mirror of
https://github.com/Cuprate/cuprate.git
synced 2025-01-08 20:09:44 +00:00
Consensus: fix panic in batch verifier (#152)
Some checks failed
CI / fmt (push) Waiting to run
CI / typo (push) Waiting to run
CI / ci (macos-latest, stable, bash) (push) Waiting to run
CI / ci (ubuntu-latest, stable, bash) (push) Waiting to run
CI / ci (windows-latest, stable-x86_64-pc-windows-gnu, msys2 {0}) (push) Waiting to run
Audit / audit (push) Has been cancelled
Deny / audit (push) Has been cancelled
Some checks failed
CI / fmt (push) Waiting to run
CI / typo (push) Waiting to run
CI / ci (macos-latest, stable, bash) (push) Waiting to run
CI / ci (ubuntu-latest, stable, bash) (push) Waiting to run
CI / ci (windows-latest, stable-x86_64-pc-windows-gnu, msys2 {0}) (push) Waiting to run
Audit / audit (push) Has been cancelled
Deny / audit (push) Has been cancelled
* fix panic in batch verifier * docs * review comments * Update consensus/rules/src/batch_verifier.rs Co-authored-by: hinto-janai <hinto.janai@protonmail.com> --------- Co-authored-by: hinto-janai <hinto.janai@protonmail.com>
This commit is contained in:
parent
6df67bb9d3
commit
07f61bdb9c
7 changed files with 125 additions and 39 deletions
61
Cargo.lock
generated
61
Cargo.lock
generated
|
@ -50,6 +50,16 @@ dependencies = [
|
||||||
"libc",
|
"libc",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "async-buffer"
|
||||||
|
version = "0.1.0"
|
||||||
|
dependencies = [
|
||||||
|
"futures",
|
||||||
|
"pin-project",
|
||||||
|
"thiserror",
|
||||||
|
"tokio",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "async-lock"
|
name = "async-lock"
|
||||||
version = "3.3.0"
|
version = "3.3.0"
|
||||||
|
@ -525,6 +535,7 @@ dependencies = [
|
||||||
"tokio-util",
|
"tokio-util",
|
||||||
"tower",
|
"tower",
|
||||||
"tracing",
|
"tracing",
|
||||||
|
"tracing-subscriber",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
@ -613,7 +624,7 @@ dependencies = [
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "dandelion_tower"
|
name = "dandelion-tower"
|
||||||
version = "0.1.0"
|
version = "0.1.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"futures",
|
"futures",
|
||||||
|
@ -1463,6 +1474,16 @@ dependencies = [
|
||||||
"zeroize",
|
"zeroize",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "nu-ansi-term"
|
||||||
|
version = "0.46.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "77a8165726e8236064dbb45459242600304b42a5ea24ee2948e18e023bf7ba84"
|
||||||
|
dependencies = [
|
||||||
|
"overload",
|
||||||
|
"winapi",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "num-traits"
|
name = "num-traits"
|
||||||
version = "0.2.18"
|
version = "0.2.18"
|
||||||
|
@ -1510,6 +1531,12 @@ version = "0.2.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
|
checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "overload"
|
||||||
|
version = "0.1.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "page_size"
|
name = "page_size"
|
||||||
version = "0.6.0"
|
version = "0.6.0"
|
||||||
|
@ -2136,6 +2163,15 @@ dependencies = [
|
||||||
"keccak",
|
"keccak",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "sharded-slab"
|
||||||
|
version = "0.1.7"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "f40ca3c46823713e0d4209592e8d6e826aa57e928f09752619fc696c499637f6"
|
||||||
|
dependencies = [
|
||||||
|
"lazy_static",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "signal-hook-registry"
|
name = "signal-hook-registry"
|
||||||
version = "1.4.2"
|
version = "1.4.2"
|
||||||
|
@ -2476,6 +2512,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54"
|
checksum = "c06d3da6113f116aaee68e4d601191614c9053067f9ab7f6edbcb161237daa54"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"once_cell",
|
"once_cell",
|
||||||
|
"valuable",
|
||||||
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "tracing-log"
|
||||||
|
version = "0.2.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "ee855f1f400bd0e5c02d150ae5de3840039a3f54b025156404e34c23c03f47c3"
|
||||||
|
dependencies = [
|
||||||
|
"log",
|
||||||
|
"once_cell",
|
||||||
|
"tracing-core",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
@ -2484,7 +2532,12 @@ version = "0.3.18"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "ad0f048c97dbd9faa9b7df56362b8ebcaa52adb06b498c050d2f4e32f90a7a8b"
|
checksum = "ad0f048c97dbd9faa9b7df56362b8ebcaa52adb06b498c050d2f4e32f90a7a8b"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
|
"nu-ansi-term",
|
||||||
|
"sharded-slab",
|
||||||
|
"smallvec",
|
||||||
|
"thread_local",
|
||||||
"tracing-core",
|
"tracing-core",
|
||||||
|
"tracing-log",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
@ -2543,6 +2596,12 @@ dependencies = [
|
||||||
"percent-encoding",
|
"percent-encoding",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "valuable"
|
||||||
|
version = "0.1.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "version_check"
|
name = "version_check"
|
||||||
version = "0.9.4"
|
version = "0.9.4"
|
||||||
|
|
29
consensus/rules/src/batch_verifier.rs
Normal file
29
consensus/rules/src/batch_verifier.rs
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
use multiexp::BatchVerifier as InternalBatchVerifier;
|
||||||
|
|
||||||
|
/// This trait represents a batch verifier.
|
||||||
|
///
|
||||||
|
/// A batch verifier is used to speed up verification by verifying multiple transactions together.
|
||||||
|
///
|
||||||
|
/// Not all proofs can be batched and at its core it's intended to verify a series of statements are
|
||||||
|
/// each equivalent to zero.
|
||||||
|
pub trait BatchVerifier {
|
||||||
|
/// Queue a statement for batch verification.
|
||||||
|
///
|
||||||
|
/// # Panics
|
||||||
|
/// This function may panic if `stmt` contains calls to `rayon`'s parallel iterators, e.g. `par_iter()`.
|
||||||
|
// TODO: remove the panics by adding a generic API upstream.
|
||||||
|
fn queue_statement<R>(
|
||||||
|
&mut self,
|
||||||
|
stmt: impl FnOnce(&mut InternalBatchVerifier<(), dalek_ff_group::EdwardsPoint>) -> R,
|
||||||
|
) -> R;
|
||||||
|
}
|
||||||
|
|
||||||
|
// impl this for a single threaded batch verifier.
|
||||||
|
impl BatchVerifier for &'_ mut InternalBatchVerifier<(), dalek_ff_group::EdwardsPoint> {
|
||||||
|
fn queue_statement<R>(
|
||||||
|
&mut self,
|
||||||
|
stmt: impl FnOnce(&mut InternalBatchVerifier<(), dalek_ff_group::EdwardsPoint>) -> R,
|
||||||
|
) -> R {
|
||||||
|
stmt(self)
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,5 +1,6 @@
|
||||||
use std::time::{SystemTime, UNIX_EPOCH};
|
use std::time::{SystemTime, UNIX_EPOCH};
|
||||||
|
|
||||||
|
pub mod batch_verifier;
|
||||||
pub mod blocks;
|
pub mod blocks;
|
||||||
mod decomposed_amount;
|
mod decomposed_amount;
|
||||||
pub mod genesis;
|
pub mod genesis;
|
||||||
|
|
|
@ -3,10 +3,10 @@ use std::cmp::Ordering;
|
||||||
use monero_serai::ringct::RctType;
|
use monero_serai::ringct::RctType;
|
||||||
|
|
||||||
use monero_serai::transaction::{Input, Output, Timelock, Transaction};
|
use monero_serai::transaction::{Input, Output, Timelock, Transaction};
|
||||||
use multiexp::BatchVerifier;
|
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
blocks::penalty_free_zone, check_point_canonically_encoded, is_decomposed_amount, HardFork,
|
batch_verifier::BatchVerifier, blocks::penalty_free_zone, check_point_canonically_encoded,
|
||||||
|
is_decomposed_amount, HardFork,
|
||||||
};
|
};
|
||||||
|
|
||||||
mod contextual_data;
|
mod contextual_data;
|
||||||
|
@ -606,7 +606,7 @@ pub fn check_transaction_semantic(
|
||||||
tx_weight: usize,
|
tx_weight: usize,
|
||||||
tx_hash: &[u8; 32],
|
tx_hash: &[u8; 32],
|
||||||
hf: &HardFork,
|
hf: &HardFork,
|
||||||
verifier: &mut BatchVerifier<(), dalek_ff_group::EdwardsPoint>,
|
verifier: impl BatchVerifier,
|
||||||
) -> Result<u64, TransactionError> {
|
) -> Result<u64, TransactionError> {
|
||||||
// <https://monero-book.cuprate.org/consensus_rules/transactions.html#transaction-size>
|
// <https://monero-book.cuprate.org/consensus_rules/transactions.html#transaction-size>
|
||||||
if tx_blob_size > MAX_TX_BLOB_SIZE
|
if tx_blob_size > MAX_TX_BLOB_SIZE
|
||||||
|
|
|
@ -9,12 +9,11 @@ use monero_serai::{
|
||||||
transaction::{Input, Transaction},
|
transaction::{Input, Transaction},
|
||||||
H,
|
H,
|
||||||
};
|
};
|
||||||
use multiexp::BatchVerifier;
|
|
||||||
use rand::thread_rng;
|
use rand::thread_rng;
|
||||||
#[cfg(feature = "rayon")]
|
#[cfg(feature = "rayon")]
|
||||||
use rayon::prelude::*;
|
use rayon::prelude::*;
|
||||||
|
|
||||||
use crate::{transactions::Rings, try_par_iter, HardFork};
|
use crate::{batch_verifier::BatchVerifier, transactions::Rings, try_par_iter, HardFork};
|
||||||
|
|
||||||
/// This constant contains the IDs of 2 transactions that should be allowed after the fork the ringCT
|
/// This constant contains the IDs of 2 transactions that should be allowed after the fork the ringCT
|
||||||
/// type they used should be banned.
|
/// type they used should be banned.
|
||||||
|
@ -91,7 +90,7 @@ fn simple_type_balances(rct_sig: &RctSignatures) -> Result<(), RingCTError> {
|
||||||
/// <https://monero-book.cuprate.org/consensus_rules/ring_ct/bulletproofs+.html>
|
/// <https://monero-book.cuprate.org/consensus_rules/ring_ct/bulletproofs+.html>
|
||||||
fn check_output_range_proofs(
|
fn check_output_range_proofs(
|
||||||
rct_sig: &RctSignatures,
|
rct_sig: &RctSignatures,
|
||||||
verifier: &mut BatchVerifier<(), dalek_ff_group::EdwardsPoint>,
|
mut verifier: impl BatchVerifier,
|
||||||
) -> Result<(), RingCTError> {
|
) -> Result<(), RingCTError> {
|
||||||
let commitments = &rct_sig.base.commitments;
|
let commitments = &rct_sig.base.commitments;
|
||||||
|
|
||||||
|
@ -109,7 +108,9 @@ fn check_output_range_proofs(
|
||||||
}),
|
}),
|
||||||
RctPrunable::MlsagBulletproofs { bulletproofs, .. }
|
RctPrunable::MlsagBulletproofs { bulletproofs, .. }
|
||||||
| RctPrunable::Clsag { bulletproofs, .. } => {
|
| RctPrunable::Clsag { bulletproofs, .. } => {
|
||||||
if bulletproofs.batch_verify(&mut thread_rng(), verifier, (), commitments) {
|
if verifier.queue_statement(|verifier| {
|
||||||
|
bulletproofs.batch_verify(&mut thread_rng(), verifier, (), commitments)
|
||||||
|
}) {
|
||||||
Ok(())
|
Ok(())
|
||||||
} else {
|
} else {
|
||||||
Err(RingCTError::BulletproofsRangeInvalid)
|
Err(RingCTError::BulletproofsRangeInvalid)
|
||||||
|
@ -121,7 +122,7 @@ fn check_output_range_proofs(
|
||||||
pub(crate) fn ring_ct_semantic_checks(
|
pub(crate) fn ring_ct_semantic_checks(
|
||||||
tx: &Transaction,
|
tx: &Transaction,
|
||||||
tx_hash: &[u8; 32],
|
tx_hash: &[u8; 32],
|
||||||
verifier: &mut BatchVerifier<(), dalek_ff_group::EdwardsPoint>,
|
verifier: impl BatchVerifier,
|
||||||
hf: &HardFork,
|
hf: &HardFork,
|
||||||
) -> Result<(), RingCTError> {
|
) -> Result<(), RingCTError> {
|
||||||
let rct_type = tx.rct_signatures.rct_type();
|
let rct_type = tx.rct_signatures.rct_type();
|
||||||
|
|
|
@ -4,8 +4,6 @@ use multiexp::BatchVerifier as InternalBatchVerifier;
|
||||||
use rayon::prelude::*;
|
use rayon::prelude::*;
|
||||||
use thread_local::ThreadLocal;
|
use thread_local::ThreadLocal;
|
||||||
|
|
||||||
use crate::ConsensusError;
|
|
||||||
|
|
||||||
/// A multithreaded batch verifier.
|
/// A multithreaded batch verifier.
|
||||||
pub struct MultiThreadedBatchVerifier {
|
pub struct MultiThreadedBatchVerifier {
|
||||||
internal: ThreadLocal<RefCell<InternalBatchVerifier<(), dalek_ff_group::EdwardsPoint>>>,
|
internal: ThreadLocal<RefCell<InternalBatchVerifier<(), dalek_ff_group::EdwardsPoint>>>,
|
||||||
|
@ -19,19 +17,6 @@ impl MultiThreadedBatchVerifier {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn queue_statement<R>(
|
|
||||||
&self,
|
|
||||||
stmt: impl FnOnce(
|
|
||||||
&mut InternalBatchVerifier<(), dalek_ff_group::EdwardsPoint>,
|
|
||||||
) -> Result<R, ConsensusError>,
|
|
||||||
) -> Result<R, ConsensusError> {
|
|
||||||
let verifier_cell = self
|
|
||||||
.internal
|
|
||||||
.get_or(|| RefCell::new(InternalBatchVerifier::new(8)));
|
|
||||||
// TODO: this is not ok as a rayon par_iter could be called in stmt.
|
|
||||||
stmt(verifier_cell.borrow_mut().deref_mut())
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn verify(self) -> bool {
|
pub fn verify(self) -> bool {
|
||||||
self.internal
|
self.internal
|
||||||
.into_iter()
|
.into_iter()
|
||||||
|
@ -41,3 +26,17 @@ impl MultiThreadedBatchVerifier {
|
||||||
.is_none()
|
.is_none()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl cuprate_consensus_rules::batch_verifier::BatchVerifier for &'_ MultiThreadedBatchVerifier {
|
||||||
|
fn queue_statement<R>(
|
||||||
|
&mut self,
|
||||||
|
stmt: impl FnOnce(&mut InternalBatchVerifier<(), dalek_ff_group::EdwardsPoint>) -> R,
|
||||||
|
) -> R {
|
||||||
|
let mut verifier = self
|
||||||
|
.internal
|
||||||
|
.get_or(|| RefCell::new(InternalBatchVerifier::new(32)))
|
||||||
|
.borrow_mut();
|
||||||
|
|
||||||
|
stmt(verifier.deref_mut())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -484,26 +484,23 @@ where
|
||||||
batch_get_ring_member_info(txs.iter().map(|(tx, _)| tx), &hf, database).await?;
|
batch_get_ring_member_info(txs.iter().map(|(tx, _)| tx), &hf, database).await?;
|
||||||
|
|
||||||
rayon_spawn_async(move || {
|
rayon_spawn_async(move || {
|
||||||
let batch_veriifier = MultiThreadedBatchVerifier::new(rayon::current_num_threads());
|
let batch_verifier = MultiThreadedBatchVerifier::new(rayon::current_num_threads());
|
||||||
|
|
||||||
txs.par_iter()
|
txs.par_iter()
|
||||||
.zip(txs_ring_member_info.par_iter())
|
.zip(txs_ring_member_info.par_iter())
|
||||||
.try_for_each(|((tx, verification_needed), ring)| {
|
.try_for_each(|((tx, verification_needed), ring)| {
|
||||||
// do semantic validation if needed.
|
// do semantic validation if needed.
|
||||||
if *verification_needed == VerificationNeeded::SemanticAndContextual {
|
if *verification_needed == VerificationNeeded::SemanticAndContextual {
|
||||||
batch_veriifier.queue_statement(|verifier| {
|
let fee = check_transaction_semantic(
|
||||||
let fee = check_transaction_semantic(
|
&tx.tx,
|
||||||
&tx.tx,
|
tx.tx_blob.len(),
|
||||||
tx.tx_blob.len(),
|
tx.tx_weight,
|
||||||
tx.tx_weight,
|
&tx.tx_hash,
|
||||||
&tx.tx_hash,
|
&hf,
|
||||||
&hf,
|
&batch_verifier,
|
||||||
verifier,
|
)?;
|
||||||
)?;
|
// make sure monero-serai calculated the same fee.
|
||||||
// make sure monero-serai calculated the same fee.
|
assert_eq!(fee, tx.fee);
|
||||||
assert_eq!(fee, tx.fee);
|
|
||||||
Ok(())
|
|
||||||
})?;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Both variants of `VerificationNeeded` require contextual validation.
|
// Both variants of `VerificationNeeded` require contextual validation.
|
||||||
|
@ -518,7 +515,7 @@ where
|
||||||
Ok::<_, ConsensusError>(())
|
Ok::<_, ConsensusError>(())
|
||||||
})?;
|
})?;
|
||||||
|
|
||||||
if !batch_veriifier.verify() {
|
if !batch_verifier.verify() {
|
||||||
return Err(ExtendedConsensusError::OneOrMoreBatchVerificationStatementsInvalid);
|
return Err(ExtendedConsensusError::OneOrMoreBatchVerificationStatementsInvalid);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue