Wallet-based, encrypted key management (#1138)

* Update hashmap hashset to stable futures * Adds panic test to hashset delay * Port remote_beacon_node to stable futures * Fix lcli merge conflicts * Non rpc stuff compiles * Remove padding * Add error enum, zeroize more things * Fix comment * protocol.rs compiles * Port websockets, timer and notifier to stable futures (#1035) * Fix lcli * Port timer to stable futures * Fix timer * Port websocket_server to stable futures * Port notifier to stable futures * Add TODOS * Port remote_beacon_node to stable futures * Partial eth2-libp2p stable future upgrade * Finished first round of fighting RPC types * Further progress towards porting eth2-libp2p adds caching to discovery * Update behaviour * Add keystore builder * Remove keystore stuff from val client * Add more tests, comments * RPC handler to stable futures * Update RPC to master libp2p * Add more comments, test vectors * Network service additions * Progress on improving JSON validation * More JSON verification * Start moving JSON into own mod * Remove old code * Add more tests, reader/writers * Tidy * Move keystore into own file * Move more logic into keystore file * Tidy * Tidy * Fix the fallback transport construction (#1102) * Allow for odd-character hex * Correct warning * Remove hashmap delay * Compiling version of eth2-libp2p * Update all crates versions * Fix conversion function and add tests (#1113) * Add more json missing field checks * Use scrypt by default * Tidy, address comments * Test path and uuid in vectors * Fix comment * Add checks for kdf params * Enforce empty kdf message * Port validator_client to stable futures (#1114) * Add PH & MS slot clock changes * Account for genesis time * Add progress on duties refactor * Add simple is_aggregator bool to val subscription * Start work on attestation_verification.rs * Add progress on ObservedAttestations * Progress with ObservedAttestations * Fix tests * Add observed attestations to the beacon chain * Add attestation observation to processing code * Add progress on attestation verification * Add first draft of ObservedAttesters * Add more tests * Add observed attesters to beacon chain * Add observers to attestation processing * Add more attestation verification * Create ObservedAggregators map * Remove commented-out code * Add observed aggregators into chain * Add progress * Finish adding features to attestation verification * Ensure beacon chain compiles * Link attn verification into chain * Integrate new attn verification in chain * Remove old attestation processing code * Start trying to fix beacon_chain tests * Split adding into pools into two functions * Add aggregation to harness * Get test harness working again * Adjust the number of aggregators for test harness * Fix edge-case in harness * Integrate new attn processing in network * Fix compile bug in validator_client * Update validator API endpoints * Fix aggreagation in test harness * Fix enum thing * Fix attestation observation bug: * Patch failing API tests * Start adding comments to attestation verification * Remove unused attestation field * Unify "is block known" logic * Update comments * Supress fork choice errors for network processing * Add todos * Tidy * Add gossip attn tests * Disallow test harness to produce old attns * Comment out in-progress tests * Partially address pruning tests * Fix failing store test * Add aggregate tests * Add comments about which spec conditions we check * Dont re-aggregate * Split apart test harness attn production * Fix compile error in network * Make progress on commented-out test * Fix skipping attestation test * Add fork choice verification tests * Tidy attn tests, remove dead code * Remove some accidentally added code * Fix clippy lint * Rename test file * Add block tests, add cheap block proposer check * Rename block testing file * Add observed_block_producers * Tidy * Switch around block signature verification * Finish block testing * Remove gossip from signature tests * First pass of self review * Fix deviation in spec * Update test spec tags * Start moving over to hashset * Finish moving observed attesters to hashmap * Move aggregation pool over to hashmap * Make fc attn borrow again * Fix rest_api compile error * Fix missing comments * Fix monster test * Uncomment increasing slots test * Address remaining comments * Remove unsafe, use cfg test * Remove cfg test flag * Fix dodgy comment * Revert "Update hashmap hashset to stable futures" This reverts commit d432378a3c. * Revert "Adds panic test to hashset delay" This reverts commit 281502396f. * Ported attestation_service * Ported duties_service * Ported fork_service * More ports * Port block_service * Minor fixes * VC compiles * Update TODOS * Borrow self where possible * Ignore aggregates that are already known. * Unify aggregator modulo logic * Fix typo in logs * Refactor validator subscription logic * Avoid reproducing selection proof * Skip HTTP call if no subscriptions * Rename DutyAndState -> DutyAndProof * Tidy logs * Print root as dbg * Fix compile errors in tests * Fix compile error in test * Re-Fix attestation and duties service * Minor fixes Co-authored-by: Paul Hauner <paul@paulhauner.com> * Expose json_keystore mod * First commits on path derivation * Progress with implementation * More progress * Passing intermediate test vectors * Tidy, add comments * Add DerivedKey structs * Move key derivation into own crate * Add zeroize structs * Return error for empty seed * Add tests * Tidy * First commits on path derivation * Progress with implementation * Move key derivation into own crate * Start defining JSON wallet * Add progress * Split out encrypt/decrypt * First commits on path derivation * Progress with implementation * More progress * Passing intermediate test vectors * Tidy, add comments * Add DerivedKey structs * Move key derivation into own crate * Add zeroize structs * Return error for empty seed * Add tests * Tidy * Add progress * Replace some password usage with slice * First commits on path derivation * Progress with implementation * More progress * Passing intermediate test vectors * Tidy, add comments * Add DerivedKey structs * Move key derivation into own crate * Add zeroize structs * Return error for empty seed * Add tests * Tidy * Add progress * Expose PlainText struct * First commits on path derivation * Progress with implementation * More progress * Passing intermediate test vectors * Tidy, add comments * Add DerivedKey structs * Move key derivation into own crate * Add zeroize structs * Return error for empty seed * Add tests * Tidy * Add builder * Expose consts, remove Password * Minor progress * Expose SALT_SIZE * First compiling version * Add test vectors * Network crate update to stable futures * Move dbg assert statement * Port account_manager to stable futures (#1121) * Port account_manager to stable futures * Run async fns in tokio environment * Port rest_api crate to stable futures (#1118) * Port rest_api lib to stable futures * Reduce tokio features * Update notifier to stable futures * Builder update * Further updates * Add mnemonic, tidy * Convert self referential async functions * Tidy * Add testing * Add first attempt at validator_dir * Present pubkey field * stable futures fixes (#1124) * Fix eth1 update functions * Fix genesis and client * Fix beacon node lib * Return appropriate runtimes from environment * Fix test rig * Refactor eth1 service update * Upgrade simulator to stable futures * Lighthouse compiles on stable futures * Add first pass of wallet manager * Progress with CLI * Remove println debugging statement * Tidy output * Tidy 600 perms * Update libp2p service, start rpc test upgrade * Add validator creation flow * Update network crate for new libp2p * Start tidying, adding comments * Update tokio::codec to futures_codec (#1128) * Further work towards RPC corrections * Correct http timeout and network service select * Add wallet mgr testing * Shift LockedWallet into own file * Add comments to fs * Start integration into VC * Use tokio runtime for libp2p * Revert "Update tokio::codec to futures_codec (#1128)" This reverts commit e57aea924a. * Upgrade RPC libp2p tests * Upgrade secio fallback test * Add lcli keypair upgrade command * Upgrade gossipsub examples * Clean up RPC protocol * Test fixes (#1133) * Correct websocket timeout and run on os thread * Fix network test * Add --secrets-dir to VC * Remove --legacy-keys from VC * Clean up PR * Correct tokio tcp move attestation service tests * Upgrade attestation service tests * Fix sim * Correct network test * Correct genesis test * Start docs * Add progress for validator generation * Tidy error messages * Test corrections * Log info when block is received * Modify logs and update attester service events * Stable futures: fixes to vc, eth1 and account manager (#1142) * Add local testnet scripts * Remove whiteblock script * Rename local testnet script * Move spawns onto handle * Fix VC panic * Initial fix to block production issue * Tidy block producer fix * Tidy further * Add local testnet clean script * Run cargo fmt * Tidy duties service * Tidy fork service * Tidy ForkService * Tidy AttestationService * Tidy notifier * Ensure await is not suppressed in eth1 * Ensure await is not suppressed in account_manager * Use .ok() instead of .unwrap_or(()) * RPC decoding test for proto * Update discv5 and eth2-libp2p deps * Run cargo fmt * Pre-build keystores for sim * Fix lcli double runtime issue (#1144) * Handle stream termination and dialing peer errors * Correct peer_info variant types * Add progress on new deposit flow * Remove unnecessary warnings * Handle subnet unsubscription removal and improve logigng * Add logs around ping * Upgrade discv5 and improve logging * Handle peer connection status for multiple connections * Improve network service logging * Add more incomplete progress * Improve logging around peer manager * Upgrade swarm poll centralise peer management * Identify clients on error * Fix `remove_peer` in sync (#1150) * remove_peer removes from all chains * Remove logs * Fix early return from loop * Improved logging, fix panic * Partially correct tests * Add deposit command * Remove old validator directory * Start adding AM tests * Stable futures: Vc sync (#1149) * Improve syncing heuristic * Add comments * Use safer method for tolerance * Fix tests * Binary testing progress * Progress with CLI tests * Use constants for flags * More account manager testing * Improve CLI tests * Move upgrade-legacy-keypairs into account man * Use rayon for VC key generation * Add comments to `validator_dir` * Add testing to validator_dir * Add fix to eth1-sim * Check errors in eth1-sim * Fix mutability issue * Ensure password file ends in .pass * Add more tests to wallet manager * Tidy deposit * Tidy account manager * Tidy account manager * Remove panic * Generate keypairs earlier in sim * Tidy eth1-sime * Try to fix eth1 sim * Address review comments * Fix typo in CLI command * Update docs * Disable eth1 sim * Remove eth1 sim completely Co-authored-by: Age Manning <Age@AgeManning.com> Co-authored-by: pawanjay176 <pawandhananjay@gmail.com>
2026-04-19 22:08:30 +00:00 · 2020-05-18 19:01:45 +10:00
parent a4b07a833c
commit c571afb8d8
55 changed files with 3761 additions and 1163 deletions
--- a/tests/simulator/Cargo.toml
+++ b/tests/simulator/Cargo.toml
@@ -16,3 +16,4 @@ tokio = "0.2.20"
 eth1_test_rig = { path = "../eth1_test_rig" }
 env_logger = "0.7.1"
 clap = "2.33.0"
+rayon = "1.3.0"
--- a/tests/simulator/src/eth1_sim.rs
+++ b/tests/simulator/src/eth1_sim.rs
@@ -4,9 +4,12 @@ use eth1_test_rig::GanacheEth1Instance;
 use futures::prelude::*;
 use node_test_rig::{
    environment::EnvironmentBuilder, testing_client_config, ClientGenesis, ValidatorConfig,
+    ValidatorFiles,
 };
+use rayon::prelude::*;
 use std::net::{IpAddr, Ipv4Addr};
 use std::time::Duration;
+use tokio::time::{delay_until, Instant};

 pub fn run_eth1_sim(matches: &ArgMatches) -> Result<(), String> {
    let node_count = value_t!(matches, "nodes", usize).expect("missing nodes default");
@@ -24,6 +27,24 @@ pub fn run_eth1_sim(matches: &ArgMatches) -> Result<(), String> {
    println!(" validators_per_node:{}", validators_per_node);
    println!(" end_after_checks:{}", end_after_checks);

+    // Generate the directories and keystores required for the validator clients.
+    let validator_files = (0..node_count)
+        .into_par_iter()
+        .map(|i| {
+            println!(
+                "Generating keystores for validator {} of {}",
+                i + 1,
+                node_count
+            );
+
+            let indices =
+                (i * validators_per_node..(i + 1) * validators_per_node).collect::<Vec<_>>();
+            ValidatorFiles::with_keystores(&indices).unwrap()
+        })
+        .collect::<Vec<_>>();
+
+    let expected_genesis_instant = Instant::now() + Duration::from_secs(60);
+
    let log_level = "debug";
    let log_format = None;

@@ -103,54 +124,64 @@ pub fn run_eth1_sim(matches: &ArgMatches) -> Result<(), String> {
        for _ in 0..node_count - 1 {
            network.add_beacon_node(beacon_config.clone()).await?;
        }
+
        /*
-         * One by one, add validator clients to the network. Each validator client is attached to
-         * a single corresponding beacon node.
+         * Create a future that will add validator clients to the network. Each validator client is
+         * attached to a single corresponding beacon node.
         */
+        let add_validators_fut = async {
+            for (i, files) in validator_files.into_iter().enumerate() {
+                network
+                    .add_validator_client(
+                        ValidatorConfig {
+                            auto_register: true,
+                            ..ValidatorConfig::default()
+                        },
+                        i,
+                        files,
+                    )
+                    .await?;
+            }

-        // Note: presently the validator client future will only resolve once genesis time
-        // occurs. This is great for this scenario, but likely to change in the future.
-        //
-        // If the validator client future behaviour changes, we would need to add a new future
-        // that delays until genesis. Otherwise, all of the checks that start in the next
-        // future will start too early.
-
-        for i in 0..node_count {
-            let indices =
-                (i * validators_per_node..(i + 1) * validators_per_node).collect::<Vec<_>>();
-            network
-                .add_validator_client(
-                    ValidatorConfig {
-                        auto_register: true,
-                        ..ValidatorConfig::default()
-                    },
-                    i,
-                    indices,
-                )
-                .await?;
-        }
+            Ok::<(), String>(())
+        };

        /*
         * Start the processes that will run checks on the network as it runs.
         */

-        let _err = futures::join!(
-            // Check that the chain finalizes at the first given opportunity.
-            checks::verify_first_finalization(network.clone(), slot_duration),
-            // Check that the chain starts with the expected validator count.
-            checks::verify_initial_validator_count(
-                network.clone(),
-                slot_duration,
-                initial_validator_count,
-            ),
-            // Check that validators greater than `spec.min_genesis_active_validator_count` are
-            // onboarded at the first possible opportunity.
-            checks::verify_validator_onboarding(
-                network.clone(),
-                slot_duration,
-                total_validator_count,
-            )
-        );
+        let checks_fut = async {
+            delay_until(expected_genesis_instant).await;
+
+            let (finalization, validator_count, onboarding) = futures::join!(
+                // Check that the chain finalizes at the first given opportunity.
+                checks::verify_first_finalization(network.clone(), slot_duration),
+                // Check that the chain starts with the expected validator count.
+                checks::verify_initial_validator_count(
+                    network.clone(),
+                    slot_duration,
+                    initial_validator_count,
+                ),
+                // Check that validators greater than `spec.min_genesis_active_validator_count` are
+                // onboarded at the first possible opportunity.
+                checks::verify_validator_onboarding(
+                    network.clone(),
+                    slot_duration,
+                    total_validator_count,
+                )
+            );
+
+            finalization?;
+            validator_count?;
+            onboarding?;
+
+            Ok::<(), String>(())
+        };
+
+        let (add_validators, checks) = futures::join!(add_validators_fut, checks_fut);
+
+        add_validators?;
+        checks?;

        // The `final_future` either completes immediately or never completes, depending on the value
        // of `end_after_checks`.
--- a/tests/simulator/src/local_network.rs
+++ b/tests/simulator/src/local_network.rs
@@ -1,6 +1,6 @@
 use node_test_rig::{
    environment::RuntimeContext, ClientConfig, LocalBeaconNode, LocalValidatorClient,
-    RemoteBeaconNode, ValidatorConfig,
+    RemoteBeaconNode, ValidatorConfig, ValidatorFiles,
 };
 use parking_lot::RwLock;
 use std::ops::Deref;
@@ -111,7 +111,7 @@ impl<E: EthSpec> LocalNetwork<E> {
        &self,
        mut validator_config: ValidatorConfig,
        beacon_node: usize,
-        keypair_indices: Vec<usize>,
+        validator_files: ValidatorFiles,
    ) -> Result<(), String> {
        let index = self.validator_clients.read().len();
        let context = self.context.service_context(format!("validator_{}", index));
@@ -132,7 +132,7 @@ impl<E: EthSpec> LocalNetwork<E> {
        let validator_client = LocalValidatorClient::production_with_insecure_keypairs(
            context,
            validator_config,
-            &keypair_indices,
+            validator_files,
        )
        .await?;
        self_1.validator_clients.write().push(validator_client);
--- a/tests/simulator/src/no_eth1_sim.rs
+++ b/tests/simulator/src/no_eth1_sim.rs
@@ -3,9 +3,12 @@ use clap::ArgMatches;
 use futures::prelude::*;
 use node_test_rig::{
    environment::EnvironmentBuilder, testing_client_config, ClientGenesis, ValidatorConfig,
+    ValidatorFiles,
 };
+use rayon::prelude::*;
 use std::net::{IpAddr, Ipv4Addr};
 use std::time::{Duration, SystemTime, UNIX_EPOCH};
+use tokio::time::{delay_until, Instant};

 pub fn run_no_eth1_sim(matches: &ArgMatches) -> Result<(), String> {
    let node_count = value_t!(matches, "nodes", usize).expect("missing nodes default");
@@ -23,6 +26,22 @@ pub fn run_no_eth1_sim(matches: &ArgMatches) -> Result<(), String> {
    println!(" validators_per_node:{}", validators_per_node);
    println!(" end_after_checks:{}", end_after_checks);

+    // Generate the directories and keystores required for the validator clients.
+    let validator_files = (0..node_count)
+        .into_par_iter()
+        .map(|i| {
+            println!(
+                "Generating keystores for validator {} of {}",
+                i + 1,
+                node_count
+            );
+
+            let indices =
+                (i * validators_per_node..(i + 1) * validators_per_node).collect::<Vec<_>>();
+            ValidatorFiles::with_keystores(&indices).unwrap()
+        })
+        .collect::<Vec<_>>();
+
    let log_level = "debug";
    let log_format = None;

@@ -42,10 +61,12 @@ pub fn run_no_eth1_sim(matches: &ArgMatches) -> Result<(), String> {
    spec.min_genesis_active_validator_count = 64;
    spec.seconds_per_eth1_block = 1;

+    let genesis_delay = Duration::from_secs(5);
    let genesis_time = SystemTime::now()
        .duration_since(UNIX_EPOCH)
        .map_err(|_| "should get system time")?
-        + Duration::from_secs(5);
+        + genesis_delay;
+    let genesis_instant = Instant::now() + genesis_delay;

    let slot_duration = Duration::from_millis(spec.milliseconds_per_slot);
    let total_validator_count = validators_per_node * node_count;
@@ -72,37 +93,44 @@ pub fn run_no_eth1_sim(matches: &ArgMatches) -> Result<(), String> {
        for _ in 0..node_count - 1 {
            network.add_beacon_node(beacon_config.clone()).await?;
        }
-        /*
-         * One by one, add validator clients to the network. Each validator client is attached to
-         * a single corresponding beacon node.
-         */

-        // Note: presently the validator client future will only resolve once genesis time
-        // occurs. This is great for this scenario, but likely to change in the future.
-        //
-        // If the validator client future behaviour changes, we would need to add a new future
-        // that delays until genesis. Otherwise, all of the checks that start in the next
-        // future will start too early.
-
-        for i in 0..node_count {
-            let indices =
-                (i * validators_per_node..(i + 1) * validators_per_node).collect::<Vec<_>>();
-            network
-                .add_validator_client(
-                    ValidatorConfig {
-                        auto_register: true,
-                        ..ValidatorConfig::default()
-                    },
-                    i,
-                    indices,
-                )
-                .await?;
-        }
        /*
-         * Start the processes that will run checks on the network as it runs.
+         * Create a future that will add validator clients to the network. Each validator client is
+         * attached to a single corresponding beacon node.
         */
-        // Check that the chain finalizes at the first given opportunity.
-        checks::verify_first_finalization(network.clone(), slot_duration).await?;
+        let add_validators_fut = async {
+            for (i, files) in validator_files.into_iter().enumerate() {
+                network
+                    .add_validator_client(
+                        ValidatorConfig {
+                            auto_register: true,
+                            ..ValidatorConfig::default()
+                        },
+                        i,
+                        files,
+                    )
+                    .await?;
+            }
+
+            Ok::<(), String>(())
+        };
+
+        /*
+         * The processes that will run checks on the network as it runs.
+         */
+        let checks_fut = async {
+            delay_until(genesis_instant).await;
+
+            // Check that the chain finalizes at the first given opportunity.
+            checks::verify_first_finalization(network.clone(), slot_duration).await?;
+
+            Ok::<(), String>(())
+        };
+
+        let (add_validators, start_checks) = futures::join!(add_validators_fut, checks_fut);
+
+        add_validators?;
+        start_checks?;

        // The `final_future` either completes immediately or never completes, depending on the value
        // of `end_after_checks`.
--- a/tests/simulator/src/sync_sim.rs
+++ b/tests/simulator/src/sync_sim.rs
@@ -5,6 +5,7 @@ use futures::prelude::*;
 use node_test_rig::ClientConfig;
 use node_test_rig::{
    environment::EnvironmentBuilder, testing_client_config, ClientGenesis, ValidatorConfig,
+    ValidatorFiles,
 };
 use std::net::{IpAddr, Ipv4Addr};
 use std::time::{Duration, SystemTime, UNIX_EPOCH};
@@ -77,6 +78,10 @@ fn syncing_sim(

    beacon_config.network.enr_address = Some(IpAddr::V4(Ipv4Addr::new(127, 0, 0, 1)));

+    // Generate the directories and keystores required for the validator clients.
+    let validator_indices = (0..num_validators).collect::<Vec<_>>();
+    let validator_files = ValidatorFiles::with_keystores(&validator_indices).unwrap();
+
    let main_future = async {
        /*
         * Create a new `LocalNetwork` with one beacon node.
@@ -87,7 +92,7 @@ fn syncing_sim(
         * Add a validator client which handles all validators from the genesis state.
         */
        network
-            .add_validator_client(ValidatorConfig::default(), 0, (0..num_validators).collect())
+            .add_validator_client(ValidatorConfig::default(), 0, validator_files)
            .await?;

        // Check all syncing strategies one after other.