Merge pull request #483 from shutter-network/access-node

jannikluhn · web-flow · commit 05b0a80585de · 2024-07-05T13:46:06.000+02:00
Add access node
diff --git a/rolling-shutter/cmd/command.go b/rolling-shutter/cmd/command.go
@@ -7,6 +7,7 @@ import (
 	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/chain"
 	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/collator"
 	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/cryptocmd"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/gnosisaccessnode"
 	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/gnosiskeyper"
 	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/mocknode"
 	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/mocksequencer"
@@ -31,6 +32,7 @@ func Subcommands() []*cobra.Command {
 		snapshot.Cmd(),
 		snapshotkeyper.Cmd(),
 		gnosiskeyper.Cmd(),
+		gnosisaccessnode.Cmd(),
 		cryptocmd.Cmd(),
 		proxy.Cmd(),
 		mocksequencer.Cmd(),
diff --git a/rolling-shutter/cmd/gnosisaccessnode/gnosisaccessnode.go b/rolling-shutter/cmd/gnosisaccessnode/gnosisaccessnode.go
@@ -0,0 +1,36 @@
+package gnosisaccessnode
+
+import (
+	"context"
+
+	"github.com/rs/zerolog/log"
+	"github.com/spf13/cobra"
+
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/cmd/shversion"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/gnosisaccessnode"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/medley/configuration/command"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/medley/service"
+)
+
+func Cmd() *cobra.Command {
+	builder := command.Build(
+		main,
+		command.Usage(
+			"Run an access node for the keyper network of Shutterized Gnosis Chain",
+			`This command runs a node that only relays messages, but doesn't create any on
+its own. It is intended to be a stable node to connect to to receive messages.`,
+		),
+		command.WithGenerateConfigSubcommand(),
+		command.WithDumpConfigSubcommand(),
+	)
+	return builder.Command()
+}
+
+func main(config *gnosisaccessnode.Config) error {
+	log.Info().
+		Str("version", shversion.Version()).
+		Msg("starting access node")
+
+	accessNode := gnosisaccessnode.New(config)
+	return service.RunWithSighandler(context.Background(), accessNode)
+}
diff --git a/rolling-shutter/docs/rolling-shutter.md b/rolling-shutter/docs/rolling-shutter.md
@@ -17,6 +17,7 @@ A collection of commands to run and interact with Rolling Shutter nodes
 * [rolling-shutter chain](rolling-shutter_chain.md)	 - Run a node for Shutter's Tendermint chain
 * [rolling-shutter collator](rolling-shutter_collator.md)	 - Run a collator node
 * [rolling-shutter crypto](rolling-shutter_crypto.md)	 - CLI tool to access crypto functions
+* [rolling-shutter gnosis-access-node](rolling-shutter_gnosis-access-node.md)	 - Run an access node for the keyper network of Shutterized Gnosis Chain
 * [rolling-shutter gnosiskeyper](rolling-shutter_gnosiskeyper.md)	 - Run a Shutter keyper for Gnosis Chain
 * [rolling-shutter keyper](rolling-shutter_keyper.md)	 - Run a Shutter keyper node
 * [rolling-shutter mocknode](rolling-shutter_mocknode.md)	 - Run a Shutter mock node
diff --git a/rolling-shutter/docs/rolling-shutter_gnosis-access-node.md b/rolling-shutter/docs/rolling-shutter_gnosis-access-node.md
@@ -0,0 +1,34 @@
+## rolling-shutter gnosis-access-node
+
+Run an access node for the keyper network of Shutterized Gnosis Chain
+
+### Synopsis
+
+This command runs a node that only relays messages, but doesn't create any on
+its own. It is intended to be a stable node to connect to to receive messages.
+
+```
+rolling-shutter gnosis-access-node [flags]
+```
+
+### Options
+
+```
+      --config string   config file
+  -h, --help            help for gnosis-access-node
+```
+
+### Options inherited from parent commands
+
+```
+      --logformat string   set log format, possible values:  min, short, long, max (default "long")
+      --loglevel string    set log level, possible values:  warn, info, debug (default "info")
+      --no-color           do not write colored logs
+```
+
+### SEE ALSO
+
+* [rolling-shutter](rolling-shutter.md)	 - A collection of commands to run and interact with Rolling Shutter nodes
+* [rolling-shutter gnosis-access-node dump-config](rolling-shutter_gnosis-access-node_dump-config.md)	 - Dump a 'gnosis-access-node' configuration file, based on given config and env vars
+* [rolling-shutter gnosis-access-node generate-config](rolling-shutter_gnosis-access-node_generate-config.md)	 - Generate a 'gnosis-access-node' configuration file
+
diff --git a/rolling-shutter/docs/rolling-shutter_gnosis-access-node_dump-config.md b/rolling-shutter/docs/rolling-shutter_gnosis-access-node_dump-config.md
@@ -0,0 +1,28 @@
+## rolling-shutter gnosis-access-node dump-config
+
+Dump a 'gnosis-access-node' configuration file, based on given config and env vars
+
+```
+rolling-shutter gnosis-access-node dump-config [flags]
+```
+
+### Options
+
+```
+      --config string   config file
+  -h, --help            help for dump-config
+      --output string   output file
+```
+
+### Options inherited from parent commands
+
+```
+      --logformat string   set log format, possible values:  min, short, long, max (default "long")
+      --loglevel string    set log level, possible values:  warn, info, debug (default "info")
+      --no-color           do not write colored logs
+```
+
+### SEE ALSO
+
+* [rolling-shutter gnosis-access-node](rolling-shutter_gnosis-access-node.md)	 - Run an access node for the keyper network of Shutterized Gnosis Chain
+
diff --git a/rolling-shutter/docs/rolling-shutter_gnosis-access-node_generate-config.md b/rolling-shutter/docs/rolling-shutter_gnosis-access-node_generate-config.md
@@ -0,0 +1,28 @@
+## rolling-shutter gnosis-access-node generate-config
+
+Generate a 'gnosis-access-node' configuration file
+
+```
+rolling-shutter gnosis-access-node generate-config [flags]
+```
+
+### Options
+
+```
+  -h, --help            help for generate-config
+      --output string   output file
+```
+
+### Options inherited from parent commands
+
+```
+      --config string      config file
+      --logformat string   set log format, possible values:  min, short, long, max (default "long")
+      --loglevel string    set log level, possible values:  warn, info, debug (default "info")
+      --no-color           do not write colored logs
+```
+
+### SEE ALSO
+
+* [rolling-shutter gnosis-access-node](rolling-shutter_gnosis-access-node.md)	 - Run an access node for the keyper network of Shutterized Gnosis Chain
+
diff --git a/rolling-shutter/gnosisaccessnode/config.go b/rolling-shutter/gnosisaccessnode/config.go
@@ -0,0 +1,56 @@
+package gnosisaccessnode
+
+import (
+	"io"
+
+	gnosiskeyper "github.com/shutter-network/rolling-shutter/rolling-shutter/keyperimpl/gnosis"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/medley/configuration"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/medley/metricsserver"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/p2p"
+)
+
+type Config struct {
+	InstanceID uint64
+
+	GnosisNode *configuration.EthnodeConfig
+	Contracts  *gnosiskeyper.GnosisContractsConfig
+	P2P        *p2p.Config
+	Metrics    *metricsserver.MetricsConfig
+
+	MaxNumKeysPerMessage uint64
+}
+
+func (c *Config) Init() {
+	c.GnosisNode = configuration.NewEthnodeConfig()
+	c.Contracts = gnosiskeyper.NewGnosisContractsConfig()
+	c.P2P = p2p.NewConfig()
+	c.Metrics = metricsserver.NewConfig()
+}
+
+func (c *Config) Name() string {
+	return "gnosis-access-node"
+}
+
+func (c *Config) Validate() error {
+	if err := c.P2P.Validate(); err != nil {
+		return err
+	}
+	if err := c.Metrics.Validate(); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (c *Config) SetDefaultValues() error {
+	return nil
+}
+
+func (c *Config) SetExampleValues() error { //nolint:unparam
+	c.InstanceID = 1000
+	c.MaxNumKeysPerMessage = 500
+	return nil
+}
+
+func (c *Config) TOMLWriteHeader(_ io.Writer) (int, error) {
+	return 0, nil
+}
diff --git a/rolling-shutter/gnosisaccessnode/decryptionkeyshandler.go b/rolling-shutter/gnosisaccessnode/decryptionkeyshandler.go
@@ -0,0 +1,114 @@
+package gnosisaccessnode
+
+import (
+	"bytes"
+	"context"
+	"math"
+
+	pubsub "github.com/libp2p/go-libp2p-pubsub"
+	"github.com/pkg/errors"
+
+	"github.com/shutter-network/shutter/shlib/shcrypto"
+
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/keyperimpl/gnosis"
+	"github.com/shutter-network/rolling-shutter/rolling-shutter/p2pmsg"
+)
+
+type DecryptionKeysHandler struct {
+	config  *Config
+	storage *Storage
+}
+
+func NewDecryptionKeysHandler(config *Config, storage *Storage) *DecryptionKeysHandler {
+	return &DecryptionKeysHandler{
+		config:  config,
+		storage: storage,
+	}
+}
+
+func (*DecryptionKeysHandler) MessagePrototypes() []p2pmsg.Message {
+	return []p2pmsg.Message{&p2pmsg.DecryptionKeys{}}
+}
+
+func (handler *DecryptionKeysHandler) ValidateMessage(_ context.Context, msg p2pmsg.Message) (pubsub.ValidationResult, error) {
+	key := msg.(*p2pmsg.DecryptionKeys)
+	result, err := handler.validateCommonFields(key)
+	if result != pubsub.ValidationAccept || err != nil {
+		return result, err
+	}
+	result, err = handler.validateGnosisFields(key)
+	if result != pubsub.ValidationAccept || err != nil {
+		return result, err
+	}
+	return pubsub.ValidationAccept, nil
+}
+
+func (handler *DecryptionKeysHandler) validateCommonFields(keys *p2pmsg.DecryptionKeys) (pubsub.ValidationResult, error) {
+	if keys.InstanceID != handler.config.InstanceID {
+		return pubsub.ValidationReject,
+			errors.Errorf("instance ID mismatch (want=%d, have=%d)", handler.config.InstanceID, keys.GetInstanceID())
+	}
+	if keys.Eon > math.MaxInt64 {
+		return pubsub.ValidationReject, errors.Errorf("eon %d overflows int64", keys.Eon)
+	}
+
+	if len(keys.Keys) == 0 {
+		return pubsub.ValidationReject, errors.New("no keys in message")
+	}
+	if len(keys.Keys) > int(handler.config.MaxNumKeysPerMessage) {
+		return pubsub.ValidationReject, errors.Errorf(
+			"too many keys in message (%d > %d)",
+			len(keys.Keys),
+			handler.config.MaxNumKeysPerMessage,
+		)
+	}
+
+	eonKey, ok := handler.storage.GetEonKey(keys.Eon)
+	if !ok {
+		return pubsub.ValidationReject, errors.Errorf("no eon key found for eon %d", keys.Eon)
+	}
+
+	for i, k := range keys.Keys {
+		epochSecretKey, err := k.GetEpochSecretKey()
+		if err != nil {
+			return pubsub.ValidationReject, err
+		}
+		ok, err := shcrypto.VerifyEpochSecretKey(epochSecretKey, eonKey, k.Identity)
+		if err != nil {
+			return pubsub.ValidationReject, errors.Wrapf(err, "error while checking epoch secret key for identity %x", k.Identity)
+		}
+		if !ok {
+			return pubsub.ValidationReject, errors.Errorf("epoch secret key for identity %x is not valid", k.Identity)
+		}
+
+		if i > 0 && bytes.Compare(k.Identity, keys.Keys[i-1].Identity) < 0 {
+			return pubsub.ValidationReject, errors.Errorf("keys not ordered")
+		}
+	}
+
+	return pubsub.ValidationAccept, nil
+}
+
+func (handler *DecryptionKeysHandler) validateGnosisFields(keys *p2pmsg.DecryptionKeys) (pubsub.ValidationResult, error) {
+	res, err := gnosis.ValidateDecryptionKeysBasic(keys)
+	if res != pubsub.ValidationAccept || err != nil {
+		return res, err
+	}
+	extra := keys.Extra.(*p2pmsg.DecryptionKeys_Gnosis).Gnosis
+
+	keyperSet, ok := handler.storage.GetKeyperSet(keys.Eon)
+	if !ok {
+		return pubsub.ValidationReject, errors.Errorf("no keyper set found for eon %d", keys.Eon)
+	}
+
+	res, err = gnosis.ValidateDecryptionKeysSignatures(keys, extra, keyperSet)
+	if res != pubsub.ValidationAccept || err != nil {
+		return res, err
+	}
+
+	return pubsub.ValidationAccept, nil
+}
+
+func (handler *DecryptionKeysHandler) HandleMessage(_ context.Context, _ p2pmsg.Message) ([]p2pmsg.Message, error) {
+	return nil, nil
+}
diff --git a/rolling-shutter/gnosisaccessnode/node.go b/rolling-shutter/gnosisaccessnode/node.go
diff --git a/rolling-shutter/gnosisaccessnode/storage.go b/rolling-shutter/gnosisaccessnode/storage.go
diff --git a/rolling-shutter/keyperimpl/gnosis/handlers.go b/rolling-shutter/keyperimpl/gnosis/handlers.go
