Merge pull request #185 from eosnetworkfoundation/gh_184

Add support for storing public keys on-chain that will be used to validate a network peer's identity.

Author: greg7mdp

contracts/eosio.system/CMakeLists.txt

@@ -7,6 +7,7 @@ add_contract(
   ${CMAKE_CURRENT_SOURCE_DIR}/src/finalizer_key.cpp
   ${CMAKE_CURRENT_SOURCE_DIR}/src/name_bidding.cpp
   ${CMAKE_CURRENT_SOURCE_DIR}/src/native.cpp
+  ${CMAKE_CURRENT_SOURCE_DIR}/src/peer_keys.cpp
   ${CMAKE_CURRENT_SOURCE_DIR}/src/producer_pay.cpp
   ${CMAKE_CURRENT_SOURCE_DIR}/src/powerup.cpp
   ${CMAKE_CURRENT_SOURCE_DIR}/src/rex.cpp

contracts/eosio.system/include/eosio.system/peer_keys.hpp

@@ -0,0 +1,83 @@
+#pragma once
+
+#include <eosio/contract.hpp>
+#include <eosio/crypto.hpp>
+#include <eosio/name.hpp>
+
+#include <string>
+#include <optional>
+
+namespace eosiosystem {
+
+using eosio::name;
+using eosio::public_key;
+
+// -------------------------------------------------------------------------------------------------
+// -------------------------------------------------------------------------------------------------
+struct [[eosio::table("peerkeys"), eosio::contract("eosio.system")]] peer_key {
+   struct v0_data {
+      std::optional<public_key> pubkey; // peer key for network message authentication
+      EOSLIB_SERIALIZE(v0_data, (pubkey))
+   };
+
+   name                  account;
+   std::variant<v0_data> data;
+
+   uint64_t primary_key() const { return account.value; }
+
+   void                                    set_public_key(const public_key& key) { data = v0_data{key}; }
+   const std::optional<eosio::public_key>& get_public_key() const {
+      return std::visit([](auto& v) -> const std::optional<eosio::public_key>& { return v.pubkey; }, data);
+   }
+   void update_row() {}
+   void init_row(name n) { *this = peer_key{n, v0_data{}}; }
+};
+
+// -------------------------------------------------------------------------------------------------
+// -------------------------------------------------------------------------------------------------
+typedef eosio::multi_index<"peerkeys"_n, peer_key> peer_keys_table;
+
+// -------------------------------------------------------------------------------------------------
+// -------------------------------------------------------------------------------------------------
+struct [[eosio::contract("eosio.system")]] peer_keys : public eosio::contract {
+   
+   peer_keys(name s, name code, eosio::datastream<const char*> ds)
+      : eosio::contract(s, code, ds) {}
+
+   struct peerkeys_t {
+      name                      producer_name;
+      std::optional<public_key> peer_key;
+
+      EOSLIB_SERIALIZE(peerkeys_t, (producer_name)(peer_key))
+   };
+
+   using getpeerkeys_res_t = std::vector<peerkeys_t>;
+
+   /**
+    * Action to register a public key for a proposer or finalizer name.
+    * This key will be used to validate a network peer's identity.
+    * A proposer or finalizer can only have have one public key registered at a time.
+    * If a key is already registered for `proposer_finalizer_name`, and `regpeerkey` is
+    * called with a different key, the new key replaces the previous one in `peer_keys_table`
+    */
+   [[eosio::action]]
+   void regpeerkey(const name& proposer_finalizer_name, const public_key& key);
+
+   /**
+    * Action to delete a public key for a proposer or finalizer name.
+    *
+    * An existing public key for a given account can be changed by calling `regpeerkey` again.
+    */
+   [[eosio::action]]
+   void delpeerkey(const name& proposer_finalizer_name, const public_key& key);
+
+   /**
+    * Returns a list of up to 50 top producers (active *and* non-active, in votes rank order), 
+    * along with their peer public key if it was registered via the regpeerkey action.
+    */
+   [[eosio::action]]
+   getpeerkeys_res_t getpeerkeys();
+
+};
+
+} // namespace eosiosystem

contracts/eosio.system/src/peer_keys.cpp

@@ -0,0 +1,105 @@
+#include <cstdint>
+#include <eosio.system/eosio.system.hpp>
+#include <eosio.system/peer_keys.hpp>
+
+#include <eosio/eosio.hpp>
+
+namespace eosiosystem {
+
+void peer_keys::regpeerkey(const name& proposer_finalizer_name, const public_key& key) {
+   require_auth(proposer_finalizer_name);
+   peer_keys_table peer_keys_table(get_self(), get_self().value);
+   check(!std::holds_alternative<eosio::webauthn_public_key>(key), "webauthn keys not allowed in regpeerkey action");
+
+   auto peers_itr = peer_keys_table.find(proposer_finalizer_name.value);
+   if (peers_itr == peer_keys_table.end()) {
+      peer_keys_table.emplace(proposer_finalizer_name, [&](auto& row) {
+         row.init_row(proposer_finalizer_name);
+         row.set_public_key(key);
+      });
+   } else {
+      const auto& prev_key = peers_itr->get_public_key();
+      check(!prev_key || *prev_key != key, "Provided key is the same as currently stored one");
+      peer_keys_table.modify(peers_itr, same_payer, [&](auto& row) {
+         row.update_row();
+         row.set_public_key(key);
+      });
+   }
+}
+
+void peer_keys::delpeerkey(const name& proposer_finalizer_name, const public_key& key) {
+   require_auth(proposer_finalizer_name);
+   peer_keys_table peer_keys_table(get_self(), get_self().value);
+
+   auto peers_itr = peer_keys_table.find(proposer_finalizer_name.value);
+   check(peers_itr != peer_keys_table.end(), "Key not present for name: " + proposer_finalizer_name.to_string());
+   const auto& prev_key = peers_itr->get_public_key();
+   check(prev_key && *prev_key == key, "Current key does not match the provided one");
+   peer_keys_table.erase(peers_itr);
+}
+
+peer_keys::getpeerkeys_res_t peer_keys::getpeerkeys() {
+   peer_keys_table  peer_keys_table(get_self(), get_self().value);
+   producers_table  producers(get_self(), get_self().value);
+   constexpr size_t max_return = 50;
+
+   getpeerkeys_res_t resp;
+   resp.reserve(max_return);
+
+   double vote_threshold = 0; // vote_threshold will always be >= 0
+
+   auto add_peer = [&](auto it) {
+      auto peers_itr = peer_keys_table.find(it->owner.value);
+      if (peers_itr == peer_keys_table.end())
+         resp.push_back(peerkeys_t{it->owner, {}});
+      else
+         resp.push_back(peerkeys_t{it->owner, peers_itr->get_public_key()});
+
+      // once 21 producers have been selected, we will only consider producers
+      // that have more than 50% of the votes of the 21st selected producer.
+      // ---------------------------------------------------------------------
+      if (resp.size() == 21)
+         vote_threshold = it->total_votes * 0.5;
+   };
+
+   auto idx = producers.get_index<"prototalvote"_n>();
+
+   auto it  = idx.cbegin();
+   auto rit = idx.cend();
+   if (it == rit)
+      return resp;
+   else
+      --rit;
+
+   // 1. Consider both active and non-active producers. as a non-active producer can be
+   //    reactivated at any time.
+   // 2. Once we have selected 21 producers, the threshold of votes required to be selected
+   //    increases from `> 0` to `> 50% of the votes that the 21st selected producer has`.
+   // 3. We iterate from both ends, as non-active producers are indexed at the end (their
+   //    vote total is negated for the index computation). As a consequence, the highest 
+   //    voted non-active producer will be the last entry of our index.
+   // --------------------------------------------------------------------------------------
+   bool last_one = false;
+   do  {
+      // at this point, `it` and `rit` both point to a valid `producer_info` (possibly the same)
+      assert(it <= rit);
+      assert(vote_threshold >= 0);
+      assert(it->total_votes >= 0 && rit->total_votes >= 0);
+      last_one = (it == rit);
+      if (rit->total_votes > std::max(vote_threshold, it->total_votes)) {
+         add_peer(rit);
+         assert(it != rit); // Should always be satisfied since `rit->total_votes > it->total_votes`
+         --rit;             // safe because `rit` cannot point to the first entry of the index.
+      } else if (it->total_votes > vote_threshold) {
+         add_peer(it);
+         ++it;
+      } else {
+         // `total_votes <= threshold` on both ends of the index, exit the loop.
+         break;
+      }
+   } while (!last_one && resp.size() < max_return);
+
+   return resp;
+}
+
+} // namespace eosiosystem