tendermint/state/priv_validator.go

package state

// TODO: This logic is crude. Should be more transactional.

import (
	"errors"
	"fmt"
	"io/ioutil"
	"math"
	"sync"

	"github.com/tendermint/tendermint/account"
	"github.com/tendermint/tendermint/binary"
	blk "github.com/tendermint/tendermint/block"
	. "github.com/tendermint/tendermint/common"
	"github.com/tendermint/tendermint/config"
	. "github.com/tendermint/tendermint/consensus/types"

	"github.com/tendermint/go-ed25519"
)

const (
	stepNone      = 0 // Used to distinguish the initial state
	stepPropose   = 1
	stepPrevote   = 2
	stepPrecommit = 3
	stepCommit    = 4
)

func voteToStep(vote *blk.Vote) uint8 {
	switch vote.Type {
	case blk.VoteTypePrevote:
		return stepPrevote
	case blk.VoteTypePrecommit:
		return stepPrecommit
	case blk.VoteTypeCommit:
		return stepCommit
	default:
		panic("Unknown vote type")
	}
}

type PrivValidator struct {
	Address    []byte
	PubKey     account.PubKeyEd25519
	PrivKey    account.PrivKeyEd25519
	LastHeight uint
	LastRound  uint
	LastStep   uint8

	// For persistence.
	// Overloaded for testing.
	filename string
	mtx      sync.Mutex
}

// Generates a new validator with private key.
func GenPrivValidator() *PrivValidator {
	privKeyBytes := CRandBytes(32)
	pubKeyBytes := ed25519.MakePubKey(privKeyBytes)
	pubKey := account.PubKeyEd25519(pubKeyBytes)
	privKey := account.PrivKeyEd25519(privKeyBytes)
	return &PrivValidator{
		Address:    pubKey.Address(),
		PubKey:     pubKey,
		PrivKey:    privKey,
		LastHeight: 0,
		LastRound:  0,
		LastStep:   stepNone,
		filename:   config.App.GetString("PrivValidatorFile"),
	}
}

func LoadPrivValidator(filename string) *PrivValidator {
	privValJSONBytes, err := ioutil.ReadFile(filename)
	if err != nil {
		panic(err)
	}
	privVal := binary.ReadJSON(&PrivValidator{}, privValJSONBytes, &err).(*PrivValidator)
	if err != nil {
		Exit(Fmt("Error reading PrivValidator from %v: %v\n", filename, err))
	}
	privVal.filename = filename
	return privVal
}

func (privVal *PrivValidator) Save() {
	privVal.mtx.Lock()
	defer privVal.mtx.Unlock()
	privVal.save()
}

func (privVal *PrivValidator) save() {
	jsonBytes := binary.JSONBytes(privVal)
	err := ioutil.WriteFile(privVal.filename, jsonBytes, 0700)
	if err != nil {
		panic(err)
	}
}

// TODO: test
func (privVal *PrivValidator) SignVote(vote *blk.Vote) error {
	privVal.mtx.Lock()
	defer privVal.mtx.Unlock()

	// If height regression, panic
	if privVal.LastHeight > vote.Height {
		return errors.New("Height regression in SignVote")
	}
	// More cases for when the height matches
	if privVal.LastHeight == vote.Height {
		// If attempting any sign after commit, panic
		if privVal.LastStep == stepCommit {
			return errors.New("SignVote on matching height after a commit")
		}
		// If round regression, panic
		if privVal.LastRound > vote.Round {
			return errors.New("Round regression in SignVote")
		}
		// If step regression, panic
		if privVal.LastRound == vote.Round && privVal.LastStep > voteToStep(vote) {
			return errors.New("Step regression in SignVote")
		}
	}

	// Persist height/round/step
	privVal.LastHeight = vote.Height
	privVal.LastRound = vote.Round
	privVal.LastStep = voteToStep(vote)
	privVal.save()

	// Sign
	privVal.SignVoteUnsafe(vote)
	return nil
}

func (privVal *PrivValidator) SignVoteUnsafe(vote *blk.Vote) {
	vote.Signature = privVal.PrivKey.Sign(account.SignBytes(vote)).(account.SignatureEd25519)
}

func (privVal *PrivValidator) SignProposal(proposal *Proposal) error {
	privVal.mtx.Lock()
	defer privVal.mtx.Unlock()
	if privVal.LastHeight < proposal.Height ||
		privVal.LastHeight == proposal.Height && privVal.LastRound < proposal.Round ||
		privVal.LastHeight == 0 && privVal.LastRound == 0 && privVal.LastStep == stepNone {

		// Persist height/round/step
		privVal.LastHeight = proposal.Height
		privVal.LastRound = proposal.Round
		privVal.LastStep = stepPropose
		privVal.save()

		// Sign
		proposal.Signature = privVal.PrivKey.Sign(account.SignBytes(proposal)).(account.SignatureEd25519)
		return nil
	} else {
		return errors.New(fmt.Sprintf("Attempt of duplicate signing of proposal: Height %v, Round %v", proposal.Height, proposal.Round))
	}
}

func (privVal *PrivValidator) SignRebondTx(rebondTx *blk.RebondTx) error {
	privVal.mtx.Lock()
	defer privVal.mtx.Unlock()
	if privVal.LastHeight < rebondTx.Height {

		// Persist height/round/step
		privVal.LastHeight = rebondTx.Height
		privVal.LastRound = math.MaxUint64 // We can't do anything else for this rebondTx.Height.
		privVal.LastStep = math.MaxUint8
		privVal.save()

		// Sign
		rebondTx.Signature = privVal.PrivKey.Sign(account.SignBytes(rebondTx)).(account.SignatureEd25519)
		return nil
	} else {
		return errors.New(fmt.Sprintf("Attempt of duplicate signing of rebondTx: Height %v", rebondTx.Height))
	}
}

func (privVal *PrivValidator) String() string {
	return fmt.Sprintf("PrivValidator{%X LH:%v, LR:%v, LS:%v}", privVal.Address, privVal.LastHeight, privVal.LastRound, privVal.LastStep)
}
Fixed tests 2014-12-17 01:37:13 -08:00			`package state`
draft of consensus+state code, compiles. 2014-09-04 03:32:38 -07:00
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`// TODO: This logic is crude. Should be more transactional.`

draft of consensus+state code, compiles. 2014-09-04 03:32:38 -07:00			`import (`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`"errors"`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`"fmt"`
			`"io/ioutil"`
RebondTx and more efficient IncrementAccum() 2014-12-16 05:40:17 -08:00			`"math"`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`"sync"`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`"github.com/tendermint/tendermint/account"`
			`"github.com/tendermint/tendermint/binary"`
block module -> import as blk 2015-01-15 22:43:15 -08:00			`blk "github.com/tendermint/tendermint/block"`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`. "github.com/tendermint/tendermint/common"`
Changed config to confer, TOML format. 2015-01-08 16:40:23 -08:00			`"github.com/tendermint/tendermint/config"`
Fixed tests 2014-12-17 01:37:13 -08:00			`. "github.com/tendermint/tendermint/consensus/types"`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00
			`"github.com/tendermint/go-ed25519"`
			`)`

			`const (`
			`stepNone = 0 // Used to distinguish the initial state`
			`stepPropose = 1`
			`stepPrevote = 2`
			`stepPrecommit = 3`
			`stepCommit = 4`
draft of consensus+state code, compiles. 2014-09-04 03:32:38 -07:00			`)`

block module -> import as blk 2015-01-15 22:43:15 -08:00			`func voteToStep(vote *blk.Vote) uint8 {`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`switch vote.Type {`
block module -> import as blk 2015-01-15 22:43:15 -08:00			`case blk.VoteTypePrevote:`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`return stepPrevote`
block module -> import as blk 2015-01-15 22:43:15 -08:00			`case blk.VoteTypePrecommit:`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`return stepPrecommit`
block module -> import as blk 2015-01-15 22:43:15 -08:00			`case blk.VoteTypeCommit:`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`return stepCommit`
			`default:`
			`panic("Unknown vote type")`
			`}`
			`}`
draft of consensus+state code, compiles. 2014-09-04 03:32:38 -07:00
			`type PrivValidator struct {`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`Address []byte`
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`PubKey account.PubKeyEd25519`
			`PrivKey account.PrivKeyEd25519`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`LastHeight uint`
			`LastRound uint`
			`LastStep uint8`
Fixed tests 2014-12-17 01:37:13 -08:00
			`// For persistence.`
			`// Overloaded for testing.`
			`filename string`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`mtx sync.Mutex`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`}`

			`// Generates a new validator with private key.`
			`func GenPrivValidator() *PrivValidator {`
			`privKeyBytes := CRandBytes(32)`
			`pubKeyBytes := ed25519.MakePubKey(privKeyBytes)`
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`pubKey := account.PubKeyEd25519(pubKeyBytes)`
			`privKey := account.PrivKeyEd25519(privKeyBytes)`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`return &PrivValidator{`
			`Address: pubKey.Address(),`
			`PubKey: pubKey,`
			`PrivKey: privKey,`
			`LastHeight: 0,`
			`LastRound: 0,`
			`LastStep: stepNone,`
Changed config to confer, TOML format. 2015-01-08 16:40:23 -08:00			`filename: config.App.GetString("PrivValidatorFile"),`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`}`
RoundAction // FinalizeCommit // LastCommits 2014-10-20 19:02:10 -07:00			`}`

Fixed a PrivValidator filename == nil bug 2014-12-28 02:05:09 -08:00			`func LoadPrivValidator(filename string) *PrivValidator {`
			`privValJSONBytes, err := ioutil.ReadFile(filename)`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`if err != nil {`
			`panic(err)`
			`}`
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`privVal := binary.ReadJSON(&PrivValidator{}, privValJSONBytes, &err).(*PrivValidator)`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`if err != nil {`
change genesis & privValidator JSON to use binary/reflect 2015-01-11 21:09:27 -08:00			`Exit(Fmt("Error reading PrivValidator from %v: %v\n", filename, err))`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`}`
change genesis & privValidator JSON to use binary/reflect 2015-01-11 21:09:27 -08:00			`privVal.filename = filename`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`return privVal`
			`}`

			`func (privVal *PrivValidator) Save() {`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`privVal.mtx.Lock()`
			`defer privVal.mtx.Unlock()`
			`privVal.save()`
			`}`

			`func (privVal *PrivValidator) save() {`
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`jsonBytes := binary.JSONBytes(privVal)`
Refactoring genesis, including PubKey into TxInput 2014-12-28 00:44:56 -08:00			`err := ioutil.WriteFile(privVal.filename, jsonBytes, 0700)`
			`if err != nil {`
			`panic(err)`
			`}`
			`}`

Fixed tests 2014-12-17 01:37:13 -08:00			`// TODO: test`
block module -> import as blk 2015-01-15 22:43:15 -08:00			`func (privVal PrivValidator) SignVote(vote blk.Vote) error {`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`privVal.mtx.Lock()`
			`defer privVal.mtx.Unlock()`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00
Fixed tests 2014-12-17 01:37:13 -08:00			`// If height regression, panic`
			`if privVal.LastHeight > vote.Height {`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return errors.New("Height regression in SignVote")`
Fixed tests 2014-12-17 01:37:13 -08:00			`}`
			`// More cases for when the height matches`
			`if privVal.LastHeight == vote.Height {`
			`// If attempting any sign after commit, panic`
			`if privVal.LastStep == stepCommit {`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return errors.New("SignVote on matching height after a commit")`
Fixed tests 2014-12-17 01:37:13 -08:00			`}`
			`// If round regression, panic`
			`if privVal.LastRound > vote.Round {`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return errors.New("Round regression in SignVote")`
Fixed tests 2014-12-17 01:37:13 -08:00			`}`
			`// If step regression, panic`
			`if privVal.LastRound == vote.Round && privVal.LastStep > voteToStep(vote) {`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return errors.New("Step regression in SignVote")`
Fixed tests 2014-12-17 01:37:13 -08:00			`}`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`}`
Fixed tests 2014-12-17 01:37:13 -08:00
			`// Persist height/round/step`
			`privVal.LastHeight = vote.Height`
			`privVal.LastRound = vote.Round`
			`privVal.LastStep = voteToStep(vote)`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`privVal.save()`
Fixed tests 2014-12-17 01:37:13 -08:00
			`// Sign`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`privVal.SignVoteUnsafe(vote)`
			`return nil`
Fixed tests 2014-12-17 01:37:13 -08:00			`}`

block module -> import as blk 2015-01-15 22:43:15 -08:00			`func (privVal PrivValidator) SignVoteUnsafe(vote blk.Vote) {`
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`vote.Signature = privVal.PrivKey.Sign(account.SignBytes(vote)).(account.SignatureEd25519)`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`}`

Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`func (privVal PrivValidator) SignProposal(proposal Proposal) error {`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`privVal.mtx.Lock()`
			`defer privVal.mtx.Unlock()`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`if privVal.LastHeight < proposal.Height \|\|`
			`privVal.LastHeight == proposal.Height && privVal.LastRound < proposal.Round \|\|`
			`privVal.LastHeight == 0 && privVal.LastRound == 0 && privVal.LastStep == stepNone {`

			`// Persist height/round/step`
			`privVal.LastHeight = proposal.Height`
			`privVal.LastRound = proposal.Round`
			`privVal.LastStep = stepPropose`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`privVal.save()`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00
			`// Sign`
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`proposal.Signature = privVal.PrivKey.Sign(account.SignBytes(proposal)).(account.SignatureEd25519)`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return nil`
Refactor Tx, Validator, and Account structure 2014-12-09 18:49:04 -08:00			`} else {`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return errors.New(fmt.Sprintf("Attempt of duplicate signing of proposal: Height %v, Round %v", proposal.Height, proposal.Round))`
RebondTx and more efficient IncrementAccum() 2014-12-16 05:40:17 -08:00			`}`
			`}`

block module -> import as blk 2015-01-15 22:43:15 -08:00			`func (privVal PrivValidator) SignRebondTx(rebondTx blk.RebondTx) error {`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`privVal.mtx.Lock()`
			`defer privVal.mtx.Unlock()`
RebondTx and more efficient IncrementAccum() 2014-12-16 05:40:17 -08:00			`if privVal.LastHeight < rebondTx.Height {`

			`// Persist height/round/step`
			`privVal.LastHeight = rebondTx.Height`
			`privVal.LastRound = math.MaxUint64 // We can't do anything else for this rebondTx.Height.`
			`privVal.LastStep = math.MaxUint8`
generated privValidator for testing uses tmp files PrivValidator.Sign*() and .Save() lock on a mutex 2014-12-22 18:49:37 -08:00			`privVal.save()`
RebondTx and more efficient IncrementAccum() 2014-12-16 05:40:17 -08:00
			`// Sign`
Dot import -> named import Changed modulename_ to short module names Also removed Unreader, replaced with PrefixdReader in select locations 2015-01-14 20:34:53 -08:00			`rebondTx.Signature = privVal.PrivKey.Sign(account.SignBytes(rebondTx)).(account.SignatureEd25519)`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return nil`
RebondTx and more efficient IncrementAccum() 2014-12-16 05:40:17 -08:00			`} else {`
Do not panic when double-signing, return error. 2014-12-31 16:14:26 -08:00			`return errors.New(fmt.Sprintf("Attempt of duplicate signing of rebondTx: Height %v", rebondTx.Height))`
implementing ExecTx... 2014-10-07 23:11:04 -07:00			`}`
draft of consensus+state code, compiles. 2014-09-04 03:32:38 -07:00			`}`
Fixed tests 2014-12-17 01:37:13 -08:00
			`func (privVal *PrivValidator) String() string {`
			`return fmt.Sprintf("PrivValidator{%X LH:%v, LR:%v, LS:%v}", privVal.Address, privVal.LastHeight, privVal.LastRound, privVal.LastStep)`
			`}`