permission: Enabled QIP714Block to allow staggered migration of network for enabling new permissions

2019-09-26 15:38:45 +08:00 · 2019-09-26 15:38:45 +08:00 · 4280bdadac
parent afb61f089c
commit 4280bdadac
4 changed files with 65 additions and 12 deletions
--- a/core/tx_pool.go
+++ b/core/tx_pool.go
@ -1309,10 +1309,6 @@ func checkAccount(fromAcct common.Address, toAcct *common.Address) error {
 	access := types.GetAcctAccess(fromAcct)

 	switch access {
-	case types.FullAccess:
-	case types.ContractDeploy:
-		return nil
-
 	case types.ReadOnly:
 		return errors.New("read only account. cannot transact")

@ -1320,6 +1316,10 @@ func checkAccount(fromAcct common.Address, toAcct *common.Address) error {
 		if toAcct == nil {
 			return errors.New("account does not have contract create permissions")
 		}
+
+	case types.FullAccess, types.ContractDeploy:
+		return nil
+
 	}
 	return nil
 }
--- a/core/types/permissions_cache.go
+++ b/core/types/permissions_cache.go
@ -168,6 +168,7 @@ func NewAcctCache() *AcctCache {
 var syncStarted = false

 var DefaultAccess = FullAccess
+var QIP714BlockReached = false
 var networkAdminRole string
 var orgAdminRole string

@ -190,10 +191,15 @@ func GetSyncStatus() bool {
 	return syncStarted
 }

+// sets the default access to Readonly upon QIP714Blokc
+func SetDefaultAccess(){
+	DefaultAccess = ReadOnly
+	QIP714BlockReached = true
+}
+
 // sets default access to readonly and initializes the values for
 // network admin role and org admin role
 func SetDefaults(nwRoleId, oaRoleId string) {
-	DefaultAccess = ReadOnly
 	networkAdminRole = nwRoleId
 	orgAdminRole = oaRoleId
 }
@ -377,12 +383,12 @@ func GetAcctAccess(acctId common.Address) AccessType {
 	return DefaultAccess
 }

-func ValidateNodeForTxn(enodeId string, from common.Address) bool {
-	if enodeId == "" {
+func ValidateNodeForTxn(hexnodeId string, from common.Address) bool {
+	if !QIP714BlockReached || hexnodeId == ""{
 		return true
 	}

-	passedEnodeId, err := enode.ParseV4(enodeId)
+	passedEnodeId, err := enode.ParseV4(hexnodeId)
 	if err != nil {
 		return false
 	}
--- a/params/config.go
+++ b/params/config.go
@ -132,19 +132,19 @@ var (
 	//
 	// This configuration is intentionally not using keyed fields to force anyone
 	// adding flags to the config to also have to set these fields.
-	AllEthashProtocolChanges = &ChainConfig{big.NewInt(1337), big.NewInt(0), nil, false, big.NewInt(0), common.Hash{}, big.NewInt(0), big.NewInt(0), big.NewInt(0), big.NewInt(0), nil, new(EthashConfig), nil, nil, false, 32, 50}
+	AllEthashProtocolChanges = &ChainConfig{big.NewInt(1337), big.NewInt(0), nil, false, big.NewInt(0), common.Hash{}, big.NewInt(0), big.NewInt(0), big.NewInt(0), big.NewInt(0), nil, new(EthashConfig), nil, nil, false, 32, 50, big.NewInt(0)}

 	// AllCliqueProtocolChanges contains every protocol change (EIPs) introduced
 	// and accepted by the Ethereum core developers into the Clique consensus.
 	//
 	// This configuration is intentionally not using keyed fields to force anyone
 	// adding flags to the config to also have to set these fields.
-	AllCliqueProtocolChanges = &ChainConfig{big.NewInt(1337), big.NewInt(0), nil, false, big.NewInt(0), common.Hash{}, big.NewInt(0), big.NewInt(0), big.NewInt(0), big.NewInt(0), nil, nil, &CliqueConfig{Period: 0, Epoch: 30000}, nil, false, 32, 32}
+	AllCliqueProtocolChanges = &ChainConfig{big.NewInt(1337), big.NewInt(0), nil, false, big.NewInt(0), common.Hash{}, big.NewInt(0), big.NewInt(0), big.NewInt(0), big.NewInt(0), nil, nil, &CliqueConfig{Period: 0, Epoch: 30000}, nil, false, 32, 32, big.NewInt(0)}

-	TestChainConfig = &ChainConfig{big.NewInt(10), big.NewInt(0), nil, false, big.NewInt(0), common.Hash{}, big.NewInt(0), big.NewInt(0), big.NewInt(0), big.NewInt(0), nil, new(EthashConfig), nil, nil, false, 32, 32}
+	TestChainConfig = &ChainConfig{big.NewInt(10), big.NewInt(0), nil, false, big.NewInt(0), common.Hash{}, big.NewInt(0), big.NewInt(0), big.NewInt(0), big.NewInt(0), nil, new(EthashConfig), nil, nil, false, 32, 32, big.NewInt(0)}
 	TestRules       = TestChainConfig.Rules(new(big.Int))

-	QuorumTestChainConfig = &ChainConfig{big.NewInt(10), big.NewInt(0), nil, false, nil, common.Hash{}, nil, nil, nil, nil, nil, new(EthashConfig), nil, nil, true, 64, 32}
+	QuorumTestChainConfig = &ChainConfig{big.NewInt(10), big.NewInt(0), nil, false, nil, common.Hash{}, nil, nil, nil, nil, nil, new(EthashConfig), nil, nil, true, 64, 32, big.NewInt(0)}
 )

 // TrustedCheckpoint represents a set of post-processed trie roots (CHT and
@ -191,6 +191,10 @@ type ChainConfig struct {
 	IsQuorum             bool   `json:"isQuorum"`
 	TransactionSizeLimit uint64 `json:"txnSizeLimit"`
 	MaxCodeSize          uint64 `json:"maxCodeSize"`
+	// Quorum
+	//
+	// QIP714Block implements the permissions related changes
+	QIP714Block *big.Int `json:"qip714Block,omitempty"`
 }

 // EthashConfig is the consensus engine configs for proof-of-work based sealing.
@ -304,6 +308,13 @@ func (c *ChainConfig) IsEWASM(num *big.Int) bool {
 	return isForked(c.EWASMBlock, num)
 }

+// Quorum
+//
+// IsQIP714 returns whether num represents a block number where permissions is enabled
+func (c *ChainConfig) IsQIP714(num *big.Int) bool {
+	return isForked(c.QIP714Block, num)
+}
+
 // GasTable returns the gas table corresponding to the current phase (homestead or homestead reprice).
 //
 // The returned GasTable's fields shouldn't, under any circumstances, be changed.
@ -375,6 +386,9 @@ func (c *ChainConfig) checkCompatible(newcfg *ChainConfig, head *big.Int, isQuor
 	if isForkIncompatible(c.EWASMBlock, newcfg.EWASMBlock, head) {
 		return newCompatError("ewasm fork block", c.EWASMBlock, newcfg.EWASMBlock)
 	}
+	if isForkIncompatible(c.QIP714Block, newcfg.QIP714Block, head) {
+		return newCompatError("permissions fork block", c.QIP714Block, newcfg.QIP714Block)
+	}
 	return nil
 }

--- a/permission/permission.go
+++ b/permission/permission.go
@ -4,6 +4,7 @@ import (
 	"crypto/ecdsa"
 	"encoding/json"
 	"fmt"
+	"github.com/ethereum/go-ethereum/core"
 	"io/ioutil"
 	"math/big"
 	"os"
@ -181,6 +182,7 @@ func (p *PermissionCtrl) AfterStart() error {
 	types.SetDefaults(p.permConfig.NwAdminRole, p.permConfig.OrgAdminRole)

 	for _, f := range []func() error{
+		p.monitorQIP714Block,       // monitor block number to activate new permissions controls
 		p.manageOrgPermissions,     // monitor org management related events
 		p.manageNodePermissions,    // monitor org  level node management events
 		p.manageRolePermissions,    // monitor org level role management events
@ -275,6 +277,37 @@ func (p *PermissionCtrl) Stop() error {
 	return nil
 }

+// monitors org management related events happening via smart contracts
+// and updates cache accordingly
+func (p *PermissionCtrl) monitorQIP714Block() error {
+	// if QIP714block is not given, set the default access
+	// to readonly
+	if p.eth.ChainConfig().QIP714Block == nil {
+		types.SetDefaultAccess()
+		return nil
+	}
+	//QIP714block is given, monitor block count
+	go func() {
+		chainHeadCh := make(chan core.ChainHeadEvent, 1)
+		headSub := p.eth.BlockChain().SubscribeChainHeadEvent(chainHeadCh)
+		defer headSub.Unsubscribe()
+		stopChan, stopSubscription := p.subscribeStopEvent()
+		defer stopSubscription.Unsubscribe()
+		for {
+			select {
+			case  head := <-chainHeadCh:
+				if p.eth.ChainConfig().IsQIP714(head.Block.Number()) {
+					types.SetDefaultAccess()
+					return
+				}
+			case <-stopChan:
+				return
+			}
+		}
+	}()
+	return nil
+}
+
 // monitors org management related events happening via smart contracts
 // and updates cache accordingly
 func (p *PermissionCtrl) manageOrgPermissions() error {