balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Alpha: use watermark for signing blocks and operations

Browse Source
This commit is contained in:
Vincent Bernardoff 2018-05-22 16:42:34 +02:00 committed by Grégoire Henry
parent 5e17430815
commit f0fc9ac37c
7 changed files with 50 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/proto_alpha/lib_baking/client_baking_endorsement.ml
View File

@ -102,7 +102,8 @@ let inject_endorsement (cctxt : #Proto_alpha.full)
~level:level ~level:level
~slots ~slots
() >>=? fun bytes -> () >>=? fun bytes ->
Client_keys.append cctxt src_sk bytes >>=? fun signed_bytes -> Client_keys.append
cctxt src_sk ~watermark:Endorsement bytes >>=? fun signed_bytes ->
Shell_services.inject_operation Shell_services.inject_operation
cctxt ?async ~chain_id:bi.chain_id signed_bytes >>=? fun oph -> cctxt ?async ~chain_id:bi.chain_id signed_bytes >>=? fun oph ->
iter_s iter_s

7
src/proto_alpha/lib_baking/client_baking_forge.ml
View File

@ -30,10 +30,9 @@ let forge_block_header
let protocol_data : Block_header.protocol_data = let protocol_data : Block_header.protocol_data =
{ priority ; seed_nonce_hash ; proof_of_work_nonce } in { priority ; seed_nonce_hash ; proof_of_work_nonce } in
if Baking.check_header_proof_of_work_stamp shell protocol_data stamp_threshold then if Baking.check_header_proof_of_work_stamp shell protocol_data stamp_threshold then
let unsigned_header = let unsigned_header = Block_header.forge_unsigned shell protocol_data in
Alpha_context.Block_header.forge_unsigned shell protocol_data in Client_keys.append cctxt
Client_keys.append cctxt delegate_sk unsigned_header >>=? fun signed_header -> delegate_sk ~watermark:Block_header unsigned_header
return signed_header
else else
loop () in loop () in
loop () loop ()

6
src/proto_alpha/lib_baking/test/proto_alpha_helpers.ml
View File

@ -330,7 +330,7 @@ module Protocol = struct
~period:next_level.voting_period ~period:next_level.voting_period
~proposals ~proposals
() >>=? fun bytes -> () >>=? fun bytes ->
let signed_bytes = Signature.append sk bytes in let signed_bytes = Signature.append ~watermark:Generic_operation sk bytes in
return (Tezos_base.Operation.of_bytes_exn signed_bytes) return (Tezos_base.Operation.of_bytes_exn signed_bytes)
let ballot ?(block = `Head 0) ~src:({ pkh; sk } : Account.t) ~proposal ballot = let ballot ?(block = `Head 0) ~src:({ pkh; sk } : Account.t) ~proposal ballot =
@ -343,7 +343,7 @@ module Protocol = struct
~proposal ~proposal
~ballot ~ballot
() >>=? fun bytes -> () >>=? fun bytes ->
let signed_bytes = Signature.append sk bytes in let signed_bytes = Signature.append ~watermark:Generic_operation sk bytes in
return (Tezos_base.Operation.of_bytes_exn signed_bytes) return (Tezos_base.Operation.of_bytes_exn signed_bytes)
end end
@ -538,7 +538,7 @@ module Endorse = struct
~level:level.level ~level:level.level
~slots:[slot] ~slots:[slot]
() >>=? fun bytes -> () >>=? fun bytes ->
let signed_bytes = Signature.append src_sk bytes in let signed_bytes = Signature.append ~watermark:Endorsement src_sk bytes in
return (Tezos_base.Operation.of_bytes_exn signed_bytes) return (Tezos_base.Operation.of_bytes_exn signed_bytes)
let signing_slots let signing_slots

19
src/proto_alpha/lib_client/client_proto_context.ml
View File

@ -54,7 +54,8 @@ let transfer cctxt
~branch ~source ~sourcePubKey:src_pk ~counter ~amount ~branch ~source ~sourcePubKey:src_pk ~counter ~amount
~destination ?parameters ~fee () >>=? fun bytes -> ~destination ?parameters ~fee () >>=? fun bytes ->
Block_services.predecessor cctxt block >>=? fun predecessor -> Block_services.predecessor cctxt block >>=? fun predecessor ->
Client_keys.sign cctxt src_sk bytes >>=? fun signature -> Client_keys.sign
cctxt src_sk ~watermark:Generic_operation bytes >>=? fun signature ->
let signed_bytes = Signature.concat bytes signature in let signed_bytes = Signature.concat bytes signature in
let oph = Operation_hash.hash_bytes [ signed_bytes ] in let oph = Operation_hash.hash_bytes [ signed_bytes ] in
Alpha_services.Helpers.apply_operation cctxt block Alpha_services.Helpers.apply_operation cctxt block
@ -72,7 +73,8 @@ let reveal cctxt
Alpha_services.Forge.Manager.reveal Alpha_services.Forge.Manager.reveal
cctxt block cctxt block
~branch ~source ~sourcePubKey:src_pk ~counter ~fee () >>=? fun bytes -> ~branch ~source ~sourcePubKey:src_pk ~counter ~fee () >>=? fun bytes ->
Client_keys.sign cctxt src_sk bytes >>=? fun signature -> Client_keys.sign
cctxt src_sk ~watermark:Generic_operation bytes >>=? fun signature ->
let signed_bytes = Signature.concat bytes signature in let signed_bytes = Signature.concat bytes signature in
let oph = Operation_hash.hash_bytes [ signed_bytes ] in let oph = Operation_hash.hash_bytes [ signed_bytes ] in
Shell_services.inject_operation Shell_services.inject_operation
@ -120,7 +122,8 @@ let originate_account ?branch
~branch ~source ~sourcePubKey:src_pk ~managerPubKey:manager_pkh ~branch ~source ~sourcePubKey:src_pk ~managerPubKey:manager_pkh
~counter ~balance ~spendable:true ~counter ~balance ~spendable:true
?delegatable ?delegatePubKey:delegate ~fee () >>=? fun bytes -> ?delegatable ?delegatePubKey:delegate ~fee () >>=? fun bytes ->
Client_keys.sign cctxt src_sk bytes >>=? fun signature -> Client_keys.sign
cctxt src_sk ~watermark:Generic_operation bytes >>=? fun signature ->
originate cctxt ~block ~chain_id ~signature bytes originate cctxt ~block ~chain_id ~signature bytes
let delegate_contract cctxt let delegate_contract cctxt
@ -134,7 +137,8 @@ let delegate_contract cctxt
Alpha_services.Forge.Manager.delegation cctxt block Alpha_services.Forge.Manager.delegation cctxt block
~branch ~source ?sourcePubKey:src_pk ~counter ~fee delegate_opt ~branch ~source ?sourcePubKey:src_pk ~counter ~fee delegate_opt
>>=? fun bytes -> >>=? fun bytes ->
Client_keys.sign cctxt manager_sk bytes >>=? fun signature -> Client_keys.sign
cctxt manager_sk ~watermark:Generic_operation bytes >>=? fun signature ->
let signed_bytes = Signature.concat bytes signature in let signed_bytes = Signature.concat bytes signature in
let oph = Operation_hash.hash_bytes [ signed_bytes ] in let oph = Operation_hash.hash_bytes [ signed_bytes ] in
Shell_services.inject_operation Shell_services.inject_operation
@ -182,8 +186,8 @@ let dictate rpc_config block command seckey =
rpc_config block >>=? fun { chain_id ; hash = branch } -> rpc_config block >>=? fun { chain_id ; hash = branch } ->
Alpha_services.Forge.Dictator.operation Alpha_services.Forge.Dictator.operation
rpc_config block ~branch command >>=? fun bytes -> rpc_config block ~branch command >>=? fun bytes ->
let signature = Signature.sign seckey bytes in let signed_bytes =
let signed_bytes = Signature.concat bytes signature in Signature.append ~watermark:Generic_operation seckey bytes in
let oph = Operation_hash.hash_bytes [ signed_bytes ] in let oph = Operation_hash.hash_bytes [ signed_bytes ] in
Shell_services.inject_operation Shell_services.inject_operation
rpc_config ~chain_id signed_bytes >>=? fun injected_oph -> rpc_config ~chain_id signed_bytes >>=? fun injected_oph ->
@ -236,7 +240,8 @@ let originate_contract
~counter ~balance ~spendable:spendable ~counter ~balance ~spendable:spendable
~delegatable ?delegatePubKey:delegate ~delegatable ?delegatePubKey:delegate
~script:{ code ; storage } ~fee () >>=? fun bytes -> ~script:{ code ; storage } ~fee () >>=? fun bytes ->
Client_keys.sign cctxt src_sk bytes >>=? fun signature -> Client_keys.sign
cctxt src_sk ~watermark:Generic_operation bytes >>=? fun signature ->
originate cctxt ~block ~signature bytes originate cctxt ~block ~signature bytes
let wait_for_operation_inclusion let wait_for_operation_inclusion

2
src/proto_alpha/lib_protocol/src/baking.ml
View File

@ -270,7 +270,7 @@ let check_proof_of_work_stamp ctxt block =
let check_signature block key = let check_signature block key =
let check_signature key { Block_header.protocol_data ; shell ; signature } = let check_signature key { Block_header.protocol_data ; shell ; signature } =
let unsigned_header = Block_header.forge_unsigned shell protocol_data in let unsigned_header = Block_header.forge_unsigned shell protocol_data in
Signature.check key signature unsigned_header in Signature.check ~watermark:Block_header key signature unsigned_header in
if check_signature key block then if check_signature key block then
return () return ()
else else

16
src/proto_alpha/lib_protocol/src/operation_repr.ml
View File

@ -482,9 +482,21 @@ let check_signature key { shell ; contents ; signature } =
| Anonymous_operations _, _ -> return () | Anonymous_operations _, _ -> return ()
| Sourced_operations _, None -> | Sourced_operations _, None ->
fail Missing_signature fail Missing_signature
| Sourced_operations _, Some signature -> | Sourced_operations (Consensus_operation _), Some signature ->
(* Safe for baking *)
let unsigned_operation = forge shell contents in let unsigned_operation = forge shell contents in
if Signature.check key signature unsigned_operation then if Signature.check
~watermark:Endorsement
key signature unsigned_operation then
return ()
else
fail Invalid_signature
| Sourced_operations _, Some signature ->
(* Unsafe for baking *)
let unsigned_operation = forge shell contents in
if Signature.check
~watermark:Generic_operation
key signature unsigned_operation then
return () return ()
else else
fail Invalid_signature fail Invalid_signature

32
src/proto_alpha/lib_protocol/test/helpers/helpers_operation.ml
View File

@ -95,23 +95,22 @@ let endorsement_full ?(slot = 0) block level =
sourced sourced
@@ Consensus_operation (endorsements block level ~slot) @@ Consensus_operation (endorsements block level ~slot)
let sign src oph protop = let sign src oph protop =
let signature_content = Operation.forge oph protop in let watermark =
let signature = match src with match protop with
| None -> None | Proto_alpha.Alpha_context.Anonymous_operations _ -> None
| Some(src: Helpers_account.t) -> Some (Signature.sign src.ppk signature_content) in | Proto_alpha.Alpha_context.Sourced_operations
let open Data_encoding in (Proto_alpha.Alpha_context.Consensus_operation (Endorsements _)) ->
let signed_proto_operation_encoding = Some Signature.Endorsement
Data_encoding.merge_objs | _ ->
Operation.proto_operation_encoding Some Generic_operation in
(obj1 @@ varopt "signature" Signature.encoding) in let bytes = Operation.forge oph protop in
let proto_bytes = match src with
Data_encoding.Binary.to_bytes_exn | None -> bytes, None
signed_proto_operation_encoding | Some src ->
(protop, signature) in let signature =
(proto_bytes, signature) Signature.sign ?watermark src.Helpers_account.ppk bytes in
Signature.concat bytes signature, Some signature
let main_of_proto (src: Helpers_account.t) operation_header protocol_operation = let main_of_proto (src: Helpers_account.t) operation_header protocol_operation =
let (proto,_) = sign (Some src) operation_header protocol_operation in let (proto,_) = sign (Some src) operation_header protocol_operation in
@ -121,7 +120,6 @@ let main_of_proto (src: Helpers_account.t) operation_header protocol_operation =
Proto_alpha.Main.parse_operation hash data_operation >>? fun op -> Proto_alpha.Main.parse_operation hash data_operation >>? fun op ->
ok (op, hash) ok (op, hash)
let apply_of_proto let apply_of_proto
(source: Helpers_account.t option) operation_header protocol_operation = (source: Helpers_account.t option) operation_header protocol_operation =
let (_proto, signature) = sign source operation_header protocol_operation in let (_proto, signature) = sign source operation_header protocol_operation in