From e91d13c615d96dde134eb4f0acabfcf50fbbb226 Mon Sep 17 00:00:00 2001 From: Evgenii Stratonikov Date: Thu, 24 Sep 2020 16:33:40 +0300 Subject: [PATCH] core: implement oracle tx verification --- pkg/core/blockchain.go | 29 +++++++++++ pkg/core/blockchain_test.go | 100 +++++++++++++++++++++++++++++++++++- pkg/core/native/oracle.go | 15 ++++-- 3 files changed, 137 insertions(+), 7 deletions(-) diff --git a/pkg/core/blockchain.go b/pkg/core/blockchain.go index 8865b207f..91652d5c4 100644 --- a/pkg/core/blockchain.go +++ b/pkg/core/blockchain.go @@ -1,6 +1,7 @@ package core import ( + "bytes" "errors" "fmt" "math/big" @@ -1251,6 +1252,34 @@ func (bc *Blockchain) verifyTxAttributes(tx *transaction.Transaction) error { } } return fmt.Errorf("%w: high priority tx is not signed by committee", ErrInvalidAttribute) + case transaction.OracleResponseT: + h, err := bc.contracts.Oracle.GetScriptHash() + if err != nil { + return fmt.Errorf("%w: %v", ErrInvalidAttribute, err) + } + hasOracle := false + for i := range tx.Signers { + if tx.Signers[i].Scopes != transaction.FeeOnly { + return fmt.Errorf("%w: oracle tx has invalid signer scope", ErrInvalidAttribute) + } + if tx.Signers[i].Account.Equals(h) { + hasOracle = true + } + } + if !hasOracle { + return fmt.Errorf("%w: oracle tx is not signed by oracle nodes", ErrInvalidAttribute) + } + if !bytes.Equal(tx.Script, native.GetOracleResponseScript()) { + return fmt.Errorf("%w: oracle tx has invalid script", ErrInvalidAttribute) + } + resp := tx.Attributes[i].Value.(*transaction.OracleResponse) + req, err := bc.contracts.Oracle.GetRequestInternal(bc.dao, resp.ID) + if err != nil { + return fmt.Errorf("%w: oracle tx points to invalid request: %v", ErrInvalidAttribute, err) + } + if uint64(tx.NetworkFee+tx.SystemFee) < req.GasForResponse { + return fmt.Errorf("%w: oracle tx has insufficient gas", ErrInvalidAttribute) + } } } return nil diff --git a/pkg/core/blockchain_test.go b/pkg/core/blockchain_test.go index 1524ff6a2..101cc6c6b 100644 --- a/pkg/core/blockchain_test.go +++ b/pkg/core/blockchain_test.go @@ -11,12 +11,15 @@ import ( "github.com/nspcc-dev/neo-go/pkg/core/block" "github.com/nspcc-dev/neo-go/pkg/core/interop/interopnames" "github.com/nspcc-dev/neo-go/pkg/core/mempool" + "github.com/nspcc-dev/neo-go/pkg/core/native" "github.com/nspcc-dev/neo-go/pkg/core/state" "github.com/nspcc-dev/neo-go/pkg/core/storage" "github.com/nspcc-dev/neo-go/pkg/core/transaction" "github.com/nspcc-dev/neo-go/pkg/crypto/hash" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/internal/testchain" "github.com/nspcc-dev/neo-go/pkg/io" + "github.com/nspcc-dev/neo-go/pkg/smartcontract" "github.com/nspcc-dev/neo-go/pkg/smartcontract/trigger" "github.com/nspcc-dev/neo-go/pkg/util" "github.com/nspcc-dev/neo-go/pkg/vm" @@ -212,13 +215,17 @@ func TestVerifyTx(t *testing.T) { bc := newTestChain(t) defer bc.Close() - accs := make([]*wallet.Account, 2) + accs := make([]*wallet.Account, 3) for i := range accs { var err error accs[i], err = wallet.NewAccount() require.NoError(t, err) } + oracleAcc := accs[2] + oraclePubs := keys.PublicKeys{oracleAcc.PrivateKey().PublicKey()} + require.NoError(t, oracleAcc.ConvertMultisig(1, oraclePubs)) + neoHash := bc.contracts.NEO.Hash gasHash := bc.contracts.GAS.Hash w := io.NewBufBinWriter() @@ -229,7 +236,7 @@ func TestVerifyTx(t *testing.T) { amount = 1_000_000_000 } emit.AppCallWithOperationAndArgs(w.BinWriter, sc, "transfer", - neoOwner, a.PrivateKey().GetScriptHash(), amount) + neoOwner, a.Contract.ScriptHash(), amount) emit.Opcode(w.BinWriter, opcode.ASSERT) } } @@ -376,6 +383,95 @@ func TestVerifyTx(t *testing.T) { }} require.NoError(t, bc.VerifyTx(tx)) }) + t.Run("Oracle", func(t *testing.T) { + orc := bc.contracts.Oracle + req := &native.OracleRequest{GasForResponse: 1000_0000} + require.NoError(t, orc.PutRequestInternal(1, req, bc.dao)) + + oracleScript, err := smartcontract.CreateMajorityMultiSigRedeemScript(oraclePubs) + require.NoError(t, err) + oracleHash := hash.Hash160(oracleScript) + + // We need to create new transaction, + // because hashes are cached after signing. + getOracleTx := func(t *testing.T) *transaction.Transaction { + tx := bc.newTestTx(h, native.GetOracleResponseScript()) + resp := &transaction.OracleResponse{ + ID: 1, + Code: transaction.Success, + Result: []byte{1, 2, 3}, + } + tx.Attributes = []transaction.Attribute{{ + Type: transaction.OracleResponseT, + Value: resp, + }} + tx.NetworkFee += 4_000_000 // multisig check + tx.SystemFee = int64(req.GasForResponse - uint64(tx.NetworkFee)) + tx.Signers = []transaction.Signer{{ + Account: oracleHash, + Scopes: transaction.FeeOnly, + }} + size := io.GetVarSize(tx) + netFee, sizeDelta := CalculateNetworkFee(oracleScript) + tx.NetworkFee += netFee + tx.NetworkFee += int64(size+sizeDelta) * bc.FeePerByte() + return tx + } + + t.Run("NoOracleNodes", func(t *testing.T) { + tx := getOracleTx(t) + require.NoError(t, oracleAcc.SignTx(tx)) + checkErr(t, ErrInvalidAttribute, tx) + }) + + txSetOracle := transaction.New(netmode.UnitTestNet, []byte{}, 0) + setSigner(txSetOracle, testchain.CommitteeScriptHash()) + txSetOracle.Scripts = []transaction.Witness{{ + InvocationScript: testchain.SignCommittee(txSetOracle.GetSignedPart()), + VerificationScript: testchain.CommitteeVerificationScript(), + }} + ic := bc.newInteropContext(trigger.All, bc.dao, nil, txSetOracle) + require.NoError(t, bc.contracts.Oracle.SetOracleNodes(ic, oraclePubs)) + bc.contracts.Oracle.OnPersistEnd(ic.DAO) + _, err = ic.DAO.Persist() + require.NoError(t, err) + + t.Run("Valid", func(t *testing.T) { + tx := getOracleTx(t) + require.NoError(t, oracleAcc.SignTx(tx)) + require.NoError(t, bc.VerifyTx(tx)) + }) + t.Run("InvalidRequestID", func(t *testing.T) { + tx := getOracleTx(t) + tx.Attributes[0].Value.(*transaction.OracleResponse).ID = 2 + require.NoError(t, oracleAcc.SignTx(tx)) + checkErr(t, ErrInvalidAttribute, tx) + }) + t.Run("InvalidScope", func(t *testing.T) { + tx := getOracleTx(t) + tx.Signers[0].Scopes = transaction.Global + require.NoError(t, oracleAcc.SignTx(tx)) + checkErr(t, ErrInvalidAttribute, tx) + }) + t.Run("InvalidScript", func(t *testing.T) { + tx := getOracleTx(t) + tx.Script[0] = ^tx.Script[0] + require.NoError(t, oracleAcc.SignTx(tx)) + checkErr(t, ErrInvalidAttribute, tx) + }) + t.Run("InvalidSigner", func(t *testing.T) { + tx := getOracleTx(t) + tx.Signers[0].Account = accs[0].Contract.ScriptHash() + require.NoError(t, accs[0].SignTx(tx)) + checkErr(t, ErrInvalidAttribute, tx) + }) + t.Run("SmallFee", func(t *testing.T) { + tx := getOracleTx(t) + tx.SystemFee = 0 + require.NoError(t, oracleAcc.SignTx(tx)) + checkErr(t, ErrInvalidAttribute, tx) + }) + }) }) } diff --git a/pkg/core/native/oracle.go b/pkg/core/native/oracle.go index 10338362d..5d3bd5a6e 100644 --- a/pkg/core/native/oracle.go +++ b/pkg/core/native/oracle.go @@ -313,21 +313,26 @@ func (o *Oracle) RequestInternal(ic *interop.Context, url, filter, cb string, us CallbackMethod: cb, UserData: data, } + return o.PutRequestInternal(id, req, ic.DAO) +} + +// PutRequestInternal puts oracle request with the specified id to d. +func (o *Oracle) PutRequestInternal(id uint64, req *OracleRequest, d dao.DAO) error { reqItem := &state.StorageItem{Value: req.Bytes()} reqKey := makeRequestKey(id) - if err = ic.DAO.PutStorageItem(o.ContractID, reqKey, reqItem); err != nil { + if err := d.PutStorageItem(o.ContractID, reqKey, reqItem); err != nil { return err } // Add request ID to the id list. lst := new(IDList) - key := makeIDListKey(url) - if err := o.getSerializableFromDAO(ic.DAO, key, lst); err != nil && !errors.Is(err, storage.ErrKeyNotFound) { + key := makeIDListKey(req.URL) + if err := o.getSerializableFromDAO(d, key, lst); err != nil && !errors.Is(err, storage.ErrKeyNotFound) { return err } *lst = append(*lst, id) - si = &state.StorageItem{Value: lst.Bytes()} - return ic.DAO.PutStorageItem(o.ContractID, key, si) + si := &state.StorageItem{Value: lst.Bytes()} + return d.PutStorageItem(o.ContractID, key, si) } func (o *Oracle) getOracleNodes(ic *interop.Context, _ []stackitem.Item) stackitem.Item {