231 lines
7.0 KiB
Protocol Buffer
231 lines
7.0 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
package gossip.v1;
|
|
|
|
option go_package = "github.com/certusone/wormhole/node/pkg/proto/gossip/v1;gossipv1";
|
|
|
|
message GossipMessage {
|
|
oneof message {
|
|
SignedObservation signed_observation = 2;
|
|
SignedHeartbeat signed_heartbeat = 3;
|
|
SignedVAAWithQuorum signed_vaa_with_quorum = 4;
|
|
SignedObservationRequest signed_observation_request = 5;
|
|
SignedBatchObservation signed_batch_observation = 6;
|
|
SignedBatchVAAWithQuorum signed_batch_vaa_with_quorum = 7;
|
|
SignedChainGovernorConfig signed_chain_governor_config = 8;
|
|
SignedChainGovernorStatus signed_chain_governor_status = 9;
|
|
}
|
|
}
|
|
|
|
message SignedHeartbeat {
|
|
// Serialized Heartbeat message.
|
|
bytes heartbeat = 1;
|
|
|
|
// ECDSA signature using the node's guardian public key.
|
|
bytes signature = 2;
|
|
|
|
// Guardian address that signed this payload (truncated Eth address).
|
|
// This is already contained in Heartbeat, however, we want to verify
|
|
// the payload before we deserialize it.
|
|
bytes guardian_addr = 3;
|
|
}
|
|
|
|
// P2P gossip heartbeats for network introspection purposes.
|
|
message Heartbeat {
|
|
// The node's arbitrarily chosen, untrusted nodeName.
|
|
string node_name = 1;
|
|
// A monotonic counter that resets to zero on startup.
|
|
int64 counter = 2;
|
|
// UNIX wall time.
|
|
int64 timestamp = 3;
|
|
|
|
message Network {
|
|
// Canonical chain ID.
|
|
uint32 id = 1;
|
|
// Consensus height of the node.
|
|
int64 height = 2;
|
|
// Chain-specific human-readable representation of the bridge contract address.
|
|
string contract_address = 3;
|
|
// Connection error count
|
|
uint64 error_count = 4;
|
|
}
|
|
repeated Network networks = 4;
|
|
|
|
// Human-readable representation of the current bridge node release.
|
|
string version = 5;
|
|
|
|
// Human-readable representation of the guardian key's address.
|
|
string guardian_addr = 6;
|
|
|
|
// UNIX boot timestamp.
|
|
int64 boot_timestamp = 7;
|
|
|
|
// List of features enabled on this node.
|
|
repeated string features = 8;
|
|
}
|
|
|
|
// A SignedObservation is a signed statement by a given guardian node
|
|
// that they observed a given event.
|
|
//
|
|
// Observations always result from an external, final event being observed.
|
|
// Examples are emitted messages in finalized blocks on a block or guardian set changes
|
|
// injected by node operators after reaching off-chain consensus.
|
|
//
|
|
// The event is uniquely identified by its hashed (tx_hash, nonce, values...) tuple.
|
|
//
|
|
// Other nodes will verify the signature. Once any node has observed a quorum of
|
|
// guardians submitting valid signatures for a given hash, they can be assembled into a VAA.
|
|
//
|
|
// Messages without valid signature are dropped unceremoniously.
|
|
message SignedObservation {
|
|
// Guardian pubkey as truncated eth address.
|
|
bytes addr = 1;
|
|
// The observation's deterministic, unique hash.
|
|
bytes hash = 2;
|
|
// ECSDA signature of the hash using the node's guardian key.
|
|
bytes signature = 3;
|
|
// Transaction hash this observation was made from.
|
|
// Optional, included for observability.
|
|
bytes tx_hash = 4;
|
|
// Message ID (chain/emitter/seq) for this observation.
|
|
// Optional, included for observability.
|
|
string message_id = 5;
|
|
}
|
|
|
|
// A SignedVAAWithQuorum message is sent by nodes whenever one of the VAAs they observed
|
|
// reached a 2/3+ quorum to be considered valid. Signed VAAs are broadcasted to the gossip
|
|
// network to allow nodes to persist them even if they failed to observe the signature.
|
|
message SignedVAAWithQuorum {
|
|
bytes vaa = 1;
|
|
}
|
|
|
|
// Any guardian can send a SignedObservationRequest to the network to request
|
|
// all guardians to re-observe a given transaction. This is rate-limited to one
|
|
// request per second per guardian to prevent abuse.
|
|
//
|
|
// In the current implementation, this is only implemented for Solana.
|
|
// For Solana, the tx_hash is the account address of the transaction's message account.
|
|
message SignedObservationRequest {
|
|
// Serialized observation request.
|
|
bytes observation_request = 1;
|
|
|
|
// Signature
|
|
bytes signature = 2;
|
|
bytes guardian_addr = 3;
|
|
}
|
|
|
|
message ObservationRequest {
|
|
uint32 chain_id = 1;
|
|
bytes tx_hash = 2;
|
|
}
|
|
|
|
// A SignedBatchObservation is a signed statement by a given guardian node
|
|
// that they observed a series of messages originating from a transaction.
|
|
//
|
|
// BatcheObervations are emitted when all the Observations from a tx reach quorum.
|
|
//
|
|
// The event is uniquely identified by its hash (made from hashing all the
|
|
// individual Observation hashes).
|
|
//
|
|
// Messages without valid signature are dropped unceremoniously.
|
|
message SignedBatchObservation {
|
|
// Guardian pubkey as truncated eth address.
|
|
bytes addr = 1;
|
|
// The observation batch's deterministic, unique hash.
|
|
bytes hash = 2;
|
|
// ECSDA signature of the hash using the node's guardian key.
|
|
bytes signature = 3;
|
|
// Unique identifier of the transaction that produced the observation.
|
|
bytes tx_id = 4;
|
|
// Chain ID for this observation.
|
|
uint32 chain_id = 5;
|
|
// Nonce of the messages in the batch.
|
|
uint32 nonce = 6;
|
|
// Batch ID - emitterChain/transactionID/nonce
|
|
string batch_id = 7;
|
|
}
|
|
|
|
|
|
message SignedBatchVAAWithQuorum {
|
|
// batch_vaa bytes are the binary encoding of the BatchVAA
|
|
bytes batch_vaa = 1;
|
|
// Emitter Chain ID of the messages
|
|
uint32 chain_id = 2;
|
|
// Transaction identifier of the observation
|
|
bytes tx_id = 3;
|
|
// Nonce of the messages in the batch
|
|
uint32 nonce = 4;
|
|
// Batch ID - emitterChain/transactionID/nonce string, for convenience
|
|
string batch_id = 5;
|
|
}
|
|
|
|
// This message is published every five minutes.
|
|
message SignedChainGovernorConfig {
|
|
// Serialized ChainGovernorConfig message.
|
|
bytes config = 1;
|
|
|
|
// ECDSA signature using the node's guardian key.
|
|
bytes signature = 2;
|
|
|
|
// Guardian address that signed this payload (truncated Eth address).
|
|
bytes guardian_addr = 3;
|
|
}
|
|
|
|
message ChainGovernorConfig {
|
|
message Chain {
|
|
uint32 chain_id = 1;
|
|
uint64 notional_limit = 2;
|
|
uint64 big_transaction_size = 3;
|
|
}
|
|
|
|
message Token {
|
|
uint32 origin_chain_id = 1;
|
|
string origin_address = 2; // human-readable hex-encoded (leading 0x)
|
|
float price = 3;
|
|
}
|
|
|
|
string node_name = 1;
|
|
int64 counter = 2;
|
|
int64 timestamp = 3;
|
|
repeated Chain chains = 4;
|
|
repeated Token tokens = 5;
|
|
}
|
|
|
|
// This message is published every minute.
|
|
message SignedChainGovernorStatus {
|
|
// Serialized ChainGovernorStatus message.
|
|
bytes status = 1;
|
|
|
|
// ECDSA signature using the node's guardian key.
|
|
bytes signature = 2;
|
|
|
|
// Guardian address that signed this payload (truncated Eth address).
|
|
bytes guardian_addr = 3;
|
|
}
|
|
|
|
message ChainGovernorStatus {
|
|
message EnqueuedVAA {
|
|
uint64 sequence = 1; // Chain and emitter address are assumed.
|
|
uint32 release_time = 2;
|
|
uint64 notional_value = 3;
|
|
string tx_hash = 4;
|
|
}
|
|
|
|
message Emitter {
|
|
string emitter_address = 1; // human-readable hex-encoded (leading 0x)
|
|
uint64 total_enqueued_vaas = 2;
|
|
repeated EnqueuedVAA enqueued_vaas = 3; // Only the first 20 will be included.
|
|
}
|
|
|
|
message Chain {
|
|
uint32 chain_id = 1;
|
|
uint64 remaining_available_notional = 2;
|
|
repeated Emitter emitters = 3;
|
|
}
|
|
|
|
string node_name = 1;
|
|
int64 counter = 2;
|
|
int64 timestamp = 3;
|
|
repeated Chain chains = 4;
|
|
}
|