Skip to content

Commit

Permalink
Have query-validator(s) check the validator signature(s) (#2814)
Browse files Browse the repository at this point in the history
* Have query-validator(s) check the validator signature

* fix CLI.md

* switch some warn! to error!
  • Loading branch information
ma2bd committed Nov 5, 2024
1 parent a76015d commit 5df3719
Show file tree
Hide file tree
Showing 3 changed files with 38 additions and 11 deletions.
6 changes: 5 additions & 1 deletion CLI.md
Original file line number Diff line number Diff line change
Expand Up @@ -334,13 +334,17 @@ Process all pending incoming messages from the inbox of the given chain by creat

Show the version and genesis config hash of a new validator, and print a warning if it is incompatible. Also print some information about the given chain while we are it

**Usage:** `linera query-validator <ADDRESS> [CHAIN_ID]`
**Usage:** `linera query-validator [OPTIONS] <ADDRESS> [CHAIN_ID]`

###### **Arguments:**

* `<ADDRESS>` — The new validator's address
* `<CHAIN_ID>` — The chain to query. If omitted, query the default chain of the wallet

###### **Options:**

* `--name <NAME>` — The public key of the validator. If given, the signature of the chain query info will be checked



## `linera query-validators`
Expand Down
4 changes: 4 additions & 0 deletions linera-client/src/client_options.rs
Original file line number Diff line number Diff line change
Expand Up @@ -432,6 +432,10 @@ pub enum ClientCommand {
address: String,
/// The chain to query. If omitted, query the default chain of the wallet.
chain_id: Option<ChainId>,
/// The public key of the validator. If given, the signature of the chain query
/// info will be checked.
#[arg(long)]
name: Option<ValidatorName>,
},

/// Show the current set of validators for a chain. Also print some information about
Expand Down
39 changes: 29 additions & 10 deletions linera-service/src/linera/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ use linera_service::{
use linera_storage::Storage;
use serde_json::Value;
use tokio::task::JoinSet;
use tracing::{debug, info, warn, Instrument as _};
use tracing::{debug, error, info, warn, Instrument as _};

mod net_up_utils;

Expand All @@ -63,7 +63,6 @@ use {
linera_core::data_types::ChainInfoResponse,
linera_rpc::{HandleCertificateRequest, RpcMessage},
std::collections::HashSet,
tracing::error,
};

use crate::persistent::PersistExt as _;
Expand Down Expand Up @@ -362,7 +361,11 @@ impl Runnable for Job {
);
}

QueryValidator { address, chain_id } => {
QueryValidator {
address,
chain_id,
name,
} => {
use linera_core::node::ValidatorNode as _;

let node = context.make_node_provider().make_node(&address)?;
Expand All @@ -375,25 +378,29 @@ impl Runnable for Job {
version_info
);
}
Ok(version_info) => warn!(
Ok(version_info) => error!(
"Validator version {} is not compatible with local version {}.",
version_info,
linera_version::VERSION_INFO
),
Err(error) => {
warn!("Failed to get version information for validator {address}:\n{error}")
error!(
"Failed to get version information for validator {address}:\n{error}"
)
}
}

let genesis_config_hash = context.wallet().genesis_config().hash();
match node.get_genesis_config_hash().await {
Ok(hash) if hash == genesis_config_hash => {}
Ok(hash) => warn!(
Ok(hash) => error!(
"Validator's genesis config hash {} does not match our own: {}.",
hash, genesis_config_hash
),
Err(error) => {
warn!("Failed to get genesis config hash for validator {address}:\n{error}")
error!(
"Failed to get genesis config hash for validator {address}:\n{error}"
)
}
}

Expand All @@ -406,9 +413,16 @@ impl Runnable for Job {
response.info.next_block_height,
response.info.epoch,
);
if let Some(name) = name {
if response.check(&name).is_ok() {
info!("Signature for public key {name} is OK.");
} else {
error!("Signature for public key {name} is NOT OK.");
}
}
}
Err(e) => {
warn!("Failed to get chain info for validator {address} and chain {chain_id}:\n{e}");
error!("Failed to get chain info for validator {address} and chain {chain_id}:\n{e}");
}
}

Expand Down Expand Up @@ -440,7 +454,7 @@ impl Runnable for Job {
);
}
Err(e) => {
warn!("Failed to get version information for validator {name:?} at {address}:\n{e}");
error!("Failed to get version information for validator {name:?} at {address}:\n{e}");
continue;
}
}
Expand All @@ -452,9 +466,14 @@ impl Runnable for Job {
response.info.next_block_height,
response.info.epoch,
);
if response.check(name).is_ok() {
info!("Signature for public key {name} is OK.");
} else {
error!("Signature for public key {name} is NOT OK.");
}
}
Err(e) => {
warn!("Failed to get chain info for validator {name:?} at {address} and chain {chain_id}:\n{e}");
error!("Failed to get chain info for validator {name:?} at {address} and chain {chain_id}:\n{e}");
continue;
}
}
Expand Down

0 comments on commit 5df3719

Please sign in to comment.