various fixes: warn on predicted nonce mismatch, randomness length, add missing mocked verification calls (#199)

* warn when extracting a message from a tipset that contains
  more leading messages from the same sender, as this leads to
  nonce misalignment.
* fix mocked randomness being too short (must be 32 bytes).
* mock some further verification syscalls.

tvx/extract_msg.go

@@ -6,6 +6,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"log"
 	"os"
 
 	"github.com/filecoin-project/specs-actors/actors/builtin"
@@ -101,27 +102,55 @@ func runExtractMsg(c *cli.Context) error {
 		fmt.Println("\t", k.String())
 	}
 
-	// get the tipset on which this message was mined.
+	// get the tipset on which this message was "executed".
-	ts, err := api.ChainGetTipSet(ctx, msgInfo.TipSet)
+	// https://github.com/filecoin-project/lotus/issues/2847
+	execTs, err := api.ChainGetTipSet(ctx, msgInfo.TipSet)
 	if err != nil {
 		return err
 	}
 
-	// get the previous tipset, on top of which the message was executed.
+	// get the previous tipset, on which this message was mined.
-	prevTs, err := api.ChainGetTipSet(ctx, ts.Parents())
+	includedTs, err := api.ChainGetTipSet(ctx, execTs.Parents())
 	if err != nil {
 		return err
 	}
 
+	// Warn if the block contains more messages from this sender, preceding the
+	// extracted message.
+	//
+	// TODO https://github.com/filecoin-project/oni/issues/195
+	for _, b := range includedTs.Blocks() {
+		messages, err := api.ChainGetBlockMessages(ctx, b.Cid())
+		if err != nil {
+			return err
+		}
+		for _, other := range messages.BlsMessages {
+			if other.Cid() == mid {
+				break
+			}
+			if other.From == msg.From && other.Nonce < msg.Nonce {
+				log.Printf("WARN: tipset includes preceding message with lower nonce from same sender; this extraction won't work")
+			}
+		}
+		for _, m := range messages.SecpkMessages {
+			if m.Message.Cid() == mid {
+				break
+			}
+			if m.Message.From == msg.From && m.Message.Nonce < msg.Nonce {
+				log.Printf("WARN: tipset includes preceding message with lower nonce from same sender; this extraction won't work")
+			}
+		}
+	}
+
 	fmt.Println("getting the _before_ filtered state tree")
-	preroot, err := g.GetMaskedStateTree(prevTs.Parents(), retain)
+	preroot, err := g.GetMaskedStateTree(includedTs.Parents(), retain)
 	if err != nil {
 		return err
 	}
 
 	driver := lotus.NewDriver(ctx)
 
-	_, postroot, err := driver.ExecuteMessage(msg, preroot, pst.Blockstore, ts.Height())
+	_, postroot, err := driver.ExecuteMessage(msg, preroot, pst.Blockstore, execTs.Height())
 	if err != nil {
 		return fmt.Errorf("failed to execute message: %w", err)
 	}
@@ -162,7 +191,7 @@ func runExtractMsg(c *cli.Context) error {
 		},
 		CAR: out.Bytes(),
 		Pre: &Preconditions{
-			Epoch: ts.Height(),
+			Epoch: execTs.Height(),
 			StateTree: &StateTree{
 				RootCID: preroot,
 			},

tvx/lotus/stubs.go

@@ -18,14 +18,25 @@ type vmRand struct {
 }
 
 func (*vmRand) GetRandomness(ctx context.Context, dst crypto.DomainSeparationTag, h abi.ChainEpoch, input []byte) ([]byte, error) {
-	return []byte("i_am_random"), nil
+	return []byte("i_am_random_____i_am_random_____"), nil // 32 bytes.
 }
 
 type fakedSigSyscalls struct {
 	runtime.Syscalls
 }
 
-func (fss *fakedSigSyscalls) VerifySignature(_ crypto.Signature, _ address.Address, plaintext []byte) error {
+// TODO VerifySignature this will always succeed; but we want to be able to test failures too.
+func (fss *fakedSigSyscalls) VerifySignature(_ crypto.Signature, _ address.Address, _ []byte) error {
+	return nil
+}
+
+// TODO VerifySeal this will always succeed; but we want to be able to test failures too.
+func (fss *fakedSigSyscalls) VerifySeal(_ abi.SealVerifyInfo) error {
+	return nil
+}
+
+// TODO VerifyPoSt this will always succeed; but we want to be able to test failures too.
+func (fss *fakedSigSyscalls) VerifyPoSt(_ abi.WindowPoStVerifyInfo) error {
 	return nil
 }