This change moves blocks out from the signed portion of the IBFT messages (Proposal, RoundChange and NewRound).
This has grossly affected the message validators and message factories - but otherwise does not affect the general behaviour of the system (other than reducing message size of the NewRound messages).
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Two changes:
* Stream chains now take up less vertical lines, only breaking on
stream operations.
* Long annotations that span multiple lines no longer have a dangling
parentesis and indent 4 spaces.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
With a prior change swapping header validation for block
validation in the IBFT messages, the necessity to pass in the block
header was removed - though the code remained.
This change simplifies the MessageValidatorFactory interface to only
take the chain height (rather than the full parent header).
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
The IbftRoundFactory creates a MessageValidator for use within the
newly created round, however it does this bypassing the established
factory classes (MessageValidatorFactory).
This commit updates the IbftRoundFactory to use the correct API for
creating the message validator.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
The IBFT messages have been flattened such that the content within the
signed subtype can be accessed directly from the message interface.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
IBFT2.1 requires that message content be separated, thus concepts
at the message level must not leak into the business logic - eg
RoundChangeCertificate should not be created by the
RoundChangeManager - rather an intermediate type is to be inserted.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Moving to IBFT2.1 requires that validation be conducted
on the signeddata aspects of a message separately from the
'piggybacked' block.
Move Validators to using Messages
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Create wrapper types for Ibft Signed messages
As future IBFT message will require only subsets of the data to be signed,
the message structures need to be modified such taht the signed-data
aspects can be a component of the message (Rather than the whole
message).
THis chnage starts this process by having a "flat" message which allows
clients to query the required round, and author of the message.
* Updated IbftHeightManager to new msgtypes
* Removed final from interface
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
As future IBFT message will require only subsets of the data to be signed,
the message structures need to be modified such taht the signed-data
aspects can be a component of the message (Rather than the whole
message).
This change starts this process by having a "flat" message which allows
clients to query the required round, and author of the message.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Messages which originate with the current node are logged in the
gossiper such that if a remote peer sends a packet which originated
from the local back to the local node, it should not go back out
again.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Refactoring for more readable IBFT IT
* Renaming Roles to peers
* Moving the assert behaviour into the RoundChangePeers
* Renmaing prefix of assert to verify, grammar
* Reducing usage of getAllPeers()
* Dropping the getter for the peer list
* Dropping peer from method names, as it's now in the class name
* Spotless
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Makes Synchronizer responsible for deciding if it has enough peers or not rather than ProtocolManager.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Add Privacy Cli options
* Wire up Precompiled contract configuration to Protocol Spec
* Rename createDefault to noPrivacy to indicate the defaults.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Nodes which are not validators in a network should not inject
IBFT messages to the consensus round, and should not gossip
received messages.
I.e. all events should ensure that they are only handled if
the node is a validator at the current height.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Ibft will no longer buffer round change messages for prior rounds.
While the messages buffered where discarded on round change, they
should not be buffered.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
This commit adds additional tests which fall outside of the existing
suite, and target spuriously behaved peers - i.e. illegal seals,
illformed RLP data etc.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
This allows individual items of the test framework to be replaced
during the test construction (i.e. eventqueue, clock, validator count).
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
This adds tests to ensure the IBFT capability handles the chain updating
"under" the state machine.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
The ibftGetValidatorsByBlockNumber and ibftGetValidatorsByBlockHash
both returned a list of Addresses, whichi when translated back into
JSON RPC responses, results in an incorrect 'shape'.
These RPC calls should (and now do) return a list of strings.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Previously, IBFT only validated the header of the block on reception
of a proposal. However in order to minimise the risk of a "bad block"
being detected after a PreparedCertificate being created, it has been
decided to validate the whole block (i.e. exercise the transactions,
process the block and ensure hashes etc line up with the header).
There is still some (minor) risk of a failed block import, however
it is substantially reduced.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Testing indicated that if quorum-1 commit messages is received prior
to the proposal, the proposed block will be imported twice.
Theoretically this is handled safely by the BlockImporter, however
is clearly an error in the IbftRound code.
This commit updates IbftRound such that the import can only occur
once.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
* Removing code identified by the 'unused declaration' analysis in IntelliJ
* Undoing removal of injectNewRound as that's actually used
* Removing wrapper class from Clique UT
* Spotless
* Adding back code
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
In order to validate a block separate to its commit seals, the commit
seals must be validated separately to the validator content of the
block.
At this stage, the commit rule is _not_ light, however this change
is to be conducted in subsequent PRs.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Constructor of the RoundChangeManager now accepts a
RoundChangeMessageValidator rather than creating it from inputs.
This removes complexity from this class, pushes creation back to the
validator factory, and simplifies the IbftBlockHeightManagerFactory.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>
Ibft is required to validate a block upon reception, but not import
it until a later time.
As such, IBFT will require validation and importing to be separated.
The validator has been exposed as part of the ProtocolSpecification.
Signed-off-by: Adrian Sutton <adrian.sutton@consensys.net>