coordinator/tributary/src/tests/blockchain.rs

use zeroize::Zeroizing;
use rand::{RngCore, rngs::OsRng};

use blake2::{Digest, Blake2s256};

use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto};

use crate::{
  merkle, Transaction, ProvidedTransactions, Block, Blockchain,
  tests::{ProvidedTransaction, SignedTransaction, random_provided_transaction},
};

fn new_genesis() -> [u8; 32] {
  let mut genesis = [0; 32];
  OsRng.fill_bytes(&mut genesis);
  genesis
}

fn new_blockchain<T: Transaction>(
  genesis: [u8; 32],
  participants: &[<Ristretto as Ciphersuite>::G],
) -> Blockchain<T> {
  let blockchain = Blockchain::new(genesis, participants);
  assert_eq!(blockchain.tip(), genesis);
  assert_eq!(blockchain.block_number(), 0);
  blockchain
}

#[test]
fn block_addition() {
  let genesis = new_genesis();
  let mut blockchain = new_blockchain::<SignedTransaction>(genesis, &[]);
  let block = blockchain.build_block();
  assert_eq!(block.header.parent, genesis);
  assert_eq!(block.header.transactions, [0; 32]);
  blockchain.verify_block(&block).unwrap();
  assert!(blockchain.add_block(&block).is_ok());
  assert_eq!(blockchain.tip(), block.hash());
  assert_eq!(blockchain.block_number(), 1);
}

#[test]
fn invalid_block() {
  let genesis = new_genesis();
  let mut blockchain = new_blockchain::<SignedTransaction>(genesis, &[]);

  let block = blockchain.build_block();

  // Mutate parent
  {
    #[allow(clippy::redundant_clone)] // False positive
    let mut block = block.clone();
    block.header.parent = Blake2s256::digest(block.header.parent).into();
    assert!(blockchain.verify_block(&block).is_err());
  }

  // Mutate tranactions merkle
  {
    let mut block = block;
    block.header.transactions = Blake2s256::digest(block.header.transactions).into();
    assert!(blockchain.verify_block(&block).is_err());
  }

  let key = Zeroizing::new(<Ristretto as Ciphersuite>::F::random(&mut OsRng));
  let tx = crate::tests::signed_transaction(&mut OsRng, genesis, &key, 0);

  // Not a participant
  {
    // Manually create the block to bypass build_block's checks
    let block = Block::new(blockchain.tip(), vec![], vec![tx.clone()]);
    assert_eq!(block.header.transactions, merkle(&[tx.hash()]));
    assert!(blockchain.verify_block(&block).is_err());
  }

  // Run the rest of the tests with them as a participant
  let blockchain = new_blockchain(genesis, &[tx.1.signer]);

  // Re-run the not a participant block to make sure it now works
  {
    let block = Block::new(blockchain.tip(), vec![], vec![tx.clone()]);
    assert_eq!(block.header.transactions, merkle(&[tx.hash()]));
    blockchain.verify_block(&block).unwrap();
  }

  {
    // Add a valid transaction
    let mut blockchain = blockchain.clone();
    assert!(blockchain.add_transaction(true, tx.clone()));
    let mut block = blockchain.build_block();
    assert_eq!(block.header.transactions, merkle(&[tx.hash()]));
    blockchain.verify_block(&block).unwrap();

    // And verify mutating the transactions merkle now causes a failure
    block.header.transactions = merkle(&[]);
    assert!(blockchain.verify_block(&block).is_err());
  }

  {
    // Invalid nonce
    let tx = crate::tests::signed_transaction(&mut OsRng, genesis, &key, 5);
    // Manually create the block to bypass build_block's checks
    let block = Block::new(blockchain.tip(), vec![], vec![tx]);
    assert!(blockchain.verify_block(&block).is_err());
  }

  {
    // Invalid signature
    let mut blockchain = blockchain;
    assert!(blockchain.add_transaction(true, tx));
    let mut block = blockchain.build_block();
    blockchain.verify_block(&block).unwrap();
    block.transactions[0].1.signature.s += <Ristretto as Ciphersuite>::F::ONE;
    assert!(blockchain.verify_block(&block).is_err());

    // Make sure this isn't because the merkle changed due to the transaction hash including the
    // signature (which it explicitly isn't allowed to anyways)
    assert_eq!(block.header.transactions, merkle(&[block.transactions[0].hash()]));
  }
}

#[test]
fn signed_transaction() {
  let genesis = new_genesis();

  let key = Zeroizing::new(<Ristretto as Ciphersuite>::F::random(&mut OsRng));
  let tx = crate::tests::signed_transaction(&mut OsRng, genesis, &key, 0);
  let signer = tx.1.signer;

  let mut blockchain = new_blockchain::<SignedTransaction>(genesis, &[signer]);
  assert_eq!(blockchain.next_nonce(signer), Some(0));

  let test = |blockchain: &mut Blockchain<SignedTransaction>, mempool: Vec<SignedTransaction>| {
    let tip = blockchain.tip();
    for tx in mempool.clone() {
      let next_nonce = blockchain.next_nonce(signer).unwrap();
      assert!(blockchain.add_transaction(true, tx));
      assert_eq!(next_nonce + 1, blockchain.next_nonce(signer).unwrap());
    }
    let block = blockchain.build_block();
    assert_eq!(block, Block::new(blockchain.tip(), vec![], mempool.clone()));
    assert_eq!(blockchain.tip(), tip);
    assert_eq!(block.header.parent, tip);

    // Make sure all transactions were included
    assert_eq!(block.transactions, mempool);
    // Make sure the merkle was correct
    assert_eq!(
      block.header.transactions,
      merkle(&mempool.iter().map(Transaction::hash).collect::<Vec<_>>())
    );

    // Verify and add the block
    blockchain.verify_block(&block).unwrap();
    assert!(blockchain.add_block(&block).is_ok());
    assert_eq!(blockchain.tip(), block.hash());
  };

  // Test with a single nonce
  test(&mut blockchain, vec![tx]);
  assert_eq!(blockchain.next_nonce(signer), Some(1));

  // Test with a flood of nonces
  let mut mempool = vec![];
  for nonce in 1 .. 64 {
    mempool.push(crate::tests::signed_transaction(&mut OsRng, genesis, &key, nonce));
  }
  test(&mut blockchain, mempool);
  assert_eq!(blockchain.next_nonce(signer), Some(64));
}

#[test]
fn provided_transaction() {
  let mut blockchain = new_blockchain::<ProvidedTransaction>(new_genesis(), &[]);

  let tx = random_provided_transaction(&mut OsRng);

  // This should be provideable
  let mut txs = ProvidedTransactions::new();
  txs.provide(tx.clone());
  txs.complete(tx.hash());

  // Non-provided transactions should fail verification
  let block = Block::new(blockchain.tip(), vec![tx.clone()], vec![]);
  assert!(blockchain.verify_block(&block).is_err());

  // Provided transactions should pass verification
  blockchain.provide_transaction(tx.clone());
  blockchain.verify_block(&block).unwrap();

  // add_block should work for verified blocks
  assert!(blockchain.add_block(&block).is_ok());

  let block = Block::new(blockchain.tip(), vec![tx], vec![]);
  // The provided transaction should no longer considered provided, causing this error
  assert!(blockchain.verify_block(&block).is_err());
  // add_block should fail for unverified provided transactions if told to add them
  assert!(blockchain.add_block(&block).is_err());
}
Test the blockchain 2023-04-12 11:13:48 -04:00			`use zeroize::Zeroizing;`
Finish binding Tendermint into Tributary and define a Tributary master object 2023-04-13 18:43:03 -04:00			`use rand::{RngCore, rngs::OsRng};`
Test the blockchain 2023-04-12 11:13:48 -04:00
			`use blake2::{Digest, Blake2s256};`

			`use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto};`

			`use crate::{`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`merkle, Transaction, ProvidedTransactions, Block, Blockchain,`
Test the blockchain 2023-04-12 11:13:48 -04:00			`tests::{ProvidedTransaction, SignedTransaction, random_provided_transaction},`
			`};`

Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`fn new_genesis() -> [u8; 32] {`
Test the blockchain 2023-04-12 11:13:48 -04:00			`let mut genesis = [0; 32];`
			`OsRng.fill_bytes(&mut genesis);`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`genesis`
			`}`
Test the blockchain 2023-04-12 11:13:48 -04:00
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`fn new_blockchain<T: Transaction>(`
			`genesis: [u8; 32],`
			`participants: &[<Ristretto as Ciphersuite>::G],`
			`) -> Blockchain<T> {`
			`let blockchain = Blockchain::new(genesis, participants);`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert_eq!(blockchain.tip(), genesis);`
Finish binding Tendermint into Tributary and define a Tributary master object 2023-04-13 18:43:03 -04:00			`assert_eq!(blockchain.block_number(), 0);`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`blockchain`
Test the blockchain 2023-04-12 11:13:48 -04:00			`}`

			`#[test]`
			`fn block_addition() {`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`let genesis = new_genesis();`
			`let mut blockchain = new_blockchain::<SignedTransaction>(genesis, &[]);`
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let block = blockchain.build_block();`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert_eq!(block.header.parent, genesis);`
			`assert_eq!(block.header.transactions, [0; 32]);`
			`blockchain.verify_block(&block).unwrap();`
Finish binding Tendermint, bar the P2P layer 2023-04-12 18:04:28 -04:00			`assert!(blockchain.add_block(&block).is_ok());`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert_eq!(blockchain.tip(), block.hash());`
Finish binding Tendermint into Tributary and define a Tributary master object 2023-04-13 18:43:03 -04:00			`assert_eq!(blockchain.block_number(), 1);`
Test the blockchain 2023-04-12 11:13:48 -04:00			`}`

			`#[test]`
			`fn invalid_block() {`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`let genesis = new_genesis();`
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let mut blockchain = new_blockchain::<SignedTransaction>(genesis, &[]);`
Test the blockchain 2023-04-12 11:13:48 -04:00
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let block = blockchain.build_block();`
Test the blockchain 2023-04-12 11:13:48 -04:00
			`// Mutate parent`
			`{`
			`#[allow(clippy::redundant_clone)] // False positive`
			`let mut block = block.clone();`
			`block.header.parent = Blake2s256::digest(block.header.parent).into();`
			`assert!(blockchain.verify_block(&block).is_err());`
			`}`

			`// Mutate tranactions merkle`
			`{`
			`let mut block = block;`
			`block.header.transactions = Blake2s256::digest(block.header.transactions).into();`
			`assert!(blockchain.verify_block(&block).is_err());`
			`}`

			`let key = Zeroizing::new(<Ristretto as Ciphersuite>::F::random(&mut OsRng));`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`let tx = crate::tests::signed_transaction(&mut OsRng, genesis, &key, 0);`

			`// Not a participant`
			`{`
			`// Manually create the block to bypass build_block's checks`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`let block = Block::new(blockchain.tip(), vec![], vec![tx.clone()]);`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`assert_eq!(block.header.transactions, merkle(&[tx.hash()]));`
			`assert!(blockchain.verify_block(&block).is_err());`
			`}`

			`// Run the rest of the tests with them as a participant`
			`let blockchain = new_blockchain(genesis, &[tx.1.signer]);`

			`// Re-run the not a participant block to make sure it now works`
			`{`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`let block = Block::new(blockchain.tip(), vec![], vec![tx.clone()]);`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`assert_eq!(block.header.transactions, merkle(&[tx.hash()]));`
			`blockchain.verify_block(&block).unwrap();`
			`}`
Test the blockchain 2023-04-12 11:13:48 -04:00
			`{`
			`// Add a valid transaction`
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let mut blockchain = blockchain.clone();`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`assert!(blockchain.add_transaction(true, tx.clone()));`
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let mut block = blockchain.build_block();`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert_eq!(block.header.transactions, merkle(&[tx.hash()]));`
			`blockchain.verify_block(&block).unwrap();`

			`// And verify mutating the transactions merkle now causes a failure`
			`block.header.transactions = merkle(&[]);`
			`assert!(blockchain.verify_block(&block).is_err());`
			`}`

			`{`
			`// Invalid nonce`
			`let tx = crate::tests::signed_transaction(&mut OsRng, genesis, &key, 5);`
			`// Manually create the block to bypass build_block's checks`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`let block = Block::new(blockchain.tip(), vec![], vec![tx]);`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert!(blockchain.verify_block(&block).is_err());`
			`}`

			`{`
			`// Invalid signature`
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let mut blockchain = blockchain;`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`assert!(blockchain.add_transaction(true, tx));`
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let mut block = blockchain.build_block();`
Test the blockchain 2023-04-12 11:13:48 -04:00			`blockchain.verify_block(&block).unwrap();`
			`block.transactions[0].1.signature.s += <Ristretto as Ciphersuite>::F::ONE;`
			`assert!(blockchain.verify_block(&block).is_err());`

			`// Make sure this isn't because the merkle changed due to the transaction hash including the`
			`// signature (which it explicitly isn't allowed to anyways)`
			`assert_eq!(block.header.transactions, merkle(&[block.transactions[0].hash()]));`
			`}`
			`}`

			`#[test]`
			`fn signed_transaction() {`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`let genesis = new_genesis();`

Test the blockchain 2023-04-12 11:13:48 -04:00			`let key = Zeroizing::new(<Ristretto as Ciphersuite>::F::random(&mut OsRng));`
			`let tx = crate::tests::signed_transaction(&mut OsRng, genesis, &key, 0);`
			`let signer = tx.1.signer;`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00
			`let mut blockchain = new_blockchain::<SignedTransaction>(genesis, &[signer]);`
			`assert_eq!(blockchain.next_nonce(signer), Some(0));`
Test the blockchain 2023-04-12 11:13:48 -04:00
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`let test = \|blockchain: &mut Blockchain<SignedTransaction>, mempool: Vec<SignedTransaction>\| {`
Test the blockchain 2023-04-12 11:13:48 -04:00			`let tip = blockchain.tip();`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`for tx in mempool.clone() {`
			`let next_nonce = blockchain.next_nonce(signer).unwrap();`
			`assert!(blockchain.add_transaction(true, tx));`
			`assert_eq!(next_nonce + 1, blockchain.next_nonce(signer).unwrap());`
			`}`
Embed the mempool into the Blockchain 2023-04-13 09:47:14 -04:00			`let block = blockchain.build_block();`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`assert_eq!(block, Block::new(blockchain.tip(), vec![], mempool.clone()));`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert_eq!(blockchain.tip(), tip);`
			`assert_eq!(block.header.parent, tip);`

			`// Make sure all transactions were included`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`assert_eq!(block.transactions, mempool);`
Test the blockchain 2023-04-12 11:13:48 -04:00			`// Make sure the merkle was correct`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`assert_eq!(`
			`block.header.transactions,`
			`merkle(&mempool.iter().map(Transaction::hash).collect::<Vec<_>>())`
			`);`
Test the blockchain 2023-04-12 11:13:48 -04:00
			`// Verify and add the block`
			`blockchain.verify_block(&block).unwrap();`
Finish binding Tendermint, bar the P2P layer 2023-04-12 18:04:28 -04:00			`assert!(blockchain.add_block(&block).is_ok());`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert_eq!(blockchain.tip(), block.hash());`
			`};`

			`// Test with a single nonce`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`test(&mut blockchain, vec![tx]);`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`assert_eq!(blockchain.next_nonce(signer), Some(1));`
Test the blockchain 2023-04-12 11:13:48 -04:00
			`// Test with a flood of nonces`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`let mut mempool = vec![];`
			`for nonce in 1 .. 64 {`
			`mempool.push(crate::tests::signed_transaction(&mut OsRng, genesis, &key, nonce));`
Test the blockchain 2023-04-12 11:13:48 -04:00			`}`
			`test(&mut blockchain, mempool);`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`assert_eq!(blockchain.next_nonce(signer), Some(64));`
Test the blockchain 2023-04-12 11:13:48 -04:00			`}`

			`#[test]`
			`fn provided_transaction() {`
Only allow designated participants to send transactions 2023-04-12 12:42:23 -04:00			`let mut blockchain = new_blockchain::<ProvidedTransaction>(new_genesis(), &[]);`
Test the blockchain 2023-04-12 11:13:48 -04:00
			`let tx = random_provided_transaction(&mut OsRng);`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00
			`// This should be provideable`
Test the blockchain 2023-04-12 11:13:48 -04:00			`let mut txs = ProvidedTransactions::new();`
			`txs.provide(tx.clone());`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`txs.complete(tx.hash());`

Test the blockchain 2023-04-12 11:13:48 -04:00			`// Non-provided transactions should fail verification`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`let block = Block::new(blockchain.tip(), vec![tx.clone()], vec![]);`
Test the blockchain 2023-04-12 11:13:48 -04:00			`assert!(blockchain.verify_block(&block).is_err());`

			`// Provided transactions should pass verification`
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`blockchain.provide_transaction(tx.clone());`
Test the blockchain 2023-04-12 11:13:48 -04:00			`blockchain.verify_block(&block).unwrap();`

			`// add_block should work for verified blocks`
Finish binding Tendermint, bar the P2P layer 2023-04-12 18:04:28 -04:00			`assert!(blockchain.add_block(&block).is_ok());`
Test the blockchain 2023-04-12 11:13:48 -04:00
Add DoS limits to tributary and require provided transactions be ordered 2023-04-13 20:35:55 -04:00			`let block = Block::new(blockchain.tip(), vec![tx], vec![]);`
Test the blockchain 2023-04-12 11:13:48 -04:00			`// The provided transaction should no longer considered provided, causing this error`
			`assert!(blockchain.verify_block(&block).is_err());`
Don't add blocks which aren't valid Previously, Tendermint needed to be live more than it needed to be correct. Under the original intention for it, correctness would fail if any coin desynced, which would cause the node to fail entirely. By accepting a supermajority's view of state, despite its own, a single coin's failure would only lead to inability to participate with that single coin. Now that Tendermint is solely for Tributary, nodes should halt a coin-specific chain if their view of the chain differs. They are unable to meaningless participate regardless. This also means a supermajority of validators can no longer fake messages from other validators, allowing the Tributary chain to use uniform weights with much less impact. There is still enough impact they can't be used (ability to cause a fork), yet they should allow uniform block production (as that's solely a DoS concern). While we prior could've simply additionally checked signatures, add_block's lack of a failure case would've meant it had to panic. This would've been a DoS possible a minority-weight which affected the entire coordinator and therefore the entire validator for all coins. 2023-04-12 16:18:42 -04:00			`// add_block should fail for unverified provided transactions if told to add them`
Finish binding Tendermint, bar the P2P layer 2023-04-12 18:04:28 -04:00			`assert!(blockchain.add_block(&block).is_err());`
Test the blockchain 2023-04-12 11:13:48 -04:00			`}`