Merge pull request #4 from filecoin-project/master

merge
filecoin-project · Jun 24, 2020 · 49281ef · 49281ef
2 parents 1249ede + 4037d70
commit 49281ef
Show file tree

Hide file tree

Showing 40 changed files with 628 additions and 133 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -314,7 +314,7 @@ workflows:
   ci:
     jobs:
       - lint-changes:
-          args: "--new-from-rev origin/next" 
+          args: "--new-from-rev origin/master"
       - mod-tidy-check
       - gofmt
       - test:

diff --git a/Makefile b/Makefile
@@ -105,15 +105,17 @@ install:
 
 install-services: install
 	mkdir -p /usr/local/lib/systemd/system
+	mkdir -p /var/log/lotus
 	install -C -m 0644 ./scripts/lotus-daemon.service /usr/local/lib/systemd/system/lotus-daemon.service
 	install -C -m 0644 ./scripts/lotus-miner.service /usr/local/lib/systemd/system/lotus-miner.service
 	systemctl daemon-reload
 	@echo
-	@echo "lotus and lotus-miner services installed. Don't forget to 'systemctl enable lotus|lotus-miner' for it to be enabled on startup."
+	@echo "lotus-daemon and lotus-miner services installed. Don't forget to 'systemctl enable lotus-daemon|lotus-miner' for it to be enabled on startup."
 
 clean-services:
 	rm -f /usr/local/lib/systemd/system/lotus-daemon.service
 	rm -f /usr/local/lib/systemd/system/lotus-miner.service
+	rm -f /usr/local/lib/systemd/system/chainwatch.service
 	systemctl daemon-reload
 
 # TOOLS
@@ -160,6 +162,13 @@ chainwatch:
 .PHONY: chainwatch
 BINS+=chainwatch
 
+install-chainwatch-service: chainwatch
+	install -C ./chainwatch /usr/local/bin/chainwatch
+	install -C -m 0644 ./scripts/chainwatch.service /usr/local/lib/systemd/system/chainwatch.service
+	systemctl daemon-reload
+	@echo
+	@echo "chainwatch installed. Don't forget to 'systemctl enable chainwatch' for it to be enabled on startup."
+
 bench:
 	rm -f bench
 	go build -o bench ./cmd/lotus-bench

diff --git a/README.md b/README.md
@@ -8,6 +8,10 @@ Lotus is an implementation of the Filecoin Distributed Storage Network. For more
 
 For instructions on how to build lotus from source, please visit [https://docs.lotu.sh](https://docs.lotu.sh) or read the source [here](https://github.com/filecoin-project/lotus/tree/master/documentation).
 
+## Reporting a Vulnerability
+
+Please send an email to [email protected]. See our [security policy](SECURITY.md) for more details.
+
 ## Development
 
 All work is tracked via issues. An attempt at keeping an up-to-date view on remaining work is in the [lotus testnet github project board](https://github.com/filecoin-project/lotus/projects/1).

diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,29 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+For *critical* bugs, please send an email to [email protected].
+
+The bug reporting process differs between bugs that are critical and may crash the network, and others that are unlikely to cause problems if malicious parties know about it. For non-critical bugs, please simply file a GitHub [issue](https://github.com/filecoin-project/lotus/issues/new?template=bug_report.md). 
+
+Please try to provide a clear description of any bugs reported, along with how to reproduce the bug if possible. More detailed bug reports (especially those with a PoC included) will help us move forward much faster. Additionally, please avoid reporting bugs that already have open issues. Take a moment to search the issue list of the related GitHub repositories before writing up a new report.
+
+Here are some examples of bugs we would consider 'critical':
+
+* If you can spend from a `multisig` wallet you do not control the keys for.
+* If you can cause a miner to be slashed without them actually misbehaving.
+* If you can maintain power without submitting windowed posts regularly.
+* If you can craft a message that causes lotus nodes to panic.
+* If you can cause your miner to win significantly more blocks than it should.
+* If you can craft a message that causes a persistent fork in the network.
+* If you can cause the total amount of Filecoin in the network to no longer be 2 billion.
+
+This is not an exhaustive list, but should provide some idea of what we consider 'critical'.
+
+## Supported Versions
+
+* TODO: This should be defined and set up by Mainnet launch.
+
+| Version | Supported          |
+| ------- | ------------------ |
+| Testnet | :white_check_mark: |
diff --git a/api/api_storage.go b/api/api_storage.go
@@ -36,6 +36,7 @@ type StorageMiner interface {
 	SectorsRefs(context.Context) (map[string][]SealedRef, error)
 
 	SectorsUpdate(context.Context, abi.SectorNumber, SectorState) error
+	SectorRemove(context.Context, abi.SectorNumber) error
 
 	StorageList(ctx context.Context) (map[stores.ID][]stores.Decl, error)
 	StorageLocal(ctx context.Context) (map[stores.ID]string, error)

diff --git a/api/apistruct/struct.go b/api/apistruct/struct.go
@@ -206,6 +206,7 @@ type StorageMinerStruct struct {
 		SectorsList   func(context.Context) ([]abi.SectorNumber, error)               `perm:"read"`
 		SectorsRefs   func(context.Context) (map[string][]api.SealedRef, error)       `perm:"read"`
 		SectorsUpdate func(context.Context, abi.SectorNumber, api.SectorState) error  `perm:"write"`
+		SectorRemove  func(context.Context, abi.SectorNumber) error                   `perm:"admin"`
 
 		WorkerConnect func(context.Context, string) error                             `perm:"admin"` // TODO: worker perm
 		WorkerStats   func(context.Context) (map[uint64]storiface.WorkerStats, error) `perm:"admin"`
@@ -243,12 +244,14 @@ type WorkerStruct struct {
 		Paths     func(context.Context) ([]stores.StoragePath, error)            `perm:"admin"`
 		Info      func(context.Context) (storiface.WorkerInfo, error)            `perm:"admin"`
 
-		SealPreCommit1 func(ctx context.Context, sector abi.SectorID, ticket abi.SealRandomness, pieces []abi.PieceInfo) (storage.PreCommit1Out, error)                                                           `perm:"admin"`
-		SealPreCommit2 func(context.Context, abi.SectorID, storage.PreCommit1Out) (cids storage.SectorCids, err error)                                                                                            `perm:"admin"`
-		SealCommit1    func(ctx context.Context, sector abi.SectorID, ticket abi.SealRandomness, seed abi.InteractiveSealRandomness, pieces []abi.PieceInfo, cids storage.SectorCids) (storage.Commit1Out, error) `perm:"admin"`
-		SealCommit2    func(context.Context, abi.SectorID, storage.Commit1Out) (storage.Proof, error)                                                                                                             `perm:"admin"`
-		FinalizeSector func(context.Context, abi.SectorID) error                                                                                                                                                  `perm:"admin"`
-		MoveStorage    func(ctx context.Context, sector abi.SectorID) error                                                                                                                                       `perm:"admin"`
+		SealPreCommit1  func(ctx context.Context, sector abi.SectorID, ticket abi.SealRandomness, pieces []abi.PieceInfo) (storage.PreCommit1Out, error)                                                           `perm:"admin"`
+		SealPreCommit2  func(context.Context, abi.SectorID, storage.PreCommit1Out) (cids storage.SectorCids, err error)                                                                                            `perm:"admin"`
+		SealCommit1     func(ctx context.Context, sector abi.SectorID, ticket abi.SealRandomness, seed abi.InteractiveSealRandomness, pieces []abi.PieceInfo, cids storage.SectorCids) (storage.Commit1Out, error) `perm:"admin"`
+		SealCommit2     func(context.Context, abi.SectorID, storage.Commit1Out) (storage.Proof, error)                                                                                                             `perm:"admin"`
+		FinalizeSector  func(context.Context, abi.SectorID, []storage.Range) error                                                                                                                                 `perm:"admin"`
+		ReleaseUnsealed func(ctx context.Context, sector abi.SectorID, safeToFree []storage.Range) error                                                                                                           `perm:"admin"`
+		Remove          func(ctx context.Context, sector abi.SectorID) error                                                                                                                                       `perm:"admin"`
+		MoveStorage     func(ctx context.Context, sector abi.SectorID) error                                                                                                                                       `perm:"admin"`
 
 		UnsealPiece func(context.Context, abi.SectorID, storiface.UnpaddedByteIndex, abi.UnpaddedPieceSize, abi.SealRandomness, cid.Cid) error `perm:"admin"`
 		ReadPiece   func(context.Context, io.Writer, abi.SectorID, storiface.UnpaddedByteIndex, abi.UnpaddedPieceSize) error                   `perm:"admin"`
@@ -786,6 +789,10 @@ func (c *StorageMinerStruct) SectorsUpdate(ctx context.Context, id abi.SectorNum
 	return c.Internal.SectorsUpdate(ctx, id, state)
 }
 
+func (c *StorageMinerStruct) SectorRemove(ctx context.Context, number abi.SectorNumber) error {
+	return c.Internal.SectorRemove(ctx, number)
+}
+
 func (c *StorageMinerStruct) WorkerConnect(ctx context.Context, url string) error {
 	return c.Internal.WorkerConnect(ctx, url)
 }
@@ -920,8 +927,16 @@ func (w *WorkerStruct) SealCommit2(ctx context.Context, sector abi.SectorID, c1o
 	return w.Internal.SealCommit2(ctx, sector, c1o)
 }
 
-func (w *WorkerStruct) FinalizeSector(ctx context.Context, sector abi.SectorID) error {
-	return w.Internal.FinalizeSector(ctx, sector)
+func (w *WorkerStruct) FinalizeSector(ctx context.Context, sector abi.SectorID, keepUnsealed []storage.Range) error {
+	return w.Internal.FinalizeSector(ctx, sector, keepUnsealed)
+}
+
+func (w *WorkerStruct) ReleaseUnsealed(ctx context.Context, sector abi.SectorID, safeToFree []storage.Range) error {
+	return w.Internal.ReleaseUnsealed(ctx, sector, safeToFree)
+}
+
+func (w *WorkerStruct) Remove(ctx context.Context, sector abi.SectorID) error {
+	return w.Internal.Remove(ctx, sector)
 }
 
 func (w *WorkerStruct) MoveStorage(ctx context.Context, sector abi.SectorID) error {

diff --git a/build/bootstrap.go b/build/bootstrap.go
@@ -13,6 +13,10 @@ import (
 )
 
 func BuiltinBootstrap() ([]peer.AddrInfo, error) {
+	if DisableBuiltinAssets {
+		return nil, nil
+	}
+
 	var out []peer.AddrInfo
 
 	b := rice.MustFindBox("bootstrap")

diff --git a/build/flags.go b/build/flags.go
@@ -0,0 +1,15 @@
+package build
+
+// DisableBuiltinAssets disables the resolution of go.rice boxes that store
+// built-in assets, such as proof parameters, bootstrap peers, genesis blocks,
+// etc.
+//
+// When this value is set to true, it is expected that the user will
+// provide any such configurations through the Lotus API itself.
+//
+// This is useful when you're using Lotus as a library, such as to orchestrate
+// test scenarios, or for other purposes where you don't need to use the
+// defaults shipped with the binary.
+//
+// For this flag to be effective, it must be enabled _before_ instantiating Lotus.
+var DisableBuiltinAssets = false
diff --git a/build/params_shared.go b/build/params_shared.go
@@ -121,4 +121,11 @@ const VerifSigCacheSize = 32000
 const BlockMessageLimit = 512
 const BlockGasLimit = 100_000_000_000
 
-var DrandChain = `{"public_key":"922a2e93828ff83345bae533f5172669a26c02dc76d6bf59c80892e12ab1455c229211886f35bb56af6d5bea981024df","period":25,"genesis_time":1590445175,"hash":"138a324aa6540f93d0dad002aa89454b1bec2b6e948682cde6bd4db40f4b7c9b"}`
+var DrandConfig = dtypes.DrandConfig{
+	Servers: []string{
+		"https://pl-eu.testnet.drand.sh",
+		"https://pl-us.testnet.drand.sh",
+		"https://pl-sin.testnet.drand.sh",
+	},
+	ChainInfoJSON: `{"public_key":"922a2e93828ff83345bae533f5172669a26c02dc76d6bf59c80892e12ab1455c229211886f35bb56af6d5bea981024df","period":25,"genesis_time":1590445175,"hash":"138a324aa6540f93d0dad002aa89454b1bec2b6e948682cde6bd4db40f4b7c9b"}`,
+}
diff --git a/build/version.go b/build/version.go
@@ -53,7 +53,7 @@ func (ve Version) EqMajorMinor(v2 Version) bool {
 }
 
 // APIVersion is a semver version of the rpc api exposed
-var APIVersion Version = newVer(0, 3, 0)
+var APIVersion Version = newVer(0, 4, 0)
 
 //nolint:varcheck,deadcode
 const (

diff --git a/chain/beacon/beacon.go b/chain/beacon/beacon.go
@@ -17,6 +17,10 @@ type Response struct {
 	Err   error
 }
 
+// RandomBeacon represents a system that provides randomness to Lotus.
+// Other components interrogate the RandomBeacon to acquire randomness that's
+// valid for a specific chain epoch. Also to verify beacon entries that have
+// been posted on chain.
 type RandomBeacon interface {
 	Entry(context.Context, uint64) <-chan Response
 	VerifyEntry(types.BeaconEntry, types.BeaconEntry) error

diff --git a/chain/beacon/drand/drand.go b/chain/beacon/drand/drand.go
@@ -19,31 +19,15 @@ import (
 	logging "github.com/ipfs/go-log"
 	pubsub "github.com/libp2p/go-libp2p-pubsub"
 
-	"github.com/filecoin-project/lotus/build"
+	"github.com/filecoin-project/specs-actors/actors/abi"
+
 	"github.com/filecoin-project/lotus/chain/beacon"
 	"github.com/filecoin-project/lotus/chain/types"
-	"github.com/filecoin-project/specs-actors/actors/abi"
+	"github.com/filecoin-project/lotus/node/modules/dtypes"
 )
 
 var log = logging.Logger("drand")
 
-var drandServers = []string{
-	"https://pl-eu.testnet.drand.sh",
-	"https://pl-us.testnet.drand.sh",
-	"https://pl-sin.testnet.drand.sh",
-}
-
-var drandChain *dchain.Info
-
-func init() {
-
-	var err error
-	drandChain, err = dchain.InfoFromJSON(bytes.NewReader([]byte(build.DrandChain)))
-	if err != nil {
-		panic("could not unmarshal chain info: " + err.Error())
-	}
-}
-
 type drandPeer struct {
 	addr string
 	tls  bool
@@ -57,6 +41,13 @@ func (dp *drandPeer) IsTLS() bool {
 	return dp.tls
 }
 
+// DrandBeacon connects Lotus with a drand network in order to provide
+// randomness to the system in a way that's aligned with Filecoin rounds/epochs.
+//
+// We connect to drand peers via their public HTTP endpoints. The peers are
+// enumerated in the drandServers variable.
+//
+// The root trust for the Drand chain is configured from build.DrandChain.
 type DrandBeacon struct {
 	client dclient.Client
 
@@ -73,16 +64,21 @@ type DrandBeacon struct {
 	localCache map[uint64]types.BeaconEntry
 }
 
-func NewDrandBeacon(genesisTs, interval uint64, ps *pubsub.PubSub) (*DrandBeacon, error) {
+func NewDrandBeacon(genesisTs, interval uint64, ps *pubsub.PubSub, config dtypes.DrandConfig) (*DrandBeacon, error) {
 	if genesisTs == 0 {
 		panic("what are you doing this cant be zero")
 	}
 
+	drandChain, err := dchain.InfoFromJSON(bytes.NewReader([]byte(config.ChainInfoJSON)))
+	if err != nil {
+		return nil, xerrors.Errorf("unable to unmarshal drand chain info: %w", err)
+	}
+
 	dlogger := dlog.NewKitLoggerFrom(kzap.NewZapSugarLogger(
 		log.SugaredLogger.Desugar(), zapcore.InfoLevel))
 
 	var clients []dclient.Client
-	for _, url := range drandServers {
+	for _, url := range config.Servers {
 		hc, err := hclient.NewWithInfo(url, drandChain, nil)
 		if err != nil {
 			return nil, xerrors.Errorf("could not create http drand client: %w", err)

diff --git a/chain/beacon/drand/drand_test.go b/chain/beacon/drand/drand_test.go
@@ -7,10 +7,13 @@ import (
 	dchain "github.com/drand/drand/chain"
 	hclient "github.com/drand/drand/client/http"
 	"github.com/stretchr/testify/assert"
+
+	"github.com/filecoin-project/lotus/build"
 )
 
 func TestPrintGroupInfo(t *testing.T) {
-	c, err := hclient.New(drandServers[0], nil, nil)
+	server := build.DrandConfig.Servers[0]
+	c, err := hclient.New(server, nil, nil)
 	assert.NoError(t, err)
 	cg := c.(interface {
 		FetchChainInfo(groupHash []byte) (*dchain.Info, error)

diff --git a/chain/blocksync/blocksync.go b/chain/blocksync/blocksync.go
@@ -10,6 +10,7 @@ import (
 	"golang.org/x/xerrors"
 
 	cborutil "github.com/filecoin-project/go-cbor-util"
+
 	"github.com/filecoin-project/lotus/chain/store"
 	"github.com/filecoin-project/lotus/chain/types"
 
@@ -27,6 +28,24 @@ const BlockSyncProtocolID = "/fil/sync/blk/0.0.1"
 
 const BlockSyncMaxRequestLength = 800
 
+// BlockSyncService is the component that services BlockSync requests from
+// peers.
+//
+// BlockSync is the basic chain synchronization protocol of Filecoin. BlockSync
+// is an RPC-oriented protocol, with a single operation to request blocks.
+//
+// A request contains a start anchor block (referred to with a CID), and a
+// amount of blocks requested beyond the anchor (including the anchor itself).
+//
+// A client can also pass options, encoded as a 64-bit bitfield. Lotus supports
+// two options at the moment:
+//
+//  - include block contents
+//  - include block messages
+//
+// The response will include a status code, an optional message, and the
+// response payload in case of success. The payload is a slice of serialized
+// tipsets.
 type BlockSyncService struct {
 	cs *store.ChainStore
 }

diff --git a/chain/blocksync/blocksync_client.go b/chain/blocksync/blocksync_client.go
@@ -64,6 +64,11 @@ func (bs *BlockSync) processStatus(req *BlockSyncRequest, res *BlockSyncResponse
 	}
 }
 
+// GetBlocks fetches count blocks from the network, from the provided tipset
+// *backwards*, returning as many tipsets as count.
+//
+// {hint/usage}: This is used by the Syncer during normal chain syncing and when
+// resolving forks.
 func (bs *BlockSync) GetBlocks(ctx context.Context, tsk types.TipSetKey, count int) ([]*types.TipSet, error) {
 	ctx, span := trace.StartSpan(ctx, "bsync.GetBlocks")
 	defer span.End()
@@ -80,7 +85,9 @@ func (bs *BlockSync) GetBlocks(ctx context.Context, tsk types.TipSetKey, count i
 		Options:       BSOptBlocks,
 	}
 
+	// this peerset is sorted by latency and failure counting.
 	peers := bs.getPeers()
+
 	// randomize the first few peers so we don't always pick the same peer
 	shufflePrefix(peers)
 
@@ -356,6 +363,7 @@ func (bs *BlockSync) RemovePeer(p peer.ID) {
 	bs.syncPeers.removePeer(p)
 }
 
+// getPeers returns a preference-sorted set of peers to query.
 func (bs *BlockSync) getPeers() []peer.ID {
 	return bs.syncPeers.prefSortedPeers()
 }

diff --git a/chain/store/fts.go b/chain/store/fts.go
@@ -32,8 +32,11 @@ func (fts *FullTipSet) Cids() []cid.Cid {
 	return cids
 }
 
+// TipSet returns a narrower view of this FullTipSet elliding the block
+// messages.
 func (fts *FullTipSet) TipSet() *types.TipSet {
 	if fts.tipset != nil {
+		// FIXME: fts.tipset is actually never set. Should it memoize?
 		return fts.tipset
 	}
 

diff --git a/chain/store/index.go b/chain/store/index.go
@@ -34,7 +34,7 @@ type lbEntry struct {
 	target       types.TipSetKey
 }
 
-func (ci *ChainIndex) GetTipsetByHeight(ctx context.Context, from *types.TipSet, to abi.ChainEpoch) (*types.TipSet, error) {
+func (ci *ChainIndex) GetTipsetByHeight(_ context.Context, from *types.TipSet, to abi.ChainEpoch) (*types.TipSet, error) {
 	if from.Height()-to <= ci.skipLength {
 		return ci.walkBack(from, to)
 	}