1298 acl access control list augmentation (#1303)

* feat: adding list command to check ACL status on acl folder.

also function can be reused by other parts of the code.

* feat: adding ListComponent calls in cdk-erigon

added call to the function for it to log in parts of the code, this will be reviewed.

* docs: adding readme updates on acl, making it more clear on how to use.

* feat: acl transaction history buildup

creating functions to interact with table as binary, and other helper functions that we may need.

* feat: build up transaction inserter, second part.

* feat: enhance ACL listing with policy transaction logging and refactor logging imports

changing log structure, cause it's failing.

changed the function at txpool so I can get the string to put in the log at the CLI level since it doesn't log too.

* chore: changing call to log it.

* feat: update logging for policy transactions and fix a transaction insertion error

* feat: add update operation to policy transactions and log updates in UpdatePolicies

* feat: insert policy refactor and fix update error.

fixing update method which was exiting on panic, also improved the function of insert to be able to insert an array improving code quality

* feat: adding log count setup to the mode acl function ( which basically is the config updater now)

* chore: changing config value on key to string, for easier reading when debugging// looking for it.

not an issue for usage, only a improvement.

* docs: update README to include optional log_count parameter for acl mode command

* chore: adding logging level part back.

* fix: we had an issue in the test when running in parallel

it could either remove or add the policy at the same time someone else was checking for another scenario

to fix I added the adding flow, to updating/changing tx before making the update with the same asserting checks for correct adding.

cmd/acl/README.md

@@ -3,28 +3,42 @@
 In the root of `Erigon` project, use this command to build the commands:
 
 ```shell
-make acl
+    make acl
 ```
 
 It can then be run using the following command
 
 ```shell
-./buid/bin/acl sub-command options...
+    ./buid/bin/acl sub-command options...
 ```
 
 Snapshots supports the following sub commands:
 
-## mode - access list mode
+## data-dir
+
+Examples on how to setup your data-dir
+
+```shell
+    # on sequencer:
+    /Path/Choosen/OnHermezConfig/txpool
+    # example
+    /Users/{$USER}/code/erigon-data/chain/txpool
+    # on default path:
+    /Users/{$USER}/Library/Erigon
+```
+
+## mode - set mode of access list 
 
 This command takes the following form: 
 
 ```shell
-    acl mode <data-dir> <mode>
+    acl mode --datadir=<data-dir> --mode=<mode> --log_count=<number_integer>[optional]
 ```
 
 ## supported ACL Types
 - `allowlist` - allow list type
 - `blocklist` - block list type
+- `disabled` - doesn't block or allow, everyone is able to do transactions and deploy contracts.
 
 ## supported policies
 - `sendTx` - enables or disables ability of an account to send transactions (deploy contracts transactions not included).
@@ -42,7 +56,7 @@ This command can be used to update an access list in the `acl` data base.
 This command takes the following form: 
 
 ```shell
-    acl update <data-dir> <type> <csv>
+    acl update --datadir=<data-dir> --type=<type> --csv=<path_to_csv>
 ```
 The `update` command will read the `.csv` file provided which should be in format `address,"policy1,policy2"`, and update the defined `acl` in the `db`. Note that the `.csv` file is considered as the final state of policies for given `acl` type for defined addresses, meaning, if an address in the `.csv` file has `sendTx` policy, but in `db` it had `deploy`, after this command, it will have `sendTx` in the `db`, there is no appending. Also, it is worth mentioning that using a `.csv` file user can delete addresses from an `acl` table by leaving policies string as empty `""`. This will tell the command that the user wants to remove an address completely from an `acl`.
 
@@ -53,7 +67,7 @@ This command can be used to add a policy to an account in the specified `acl`.
 This command takes the following form: 
 
 ```shell
-    acl add <data-dir> <type> <address> <policy>
+    acl add --datadir=<data-dir> --type=<type> --address=<address> --policy=<policy>
 ```
 
 The `add` command will add the given policy to an account in given access list table if account is not already added to access list table, or if given account does not have that policy.
@@ -65,8 +79,26 @@ This command can be used to remove a policy from an account in the specified `ac
 This command takes the following form: 
 
 ```shell
-    acl remove <data-dir> <type> <address> <policy>
+    acl remove --datadir=<data-dir> --type=<type> --adress=<address> --policy=<policy>
 ```
 The `remove` command will remove the given policy from an account in given access list table if given account has that policy assigned.
 
+## list - log the information in current acl data-dir
+
+```shell
+    acl list --datadir=<data-dir>
+```
+
+## operating example:
+
+```shell
+    acl list  --datadir=/Users/username_pc_mac/path_to_data/erigon-data/devnet/txpool
+
+    acl add --address=0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 --policy=deploy --type=blocklist --datadir=/Users/username_pc_mac/path_to_data/erigon-data/devnet/txpool
+    acl add --address=0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 --policy=sendTx --type=blocklist --datadir=/Users/username_pc_mac/path_to_data/erigon-data/devnet/txpool
+
+    acl add --address=0x0921598333Cf3cE5FE2031C056C79aec59EE10b6 --policy=sendTx --type=allowlist --datadir=/Users/username_pc_mac/path_to_data/erigon-data/devnet/txpool
+    acl remove --address=0x0921598333Cf3cE5FE2031C056C79aec59EE10b6 --policy=sendTx --type=allowlist --datadir=/Users/username_pc_mac/path_to_data/erigon-data/devnet/txpool
 
+    acl mode --mode=disabled --datadir=/Users/username_pc_mac/path_to_data/erigon-data/devnet/txpool --log_count=20
+```

cmd/acl/list/list.go

@@ -0,0 +1,41 @@
+package list
+
+import (
+	"github.com/ledgerwatch/erigon/cmd/utils"
+	"github.com/ledgerwatch/erigon/zk/txpool"
+	"github.com/ledgerwatch/erigon/zkevm/log"
+	"github.com/urfave/cli/v2"
+)
+
+var Command = cli.Command{
+	Action: run,
+	Name:   "list",
+	Usage:  "List the content at the ACL",
+	Flags: []cli.Flag{
+		&utils.DataDirFlag,
+	},
+}
+
+func run(cliCtx *cli.Context) error {
+	dataDir := cliCtx.String(utils.DataDirFlag.Name)
+	log.Info("Listing ", "dataDir:", dataDir)
+
+	aclDB, err := txpool.OpenACLDB(cliCtx.Context, dataDir)
+	if err != nil {
+		log.Error("Failed to open ACL database", "err", err)
+		return err
+	}
+
+	content, _ := txpool.ListContentAtACL(cliCtx.Context, aclDB)
+	log.Info(content)
+	pts, _ := txpool.LastPolicyTransactions(cliCtx.Context, aclDB)
+	if len(pts) == 0 {
+		log.Info("No policy transactions found")
+		return nil
+	}
+	for i, pt := range pts {
+		log.Info("Policy transaction - ", "index:", i, "pt:", pt.ToString())
+	}
+
+	return nil
+}

cmd/acl/main.go

@@ -7,24 +7,27 @@ import (
 	"os/signal"
 	"syscall"
 
+	"github.com/ledgerwatch/erigon/cmd/acl/list"
 	"github.com/ledgerwatch/erigon/cmd/acl/mode"
 	"github.com/ledgerwatch/erigon/cmd/acl/update"
 	"github.com/ledgerwatch/erigon/params"
 	"github.com/ledgerwatch/erigon/turbo/logging"
-	"github.com/ledgerwatch/log/v3"
+	"github.com/ledgerwatch/erigon/zkevm/log"
+	loglvl "github.com/ledgerwatch/log/v3"
 	"github.com/urfave/cli/v2"
 )
 
 func main() {
-	logging.LogVerbosityFlag.Value = log.LvlError.String()
-	logging.LogConsoleVerbosityFlag.Value = log.LvlError.String()
+	logging.LogVerbosityFlag.Value = loglvl.LvlError.String()
+	logging.LogConsoleVerbosityFlag.Value = loglvl.LvlError.String()
 
 	app := cli.NewApp()
 	app.Name = "acl"
 	app.Version = params.VersionWithCommit(params.GitCommit)
 
 	app.Commands = []*cli.Command{
 		&mode.Command,
+		&list.Command,
 		&update.UpdateCommand,
 		&update.RemoveCommand,
 		&update.AddCommand,

cmd/acl/mode/mode.go

@@ -5,12 +5,13 @@ import (
 
 	"github.com/ledgerwatch/erigon/cmd/utils"
 	"github.com/ledgerwatch/erigon/zk/txpool"
-	"github.com/ledgerwatch/log/v3"
+	"github.com/ledgerwatch/erigon/zkevm/log"
 	"github.com/urfave/cli/v2"
 )
 
 var (
-	mode string // Mode of the ACL
+	mode           string // Mode of the ACL
+	logCountOutput string // Output for log count
 )
 
 var Command = cli.Command{
@@ -24,6 +25,11 @@ var Command = cli.Command{
 			Usage:       "Mode of the ACL (allowlist, blocklist or disabled)",
 			Destination: &mode,
 		},
+		&cli.StringFlag{
+			Name:        "log_count",
+			Usage:       "Number of transactions at startup to log",
+			Destination: &logCountOutput,
+		},
 	},
 }
 
@@ -38,7 +44,7 @@ func run(cliCtx *cli.Context) error {
 
 	dataDir := cliCtx.String(utils.DataDirFlag.Name)
 
-	log.Info("Setting mode", "mode", mode, "dataDir", dataDir)
+	log.Info("Setting mode ", "mode - ", mode, "dataDir - ", dataDir, "log_count_output - ", logCountOutput)
 
 	aclDB, err := txpool.OpenACLDB(cliCtx.Context, dataDir)
 	if err != nil {
@@ -51,7 +57,13 @@ func run(cliCtx *cli.Context) error {
 		return err
 	}
 
-	log.Info("ACL Mode set", "mode", mode)
+	if cliCtx.IsSet("log_count") {
+		// Assuming you need to store log_count_output in the config table
+		if err := txpool.SetLogCount(cliCtx.Context, aclDB, logCountOutput); err != nil {
+			log.Error("Failed to set log_count_output", "err", err)
+			return err
+		}
+	}
 
 	return nil
 }

cmd/acl/update/update.go

@@ -13,7 +13,7 @@ import (
 	"github.com/ledgerwatch/erigon-lib/kv"
 	"github.com/ledgerwatch/erigon/cmd/utils"
 	"github.com/ledgerwatch/erigon/zk/txpool"
-	"github.com/ledgerwatch/log/v3"
+	"github.com/ledgerwatch/erigon/zkevm/log"
 	"github.com/urfave/cli/v2"
 )
 

zk/txpool/acl.go

@@ -22,9 +22,10 @@ const (
 type ACLTable string
 
 const (
-	Config    = "Config"
-	Allowlist = "Allowlist"
-	BlockList = "BlockList"
+	Config             = "Config"
+	Allowlist          = "Allowlist"
+	BlockList          = "BlockList"
+	PolicyTransactions = "PolicyTransactions"
 )
 
 func (t ACLTable) String() string {
@@ -39,6 +40,8 @@ func ResolveACLTable(table string) (ACLTable, error) {
 		return Allowlist, nil
 	case "blocklist":
 		return BlockList, nil
+	case "policytransactions":
+		return PolicyTransactions, nil
 	default:
 		return "", errUnknownACLTable
 	}
@@ -88,6 +91,7 @@ var (
 		Config,
 		Allowlist,
 		BlockList,
+		PolicyTransactions,
 	}
 
 	ACLTablesCfg = kv.TableCfg{}
@@ -96,6 +100,7 @@ var (
 	errUnsupportedACLType = errors.New("unsupported acl type")
 	errUnknownACLTable    = errors.New("unknown acl table")
 	errUnknownPolicy      = errors.New("unknown policy")
+	errWrongOperation     = errors.New("wrong operation")
 )
 
 const ACLDB kv.Label = 255