Turns out, our getnextvalidators implementation already works the way
getcandidates is supposed to work, but original getnextvalidators works a bit
differently. It only returns validators, it doesn't return Active flag (all
of them are active) and it represents votes as a number. So for the maximum
compatibility:
* drop non-validator keys from getnextvalidators server-side
* drop Active flag client-side (sorry, it doesn't exist)
* allow unmarshalling old answers along with the new one
This technically breaks `query candidates` CLI command, but it'll be fixed
when getcandidates are to be introduced.
Specifying a certain stateroot R as `invoke*historic` RPC-call
parameter, we're willing to perform historic call based on the storage
state of root R. Thus, next block should be of the height h(R)+1. This
allows to use historic functionality for the current blockchain height.
This allows to reuse it across different packages.
testchain can't be used because of circular dependencies.
Init() is not changed except for filepath.Join() use instead of direct string
appends which is a better approach anyway. rootpath is required because
current directory will change from package to package.
https://github.com/nspcc-dev/neo-go/pull/2435 breaks compatibility
between newer RPC clients and older RPC servers with the following
error:
```
failed to get network magic: json: cannot unmarshal string into Go struct field Protocol.protocol.initialgasdistribution of type int64
```
This behaviour is expected, but we can't allow this radical change.
Thus, the following solution is implemented:
1. RPC server responds with proper non-stringified
InitialGasDistribution value. The value represents an integral
of fixed8 multiplied by the decimals.
2. RPC client is able to distinguish older and newer responses. For
older one the stringified value without decimals part is
expected. For newer responses the int64 value with decimal part
is expected.
The cludge will be present in the code for a while until nodes of
version <=0.98.3 become completely absolete.
Sending them down the errChan is not really helpful and it can lead to
deadlock. If an error happens during node shutdown, we're exiting anyway, if
it happens during service restart, the old server will be dead irrespective of
this error (if this affects new one in any way we'll know it soon).
CWE-117:
Log entries created from user input
If unsanitized user input is written to a log entry, a malicious user may be able to forge new log entries.
1. Keep initDone check only for the places where cache is directly accessed.
We don't need to check it in other places, otherwise we have a mess of
duplicating checks.
2. Fix bug in code related to block deserialisation. There's no magic, so
checking that initialisation is done is not enough for proper block
deserialisation. We need to manually fill StateRootEnabled field.
3. Since transaction doesn't need network magic to compute its hash, we don't
need to perform Client initialisation before transaction-related requests.
4. Check that cache is initialised before accessing network magic.
5. Refactor the way Policy contract hash is fetched for Client requests.
We don't really need Client initialisation for that, it's OK to fetch Policy
hash on-the-fly.
