lotus/chain/vm/syscalls.go

254 lines
7.6 KiB
Go
Raw Normal View History

package vm
import (
2020-04-10 15:14:43 +00:00
"bytes"
2020-02-26 22:54:34 +00:00
"context"
"fmt"
2020-01-13 20:47:27 +00:00
"github.com/filecoin-project/go-address"
"github.com/ipfs/go-cid"
2020-04-10 15:14:43 +00:00
cbor "github.com/ipfs/go-ipld-cbor"
"github.com/minio/blake2b-simd"
mh "github.com/multiformats/go-multihash"
"golang.org/x/xerrors"
2020-03-26 19:34:38 +00:00
2020-04-10 15:14:43 +00:00
"github.com/filecoin-project/lotus/chain/state"
"github.com/filecoin-project/lotus/chain/types"
"github.com/filecoin-project/lotus/lib/sigs"
2020-03-26 19:34:38 +00:00
"github.com/filecoin-project/specs-actors/actors/abi"
"github.com/filecoin-project/specs-actors/actors/builtin/miner"
2020-03-26 19:34:38 +00:00
"github.com/filecoin-project/specs-actors/actors/crypto"
"github.com/filecoin-project/specs-actors/actors/runtime"
2020-03-27 23:00:21 +00:00
"github.com/filecoin-project/sector-storage/ffiwrapper"
)
func init() {
mh.Codes[0xf104] = "filecoin"
}
// Actual type is defined in chain/types/vmcontext.go because the VMContext interface is there
2020-03-26 02:50:56 +00:00
func Syscalls(verifier ffiwrapper.Verifier) runtime.Syscalls {
return &syscallShim{verifier: verifier}
}
type syscallShim struct {
2020-04-10 15:14:43 +00:00
ctx context.Context
cstate *state.StateTree
cst *cbor.BasicIpldStore
2020-03-26 02:50:56 +00:00
verifier ffiwrapper.Verifier
}
2020-02-27 00:42:39 +00:00
func (ss *syscallShim) ComputeUnsealedSectorCID(st abi.RegisteredProof, pieces []abi.PieceInfo) (cid.Cid, error) {
2020-02-23 00:47:47 +00:00
var sum abi.PaddedPieceSize
for _, p := range pieces {
2020-02-23 00:47:47 +00:00
sum += p.Size
}
2020-03-26 02:50:56 +00:00
commd, err := ffiwrapper.GenerateUnsealedCID(st, pieces)
if err != nil {
2020-02-23 00:47:47 +00:00
log.Errorf("generate data commitment failed: %s", err)
return cid.Undef, err
}
2020-02-27 00:42:39 +00:00
return commd, nil
}
func (ss *syscallShim) HashBlake2b(data []byte) [32]byte {
2020-04-10 15:14:43 +00:00
return blake2b.Sum256(data)
}
2020-04-10 15:14:43 +00:00
// Checks validity of the submitted consensus fault with the two block headers needed to prove the fault
// and an optional extra one to check common ancestry (as needed).
// Note that the blocks are ordered: the method requires a.Epoch() <= b.Epoch().
2020-03-09 04:21:46 +00:00
func (ss *syscallShim) VerifyConsensusFault(a, b, extra []byte, epoch abi.ChainEpoch) (*runtime.ConsensusFault, error) {
2020-04-10 15:14:43 +00:00
// Note that block syntax is not validated. Any validly signed block will be accepted pursuant to the below conditions.
// Whether or not it could ever have been accepted in a chain is not checked/does not matter here.
// for that reason when checking block parent relationships, rather than instantiating a Tipset to do so
// (which runs a syntactic check), we do it directly on the CIDs.
// (0) cheap preliminary checks
// are blocks the same?
if bytes.Equal(a, b) {
return nil, fmt.Errorf("no consensus fault: submitted blocks are the same")
}
// can blocks be decoded properly?
var blockA, blockB types.BlockHeader
2020-04-10 15:14:43 +00:00
if decodeErr := blockA.UnmarshalCBOR(bytes.NewReader(a)); decodeErr != nil {
return nil, xerrors.Errorf("cannot decode first block header: %w", decodeErr)
2020-04-10 15:14:43 +00:00
}
if decodeErr := blockB.UnmarshalCBOR(bytes.NewReader(b)); decodeErr != nil {
return nil, xerrors.Errorf("cannot decode second block header: %f", decodeErr)
2020-04-10 15:14:43 +00:00
}
// (1) check conditions necessary to any consensus fault
// were blocks mined by same miner?
if blockA.Miner != blockB.Miner {
return nil, fmt.Errorf("no consensus fault: blocks not mined by same miner")
}
// block a must be earlier or equal to block b, epoch wise (ie at least as early in the chain).
if blockB.Height < blockA.Height {
return nil, fmt.Errorf("first block must not be of higher height than second")
}
// (2) check for the consensus faults themselves
2020-04-10 15:14:43 +00:00
var consensusFault *runtime.ConsensusFault
// (a) double-fork mining fault
if blockA.Height == blockB.Height {
consensusFault = &runtime.ConsensusFault{
Target: blockA.Miner,
Epoch: blockB.Height,
Type: runtime.ConsensusFaultDoubleForkMining,
}
}
// (b) time-offset mining fault
// strictly speaking no need to compare heights based on double fork mining check above,
// but at same height this would be a different fault.
if !types.CidArrsEqual(blockA.Parents, blockB.Parents) && blockA.Height != blockB.Height {
consensusFault = &runtime.ConsensusFault{
Target: blockA.Miner,
Epoch: blockB.Height,
Type: runtime.ConsensusFaultTimeOffsetMining,
}
}
// (c) parent-grinding fault
// Here extra is the "witness", a third block that shows the connection between A and B as
// A's sibling and B's parent.
2020-04-10 15:14:43 +00:00
// Specifically, since A is of lower height, it must be that B was mined omitting A from its tipset
var blockC types.BlockHeader
if len(extra) > 0 {
if decodeErr := blockC.UnmarshalCBOR(bytes.NewReader(extra)); decodeErr != nil {
return nil, xerrors.Errorf("cannot decode extra: %w", decodeErr)
}
2020-04-16 19:52:49 +00:00
if types.CidArrsEqual(blockA.Parents, blockC.Parents) && blockA.Height == blockC.Height &&
2020-04-10 20:34:04 +00:00
types.CidArrsContains(blockB.Parents, blockC.Cid()) && !types.CidArrsContains(blockB.Parents, blockA.Cid()) {
consensusFault = &runtime.ConsensusFault{
Target: blockA.Miner,
Epoch: blockB.Height,
Type: runtime.ConsensusFaultParentGrinding,
}
2020-04-10 15:14:43 +00:00
}
}
// (3) return if no consensus fault by now
if consensusFault == nil {
return consensusFault, nil
}
// else
// (4) expensive final checks
2020-04-10 15:14:43 +00:00
// check blocks are properly signed by their respective miner
// note we do not need to check extra's: it is a parent to block b
// which itself is signed, so it was willingly included by the miner
if sigErr := ss.VerifyBlockSig(&blockA); sigErr != nil {
return nil, xerrors.Errorf("cannot verify first block sig: %w", sigErr)
2020-04-10 15:14:43 +00:00
}
if sigErr := ss.VerifyBlockSig(&blockB); sigErr != nil {
return nil, xerrors.Errorf("cannot verify first block sig: %w", sigErr)
2020-04-10 15:14:43 +00:00
}
return consensusFault, nil
}
func (ss *syscallShim) VerifyBlockSig(blk *types.BlockHeader) error {
// get appropriate miner actor
act, err := ss.cstate.GetActor(blk.Miner)
if err != nil {
return err
}
2020-04-10 15:14:43 +00:00
// use that to get the miner state
var mas miner.State
if err = ss.cst.Get(ss.ctx, act.Head, &mas); err != nil {
return err
}
// and use to get resolved workerKey
waddr, err := ResolveToKeyAddr(ss.cstate, ss.cst, mas.Info.Worker)
if err != nil {
return err
}
2020-04-10 15:14:43 +00:00
if err := sigs.CheckBlockSignature(blk, ss.ctx, waddr); err != nil {
return err
}
return nil
}
2020-02-26 22:54:34 +00:00
func (ss *syscallShim) VerifyPoSt(proof abi.PoStVerifyInfo) error {
2020-04-10 15:14:43 +00:00
ok, err := ss.verifier.VerifyFallbackPost(ss.ctx, proof)
2020-02-26 22:54:34 +00:00
if err != nil {
return err
}
if !ok {
return fmt.Errorf("proof was invalid")
}
return nil
}
func cidToCommD(c cid.Cid) [32]byte {
b := c.Bytes()
var out [32]byte
copy(out[:], b[len(b)-32:])
return out
}
func cidToCommR(c cid.Cid) [32]byte {
b := c.Bytes()
var out [32]byte
copy(out[:], b[len(b)-32:])
return out
}
2020-02-26 22:54:34 +00:00
func (ss *syscallShim) VerifySeal(info abi.SealVerifyInfo) error {
//_, span := trace.StartSpan(ctx, "ValidatePoRep")
//defer span.End()
miner, err := address.NewIDAddress(uint64(info.Miner))
if err != nil {
2020-02-27 00:42:39 +00:00
return xerrors.Errorf("weirdly failed to construct address: %w", err)
}
ticket := []byte(info.Randomness)
proof := []byte(info.OnChain.Proof)
seed := []byte(info.InteractiveRandomness)
2020-04-10 03:34:01 +00:00
log.Debugf("Verif r:%x; d:%x; m:%s; t:%x; s:%x; N:%d; p:%x", info.OnChain.SealedCID, info.UnsealedCID, miner, ticket, seed, info.SectorID.Number, proof)
2020-02-23 20:32:14 +00:00
//func(ctx context.Context, maddr address.Address, ssize abi.SectorSize, commD, commR, ticket, proof, seed []byte, sectorID abi.SectorNumber)
2020-02-27 00:42:39 +00:00
ok, err := ss.verifier.VerifySeal(info)
if err != nil {
2020-02-26 22:54:34 +00:00
return xerrors.Errorf("failed to validate PoRep: %w", err)
}
if !ok {
return fmt.Errorf("invalid proof")
}
2020-02-26 22:54:34 +00:00
return nil
}
2020-02-26 22:54:34 +00:00
func (ss *syscallShim) VerifySignature(sig crypto.Signature, addr address.Address, input []byte) error {
return nil
/* // TODO: in genesis setup, we are currently faking signatures
if err := ss.rt.vmctx.VerifySignature(&sig, addr, input); err != nil {
return false
}
return true
*/
}