Commit graph

7665 commits

Author SHA1 Message Date
Evgenii Stratonikov
925ba49d92 rpcclient: Support mTLS
Signed-off-by: Evgenii Stratonikov <fyfyrchik@runbox.com>
2024-06-11 15:38:32 +03:00
Evgenii Stratonikov
90efaa4771 rpcsrv: Allow to enable mTLS
If RootCA setting is enabled in the configuration, use it to verify
client certificate.

Signed-off-by: Evgenii Stratonikov <fyfyrchik@runbox.com>
2024-06-10 11:25:01 +03:00
Roman Khimov
5cbfe215a4
Merge pull request #3453 from nspcc-dev/rel-0.106.0
CHANGELOG: release 0.106.0
2024-05-21 15:48:52 +03:00
Anna Shaleva
72161fe902 CHANGELOG: release 0.106.0
Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-21 15:44:22 +03:00
Anna Shaleva
aceaabe9d6 ROADMAP: update roadmap
Reschedule deprecated functionality removal for 0.107.0 release.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-21 14:26:05 +03:00
Anna Shaleva
9ba532ce9c docs: adjust release instructions
Add a note about checking NeoFS networks for compatibility.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-21 14:26:05 +03:00
Roman Khimov
2aa3c93acd
Merge pull request #3452 from nspcc-dev/p2pnotary-role
core: move P2PNotary node role out of P2PSigExtensions
2024-05-21 13:53:52 +03:00
Anna Shaleva
aa5a0cb49b *: update interop deps
Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-21 12:36:51 +03:00
Anna Shaleva
7868578571 core: move P2PNotary node role out of P2PSigExtensions
Port https://github.com/neo-project/neo/pull/3172.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-21 12:10:47 +03:00
Roman Khimov
6a5833759c
Merge pull request #3448 from nspcc-dev/migrate-to-hf
Bind 0.106.0 protocol chages to Cockatrice hardfork
2024-05-20 15:51:26 +03:00
Roman Khimov
6be757af3e
Merge pull request #3444 from nspcc-dev/fix-native-init
native: perform initialisation for the set of hardforks
2024-05-17 16:34:00 +03:00
Roman Khimov
67b6d5da31
Merge pull request #3446 from nspcc-dev/enable-cockatrice
config: enable Cockatrice hardfork
2024-05-17 16:33:16 +03:00
Anna Shaleva
b5bb605651
Merge pull request #3443 from nspcc-dev/fix-blocked-accounts
native: fix Policy's IsBlocked behaviour
2024-05-17 16:10:59 +03:00
Anna Shaleva
d91a0945df config: enable Cockatrice hardfork
Close #3434.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 16:01:48 +03:00
Anna Shaleva
c90f6785b9 native: perform initialisation for the set of hardforks
Close #3433.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 15:58:02 +03:00
Anna Shaleva
c30e7ec8d7 native: bind CryptoLib's verifyWithECDsa changes to Cockatrice
A part of #3440.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 15:52:00 +03:00
Anna Shaleva
ce442a1942 rpcsrv: remove test for Koblitz-based witness verification
It will be built properly in #3447.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 15:45:04 +03:00
Anna Shaleva
e92606a7ae native: bind Neo's CommitteeChanged event to Cockatrice
A part of #3440.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 15:22:29 +03:00
Anna Shaleva
df1ed68d98 native: support native method/event removal
Port a part of https://github.com/neo-project/neo/issues/3210.
A part of #3440.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 15:22:26 +03:00
Anna Shaleva
82a7c1bd9c native: adjust test helper behaviour
Supply the account with expected balance.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 12:33:59 +03:00
Anna Shaleva
c43cfae24c native: fix Policy's IsBlocked behaviour
Account is blocked when it's in the Policy's storage, not when it's
missing from the Policy storage. Introduced in
bbbc6805a8.

This bug leads to the fact that during native Neo cache initialization
at the last block in the dBFT epoch, all candidates accounts are
"blocked", and thus, stand-by committee and validators are used in the
subsequent new epoch. Close #3424.

This bug may lead to the consequences described in #3273, but it needs
to be confirmed.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-17 12:33:51 +03:00
Anna Shaleva
2d4993a837
Merge pull request #3438 from nspcc-dev/unwrap-fault-exception
unwrap: implement Exception type for better exception handling
2024-05-17 10:24:26 +03:00
Anna Shaleva
647b8c7fb1
Merge pull request #3439 from nspcc-dev/getnativecontracts
state: drop NativeContract, fix #3430
2024-05-17 10:23:45 +03:00
Roman Khimov
0b69901d1e
Merge pull request #3441 from nspcc-dev/boltdb-clone 2024-05-16 19:49:11 +03:00
Roman Khimov
502f024e7c storage: bytes.Clone(nil) == nil
Signed-off-by: Roman Khimov <roman@nspcc.ru>
2024-05-16 19:29:11 +03:00
Roman Khimov
b1bb12df48 state: drop NativeContract, fix #3430
This unifies getnativecontracts RPC API with regular contracts.

Signed-off-by: Roman Khimov <roman@nspcc.ru>
2024-05-16 18:46:46 +03:00
Roman Khimov
31a99d44eb
Merge pull request #3437 from nspcc-dev/fix-conflicts 2024-05-16 13:38:03 +03:00
Anna Shaleva
dc8b2f639a dao: do not remove block executable by conflict record stub
It's possible for transaction to include block hash into Conflicts
attribure. If so, then we must not remove block executable record while
cleaning transation's conflict records.

This commit is a direct consequence of
e6ceee0f230a21c87006a9297636be29c0d8ea47. Ref. #3427.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-16 12:13:41 +03:00
Anna Shaleva
2ad4c86712 dao: move conflict record value length to a separate const
Conflicts-related code contains more and more these magic numbers, and
there's no good in it even if all the usages are commented. This
approach produces bugs like #3426.

No functional changes, just a refactoring.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-16 12:13:41 +03:00
Anna Shaleva
9a1075d332 dao: fix transaction application log decoding
Conflict record stub has value of 5 bytes length: 1 byte for
storage.ExecTransaction prefix and 4 bytes for the block index LE. This
scheme was implemented in #3138, and this commit should be a part of
this PR.

Also, transaction.DummyVersion is removed since it's unused anymore.

Close #3426. The reason of `failed to locate application log: EOF` error
during genesis AER request is in the following: genesis executable was
overwritten by conflict record stub produced by transaction
0x289c235dcdab8be7426d05f0fbb5e86c619f81481ea136493fa95deee5dbb7cc (ref.
 #3427). As a consequence, an attempt to decode transaction AER was
initited, but conflict record scheme was changed in #3138.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-16 12:13:41 +03:00
Anna Shaleva
58a086ea91 core: allow transaction to conflict with block
Transaction
0x289c235dcdab8be7426d05f0fbb5e86c619f81481ea136493fa95deee5dbb7cc is
already on mainnet at block 5272006 and we can't do anything with it.
This transaction has genesis block hash in Conflicts attribute. It leads
to the following consequences:
1. Genesis block executable record is overwritten by conflict record
   stub. Genesis block can't be retrieved anymore. This bug is described
   in #3427.
2. Somehow this transaction has passed verification on NeoGo CN without
   any warnings:
```
Apr 24 16:12:30 kangra neo-go[2453907]: 2024-04-24T16:12:30.865+0300        INFO        initializing dbft        {"height": 5272006, "view": 0, "index": 6, "role": "Backup"}
Apr 24 16:12:31 kangra neo-go[2453907]: 2024-04-24T16:12:31.245+0300        INFO        persisted to disk        {"blocks": 1, "keys": 37, "headerHeight": 5272005, "blockHeight": 5272005, "took": "14.548903ms"}
Apr 24 16:12:34 kangra neo-go[2453907]: 2024-04-24T16:12:34.977+0300        ERROR        can't add SV-signed state root        {"error": "stateroot mismatch at block 5272005: 9d5f95784f26c862d6f889f213aad1e3330611880c02330e88db8802c750aa46 vs d25304d518645df725014897d13bbf023919928e79074abcea48f31cf9f32a25"}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.820+0300        INFO        received PrepareRequest        {"validator": 5, "tx": 1}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.821+0300        INFO        sending PrepareResponse        {"height": 5272006, "view": 0}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.827+0300        INFO        received PrepareResponse        {"validator": 4}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.830+0300        INFO        received PrepareResponse        {"validator": 3}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.875+0300        INFO        received PrepareResponse        {"validator": 2}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.878+0300        INFO        sending Commit        {"height": 5272006, "view": 0}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.879+0300        INFO        received Commit        {"validator": 4}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.881+0300        INFO        received PrepareResponse        {"validator": 0}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.881+0300        INFO        received Commit        {"validator": 3}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.906+0300        INFO        received Commit        {"validator": 0}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.907+0300        INFO        received PrepareResponse        {"validator": 1}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.915+0300        INFO        received Commit        {"validator": 1}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.915+0300        INFO        approving block        {"height": 5272006, "hash": "6b111519537343ce579d04ccad71c43318b12c680d0f374dfcd466aa22643fb6", "tx_count": 1, "merkle": "ccb7dbe5ee5da93f4936a11e48819f616ce8b5fbf0056d42e78babcd5d239c28", "prev": "12ad6cc5d0cd357b9fc9fb0c1a016ba8014d3cdd5a96818598e6a40a1a4a2a21"}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.917+0300        WARN        contract invocation failed        {"tx": "289c235dcdab8be7426d05f0fbb5e86c619f81481ea136493fa95deee5dbb7cc", "block": 5272006, "error": "at instruction 86 (ASSERT): ASSERT failed"}
Apr 24 16:12:45 kangra neo-go[2453907]: 2024-04-24T16:12:45.950+0300        INFO        initializing dbft        {"height": 5272007, "view": 0, "index": 6, "role": "Primary"}
Apr 24 16:12:46 kangra neo-go[2453907]: 2024-04-24T16:12:46.256+0300        INFO        persisted to disk        {"blocks": 1, "keys": 67, "headerHeight": 5272006, "blockHeight": 5272006, "took": "16.576594ms"}
```
   And thus, we must treat this transaction as valid for this behaviour
   to be reproducable.

This commit contains two fixes:
1. Do not overwrite block executable records by conflict record stubs.
   If some transaction conflicts with block, then just skip the conflict
   record stub for this attribute since it's impossible to create
   transaction with the same hash.
2. Do not fail verification for those transactions that have Conflicts
   attribute with block hash inside. This one is controversial, but we
   have to adjust this code to treat already accepted transaction as
   valid.

Close #3427.

The transaction itself:
```
{
   "id" : 1,
   "jsonrpc" : "2.0",
   "result" : {
      "attributes" : [
         {
            "height" : 0,
            "type" : "NotValidBefore"
         },
         {
            "hash" : "0x1f4d1defa46faa5e7b9b8d3f79a06bec777d7c26c4aa5f6f5899a291daa87c15",
            "type" : "Conflicts"
         }
      ],
      "blockhash" : "0xb63f6422aa66d4fc4d370f0d682cb11833c471adcc049d57ce4373531915116b",
      "blocktime" : 1713964365700,
      "confirmations" : 108335,
      "hash" : "0x289c235dcdab8be7426d05f0fbb5e86c619f81481ea136493fa95deee5dbb7cc",
      "netfee" : "237904",
      "nonce" : 0,
      "script" : "CxAMFIPvkoyXujYCRmgq9qEfMJQ4wNveDBSD75KMl7o2AkZoKvahHzCUOMDb3hTAHwwIdHJhbnNmZXIMFPVj6kC8KD1NDgXEjqMFs/Kgc0DvQWJ9W1I5",
      "sender" : "NbcGB1tBEGM5MfhNbDAimvpJKzvVjLQ3jW",
      "signers" : [
         {
            "account" : "0x649ca095e38a790d6c15ff78e0c6175099b428ac",
            "scopes" : "None"
         },
         {
            "account" : "0xdedbc03894301fa1f62a68460236ba978c92ef83",
            "scopes" : "None"
         }
      ],
      "size" : 412,
      "sysfee" : "997778",
      "validuntilblock" : 5277629,
      "version" : 0,
      "vmstate" : "FAULT",
      "witnesses" : [
         {
            "invocation" : "DECw8XNuyRg5vPeHxisQXlZ7VYNDxxK4xEm8zwpPyWJSSu+JaRKQxdrlPkXxXj34wc4ZSrZvKICGgPFE0ZHXhLPo",
            "verification" : "DCEC+PI2tRSlp0wGwnjRuQdWdI0tBXNS7SlzSBBHFsaKUsdBVuezJw=="
         },
         {
            "invocation" : "DEAxwi97t+rg9RsccOUzdJTJK7idbR7uUqQp0/0/ob9FbuW/tFius3/FOi82PDZtwdhk7s7KiNM/pU7vZLsgIbM0",
            "verification" : "DCEDbInkzF5llzmgljE4HSMvtrNgPaz73XO5wgVJXLHNLXRBVuezJw=="
         }
      ]
   }
}
```

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-16 12:13:41 +03:00
Anna Shaleva
59c98c4d09 core: always warn if accepted transaction fails verification
These warnings must be monitored by developers since it might be a sign
of behaviour difference between Go and C# nodes.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-16 12:13:40 +03:00
Roman Khimov
f4731eab91 unwrap: implement Exception type for better exception handling
Fix #3130. "Exception" is used for name since it's shorter and that's the name
used in JSON. "VMFault" was also considered as well as "FaultException"
(which mirrors result.Invoke).

Signed-off-by: Roman Khimov <roman@nspcc.ru>
2024-05-15 23:00:27 +03:00
Roman Khimov
13020ccd02
Merge pull request #3431 from nspcc-dev/nativehashes-autogen
nativehashes: autogenerate native contract hashes
2024-05-15 13:36:33 +03:00
Roman Khimov
bce94dfa66
Merge pull request #3436 from nspcc-dev/fix-lint
scripts: fix linting
2024-05-14 16:16:46 +03:00
Anna Shaleva
244ca6f438 workflows: enable testing jobs for go scripts
Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-14 15:55:23 +03:00
Anna Shaleva
a32217fac8 scripts: fix linting
Should be a part of #3435.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-14 15:53:08 +03:00
Roman Khimov
0435551eee
Merge pull request #3435 from nspcc-dev/extend-compare-scripts
scripts: dump diff for OnPersist and PostPersist applog
2024-05-14 15:13:03 +03:00
Anna Shaleva
0a3bf01a8f scripts: dump diff for OnPersist and PostPersist applog
Related to #3424.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-14 13:38:52 +03:00
Anna Shaleva
0aecddea10 native: autogenerate nativehashes package
Ref.
https://github.com/nspcc-dev/neo-go/pull/3402#discussion_r1577879141.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-14 09:39:53 +03:00
Roman Khimov
02ecbeb519
Merge pull request #3425 from nspcc-dev/cryptolib-test
native: add test for custom Koblitz witness verification script
2024-05-13 16:35:10 +03:00
Anna Shaleva
e275495850 *: update interop deps
Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 10:16:04 +03:00
Anna Shaleva
6e0926e59f native: adjust NamedCurveHash values
Use 122 and 123 respectively for Secp256k1Keccak256 and
Secp256r1Keccak256, ref.
https://github.com/neo-project/neo/pull/3209#issuecomment-2095798056.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 10:10:56 +03:00
Anna Shaleva
988440949b native: reduce callflag scope for Koblitz verification scripts
callflag.All is too wide.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 09:33:42 +03:00
Roman Khimov
701ea8d5f3 native: use ABORT in Koblitz multisig
Make the script a bit shorter. ABORTMSG would cost a bit more.

Signed-off-by: Roman Khimov <roman@nspcc.ru>
Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 09:33:42 +03:00
Roman Khimov
3d1e33a502 native: make multisig koblitz easier to parse
1. Make prologue be exactly the same as regular CheckMultisig.
2. But instead of "SYSCALL System.Crypto.CheckMultisig" do INITSLOT and K check.
3. This makes all of the code from INITSLOT below be independent of N/M, so
   one can parse the script beginning in the same way CheckMultisig is parsed and
   then just compare the rest of it with some known-good blob.
4. The script becomes a tiny bit larger now, but properties above are too good.

Signed-off-by: Roman Khimov <roman@nspcc.ru>
Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 09:33:42 +03:00
Anna Shaleva
5053a073f9 rpcsrv: test calculatenetworkfee with custom Koblitz-based witness
Value calculated by calculatenetworkfee is enough to pass the real
tx verification. However, network fee may be decreased, so calculations
are not quite accurate. Need to investigate, why.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 09:33:42 +03:00
Anna Shaleva
71aa32406d native: add test for multisignature Koblitz witness verification
Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 09:33:42 +03:00
Anna Shaleva
3acb132e9a native: add preferable method to TestCryptoLib_KoblitzVerificationScript
It's based on the constant-length network magic, ref.
https://github.com/nspcc-dev/neo-go/pull/3425#discussion_r1582068061.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 09:33:42 +03:00
Anna Shaleva
bd2f9c75e1 crypto: export GetSignedData function
It's needed for tests and further custom verification script build.

Signed-off-by: Anna Shaleva <shaleva.ann@nspcc.ru>
2024-05-13 09:33:42 +03:00