200 lines
6.2 KiB
Go
200 lines
6.2 KiB
Go
package guardiand
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
"github.com/certusone/wormhole/node/pkg/db"
|
|
publicrpcv1 "github.com/certusone/wormhole/node/pkg/proto/publicrpc/v1"
|
|
"github.com/certusone/wormhole/node/pkg/publicrpc"
|
|
grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware"
|
|
grpc_zap "github.com/grpc-ecosystem/go-grpc-middleware/logging/zap"
|
|
grpc_ctxtags "github.com/grpc-ecosystem/go-grpc-middleware/tags"
|
|
grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus"
|
|
"math"
|
|
"net"
|
|
"os"
|
|
"time"
|
|
|
|
ethcommon "github.com/ethereum/go-ethereum/common"
|
|
"go.uber.org/zap"
|
|
"google.golang.org/grpc"
|
|
"google.golang.org/grpc/codes"
|
|
"google.golang.org/grpc/status"
|
|
|
|
"github.com/certusone/wormhole/node/pkg/common"
|
|
nodev1 "github.com/certusone/wormhole/node/pkg/proto/node/v1"
|
|
"github.com/certusone/wormhole/node/pkg/supervisor"
|
|
"github.com/certusone/wormhole/node/pkg/vaa"
|
|
)
|
|
|
|
type nodePrivilegedService struct {
|
|
nodev1.UnimplementedNodePrivilegedServiceServer
|
|
injectC chan<- *vaa.VAA
|
|
logger *zap.Logger
|
|
}
|
|
|
|
// adminGuardianSetUpdateToVAA converts a nodev1.GuardianSetUpdate message to its canonical VAA representation.
|
|
// Returns an error if the data is invalid.
|
|
func adminGuardianSetUpdateToVAA(req *nodev1.GuardianSetUpdate, guardianSetIndex uint32, timestamp uint32) (*vaa.VAA, error) {
|
|
if len(req.Guardians) == 0 {
|
|
return nil, errors.New("empty guardian set specified")
|
|
}
|
|
|
|
if len(req.Guardians) > common.MaxGuardianCount {
|
|
return nil, fmt.Errorf("too many guardians - %d, maximum is %d", len(req.Guardians), common.MaxGuardianCount)
|
|
}
|
|
|
|
addrs := make([]ethcommon.Address, len(req.Guardians))
|
|
for i, g := range req.Guardians {
|
|
if !ethcommon.IsHexAddress(g.Pubkey) {
|
|
return nil, fmt.Errorf("invalid pubkey format at index %d (%s)", i, g.Name)
|
|
}
|
|
|
|
ethAddr := ethcommon.HexToAddress(g.Pubkey)
|
|
for j, pk := range addrs {
|
|
if pk == ethAddr {
|
|
return nil, fmt.Errorf("duplicate pubkey at index %d (duplicate of %d): %s", i, j, g.Name)
|
|
}
|
|
}
|
|
|
|
addrs[i] = ethAddr
|
|
}
|
|
|
|
v := &vaa.VAA{
|
|
Version: vaa.SupportedVAAVersion,
|
|
GuardianSetIndex: guardianSetIndex,
|
|
Timestamp: time.Unix(int64(timestamp), 0),
|
|
Payload: vaa.BodyGuardianSetUpdate{
|
|
Keys: addrs,
|
|
NewIndex: guardianSetIndex + 1,
|
|
}.Serialize(),
|
|
}
|
|
|
|
return v, nil
|
|
}
|
|
|
|
// adminContractUpgradeToVAA converts a nodev1.ContractUpgrade message to its canonical VAA representation.
|
|
// Returns an error if the data is invalid.
|
|
func adminContractUpgradeToVAA(req *nodev1.ContractUpgrade, guardianSetIndex uint32, timestamp uint32) (*vaa.VAA, error) {
|
|
if len(req.NewContract) != 32 {
|
|
return nil, errors.New("invalid new_contract address")
|
|
}
|
|
|
|
if req.ChainId > math.MaxUint8 {
|
|
return nil, errors.New("invalid chain_id")
|
|
}
|
|
|
|
newContractAddress := vaa.Address{}
|
|
copy(newContractAddress[:], req.NewContract)
|
|
|
|
v := &vaa.VAA{
|
|
Version: vaa.SupportedVAAVersion,
|
|
GuardianSetIndex: guardianSetIndex,
|
|
Timestamp: time.Unix(int64(timestamp), 0),
|
|
Payload: vaa.BodyContractUpgrade{
|
|
ChainID: vaa.ChainID(req.ChainId),
|
|
NewContract: newContractAddress,
|
|
}.Serialize(),
|
|
}
|
|
|
|
return v, nil
|
|
}
|
|
|
|
func (s *nodePrivilegedService) InjectGovernanceVAA(ctx context.Context, req *nodev1.InjectGovernanceVAARequest) (*nodev1.InjectGovernanceVAAResponse, error) {
|
|
s.logger.Info("governance VAA injected via admin socket", zap.String("request", req.String()))
|
|
|
|
var (
|
|
v *vaa.VAA
|
|
err error
|
|
)
|
|
switch payload := req.Payload.(type) {
|
|
case *nodev1.InjectGovernanceVAARequest_GuardianSet:
|
|
v, err = adminGuardianSetUpdateToVAA(payload.GuardianSet, req.CurrentSetIndex, req.Timestamp)
|
|
case *nodev1.InjectGovernanceVAARequest_ContractUpgrade:
|
|
v, err = adminContractUpgradeToVAA(payload.ContractUpgrade, req.CurrentSetIndex, req.Timestamp)
|
|
default:
|
|
panic(fmt.Sprintf("unsupported VAA type: %T", payload))
|
|
}
|
|
if err != nil {
|
|
return nil, status.Error(codes.InvalidArgument, err.Error())
|
|
}
|
|
|
|
// Generate digest of the unsigned VAA.
|
|
digest, err := v.SigningMsg()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
s.logger.Info("governance VAA constructed",
|
|
zap.Any("vaa", v),
|
|
zap.String("digest", digest.String()),
|
|
)
|
|
|
|
s.injectC <- v
|
|
|
|
return &nodev1.InjectGovernanceVAAResponse{Digest: digest.Bytes()}, nil
|
|
}
|
|
|
|
func adminServiceRunnable(logger *zap.Logger, socketPath string, injectC chan<- *vaa.VAA, db *db.Database, gst *common.GuardianSetState) (supervisor.Runnable, error) {
|
|
// Delete existing UNIX socket, if present.
|
|
fi, err := os.Stat(socketPath)
|
|
if err == nil {
|
|
fmode := fi.Mode()
|
|
if fmode&os.ModeType == os.ModeSocket {
|
|
err = os.Remove(socketPath)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to remove existing socket at %s: %w", socketPath, err)
|
|
}
|
|
} else {
|
|
return nil, fmt.Errorf("%s is not a UNIX socket", socketPath)
|
|
}
|
|
}
|
|
|
|
// Create a new UNIX socket and listen to it.
|
|
|
|
// The socket is created with the default umask. We set a restrictive umask in setRestrictiveUmask
|
|
// to ensure that any files we create are only readable by the user - this is much harder to mess up.
|
|
// The umask avoids a race condition between file creation and chmod.
|
|
|
|
laddr, err := net.ResolveUnixAddr("unix", socketPath)
|
|
l, err := net.ListenUnix("unix", laddr)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to listen on %s: %w", socketPath, err)
|
|
}
|
|
|
|
logger.Info("admin server listening on", zap.String("path", socketPath))
|
|
|
|
nodeService := &nodePrivilegedService{
|
|
injectC: injectC,
|
|
logger: logger.Named("adminservice"),
|
|
}
|
|
|
|
publicrpcService := publicrpc.NewPublicrpcServer(logger, db, gst)
|
|
|
|
grpcServer := newGRPCServer(logger)
|
|
nodev1.RegisterNodePrivilegedServiceServer(grpcServer, nodeService)
|
|
publicrpcv1.RegisterPublicRPCServiceServer(grpcServer, publicrpcService)
|
|
return supervisor.GRPCServer(grpcServer, l, false), nil
|
|
}
|
|
|
|
func newGRPCServer(logger *zap.Logger) *grpc.Server {
|
|
server := grpc.NewServer(
|
|
grpc.StreamInterceptor(grpc_middleware.ChainStreamServer(
|
|
grpc_ctxtags.StreamServerInterceptor(),
|
|
grpc_prometheus.StreamServerInterceptor,
|
|
grpc_zap.StreamServerInterceptor(logger),
|
|
)),
|
|
grpc.UnaryInterceptor(grpc_middleware.ChainUnaryServer(
|
|
grpc_ctxtags.UnaryServerInterceptor(),
|
|
grpc_prometheus.UnaryServerInterceptor,
|
|
grpc_zap.UnaryServerInterceptor(logger),
|
|
)),
|
|
)
|
|
|
|
grpc_prometheus.EnableHandlingTimeHistogram()
|
|
grpc_prometheus.Register(server)
|
|
|
|
return server
|
|
}
|