mirror of
https://github.com/sigp/lighthouse.git
synced 2026-03-16 19:32:55 +00:00
ff9b09d964
## Issue Addressed Upgrade libp2p to v0.52 ## Proposed Changes - **Workflows**: remove installation of `protoc` - **Book**: remove installation of `protoc` - **`Dockerfile`s and `cross`**: remove custom base `Dockerfile` for cross since it's no longer needed. Remove `protoc` from remaining `Dockerfiles`s - **Upgrade `discv5` to `v0.3.1`:** we have some cool stuff in there: no longer needs `protoc` and faster ip updates on cold start - **Upgrade `prometheus` to `0.21.0`**, now it no longer needs encoding checks - **things that look like refactors:** bunch of api types were renamed and need to be accessed in a different (clearer) way - **Lighthouse network** - connection limits is now a behaviour - banned peers no longer exist on the swarm level, but at the behaviour level - `connection_event_buffer_size` now is handled per connection with a buffer size of 4 - `mplex` is deprecated and was removed - rpc handler now logs the peer to which it belongs ## Additional Info Tried to keep as much behaviour unchanged as possible. However, there is a great deal of improvements we can do _after_ this upgrade: - Smart connection limits: Connection limits have been checked only based on numbers, we can now use information about the incoming peer to decide if we want it - More powerful peer management: Dial attempts from other behaviours can be rejected early - Incoming connections can be rejected early - Banning can be returned exclusively to the peer management: We should not get connections to banned peers anymore making use of this - TCP Nat updates: We might be able to take advantage of confirmed external addresses to check out tcp ports/ips Co-authored-by: Age Manning <Age@AgeManning.com> Co-authored-by: Akihito Nakano <sora.akatsuki@gmail.com>
271 lines
10 KiB
Rust
271 lines
10 KiB
Rust
use crate::multiaddr::Protocol;
|
|
use crate::rpc::{MetaData, MetaDataV1, MetaDataV2};
|
|
use crate::types::{
|
|
error, EnrAttestationBitfield, EnrSyncCommitteeBitfield, GossipEncoding, GossipKind,
|
|
};
|
|
use crate::{GossipTopic, NetworkConfig};
|
|
use libp2p::bandwidth::BandwidthSinks;
|
|
use libp2p::core::{multiaddr::Multiaddr, muxing::StreamMuxerBox, transport::Boxed};
|
|
use libp2p::gossipsub;
|
|
use libp2p::identity::{secp256k1, Keypair};
|
|
use libp2p::{core, noise, yamux, PeerId, Transport, TransportExt};
|
|
use prometheus_client::registry::Registry;
|
|
use slog::{debug, warn};
|
|
use ssz::Decode;
|
|
use ssz::Encode;
|
|
use std::collections::HashSet;
|
|
use std::fs::File;
|
|
use std::io::prelude::*;
|
|
use std::path::Path;
|
|
use std::sync::Arc;
|
|
use std::time::Duration;
|
|
use types::{ChainSpec, EnrForkId, EthSpec, ForkContext, SubnetId, SyncSubnetId};
|
|
|
|
pub const NETWORK_KEY_FILENAME: &str = "key";
|
|
/// The maximum simultaneous libp2p connections per peer.
|
|
pub const MAX_CONNECTIONS_PER_PEER: u32 = 1;
|
|
/// The filename to store our local metadata.
|
|
pub const METADATA_FILENAME: &str = "metadata";
|
|
|
|
pub struct Context<'a> {
|
|
pub config: &'a NetworkConfig,
|
|
pub enr_fork_id: EnrForkId,
|
|
pub fork_context: Arc<ForkContext>,
|
|
pub chain_spec: &'a ChainSpec,
|
|
pub gossipsub_registry: Option<&'a mut Registry>,
|
|
}
|
|
|
|
type BoxedTransport = Boxed<(PeerId, StreamMuxerBox)>;
|
|
|
|
/// The implementation supports TCP/IP, WebSockets over TCP/IP, noise as the encryption layer, and
|
|
/// mplex as the multiplexing layer.
|
|
pub fn build_transport(
|
|
local_private_key: Keypair,
|
|
) -> std::io::Result<(BoxedTransport, Arc<BandwidthSinks>)> {
|
|
let tcp = libp2p::tcp::tokio::Transport::new(libp2p::tcp::Config::default().nodelay(true));
|
|
let transport = libp2p::dns::TokioDnsConfig::system(tcp)?;
|
|
#[cfg(feature = "libp2p-websocket")]
|
|
let transport = {
|
|
let trans_clone = transport.clone();
|
|
transport.or_transport(libp2p::websocket::WsConfig::new(trans_clone))
|
|
};
|
|
|
|
// yamux config
|
|
let mut yamux_config = yamux::Config::default();
|
|
yamux_config.set_window_update_mode(yamux::WindowUpdateMode::on_read());
|
|
let (transport, bandwidth) = transport
|
|
.upgrade(core::upgrade::Version::V1)
|
|
.authenticate(generate_noise_config(&local_private_key))
|
|
.multiplex(yamux_config)
|
|
.timeout(Duration::from_secs(10))
|
|
.boxed()
|
|
.with_bandwidth_logging();
|
|
|
|
// Authentication
|
|
Ok((transport, bandwidth))
|
|
}
|
|
|
|
// Useful helper functions for debugging. Currently not used in the client.
|
|
#[allow(dead_code)]
|
|
fn keypair_from_hex(hex_bytes: &str) -> error::Result<Keypair> {
|
|
let hex_bytes = if let Some(stripped) = hex_bytes.strip_prefix("0x") {
|
|
stripped.to_string()
|
|
} else {
|
|
hex_bytes.to_string()
|
|
};
|
|
|
|
hex::decode(hex_bytes)
|
|
.map_err(|e| format!("Failed to parse p2p secret key bytes: {:?}", e).into())
|
|
.and_then(keypair_from_bytes)
|
|
}
|
|
|
|
#[allow(dead_code)]
|
|
fn keypair_from_bytes(mut bytes: Vec<u8>) -> error::Result<Keypair> {
|
|
secp256k1::SecretKey::try_from_bytes(&mut bytes)
|
|
.map(|secret| {
|
|
let keypair: secp256k1::Keypair = secret.into();
|
|
keypair.into()
|
|
})
|
|
.map_err(|e| format!("Unable to parse p2p secret key: {:?}", e).into())
|
|
}
|
|
|
|
/// Loads a private key from disk. If this fails, a new key is
|
|
/// generated and is then saved to disk.
|
|
///
|
|
/// Currently only secp256k1 keys are allowed, as these are the only keys supported by discv5.
|
|
pub fn load_private_key(config: &NetworkConfig, log: &slog::Logger) -> Keypair {
|
|
// check for key from disk
|
|
let network_key_f = config.network_dir.join(NETWORK_KEY_FILENAME);
|
|
if let Ok(mut network_key_file) = File::open(network_key_f.clone()) {
|
|
let mut key_bytes: Vec<u8> = Vec::with_capacity(36);
|
|
match network_key_file.read_to_end(&mut key_bytes) {
|
|
Err(_) => debug!(log, "Could not read network key file"),
|
|
Ok(_) => {
|
|
// only accept secp256k1 keys for now
|
|
if let Ok(secret_key) = secp256k1::SecretKey::try_from_bytes(&mut key_bytes) {
|
|
let kp: secp256k1::Keypair = secret_key.into();
|
|
debug!(log, "Loaded network key from disk.");
|
|
return kp.into();
|
|
} else {
|
|
debug!(log, "Network key file is not a valid secp256k1 key");
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// if a key could not be loaded from disk, generate a new one and save it
|
|
let local_private_key = secp256k1::Keypair::generate();
|
|
let _ = std::fs::create_dir_all(&config.network_dir);
|
|
match File::create(network_key_f.clone())
|
|
.and_then(|mut f| f.write_all(&local_private_key.secret().to_bytes()))
|
|
{
|
|
Ok(_) => {
|
|
debug!(log, "New network key generated and written to disk");
|
|
}
|
|
Err(e) => {
|
|
warn!(
|
|
log,
|
|
"Could not write node key to file: {:?}. error: {}", network_key_f, e
|
|
);
|
|
}
|
|
}
|
|
local_private_key.into()
|
|
}
|
|
|
|
/// Generate authenticated XX Noise config from identity keys
|
|
fn generate_noise_config(identity_keypair: &Keypair) -> noise::Config {
|
|
noise::Config::new(identity_keypair).expect("signing can fail only once during starting a node")
|
|
}
|
|
|
|
/// For a multiaddr that ends with a peer id, this strips this suffix. Rust-libp2p
|
|
/// only supports dialing to an address without providing the peer id.
|
|
pub fn strip_peer_id(addr: &mut Multiaddr) {
|
|
let last = addr.pop();
|
|
match last {
|
|
Some(Protocol::P2p(_)) => {}
|
|
Some(other) => addr.push(other),
|
|
_ => {}
|
|
}
|
|
}
|
|
|
|
/// Load metadata from persisted file. Return default metadata if loading fails.
|
|
pub fn load_or_build_metadata<E: EthSpec>(
|
|
network_dir: &std::path::Path,
|
|
log: &slog::Logger,
|
|
) -> MetaData<E> {
|
|
// We load a V2 metadata version by default (regardless of current fork)
|
|
// since a V2 metadata can be converted to V1. The RPC encoder is responsible
|
|
// for sending the correct metadata version based on the negotiated protocol version.
|
|
let mut meta_data = MetaDataV2 {
|
|
seq_number: 0,
|
|
attnets: EnrAttestationBitfield::<E>::default(),
|
|
syncnets: EnrSyncCommitteeBitfield::<E>::default(),
|
|
};
|
|
// Read metadata from persisted file if available
|
|
let metadata_path = network_dir.join(METADATA_FILENAME);
|
|
if let Ok(mut metadata_file) = File::open(metadata_path) {
|
|
let mut metadata_ssz = Vec::new();
|
|
if metadata_file.read_to_end(&mut metadata_ssz).is_ok() {
|
|
// Attempt to read a MetaDataV2 version from the persisted file,
|
|
// if that fails, read MetaDataV1
|
|
match MetaDataV2::<E>::from_ssz_bytes(&metadata_ssz) {
|
|
Ok(persisted_metadata) => {
|
|
meta_data.seq_number = persisted_metadata.seq_number;
|
|
// Increment seq number if persisted attnet is not default
|
|
if persisted_metadata.attnets != meta_data.attnets
|
|
|| persisted_metadata.syncnets != meta_data.syncnets
|
|
{
|
|
meta_data.seq_number += 1;
|
|
}
|
|
debug!(log, "Loaded metadata from disk");
|
|
}
|
|
Err(_) => {
|
|
match MetaDataV1::<E>::from_ssz_bytes(&metadata_ssz) {
|
|
Ok(persisted_metadata) => {
|
|
let persisted_metadata = MetaData::V1(persisted_metadata);
|
|
// Increment seq number as the persisted metadata version is updated
|
|
meta_data.seq_number = *persisted_metadata.seq_number() + 1;
|
|
debug!(log, "Loaded metadata from disk");
|
|
}
|
|
Err(e) => {
|
|
debug!(
|
|
log,
|
|
"Metadata from file could not be decoded";
|
|
"error" => ?e,
|
|
);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
// Wrap the MetaData
|
|
let meta_data = MetaData::V2(meta_data);
|
|
|
|
debug!(log, "Metadata sequence number"; "seq_num" => meta_data.seq_number());
|
|
save_metadata_to_disk(network_dir, meta_data.clone(), log);
|
|
meta_data
|
|
}
|
|
|
|
/// Creates a whitelist topic filter that covers all possible topics using the given set of
|
|
/// possible fork digests.
|
|
pub(crate) fn create_whitelist_filter(
|
|
possible_fork_digests: Vec<[u8; 4]>,
|
|
attestation_subnet_count: u64,
|
|
sync_committee_subnet_count: u64,
|
|
) -> gossipsub::WhitelistSubscriptionFilter {
|
|
let mut possible_hashes = HashSet::new();
|
|
for fork_digest in possible_fork_digests {
|
|
let mut add = |kind| {
|
|
let topic: gossipsub::IdentTopic =
|
|
GossipTopic::new(kind, GossipEncoding::SSZSnappy, fork_digest).into();
|
|
possible_hashes.insert(topic.hash());
|
|
};
|
|
|
|
use GossipKind::*;
|
|
add(BeaconBlock);
|
|
add(BeaconAggregateAndProof);
|
|
add(VoluntaryExit);
|
|
add(ProposerSlashing);
|
|
add(AttesterSlashing);
|
|
add(SignedContributionAndProof);
|
|
add(BlsToExecutionChange);
|
|
add(LightClientFinalityUpdate);
|
|
add(LightClientOptimisticUpdate);
|
|
for id in 0..attestation_subnet_count {
|
|
add(Attestation(SubnetId::new(id)));
|
|
}
|
|
for id in 0..sync_committee_subnet_count {
|
|
add(SyncCommitteeMessage(SyncSubnetId::new(id)));
|
|
}
|
|
}
|
|
gossipsub::WhitelistSubscriptionFilter(possible_hashes)
|
|
}
|
|
|
|
/// Persist metadata to disk
|
|
pub(crate) fn save_metadata_to_disk<E: EthSpec>(
|
|
dir: &Path,
|
|
metadata: MetaData<E>,
|
|
log: &slog::Logger,
|
|
) {
|
|
let _ = std::fs::create_dir_all(dir);
|
|
let metadata_bytes = match metadata {
|
|
MetaData::V1(md) => md.as_ssz_bytes(),
|
|
MetaData::V2(md) => md.as_ssz_bytes(),
|
|
};
|
|
match File::create(dir.join(METADATA_FILENAME)).and_then(|mut f| f.write_all(&metadata_bytes)) {
|
|
Ok(_) => {
|
|
debug!(log, "Metadata written to disk");
|
|
}
|
|
Err(e) => {
|
|
warn!(
|
|
log,
|
|
"Could not write metadata to disk";
|
|
"file" => format!("{:?}{:?}", dir, METADATA_FILENAME),
|
|
"error" => %e
|
|
);
|
|
}
|
|
}
|
|
}
|