19CFA00278FE1323B9F653DFCFD4DE57B594EA1DB5885B7A"}]'
ports:
- 1339:1339
- 8082:8082
Expand All @@ -84,13 +84,13 @@ services:
platform: linux/amd64
environment:
CHAIN_ID: 00000000-0000-0000-0000-000000000000
PUBLIC_KEY: ed0120A66522370D60B9C09E79ADE2E9BB1EF2E78733A944B999B3A6AEE687CE476D61
PRIVATE_KEY_ALGORITHM: ed25519
PRIVATE_KEY_PAYLOAD: 5eed4855fad183c451aac39dfc50831607e4cf408c98e2b977f3ce4a2df42ce2a66522370d60b9c09e79ade2e9bb1ef2e78733a944b999b3a6aee687ce476d61
PUBLIC_KEY: e701210378BF47D91E4975AF19CFA00278FE1323B9F653DFCFD4DE57B594EA1DB5885B7A
PRIVATE_KEY_ALGORITHM: secp256k1
PRIVATE_KEY_PAYLOAD: 5eed4855fad183c451aac39dfc50831607e4cf408c98e2b977f3ce4a2df42ce2
P2P_ADDRESS: 0.0.0.0:1340
API_ADDRESS: 0.0.0.0:8083
GENESIS_PUBLIC_KEY: ed01204164BF554923ECE1FD412D241036D863A6AE430476C898248B8237D77534CFC4
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha1:1338","public_key":"ed0120815BBDC9775D28C3633269B25F22D048E2AA2E36017CBE5AD85F15220BEB6F6F"},{"address":"iroha0:1337","public_key":"ed01208BA62848CF767D72E7F7F4B9D2D7BA07FEE33760F79ABE5597A51520E292A0CB"},{"address":"iroha2:1339","public_key":"ed0120F417E0371E6ADB32FD66749477402B1AB67F84A8E9B082E997980CC91F327736"}]'
SUMERAGI_TRUSTED_PEERS: '[{"address":"iroha0:1337","public_key":"e7012102ACB0C88B96BCCD979A31E26967BEC6A2926512B29A753611F6F3CD1350B998F2"},{"address":"iroha2:1339","public_key":"e70121034C80148A515A2BD68C8A7F9501287783565B419331335A45A516C4A681C62DCE"},{"address":"iroha1:1338","public_key":"e70121036813D9B08E4BBC6B29F9106BE53F19702C1E769E3C989C2372A93523622C1EAB"}]'
ports:
- 1340:1340
- 8083:8083
Expand Down