mirror of
https://github.com/fluencelabs/tendermint
synced 2025-04-24 14:22:16 +00:00
f7f034a8be
This PR is related to #3107 and a continuation of #3351 It is important to emphasise that in the privval original design, client/server and listening/dialing roles are inverted and do not follow a conventional interaction. Given two hosts A and B: Host A is listener/client Host B is dialer/server (contains the secret key) When A requires a signature, it needs to wait for B to dial in before it can issue a request. A only accepts a single connection and any failure leads to dropping the connection and waiting for B to reconnect. The original rationale behind this design was based on security. Host B only allows outbound connections to a list of whitelisted hosts. It is not possible to reach B unless B dials in. There are no listening/open ports in B. This PR results in the following changes: Refactors ping/heartbeat to avoid previously existing race conditions. Separates transport (dialer/listener) from signing (client/server) concerns to simplify workflow. Unifies and abstracts away the differences between unix and tcp sockets. A single signer endpoint implementation unifies connection handling code (read/write/close/connection obj) The signer request handler (server side) is customizable to increase testability. Updates and extends unit tests A high level overview of the classes is as follows: Transport (endpoints): The following classes take care of establishing a connection SignerDialerEndpoint SignerListeningEndpoint SignerEndpoint groups common functionality (read/write/timeouts/etc.) Signing (client/server): The following classes take care of exchanging request/responses SignerClient SignerServer This PR also closes #3601 Commits: * refactoring - work in progress * reworking unit tests * Encapsulating and fixing unit tests * Improve tests * Clean up * Fix/improve unit tests * clean up tests * Improving service endpoint * fixing unit test * fix linter issues * avoid invalid cache values (improve later?) * complete implementation * wip * improved connection loop * Improve reconnections + fixing unit tests * addressing comments * small formatting changes * clean up * Update node/node.go Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_client.go Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_client_test.go Co-Authored-By: jleni <juan.leni@zondax.ch> * check during initialization * dropping connecting when writing fails * removing break * use t.log instead * unifying and using cmn.GetFreePort() * review fixes * reordering and unifying drop connection * closing instead of signalling * refactored service loop * removed superfluous brackets * GetPubKey can return errors * Revert "GetPubKey can return errors" This reverts commit 68c06f19b4650389d7e5ab1659b318889028202c. * adding entry to changelog * Update CHANGELOG_PENDING.md Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_client.go Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_dialer_endpoint.go Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_dialer_endpoint.go Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_dialer_endpoint.go Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_dialer_endpoint.go Co-Authored-By: jleni <juan.leni@zondax.ch> * Update privval/signer_listener_endpoint_test.go Co-Authored-By: jleni <juan.leni@zondax.ch> * updating node.go * review fixes * fixes linter * fixing unit test * small fixes in comments * addressing review comments * addressing review comments 2 * reverting suggestion * Update privval/signer_client_test.go Co-Authored-By: Anton Kaliaev <anton.kalyaev@gmail.com> * Update privval/signer_client_test.go Co-Authored-By: Anton Kaliaev <anton.kalyaev@gmail.com> * Update privval/signer_listener_endpoint_test.go Co-Authored-By: Anton Kaliaev <anton.kalyaev@gmail.com> * do not expose brokenSignerDialerEndpoint * clean up logging * unifying methods shorten test time signer also drops * reenabling pings * improving testability + unit test * fixing go fmt + unit test * remove unused code * Addressing review comments * simplifying connection workflow * fix linter/go import issue * using base service quit * updating comment * Simplifying design + adjusting names * fixing linter issues * refactoring test harness + fixes * Addressing review comments * cleaning up * adding additional error check
132 lines
3.4 KiB
Go
132 lines
3.4 KiB
Go
package privval
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
"github.com/tendermint/tendermint/crypto"
|
|
"github.com/tendermint/tendermint/types"
|
|
)
|
|
|
|
// SignerClient implements PrivValidator.
|
|
// Handles remote validator connections that provide signing services
|
|
type SignerClient struct {
|
|
endpoint *SignerListenerEndpoint
|
|
}
|
|
|
|
var _ types.PrivValidator = (*SignerClient)(nil)
|
|
|
|
// NewSignerClient returns an instance of SignerClient.
|
|
// it will start the endpoint (if not already started)
|
|
func NewSignerClient(endpoint *SignerListenerEndpoint) (*SignerClient, error) {
|
|
if !endpoint.IsRunning() {
|
|
if err := endpoint.Start(); err != nil {
|
|
return nil, errors.Wrap(err, "failed to start listener endpoint")
|
|
}
|
|
}
|
|
|
|
return &SignerClient{endpoint: endpoint}, nil
|
|
}
|
|
|
|
// Close closes the underlying connection
|
|
func (sc *SignerClient) Close() error {
|
|
return sc.endpoint.Close()
|
|
}
|
|
|
|
// IsConnected indicates with the signer is connected to a remote signing service
|
|
func (sc *SignerClient) IsConnected() bool {
|
|
return sc.endpoint.IsConnected()
|
|
}
|
|
|
|
// WaitForConnection waits maxWait for a connection or returns a timeout error
|
|
func (sc *SignerClient) WaitForConnection(maxWait time.Duration) error {
|
|
return sc.endpoint.WaitForConnection(maxWait)
|
|
}
|
|
|
|
//--------------------------------------------------------
|
|
// Implement PrivValidator
|
|
|
|
// Ping sends a ping request to the remote signer
|
|
func (sc *SignerClient) Ping() error {
|
|
response, err := sc.endpoint.SendRequest(&PingRequest{})
|
|
|
|
if err != nil {
|
|
sc.endpoint.Logger.Error("SignerClient::Ping", "err", err)
|
|
return nil
|
|
}
|
|
|
|
_, ok := response.(*PingResponse)
|
|
if !ok {
|
|
sc.endpoint.Logger.Error("SignerClient::Ping", "err", "response != PingResponse")
|
|
return err
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// GetPubKey retrieves a public key from a remote signer
|
|
func (sc *SignerClient) GetPubKey() crypto.PubKey {
|
|
response, err := sc.endpoint.SendRequest(&PubKeyRequest{})
|
|
if err != nil {
|
|
sc.endpoint.Logger.Error("SignerClient::GetPubKey", "err", err)
|
|
return nil
|
|
}
|
|
|
|
pubKeyResp, ok := response.(*PubKeyResponse)
|
|
if !ok {
|
|
sc.endpoint.Logger.Error("SignerClient::GetPubKey", "err", "response != PubKeyResponse")
|
|
return nil
|
|
}
|
|
|
|
if pubKeyResp.Error != nil {
|
|
sc.endpoint.Logger.Error("failed to get private validator's public key", "err", pubKeyResp.Error)
|
|
return nil
|
|
}
|
|
|
|
return pubKeyResp.PubKey
|
|
}
|
|
|
|
// SignVote requests a remote signer to sign a vote
|
|
func (sc *SignerClient) SignVote(chainID string, vote *types.Vote) error {
|
|
response, err := sc.endpoint.SendRequest(&SignVoteRequest{Vote: vote})
|
|
if err != nil {
|
|
sc.endpoint.Logger.Error("SignerClient::SignVote", "err", err)
|
|
return err
|
|
}
|
|
|
|
resp, ok := response.(*SignedVoteResponse)
|
|
if !ok {
|
|
sc.endpoint.Logger.Error("SignerClient::GetPubKey", "err", "response != SignedVoteResponse")
|
|
return ErrUnexpectedResponse
|
|
}
|
|
|
|
if resp.Error != nil {
|
|
return resp.Error
|
|
}
|
|
*vote = *resp.Vote
|
|
|
|
return nil
|
|
}
|
|
|
|
// SignProposal requests a remote signer to sign a proposal
|
|
func (sc *SignerClient) SignProposal(chainID string, proposal *types.Proposal) error {
|
|
response, err := sc.endpoint.SendRequest(&SignProposalRequest{Proposal: proposal})
|
|
if err != nil {
|
|
sc.endpoint.Logger.Error("SignerClient::SignProposal", "err", err)
|
|
return err
|
|
}
|
|
|
|
resp, ok := response.(*SignedProposalResponse)
|
|
if !ok {
|
|
sc.endpoint.Logger.Error("SignerClient::SignProposal", "err", "response != SignedProposalResponse")
|
|
return ErrUnexpectedResponse
|
|
}
|
|
if resp.Error != nil {
|
|
return resp.Error
|
|
}
|
|
*proposal = *resp.Proposal
|
|
|
|
return nil
|
|
}
|