Skip to content

Commit

Permalink
Add triple masking (#1004)
Browse files Browse the repository at this point in the history
* triple_masking

* ledger add noah

* components add noah

* fix lint

* update keypair

* fix lint

* remove is_address_fra

* fix xfrboxy

* signature.verify

* update enable_triple_masking_height to
enable_ed25519_triple_masking_height

* fix OwnerMemo

* fix test

* update noah version

* fix anon transfer batch

---------

Co-authored-by: shaorongqiang <[email protected]>

triple_masking dependencies to develop (#926)

* dependencies to develop

* update wasm-bindgen

* remove noah

* strike build_record_and_get_blinds

---------

Co-authored-by: shaorongqiang <[email protected]>
Co-authored-by: weikengchen <[email protected]>

Renew #935 for merging develop with main. (#937)

* fix

* Upgrade noah to v0.4.6

* update

---------

Co-authored-by: weikeng <[email protected]>
Co-authored-by: Sun <[email protected]>
Co-authored-by: weikengchen <[email protected]>

Add noah init wasm (#941)

Fix abar_to_ar params (#950)

Let the Anemoi precompile use the platform-lib-noah library (#963)

fix build (#977)

Co-authored-by: Weikeng Chen <[email protected]>

Improve Noah secp support (#981)

* Improve Noah secp support

* update deps

* update platform-lib-utils for testing

* public key to bytes in data_model

* fix

* fix

* Avoid lint bug

* fix EVM XfrPublicKey deserialization

* edit the dependency

* fix error handling

---------

Co-authored-by: weikengchen <[email protected]>

EIP 1962 is undecided (#984)

Use BN254 Anemoi for asset ID mapping (#985)

* Improve Noah secp support

* update deps

* update platform-lib-utils for testing

* public key to bytes in data_model

* fix

* fix

* Avoid lint bug

* fix EVM XfrPublicKey deserialization

* edit the dependency

* fix error handling

* update the asset code

* fix

---------

Co-authored-by: Harshad Patil <[email protected]>

add validator_whitelist v1 (#972)

* fix timeout and checkpoint

* add validator_whitelist v1

* add validator_whitelist

add validator_whitelist_v2 (#976)

* add validator_whitelist_v2

* update timeout_commit 10s

* update validator_whitelist

* bug fix

* fix build

validator whitelist v3 (#980)

downgrade ctrlc (#973)

update timeout_propose 3s (#974)

update timeout_commit 10s (#975)

Fix Fn_Check Bug (#970)

android add execption (#979)

validator whitelist v3 (#980)

pr

Adding checkpoint condition to AnemoiJive381 upgrade

only use deprecated AnemoiJive381 for old precompiled contract

query server API to get derived asset code

fix build

remo0ve unneeded sign in tx build

fix Lint

fmt

fix build

CLI test file

test

disable eth address transfer from EVM

fix build

enable eth-address in CLI

fix lint

update lib-noah branch

update demo tests for triple masking

fix CLI eth-address

removed unrelated code changes

remove some unrelated code

review ledger package

fix wallet_mobile build

remove unneccesary refactoring

fix some refactoring

synced changes from platform-lib-noah

removed testing scripts

fmt & lint

fix import statements

remove unneeded refactoring

fix conflicts

* removed some non Triple masking related code

* rename checkpoint config var

* fix derived asset code API

* trigger tests

* trigger

* Update src/components/abciapp/src/abci/server/callback/mod.rs

* Update src/components/contracts/modules/evm/precompile/src/lib.rs

* Update lib.rs

* Update Cargo.toml

* Apply suggestions from code review

* minor fix in fn.yml

* genkey

* stake append

* staker update

* unstake and claim

* delegate, undelegate

* transfer and transfer_batch

* wallet/create, wallet/show

* asset

* other edits on fn

* fmt

* undo bash script change

* Update src/components/abciapp/src/api/query_server/query_api/ledger_api.rs

* Update src/components/abciapp/src/api/query_server/query_api/server.rs

* Update src/components/abciapp/src/api/query_server/query_api/mod.rs

* Apply suggestions from code review

* Update src/components/finutils/src/bins/fn.rs

* additional consistency test for the asset code is not necessary

* change apphash calculation

---------

Co-authored-by: Weikeng Chen <[email protected]>
  • Loading branch information
2 people authored and shaorongqiang committed Sep 26, 2023
1 parent 8153b0d commit 1447501
Show file tree
Hide file tree
Showing 67 changed files with 6,571 additions and 735 deletions.
30 changes: 21 additions & 9 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -36,22 +36,34 @@ members = [
]

[profile.dev]
incremental = false
opt-level = 3
lto = "thin"
incremental = true
debug-assertions = true
debug = true
panic = 'abort'
overflow-checks = true

[profile.release]
opt-level = 3
lto = "thin"
incremental = false
overflow-checks = true
panic = 'abort'

[profile.bench]
opt-level = 3
debug = false
rpath = false
lto = "thin"
codegen-units = 1
incremental = true
debug-assertions = false
overflow-checks = false

[profile.dev.package.curve25519-dalek]
opt-level = 1
overflow-checks = false

[patch.crates-io]
ed25519-dalek = { git = "https://github.com/FindoraNetwork/ed25519-dalek", rev = "ad461f" }
curve25519-dalek = { git = "https://github.com/FindoraNetwork/curve25519-dalek", rev = "a2df65" }
x25519-dalek = { git = "https://github.com/FindoraNetwork/x25519-dalek", rev = "53bb1a" }
[profile.test]
opt-level = 2
lto = "off"
incremental = true
debug-assertions = true
debug = true
1 change: 0 additions & 1 deletion src/components/abciapp/src/abci/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,6 @@ pub fn run() -> Result<()> {
"http://{}:{}",
config.tendermint_host, config.tendermint_port
);

// keep them running in the background,
// avoid being dropped by the jsonrpc crate.
mem::forget(fc_rpc::start_web3_service(
Expand Down
109 changes: 103 additions & 6 deletions src/components/abciapp/src/abci/server/callback/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ use {
lazy_static::lazy_static,
ledger::{
converter::is_convert_account,
data_model::{Operation, ASSET_TYPE_FRA},
data_model::{Operation, Transaction, ASSET_TYPE_FRA},
staking::{
evm::EVM_STAKING, FF_ADDR_EXTRA_120_0000, FF_ADDR_LIST, KEEP_HIST,
VALIDATOR_UPDATE_BLOCK_ITV,
Expand All @@ -52,8 +52,8 @@ use {
Arc,
},
},
tracing::info,
zei::noah_api::xfr::asset_record::AssetRecordType
tracing::{error, info},
zei::noah_api::xfr::asset_record::AssetRecordType,
};

pub(crate) static TENDERMINT_BLOCK_HEIGHT: AtomicI64 = AtomicI64::new(0);
Expand Down Expand Up @@ -98,9 +98,15 @@ pub fn info(s: &mut ABCISubmissionServer, req: &RequestInfo) -> ResponseInfo {
&& h < CFG.checkpoint.enable_frc20_height
{
resp.set_last_block_app_hash(la_hash);
} else {
} else if h < CFG.checkpoint.enable_triple_masking_height {
let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
resp.set_last_block_app_hash(app_hash("info", h, la_hash, cs_hash));
} else {
let cs_hash = s.account_base_app.write().info(req).last_block_app_hash;
let tm_hash = state.get_anon_state_commitment().0;
resp.set_last_block_app_hash(app_hash_v2(
"info", h, la_hash, cs_hash, tm_hash,
));
}
}

Expand Down Expand Up @@ -138,6 +144,18 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
TxCatalog::FindoraTx => {
if matches!(req.field_type, CheckTxType::New) {
if let Ok(tx) = convert_tx(req.get_tx()) {
for op in tx.body.operations.iter() {
if let Operation::TransferAnonAsset(op) = op {
let mut inputs = op.note.body.inputs.clone();
inputs.sort();
inputs.dedup();
if inputs.len() != op.note.body.inputs.len() {
resp.log = "anon transfer input error".to_owned();
resp.code = 1;
return resp;
}
}
}
if td_height > CFG.checkpoint.check_signatures_num {
for op in tx.body.operations.iter() {
if let Operation::TransferAsset(op) = op {
Expand Down Expand Up @@ -169,6 +187,11 @@ pub fn check_tx(s: &mut ABCISubmissionServer, req: &RequestCheckTx) -> ResponseC
} else if TX_HISTORY.read().contains_key(&tx.hash_tm_rawbytes()) {
resp.log = "Historical transaction".to_owned();
resp.code = 1;
} else if is_tm_transaction(&tx)
&& td_height < CFG.checkpoint.enable_triple_masking_height
{
resp.code = 1;
resp.log = "Triple Masking is disabled".to_owned();
}
} else {
resp.log = "Invalid format".to_owned();
Expand Down Expand Up @@ -270,6 +293,18 @@ pub fn deliver_tx(
match tx_catalog {
TxCatalog::FindoraTx => {
if let Ok(tx) = convert_tx(req.get_tx()) {
for op in tx.body.operations.iter() {
if let Operation::TransferAnonAsset(op) = op {
let mut inputs = op.note.body.inputs.clone();
inputs.sort();
inputs.dedup();
if inputs.len() != op.note.body.inputs.len() {
resp.log = "anon Transfer input error".to_owned();
resp.code = 1;
return resp;
}
}
}
if td_height > CFG.checkpoint.check_signatures_num {
for op in tx.body.operations.iter() {
if let Operation::TransferAsset(op) = op {
Expand Down Expand Up @@ -334,7 +369,7 @@ pub fn deliver_tx(
if let Err(err) =
s.account_base_app.write().deliver_findora_tx(&tx, &hash.0)
{
info!(target: "abciapp", "deliver convert account tx failed: {err:?}");
error!(target: "abciapp", "deliver convert account tx failed: {err:?}");

resp.code = 1;
resp.log =
Expand Down Expand Up @@ -373,6 +408,16 @@ pub fn deliver_tx(
.db
.write()
.discard_session();
} else if is_tm_transaction(&tx)
&& td_height < CFG.checkpoint.enable_triple_masking_height
{
info!(target: "abciapp",
"Triple Masking transaction(FindoraTx) detected at early height {}: {:?}",
td_height, tx
);
resp.code = 2;
resp.log = "Triple Masking is disabled".to_owned();
return resp;
} else if CFG.checkpoint.utxo_checktx_height < td_height {
match tx.check_tx() {
Ok(_) => {
Expand Down Expand Up @@ -593,8 +638,11 @@ pub fn commit(s: &mut ABCISubmissionServer, req: &RequestCommit) -> ResponseComm
&& td_height < CFG.checkpoint.enable_frc20_height
{
r.set_data(la_hash);
} else {
} else if td_height < CFG.checkpoint.enable_triple_masking_height {
r.set_data(app_hash("commit", td_height, la_hash, cs_hash));
} else {
let tm_hash = state.get_anon_state_commitment().0;
r.set_data(app_hash_v2("commit", td_height, la_hash, cs_hash, tm_hash));
}

IN_SAFE_ITV.store(false, Ordering::Release);
Expand Down Expand Up @@ -739,3 +787,52 @@ fn app_hash(
la_hash
}
}

/// Combines ledger state hash and EVM chain state hash
/// and print app hashes for debugging
fn app_hash_v2(
when: &str,
height: i64,
mut la_hash: Vec<u8>,
cs_hash: Vec<u8>,
tm_hash: Vec<u8>,
) -> Vec<u8> {
info!(target: "abciapp",
"app_hash_{}: {}_{}_{}, height: {}",
when,
hex::encode(la_hash.clone()),
hex::encode(cs_hash.clone()),
hex::encode(tm_hash.clone()),
height
);

if !cs_hash.is_empty() {
la_hash.extend_from_slice(&cs_hash);

if !tm_hash.is_empty() {
la_hash.extend_from_slice(&tm_hash);
}

Sha256::hash(la_hash.as_slice()).to_vec()
} else if !tm_hash.is_empty() {
la_hash.extend([0u8; 32]);
la_hash.extend_from_slice(&tm_hash);

Sha256::hash(la_hash.as_slice()).to_vec()
} else {
la_hash
}
}

fn is_tm_transaction(tx: &Transaction) -> bool {
tx.body
.operations
.iter()
.try_for_each(|op| match op {
Operation::BarToAbar(_a) => None,
Operation::AbarToBar(_a) => None,
Operation::TransferAnonAsset(_a) => None,
_ => Some(()),
})
.is_none()
}
62 changes: 61 additions & 1 deletion src/components/abciapp/src/abci/server/callback/utils.rs
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,13 @@ pub fn gen_tendermint_attr(tx: &Transaction) -> RepeatedField<Event> {
res.push(ev);

let (from, to) = gen_tendermint_attr_addr(tx);
let (nullifiers, commitments) = gen_tendermint_attr_anon(tx);

if !from.is_empty() || !to.is_empty() {
if !from.is_empty()
|| !to.is_empty()
|| !nullifiers.is_empty()
|| !commitments.is_empty()
{
let mut ev = Event::new();
ev.set_field_type("addr".to_owned());

Expand Down Expand Up @@ -76,6 +81,8 @@ pub fn gen_tendermint_attr(tx: &Transaction) -> RepeatedField<Event> {

index_addr!(from, "addr.from");
index_addr!(to, "addr.to");
index_addr!(nullifiers, "nullifier.used");
index_addr!(commitments, "commitment.created");
}

RepeatedField::from_vec(res)
Expand Down Expand Up @@ -126,6 +133,59 @@ fn gen_tendermint_attr_addr(tx: &Transaction) -> (Vec<TagAttr>, Vec<TagAttr>) {
Operation::UpdateMemo(d) => {
append_attr!(d);
}
Operation::BarToAbar(d) => {
let mut attr = TagAttr::default();
attr.addr = globutils::wallet::public_key_to_bech32(
&d.input_record().public_key,
);
base.0.push(attr);
}
Operation::AbarToBar(d) => {
let mut attr = TagAttr::default();
attr.addr = globutils::wallet::public_key_to_bech32(
&d.note.get_public_key(),
);
base.1.push(attr);
}
_ => {}
}

base
})
}

fn gen_tendermint_attr_anon(tx: &Transaction) -> (Vec<TagAttr>, Vec<TagAttr>) {
tx.body
.operations
.iter()
.fold((vec![], vec![]), |mut base, op| {
match op {
Operation::BarToAbar(d) => {
let mut attr = TagAttr::default();
attr.addr = globutils::wallet::commitment_to_base58(
&d.output_record().commitment,
);
base.1.push(attr);
}
Operation::AbarToBar(d) => {
let mut attr = TagAttr::default();
attr.addr =
globutils::wallet::nullifier_to_base58(&d.note.get_input());
base.0.push(attr);
}
Operation::TransferAnonAsset(d) => {
for ix in &d.note.body.inputs {
let mut attr = TagAttr::default();
attr.addr = globutils::wallet::nullifier_to_base58(ix);
base.0.push(attr);
}
for ox in &d.note.body.outputs {
let mut attr = TagAttr::default();
attr.addr =
globutils::wallet::commitment_to_base58(&ox.commitment);
base.1.push(attr);
}
}
_ => {}
}

Expand Down
16 changes: 8 additions & 8 deletions src/components/abciapp/src/abci/staking/test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ use {
asset_record::{open_blind_asset_record, AssetRecordType},
structs::{AssetRecordTemplate, XfrAmount},
},
{XfrKeyPair, XfrPublicKey},
XfrKeyPair, XfrPublicKey,
},
};

Expand Down Expand Up @@ -126,12 +126,12 @@ fn gen_transfer_tx(
&owner_memo.map(|o| o.into_noah()),
&owner_kp.into_noah(),
)
.c(d!())
.and_then(|ob| {
trans_builder
.add_input(TxoRef::Absolute(sid), ob, None, None, i_am)
.c(d!())
})?;
.c(d!())
.and_then(|ob| {
trans_builder
.add_input(TxoRef::Absolute(sid), ob, None, None, i_am)
.c(d!())
})?;

alt!(0 == am, break);
}
Expand Down Expand Up @@ -166,5 +166,5 @@ fn gen_transfer_tx(
.c(d!())?;

tx_builder.add_operation(op);
Ok(tx_builder.take_transaction())
tx_builder.build_and_take_transaction()
}
Loading

0 comments on commit 1447501

Please sign in to comment.