PR comment

zeta-chain · Oct 24, 2024 · 8938bc1 · 8938bc1
1 parent e2c8878
commit 8938bc1
Show file tree

Hide file tree

Showing 12 changed files with 54 additions and 35 deletions.
diff --git a/cmd/tss/main.go b/cmd/tss/main.go
@@ -12,6 +12,7 @@ import (
 
 	"github.com/cosmos/cosmos-sdk/client/input"
 	golog "github.com/ipfs/go-log"
+	"github.com/libp2p/go-libp2p/core/peer"
 
 	"gitlab.com/thorchain/tss/go-tss/common"
 	"gitlab.com/thorchain/tss/go-tss/conversion"
@@ -63,7 +64,7 @@ func main() {
 		nil,
 		p2pConf.ExternalIP,
 		os.Getenv("PASSWORD"),
-		[]string{},
+		[]peer.ID{},
 	)
 	if nil != err {
 		log.Fatal(err)

diff --git a/keygen/ecdsa/keygen_test.go b/keygen/ecdsa/keygen_test.go
@@ -114,11 +114,11 @@ func (s *TssECDSAKeygenTestSuite) SetUpTest(c *C) {
 	multiAddr, err := maddr.NewMultiaddr(bootstrapPeer)
 	c.Assert(err, IsNil)
 	s.preParams = getPreparams(c)
-	whitelistedPeers := []string{}
+	whitelistedPeers := []peer.ID{}
 	for _, pk := range testPubKeys {
 		peer, err := conversion.Bech32PubkeyToPeerID(pk)
 		c.Assert(err, IsNil)
-		whitelistedPeers = append(whitelistedPeers, peer.String())
+		whitelistedPeers = append(whitelistedPeers, peer)
 	}
 	for i := 0; i < s.partyNum; i++ {
 		buf, err := base64.StdEncoding.DecodeString(testPriKeyArr[i])

diff --git a/keygen/eddsa/keygen_test.go b/keygen/eddsa/keygen_test.go
@@ -100,11 +100,11 @@ func (s *EddsaKeygenTestSuite) SetUpTest(c *C) {
 	bootstrapPeer := "/ip4/127.0.0.1/tcp/19666/p2p/16Uiu2HAm4TmEzUqy3q3Dv7HvdoSboHk5sFj2FH3npiN5vDbJC6gh"
 	multiAddr, err := maddr.NewMultiaddr(bootstrapPeer)
 	c.Assert(err, IsNil)
-	whitelistedPeers := []string{}
+	whitelistedPeers := []peer.ID{}
 	for _, pk := range testPubKeys {
 		peer, err := conversion.Bech32PubkeyToPeerID(pk)
 		c.Assert(err, IsNil)
-		whitelistedPeers = append(whitelistedPeers, peer.String())
+		whitelistedPeers = append(whitelistedPeers, peer)
 	}
 	for i := 0; i < s.partyNum; i++ {
 		buf, err := base64.StdEncoding.DecodeString(testPriKeyArr[i])

diff --git a/keysign/ecdsa/keysign_old_test.go b/keysign/ecdsa/keysign_old_test.go
@@ -126,11 +126,11 @@ func (s *TssECDSAKeysignOldTestSuite) SetUpTest(c *C) {
 	bootstrapPeer := "/ip4/127.0.0.1/tcp/17666/p2p/16Uiu2HAm4TmEzUqy3q3Dv7HvdoSboHk5sFj2FH3npiN5vDbJC6gh"
 	multiAddr, err := maddr.NewMultiaddr(bootstrapPeer)
 	c.Assert(err, IsNil)
-	whitelistedPeers := []string{}
+	whitelistedPeers := []peer.ID{}
 	for _, pk := range testPubKeys {
 		peer, err := conversion.Bech32PubkeyToPeerID(pk)
 		c.Assert(err, IsNil)
-		whitelistedPeers = append(whitelistedPeers, peer.String())
+		whitelistedPeers = append(whitelistedPeers, peer)
 	}
 	for i := 0; i < s.partyNum; i++ {
 		buf, err := base64.StdEncoding.DecodeString(testPriKeyArr[i])

diff --git a/keysign/ecdsa/keysign_test.go b/keysign/ecdsa/keysign_test.go
@@ -139,11 +139,11 @@ func (s *TssECDSAKeysignTestSuite) SetUpTest(c *C) {
 	multiAddr, err := maddr.NewMultiaddr(bootstrapPeer)
 	c.Assert(err, IsNil)
 
-	whitelistedPeers := []string{}
+	whitelistedPeers := []peer.ID{}
 	for _, pk := range testPubKeys {
 		peer, err := conversion.Bech32PubkeyToPeerID(pk)
 		c.Assert(err, IsNil)
-		whitelistedPeers = append(whitelistedPeers, peer.String())
+		whitelistedPeers = append(whitelistedPeers, peer)
 	}
 	for i := 0; i < s.partyNum; i++ {
 		buf, err := base64.StdEncoding.DecodeString(testPriKeyArr[i])

diff --git a/keysign/eddsa/keysign_test.go b/keysign/eddsa/keysign_test.go
@@ -136,11 +136,11 @@ func (s *EddsaKeysignTestSuite) SetUpTest(c *C) {
 	bootstrapPeer := "/ip4/127.0.0.1/tcp/15666/p2p/16Uiu2HAm4TmEzUqy3q3Dv7HvdoSboHk5sFj2FH3npiN5vDbJC6gh"
 	multiAddr, err := maddr.NewMultiaddr(bootstrapPeer)
 	c.Assert(err, IsNil)
-	whitelistedPeers := []string{}
+	whitelistedPeers := []peer.ID{}
 	for _, pk := range testPubKeys {
 		peer, err := conversion.Bech32PubkeyToPeerID(pk)
 		c.Assert(err, IsNil)
-		whitelistedPeers = append(whitelistedPeers, peer.String())
+		whitelistedPeers = append(whitelistedPeers, peer)
 	}
 	for i := 0; i < s.partyNum; i++ {
 		buf, err := base64.StdEncoding.DecodeString(testPriKeyArr[i])

diff --git a/p2p/communication.go b/p2p/communication.go
@@ -62,7 +62,7 @@ type Communication struct {
 	BroadcastMsgChan chan *messages.BroadcastMsgChan
 	externalAddr     maddr.Multiaddr
 	streamMgr        *StreamMgr
-	whitelistedPeers []string
+	whitelistedPeers []peer.ID
 }
 
 // NewCommunication create a new instance of Communication
@@ -71,7 +71,7 @@ func NewCommunication(
 	bootstrapPeers []maddr.Multiaddr,
 	port int,
 	externalIP string,
-	whitelistedPeers []string,
+	whitelistedPeers []peer.ID,
 ) (*Communication, error) {
 	addr, err := maddr.NewMultiaddr(fmt.Sprintf("/ip4/0.0.0.0/tcp/%d", port))
 	if err != nil {

diff --git a/p2p/communication_test.go b/p2p/communication_test.go
@@ -18,7 +18,7 @@ type CommunicationTestSuite struct{}
 var _ = Suite(&CommunicationTestSuite{})
 
 func (CommunicationTestSuite) TestBasicCommunication(c *C) {
-	comm, err := NewCommunication("rendezvous", nil, 6668, "", []string{})
+	comm, err := NewCommunication("rendezvous", nil, 6668, "", []peer.ID{})
 	c.Assert(err, IsNil)
 	c.Assert(comm, NotNil)
 	comm.SetSubscribe(messages.TSSKeyGenMsg, "hello", make(chan *Message))
@@ -47,15 +47,15 @@ func (CommunicationTestSuite) TestEstablishP2pCommunication(c *C) {
 	c.Assert(err, IsNil)
 	privKey, err := base64.StdEncoding.DecodeString(bootstrapPrivKey)
 	c.Assert(err, IsNil)
-	comm, err := NewCommunication("commTest", nil, 2220, fakeExternalIP, []string{})
+	comm, err := NewCommunication("commTest", nil, 2220, fakeExternalIP, []peer.ID{})
 	c.Assert(err, IsNil)
 	c.Assert(comm.Start(privKey), IsNil)
 
 	defer comm.Stop()
 	sk1, _, err := crypto.GenerateSecp256k1Key(rand.Reader)
 	sk1raw, _ := sk1.Raw()
 	c.Assert(err, IsNil)
-	comm2, err := NewCommunication("commTest", []maddr.Multiaddr{validMultiAddr}, 2221, "", []string{})
+	comm2, err := NewCommunication("commTest", []maddr.Multiaddr{validMultiAddr}, 2221, "", []peer.ID{})
 	c.Assert(err, IsNil)
 	err = comm2.Start(sk1raw)
 	c.Assert(err, IsNil)
@@ -69,14 +69,14 @@ func (CommunicationTestSuite) TestEstablishP2pCommunication(c *C) {
 	invalidAddr := "/ip4/127.0.0.1/tcp/2220/p2p/" + id.String()
 	invalidMultiAddr, err := maddr.NewMultiaddr(invalidAddr)
 	c.Assert(err, IsNil)
-	comm3, err := NewCommunication("commTest", []maddr.Multiaddr{invalidMultiAddr}, 2222, "", []string{})
+	comm3, err := NewCommunication("commTest", []maddr.Multiaddr{invalidMultiAddr}, 2222, "", []peer.ID{})
 	c.Assert(err, IsNil)
 	err = comm3.Start(sk1raw)
 	c.Assert(err, ErrorMatches, "fail to connect to bootstrap peer: fail to connect to any peer")
 	defer comm3.Stop()
 
 	// we connect to one invalid and one valid address
-	comm4, err := NewCommunication("commTest", []maddr.Multiaddr{invalidMultiAddr, validMultiAddr}, 2223, "", []string{})
+	comm4, err := NewCommunication("commTest", []maddr.Multiaddr{invalidMultiAddr, validMultiAddr}, 2223, "", []peer.ID{})
 	c.Assert(err, IsNil)
 	err = comm4.Start(sk1raw)
 	c.Assert(err, IsNil)

diff --git a/p2p/whitelist_connection_gater.go b/p2p/whitelist_connection_gater.go
@@ -10,14 +10,14 @@ import (
 )
 
 type WhitelistConnectionGater struct {
-	whitelistedPeers map[string]bool
+	whitelistedPeers map[peer.ID]bool
 	logger           zerolog.Logger
 }
 
-func NewWhitelistConnectionGater(whitelistedPeers []string, logger zerolog.Logger) *WhitelistConnectionGater {
+func NewWhitelistConnectionGater(whitelistedPeers []peer.ID, logger zerolog.Logger) *WhitelistConnectionGater {
 	gater := &WhitelistConnectionGater{
 		logger:           logger,
-		whitelistedPeers: make(map[string]bool),
+		whitelistedPeers: make(map[peer.ID]bool),
 	}
 
 	for _, p := range whitelistedPeers {
@@ -29,34 +29,50 @@ func NewWhitelistConnectionGater(whitelistedPeers []string, logger zerolog.Logge
 }
 
 func (wg *WhitelistConnectionGater) InterceptPeerDial(p peer.ID) (allow bool) {
-	return wg.peerAllowed("InterceptPeerDial", p.String())
+	return wg.peerAllowed("InterceptPeerDial", p, nil)
 }
 
 func (wg *WhitelistConnectionGater) InterceptAddrDial(p peer.ID, m maddr.Multiaddr) (allow bool) {
-	return wg.peerAllowed("InterceptAddrDial", p.String())
+	return wg.peerAllowed("InterceptAddrDial", p, &m)
 }
 
 func (wg *WhitelistConnectionGater) InterceptAccept(m network.ConnMultiaddrs) (allow bool) {
 	return true
 }
 
 func (wg *WhitelistConnectionGater) InterceptSecured(direction network.Direction, p peer.ID, m network.ConnMultiaddrs) (allow bool) {
-	return wg.peerAllowed("InterceptSecured", p.String())
+	remoteMultiAddr := m.RemoteMultiaddr()
+	return wg.peerAllowed("InterceptSecured", p, &remoteMultiAddr)
 }
 
 func (wg *WhitelistConnectionGater) InterceptUpgraded(network.Conn) (bool, control.DisconnectReason) {
 	// Allow connection upgrades
 	return true, 0
 }
 
-func (wg *WhitelistConnectionGater) peerAllowed(interceptor, p string) bool {
+func (wg *WhitelistConnectionGater) peerAllowed(interceptor string, p peer.ID, remoteAddr *maddr.Multiaddr) bool {
 	allowed := wg.whitelistedPeers[p]
 
+	var event *zerolog.Event
 	if allowed {
-		// TODO: switch to debug
-		wg.logger.Info().Msgf("%s: peer %s allowed", interceptor, p)
+		event = wg.logger.Debug() // log allowed peers at Debug level
 	} else {
-		wg.logger.Info().Msgf("%s: peer %s denied", interceptor, p)
+		event = wg.logger.Info() // log denied peers at Info level
+	}
+
+	event = event.
+		Str("interceptor", interceptor).
+		Str("peer", p.String()).
+		Bool("allowed", allowed)
+
+	if remoteAddr != nil {
+		event.Str("remote_address", (*remoteAddr).String())
+	}
+
+	if allowed {
+		event.Msg("Peer allowed")
+	} else {
+		event.Msg("Peer denied")
 	}
 
 	return allowed

diff --git a/tss/tss.go b/tss/tss.go
@@ -59,7 +59,7 @@ func NewTss(
 	preParams *bkeygen.LocalPreParams,
 	externalIP string,
 	tssPassword string,
-	whitelistedPeers []string,
+	whitelistedPeers []peer.ID,
 ) (*TssServer, error) {
 	pk := coskey.PubKey{
 		Key: priKey.PubKey().Bytes()[:],
@@ -88,7 +88,7 @@ func NewTss(
 		bootstrapPeers = append(bootstrapPeers, cmdBootstrapPeers...)
 	}
 
-	whitelistedPeerSet := make(map[string]bool)
+	whitelistedPeerSet := make(map[peer.ID]bool)
 	for _, w := range whitelistedPeers {
 		whitelistedPeerSet[w] = true
 	}
@@ -99,7 +99,7 @@ func NewTss(
 			return nil, err
 		}
 
-		if whitelistedPeerSet[peer.ID.String()] {
+		if whitelistedPeerSet[peer.ID] {
 			whitelistedBootstrapPeers = append(whitelistedBootstrapPeers, b)
 		}
 	}

diff --git a/tss/tss_4nodes_test.go b/tss/tss_4nodes_test.go
@@ -15,6 +15,7 @@ import (
 	"time"
 
 	btsskeygen "github.com/bnb-chain/tss-lib/ecdsa/keygen"
+	"github.com/libp2p/go-libp2p/core/peer"
 	maddr "github.com/multiformats/go-multiaddr"
 
 	. "gopkg.in/check.v1"
@@ -369,11 +370,11 @@ func (s *FourNodeTestSuite) getTssServer(c *C, index int, conf common.TssConfig,
 	} else {
 		peerIDs = nil
 	}
-	whitelistedPeers := []string{}
+	whitelistedPeers := []peer.ID{}
 	for _, pk := range testPubKeys {
 		peer, err := conversion.Bech32PubkeyToPeerID(pk)
 		c.Assert(err, IsNil)
-		whitelistedPeers = append(whitelistedPeers, peer.String())
+		whitelistedPeers = append(whitelistedPeers, peer)
 	}
 	instance, err := NewTss(peerIDs, s.ports[index], priKey, "Asgard", baseHome, conf, s.preParams[index], "", "password", whitelistedPeers)
 	c.Assert(err, IsNil)

diff --git a/tss/tss_4nodes_zeta_test.go b/tss/tss_4nodes_zeta_test.go
@@ -14,6 +14,7 @@ import (
 	"time"
 
 	btsskeygen "github.com/bnb-chain/tss-lib/ecdsa/keygen"
+	"github.com/libp2p/go-libp2p/core/peer"
 	maddr "github.com/multiformats/go-multiaddr"
 	. "gopkg.in/check.v1"
 
@@ -234,11 +235,11 @@ func (s *FourNodeScaleZetaSuite) getTssServer(c *C, index int, conf common.TssCo
 	} else {
 		peerIDs = nil
 	}
-	whitelistedPeers := []string{}
+	whitelistedPeers := []peer.ID{}
 	for _, pk := range testPubKeys {
 		peer, err := conversion.Bech32PubkeyToPeerID(pk)
 		c.Assert(err, IsNil)
-		whitelistedPeers = append(whitelistedPeers, peer.String())
+		whitelistedPeers = append(whitelistedPeers, peer)
 	}
 	instance, err := NewTss(peerIDs, s.ports[index], priKey, "Zeta", baseHome, conf, s.preParams[index], "", "password", whitelistedPeers)
 	c.Assert(err, IsNil)