There are a lot of places where we wrongly use the current state db
rather than getting dual state. This should have a larger audit, but
it's a good start, and passes all tests.
Remove unused TestBlockVotingBlockMaker function
Readability improvments to comments for core/quorum/ and raft/
Readability improvments to raft/speculative_chain.go
Readability improvments to docs/
This is necessary to avoid race conditions for low-latency consensus mechanisms
(like Raft) -- `ChainHeadEvent`s should always be posted in order, and the
existing code could violate this due to asynchronously sending-off events.
Now we sychronously send events in-order, but do so through a buffered
intermediary channel (`chainEvents`) so that publishing them is still
asynchronous.
Due to the asynchronous eventing system its possible that transactions
are applied on the pending state multiple times. Once with the TxPreEvent
event and once as a result of the ChainHeadEvent that will fetch all
processable transaction from the transaction pool. This leads to an
invalid nonce message.
This PR will keep track of transactions applied to the pending state
and will verify that an transaction was not applied before.
Whenever a private transaction was initiated and executed the address
would be created on the public state when initialising the initial Call.
To prevent this we use the msg's address rather than using the to method
on the state transition object.
Improved private transaction tests by checking existance of private and
public addresses on the incorrect state.
Fixed an issue where public state and private state were mixed during
the initial phase of the state transition. This causes severe issues
when creating new contracts (and addresses) and messes up the public
nonce, which, indirectly, has an effect on the contracts that are
created on the public state for both public and private txs.
This commit implements a dual state approach. The dual state approach
separates public and private state by making the core vm environment
context aware.
Although not currently implemented it will need to prohibit value
transfers and it must initialise all transactions from accounts on the
public state. This means that sending transactions increments the
account nonce on the public state and contract addresses are derived
from the public state when initialised by a transaction. For obvious
reasons, contract created by private contracts are still derived from
public state.
This is required in order to have consensus over the public state at all
times as non-private participants would still process the transaction on
the public state even though private payload can not be decrypted. This
means that participants of a private group must do the same in order to
have public consensus. However the creation of the contract and
interaction still occurs on the private state.
It implements support for the following calling model:
S: sender, (X): private, X: public, ->: direction, [ ]: read only mode
1. S -> A -> B
2. S -> (A) -> (B)
3. S -> (A) -> [ B -> C ]
It does not support
1. (S) -> A
2. (S) -> (A)
3. S -> (A) -> B
Implemented "read only" mode for the EVM. Read only mode is checked
during any opcode that could potentially modify the state. If such an
opcode is encountered during "read only", it throws an exception.
The EVM is flagged "read only" when a private contract calls in to
public state.
This commit includes several API changes:
- The behavior of eth_sign is changed. It now accepts an arbitrary
message, prepends the well-known string
\x19Ethereum Signed Message:\n<length of message>
hashes the result using keccak256 and calculates the signature of
the hash. This breaks backwards compatability!
- personal_sign(hash, address [, password]) is added. It has the same
semantics as eth_sign but also accepts a password. The private key
used to sign the hash is temporarily unlocked in the scope of the
request.
- personal_recover(message, signature) is added and returns the
address for the account that created a signature.