Skip to content

Commit

Permalink
Use CertificateV2 and...
Browse files Browse the repository at this point in the history
add new fetch mechanism to only verify tips of cert chain and only serve verified certificates
  • Loading branch information
arun-koshy committed Oct 10, 2023
1 parent 6ab618a commit 1138954
Show file tree
Hide file tree
Showing 16 changed files with 1,158 additions and 74 deletions.
18 changes: 9 additions & 9 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 3 additions & 1 deletion crates/sui-protocol-config/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,8 @@ const MAX_PROTOCOL_VERSION: u64 = 28;
// Version 25: Add sui::table_vec::swap and sui::table_vec::swap_remove to system packages.
// Version 26: New gas model version.
// Add support for receiving objects off of other objects in devnet only.
// Version 27: Add sui::zklogin::verify_zklogin_id and related functions to sui framework.
// Version 28: Add sui::zklogin::verify_zklogin_id and related functions to sui framework.
// Use CertificateV2 in narwhal

#[derive(Copy, Clone, Debug, Hash, Serialize, Deserialize, PartialEq, Eq, PartialOrd, Ord)]
pub struct ProtocolVersion(u64);
Expand Down Expand Up @@ -1533,6 +1534,7 @@ impl ProtocolConfig {
if chain != Chain::Mainnet && chain != Chain::Testnet {
cfg.feature_flags.enable_effects_v2 = true;
}
cfg.feature_flags.narwhal_certificate_v2 = true;
}
// Use this template when making changes:
//
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ feature_flags:
end_of_epoch_transaction_supported: true
simple_conservation_checks: true
loaded_child_object_format_type: true
narwhal_certificate_v2: true
max_tx_size_bytes: 131072
max_input_objects: 2048
max_size_written_objects: 5000000
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ feature_flags:
end_of_epoch_transaction_supported: true
simple_conservation_checks: true
loaded_child_object_format_type: true
narwhal_certificate_v2: true
max_tx_size_bytes: 131072
max_input_objects: 2048
max_size_written_objects: 5000000
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ feature_flags:
loaded_child_object_format_type: true
receive_objects: true
enable_effects_v2: true
narwhal_certificate_v2: true
max_tx_size_bytes: 131072
max_input_objects: 2048
max_size_written_objects: 5000000
Expand Down
22 changes: 14 additions & 8 deletions narwhal/node/tests/staged/narwhal.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,23 +32,21 @@ BatchV2:
TYPENAME: VersionedMetadata
Certificate:
ENUM:
0:
V1:
1:
V2:
NEWTYPE:
TYPENAME: CertificateV1
TYPENAME: CertificateV2
CertificateDigest:
NEWTYPESTRUCT:
TUPLEARRAY:
CONTENT: U8
SIZE: 32
CertificateV1:
CertificateV2:
STRUCT:
- header:
TYPENAME: Header
- aggregated_signature:
TUPLEARRAY:
CONTENT: U8
SIZE: 48
- signature_verification_state:
TYPENAME: SignatureVerificationState
- signed_authorities: BYTES
- metadata:
TYPENAME: Metadata
Expand Down Expand Up @@ -88,6 +86,14 @@ MetadataV1:
- created_at: U64
- received_at:
OPTION: U64
SignatureVerificationState:
ENUM:
0:
Unsigned:
NEWTYPE:
TUPLEARRAY:
CONTENT: U8
SIZE: 48
VersionedMetadata:
ENUM:
0:
Expand Down
27 changes: 18 additions & 9 deletions narwhal/primary/src/aggregators.rs
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ use tracing::warn;
use types::{
ensure,
error::{DagError, DagResult},
Certificate, CertificateAPI, Header, Vote, VoteAPI,
Certificate, CertificateAPI, Header, SignatureVerificationState, Vote, VoteAPI,
};

/// Aggregates votes for a particular header into a certificate.
Expand Down Expand Up @@ -62,7 +62,7 @@ impl VotesAggregator {
.votes_received_last_round
.set(self.votes.len() as i64);
if self.weight >= committee.quorum_threshold() {
let cert = Certificate::new_unverified(
let mut cert = Certificate::new_unverified(
&self.protocol_config,
committee,
header.clone(),
Expand All @@ -83,24 +83,33 @@ impl VotesAggregator {
"Failed to verify aggregated sig on certificate: {} error: {}",
certificate_digest, err
);
let mut i = 0;
while i < self.votes.len() {
let (id, sig) = &self.votes[i];
self.votes.retain(|(id, sig)| {
let pk = committee.authority_safe(id).protocol_key();
if sig
.verify_secure(&to_intent_message(certificate_digest), pk)
.is_err()
{
warn!("Invalid signature on header from authority: {}", id);
self.weight -= committee.stake(pk);
self.votes.remove(i);
false
} else {
i += 1;
true
}
}
});
return Ok(None);
}
Ok(_) => return Ok(Some(cert)),
Ok(_) => {
if self.protocol_config.narwhal_certificate_v2() {
cert.set_signature_verification_state(
SignatureVerificationState::VerifiedDirectly(
cert.aggregated_signature()
.ok_or(DagError::InvalidSignature)?
.clone(),
),
);
}
return Ok(Some(cert));
}
}
}
Ok(None)
Expand Down
Loading

0 comments on commit 1138954

Please sign in to comment.