lotus/checks.go

package sealing

import (
	"context"

	"golang.org/x/xerrors"

	"github.com/filecoin-project/go-address"
	"github.com/filecoin-project/lotus/chain/types"
	"github.com/filecoin-project/sector-storage/ffiwrapper"
	"github.com/filecoin-project/sector-storage/zerocomm"
	"github.com/filecoin-project/specs-actors/actors/abi"
	"github.com/filecoin-project/specs-actors/actors/builtin/miner"
	"github.com/filecoin-project/specs-actors/actors/crypto"
	log "github.com/mgutz/logxi/v1"
)

// TODO: For now we handle this by halting state execution, when we get jsonrpc reconnecting
//  We should implement some wait-for-api logic
type ErrApi struct{ error }

type ErrInvalidDeals struct{ error }
type ErrInvalidPiece struct{ error }
type ErrExpiredDeals struct{ error }

type ErrBadCommD struct{ error }
type ErrExpiredTicket struct{ error }

type ErrBadSeed struct{ error }
type ErrInvalidProof struct{ error }

// checkPieces validates that:
//  - Each piece han a corresponding on chain deal
//  - Piece commitments match with on chain deals
//  - Piece sizes match
//  - Deals aren't expired
func checkPieces(ctx context.Context, si SectorInfo, api SealingAPI) error {
	tok, height, err := api.ChainHead(ctx)
	if err != nil {
		return &ErrApi{xerrors.Errorf("getting chain head: %w", err)}
	}

	for i, piece := range si.Pieces {
		if piece.DealID == nil {
			exp := zerocomm.ZeroPieceCommitment(piece.Size)
			if piece.CommP != exp {
				return &ErrInvalidPiece{xerrors.Errorf("deal %d piece %d had non-zero CommP %+v", piece.DealID, i, piece.CommP)}
			}
			continue
		}
		proposal, _, err := api.StateMarketStorageDeal(ctx, *piece.DealID, tok)
		if err != nil {
			return &ErrApi{xerrors.Errorf("getting deal %d for piece %d: %w", piece.DealID, i, err)}
		}

		if proposal.PieceCID != piece.CommP {
			return &ErrInvalidDeals{xerrors.Errorf("piece %d (or %d) of sector %d refers deal %d with wrong CommP: %x != %x", i, len(si.Pieces), si.SectorID, piece.DealID, piece.CommP, proposal.PieceCID)}
		}

		if piece.Size != proposal.PieceSize.Unpadded() {
			return &ErrInvalidDeals{xerrors.Errorf("piece %d (or %d) of sector %d refers deal %d with different size: %d != %d", i, len(si.Pieces), si.SectorID, piece.DealID, piece.Size, proposal.PieceSize)}
		}

		if height >= proposal.StartEpoch {
			return &ErrExpiredDeals{xerrors.Errorf("piece %d (or %d) of sector %d refers expired deal %d - should start at %d, head %d", i, len(si.Pieces), si.SectorID, piece.DealID, proposal.StartEpoch, height)}
		}
	}

	return nil
}

// checkPrecommit checks that data commitment generated in the sealing process
//  matches pieces, and that the seal ticket isn't expired
func checkPrecommit(ctx context.Context, maddr address.Address, si SectorInfo, api SealingAPI) (err error) {
	tok, height, err := api.ChainHead(ctx)
	if err != nil {
		return &ErrApi{xerrors.Errorf("getting chain head: %w", err)}
	}

	commD, err := api.StateComputeDataCommitment(ctx, maddr, si.SectorType, si.deals(), tok)
	if err != nil {
		return &ErrApi{xerrors.Errorf("calling StateComputeDataCommitment: %w", err)}
	}

	if !commD.Equals(*si.CommD) {
		return &ErrBadCommD{xerrors.Errorf("on chain CommD differs from sector: %s != %s", commD, si.CommD)}
	}

	if int64(height)-int64(si.TicketEpoch+SealRandomnessLookback) > SealRandomnessLookbackLimit {
		return &ErrExpiredTicket{xerrors.Errorf("ticket expired: seal height: %d, head: %d", si.TicketEpoch+SealRandomnessLookback, height)}
	}

	return nil
}

func (m *Sealing) checkCommit(ctx context.Context, si SectorInfo, proof []byte) (err error) {
	tok, height, err := m.api.ChainHead(ctx)
	if err != nil {
		return &ErrApi{xerrors.Errorf("getting chain head: %w", err)}
	}

	if si.Seed.Epoch == 0 {
		return &ErrBadSeed{xerrors.Errorf("seed epoch was not set")}
	}

	pci, err := m.api.StateSectorPreCommitInfo(ctx, m.maddr, si.SectorID, types.EmptyTSK)
	if err != nil {
		return xerrors.Errorf("getting precommit info: %w", err)
	}

	if pci.PreCommitEpoch+miner.PreCommitChallengeDelay != si.Seed.Epoch {
		return &ErrBadSeed{xerrors.Errorf("seed epoch doesn't match on chain info: %d != %d", pci.PreCommitEpoch+miner.PreCommitChallengeDelay, si.Seed.Epoch)}
	}

	seed, err := m.api.ChainGetRandomness(ctx, head.Key(), crypto.DomainSeparationTag_InteractiveSealChallengeSeed, si.Seed.Epoch, nil)
	if err != nil {
		return &ErrApi{xerrors.Errorf("failed to get randomness for computing seal proof: %w", err)}
	}

	if string(seed) != string(si.Seed.Value) {
		return &ErrBadSeed{xerrors.Errorf("seed has changed")}
	}

	ss, err := m.api.StateMinerSectorSize(ctx, m.maddr, head.Key())
	if err != nil {
		return &ErrApi{err}
	}
	_, spt, err := ffiwrapper.ProofTypeFromSectorSize(ss)
	if err != nil {
		return err
	}

	if *si.CommR != pci.Info.SealedCID {
		log.Warn("on-chain sealed CID doesn't match!")
	}

	ok, err := m.verif.VerifySeal(abi.SealVerifyInfo{
		SectorID: m.minerSector(si.SectorID),
		OnChain: abi.OnChainSealVerifyInfo{
			SealedCID:        pci.Info.SealedCID,
			InteractiveEpoch: si.Seed.Epoch,
			RegisteredProof:  spt,
			Proof:            proof,
			SectorNumber:     si.SectorID,
			SealRandEpoch:    si.Ticket.Epoch,
		},
		Randomness:            si.Ticket.Value,
		InteractiveRandomness: si.Seed.Value,
		UnsealedCID:           *si.CommD,
	})
	if err != nil {
		return xerrors.Errorf("verify seal: %w", err)
	}
	if !ok {
		return &ErrInvalidProof{xerrors.New("invalid proof (compute error?)")}
	}

	return nil
}
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`package sealing`

			`import (`
			`"context"`

			`"golang.org/x/xerrors"`

			`"github.com/filecoin-project/go-address"`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`"github.com/filecoin-project/lotus/chain/types"`
fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`"github.com/filecoin-project/sector-storage/ffiwrapper"`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`"github.com/filecoin-project/sector-storage/zerocomm"`
fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`"github.com/filecoin-project/specs-actors/actors/abi"`
fsm: Get correct interactive randomness if it lands on a nullblock 2020-04-04 02:55:19 +00:00			`"github.com/filecoin-project/specs-actors/actors/builtin/miner"`
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`"github.com/filecoin-project/specs-actors/actors/crypto"`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`log "github.com/mgutz/logxi/v1"`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`)`

sealing: implement handler for sealFailed 2020-01-23 15:38:01 +00:00			`// TODO: For now we handle this by halting state execution, when we get jsonrpc reconnecting`
			`// We should implement some wait-for-api logic`
storageminer: Use tabwriter in sectors list 2020-01-23 16:15:45 +00:00			`type ErrApi struct{ error }`
sealing: check deal expiration 2020-01-23 12:17:45 +00:00
storageminer: Use tabwriter in sectors list 2020-01-23 16:15:45 +00:00			`type ErrInvalidDeals struct{ error }`
Implement committed capacity sectors 2020-02-23 00:47:47 +00:00			`type ErrInvalidPiece struct{ error }`
storageminer: Use tabwriter in sectors list 2020-01-23 16:15:45 +00:00			`type ErrExpiredDeals struct{ error }`
sealing: check deal expiration 2020-01-23 12:17:45 +00:00
storageminer: Use tabwriter in sectors list 2020-01-23 16:15:45 +00:00			`type ErrBadCommD struct{ error }`
			`type ErrExpiredTicket struct{ error }`
sealing: Check ticket expiration 2020-01-23 14:05:44 +00:00
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`type ErrBadSeed struct{ error }`
fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`type ErrInvalidProof struct{ error }`
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00
sealing: docstrings for sanity-checks 2020-01-24 20:15:02 +00:00			`// checkPieces validates that:`
			`// - Each piece han a corresponding on chain deal`
			`// - Piece commitments match with on chain deals`
			`// - Piece sizes match`
			`// - Deals aren't expired`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`func checkPieces(ctx context.Context, si SectorInfo, api SealingAPI) error {`
			`tok, height, err := api.ChainHead(ctx)`
sealing: check deal expiration 2020-01-23 12:17:45 +00:00			`if err != nil {`
sealing: Error types that can actually be checked 2020-01-23 15:57:14 +00:00			`return &ErrApi{xerrors.Errorf("getting chain head: %w", err)}`
sealing: check deal expiration 2020-01-23 12:17:45 +00:00			`}`

sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`for i, piece := range si.Pieces {`
Implement committed capacity sectors 2020-02-23 00:47:47 +00:00			`if piece.DealID == nil {`
Merge sectorbuilder into sectorstorage 2020-03-26 02:50:56 +00:00			`exp := zerocomm.ZeroPieceCommitment(piece.Size)`
more fixes for random garbage 2020-02-27 00:42:39 +00:00			`if piece.CommP != exp {`
Implement committed capacity sectors 2020-02-23 00:47:47 +00:00			`return &ErrInvalidPiece{xerrors.Errorf("deal %d piece %d had non-zero CommP %+v", piece.DealID, i, piece.CommP)}`
			`}`
			`continue`
			`}`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`proposal, _, err := api.StateMarketStorageDeal(ctx, *piece.DealID, tok)`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`if err != nil {`
sealing: Error types that can actually be checked 2020-01-23 15:57:14 +00:00			`return &ErrApi{xerrors.Errorf("getting deal %d for piece %d: %w", piece.DealID, i, err)}`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`}`

remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`if proposal.PieceCID != piece.CommP {`
			`return &ErrInvalidDeals{xerrors.Errorf("piece %d (or %d) of sector %d refers deal %d with wrong CommP: %x != %x", i, len(si.Pieces), si.SectorID, piece.DealID, piece.CommP, proposal.PieceCID)}`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`}`

remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`if piece.Size != proposal.PieceSize.Unpadded() {`
			`return &ErrInvalidDeals{xerrors.Errorf("piece %d (or %d) of sector %d refers deal %d with different size: %d != %d", i, len(si.Pieces), si.SectorID, piece.DealID, piece.Size, proposal.PieceSize)}`
sealing: check deal expiration 2020-01-23 12:17:45 +00:00			`}`

remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`if height >= proposal.StartEpoch {`
			`return &ErrExpiredDeals{xerrors.Errorf("piece %d (or %d) of sector %d refers expired deal %d - should start at %d, head %d", i, len(si.Pieces), si.SectorID, piece.DealID, proposal.StartEpoch, height)}`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`}`
			`}`

			`return nil`
			`}`

fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`// checkPrecommit checks that data commitment generated in the sealing process`
sealing: docstrings for sanity-checks 2020-01-24 20:15:02 +00:00			`// matches pieces, and that the seal ticket isn't expired`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`func checkPrecommit(ctx context.Context, maddr address.Address, si SectorInfo, api SealingAPI) (err error) {`
			`tok, height, err := api.ChainHead(ctx)`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`if err != nil {`
sealing: Error types that can actually be checked 2020-01-23 15:57:14 +00:00			`return &ErrApi{xerrors.Errorf("getting chain head: %w", err)}`
sealing: Check ticket expiration 2020-01-23 14:05:44 +00:00			`}`

remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`commD, err := api.StateComputeDataCommitment(ctx, maddr, si.SectorType, si.deals(), tok)`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`if err != nil {`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`return &ErrApi{xerrors.Errorf("calling StateComputeDataCommitment: %w", err)}`
Implement committed capacity sectors 2020-02-23 00:47:47 +00:00			`}`

remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`if !commD.Equals(*si.CommD) {`
			`return &ErrBadCommD{xerrors.Errorf("on chain CommD differs from sector: %s != %s", commD, si.CommD)}`
sealing: Check ticket expiration 2020-01-23 14:05:44 +00:00			`}`

remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`if int64(height)-int64(si.TicketEpoch+SealRandomnessLookback) > SealRandomnessLookbackLimit {`
			`return &ErrExpiredTicket{xerrors.Errorf("ticket expired: seal height: %d, head: %d", si.TicketEpoch+SealRandomnessLookback, height)}`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`}`

			`return nil`
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`}`

fsm: Get correct interactive randomness if it lands on a nullblock 2020-04-04 02:55:19 +00:00			`func (m *Sealing) checkCommit(ctx context.Context, si SectorInfo, proof []byte) (err error) {`
remove all lotus types from sealing package in preparation for extraction events adapter implement StateWaitMsg and StateComputeDataCommitment implement StateGetSectorPreCommitOnChainInfo implement ChainHead and SendMsg implement remaining methods 2020-04-06 18:07:26 +00:00			`tok, height, err := m.api.ChainHead(ctx)`
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`if err != nil {`
			`return &ErrApi{xerrors.Errorf("getting chain head: %w", err)}`
			`}`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`if si.Seed.Epoch == 0 {`
			`return &ErrBadSeed{xerrors.Errorf("seed epoch was not set")}`
			`}`

fsm: Get correct interactive randomness if it lands on a nullblock 2020-04-04 02:55:19 +00:00			`pci, err := m.api.StateSectorPreCommitInfo(ctx, m.maddr, si.SectorID, types.EmptyTSK)`
			`if err != nil {`
			`return xerrors.Errorf("getting precommit info: %w", err)`
			`}`

			`if pci.PreCommitEpoch+miner.PreCommitChallengeDelay != si.Seed.Epoch {`
			`return &ErrBadSeed{xerrors.Errorf("seed epoch doesn't match on chain info: %d != %d", pci.PreCommitEpoch+miner.PreCommitChallengeDelay, si.Seed.Epoch)}`
			`}`

fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`seed, err := m.api.ChainGetRandomness(ctx, head.Key(), crypto.DomainSeparationTag_InteractiveSealChallengeSeed, si.Seed.Epoch, nil)`
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`if err != nil {`
			`return &ErrApi{xerrors.Errorf("failed to get randomness for computing seal proof: %w", err)}`
			`}`

fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`if string(seed) != string(si.Seed.Value) {`
fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`return &ErrBadSeed{xerrors.Errorf("seed has changed")}`
			`}`

fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`ss, err := m.api.StateMinerSectorSize(ctx, m.maddr, head.Key())`
			`if err != nil {`
			`return &ErrApi{err}`
			`}`
			`_, spt, err := ffiwrapper.ProofTypeFromSectorSize(ss)`
			`if err != nil {`
			`return err`
			`}`

fsm: Get correct interactive randomness if it lands on a nullblock 2020-04-04 02:55:19 +00:00			`if *si.CommR != pci.Info.SealedCID {`
			`log.Warn("on-chain sealed CID doesn't match!")`
			`}`

			`ok, err := m.verif.VerifySeal(abi.SealVerifyInfo{`
			`SectorID: m.minerSector(si.SectorID),`
			`OnChain: abi.OnChainSealVerifyInfo{`
			`SealedCID: pci.Info.SealedCID,`
fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`InteractiveEpoch: si.Seed.Epoch,`
			`RegisteredProof: spt,`
fsm: Get correct interactive randomness if it lands on a nullblock 2020-04-04 02:55:19 +00:00			`Proof: proof,`
fsm: Handle invalid Commits 2020-04-04 01:50:05 +00:00			`SectorNumber: si.SectorID,`
			`SealRandEpoch: si.Ticket.Epoch,`
			`},`
			`Randomness: si.Ticket.Value,`
			`InteractiveRandomness: si.Seed.Value,`
			`UnsealedCID: *si.CommD,`
			`})`
			`if err != nil {`
			`return xerrors.Errorf("verify seal: %w", err)`
			`}`
			`if !ok {`
			`return &ErrInvalidProof{xerrors.New("invalid proof (compute error?)")}`
			`}`

fsm: Implement handlers for Commit errors 2020-04-03 17:45:48 +00:00			`return nil`
sealing: WIP SectorInfo sanity checks 2020-01-20 22:03:50 +00:00			`}`