[#59] proxy: Check committee address in Verify function

For committee operations in side chain we can't use 5\7 multi
address, instead we should use 4\7 for this case.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
This commit is contained in:
Alex Vanin 2021-03-10 17:01:57 +03:00 committed by Alex Vanin
parent 8af80e67aa
commit 7ba5d50fd4
4 changed files with 32 additions and 4 deletions

View file

@ -10,6 +10,7 @@ import (
const ( const (
irListMethod = "innerRingList" irListMethod = "innerRingList"
multiaddrMethod = "multiaddress" multiaddrMethod = "multiaddress"
committeeMethod = "committee"
) )
type IRNode struct { type IRNode struct {
@ -56,3 +57,17 @@ func InnerRingMultiAddressViaStorage(ctx storage.Context, key interface{}) []byt
func InnerRingMultiAddress(sc interop.Hash160) []byte { func InnerRingMultiAddress(sc interop.Hash160) []byte {
return contract.Call(sc, multiaddrMethod, contract.ReadOnly).([]byte) return contract.Call(sc, multiaddrMethod, contract.ReadOnly).([]byte)
} }
// CommitteeMultiAddressViaStorage returns multiaddress of committee public
// keys by invoking netmap contract, which scripthash stored in the contract
// storage by the key `key`.
func CommitteeMultiAddressViaStorage(ctx storage.Context, key interface{}) []byte {
sc := storage.Get(ctx, key).(interop.Hash160)
return CommitteeMultiAddress(sc)
}
// CommitteeMultiAddress returns multiaddress of committee public keys by
// invoking netmap contract.
func CommitteeMultiAddress(sc interop.Hash160) []byte {
return contract.Call(sc, committeeMethod, contract.ReadOnly).([]byte)
}

View file

@ -1,5 +1,5 @@
name: "NeoFS Netmap" name: "NeoFS Netmap"
safemethods: ["innerRingList", "multiaddress", "epoch", "netmap", "snapshot", "snapshotByEpoch", "config", "listConfig", "version"] safemethods: ["innerRingList", "multiaddress", "committee", "epoch", "netmap", "snapshot", "snapshotByEpoch", "config", "listConfig", "version"]
events: events:
- name: AddPeer - name: AddPeer
parameters: parameters:

View file

@ -103,7 +103,12 @@ func InnerRingList() []common.IRNode {
func Multiaddress() []byte { func Multiaddress() []byte {
ctx := storage.GetReadOnlyContext() ctx := storage.GetReadOnlyContext()
return multiaddress(getIRNodes(ctx)) return multiaddress(getIRNodes(ctx), false)
}
func Committee() []byte {
ctx := storage.GetReadOnlyContext()
return multiaddress(getIRNodes(ctx), true)
} }
func UpdateInnerRing(keys []interop.PublicKey) bool { func UpdateInnerRing(keys []interop.PublicKey) bool {
@ -420,8 +425,11 @@ func setConfig(ctx storage.Context, key, val interface{}) {
storage.Put(ctx, storageKey, val) storage.Put(ctx, storageKey, val)
} }
func multiaddress(n []common.IRNode) []byte { func multiaddress(n []common.IRNode, committee bool) []byte {
threshold := len(n)/3*2 + 1 threshold := len(n)/3*2 + 1
if committee {
threshold = len(n)/2 + 1
}
var result = []byte{0x10 + uint8(threshold)} // m value = 5 var result = []byte{0x10 + uint8(threshold)} // m value = 5

View file

@ -57,7 +57,12 @@ func Verify() bool {
ctx := storage.GetReadOnlyContext() ctx := storage.GetReadOnlyContext()
sig := common.InnerRingMultiAddressViaStorage(ctx, netmapContractKey) sig := common.InnerRingMultiAddressViaStorage(ctx, netmapContractKey)
return runtime.CheckWitness(sig) if !runtime.CheckWitness(sig) {
sig = common.CommitteeMultiAddressViaStorage(ctx, netmapContractKey)
return runtime.CheckWitness(sig)
}
return true
} }
func Version() int { func Version() int {