From c4ad434f20b8369fbc2b67529a46e1acf0fc4011 Mon Sep 17 00:00:00 2001 From: Anna Shaleva Date: Thu, 26 May 2022 13:27:24 +0300 Subject: [PATCH 1/2] core: adjust System.Runtime.GetRandom 1. Make seed dependant on the GetRandom invocations counter. 2. Adjust syscall price. --- pkg/core/interop/context.go | 41 ++++++++++++++-------------- pkg/core/interop/runtime/util.go | 22 +++++++++++++-- pkg/core/interop_system_core_test.go | 16 ++++++----- pkg/core/interops.go | 2 +- 4 files changed, 51 insertions(+), 30 deletions(-) diff --git a/pkg/core/interop/context.go b/pkg/core/interop/context.go index e6d2c30e6..abdd8576f 100644 --- a/pkg/core/interop/context.go +++ b/pkg/core/interop/context.go @@ -45,26 +45,27 @@ type Ledger interface { // Context represents context in which interops are executed. type Context struct { - Chain Ledger - Container hash.Hashable - Network uint32 - Hardforks map[string]uint32 - Natives []Contract - Trigger trigger.Type - Block *block.Block - NonceData [16]byte - Tx *transaction.Transaction - DAO *dao.Simple - Notifications []state.NotificationEvent - Log *zap.Logger - VM *vm.VM - Functions []Function - Invocations map[util.Uint160]int - cancelFuncs []context.CancelFunc - getContract func(*dao.Simple, util.Uint160) (*state.Contract, error) - baseExecFee int64 - baseStorageFee int64 - signers []transaction.Signer + Chain Ledger + Container hash.Hashable + Network uint32 + Hardforks map[string]uint32 + Natives []Contract + Trigger trigger.Type + Block *block.Block + NonceData [16]byte + Tx *transaction.Transaction + DAO *dao.Simple + Notifications []state.NotificationEvent + Log *zap.Logger + VM *vm.VM + Functions []Function + Invocations map[util.Uint160]int + cancelFuncs []context.CancelFunc + getContract func(*dao.Simple, util.Uint160) (*state.Contract, error) + baseExecFee int64 + baseStorageFee int64 + GetRandomCounter uint32 + signers []transaction.Signer } // NewContext returns new interop context. diff --git a/pkg/core/interop/runtime/util.go b/pkg/core/interop/runtime/util.go index e00345f87..84d669fe7 100644 --- a/pkg/core/interop/runtime/util.go +++ b/pkg/core/interop/runtime/util.go @@ -5,6 +5,7 @@ import ( "errors" "math/big" + "github.com/nspcc-dev/neo-go/pkg/config" "github.com/nspcc-dev/neo-go/pkg/core/interop" "github.com/nspcc-dev/neo-go/pkg/core/state" "github.com/nspcc-dev/neo-go/pkg/encoding/address" @@ -88,9 +89,26 @@ func GetNetwork(ic *interop.Context) error { // GetRandom returns pseudo-random number which depends on block nonce and transaction hash. func GetRandom(ic *interop.Context) error { - res := murmur128(ic.NonceData[:], ic.Network) + var ( + price int64 + seed = ic.Network + ) + isHF := ic.IsHardforkEnabled(config.HF2712FixSyscallFees) + if isHF { + price = 1 << 13 + seed += ic.GetRandomCounter + ic.GetRandomCounter++ + } else { + price = 1 << 4 + } + res := murmur128(ic.NonceData[:], seed) + if !isHF { + copy(ic.NonceData[:], res) + } + if !ic.VM.AddGas(ic.BaseExecFee() * price) { + return errors.New("gas limit exceeded") + } ic.VM.Estack().PushItem(stackitem.NewBigInteger(bigint.FromBytesUnsigned(res))) - copy(ic.NonceData[:], res) return nil } diff --git a/pkg/core/interop_system_core_test.go b/pkg/core/interop_system_core_test.go index 2c7b34307..1534aba33 100644 --- a/pkg/core/interop_system_core_test.go +++ b/pkg/core/interop_system_core_test.go @@ -46,25 +46,26 @@ func TestRuntimeGetRandomCompatibility(t *testing.T) { b := getSharpTestGenesis(t) tx := getSharpTestTx(util.Uint160{}) ic := bc.newInteropContext(trigger.Application, bc.dao.GetWrapped(), b, tx) - ic.Network = 5195086 // Old mainnet magic used by C# tests. + ic.Network = 860833102 // Old mainnet magic used by C# tests. ic.VM = vm.New() ic.VM.LoadScript([]byte{0x01}) + ic.VM.GasLimit = 1100_00000000 require.NoError(t, runtime.GetRandom(ic)) - require.Equal(t, "225932872514876835587448704843370203748", ic.VM.Estack().Pop().BigInt().String()) + require.Equal(t, "271339657438512451304577787170704246350", ic.VM.Estack().Pop().BigInt().String()) require.NoError(t, runtime.GetRandom(ic)) - require.Equal(t, "190129535548110356450238097068474508661", ic.VM.Estack().Pop().BigInt().String()) + require.Equal(t, "98548189559099075644778613728143131367", ic.VM.Estack().Pop().BigInt().String()) require.NoError(t, runtime.GetRandom(ic)) - require.Equal(t, "48930406787011198493485648810190184269", ic.VM.Estack().Pop().BigInt().String()) + require.Equal(t, "247654688993873392544380234598471205121", ic.VM.Estack().Pop().BigInt().String()) require.NoError(t, runtime.GetRandom(ic)) - require.Equal(t, "66199389469641263539889463157823839112", ic.VM.Estack().Pop().BigInt().String()) + require.Equal(t, "291082758879475329976578097236212073607", ic.VM.Estack().Pop().BigInt().String()) require.NoError(t, runtime.GetRandom(ic)) - require.Equal(t, "217172703763162599519098299724476526911", ic.VM.Estack().Pop().BigInt().String()) + require.Equal(t, "247152297361212656635216876565962360375", ic.VM.Estack().Pop().BigInt().String()) } func getSharpTestTx(sender util.Uint160) *transaction.Transaction { @@ -74,7 +75,8 @@ func getSharpTestTx(sender util.Uint160) *transaction.Transaction { Account: sender, Scopes: transaction.CalledByEntry, }) - tx.Scripts = append(tx.Scripts, transaction.Witness{}) + tx.Attributes = []transaction.Attribute{} + tx.Scripts = append(tx.Scripts, transaction.Witness{InvocationScript: []byte{}, VerificationScript: []byte{}}) return tx } diff --git a/pkg/core/interops.go b/pkg/core/interops.go index b3efb8032..cf2e3982b 100644 --- a/pkg/core/interops.go +++ b/pkg/core/interops.go @@ -53,7 +53,7 @@ var systemInterops = []interop.Function{ {Name: interopnames.SystemRuntimeGetInvocationCounter, Func: runtime.GetInvocationCounter, Price: 1 << 4}, {Name: interopnames.SystemRuntimeGetNetwork, Func: runtime.GetNetwork, Price: 1 << 3}, {Name: interopnames.SystemRuntimeGetNotifications, Func: runtime.GetNotifications, Price: 1 << 12, ParamCount: 1}, - {Name: interopnames.SystemRuntimeGetRandom, Func: runtime.GetRandom, Price: 1 << 4}, + {Name: interopnames.SystemRuntimeGetRandom, Func: runtime.GetRandom, Price: 0}, {Name: interopnames.SystemRuntimeGetScriptContainer, Func: engineGetScriptContainer, Price: 1 << 3}, {Name: interopnames.SystemRuntimeGetTime, Func: runtime.GetTime, Price: 1 << 3, RequiredFlags: callflag.ReadStates}, {Name: interopnames.SystemRuntimeGetTrigger, Func: runtime.GetTrigger, Price: 1 << 3}, From 8055952bbc8b22ca189b278f11530d08d644022a Mon Sep 17 00:00:00 2001 From: Anna Shaleva Date: Thu, 26 May 2022 14:04:23 +0300 Subject: [PATCH 2/2] core: rename hardfork HF_2712_FixSyscallFees Fantastic Beasts and Where to Find Them --- config/protocol.unit_testnet.single.yml | 2 +- config/protocol.unit_testnet.yml | 2 +- docs/node-configuration.md | 2 +- pkg/config/hardfork.go | 11 +++++------ pkg/config/hardfork_string.go | 8 ++++---- pkg/core/interop/runtime/util.go | 2 +- pkg/core/interop_system.go | 4 ++-- pkg/core/interop_system_neotest_test.go | 2 +- 8 files changed, 16 insertions(+), 17 deletions(-) diff --git a/config/protocol.unit_testnet.single.yml b/config/protocol.unit_testnet.single.yml index 3954602c8..7154a66a7 100644 --- a/config/protocol.unit_testnet.single.yml +++ b/config/protocol.unit_testnet.single.yml @@ -21,7 +21,7 @@ ProtocolConfiguration: OracleContract: [0] Notary: [0] Hardforks: - HF_2712_FixSyscallFees: 25 + HF_Aspidochelone: 25 ApplicationConfiguration: # LogPath could be set up in case you need stdout logs to some proper file. diff --git a/config/protocol.unit_testnet.yml b/config/protocol.unit_testnet.yml index 8fba91040..320448fa5 100644 --- a/config/protocol.unit_testnet.yml +++ b/config/protocol.unit_testnet.yml @@ -30,7 +30,7 @@ ProtocolConfiguration: OracleContract: [0] Notary: [0] Hardforks: - HF_2712_FixSyscallFees: 25 + HF_Aspidochelone: 25 ApplicationConfiguration: # LogPath could be set up in case you need stdout logs to some proper file. diff --git a/docs/node-configuration.md b/docs/node-configuration.md index 86b9e0791..8f125869b 100644 --- a/docs/node-configuration.md +++ b/docs/node-configuration.md @@ -204,7 +204,7 @@ protocol-related settings described in the table below. | --- | --- | --- | --- | --- | | CommitteeHistory | map[uint32]int | none | Number of committee members after the given height, for example `{0: 1, 20: 4}` sets up a chain with one committee member since the genesis and then changes the setting to 4 committee members at the height of 20. `StandbyCommittee` committee setting must have the number of keys equal or exceeding the highest value in this option. Blocks numbers where the change happens must be divisible by the old and by the new values simultaneously. If not set, committee size is derived from the `StandbyCommittee` setting and never changes. | | GarbageCollectionPeriod | `uint32` | 10000 | Controls MPT garbage collection interval (in blocks) for configurations with `RemoveUntraceableBlocks` enabled and `KeepOnlyLatestState` disabled. In this mode the node stores a number of MPT trees (corresponding to `MaxTraceableBlocks` and `StateSyncInterval`), but the DB needs to be clean from old entries from time to time. Doing it too often will cause too much processing overhead, doing it too rarely will leave more useless data in the DB. | -| Hardforks | `map[string]uint32` | [] | The set of incompatible changes that affect node behaviour starting from the specified height. The default value is an empty set which should be interpreted as "each known hard-fork is applied from the zero blockchain height". The list of valid hard-fork names:
• `HF_2712_FixSyscallFees` represents hard-fork introduced in [#2469](https://github.com/nspcc-dev/neo-go/pull/2469) (ported from the [reference](https://github.com/neo-project/neo/pull/2712)). It adjusts the prices of `System.Contract.CreateStandardAccount` and `System.Contract.CreateMultisigAccount` interops so that the resulting prices are in accordance with `sha256` method of native `CryptoLib` contract. | +| Hardforks | `map[string]uint32` | [] | The set of incompatible changes that affect node behaviour starting from the specified height. The default value is an empty set which should be interpreted as "each known hard-fork is applied from the zero blockchain height". The list of valid hard-fork names:
• `HF_Aspidochelone` represents hard-fork introduced in [#2469](https://github.com/nspcc-dev/neo-go/pull/2469) (ported from the [reference](https://github.com/neo-project/neo/pull/2712)). It adjusts the prices of `System.Contract.CreateStandardAccount` and `System.Contract.CreateMultisigAccount` interops so that the resulting prices are in accordance with `sha256` method of native `CryptoLib` contract. `HF_Aspidochelone` is also includes [#2519](https://github.com/nspcc-dev/neo-go/pull/2519) (ported from the [reference](https://github.com/neo-project/neo/pull/2749)). It adjusts the price of `System.Runtime.GetRandom` interop and fixes its vulnerability. | | KeepOnlyLatestState | `bool` | `false` | Specifies if MPT should only store latest state. If true, DB size will be smaller, but older roots won't be accessible. This value should remain th e same for the same database. | Conflicts with `P2PStateExchangeExtensions`. | | Magic | `uint32` | `0` | Magic number which uniquely identifies NEO network. | diff --git a/pkg/config/hardfork.go b/pkg/config/hardfork.go index ada169f68..facef3c49 100644 --- a/pkg/config/hardfork.go +++ b/pkg/config/hardfork.go @@ -6,11 +6,10 @@ package config type Hardfork byte const ( - // HF2712FixSyscallFees represents hard-fork introduced in #2469 (ported from - // https://github.com/neo-project/neo/pull/2712) changing the prices of - // System.Contract.CreateStandardAccount and - // System.Contract.CreateMultisigAccount interops. - HF2712FixSyscallFees Hardfork = 1 << iota // HF_2712_FixSyscallFees + // HFAspidochelone represents hard-fork introduced in #2469 (ported from + // https://github.com/neo-project/neo/pull/2712) and #2519 (ported from + // https://github.com/neo-project/neo/pull/2749). + HFAspidochelone Hardfork = 1 << iota // HF_Aspidochelone ) // hardforks holds a map of Hardfork string representation to its type. @@ -18,7 +17,7 @@ var hardforks map[string]Hardfork func init() { hardforks = make(map[string]Hardfork) - for _, hf := range []Hardfork{HF2712FixSyscallFees} { + for _, hf := range []Hardfork{HFAspidochelone} { hardforks[hf.String()] = hf } } diff --git a/pkg/config/hardfork_string.go b/pkg/config/hardfork_string.go index c314b254c..5778b8ed5 100644 --- a/pkg/config/hardfork_string.go +++ b/pkg/config/hardfork_string.go @@ -1,4 +1,4 @@ -// Code generated by "stringer -type Hardfork -linecomment ./pkg/config/hardfork.go"; DO NOT EDIT. +// Code generated by "stringer -type=Hardfork -linecomment"; DO NOT EDIT. package config @@ -8,12 +8,12 @@ func _() { // An "invalid array index" compiler error signifies that the constant values have changed. // Re-run the stringer command to generate them again. var x [1]struct{} - _ = x[HF2712FixSyscallFees-1] + _ = x[HFAspidochelone-1] } -const _Hardfork_name = "HF_2712_FixSyscallFees" +const _Hardfork_name = "HF_Aspidochelone" -var _Hardfork_index = [...]uint8{0, 22} +var _Hardfork_index = [...]uint8{0, 16} func (i Hardfork) String() string { i -= 1 diff --git a/pkg/core/interop/runtime/util.go b/pkg/core/interop/runtime/util.go index 84d669fe7..6acbb9d3c 100644 --- a/pkg/core/interop/runtime/util.go +++ b/pkg/core/interop/runtime/util.go @@ -93,7 +93,7 @@ func GetRandom(ic *interop.Context) error { price int64 seed = ic.Network ) - isHF := ic.IsHardforkEnabled(config.HF2712FixSyscallFees) + isHF := ic.IsHardforkEnabled(config.HFAspidochelone) if isHF { price = 1 << 13 seed += ic.GetRandomCounter diff --git a/pkg/core/interop_system.go b/pkg/core/interop_system.go index 02a3f7f8b..96d9b0a09 100644 --- a/pkg/core/interop_system.go +++ b/pkg/core/interop_system.go @@ -225,7 +225,7 @@ func contractCreateMultisigAccount(ic *interop.Context) error { pubs[i] = p } var invokeFee int64 - if ic.IsHardforkEnabled(config.HF2712FixSyscallFees) { + if ic.IsHardforkEnabled(config.HFAspidochelone) { invokeFee = fee.ECDSAVerifyPrice * int64(len(pubs)) } else { invokeFee = 1 << 8 @@ -250,7 +250,7 @@ func contractCreateStandardAccount(ic *interop.Context) error { return err } var invokeFee int64 - if ic.IsHardforkEnabled(config.HF2712FixSyscallFees) { + if ic.IsHardforkEnabled(config.HFAspidochelone) { invokeFee = fee.ECDSAVerifyPrice } else { invokeFee = 1 << 8 diff --git a/pkg/core/interop_system_neotest_test.go b/pkg/core/interop_system_neotest_test.go index 6a5192277..0d83632bd 100644 --- a/pkg/core/interop_system_neotest_test.go +++ b/pkg/core/interop_system_neotest_test.go @@ -261,7 +261,7 @@ func TestSystemContractCreateAccount_Hardfork(t *testing.T) { bc, acc := chain.NewSingleWithCustomConfig(t, func(c *config.ProtocolConfiguration) { c.P2PSigExtensions = true // `initBasicChain` requires Notary enabled c.Hardforks = map[string]uint32{ - config.HF2712FixSyscallFees.String(): 2, + config.HFAspidochelone.String(): 2, } }) e := neotest.NewExecutor(t, bc, acc, acc)