Commit graph

195 commits

Author SHA1 Message Date
Leonard Lyubich
372cba1fca [#505] ir/container: Check key ownership during set eACL handling
Use NeoFS ID contract client to check if public key from notification event
is tied to the owner of the container for which the eACL is being changed.
Approve changes coming from the owner of the container only.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
b0271aa478 [#505] ir/container: Verify signature of binary eACL tables
Add signature check to `checkSetEACL` method of the `setEACL` notification
handler in Container processor.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
87d83174d9 [#505] ir/container: Implement simplified handling of SetEACL event
Implement `handleSetEACL` method similar to other handling methods in
Container processor. To begin with, the validation logic is skipped, and all
tables will be sent to the contract. In the future, the necessary checks
will be implemented. Listening for events in the IR node will also be added.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Evgenii Stratonikov
b52751e992 [#496] innerring/invoke: move wrapper structs to separate packages
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 13:41:39 +03:00
Evgenii Stratonikov
ca0e3211be [#496] innerring/invoke: remove function wrappers
Use morph.Client directly.

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 13:41:39 +03:00
Evgenii Stratonikov
b5cda8cd41 [#496] morph/client: fallback to simple invoke in NotaryInvoke
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 13:41:39 +03:00
Evgenii Stratonikov
2e31cd34e6 [#502] innerring: synchronize validators on mainnet alphabet update
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 11:10:01 +03:00
Evgenii Stratonikov
71b87155ef [#521] *: use stdlib errors package
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-19 16:42:54 +03:00
Alex Vanin
16f13bc0a5 [#522] Use HostAddrString as RPC endpoint instead of IPAddrString
To enable TLS support we can't operate with IP addresses directly.
Certificates are issued with host names so it is required to
pass them into RPC client. DNS resolving should be done by transport
layer and not be a part of node. Therefore `IPAddrString` usage is
removed from code.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-18 12:07:00 +03:00
Alex Vanin
d49bd4b94a Update neofs-api-go to v1.26.0
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-10 09:45:11 +03:00
Alex Vanin
dddbf0368c [#486] innerring: Add option to disable only main chain notary support
For N3 Testnet RC2 release inner ring app supports three modes:
- notary enabled in all chains (default),
- notary disabled in all chains,
- notary enabled only in side chain.

All notary related functions are moved to notary.go

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
5a167f3991 [#486] innerring: Adopt disabled notary work flow
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
f2562e8c47 [#486] innerring: Use fee provider and notary disabled flag in processors
Processors that use `invoke` package to make chain invocation should provide
fee config and client with enabled or disabled notary support. If notary
support is disabled, then functions from `invoke` package will perform
ordinary method invocation with extra fee.

Processors that use `morph/client` wrappers should check `notaryDisabled`
flag to call corresponding wrapper function.

Netmap processor omits some actions during validator syncronization
if notary is disabled.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
91a1896b8b [#486] innerring: Use fee provider interface in invoke package
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
1f3bb33db8 [#486] innerring: Add fee configuration
When notary disabled, inner ring should be able to
configure extra fee for vote collections inside the
contracts. Previously these values were hardcoded,
however we might want to change them depending on
a environment.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
c4f4381b13 [#486] morph/client: Separate container estimation functions
Inner ring should be able to invoke contract methods both notary
and non notary way.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
bd65e41257 [#486] innerring: Add notary support in main chain client
With `mainnet.notary_deposit=false` inner ring will ignore
notary deposit \ awaiting routines in the application start,
so it can run on the environments without notary support.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Leonard Lyubich
56b3e35779 [#480] ir: Do not sync alphabet keys in sidechain-only configuration
Alphabet nodes synchronize list of alphabet keys from main chain
`NeoFSAlphabet` role once per epoch. This can lead to a wrong behavior in
single chain deployment (`without_mainnet` config parameter). Alphabet node
in single chain environment will try to get NeoFSAlphabet role from main
chain client, but it'll get result from side chain instead. Side chain
stores list of all inner ring nodes in this role. Therefore it is possible
that alphabet nodes will try to appoint inner ring nodes as alphabet nodes,
which is not correct.

Fix incorrect behavior with disabling of synchronization of alphabet keys in
sidechain-only mode.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-04 14:50:18 +03:00
Evgenii Stratonikov
5b85519f20 [#457] innerring: wait until notary tx persists on chain
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-04-27 16:57:29 +03:00
Alex Vanin
376bb293b4 [#479] morph/timer: Move block timer to morph package
Block timer is going to be reused in storage node to tick
EigenTrust calculation rounds.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-19 09:35:54 +03:00
Alex Vanin
13149e794f [#478] innerring: Fix set config method name
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-15 17:53:08 +03:00
Alex Vanin
dc0bd782d2 [#478] innerring: Use dynamic epoch duration in epoch timer
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-15 17:53:08 +03:00
Alex Vanin
c33512d976 [#478] morph/client: Add more global config value getters
Including:
- typo fix for `BasicIncomeRate` method
- epoch duration getter,
- container fee getter,
- EigenTrust iterations getter.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-15 17:53:08 +03:00
Alex Vanin
0f01a69fd3 [#465] processor/neofs: Don't modify tx details
Mint, Burn and Cheque details should contain hash of
main net tx of Deposit and Withdraw invocation. They will
be formatted inside the contracts so alphabet nodes must
not modify them.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
3e9c578e62 [#465] settlement: Use unified details format for all asset transfers
Unified format uses transfer type as the first byte
and extra details next. List of transfer types used in
contracts defined in `details.go`. It includes:
- audit settlement,
- basic income collection,
- basic income distribution.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
1d68e74636 [#465] innerring: Add audit fee fetcher to settlement processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
0816f7b63b [#465] settlement/audit: Transfer audit fee to inner ring nodes
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
27cf6f5112 [#452] Use API structures for reputation PeerID and GlobalTrust
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-06 10:35:20 +03:00
Alex Vanin
b18da34b55 [#452] innerring: Use reputation processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-06 10:35:20 +03:00
Alex Vanin
09e4479d44 [#452] innerring: Add reputation processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-06 10:35:20 +03:00
Alex Vanin
3aae60d517 [#454] innerring: Increase duration of notary deposit
Extra blocks for notary deposit must not be less than extra blocks
at notary tx rounding.

Consider you make notary deposit every 1000 block for next
1100 blocks. At block 555 you made notary deposit up to 1655.

At block 1554 you want to send notary tx. Notary client uses rounding
to calculate `until` value. By default notary client rounds with up
to 150 block ahead, thus for tx at 1554 `until` will be 1700.

1700 is bigger than deposit limit at 1655 and tx will fail. However
if extra blocks for notary deposit will be 200, then this case
won't be possible.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-02 11:26:37 +03:00
Alex Vanin
3fe5962e92 [#447] innerring: Use governance processor in inner ring
Network map processors creates sync event once per epoch.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
d0d1731af7 [#447] innerring: Define governance processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
3965cc2296 [#447] innerring: Use alias type for slice of public keys
Alias type provide sort function so it is better to use it
everywhere where list of public keys is presented.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
34f25adc8c [#447] invoke: Add alphabet update method
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
999ad5e1c0 [#447] innerring: Do not handle or call InnerRingUpdate method
This method has been removed from netmap contract. Corresponding
event from neofs contract renamed to AlphabetUpdate and should not
be processed, because alphabet updated from `RoleManagement`
contract.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
1d1fc04ac9 [#446] innerring: Use less mutex locks in indexer
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
e05f1e1394 [#446] innerring: Use alphabet state in processors
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
1332db883e [#446] innerring: Add alphabet index getter in global state
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
cd21641dfc [#446] innerring: Rename server.Index to server.InnerRingIndex
With different indexes for inner ring list and alphabet list this
is the better naming.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
80bfd08a47 [#446] innerring: Use indexer to get relevant inner ring size and index
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
f9304fb2cb [#446] innerring: Remove inner ring list method
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
58119e6065 [#421] governance: Don't construct alphabet list with empty sidechain
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 10:16:48 +03:00
Alex Vanin
f4e39678f1 [#421] governance: Add list update functions for inner ring
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 10:16:48 +03:00
Alex Vanin
6339a115dc [#421] governance: Add new alphabet list constructor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 10:16:48 +03:00
Leonard Lyubich
106884fc40 [#428] client: Hide client cache behind interface in dependent packages
Replace usage of `cache.ClientCache` type with interface with similar
signature. This will further allow overloading clients without affecting the
logic of dependent packages.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-03-24 10:11:52 +03:00
Pavel Karpy
b9892edd6e [#416] innerring: Add gas threshold
On the `Deposit` events add gas balance check.
Make transfer only if the balance is greater
than the `GasTransferThreshold` that is defined
with environmental variable.

Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2021-03-19 13:57:58 +03:00
Leonard Lyubich
383d2494eb [#425] Adapt the Client's refactoring to the interface
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-03-17 15:00:37 +03:00
Evgenii Stratonikov
364945a955 [#422] pkg/innerring: fix typo in config parameter name
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-03-15 14:07:53 +03:00
Evgenii Stratonikov
6679d59e89 [#422] pkg/services: Provide client options on cache creation
Because options are not used when client is already in cache
providing them to shared cache is misleading at best.
In the worst case `dial_timeout` is set randomly (because of race
condition) which can lead to one service having `dial_timeout` of
another. Thus we set default client creation options when cache is
created.

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-03-15 14:07:53 +03:00