From e5f41da98d6041fb3fed9b443193119359b65585 Mon Sep 17 00:00:00 2001 From: Matthias Fasching <5011972+fasmat@users.noreply.github.com> Date: Thu, 8 Aug 2024 09:54:09 +0000 Subject: [PATCH] Remove scan malfeasant flag (#6229) ## Motivation This command line option was added during the last release to allow a node to scan its state during startup for the then newly introduced InvalidPreviousATX malfeasance proof. Since then all existing ATXs that are invalid have been marked as such and all nodes check newly incoming ATXs directly for their validity. So this isn't needed any more. --- CHANGELOG.md | 4 ++ activation/verify_state.go | 90 --------------------------------- activation/verify_state_test.go | 69 ------------------------- cmd/root.go | 3 -- config/config.go | 3 -- config/mainnet.go | 3 +- node/node.go | 9 ---- 7 files changed, 5 insertions(+), 176 deletions(-) delete mode 100644 activation/verify_state.go delete mode 100644 activation/verify_state_test.go diff --git a/CHANGELOG.md b/CHANGELOG.md index 462b887df90..e237b3aafba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,9 @@ See [RELEASE](./RELEASE.md) for workflow instructions. ### Upgrade information +The command line flag `--scan-malfeasant-atxs` has been removed. All malfeasant ATXs before 1.6.0 have been marked as +such and the node will continue to scan new ATXs for their validity. + ### Highlights ### Features @@ -699,6 +702,7 @@ and permanent ineligibility for rewards. * [#5494](https://github.com/spacemeshos/go-spacemesh/pull/5494) Make routing discovery more configurable and less spammy by default. + * [#5511](https://github.com/spacemeshos/go-spacemesh/pull/5511) Fix dialing peers on their private IPs, which was causing "portscan" complaints. diff --git a/activation/verify_state.go b/activation/verify_state.go deleted file mode 100644 index 3300444c847..00000000000 --- a/activation/verify_state.go +++ /dev/null @@ -1,90 +0,0 @@ -package activation - -import ( - "context" - "fmt" - "time" - - "go.uber.org/zap" - - awire "github.com/spacemeshos/go-spacemesh/activation/wire" - "github.com/spacemeshos/go-spacemesh/codec" - "github.com/spacemeshos/go-spacemesh/log" - "github.com/spacemeshos/go-spacemesh/malfeasance/wire" - "github.com/spacemeshos/go-spacemesh/sql" - "github.com/spacemeshos/go-spacemesh/sql/atxs" - "github.com/spacemeshos/go-spacemesh/sql/identities" -) - -func CheckPrevATXs(ctx context.Context, logger *zap.Logger, db sql.Executor) error { - collisions, err := atxs.PrevATXCollisions(db) - if err != nil { - return fmt.Errorf("get prev ATX collisions: %w", err) - } - - logger.Info("found ATX collisions", zap.Int("count", len(collisions))) - count := 0 - for _, collision := range collisions { - select { - case <-ctx.Done(): - // stop on context cancellation - return ctx.Err() - default: - } - - if collision.NodeID1 != collision.NodeID2 { - logger.Panic( - "unexpected collision", - log.ZShortStringer("NodeID1", collision.NodeID1), - log.ZShortStringer("NodeID2", collision.NodeID2), - log.ZShortStringer("ATX1", collision.ATX1), - log.ZShortStringer("ATX2", collision.ATX2), - ) - } - - malicious, err := identities.IsMalicious(db, collision.NodeID1) - if err != nil { - return fmt.Errorf("get malicious status: %w", err) - } - - if malicious { - // already malicious no need to generate proof - continue - } - - // we are ignoring the ATX version, because as of now we only have V1 - // by the time we have V2, this function is not needed anymore and can be deleted - var blob sql.Blob - var atx1 awire.ActivationTxV1 - if _, err := atxs.LoadBlob(ctx, db, collision.ATX1.Bytes(), &blob); err != nil { - return fmt.Errorf("get blob %s: %w", collision.ATX1.ShortString(), err) - } - codec.MustDecode(blob.Bytes, &atx1) - - var atx2 awire.ActivationTxV1 - if _, err := atxs.LoadBlob(ctx, db, collision.ATX2.Bytes(), &blob); err != nil { - return fmt.Errorf("get blob %s: %w", collision.ATX2.ShortString(), err) - } - codec.MustDecode(blob.Bytes, &atx2) - - proof := &wire.MalfeasanceProof{ - Layer: atx1.PublishEpoch.FirstLayer(), - Proof: wire.Proof{ - Type: wire.InvalidPrevATX, - Data: &wire.InvalidPrevATXProof{ - Atx1: atx1, - Atx2: atx2, - }, - }, - } - - encodedProof := codec.MustEncode(proof) - if err := identities.SetMalicious(db, collision.NodeID1, encodedProof, time.Now()); err != nil { - return fmt.Errorf("add malfeasance proof: %w", err) - } - - count++ - } - logger.Info("created malfeasance proofs", zap.Int("count", count)) - return nil -} diff --git a/activation/verify_state_test.go b/activation/verify_state_test.go deleted file mode 100644 index 26446d59265..00000000000 --- a/activation/verify_state_test.go +++ /dev/null @@ -1,69 +0,0 @@ -package activation - -import ( - "context" - "math/rand/v2" - "testing" - - "github.com/stretchr/testify/require" - "go.uber.org/zap/zaptest" - - "github.com/spacemeshos/go-spacemesh/activation/wire" - "github.com/spacemeshos/go-spacemesh/common/types" - "github.com/spacemeshos/go-spacemesh/signing" - "github.com/spacemeshos/go-spacemesh/sql" - "github.com/spacemeshos/go-spacemesh/sql/atxs" - "github.com/spacemeshos/go-spacemesh/sql/identities" -) - -func Test_CheckPrevATXs(t *testing.T) { - db := sql.InMemory() - logger := zaptest.NewLogger(t) - - // Arrange - sig, err := signing.NewEdSigner() - require.NoError(t, err) - - // create two ATXs with the same PrevATXID - prevATXID := types.RandomATXID() - goldenATXID := types.RandomATXID() - - atx1 := newInitialATXv1(t, goldenATXID, func(atx *wire.ActivationTxV1) { - atx.PrevATXID = prevATXID - atx.PublishEpoch = 2 - }) - atx1.Sign(sig) - vAtx1 := toAtx(t, atx1) - require.NoError(t, atxs.Add(db, vAtx1, atx1.Blob())) - - atx2 := newInitialATXv1(t, goldenATXID, func(atx *wire.ActivationTxV1) { - atx.PrevATXID = prevATXID - atx.PublishEpoch = 3 - }) - atx2.Sign(sig) - vAtx2 := toAtx(t, atx2) - require.NoError(t, atxs.Add(db, vAtx2, atx2.Blob())) - - // create 100 random ATXs that are not malicious - for i := 0; i < 100; i++ { - otherSig, err := signing.NewEdSigner() - require.NoError(t, err) - atx := newInitialATXv1(t, types.RandomATXID(), func(atx *wire.ActivationTxV1) { - atx.PrevATXID = types.RandomATXID() - atx.NumUnits = rand.Uint32() - atx.PublishEpoch = rand.N[types.EpochID](100) - }) - atx.Sign(otherSig) - vAtx := toAtx(t, atx) - require.NoError(t, atxs.Add(db, vAtx, atx.Blob())) - } - - // Act - err = CheckPrevATXs(context.Background(), logger, db) - require.NoError(t, err) - - // Assert - malicious, err := identities.IsMalicious(db, sig.NodeID()) - require.NoError(t, err) - require.True(t, malicious) -} diff --git a/cmd/root.go b/cmd/root.go index 5d8409cfad1..1f647489047 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -79,9 +79,6 @@ func AddFlags(flagSet *pflag.FlagSet, cfg *config.Config) (configPath *string) { flagSet.DurationVar(&cfg.DatabasePruneInterval, "db-prune-interval", cfg.DatabasePruneInterval, "configure interval for database pruning") - flagSet.BoolVar(&cfg.ScanMalfeasantATXs, "scan-malfeasant-atxs", cfg.ScanMalfeasantATXs, - "scan for malfeasant ATXs") - flagSet.BoolVar(&cfg.NoMainOverride, "no-main-override", cfg.NoMainOverride, "force 'nomain' builds to run on the mainnet") diff --git a/config/config.go b/config/config.go index aac864e8da7..b289ba722bc 100644 --- a/config/config.go +++ b/config/config.go @@ -122,9 +122,6 @@ type BaseConfig struct { PruneActivesetsFrom types.EpochID `mapstructure:"prune-activesets-from"` - // ScanMalfeasantATXs is a flag to enable scanning for malfeasant ATXs. - ScanMalfeasantATXs bool `mapstructure:"scan-malfeasant-atxs"` - NetworkHRP string `mapstructure:"network-hrp"` // MinerGoodAtxsPercent is a threshold to decide if tortoise activeset should be diff --git a/config/mainnet.go b/config/mainnet.go index 996ddbc7dac..30d6a71e099 100644 --- a/config/mainnet.go +++ b/config/mainnet.go @@ -80,8 +80,7 @@ func MainnetConfig() Config { DatabaseConnections: 16, DatabasePruneInterval: 30 * time.Minute, DatabaseVacuumState: 15, - PruneActivesetsFrom: 12, // starting from epoch 13 activesets below 12 will be pruned - ScanMalfeasantATXs: false, // opt-in + PruneActivesetsFrom: 12, // starting from epoch 13 activesets below 12 will be pruned NetworkHRP: "sm", LayerDuration: 5 * time.Minute, diff --git a/node/node.go b/node/node.go index 95a0b05decd..ac8dc5e5f0d 100644 --- a/node/node.go +++ b/node/node.go @@ -2005,15 +2005,6 @@ func (app *App) setupDBs(ctx context.Context, lg log.Log) error { datastore.WithConsensusCache(data), ) - if app.Config.ScanMalfeasantATXs { - app.log.With().Info("checking DB for malicious ATXs") - start = time.Now() - if err := activation.CheckPrevATXs(ctx, app.log.Zap(), app.db); err != nil { - return fmt.Errorf("malicious ATX check: %w", err) - } - app.log.With().Info("malicious ATX check completed", log.Duration("duration", time.Since(start))) - } - migrations, err = sql.LocalMigrations() if err != nil { return fmt.Errorf("load local migrations: %w", err)