certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
364 Commits 397 Branches 201 Tags 196 MiB
Commit Graph

129 Commits

Author SHA1 Message Date
Leo 9f2f609bc1 Bump Go and pin all Docker images to digests 2021-01-19 16:15:54 +01:00
Hendrik Hofstadt efa03ef73c
Implement upgradeability (#151) 
* Implement contract upgrade VAA action

* naming and (╯°□°)╯︵ ┻━┻

* Carefully unflip table and replace broken cutlery ┬─┬ノ( ◕◡◕ ノ)

* fix and automate upgradeability

* document contract upgrade call

* Update comments

* Exhaustiveness check in VAA payload switch

* Fix typo

Co-authored-by: Leo <leo@certus.one>
 2021-01-19 13:01:45 +01:00
Leo ad5950ffe7 Make it official that we support exactly 19 validators 
Fixes #86
 2021-01-11 15:07:28 +01:00
Leo 770393b94e bridge: rename misleading "pending" counter 
It includes completed transactions that haven't been timed out yet.
 2020-12-08 11:12:11 +01:00
Leo b077104086 bridge: log own peer ID at startup 2020-12-06 20:26:12 +01:00
Leo 594592e2f6 devnet: use wormhole namespace by default 2020-12-05 16:32:37 +01:00
Yuriy Savchenko cc412605c7
Terra key moved out from env variable, VAA submission on Terra made async (#129) 
* Terra fee payer key moved from environment variable into the separate file

* Removed closed issues from the comments, VAA submition made async

* Review comments fixed
 2020-11-30 19:24:39 +01:00
Leo 106fecca00 bridge: always gate Terra features on the main feature flag 2020-11-30 17:13:48 +01:00
Hendrik Hofstadt bec598b41a
Fix subsidization and fees (#127) 
* Revert "solana: partially revert #82 subsidization changes"

This reverts commit 2967653e

* fix subsidization

* fix deleted grpc tag dependency

* revert devnet changes

* verify system instruction action

* ┬─┬ノ(ಠ_ಠノ)
 2020-11-30 11:09:08 +01:00
Leo 120dfab49e bridge: type alias for readiness components 2020-11-29 17:07:15 +01:00
Leo c31777d1b3 e2e: add bidirectional end-to-end tests 2020-11-29 17:07:15 +01:00
Leo 30278397f7 bridge: add erc20 abi for use in tests 2020-11-29 17:07:15 +01:00
Leo de8d1dee31 devnet: pin Dockerfile syntax to digest 
This speeds up the build by ~1.5s by avoiding a remote lookup on
Docker Hub every time this is built (WTF).
 2020-11-29 17:07:15 +01:00
Leo 561852d499 bridge: simple readiness check 2020-11-29 17:07:15 +01:00
Leo 36a025b088 Update to Go 1.15.5 to account for CVE-2020-28362 2020-11-27 19:20:07 +01:00
Leo 540fbbb31b Clarify that we do not automatically rate limit spammy guardians 2020-11-27 19:08:13 +01:00
Leopold Schabel 8306a83833
solana/agent: listen on UNIX socket (#122) 
This allows us to use UNIX filesystem permissions for access control.

Previously, any process in the network namespace could connect to it,
which is insecure for obvious reasons.

Verified that correct permissions are set:

```
# ls -lisa /run/bridge/
total 8
31996269 4 drwxrwxrwx 2 root root 4096 Nov 23 21:58 .
14676759 4 drwxr-xr-x 1 root root 4096 Nov 23 21:58 ..
31996306 0 srwx------ 1 root root    0 Nov 23 21:58 agent.sock
```

Fixes #119
 2020-11-24 09:48:44 +01:00
Leo 471417cd6e bridge: use GPG-armored binary protobufs for keys 2020-11-20 22:40:42 +01:00
Leo 0152a00114 all: rename LockupObservation to SignedObservation 
We observe things other than lockups, account for it.
 2020-11-20 22:35:00 +01:00
Leo 3e3e9dd651 bridge: fix typo in flag errors 2020-11-20 21:18:29 +01:00
Yuriy Savchenko ee5d07c929
Fixes to VAA submission to Terra smart contract (#115) 
* Terra smart contract binary interface changed from vector to base64 string

* Added initial guardian set submission to Terra
 2020-11-19 20:05:05 +01:00
Leo a3c745ace7 bridge/pkg/ethereum: remove channel unsubscribes 
Unsubscribe() does blocking I/O that ignores the runnable context
and can block forever: #107

It would appear that removing the Unsubscribe calls is the only
way to work around this go-ethereum bug.

ghstack-source-id: 93f287efc0
Pull Request resolved: https://github.com/certusone/wormhole/pull/109
 2020-11-19 12:57:21 +01:00
Leo 66430cb5be bridge: implement guardian set update submission node admin service 
Tested on a live devnet via `scripts/test-injection.sh 0`.

ghstack-source-id: 92489c2455
Pull Request resolved: https://github.com/certusone/wormhole/pull/104
 2020-11-19 12:57:21 +01:00
Leo 7545d2b803 terra: disable in production mode 
ghstack-source-id: c22885f121
Pull Request resolved: https://github.com/certusone/wormhole/pull/103
 2020-11-19 12:57:21 +01:00
Leo 5f8ca60ab1 bridge: refactor out broadcastSignature to prepare for injection path 
ghstack-source-id: e3b8aee5a0
Pull Request resolved: https://github.com/certusone/wormhole/pull/102
 2020-11-19 12:57:21 +01:00
Leo 798ffec09c bridge: implement keygen command 
Tested using `/guardiand keygen /bar --desc foobar`.

ghstack-source-id: 9f96ce7c0c
Pull Request resolved: https://github.com/certusone/wormhole/pull/91
 2020-11-19 12:57:21 +01:00
Leo d9f8174d76 bridge: implement bridge key serialization 
ghstack-source-id: f218021514
Pull Request resolved: https://github.com/certusone/wormhole/pull/90
 2020-11-19 12:57:21 +01:00
Yuriy Savchenko 84600ad9f5
terra: include block timestamp in VAAs (#94) 
Fixes #93
 2020-11-18 19:16:29 +01:00
Leo bbf479871f pkg/devnet: split up deterministic key generation functions 
Only moved code, no functional changes.
 2020-11-18 14:30:25 +01:00
Leo 7d617095e2 terra: fix watcher ws argument 2020-11-16 16:59:58 +01:00
Leo 07da9f10ef go mod tidy 2020-11-16 13:51:22 +01:00
Leo f072e8c36a Clean up some style nits. 2020-11-16 13:34:19 +01:00
Yuriy Savchenko 1ca2e29916
Terra support added (#79) 
This commit adds initial support for the Terra blockchain.
 2020-11-16 13:28:07 +01:00
Leo aed8f6637c Remove outdated TODO comments 2020-11-13 11:44:09 +01:00
Leo 58ba151013 bridge/pkg/p2p: actually increment counter 2020-11-06 12:50:54 +01:00
Leo 2df0fe50c0 bridge/pkg/p2p: clarify comment 2020-11-06 12:48:12 +01:00
Leo 47ce567498 bridge: promote heartbeat messages to logger.Debug 2020-10-29 15:51:45 +01:00
Leo 9f75d19d11 bridge: implement aggregation timeouts and retransmissions 
Fixes #21

ghstack-source-id: a89630d9e3
Pull Request resolved: https://github.com/certusone/wormhole/pull/72
 2020-10-29 10:14:12 +01:00
Leo a853317421 bridge: refactor out devnetVAASubmission in observation.go 
ghstack-source-id: 93e811b135
Pull Request resolved: https://github.com/certusone/wormhole/pull/71
 2020-10-29 10:14:12 +01:00
Leo aa33dc4565 bridge: split up processor.go 
No code changes except for `break` -> `return`.

ghstack-source-id: ed7784c590
Pull Request resolved: https://github.com/certusone/wormhole/pull/70
 2020-10-29 10:13:14 +01:00
Leo a4058512d5 bridge: migrate cmd/ to cobra 
Reviewer note: Does not touch any of the business logic. Avoided
renaming files whereever possible to make it easier to spot differences.

Verbatim migration, in a future CL, we could replace some of the
flag validation code with cobra features and eliminate the global vars.

Moved the dlv tool definition out of the way for the top-level wrapper.

tools/bin/cobra is a helper utility that generates boilerplate
(we slightly deviate from their default scheme by having guardiand
in a separate package, rather than stuffing everything into cmd/)

ghstack-source-id: caec9a38a6
Pull Request resolved: https://github.com/certusone/wormhole/pull/67
 2020-10-28 22:47:12 +01:00
Leo 6c7ca964e4 Remove outdated TODO comments 
- Metrics tracked in #11.
- Timeout and retransmits covered in #21.
- Dependency injection doesn't make sense at this scale.
- `-1` on `GenerateKeyPair` means "this doesn't make sense for Ed25519,
  please crash if anyone ever tried to generate RSA keys".

ghstack-source-id: 8951628351
Pull Request resolved: https://github.com/certusone/wormhole/pull/66
 2020-10-28 22:47:12 +01:00
Leo 11c74dd692 bridge: refactor p2p logic into pkg/p2p 
ghstack-source-id: 86417c1301
Pull Request resolved: https://github.com/certusone/wormhole/pull/65
 2020-10-28 22:47:12 +01:00
Leo fd27570637 bridge: remove all supervisor.SignalHealthy calls 
Supervisor does not back off tasks that failed in a healthy state.

There are a couple places where we rely on supervisor for
application-level backoff, so we always want back-off. The distinction
is meant to enable runnables to implement their own specific back-off
logic, which we don't, so we can safely ignore it.

Fixes #37

ghstack-source-id: c756381b1b
Pull Request resolved: https://github.com/certusone/wormhole/pull/64
 2020-10-28 22:47:12 +01:00
Leo 8be34ac657 bridge: refactor processor logic into pkg/processor 
This increases modularity in preparation for integration testing
and addition of a CLI command hierarchy.

ghstack-source-id: 9c94373236
Pull Request resolved: https://github.com/certusone/wormhole/pull/63
 2020-10-28 22:47:12 +01:00
Leo bdd9d96559 bridge: bypass p2p for our own signatures 
ghstack-source-id: ce2bbc780f
Pull Request resolved: https://github.com/certusone/wormhole/pull/60
 2020-10-28 22:47:12 +01:00
Leo 45d10618ce bridge: verify LockupObservation signature 
Final missing piece of the aggregation mechanism - signatures are now
verified before storing them in the aggregation.

ghstack-source-id: 3bb57c4886
Pull Request resolved: https://github.com/certusone/wormhole/pull/59
 2020-10-28 22:47:12 +01:00
Leo 55fd671228 bridge: correctly calculate 2/3+ majority 
Adds test vectors.

ghstack-source-id: 1f7e0d783f
Pull Request resolved: https://github.com/certusone/wormhole/pull/58
 2020-10-28 22:47:12 +01:00
Leo 509d9c3d73 bridge: use mlockall(2) to prevent pages from being swapped out 
The extra capability is harmless and is, at worst, a DoS risk.

ghstack-source-id: d30b50dbca
Pull Request resolved: https://github.com/certusone/wormhole/pull/55
 2020-10-22 16:51:56 +02:00
Leo f872d0be44 bridge: improve VAA submission logging 2020-10-22 13:36:08 +02:00