woop/consensus/double_sign.go

package consensus

import (
	"github.com/ethereum/go-ethereum/common"
	"github.com/harmony-one/bls/ffi/go/bls"
	"github.com/harmony-one/harmony/consensus/quorum"
	"github.com/harmony-one/harmony/shard"
	"github.com/harmony-one/harmony/staking/slash"
)

// Check for double sign and if any, send it out to beacon chain for slashing.
// Returns true when it is a double-sign or there is error, otherwise, false.
func (consensus *Consensus) checkDoubleSign(recvMsg *FBFTMessage) bool {
	if consensus.couldThisBeADoubleSigner(recvMsg) {
		if alreadyCastBallot := consensus.Decider.ReadBallot(
			quorum.Commit, recvMsg.SenderPubkey,
		); alreadyCastBallot != nil {
			firstPubKey := bls.PublicKey{}
			alreadyCastBallot.SignerPubKey.ToLibBLSPublicKey(&firstPubKey)
			if recvMsg.SenderPubkey.IsEqual(&firstPubKey) {
				for _, blk := range consensus.FBFTLog.GetBlocksByNumber(recvMsg.BlockNum) {
					firstSignedBlock := blk.Header()
					areHeightsEqual := firstSignedBlock.Number().Uint64() == recvMsg.BlockNum
					areViewIDsEqual := firstSignedBlock.ViewID().Uint64() == recvMsg.ViewID
					areHeadersEqual := firstSignedBlock.Hash() == recvMsg.BlockHash

					// If signer already firstSignedBlock, and the block height is the same
					// and the viewID is the same, then we need to verify the block
					// hash, and if block hash is different, then that is a clear
					// case of double signing
					if areHeightsEqual && areViewIDsEqual && !areHeadersEqual {
						var doubleSign bls.Sign
						if err := doubleSign.Deserialize(recvMsg.Payload); err != nil {
							consensus.getLogger().Err(err).Str("msg", recvMsg.String()).
								Msg("could not deserialize potential double signer")
							return true
						}

						curHeader := consensus.ChainReader.CurrentHeader()
						committee, err := consensus.ChainReader.ReadShardState(curHeader.Epoch())
						if err != nil {
							consensus.getLogger().Err(err).
								Uint32("shard", consensus.ShardID).
								Uint64("epoch", curHeader.Epoch().Uint64()).
								Msg("could not read shard state")
							return true
						}
						offender := shard.FromLibBLSPublicKeyUnsafe(recvMsg.SenderPubkey)
						if offender == nil {
							consensus.getLogger().Error().
								Str("msg", recvMsg.String()).
								Msg("could not get shard key from sender's key")
							return true
						}
						subComm, err := committee.FindCommitteeByID(
							consensus.ShardID,
						)
						if err != nil {
							consensus.getLogger().Err(err).
								Str("msg", recvMsg.String()).
								Msg("could not find subcommittee for bls key")
							return true
						}

						addr, err := subComm.AddressForBLSKey(*offender)
						if err != nil {
							consensus.getLogger().Err(err).Str("msg", recvMsg.String()).
								Msg("could not find address for bls key")
							return true
						}

						leaderShardKey := shard.FromLibBLSPublicKeyUnsafe(consensus.LeaderPubKey)
						if leaderShardKey == nil {
							consensus.getLogger().Error().
								Str("msg", recvMsg.String()).
								Msg("could not get shard key from leader's key")
							return true
						}
						leaderAddr, err := subComm.AddressForBLSKey(*leaderShardKey)
						if err != nil {
							consensus.getLogger().Err(err).Str("msg", recvMsg.String()).
								Msg("could not find address for leader bls key")
							return true
						}

						go func(reporter common.Address) {
							evid := slash.Evidence{
								ConflictingVotes: slash.ConflictingVotes{
									FirstVote: slash.Vote{
										alreadyCastBallot.SignerPubKey,
										alreadyCastBallot.BlockHeaderHash,
										alreadyCastBallot.Signature,
									},
									SecondVote: slash.Vote{
										*offender,
										recvMsg.BlockHash,
										common.Hex2Bytes(doubleSign.SerializeToHexStr()),
									}},
								Moment: slash.Moment{
									Epoch:   curHeader.Epoch(),
									ShardID: consensus.ShardID,
								},
								Offender: *addr,
							}
							proof := slash.Record{
								Evidence: evid,
								Reporter: reporter,
							}
							consensus.SlashChan <- proof
						}(*leaderAddr)
						return true
					}
				}
			}
		}
		return true
	}
	return false
}

func (consensus *Consensus) couldThisBeADoubleSigner(
	recvMsg *FBFTMessage,
) bool {
	num, hash := consensus.blockNum, recvMsg.BlockHash
	suspicious := !consensus.FBFTLog.HasMatchingAnnounce(num, hash) ||
		!consensus.FBFTLog.HasMatchingPrepared(num, hash)
	if suspicious {
		consensus.getLogger().Debug().
			Str("message", recvMsg.String()).
			Uint64("block-on-consensus", num).
			Msg("possible double signer")
		return true
	}
	return false
}
refactor slashing code and fix audit todos 5 years ago			`package consensus`

			`import (`
			`"github.com/ethereum/go-ethereum/common"`
			`"github.com/harmony-one/bls/ffi/go/bls"`
			`"github.com/harmony-one/harmony/consensus/quorum"`
			`"github.com/harmony-one/harmony/shard"`
			`"github.com/harmony-one/harmony/staking/slash"`
			`)`

			`// Check for double sign and if any, send it out to beacon chain for slashing.`
Return if potential double sign 5 years ago			`// Returns true when it is a double-sign or there is error, otherwise, false.`
			`func (consensus Consensus) checkDoubleSign(recvMsg FBFTMessage) bool {`
refactor slashing code and fix audit todos 5 years ago			`if consensus.couldThisBeADoubleSigner(recvMsg) {`
			`if alreadyCastBallot := consensus.Decider.ReadBallot(`
			`quorum.Commit, recvMsg.SenderPubkey,`
			`); alreadyCastBallot != nil {`
			`firstPubKey := bls.PublicKey{}`
			`alreadyCastBallot.SignerPubKey.ToLibBLSPublicKey(&firstPubKey)`
			`if recvMsg.SenderPubkey.IsEqual(&firstPubKey) {`
			`for _, blk := range consensus.FBFTLog.GetBlocksByNumber(recvMsg.BlockNum) {`
			`firstSignedBlock := blk.Header()`
			`areHeightsEqual := firstSignedBlock.Number().Uint64() == recvMsg.BlockNum`
			`areViewIDsEqual := firstSignedBlock.ViewID().Uint64() == recvMsg.ViewID`
			`areHeadersEqual := firstSignedBlock.Hash() == recvMsg.BlockHash`

			`// If signer already firstSignedBlock, and the block height is the same`
			`// and the viewID is the same, then we need to verify the block`
			`// hash, and if block hash is different, then that is a clear`
			`// case of double signing`
			`if areHeightsEqual && areViewIDsEqual && !areHeadersEqual {`
			`var doubleSign bls.Sign`
			`if err := doubleSign.Deserialize(recvMsg.Payload); err != nil {`
			`consensus.getLogger().Err(err).Str("msg", recvMsg.String()).`
			`Msg("could not deserialize potential double signer")`
Return if potential double sign 5 years ago			`return true`
refactor slashing code and fix audit todos 5 years ago			`}`

			`curHeader := consensus.ChainReader.CurrentHeader()`
			`committee, err := consensus.ChainReader.ReadShardState(curHeader.Epoch())`
			`if err != nil {`
			`consensus.getLogger().Err(err).`
			`Uint32("shard", consensus.ShardID).`
			`Uint64("epoch", curHeader.Epoch().Uint64()).`
			`Msg("could not read shard state")`
Return if potential double sign 5 years ago			`return true`
refactor slashing code and fix audit todos 5 years ago			`}`
[node] move self address to node, make it updatable every epoch (#2799) * [node] move self address to node, make it updatable every epoch * golint issues * making thread-safe, better naming, handling nil cases better * golint * correct locking, return on nil 5 years ago			`offender := shard.FromLibBLSPublicKeyUnsafe(recvMsg.SenderPubkey)`
			`if offender == nil {`
			`consensus.getLogger().Error().`
			`Str("msg", recvMsg.String()).`
			`Msg("could not get shard key from sender's key")`
			`return true`
			`}`
refactor slashing code and fix audit todos 5 years ago			`subComm, err := committee.FindCommitteeByID(`
			`consensus.ShardID,`
			`)`
			`if err != nil {`
			`consensus.getLogger().Err(err).`
			`Str("msg", recvMsg.String()).`
			`Msg("could not find subcommittee for bls key")`
Return if potential double sign 5 years ago			`return true`
refactor slashing code and fix audit todos 5 years ago			`}`

[node] move self address to node, make it updatable every epoch (#2799) * [node] move self address to node, make it updatable every epoch * golint issues * making thread-safe, better naming, handling nil cases better * golint * correct locking, return on nil 5 years ago			`addr, err := subComm.AddressForBLSKey(*offender)`
refactor slashing code and fix audit todos 5 years ago			`if err != nil {`
			`consensus.getLogger().Err(err).Str("msg", recvMsg.String()).`
			`Msg("could not find address for bls key")`
Return if potential double sign 5 years ago			`return true`
refactor slashing code and fix audit todos 5 years ago			`}`

[node] move self address to node, make it updatable every epoch (#2799) * [node] move self address to node, make it updatable every epoch * golint issues * making thread-safe, better naming, handling nil cases better * golint * correct locking, return on nil 5 years ago			`leaderShardKey := shard.FromLibBLSPublicKeyUnsafe(consensus.LeaderPubKey)`
			`if leaderShardKey == nil {`
			`consensus.getLogger().Error().`
			`Str("msg", recvMsg.String()).`
			`Msg("could not get shard key from leader's key")`
			`return true`
			`}`
			`leaderAddr, err := subComm.AddressForBLSKey(*leaderShardKey)`
			`if err != nil {`
			`consensus.getLogger().Err(err).Str("msg", recvMsg.String()).`
			`Msg("could not find address for leader bls key")`
			`return true`
			`}`

refactor slashing code and fix audit todos 5 years ago			`go func(reporter common.Address) {`
			`evid := slash.Evidence{`
Fix slash verify to avoid potential duplicate slashes exploit (#2914) * Remove timestamp in slash record * Fix potential exploits of reporting duplicate slashes * fix import * dedup swapped votes 5 years ago			`ConflictingVotes: slash.ConflictingVotes{`
			`FirstVote: slash.Vote{`
			`alreadyCastBallot.SignerPubKey,`
			`alreadyCastBallot.BlockHeaderHash,`
			`alreadyCastBallot.Signature,`
			`},`
			`SecondVote: slash.Vote{`
			`*offender,`
			`recvMsg.BlockHash,`
			`common.Hex2Bytes(doubleSign.SerializeToHexStr()),`
refactor slashing code and fix audit todos 5 years ago			`}},`
			`Moment: slash.Moment{`
Fix slash verify to avoid potential duplicate slashes exploit (#2914) * Remove timestamp in slash record * Fix potential exploits of reporting duplicate slashes * fix import * dedup swapped votes 5 years ago			`Epoch: curHeader.Epoch(),`
			`ShardID: consensus.ShardID,`
refactor slashing code and fix audit todos 5 years ago			`},`
Fix slash verify to avoid potential duplicate slashes exploit (#2914) * Remove timestamp in slash record * Fix potential exploits of reporting duplicate slashes * fix import * dedup swapped votes 5 years ago			`Offender: *addr,`
refactor slashing code and fix audit todos 5 years ago			`}`
			`proof := slash.Record{`
			`Evidence: evid,`
			`Reporter: reporter,`
			`}`
			`consensus.SlashChan <- proof`
[node] move self address to node, make it updatable every epoch (#2799) * [node] move self address to node, make it updatable every epoch * golint issues * making thread-safe, better naming, handling nil cases better * golint * correct locking, return on nil 5 years ago			`}(*leaderAddr)`
Return if potential double sign 5 years ago			`return true`
refactor slashing code and fix audit todos 5 years ago			`}`
			`}`
			`}`
			`}`
Return if potential double sign 5 years ago			`return true`
refactor slashing code and fix audit todos 5 years ago			`}`
Return if potential double sign 5 years ago			`return false`
refactor slashing code and fix audit todos 5 years ago			`}`

			`func (consensus *Consensus) couldThisBeADoubleSigner(`
			`recvMsg *FBFTMessage,`
			`) bool {`
fix redundant var 5 years ago			`num, hash := consensus.blockNum, recvMsg.BlockHash`
refactor slashing code and fix audit todos 5 years ago			`suspicious := !consensus.FBFTLog.HasMatchingAnnounce(num, hash) \|\|`
			`!consensus.FBFTLog.HasMatchingPrepared(num, hash)`
			`if suspicious {`
			`consensus.getLogger().Debug().`
			`Str("message", recvMsg.String()).`
fix redundant var 5 years ago			`Uint64("block-on-consensus", num).`
refactor slashing code and fix audit todos 5 years ago			`Msg("possible double signer")`
			`return true`
			`}`
			`return false`
			`}`