+7

abciapp/app.go

··· 44 44 aocsByPLC map[string]*authoritativeOperationsCache 45 45 46 46 blockChallengeCoordinator *blockChallengeCoordinator 47 47 + rangeChallengeCoordinator *rangeChallengeCoordinator 47 48 } 48 49 49 50 // store and plc must be able to share transaction objects ··· 193 194 if err != nil { 194 195 return stacktrace.Propagate(err, "") 195 196 } 197 197 + 198 198 + d.rangeChallengeCoordinator, err = newRangeChallengeCoordinator(d.runnerContext, d.txFactory, blockStore, pubKey) 199 199 + if err != nil { 200 200 + return stacktrace.Propagate(err, "") 201 201 + } 202 202 + 196 203 return nil 197 204 } 198 205

+1 -1

abciapp/block_challenge.go

··· 81 81 82 82 anyTx := ctx.Value(contextTxKey{}) 83 83 if anyTx == nil { 84 84 - return theine.Loaded[proof.BlockChallengeCircuit]{}, stacktrace.NewError("transaction not found in context") 84 84 + return zeroValue, stacktrace.NewError("transaction not found in context") 85 85 } 86 86 tx, ok := anyTx.(transaction.Read) 87 87 if !ok {

+160

abciapp/range_challenge.go

··· 1 1 + package abciapp 2 2 + 3 3 + import ( 4 4 + "bytes" 5 5 + "context" 6 6 + "encoding/binary" 7 7 + "slices" 8 8 + 9 9 + "github.com/Yiling-J/theine-go" 10 10 + "github.com/cometbft/cometbft/crypto" 11 11 + bftstore "github.com/cometbft/cometbft/store" 12 12 + "github.com/cosmos/iavl" 13 13 + "github.com/cosmos/iavl/db" 14 14 + ics23 "github.com/cosmos/ics23/go" 15 15 + "github.com/palantir/stacktrace" 16 16 + "tangled.org/gbl08ma.com/didplcbft/store" 17 17 + "tangled.org/gbl08ma.com/didplcbft/transaction" 18 18 + ) 19 19 + 20 20 + type rangeChallengeCoordinator struct { 21 21 + runnerContext context.Context 22 22 + 23 23 + validatorAddress []byte 24 24 + txFactory *transaction.Factory 25 25 + nodeBlockStore *bftstore.BlockStore 26 26 + 27 27 + treeCache *theine.LoadingCache[treeCacheKey, cachedTree] 28 28 + } 29 29 + 30 30 + func newRangeChallengeCoordinator(runnerContext context.Context, txFactory *transaction.Factory, blockStore *bftstore.BlockStore, pubKey crypto.PubKey) (*rangeChallengeCoordinator, error) { 31 31 + c := &rangeChallengeCoordinator{ 32 32 + txFactory: txFactory, 33 33 + runnerContext: runnerContext, 34 34 + nodeBlockStore: blockStore, 35 35 + validatorAddress: pubKey.Address(), 36 36 + } 37 37 + 38 38 + var err error 39 39 + c.treeCache, err = theine.NewBuilder[treeCacheKey, cachedTree](2).Loading(c.proofTreeLoader).Build() 40 40 + if err != nil { 41 41 + return nil, stacktrace.Propagate(err, "") 42 42 + } 43 43 + 44 44 + return c, nil 45 45 + } 46 46 + 47 47 + type treeCacheKey struct { 48 48 + startHeight int64 49 49 + endHeight int64 50 50 + } 51 51 + 52 52 + type cachedTree struct { 53 53 + tree *iavl.ImmutableTree 54 54 + root []byte 55 55 + } 56 56 + 57 57 + type rangeChallengeProof struct { 58 58 + treeRoot []byte // the tree root we commit to. must be the same between the "commit proof" and the "confirmation proof" 59 59 + membershipProof *ics23.CommitmentProof 60 60 + } 61 61 + 62 62 + func (c *rangeChallengeCoordinator) computeRangeChallengeProof(ctx context.Context, tx transaction.Read, startHeight, endHeight, proveHeight int64) (rangeChallengeProof, error) { 63 63 + ctx = context.WithValue(ctx, contextTxKey{}, tx) 64 64 + ct, err := c.treeCache.Get(ctx, treeCacheKey{ 65 65 + startHeight: startHeight, 66 66 + endHeight: endHeight, 67 67 + }) 68 68 + if err != nil { 69 69 + return rangeChallengeProof{}, stacktrace.Propagate(err, "") 70 70 + } 71 71 + 72 72 + proofKey := binary.BigEndian.AppendUint64(nil, uint64(proveHeight)) 73 73 + 74 74 + membershipProof, err := ct.tree.GetMembershipProof(proofKey) 75 75 + if err != nil { 76 76 + return rangeChallengeProof{}, stacktrace.Propagate(err, "") 77 77 + } 78 78 + 79 79 + return rangeChallengeProof{ 80 80 + treeRoot: ct.root, 81 81 + membershipProof: membershipProof, 82 82 + }, nil 83 83 + } 84 84 + 85 85 + func verifyMembershipOfRangeChallengeProofs(ctx context.Context, proofs ...rangeChallengeProof) (bool, error) { 86 86 + if len(proofs) < 1 { 87 87 + return false, stacktrace.NewError("insufficient proofs") 88 88 + } 89 89 + 90 90 + treeRoot := proofs[0].treeRoot 91 91 + 92 92 + for _, proof := range proofs { 93 93 + if !bytes.Equal(proof.treeRoot, treeRoot) { 94 94 + // did not commit to the same root in all proofs 95 95 + return false, nil 96 96 + } 97 97 + 98 98 + // just use the key and value claimed in the proof as those should have been validated previously 99 99 + if exist := proof.membershipProof.GetExist(); exist != nil { 100 100 + if !ics23.VerifyMembership(ics23.IavlSpec, treeRoot, proof.membershipProof, exist.Key, exist.Value) { 101 101 + return false, nil 102 102 + } 103 103 + } else { 104 104 + return false, stacktrace.NewError("proof is not an existence proof") 105 105 + } 106 106 + } 107 107 + 108 108 + return true, nil 109 109 + } 110 110 + 111 111 + func (c *rangeChallengeCoordinator) proofTreeLoader(ctx context.Context, cacheKey treeCacheKey) (theine.Loaded[cachedTree], error) { 112 112 + var zeroValue theine.Loaded[cachedTree] 113 113 + 114 114 + anyTx := ctx.Value(contextTxKey{}) 115 115 + if anyTx == nil { 116 116 + return zeroValue, stacktrace.NewError("transaction not found in context") 117 117 + } 118 118 + tx, ok := anyTx.(transaction.Read) 119 119 + if !ok { 120 120 + return zeroValue, stacktrace.NewError("invalid transaction in context") 121 121 + } 122 122 + 123 123 + tree := iavl.NewMutableTree(db.NewMemDB(), 16, false, iavl.NewNopLogger(), iavl.AsyncPruningOption(false)) 124 124 + 125 125 + var err error 126 126 + for proofHeight, proof := range store.Consensus.BlockChalengeProofsIterator(tx, uint64(max(cacheKey.startHeight-1, 0)), &err) { 127 127 + if proofHeight > uint64(cacheKey.endHeight) { 128 128 + break 129 129 + } 130 130 + 131 131 + _, err := tree.Set(binary.BigEndian.AppendUint64(nil, proofHeight), slices.Clone(proof)) 132 132 + if err != nil { 133 133 + return zeroValue, stacktrace.Propagate(err, "") 134 134 + } 135 135 + } 136 136 + if err != nil { 137 137 + return zeroValue, stacktrace.Propagate(err, "") 138 138 + } 139 139 + 140 140 + rootHash, treeVersion, err := tree.SaveVersion() 141 141 + if err != nil { 142 142 + return zeroValue, stacktrace.Propagate(err, "") 143 143 + } 144 144 + 145 145 + immutableTree, err := tree.GetImmutable(treeVersion) 146 146 + if err != nil { 147 147 + return zeroValue, stacktrace.Propagate(err, "") 148 148 + } 149 149 + 150 150 + if immutableTree.Size() != cacheKey.endHeight-cacheKey.startHeight+1 { 151 151 + return zeroValue, stacktrace.NewError("missing block challenge proofs in requested range") 152 152 + } 153 153 + 154 154 + return theine.Loaded[cachedTree]{ 155 155 + Value: cachedTree{ 156 156 + tree: immutableTree, 157 157 + root: rootHash, 158 158 + }, 159 159 + }, nil 160 160 + }

+34

abciapp/tx.go

··· 5 5 "context" 6 6 7 7 abcitypes "github.com/cometbft/cometbft/abci/types" 8 8 + "github.com/cometbft/cometbft/crypto" 8 9 cbornode "github.com/ipfs/go-ipld-cbor" 9 10 "github.com/palantir/stacktrace" 10 11 "github.com/samber/mo" ··· 46 47 type Transaction[ArgType any] struct { 47 48 Action TransactionAction `json:"action" refmt:"action"` 48 49 Arguments ArgType `json:"arguments,omitempty" refmt:"arguments,omitempty"` 50 50 + 51 51 + // Only some operations require this. The signature is verified against a context-dependent identity (usually specified within Arguments) 52 52 + Signature []byte `json:"sig,omitempty" refmt:"sig,omitempty"` 49 53 } 50 54 51 55 func UnmarshalTransaction[ArgType ArgumentType](txBytes []byte) (Transaction[ArgType], error) { ··· 83 87 return false 84 88 } 85 89 return bytes.Equal(txBytes, s) 90 90 + } 91 91 + 92 92 + func SignTransaction[ArgType ArgumentType](privKey crypto.PrivKey, tx Transaction[ArgType]) (Transaction[ArgType], error) { 93 93 + var zeroValue Transaction[ArgType] 94 94 + 95 95 + tx.Signature = nil 96 96 + 97 97 + bytesToSign, err := cbornode.DumpObject(tx) 98 98 + if err != nil { 99 99 + return zeroValue, stacktrace.Propagate(err, "") 100 100 + } 101 101 + 102 102 + tx.Signature, err = privKey.Sign(bytesToSign) 103 103 + if err != nil { 104 104 + return zeroValue, stacktrace.Propagate(err, "") 105 105 + } 106 106 + 107 107 + return tx, nil 108 108 + } 109 109 + 110 110 + func VerifyTransactionSignature[ArgType ArgumentType](publicKey crypto.PubKey, tx Transaction[ArgType]) (bool, error) { 111 111 + sig := tx.Signature 112 112 + tx.Signature = nil 113 113 + 114 114 + bytesToSign, err := cbornode.DumpObject(tx) 115 115 + if err != nil { 116 116 + return false, stacktrace.Propagate(err, "") 117 117 + } 118 118 + 119 119 + return publicKey.VerifySignature(bytesToSign, sig), nil 86 120 } 87 121 88 122 type processResult struct {

+86

abciapp/tx_challenge.go

··· 1 1 + package abciapp 2 2 + 3 3 + import ( 4 4 + "context" 5 5 + 6 6 + "github.com/cometbft/cometbft/crypto" 7 7 + cmtjson "github.com/cometbft/cometbft/libs/json" 8 8 + cbornode "github.com/ipfs/go-ipld-cbor" 9 9 + "github.com/palantir/stacktrace" 10 10 + ) 11 11 + 12 12 + var TransactionActionCommitToChallenge = registerTransactionAction[CommitToChallengeArguments]("CommitToChallenge", processCommitToChallengeTx) 13 13 + 14 14 + type CommitToChallengeArguments struct { 15 15 + ValidatorPubKey []byte `json:"validator" refmt:"validator"` 16 16 + FromHeight int64 `json:"fromHeight" refmt:"fromHeight"` 17 17 + 18 18 + // ToHeight should not be more than N blocks behind the block where this transaction is included 19 19 + // (i.e. this transaction "expires" once ToHeight is more than N blocks old, and shouldn't be included after that) 20 20 + // TODO determine N 21 21 + ToHeight int64 `json:"toHeight" refmt:"toHeight"` 22 22 + Root []byte `json:"root" refmt:"root"` 23 23 + Proof []byte `json:"proof" refmt:"proof"` 24 24 + } 25 25 + 26 26 + func (CommitToChallengeArguments) ForAction() TransactionAction { 27 27 + return TransactionActionCommitToChallenge 28 28 + } 29 29 + 30 30 + func init() { 31 31 + cbornode.RegisterCborType(CommitToChallengeArguments{}) 32 32 + cbornode.RegisterCborType(Transaction[CommitToChallengeArguments]{}) 33 33 + } 34 34 + 35 35 + func processCommitToChallengeTx(ctx context.Context, deps TransactionProcessorDependencies, txBytes []byte) (*processResult, error) { 36 36 + tx, err := UnmarshalTransaction[CommitToChallengeArguments](txBytes) 37 37 + if err != nil { 38 38 + return &processResult{ 39 39 + Code: 4000, 40 40 + Info: err.Error(), 41 41 + }, nil 42 42 + } 43 43 + 44 44 + var pubKey crypto.PubKey 45 45 + err = cmtjson.Unmarshal(tx.Arguments.ValidatorPubKey, &pubKey) 46 46 + 47 47 + verified, err := VerifyTransactionSignature(pubKey, tx) 48 48 + if err != nil { 49 49 + return nil, stacktrace.Propagate(err, "") 50 50 + } 51 51 + 52 52 + if !verified { 53 53 + return &processResult{ 54 54 + Code: 4200, 55 55 + Info: "invalid signature", 56 56 + }, nil 57 57 + } 58 58 + 59 59 + return nil, stacktrace.NewError("not implemented") // TODO 60 60 + } 61 61 + 62 62 + var TransactionActionCompleteChallenge = registerTransactionAction[CommitToChallengeArguments]("CompleteChallenge", processCompleteChallengeTx) 63 63 + 64 64 + type CompleteChallengeArguments struct { 65 65 + Validator []byte `json:"validator" refmt:"validator"` 66 66 + 67 67 + // this shall be a membership proof on the same tree the validator previously committed to, 68 68 + // for the key deterministically-randomly determined by the last_commit_hash of the block _after_ the one 69 69 + // where the most recent CommitToChallenge transaction for this validator got included 70 70 + // this transaction must be included within N blocks after the inclusion of that CommitToChallenge transaction 71 71 + // TODO determine N 72 72 + Proof []byte `json:"proof" refmt:"proof"` 73 73 + } 74 74 + 75 75 + func (CompleteChallengeArguments) ForAction() TransactionAction { 76 76 + return TransactionActionCommitToChallenge 77 77 + } 78 78 + 79 79 + func init() { 80 80 + cbornode.RegisterCborType(CompleteChallengeArguments{}) 81 81 + cbornode.RegisterCborType(Transaction[CompleteChallengeArguments]{}) 82 82 + } 83 83 + 84 84 + func processCompleteChallengeTx(ctx context.Context, deps TransactionProcessorDependencies, txBytes []byte) (*processResult, error) { 85 85 + return nil, stacktrace.NewError("not implemented") // TODO 86 86 + }