Commit graph

322 commits

Author SHA1 Message Date
Leonard Lyubich
937171911a [#525] ir/container: Simplify the approach to verify token signature
In recent change of API Go library `Token.Verify` signature was implemented.

Replace previous version-casting approach with new method call in token
signature check stage.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-31 11:53:06 +03:00
Leonard Lyubich
23c5277014 [#525] ir/container: Check session verb and container ID
Token of the container session should be written out with container context.
The context should have the verb corresponding to the operation. If an
operation is performed on a fixed container, the session should be
propagated to it or to all user containers

Implement all described checks in validation of `Put` / `Delete` / `SetEACL`
events.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-31 11:53:06 +03:00
Leonard Lyubich
b73c0c67a2 [#525] ir/container: Fix checks without session token
In previous implementation verification of `SetEACL` events failed on events
without session token. It was caused by redundant tries to verify `nil`
session token.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-31 11:53:06 +03:00
Leonard Lyubich
ead4513feb [#525] ir/container: Verify operations with session token
Session token can be presented `Put`, `Delete` and `SetEACL` notification
events. IR should consider this case as issuing a power of attorney to a
third party. Thus, checking the eligibility for an operation should be
complicated:

 - token owner should be the owner of the related container;
 - the intent must be signed with a session key;
 - the power of attorney must be signed by the owner of the container.

Omitted checks (TBD):

 - session token should have container session context;
 - the verb of the context should correspond to the operation.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 17:07:20 +03:00
Pavel Karpy
33bef46f31 [#549] network/cache: Change Get signature
Make network cache's `Get` method accept
`network.Address` argument instead of
string.

Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2021-05-27 17:07:04 +03:00
Leonard Lyubich
5a3a27ba9f [#525] ir/container: Remove no longer needed FIXME
In latest design of `Container` contract key binding is removed.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
e1fbc28851 [#525] ir/container: Remove resolved FIXME about notary call
From `017fb6abed9455c7c99631adcb0bb04d42741f87` used container client is
constructed with enabled notary mode.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
40c796bd7e [#525] ir/container: Write session token on delete approval
Approved removed container ID should be stored in sidechain along with
related session token.

Forward session token from `Delete` event to `Wrapper.Delete` method.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
631d7b0e07 [#525] morph/container: Accept container session token in Delete
`Delete` method of latest `Container` contract accepts binary session token
as an argument.

Provide `DeleteArgs.SetSessionToken` method. Accept session token as a
`[]byte` in `Wrapper.Put` method and attach it to `PutArgs`. Marshal session
token from `RemovalWitness` in `wrapper.Delete` function and pass it to the
method.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
4ef369732a [#525] ir/container: Write session token on eACL table approval
Approved eACL table should be stored in sidechain along with related session
token.

Forward session token from `SetEACL` event to `Wrapper.PutEACL` method.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
959610080a [#525] morph/container: Accept container session token in PutEACL
`SetEACL` method of latest `Container` contract accepts binary session token
as an argument.

Provide `SetEACLArgs.SetSessionToken` method. Accept session token as a
`[]byte` in `Wrapper.PutEACL` method and attach it to `SetEACLArgs`. Marshal
session token from container in `wrapper.PutEACL` function and pass it to
the method.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
461fcfcf19 [#525] ir/container: Write session token on container approval
Approved container should be stored in sidechain along with related session
token.

Forward session token from `Put` event to `Wrapper.Put` method.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
db67a117f0 [#525] morph/container: Accept container session token in Put
`Put` method of latest `Container` contract accepts binary session token as
an argument.

Provide `PutArgs.SetSessionToken` method. Accept session token as a `[]byte`
in `Wrapper.Put` method and attach it to `PutArgs`. Marshal session token
from container in `wrapper.Put` function and pass it to the method.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-27 12:03:49 +03:00
Leonard Lyubich
62281b91f4 [#505] morph/container: Rename PutEACLBinary to PutEACl in wrapper
There is no need to concretize the type of arguments in the method name.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 18:58:25 +03:00
Leonard Lyubich
017fb6abed [#505] ir/container: Use client wrapper with enabled notary calls
Construct wrapper over the Container contract client with `TryNotary` option
since it is required to perform invocations of notary contract.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
ac2d347884 [#505] ir/container: Check key-to-owner mapping in key ownership check
Owner identifier can be calculated from public key. If it matches, no
additional verification of key ownership is required.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
369c12b702 [#505] morph/container: Verify signature of deleting container ID
Get all owner keys and verify container ID signature until first success. If
none of the keys match, then prohibit deletion. Thus, the delete operation
is only allowed to the owner of the container. With this approach, a
separate check for key ownership is not required.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
83c27f6e8a [#505] morph/container: Change get container API
Make `Get` method of the wrapper over Container contract's client to
accept binary container ID. Create `Get` function similar to the previous
`Get` variation. Use this function in Container service server in the place
where `Get` method was used.

Additionally implement `AsContainerSource` function which allows
to simply compose container Source interface from the wrapper.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
6310535b3c [#505] ir/container: Check key ownership in Put container handler
Check if new container was signed by its owner, and otherwise prohibit
operation.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
5287c194e5 [#505] ir/container: Replace key ownership check into a separate method
Method of key ownership verification is going to be reused by the handlers
of the other events.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
6239d5c0c7 [#505] ir/container: Verify signature in check of Put container event
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
ff715c8037 [#505] ir/container: Change the way to approve container delete event
Call `Delete` method on the wrapper over the Container contract's client
directly from `Processor.approveDeleteContainer`.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
24ad60e1c8 [#505] ir/container: Change the way to approve container put event
Call `Put` method on the wrapper over the Container contract's client
directly from `Processor.approvePutContainer`.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
9259ae640e [#505] ir/container: Slightly refactor Put and Delete handlers
Split up `processContainerPut` and `processContainerDelete` methods of
container `Processor` into two sub-methods: checking the event and its
assertion.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
a3ac294902 [#505] morph/container: Do not parse public key in Put event parser
Morph event structures defined in `pkg/morph/event`  should only carry
notification values without any additional interpretation. All logical work
should be concentrated on app-side.

Change data type of `Put.PublicKey` return to byte slice. `ParsePut` doesn't
unmarshal public key from now.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
a306eb9ce7 [#505] ir: Process set eACL notifications from Container contract
Add `setEACL` notification event parser (handler) to the return of the
`ListenerParsers` (`ListenerHandlers`) method. Read address of NeoFS ID
contract from `contracts.neofsid` config. Implement `NewNeoFSIDClient`
constructor in `invoke` package and use it in IR application.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
4949f4b064 [#505] ir/container: Refactor ListenerParsers and ListenerHandlers
Pre-allocate slices for a known number of elements. Use single `ParserInfo`
/ `HandlerInfo` variable in order to set Container contracts's address once
and change only values that differ between events.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
372cba1fca [#505] ir/container: Check key ownership during set eACL handling
Use NeoFS ID contract client to check if public key from notification event
is tied to the owner of the container for which the eACL is being changed.
Approve changes coming from the owner of the container only.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
b0271aa478 [#505] ir/container: Verify signature of binary eACL tables
Add signature check to `checkSetEACL` method of the `setEACL` notification
handler in Container processor.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Leonard Lyubich
87d83174d9 [#505] ir/container: Implement simplified handling of SetEACL event
Implement `handleSetEACL` method similar to other handling methods in
Container processor. To begin with, the validation logic is skipped, and all
tables will be sent to the contract. In the future, the necessary checks
will be implemented. Listening for events in the IR node will also be added.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-25 16:35:52 +03:00
Evgenii Stratonikov
b52751e992 [#496] innerring/invoke: move wrapper structs to separate packages
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 13:41:39 +03:00
Evgenii Stratonikov
ca0e3211be [#496] innerring/invoke: remove function wrappers
Use morph.Client directly.

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 13:41:39 +03:00
Evgenii Stratonikov
b5cda8cd41 [#496] morph/client: fallback to simple invoke in NotaryInvoke
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 13:41:39 +03:00
Evgenii Stratonikov
2e31cd34e6 [#502] innerring: synchronize validators on mainnet alphabet update
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-25 11:10:01 +03:00
Evgenii Stratonikov
71b87155ef [#521] *: use stdlib errors package
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-05-19 16:42:54 +03:00
Alex Vanin
16f13bc0a5 [#522] Use HostAddrString as RPC endpoint instead of IPAddrString
To enable TLS support we can't operate with IP addresses directly.
Certificates are issued with host names so it is required to
pass them into RPC client. DNS resolving should be done by transport
layer and not be a part of node. Therefore `IPAddrString` usage is
removed from code.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-18 12:07:00 +03:00
Alex Vanin
d49bd4b94a Update neofs-api-go to v1.26.0
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-10 09:45:11 +03:00
Alex Vanin
dddbf0368c [#486] innerring: Add option to disable only main chain notary support
For N3 Testnet RC2 release inner ring app supports three modes:
- notary enabled in all chains (default),
- notary disabled in all chains,
- notary enabled only in side chain.

All notary related functions are moved to notary.go

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
5a167f3991 [#486] innerring: Adopt disabled notary work flow
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
f2562e8c47 [#486] innerring: Use fee provider and notary disabled flag in processors
Processors that use `invoke` package to make chain invocation should provide
fee config and client with enabled or disabled notary support. If notary
support is disabled, then functions from `invoke` package will perform
ordinary method invocation with extra fee.

Processors that use `morph/client` wrappers should check `notaryDisabled`
flag to call corresponding wrapper function.

Netmap processor omits some actions during validator syncronization
if notary is disabled.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
91a1896b8b [#486] innerring: Use fee provider interface in invoke package
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
1f3bb33db8 [#486] innerring: Add fee configuration
When notary disabled, inner ring should be able to
configure extra fee for vote collections inside the
contracts. Previously these values were hardcoded,
however we might want to change them depending on
a environment.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
c4f4381b13 [#486] morph/client: Separate container estimation functions
Inner ring should be able to invoke contract methods both notary
and non notary way.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Alex Vanin
bd65e41257 [#486] innerring: Add notary support in main chain client
With `mainnet.notary_deposit=false` inner ring will ignore
notary deposit \ awaiting routines in the application start,
so it can run on the environments without notary support.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-05-05 12:45:16 +03:00
Leonard Lyubich
56b3e35779 [#480] ir: Do not sync alphabet keys in sidechain-only configuration
Alphabet nodes synchronize list of alphabet keys from main chain
`NeoFSAlphabet` role once per epoch. This can lead to a wrong behavior in
single chain deployment (`without_mainnet` config parameter). Alphabet node
in single chain environment will try to get NeoFSAlphabet role from main
chain client, but it'll get result from side chain instead. Side chain
stores list of all inner ring nodes in this role. Therefore it is possible
that alphabet nodes will try to appoint inner ring nodes as alphabet nodes,
which is not correct.

Fix incorrect behavior with disabling of synchronization of alphabet keys in
sidechain-only mode.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-05-04 14:50:18 +03:00
Evgenii Stratonikov
5b85519f20 [#457] innerring: wait until notary tx persists on chain
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-04-27 16:57:29 +03:00
Alex Vanin
376bb293b4 [#479] morph/timer: Move block timer to morph package
Block timer is going to be reused in storage node to tick
EigenTrust calculation rounds.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-19 09:35:54 +03:00
Alex Vanin
13149e794f [#478] innerring: Fix set config method name
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-15 17:53:08 +03:00
Alex Vanin
dc0bd782d2 [#478] innerring: Use dynamic epoch duration in epoch timer
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-15 17:53:08 +03:00
Alex Vanin
c33512d976 [#478] morph/client: Add more global config value getters
Including:
- typo fix for `BasicIncomeRate` method
- epoch duration getter,
- container fee getter,
- EigenTrust iterations getter.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-15 17:53:08 +03:00
Alex Vanin
0f01a69fd3 [#465] processor/neofs: Don't modify tx details
Mint, Burn and Cheque details should contain hash of
main net tx of Deposit and Withdraw invocation. They will
be formatted inside the contracts so alphabet nodes must
not modify them.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
3e9c578e62 [#465] settlement: Use unified details format for all asset transfers
Unified format uses transfer type as the first byte
and extra details next. List of transfer types used in
contracts defined in `details.go`. It includes:
- audit settlement,
- basic income collection,
- basic income distribution.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
1d68e74636 [#465] innerring: Add audit fee fetcher to settlement processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
0816f7b63b [#465] settlement/audit: Transfer audit fee to inner ring nodes
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-08 17:01:00 +03:00
Alex Vanin
27cf6f5112 [#452] Use API structures for reputation PeerID and GlobalTrust
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-06 10:35:20 +03:00
Alex Vanin
b18da34b55 [#452] innerring: Use reputation processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-06 10:35:20 +03:00
Alex Vanin
09e4479d44 [#452] innerring: Add reputation processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-06 10:35:20 +03:00
Alex Vanin
3aae60d517 [#454] innerring: Increase duration of notary deposit
Extra blocks for notary deposit must not be less than extra blocks
at notary tx rounding.

Consider you make notary deposit every 1000 block for next
1100 blocks. At block 555 you made notary deposit up to 1655.

At block 1554 you want to send notary tx. Notary client uses rounding
to calculate `until` value. By default notary client rounds with up
to 150 block ahead, thus for tx at 1554 `until` will be 1700.

1700 is bigger than deposit limit at 1655 and tx will fail. However
if extra blocks for notary deposit will be 200, then this case
won't be possible.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-04-02 11:26:37 +03:00
Alex Vanin
3fe5962e92 [#447] innerring: Use governance processor in inner ring
Network map processors creates sync event once per epoch.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
d0d1731af7 [#447] innerring: Define governance processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
3965cc2296 [#447] innerring: Use alias type for slice of public keys
Alias type provide sort function so it is better to use it
everywhere where list of public keys is presented.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
34f25adc8c [#447] invoke: Add alphabet update method
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
999ad5e1c0 [#447] innerring: Do not handle or call InnerRingUpdate method
This method has been removed from netmap contract. Corresponding
event from neofs contract renamed to AlphabetUpdate and should not
be processed, because alphabet updated from `RoleManagement`
contract.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 12:38:42 +03:00
Alex Vanin
1d1fc04ac9 [#446] innerring: Use less mutex locks in indexer
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
e05f1e1394 [#446] innerring: Use alphabet state in processors
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
1332db883e [#446] innerring: Add alphabet index getter in global state
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
cd21641dfc [#446] innerring: Rename server.Index to server.InnerRingIndex
With different indexes for inner ring list and alphabet list this
is the better naming.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
80bfd08a47 [#446] innerring: Use indexer to get relevant inner ring size and index
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
f9304fb2cb [#446] innerring: Remove inner ring list method
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 11:53:10 +03:00
Alex Vanin
58119e6065 [#421] governance: Don't construct alphabet list with empty sidechain
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 10:16:48 +03:00
Alex Vanin
f4e39678f1 [#421] governance: Add list update functions for inner ring
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 10:16:48 +03:00
Alex Vanin
6339a115dc [#421] governance: Add new alphabet list constructor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-26 10:16:48 +03:00
Leonard Lyubich
106884fc40 [#428] client: Hide client cache behind interface in dependent packages
Replace usage of `cache.ClientCache` type with interface with similar
signature. This will further allow overloading clients without affecting the
logic of dependent packages.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-03-24 10:11:52 +03:00
Pavel Karpy
b9892edd6e [#416] innerring: Add gas threshold
On the `Deposit` events add gas balance check.
Make transfer only if the balance is greater
than the `GasTransferThreshold` that is defined
with environmental variable.

Signed-off-by: Pavel Karpy <carpawell@nspcc.ru>
2021-03-19 13:57:58 +03:00
Leonard Lyubich
383d2494eb [#425] Adapt the Client's refactoring to the interface
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-03-17 15:00:37 +03:00
Evgenii Stratonikov
364945a955 [#422] pkg/innerring: fix typo in config parameter name
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-03-15 14:07:53 +03:00
Evgenii Stratonikov
6679d59e89 [#422] pkg/services: Provide client options on cache creation
Because options are not used when client is already in cache
providing them to shared cache is misleading at best.
In the worst case `dial_timeout` is set randomly (because of race
condition) which can lead to one service having `dial_timeout` of
another. Thus we set default client creation options when cache is
created.

Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-03-15 14:07:53 +03:00
Evgenii Stratonikov
cc7287d6f7 [#422] pkg/services: Cache clients by address only
Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2021-03-15 14:07:53 +03:00
Alex Vanin
8c3864e6d6 [#404] innerring: Wait for deposit in initialization
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-04 12:39:15 +03:00
Alex Vanin
4b10e82685 [#404] innerring: Use notary invocations in inner ring
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-04 12:39:15 +03:00
Alex Vanin
71dce97b76 [#404] innerring: Make notary deposit periodically
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-04 12:39:15 +03:00
Alex Vanin
ccaf4f5d55 [#404] innerring: Enable notary support in morph client
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-04 12:39:15 +03:00
Alex Vanin
948823c392 [#404] innerring: Get GAS script hash from neo-go client
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-03-04 12:39:15 +03:00
Leonard Lyubich
bcfd33d9fb [#397] ir: Make UN-LOCODE attribute of the network map candidate optional
Previously UN-LOCODE attribute was required for each network map candidate.
In the absence of this attribute, the candidate was not allowed into the
network map. After revising the requirements for candidates, it was decided
not to require the mandatory installation of the attribute by candidates.

From now inner ring does not modify location attributes of the network map
candidate in the absence of UN-LOCODE attribute and does not block entry
into the network map for this criterion.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-25 14:36:11 +03:00
Leonard Lyubich
53b4d6d6d0 [#396] ir: Support working with sidechain only
NeoFS contract can be deployed in sidechain instead of main chain.

Add `without_mainnet` config flag that can switch IR node to work with
sidechain only. By default this flag is unset.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-24 19:17:35 +03:00
Leonard Lyubich
0bca98975a [#392] ir/alphabet: Rename constant corresponding to I/izhei letter
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-24 19:16:52 +03:00
Leonard Lyubich
72935d0a80 [#392] ir: Upgrade to a dynamic number of alphabetical contracts
In previous implementation IR worked with exactly 7 alphabetic contracts
only. Actually number of contracts is limited to only the Glagolitic
alphabet.

Make IR to work with any valid number of alphabetic contracts. Change parser
of alphabetic contract addresses to read amount of processing contracts
before performance. Make Alphabet processor to use interface of the
alphabetic contract group. Use `alphabetContracts` type in IR `Server`.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-24 19:16:52 +03:00
Leonard Lyubich
1016ba3a5d [#392] ir: Implement type for group of alphabet contracts
Define `alphabetContracts` type that map glagolic letters to smart contract
addresses. Implement constructor and all methods which are going to be used
in IR processing.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-24 19:16:52 +03:00
Leonard Lyubich
3430a6d101 [#392] ir: Define Glagolitsa alphabet type
Define `glagolicLetter` enumeration of the Glagolitsa alphabet letters.
Implement `configString` method that returns config-compatible string format
of the letters.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-24 19:16:52 +03:00
Leonard Lyubich
397c3b6757 [#392] ir: Remove bitsize from IR indices
There is no need to specify that IR indices are 32 bits in size.

Change return types of `Indexer` interface methods in audit and alphabet
packages. Support interface changes in `Server` implementation.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-24 19:16:52 +03:00
Alex Vanin
bd420b6002 [#373] innerring: Listen sidechain blocks for internal timer
Updated neo-go fixed bug in listener, so we can use sidechain
for block timer as it planned.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-11 17:31:56 +03:00
Alex Vanin
0bb3836e84 [#383] innerring: Sort node info attributes
All node info attribute transformations can't guarantee
the order of attributes. However it should be consistent
otherwise smart-contract won't be able to collect signatures
and approve transaction.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-11 14:11:43 +03:00
Alex Vanin
058ab0e533 [#383] innerring: Marshal node info back after validation
Node info validator may change node attributes, e.g. update
it with human-readable location attributes based on LOCODE.
So inner ring node should provide new node info binary to
smart contract.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-11 14:11:43 +03:00
Leonard Lyubich
a737a46988 [#362] ir/netmap: Use const keys to node attributes from the API lib
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-11 14:01:35 +03:00
Leonard Lyubich
34248b00ed [#362] ir/netmap: Do not add LocationCode attribute to netmap candidate
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-11 14:01:35 +03:00
Leonard Lyubich
19681693f7 [#316] ir/netmap: Rename City node attributes
Rename `City`/`CityCode` attribute keys to `Location`/`LocationCode`
respectively.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Leonard Lyubich
9a425924cf [#316] locode/boltdb: Replace all references to the City with Location
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Leonard Lyubich
0a87fec6c6 [#316] ir/netmap: Rename LOCODE attribute key
Rename key to LOCODE node attribute from `Locode` to `UN-LOCODE`.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Leonard Lyubich
46d60f3d52 [#316] ir/locode: Open LOCODE database in read-only mode
Inner ring Server does not modify LOCODE database (Put method), thus it is
better to open it in RO mode.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Leonard Lyubich
97264acb26 [#316] ir: Use LOCODE validator as NodeValidator in Netmap processor
Implement DB interface required by LOCODE validator on new wrapper over the
LOCODE Bolt DB (Record on new wrapper over LOCODE Bolt DB entries).
Construct LOCODE validator and pass it to Netmap processor's constructor as
NodeValidator parameter.

Thus, candidates for a network map must set LOCODE attribute for which there
is an entry in the NeoFS location database.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Leonard Lyubich
ff814aec26 [#316] ir: Add before-start and after-stop function to Server
Keep list of functions which are called first when the server starts (method
Server.Start). If any of the starters returns an error, the server will not
start. Such starters will mainly be used for resources that need to be
initialized after a successful server construction, but before its main work
(e.g. local files).

Keep list of functions which are called when the server stops (Server.Stop
method). Such closers will mainly be used for resources that need to be
released after server shutdown (e.g. initialized by starters).

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Leonard Lyubich
db703a5117 [#316] ir/netmap: Validate LOCODE attributes of network map candidates
Define a structure for dealing with the geographic location of nodes.
Implement VerifyAndUpdate (with the same purpose as NodeValidator interface)
that checks LOCODE attribute and fills other attributes of the location.
Technically the entity is a wrapper over the NeoFS location database: it
maps the node LOCODE to the database record from which the new attributes
are generated.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Leonard Lyubich
cbfaceb956 [#316] ir/netmap: Validate network map candidates in Netmap processor
Define NodeValidator interface of the entity that checks and finalizes
NodeInfo structure. Add NodeValidator to Netmap processor. Pass NodeInfo
structures of network map candidates to NodeValidator in order to verify it
and prepare to final state required by network.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-02-10 14:05:03 +03:00
Alex Vanin
3775d61ccb [#365] settlement/basic: Use big.Int constructor for unification
Check if `new(big.Int)` will be efficient later and replace
all `big.NewInt()` in code or leave it as it is.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-03 15:17:58 +03:00
Alex Vanin
6a9a2b5d04 [#365] settlement/basic: Remove TxTable from context
TxTable used twice in context to transfer assets to
and from banking account. There is no need to store
instance of table persistently.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-03 15:17:58 +03:00
Alex Vanin
fd461bdb65 [#365] innerring: Produce distribute income events
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-03 15:17:58 +03:00
Alex Vanin
d77d49bd2a [#365] Provide distribute income event in settlement processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-03 15:17:58 +03:00
Alex Vanin
8e741a277d [#365] settlement/basic: Implement asset distribution
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-03 15:17:58 +03:00
Alex Vanin
4433448645 [#365] settlement/basic: Check amount of collected assets
Some transfers from container owners into bank account may
fail due to lack of assets, so we have to deal with remaining
amount of assets in banking account.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-03 15:17:58 +03:00
Alex Vanin
487c9b7589 [#363] Define global config and use it to fetch basic income rate
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-02 21:07:00 +03:00
Alex Vanin
be2ed6bf4c [#360] Run basic income collection in inner ring
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-02 21:07:00 +03:00
Alex Vanin
8c4bf81351 [#360] Use basic implement context in settlement processor
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-02 21:07:00 +03:00
Alex Vanin
a624bb881d [#360] Implement basic settlement context
Basic settlement context is a main structure that
implement logic of basic settlement phases: collecting
assets from container owners and then distributing them
to storage nodes.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-02 21:07:00 +03:00
Alex Vanin
f45675b7a2 [#360] Share common parts of basic and audit settlements
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-02-02 21:07:00 +03:00
Alex Vanin
5b550bff22 [#355] innerring: Produce container size estimation notifications
There are two notifications:
- start estimation notification produced at the beginning of the
  epoch,
- stop estimation notifications should be produced before
  basic audit settlement starts.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-29 11:23:37 +03:00
Alex Vanin
6848a816f9 [#355] innerring: Refactor block timer constructors
This small refactoring adds `blocktimer.go` file with
all timer related function and constructors. This way
we can create all timers in one place (at the end of
innerring.Server constructor).

To do that we had to move timer reset into global
server state so it can be accessed by netmap
processor.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-29 11:23:37 +03:00
Alex Vanin
402192c8c4 [#355] innerring: Add fee to NoFee wrappers
There is no point of making separate `Fee` and `NoFee`
wrappers because all reading operations are free disregarding
of fee value in static client. However we can use these same
wrappers so send transaction.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-29 11:23:37 +03:00
Alex Vanin
244bcc5c04 [#357] Fix linter issues
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
819300f939 [#326] ir: Add debug message about transfer for audit transaction
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
d4bd726c25 [#326] ir: Make netmap processor to generate audit settlement events
Pass handler of audit settlement event to netmap event processor. Generate
AuditEvent in during new epoch processing.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
4204a9f920 [#326] ir: Implement settlement processor
Define a processor of events related to monetary transactions. Define
audit-related event. Provide an interface for processing the audit payout
event.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
aaeb13f7df [#326] ir: Change construction of Balance contact client
Use client with extraFee instead of readOnlyFee. Rename
NewNoFeeBalanceClient to NewBalanceClient since no-fee client is no longer
used.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
a6785c1585 [#326] ir/timers: Remove println from unit test
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
a6a5a84f36 [#326] settlement/audit: Prevent negative amount arguments of Exchanger
Do not pass zero transfers from the calculation table to Exchanger. Revert
transfers with negative amount since Exchanger interface requires positive
amounts of funds.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
2bca5879cd [#326] ir/settlement: Move the calculation of the minimum audit fee
Move control of the minimum cost of payment for the audit from the
implementation of the Exchanger to the place where the amount is calculated.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
87c2c3ecc6 [#326] ir: Calculate audit settlements on new epoch
Calculate payments to storage nodes for the passed audit when changing the
epoch. The calculation results are wrapped in a call to the Balance contract
(one transaction per user-to-user transfer).

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
685b593af3 [#326] ir/settlement: Implement calculator of settlements for audit
Implement component that analyzes audit results and generates transactions
for payment of awards for successfully passed audit. When calculating the
total fee, the declared price of the node (attribute) and the total volume
of storage groups, which were successfully audited by the container, are
taken into account. In one call the calculator processes all audit results
for the previous epoch (relative to the calculated parameter).

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
f7a9e43165 [#356] ir/blocktimer: Fix reset behavior
In previous implementation handler was not called more the one time after
Reset. It was caused by tick counter not being reset inside Reset method.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
998a097767 [#324] ir: Listen new blocks from main chain
Listen to new blocks from mainnet until the required fix in neo-go lib is
released (https://github.com/nspcc-dev/neo-go/pull/1687).

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
abc7885056 [#324] ir: Register block handler before starting the listening routine
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
96f750d9c8 [#324] ir/alphabet: Write error of TransferGas call to log
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
a6517bc877 [#324] ir/netmap: Do not return on block timer restart error
Continue execution of the new epoch handler in case of a failed timer
restart.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
ca41810859 [#324] ir: Change level of "new block" log message to debug
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
d01b4e1a2d [#324] ir: Measure GAS emission intervals in sidechain blocks
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
19bb94cc04 [#324] ir: Measure epochs in sidechain blocks
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
b5dc28f79c [#324] ir/timers: Complicate the logic of fractional block intervals
Call handler of the fractional block interval once between base interval
ticks by default. Add option to call handler of fractional block interval
multiple times (N times if fractional interval == BASE_INTERVAL / N).

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Leonard Lyubich
476349dd1c [#324] ir/timers: Implement chain block timer
Implement a timer that can tick chain blocks and perform actions at time
intervals in the blocks.

Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2021-01-29 11:04:30 +03:00
Alex Vanin
5d7451d388 [#349] innerring/audit: Use pivot in container placement
Pivot used to shuffle nodes in the CRUSH tree. This is
required argument. We use container ID value to select
container nodes, so `nil` value produces incorrect placements.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-27 11:18:36 +03:00
Alex Vanin
0745267411 [#47] innerring: Increase minimal extra fee on contract invocations
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-20 16:36:10 +03:00
Alex Vanin
8865252daf [#325] innerring: Fix storage node re-bootstrap approval
Netmap snapshot table caches bootstrap `AddPeer` txs so inner ring
node does not produce redundant approval txs for bootstrapped nodes.
However if node updates states to `Offline`, then such node should
be flagged in snapshot table, so re-bootstrap will actually produce
approval tx.

`ev.PublicKey.String()` returns uncompressed representation of the
node's public key, while snapshot contains compressed values.
Therefore the node was not flagged and re-bootstrap tx was not
approved by inner ring nodes.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-18 18:54:07 +03:00
Alex Vanin
b62b19cb5a [#302] Fix goimports linter errors
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-12 18:47:02 +03:00
Alex Vanin
3bbd0bc95c [#300] innerring: Fix status value in update peer state invocation
We can't use enum values from SDK library directly, they can be
different from API specification. Therefore we need to convert them
into protocol level format.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2021-01-11 16:40:25 +03:00
Leonard Lyubich
9a86fff7e0 [#291] Remove some unused code from repository
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-12-30 10:27:53 +03:00
Alex Vanin
7174abcc7c [#281] service/audit: Fix typos
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-12-25 16:49:27 +03:00
Alex Vanin
77cf97c236 [#281] innerring: Create audit context once for one audit round
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-12-25 16:49:27 +03:00
Alex Vanin
0d7832f5e9 [#281] service/audit: Add separate pool for SG checks in PoR
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-12-25 16:49:27 +03:00
Alex Vanin
10b548275a [#276] innerring: Use Head with TTL in PoR
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-12-25 16:49:27 +03:00
Alex Vanin
f9e81383ae [#259] innerring: Use blocking pools for audit
Audit task manager should not discard tasks if all workers are
busy, therefore pools should not be non-blocking.

Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-12-25 16:49:27 +03:00
Leonard Lyubich
3ec342b2c3 [#259] services/audit: Implement PDP check
Signed-off-by: Leonard Lyubich <leonard@nspcc.ru>
2020-12-25 16:49:27 +03:00
Alex Vanin
310a4c3e4d [#275] innerring: Add storage group search timeout
Signed-off-by: Alex Vanin <alexey@nspcc.ru>
2020-12-25 16:49:27 +03:00