zecfoundation
/
zebra
mirror of https://github.com/ZcashFoundation/zebra.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,662 Commits 173 Branches 66 Tags 56 MiB
Rust 96%
Python 3.4%
Shell 0.5%
Dockerfile 0.1%
Go to file
Janito Vaqueiro Ferreira Filho b68202c68a
Security: Zebra should stop gossiping unreachable addresses to other nodes, Action: re-deploy all nodes (#2392) 
* Rename some methods and constants for clarity

Using the following commands:

```
fastmod '\bis_ready_for_attempt\b' is_ready_for_connection_attempt
  # One instance required a tweak, because of the ASCII diagram.
fastmod '\bwas_recently_live\b' has_connection_recently_responded
fastmod '\bwas_recently_attempted\b' was_connection_recently_attempted
fastmod '\bwas_recently_failed\b' has_connection_recently_failed
fastmod '\bLIVE_PEER_DURATION\b' MIN_PEER_RECONNECTION_DELAY
```

* Use `Instant::elapsed` for conciseness

Instead of `Instant::now().saturating_duration_since`. They're both
equivalent, and `elapsed` only panics if the `Instant` is somehow
synthetically generated.

* Allow `Duration32` to be created in other crates

Export the `Duration32` from the `zebra_chain::serialization` module.

* Add some new `Duration32` constructors

Create some helper `const` constructors to make it easy to create
constant durations. Add methods to create a `Duration32` from seconds,
minutes and hours.

* Avoid gossiping unreachable peers

When sanitizing the list of peers to gossip, remove those that we
haven't seen in more than three hours.

* Test if unreachable addresses aren't gossiped

Create a property test with random addreses inserted into an
`AddressBook`, and verify that the sanitized list of addresses does not
contain any addresses considered unreachable.

* Test if new alternate address isn't gossipable

Create a new alternate peer, because that type of `MetaAddr` does not
have `last_response` or `untrusted_last_seen` times. Verify that the
peer is not considered gossipable.

* Test if local listener is gossipable

The `MetaAddr` representing the local peer's listening address should
always be considered gossipable.

* Test if gossiped peer recently seen is gossipable

Create a `MetaAddr` representing a gossiped peer that was reported to be
seen recently. Check that the peer is considered gossipable.

* Test peer reportedly last seen in the future

Create a `MetaAddr` representing a peer gossiped and reported to have
been last seen in a time that's in the future. Check that the peer is
considered gossipable, to check that the fallback calculation is working
as intended.

* Test gossiped peer reportedly seen long ago

Create a `MetaAddr` representing a gossiped peer that was reported to
last have been seen a long time ago. Check that the peer is not
considered gossipable.

* Test if just responded peer is gossipable

Create a `MetaAddr` representing a peer that has just responded and
check that it is considered gossipable.

* Test if recently responded peer is gossipable

Create a `MetaAddr` representing a peer that last responded within the
duration a peer is considered reachable. Verify that the peer is
considered gossipable.

* Test peer that responded long ago isn't gossipable

Create a `MetaAddr` representing a peer that last responded outside the
duration a peer is considered reachable. Verify that the peer is not
considered gossipable.
 		2021-06-29 05:12:27 +00:00
.github Skip IPv6 network tests in google cloud workflows 2021-06-28 23:34:57 -04:00
book Add a note about maybe using the tui crate for zebra-cli (#2367) 2021-06-23 08:12:07 +10:00
docker Enable the metrics endpoint inside Docker.build by default 2021-01-02 18:24:02 -05:00
grafana Add an error grafana dashboard 2021-03-25 16:34:16 -04:00
tower-batch Upgrade to pin_project 1.0.7 to resolve nightly warnings 2021-06-21 15:52:39 -04:00
tower-fallback Update versions for zebra v1.0.0-alpha.11 release (#2334) 2021-06-18 10:37:58 +01:00
zebra-chain Security: Zebra should stop gossiping unreachable addresses to other nodes, Action: re-deploy all nodes (#2392) 2021-06-29 05:12:27 +00:00
zebra-client Standardise clippy lints and require docs (#2238) 2021-06-04 08:48:40 +10:00
zebra-consensus Fix intermittent errors in the groth16 verifier tests (#2412) 2021-06-29 12:48:50 +10:00
zebra-network Security: Zebra should stop gossiping unreachable addresses to other nodes, Action: re-deploy all nodes (#2392) 2021-06-29 05:12:27 +00:00
zebra-rpc Standardise clippy lints and require docs (#2238) 2021-06-04 08:48:40 +10:00
zebra-script Update versions for zebra v1.0.0-alpha.11 release (#2334) 2021-06-18 10:37:58 +01:00
zebra-state Legacy chain check and tests (#2366) 2021-06-29 15:03:51 +10:00
zebra-test Release Blocker? Disable IPv6 tests when $ZEBRA_SKIP_IPV6_TESTS is set (#2405) 2021-06-29 11:20:32 +10:00
zebra-utils build(deps): bump tracing-subscriber from 0.2.18 to 0.2.19 2021-06-28 11:25:55 -04:00
zebrad Legacy chain check and tests (#2366) 2021-06-29 15:03:51 +10:00
.gitignore switch to source based coverage (#1293) 2020-12-03 13:36:40 -08:00
CHANGELOG.md Add CHANGELOG.md file to the zebra git repo (#2346) 2021-06-22 14:31:30 +01:00
CODE_OF_CONDUCT.md CODE_OF_CONDUCT.md (#1097) 2021-03-25 10:54:08 +01:00
CONTRIBUTING.md Make the RFC TOC into a separate step (#2126) 2021-05-10 10:17:42 -03:00
Cargo.lock build(deps): bump tracing-subscriber from 0.2.18 to 0.2.19 2021-06-28 11:25:55 -04:00
Cargo.toml Update multiple crates to ensure bitvec 0.22.3 is being used (#2351) 2021-06-23 13:16:22 +10:00
LICENSE-APACHE Add copyright marks on each license 2019-11-14 11:50:49 -08:00
LICENSE-MIT Add copyright marks on each license 2019-11-14 11:50:49 -08:00
README.md README: update known issues and add inbound network ports (#2373) 2021-06-23 08:10:21 -03:00
SECURITY.md Explicitly allow unencrypted disclosures for alpha releases (#2127) 2021-05-11 14:41:33 +02:00
clippy.toml Apply clippy fixes 2020-02-05 12:42:32 -08:00
cloudbuild.yaml Pipe SHORT_SHA into container builds (#1451) 2020-12-03 22:51:42 -05:00
codecov.yml Disable CodeCov annotations via GitHub Checks 2020-09-10 14:52:01 -04:00
firebase.json Configure redirect for firebase hosting 2020-01-16 18:38:16 -05:00
katex-header.html Add KaTeX to rendered docs. (#832) 2020-08-05 17:34:30 -07:00
prometheus.yaml Tell Prometheus to scrape more aggressively 2020-02-14 20:14:05 -05:00

README.md

Zebra logotype

codecov License

About

Zebra is the Zcash Foundation's independent, consensus-compatible implementation of the Zcash protocol, currently under development. Please join us on Discord if you'd like to find out more or get involved!

Alpha Releases

Every few weeks, we release a new Zebra alpha release.

The goals of the alpha release series are to:

  • participate in the Zcash network,
  • replicate the Zcash chain state,
  • implement the Zcash proof of work consensus rules, and
  • sync on Mainnet under excellent network conditions.

Currently, Zebra does not validate all the Zcash consensus rules. It may be unreliable on Testnet, and under less-than-perfect network conditions. See our current features and roadmap for details.

Getting Started

Building zebrad requires Rust, libclang, and a C++ compiler.

Detailed Build and Run Instructions

  1. Install cargo and rustc.
    • Using rustup installs the stable Rust toolchain, which zebrad targets.
  2. Install Zebra's build dependencies:
    • libclang: the libclang, libclang-dev, llvm, or llvm-dev packages, depending on your package manager
    • clang or another C++ compiler: g++, Xcode, or MSVC
  3. Run cargo install --locked --git https://github.com/ZcashFoundation/zebra --tag v1.0.0-alpha.11 zebrad
  4. Run zebrad start

If you're interested in testing out zebrad please feel free, but keep in mind that there is a lot of key functionality still missing.

Build Troubleshooting

If you're having trouble with:

  • dependencies:
    • install both libclang and clang - they are usually different packages
    • use cargo install without --locked to build with the latest versions of each dependency
  • libclang: check out the clang-sys documentation
  • g++ or MSVC++: try using clang or Xcode instead
  • rustc: use rustc 1.48 or later
    • Zebra does not have a minimum supported Rust version (MSRV) policy yet

System Requirements

We usually build zebrad on systems with:

  • 2+ CPU cores
  • 7+ GB RAM
  • 14+ GB of disk space

On many-core machines (like, 32-core) the build is very fast; on 2-core machines it's less fast.

We continuously test that our builds and tests pass on:

  • Windows Server 2019
  • macOS Big Sur 11.0
  • Ubuntu 18.04 / the latest LTS
  • Debian Buster

We usually run zebrad on systems with:

  • 4+ CPU cores
  • 16+ GB RAM
  • 50GB+ available disk space for finalized state
  • 100+ Mbps network connections

zebrad might build and run fine on smaller and slower systems - we haven't tested its exact limits yet.

Network Ports and Data Usage

By default, Zebra uses the following inbound TCP listener ports:

  • 8233 on Mainnet
  • 18233 on Testnet

If Zebra is configured with a specific listen_addr, it will advertise this address to other nodes for inbound connections.

Zebra makes outbound connections to peers on any port. But zcashd prefers peers on the default ports, so that it can't be used for DDoS attacks on other networks.

zebrad's typical network usage is:

  • initial sync: 30 GB download
  • ongoing updates: 10-50 MB upload and download per day, depending on peer requests

The major constraint we've found on zebrad performance is the network weather, especially the ability to make good connections to other Zcash network peers.

Current Features

Network:

  • synchronize the chain from peers
  • download gossiped blocks from peers
  • answer inbound peer requests for hashes, headers, and blocks

State:

  • persist block, transaction, UTXO, and nullifier indexes
  • handle chain reorganizations

Proof of Work:

  • validate equihash, block difficulty threshold, and difficulty adjustment
  • validate transaction merkle roots

Validating proof of work increases the cost of creating a consensus split between zebrad and zcashd.

This release also implements some other Zcash consensus rules, to check that Zebra's validation architecture supports future work on a full validating node:

  • block and transaction structure
  • checkpoint-based verification up to and including Canopy activation
  • transaction validation (incomplete)
  • transaction cryptography (incomplete)
  • transaction scripts (incomplete)
  • batch verification (incomplete)

Dependencies

Zebra primarily depends on pure Rust crates, and some Rust/C++ crates:

Known Issues

There are a few bugs in Zebra that we're still working on fixing:

Zebra's state commits changes using database transactions. If you forcibly terminate it, or it panics, any incomplete changes will be rolled back the next time it starts.

Future Work

In 2021, we intend to finish validation, add RPC support, and add wallet integration. This phased approach allows us to test Zebra's independent implementation of the consensus rules, before asking users to entrust it with their funds.

Features:

  • full consensus rule validation
  • transaction mempool
  • wallet functionality
  • RPC functionality

Performance and Reliability:

  • reliable syncing on Testnet
  • reliable syncing under poor network conditions
  • batch verification
  • performance tuning

Documentation

The Zebra website contains user documentation, such as how to run or configure Zebra, set up metrics integrations, etc., as well as developer documentation, such as design documents. We also render API documentation for the external API of our crates, as well as internal documentation for private APIs.

Architecture

Unlike zcashd, which originated as a Bitcoin Core fork and inherited its monolithic architecture, Zebra has a modular, library-first design, with the intent that each component can be independently reused outside of the zebrad full node. For instance, the zebra-network crate containing the network stack can also be used to implement anonymous transaction relay, network crawlers, or other functionality, without requiring a full node.

At a high level, the fullnode functionality required by zebrad is factored into several components:

  • zebra-chain, providing definitions of core data structures for Zcash, such as blocks, transactions, addresses, etc., and related functionality. It also contains the implementation of the consensus-critical serialization formats used in Zcash. The data structures in zebra-chain are defined to enforce structural validity by making invalid states unrepresentable. For instance, the Transaction enum has variants for each transaction version, and it's impossible to construct a transaction with, e.g., spend or output descriptions but no binding signature, or, e.g., a version 2 (Sprout) transaction with Sapling proofs. Currently, zebra-chain is oriented towards verifying transactions, but will be extended to support creating them in the future.

  • zebra-network, providing an asynchronous, multithreaded implementation of the Zcash network protocol inherited from Bitcoin. In contrast to zcashd, each peer connection has a separate state machine, and the crate translates the external network protocol into a stateless, request/response-oriented protocol for internal use. The crate provides two interfaces:

    • an auto-managed connection pool that load-balances local node requests over available peers, and sends peer requests to a local inbound service, and
    • a connect_isolated method that produces a peer connection completely isolated from all other node state. This can be used, for instance, to safely relay data over Tor, without revealing distinguishing information.

  • zebra-script provides script validation. Currently, this is implemented by linking to the C++ script verification code from zcashd, but in the future we may implement a pure-Rust script implementation.

  • zebra-consensus performs semantic validation of blocks and transactions: all consensus rules that can be checked independently of the chain state, such as verification of signatures, proofs, and scripts. Internally, the library uses tower-batch to perform automatic, transparent batch processing of contemporaneous verification requests.

  • zebra-state is responsible for storing, updating, and querying the chain state. The state service is responsible for contextual verification: all consensus rules that check whether a new block is a valid extension of an existing chain, such as updating the nullifier set or checking that transaction inputs remain unspent.

  • zebrad contains the full node, which connects these components together and implements logic to handle inbound requests from peers and the chain sync process.

  • zebra-rpc and zebra-client will eventually contain the RPC and wallet functionality, but as mentioned above, our goal is to implement replication of chain state first before asking users to entrust Zebra with their funds.

All of these components can be reused as independent libraries, and all communication between stateful components is handled internally by internal asynchronous RPC abstraction ("microservices in one process").

Security

Zebra has a responsible disclosure policy, which we encourage security researchers to follow.

License

Zebra is distributed under the terms of both the MIT license and the Apache License (Version 2.0).

See LICENSE-APACHE and LICENSE-MIT.