rippled
Loading...
Searching...
No Matches
ValidatorList_test.cpp
1#include <test/jtx.h>
2
3#include <xrpld/app/misc/ValidatorList.h>
4#include <xrpld/overlay/detail/ProtocolMessage.h>
5
6#include <xrpl/basics/Slice.h>
7#include <xrpl/basics/base64.h>
8#include <xrpl/basics/strHex.h>
9#include <xrpl/protocol/HashPrefix.h>
10#include <xrpl/protocol/PublicKey.h>
11#include <xrpl/protocol/SecretKey.h>
12#include <xrpl/protocol/Sign.h>
13#include <xrpl/protocol/digest.h>
14#include <xrpl/protocol/jss.h>
15#include <xrpl/protocol/messages.h>
16
17#include <boost/beast/core/multi_buffer.hpp>
18
19namespace xrpl {
20namespace test {
21
22class ValidatorList_test : public beast::unit_test::suite
23{
24private:
31
32 static PublicKey
37
38 static PublicKey
43
44 static std::string
45 makeManifestString(
46 PublicKey const& pk,
47 SecretKey const& sk,
48 PublicKey const& spk,
49 SecretKey const& ssk,
50 int seq)
51 {
52 STObject st(sfGeneric);
53 st[sfSequence] = seq;
54 st[sfPublicKey] = pk;
55
56 if (seq != std::numeric_limits<std::uint32_t>::max())
57 {
58 st[sfSigningPubKey] = spk;
59 sign(st, HashPrefix::manifest, *publicKeyType(spk), ssk);
60 }
61
62 sign(
63 st,
64 HashPrefix::manifest,
65 *publicKeyType(pk),
66 sk,
67 sfMasterSignature);
68
69 Serializer s;
70 st.add(s);
71
72 return std::string(static_cast<char const*>(s.data()), s.size());
73 }
74
75 static std::string
76 makeRevocationString(PublicKey const& pk, SecretKey const& sk)
77 {
78 STObject st(sfGeneric);
79 st[sfSequence] = std::numeric_limits<std::uint32_t>::max();
80 st[sfPublicKey] = pk;
81
82 sign(
83 st,
84 HashPrefix::manifest,
85 *publicKeyType(pk),
86 sk,
87 sfMasterSignature);
88
89 Serializer s;
90 st.add(s);
91
92 return std::string(static_cast<char const*>(s.data()), s.size());
93 }
94
95 static Validator
96 randomValidator()
97 {
98 auto const secret = randomSecretKey();
99 auto const masterPublic = derivePublicKey(KeyType::ed25519, secret);
100 auto const signingKeys = randomKeyPair(KeyType::secp256k1);
101 return {
102 masterPublic,
103 signingKeys.first,
104 base64_encode(makeManifestString(
105 masterPublic,
106 secret,
107 signingKeys.first,
108 signingKeys.second,
109 1))};
110 }
111
112 std::string
113 makeList(
114 std::vector<Validator> const& validators,
115 std::size_t sequence,
116 std::size_t validUntil,
117 std::optional<std::size_t> validFrom = {})
118 {
119 std::string data = "{\"sequence\":" + std::to_string(sequence) +
120 ",\"expiration\":" + std::to_string(validUntil);
121 if (validFrom)
122 data += ",\"effective\":" + std::to_string(*validFrom);
123 data += ",\"validators\":[";
124
125 for (auto const& val : validators)
126 {
127 data += "{\"validation_public_key\":\"" + strHex(val.masterPublic) +
128 "\",\"manifest\":\"" + val.manifest + "\"},";
129 }
130
131 data.pop_back();
132 data += "]}";
133 return base64_encode(data);
134 }
135
136 std::string
137 signList(
138 std::string const& blob,
139 std::pair<PublicKey, SecretKey> const& keys)
140 {
141 auto const data = base64_decode(blob);
142 return strHex(sign(keys.first, keys.second, makeSlice(data)));
143 }
144
145 static hash_set<NodeID>
146 asNodeIDs(std::initializer_list<PublicKey> const& pks)
147 {
148 hash_set<NodeID> res;
149 res.reserve(pks.size());
150 for (auto const& pk : pks)
151 res.insert(calcNodeID(pk));
152 return res;
153 }
154
155 void
156 checkResult(
157 ValidatorList::PublisherListStats const& result,
158 PublicKey pubKey,
159 ListDisposition expectedWorst,
160 ListDisposition expectedBest)
161 {
162 BEAST_EXPECT(
163 result.bestDisposition() > ListDisposition::same_sequence ||
164 (result.publisherKey && *result.publisherKey == pubKey));
165 BEAST_EXPECT(result.bestDisposition() == expectedBest);
166 BEAST_EXPECT(result.worstDisposition() == expectedWorst);
167 }
168
169 void
170 testGenesisQuorum()
171 {
172 testcase("Genesis Quorum");
173
174 ManifestCache manifests;
175 jtx::Env env(*this);
176 auto& app = env.app();
177 {
178 auto trustedKeys = std::make_unique<ValidatorList>(
179 manifests,
180 manifests,
181 env.timeKeeper(),
182 app.config().legacy("database_path"),
183 env.journal);
184 BEAST_EXPECT(trustedKeys->quorum() == 1);
185 }
186 {
187 std::size_t minQuorum = 0;
188 auto trustedKeys = std::make_unique<ValidatorList>(
189 manifests,
190 manifests,
191 env.timeKeeper(),
192 app.config().legacy("database_path"),
193 env.journal,
194 minQuorum);
195 BEAST_EXPECT(trustedKeys->quorum() == minQuorum);
196 }
197 }
198
199 void
200 testConfigLoad()
201 {
202 testcase("Config Load");
203
204 jtx::Env env(
205 *this, jtx::envconfig(), nullptr, beast::severities::kDisabled);
206 auto& app = env.app();
207 std::vector<std::string> const emptyCfgKeys;
208 std::vector<std::string> const emptyCfgPublishers;
209
210 auto const localSigningKeys = randomKeyPair(KeyType::secp256k1);
211 auto const localSigningPublicOuter = localSigningKeys.first;
212 auto const localSigningSecret = localSigningKeys.second;
213 auto const localMasterSecret = randomSecretKey();
214 auto const localMasterPublic =
215 derivePublicKey(KeyType::ed25519, localMasterSecret);
216
217 std::string const cfgManifest(makeManifestString(
218 localMasterPublic,
219 localMasterSecret,
220 localSigningPublicOuter,
221 localSigningSecret,
222 1));
223
224 auto format = [](PublicKey const& publicKey,
225 char const* comment = nullptr) {
226 auto ret = toBase58(TokenType::NodePublic, publicKey);
227
228 if (comment)
229 ret += comment;
230
231 return ret;
232 };
233
234 std::vector<PublicKey> configList;
235 configList.reserve(8);
236
237 while (configList.size() != 8)
238 configList.push_back(randomNode());
239
240 // Correct configuration
241 std::vector<std::string> cfgKeys(
242 {format(configList[0]),
243 format(configList[1], " Comment"),
244 format(configList[2], " Multi Word Comment"),
245 format(configList[3], " Leading Whitespace"),
246 format(configList[4], " Trailing Whitespace "),
247 format(configList[5], " Leading & Trailing Whitespace "),
248 format(
249 configList[6],
250 " Leading, Trailing & Internal Whitespace "),
251 format(configList[7], " ")});
252
253 {
254 ManifestCache manifests;
255 auto trustedKeys = std::make_unique<ValidatorList>(
256 manifests,
257 manifests,
258 env.timeKeeper(),
259 app.config().legacy("database_path"),
260 env.journal);
261
262 // Correct (empty) configuration
263 BEAST_EXPECT(
264 trustedKeys->load({}, emptyCfgKeys, emptyCfgPublishers));
265
266 // load local validator key with or without manifest
267 BEAST_EXPECT(trustedKeys->load(
268 localSigningPublicOuter, emptyCfgKeys, emptyCfgPublishers));
269 BEAST_EXPECT(trustedKeys->listed(localSigningPublicOuter));
270
271 manifests.applyManifest(*deserializeManifest(cfgManifest));
272 BEAST_EXPECT(trustedKeys->load(
273 localSigningPublicOuter, emptyCfgKeys, emptyCfgPublishers));
274
275 BEAST_EXPECT(trustedKeys->listed(localMasterPublic));
276 BEAST_EXPECT(trustedKeys->listed(localSigningPublicOuter));
277 }
278 {
279 // load should add validator keys from config
280 ManifestCache manifests;
281 auto trustedKeys = std::make_unique<ValidatorList>(
282 manifests,
283 manifests,
284 env.timeKeeper(),
285 app.config().legacy("database_path"),
286 env.journal);
287
288 BEAST_EXPECT(trustedKeys->load({}, cfgKeys, emptyCfgPublishers));
289
290 for (auto const& n : configList)
291 BEAST_EXPECT(trustedKeys->listed(n));
292
293 // load should accept Ed25519 master public keys
294 auto const masterNode1 = randomMasterKey();
295 auto const masterNode2 = randomMasterKey();
296
297 std::vector<std::string> cfgMasterKeys(
298 {format(masterNode1), format(masterNode2, " Comment")});
299 BEAST_EXPECT(
300 trustedKeys->load({}, cfgMasterKeys, emptyCfgPublishers));
301 BEAST_EXPECT(trustedKeys->listed(masterNode1));
302 BEAST_EXPECT(trustedKeys->listed(masterNode2));
303
304 // load should reject invalid config keys
305 BEAST_EXPECT(
306 !trustedKeys->load({}, {"NotAPublicKey"}, emptyCfgPublishers));
307 BEAST_EXPECT(!trustedKeys->load(
308 {}, {format(randomNode(), "!")}, emptyCfgPublishers));
309
310 // load terminates when encountering an invalid entry
311 auto const goodKey = randomNode();
312 BEAST_EXPECT(!trustedKeys->load(
313 {},
314 {format(randomNode(), "!"), format(goodKey)},
315 emptyCfgPublishers));
316 BEAST_EXPECT(!trustedKeys->listed(goodKey));
317 }
318 {
319 // local validator key on config list
320 ManifestCache manifests;
321 auto trustedKeys = std::make_unique<ValidatorList>(
322 manifests,
323 manifests,
324 env.timeKeeper(),
325 app.config().legacy("database_path"),
326 env.journal);
327
328 auto const localSigningPublic =
329 parseBase58<PublicKey>(TokenType::NodePublic, cfgKeys.front());
330
331 BEAST_EXPECT(trustedKeys->load(
332 *localSigningPublic, cfgKeys, emptyCfgPublishers));
333
334 BEAST_EXPECT(trustedKeys->localPublicKey() == localSigningPublic);
335 BEAST_EXPECT(trustedKeys->listed(*localSigningPublic));
336 for (auto const& n : configList)
337 BEAST_EXPECT(trustedKeys->listed(n));
338 }
339 {
340 // local validator key not on config list
341 ManifestCache manifests;
342 auto trustedKeys = std::make_unique<ValidatorList>(
343 manifests,
344 manifests,
345 env.timeKeeper(),
346 app.config().legacy("database_path"),
347 env.journal);
348
349 auto const localSigningPublic = randomNode();
350 BEAST_EXPECT(trustedKeys->load(
351 localSigningPublic, cfgKeys, emptyCfgPublishers));
352
353 BEAST_EXPECT(trustedKeys->localPublicKey() == localSigningPublic);
354 BEAST_EXPECT(trustedKeys->listed(localSigningPublic));
355 for (auto const& n : configList)
356 BEAST_EXPECT(trustedKeys->listed(n));
357 }
358 {
359 // local validator key (with manifest) not on config list
360 ManifestCache manifests;
361 auto trustedKeys = std::make_unique<ValidatorList>(
362 manifests,
363 manifests,
364 env.timeKeeper(),
365 app.config().legacy("database_path"),
366 env.journal);
367
368 manifests.applyManifest(*deserializeManifest(cfgManifest));
369
370 BEAST_EXPECT(trustedKeys->load(
371 localSigningPublicOuter, cfgKeys, emptyCfgPublishers));
372
373 BEAST_EXPECT(trustedKeys->localPublicKey() == localMasterPublic);
374 BEAST_EXPECT(trustedKeys->listed(localSigningPublicOuter));
375 BEAST_EXPECT(trustedKeys->listed(localMasterPublic));
376 for (auto const& n : configList)
377 BEAST_EXPECT(trustedKeys->listed(n));
378 }
379 {
380 ManifestCache manifests;
381 auto trustedKeys = std::make_unique<ValidatorList>(
382 manifests,
383 manifests,
384 env.timeKeeper(),
385 app.config().legacy("database_path"),
386 env.journal);
387
388 // load should reject invalid validator list signing keys
389 std::vector<std::string> badPublishers({"NotASigningKey"});
390 BEAST_EXPECT(!trustedKeys->load({}, emptyCfgKeys, badPublishers));
391
392 // load should reject validator list signing keys with invalid
393 // encoding
394 std::vector<PublicKey> keys(
395 {randomMasterKey(), randomMasterKey(), randomMasterKey()});
396 badPublishers.clear();
397 for (auto const& key : keys)
398 badPublishers.push_back(toBase58(TokenType::NodePublic, key));
399
400 BEAST_EXPECT(!trustedKeys->load({}, emptyCfgKeys, badPublishers));
401 for (auto const& key : keys)
402 BEAST_EXPECT(!trustedKeys->trustedPublisher(key));
403
404 // load should accept valid validator list publisher keys
405 std::vector<std::string> cfgPublishers;
406 for (auto const& key : keys)
407 cfgPublishers.push_back(strHex(key));
408
409 BEAST_EXPECT(trustedKeys->load({}, emptyCfgKeys, cfgPublishers));
410 for (auto const& key : keys)
411 BEAST_EXPECT(trustedKeys->trustedPublisher(key));
412 BEAST_EXPECT(
413 trustedKeys->getListThreshold() == keys.size() / 2 + 1);
414 }
415 {
416 ManifestCache manifests;
417 auto trustedKeys = std::make_unique<ValidatorList>(
418 manifests,
419 manifests,
420 env.timeKeeper(),
421 app.config().legacy("database_path"),
422 env.journal);
423
424 std::vector<PublicKey> keys(
425 {randomMasterKey(),
426 randomMasterKey(),
427 randomMasterKey(),
428 randomMasterKey()});
429 std::vector<std::string> cfgPublishers;
430 for (auto const& key : keys)
431 cfgPublishers.push_back(strHex(key));
432
433 // explicitly set the list threshold
434 BEAST_EXPECT(trustedKeys->load(
435 {}, emptyCfgKeys, cfgPublishers, std::size_t(2)));
436 for (auto const& key : keys)
437 BEAST_EXPECT(trustedKeys->trustedPublisher(key));
438 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
439 }
440 {
441 // Attempt to load a publisher key that has been revoked.
442 // Should fail
443 ManifestCache valManifests;
444 ManifestCache pubManifests;
445 auto trustedKeys = std::make_unique<ValidatorList>(
446 valManifests,
447 pubManifests,
448 env.timeKeeper(),
449 app.config().legacy("database_path"),
450 env.journal);
451
452 auto const pubRevokedSecret = randomSecretKey();
453 auto const pubRevokedPublic =
454 derivePublicKey(KeyType::ed25519, pubRevokedSecret);
455 auto const pubRevokedSigning = randomKeyPair(KeyType::secp256k1);
456 // make this manifest revoked (seq num = max)
457 // -- thus should not be loaded
458 pubManifests.applyManifest(*deserializeManifest(makeManifestString(
459 pubRevokedPublic,
460 pubRevokedSecret,
461 pubRevokedSigning.first,
462 pubRevokedSigning.second,
463 std::numeric_limits<std::uint32_t>::max())));
464
465 // these two are not revoked (and not in the manifest cache at all.)
466 auto legitKey1 = randomMasterKey();
467 auto legitKey2 = randomMasterKey();
468
469 std::vector<std::string> cfgPublishers = {
470 strHex(pubRevokedPublic), strHex(legitKey1), strHex(legitKey2)};
471 BEAST_EXPECT(trustedKeys->load({}, emptyCfgKeys, cfgPublishers));
472
473 BEAST_EXPECT(!trustedKeys->trustedPublisher(pubRevokedPublic));
474 BEAST_EXPECT(trustedKeys->trustedPublisher(legitKey1));
475 BEAST_EXPECT(trustedKeys->trustedPublisher(legitKey2));
476 // 2 is the threshold for 3 publishers (even though 1 is revoked)
477 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
478 }
479 {
480 // One (of two) publisher keys has been revoked, the user had
481 // explicitly set validator list threshold to 2.
482 ManifestCache valManifests;
483 ManifestCache pubManifests;
484 auto trustedKeys = std::make_unique<ValidatorList>(
485 valManifests,
486 pubManifests,
487 env.timeKeeper(),
488 app.config().legacy("database_path"),
489 env.journal);
490
491 auto const pubRevokedSecret = randomSecretKey();
492 auto const pubRevokedPublic =
493 derivePublicKey(KeyType::ed25519, pubRevokedSecret);
494 auto const pubRevokedSigning = randomKeyPair(KeyType::secp256k1);
495 // make this manifest revoked (seq num = max)
496 // -- thus should not be loaded
497 pubManifests.applyManifest(*deserializeManifest(makeManifestString(
498 pubRevokedPublic,
499 pubRevokedSecret,
500 pubRevokedSigning.first,
501 pubRevokedSigning.second,
502 std::numeric_limits<std::uint32_t>::max())));
503
504 // this one is not revoked (and not in the manifest cache at all.)
505 auto legitKey = randomMasterKey();
506
507 std::vector<std::string> cfgPublishers = {
508 strHex(pubRevokedPublic), strHex(legitKey)};
509 BEAST_EXPECT(trustedKeys->load(
510 {}, emptyCfgKeys, cfgPublishers, std::size_t(2)));
511
512 BEAST_EXPECT(!trustedKeys->trustedPublisher(pubRevokedPublic));
513 BEAST_EXPECT(trustedKeys->trustedPublisher(legitKey));
514 // 2 is the threshold, as requested in configuration
515 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
516 }
517 }
518
519 void
520 testApplyLists()
521 {
522 testcase("Apply list");
523 using namespace std::chrono_literals;
524
525 std::string const siteUri = "testApplyList.test";
526
527 auto checkAvailable =
528 [this](
529 auto const& trustedKeys,
530 auto const& hexPublic,
531 auto const& manifest,
532 auto const version,
533 std::vector<std::pair<std::string, std::string>> const&
534 expected) {
535 auto const available = trustedKeys->getAvailable(hexPublic);
536
537 BEAST_EXPECT(!version || available);
538 if (available)
539 {
540 auto const& a = *available;
541 BEAST_EXPECT(a[jss::public_key] == hexPublic);
542 BEAST_EXPECT(a[jss::manifest] == manifest);
543 // Because multiple lists were processed, the version was
544 // overridden
545 BEAST_EXPECT(a[jss::version] == version);
546 if (version == 1)
547 {
548 BEAST_EXPECT(expected.size() == 1);
549 BEAST_EXPECT(a[jss::blob] == expected[0].first);
550 BEAST_EXPECT(a[jss::signature] == expected[0].second);
551 BEAST_EXPECT(!a.isMember(jss::blobs_v2));
552 }
553 else if (BEAST_EXPECT(a.isMember(jss::blobs_v2)))
554 {
555 BEAST_EXPECT(!a.isMember(jss::blob));
556 BEAST_EXPECT(!a.isMember(jss::signature));
557 auto const& blobs_v2 = a[jss::blobs_v2];
558 BEAST_EXPECT(
559 blobs_v2.isArray() &&
560 blobs_v2.size() == expected.size());
561
562 for (unsigned int i = 0; i < expected.size(); ++i)
563 {
564 BEAST_EXPECT(
565 blobs_v2[i][jss::blob] == expected[i].first);
566 BEAST_EXPECT(
567 blobs_v2[i][jss::signature] ==
568 expected[i].second);
569 }
570 }
571 }
572 };
573
574 ManifestCache manifests;
575 jtx::Env env(*this);
576 auto& app = env.app();
577 auto trustedKeys = std::make_unique<ValidatorList>(
578 manifests,
579 manifests,
580 env.app().timeKeeper(),
581 app.config().legacy("database_path"),
582 env.journal);
583
584 auto expectTrusted =
585 [this, &trustedKeys](std::vector<Validator> const& list) {
586 for (auto const& val : list)
587 {
588 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
589 BEAST_EXPECT(trustedKeys->listed(val.signingPublic));
590 }
591 };
592
593 auto expectUntrusted =
594 [this, &trustedKeys](std::vector<Validator> const& list) {
595 for (auto const& val : list)
596 {
597 BEAST_EXPECT(!trustedKeys->listed(val.masterPublic));
598 BEAST_EXPECT(!trustedKeys->listed(val.signingPublic));
599 }
600 };
601
602 auto const publisherSecret = randomSecretKey();
603 auto const publisherPublic =
604 derivePublicKey(KeyType::ed25519, publisherSecret);
605 auto const hexPublic =
606 strHex(publisherPublic.begin(), publisherPublic.end());
607 auto const pubSigningKeys1 = randomKeyPair(KeyType::secp256k1);
608 auto const manifest1 = base64_encode(makeManifestString(
609 publisherPublic,
610 publisherSecret,
611 pubSigningKeys1.first,
612 pubSigningKeys1.second,
613 1));
614
615 std::vector<std::string> cfgKeys1({strHex(publisherPublic)});
616 std::vector<std::string> emptyCfgKeys;
617
618 BEAST_EXPECT(trustedKeys->load({}, emptyCfgKeys, cfgKeys1));
619
620 std::map<std::size_t, std::vector<Validator>> const lists = []() {
621 auto constexpr listSize = 20;
622 auto constexpr numLists = 9;
623 std::map<std::size_t, std::vector<Validator>> lists;
624 // 1-based to correspond with the individually named blobs below.
625 for (auto i = 1; i <= numLists; ++i)
626 {
627 auto& list = lists[i];
628 list.reserve(listSize);
629 while (list.size() < listSize)
630 list.push_back(randomValidator());
631 }
632 return lists;
633 }();
634
635 // Attempt an expired list (fail) and a single list (succeed)
636 env.timeKeeper().set(env.timeKeeper().now() + 1s);
637 auto const version = 1;
638 auto const sequence1 = 1;
639 auto const expiredblob = makeList(
640 lists.at(1),
641 sequence1,
642 env.timeKeeper().now().time_since_epoch().count());
643 auto const expiredSig = signList(expiredblob, pubSigningKeys1);
644
645 NetClock::time_point const validUntil = env.timeKeeper().now() + 3600s;
646 auto const sequence2 = 2;
647 auto const blob2 = makeList(
648 lists.at(2), sequence2, validUntil.time_since_epoch().count());
649 auto const sig2 = signList(blob2, pubSigningKeys1);
650
651 checkResult(
652 trustedKeys->applyLists(
653 manifest1,
654 version,
655 {{expiredblob, expiredSig, {}}, {blob2, sig2, {}}},
656 siteUri),
657 publisherPublic,
658 ListDisposition::expired,
659 ListDisposition::accepted);
660
661 expectTrusted(lists.at(2));
662
663 checkAvailable(
664 trustedKeys, hexPublic, manifest1, version, {{blob2, sig2}});
665
666 // Do not apply future lists, but process them
667 auto const version2 = 2;
668 auto const sequence7 = 7;
669 auto const effective7 = validUntil - 60s;
670 auto const expiration7 = effective7 + 3600s;
671 auto const blob7 = makeList(
672 lists.at(7),
673 sequence7,
674 expiration7.time_since_epoch().count(),
675 effective7.time_since_epoch().count());
676 auto const sig7 = signList(blob7, pubSigningKeys1);
677
678 auto const sequence8 = 8;
679 auto const effective8 = expiration7 - 60s;
680 auto const expiration8 = effective8 + 3600s;
681 auto const blob8 = makeList(
682 lists.at(8),
683 sequence8,
684 expiration8.time_since_epoch().count(),
685 effective8.time_since_epoch().count());
686 auto const sig8 = signList(blob8, pubSigningKeys1);
687
688 checkResult(
689 trustedKeys->applyLists(
690 manifest1,
691 version2,
692 {{blob7, sig7, {}}, {blob8, sig8, {}}},
693 siteUri),
694 publisherPublic,
695 ListDisposition::pending,
696 ListDisposition::pending);
697
698 expectUntrusted(lists.at(7));
699 expectUntrusted(lists.at(8));
700
701 // Do not apply out-of-order future list, but process it
702 auto const sequence6 = 6;
703 auto const effective6 = effective7 - 60s;
704 auto const expiration6 = effective6 + 3600s;
705 auto const blob6 = makeList(
706 lists.at(6),
707 sequence6,
708 expiration6.time_since_epoch().count(),
709 effective6.time_since_epoch().count());
710 auto const sig6 = signList(blob6, pubSigningKeys1);
711
712 // Process future list that is overridden by a later list
713 auto const sequence6a = 5;
714 auto const effective6a = effective6 + 60s;
715 auto const expiration6a = effective6a + 3600s;
716 auto const blob6a = makeList(
717 lists.at(5),
718 sequence6a,
719 expiration6a.time_since_epoch().count(),
720 effective6a.time_since_epoch().count());
721 auto const sig6a = signList(blob6a, pubSigningKeys1);
722
723 checkResult(
724 trustedKeys->applyLists(
725 manifest1,
726 version,
727 {{blob6a, sig6a, {}}, {blob6, sig6, {}}},
728 siteUri),
729 publisherPublic,
730 ListDisposition::pending,
731 ListDisposition::pending);
732
733 expectUntrusted(lists.at(6));
734 expectTrusted(lists.at(2));
735
736 // Do not apply re-process lists known future sequence numbers
737
738 checkResult(
739 trustedKeys->applyLists(
740 manifest1,
741 version,
742 {{blob7, sig7, {}}, {blob6, sig6, {}}},
743 siteUri),
744 publisherPublic,
745 ListDisposition::known_sequence,
746 ListDisposition::known_sequence);
747
748 expectUntrusted(lists.at(6));
749 expectUntrusted(lists.at(7));
750 expectTrusted(lists.at(2));
751
752 // try empty or mangled manifest
753 checkResult(
754 trustedKeys->applyLists(
755 "", version, {{blob7, sig7, {}}, {blob6, sig6, {}}}, siteUri),
756 publisherPublic,
757 ListDisposition::invalid,
758 ListDisposition::invalid);
759
760 checkResult(
761 trustedKeys->applyLists(
762 base64_encode("not a manifest"),
763 version,
764 {{blob7, sig7, {}}, {blob6, sig6, {}}},
765 siteUri),
766 publisherPublic,
767 ListDisposition::invalid,
768 ListDisposition::invalid);
769
770 // do not use list from untrusted publisher
771 auto const untrustedManifest = base64_encode(makeManifestString(
772 randomMasterKey(),
773 publisherSecret,
774 pubSigningKeys1.first,
775 pubSigningKeys1.second,
776 1));
777
778 checkResult(
779 trustedKeys->applyLists(
780 untrustedManifest, version, {{blob2, sig2, {}}}, siteUri),
781 publisherPublic,
782 ListDisposition::untrusted,
783 ListDisposition::untrusted);
784
785 // do not use list with unhandled version
786 auto const badVersion = 666;
787 checkResult(
788 trustedKeys->applyLists(
789 manifest1, badVersion, {{blob2, sig2, {}}}, siteUri),
790 publisherPublic,
791 ListDisposition::unsupported_version,
792 ListDisposition::unsupported_version);
793
794 // apply list with highest sequence number
795 auto const sequence3 = 3;
796 auto const blob3 = makeList(
797 lists.at(3), sequence3, validUntil.time_since_epoch().count());
798 auto const sig3 = signList(blob3, pubSigningKeys1);
799
800 checkResult(
801 trustedKeys->applyLists(
802 manifest1, version, {{blob3, sig3, {}}}, siteUri),
803 publisherPublic,
804 ListDisposition::accepted,
805 ListDisposition::accepted);
806
807 expectUntrusted(lists.at(1));
808 expectUntrusted(lists.at(2));
809 expectTrusted(lists.at(3));
810
811 // Note that blob6a is not present, because it was dropped during
812 // processing
813 checkAvailable(
814 trustedKeys,
815 hexPublic,
816 manifest1,
817 2,
818 {{blob3, sig3}, {blob6, sig6}, {blob7, sig7}, {blob8, sig8}});
819
820 // do not re-apply lists with past or current sequence numbers
821 checkResult(
822 trustedKeys->applyLists(
823 manifest1,
824 version,
825 {{blob2, sig2, {}}, {blob3, sig3, {}}},
826 siteUri),
827 publisherPublic,
828 ListDisposition::stale,
829 ListDisposition::same_sequence);
830
831 // apply list with new publisher key updated by manifest. Also send some
832 // old lists along with the old manifest
833 auto const pubSigningKeys2 = randomKeyPair(KeyType::secp256k1);
834 auto manifest2 = base64_encode(makeManifestString(
835 publisherPublic,
836 publisherSecret,
837 pubSigningKeys2.first,
838 pubSigningKeys2.second,
839 2));
840
841 auto const sequence4 = 4;
842 auto const blob4 = makeList(
843 lists.at(4), sequence4, validUntil.time_since_epoch().count());
844 auto const sig4 = signList(blob4, pubSigningKeys2);
845
846 checkResult(
847 trustedKeys->applyLists(
848 manifest2,
849 version,
850 {{blob2, sig2, manifest1},
851 {blob3, sig3, manifest1},
852 {blob4, sig4, {}}},
853 siteUri),
854 publisherPublic,
855 ListDisposition::stale,
856 ListDisposition::accepted);
857
858 expectUntrusted(lists.at(2));
859 expectUntrusted(lists.at(3));
860 expectTrusted(lists.at(4));
861
862 checkAvailable(
863 trustedKeys,
864 hexPublic,
865 manifest2,
866 2,
867 {{blob4, sig4}, {blob6, sig6}, {blob7, sig7}, {blob8, sig8}});
868
869 auto const sequence5 = 5;
870 auto const blob5 = makeList(
871 lists.at(5), sequence5, validUntil.time_since_epoch().count());
872 auto const badSig = signList(blob5, pubSigningKeys1);
873 checkResult(
874 trustedKeys->applyLists(
875 manifest1, version, {{blob5, badSig, {}}}, siteUri),
876 publisherPublic,
877 ListDisposition::invalid,
878 ListDisposition::invalid);
879
880 expectUntrusted(lists.at(2));
881 expectUntrusted(lists.at(3));
882 expectTrusted(lists.at(4));
883 expectUntrusted(lists.at(5));
884
885 // Reprocess the pending list, but the signature is no longer valid
886 checkResult(
887 trustedKeys->applyLists(
888 manifest1,
889 version,
890 {{blob7, sig7, {}}, {blob8, sig8, {}}},
891 siteUri),
892 publisherPublic,
893 ListDisposition::invalid,
894 ListDisposition::invalid);
895
896 expectTrusted(lists.at(4));
897 expectUntrusted(lists.at(7));
898 expectUntrusted(lists.at(8));
899
900 // Automatically rotate the first pending already processed list using
901 // updateTrusted. Note that the timekeeper is NOT moved, so the close
902 // time will be ahead of the test's wall clock
903 trustedKeys->updateTrusted(
904 {},
905 effective6 + 1s,
906 env.app().getOPs(),
907 env.app().overlay(),
908 env.app().getHashRouter());
909
910 expectUntrusted(lists.at(3));
911 expectTrusted(lists.at(6));
912
913 checkAvailable(
914 trustedKeys,
915 hexPublic,
916 manifest2,
917 2,
918 {{blob6, sig6}, {blob7, sig7}, {blob8, sig8}});
919
920 // Automatically rotate the LAST pending list using updateTrusted,
921 // bypassing blob7. Note that the timekeeper IS moved, so the provided
922 // close time will be behind the test's wall clock, and thus the wall
923 // clock is used.
924 env.timeKeeper().set(effective8);
925 trustedKeys->updateTrusted(
926 {},
927 effective8 + 1s,
928 env.app().getOPs(),
929 env.app().overlay(),
930 env.app().getHashRouter());
931
932 expectUntrusted(lists.at(6));
933 expectUntrusted(lists.at(7));
934 expectTrusted(lists.at(8));
935
936 checkAvailable(trustedKeys, hexPublic, manifest2, 2, {{blob8, sig8}});
937
938 // resign the pending list with new key and validate it, but it's
939 // already valid Also try reprocessing the pending list with an
940 // explicit manifest
941 // - it is still invalid
942 auto const sig8_2 = signList(blob8, pubSigningKeys2);
943
944 checkResult(
945 trustedKeys->applyLists(
946 manifest2,
947 version,
948 {{blob8, sig8, manifest1}, {blob8, sig8_2, {}}},
949 siteUri),
950 publisherPublic,
951 ListDisposition::invalid,
952 ListDisposition::same_sequence);
953
954 expectTrusted(lists.at(8));
955
956 checkAvailable(trustedKeys, hexPublic, manifest2, 2, {{blob8, sig8}});
957
958 // do not apply list with revoked publisher key
959 // applied list is removed due to revoked publisher key
960 auto const signingKeysMax = randomKeyPair(KeyType::secp256k1);
961 auto maxManifest = base64_encode(
962 makeRevocationString(publisherPublic, publisherSecret));
963
964 auto const sequence9 = 9;
965 auto const blob9 = makeList(
966 lists.at(9), sequence9, validUntil.time_since_epoch().count());
967 auto const sig9 = signList(blob9, signingKeysMax);
968
969 checkResult(
970 trustedKeys->applyLists(
971 maxManifest, version, {{blob9, sig9, {}}}, siteUri),
972 publisherPublic,
973 ListDisposition::untrusted,
974 ListDisposition::untrusted);
975
976 BEAST_EXPECT(!trustedKeys->trustedPublisher(publisherPublic));
977 for (auto const& [num, list] : lists)
978 {
979 (void)num;
980 expectUntrusted(list);
981 }
982
983 checkAvailable(trustedKeys, hexPublic, manifest2, 0, {});
984 }
985
986 void
987 testGetAvailable()
988 {
989 testcase("GetAvailable");
990 using namespace std::chrono_literals;
991
992 std::string const siteUri = "testApplyList.test";
993
994 ManifestCache manifests;
995 jtx::Env env(*this);
996 auto& app = env.app();
997 auto trustedKeys = std::make_unique<ValidatorList>(
998 manifests,
999 manifests,
1000 env.app().timeKeeper(),
1001 app.config().legacy("database_path"),
1002 env.journal);
1003
1004 auto const publisherSecret = randomSecretKey();
1005 auto const publisherPublic =
1006 derivePublicKey(KeyType::ed25519, publisherSecret);
1007 auto const hexPublic =
1008 strHex(publisherPublic.begin(), publisherPublic.end());
1009 auto const pubSigningKeys1 = randomKeyPair(KeyType::secp256k1);
1010 auto const manifest = base64_encode(makeManifestString(
1011 publisherPublic,
1012 publisherSecret,
1013 pubSigningKeys1.first,
1014 pubSigningKeys1.second,
1015 1));
1016
1017 std::vector<std::string> cfgKeys1({strHex(publisherPublic)});
1018 std::vector<std::string> emptyCfgKeys;
1019
1020 BEAST_EXPECT(trustedKeys->load({}, emptyCfgKeys, cfgKeys1));
1021
1022 std::vector<Validator> const list = []() {
1023 auto constexpr listSize = 20;
1024 std::vector<Validator> list;
1025 list.reserve(listSize);
1026 while (list.size() < listSize)
1027 list.push_back(randomValidator());
1028 return list;
1029 }();
1030
1031 // Process a list
1032 env.timeKeeper().set(env.timeKeeper().now() + 1s);
1033 NetClock::time_point const validUntil = env.timeKeeper().now() + 3600s;
1034 auto const blob =
1035 makeList(list, 1, validUntil.time_since_epoch().count());
1036 auto const sig = signList(blob, pubSigningKeys1);
1037
1038 {
1039 // list unavailable
1040 auto const available = trustedKeys->getAvailable(hexPublic);
1041 BEAST_EXPECT(!available);
1042 }
1043
1044 BEAST_EXPECT(
1045 trustedKeys->applyLists(manifest, 1, {{blob, sig, {}}}, siteUri)
1046 .bestDisposition() == ListDisposition::accepted);
1047
1048 {
1049 // invalid public key
1050 auto const available =
1051 trustedKeys->getAvailable(hexPublic + "invalid", 1);
1052 BEAST_EXPECT(!available);
1053 }
1054
1055 {
1056 // unknown public key
1057 auto const badSecret = randomSecretKey();
1058 auto const badPublic = derivePublicKey(KeyType::ed25519, badSecret);
1059 auto const hexBad = strHex(badPublic.begin(), badPublic.end());
1060
1061 auto const available = trustedKeys->getAvailable(hexBad, 1);
1062 BEAST_EXPECT(!available);
1063 }
1064 {
1065 // bad version 0
1066 auto const available = trustedKeys->getAvailable(hexPublic, 0);
1067 if (BEAST_EXPECT(available))
1068 {
1069 auto const& a = *available;
1070 BEAST_EXPECT(!a);
1071 }
1072 }
1073 {
1074 // bad version 3
1075 auto const available = trustedKeys->getAvailable(hexPublic, 3);
1076 if (BEAST_EXPECT(available))
1077 {
1078 auto const& a = *available;
1079 BEAST_EXPECT(!a);
1080 }
1081 }
1082 {
1083 // version 1
1084 auto const available = trustedKeys->getAvailable(hexPublic, 1);
1085 if (BEAST_EXPECT(available))
1086 {
1087 auto const& a = *available;
1088 BEAST_EXPECT(a[jss::public_key] == hexPublic);
1089 BEAST_EXPECT(a[jss::manifest] == manifest);
1090 BEAST_EXPECT(a[jss::version] == 1);
1091
1092 BEAST_EXPECT(a[jss::blob] == blob);
1093 BEAST_EXPECT(a[jss::signature] == sig);
1094 BEAST_EXPECT(!a.isMember(jss::blobs_v2));
1095 }
1096 }
1097
1098 {
1099 // version 2
1100 auto const available = trustedKeys->getAvailable(hexPublic, 2);
1101 if (BEAST_EXPECT(available))
1102 {
1103 auto const& a = *available;
1104 BEAST_EXPECT(a[jss::public_key] == hexPublic);
1105 BEAST_EXPECT(a[jss::manifest] == manifest);
1106 BEAST_EXPECT(a[jss::version] == 2);
1107
1108 if (BEAST_EXPECT(a.isMember(jss::blobs_v2)))
1109 {
1110 BEAST_EXPECT(!a.isMember(jss::blob));
1111 BEAST_EXPECT(!a.isMember(jss::signature));
1112 auto const& blobs_v2 = a[jss::blobs_v2];
1113 BEAST_EXPECT(blobs_v2.isArray() && blobs_v2.size() == 1);
1114
1115 BEAST_EXPECT(blobs_v2[0u][jss::blob] == blob);
1116 BEAST_EXPECT(blobs_v2[0u][jss::signature] == sig);
1117 }
1118 }
1119 }
1120 }
1121
1122 void
1123 testUpdateTrusted()
1124 {
1125 testcase("Update trusted");
1126
1127 std::string const siteUri = "testUpdateTrusted.test";
1128
1129 ManifestCache manifestsOuter;
1130 jtx::Env env(*this);
1131 auto& app = env.app();
1132 auto trustedKeysOuter = std::make_unique<ValidatorList>(
1133 manifestsOuter,
1134 manifestsOuter,
1135 env.timeKeeper(),
1136 app.config().legacy("database_path"),
1137 env.journal);
1138
1139 std::vector<std::string> cfgPublishersOuter;
1140 hash_set<NodeID> activeValidatorsOuter;
1141
1142 std::size_t const maxKeys = 40;
1143 {
1144 std::vector<std::string> cfgKeys;
1145 cfgKeys.reserve(maxKeys);
1146 hash_set<NodeID> unseenValidators;
1147
1148 while (cfgKeys.size() != maxKeys)
1149 {
1150 auto const valKey = randomNode();
1151 cfgKeys.push_back(toBase58(TokenType::NodePublic, valKey));
1152 if (cfgKeys.size() <= maxKeys - 5)
1153 activeValidatorsOuter.emplace(calcNodeID(valKey));
1154 else
1155 unseenValidators.emplace(calcNodeID(valKey));
1156 }
1157
1158 BEAST_EXPECT(
1159 trustedKeysOuter->load({}, cfgKeys, cfgPublishersOuter));
1160
1161 // updateTrusted should make all configured validators trusted
1162 // even if they are not active/seen
1163 TrustChanges changes = trustedKeysOuter->updateTrusted(
1164 activeValidatorsOuter,
1165 env.timeKeeper().now(),
1166 env.app().getOPs(),
1167 env.app().overlay(),
1168 env.app().getHashRouter());
1169
1170 for (auto const& val : unseenValidators)
1171 activeValidatorsOuter.emplace(val);
1172
1173 BEAST_EXPECT(changes.added == activeValidatorsOuter);
1174 BEAST_EXPECT(changes.removed.empty());
1175 BEAST_EXPECT(
1176 trustedKeysOuter->quorum() == std::ceil(cfgKeys.size() * 0.8f));
1177 for (auto const& val : cfgKeys)
1178 {
1179 if (auto const valKey =
1180 parseBase58<PublicKey>(TokenType::NodePublic, val))
1181 {
1182 BEAST_EXPECT(trustedKeysOuter->listed(*valKey));
1183 BEAST_EXPECT(trustedKeysOuter->trusted(*valKey));
1184 }
1185 else
1186 fail();
1187 }
1188
1189 changes = trustedKeysOuter->updateTrusted(
1190 activeValidatorsOuter,
1191 env.timeKeeper().now(),
1192 env.app().getOPs(),
1193 env.app().overlay(),
1194 env.app().getHashRouter());
1195 BEAST_EXPECT(changes.added.empty());
1196 BEAST_EXPECT(changes.removed.empty());
1197 BEAST_EXPECT(
1198 trustedKeysOuter->quorum() == std::ceil(cfgKeys.size() * 0.8f));
1199 }
1200 {
1201 // update with manifests
1202 auto const masterPrivate = randomSecretKey();
1203 auto const masterPublic =
1204 derivePublicKey(KeyType::ed25519, masterPrivate);
1205
1206 std::vector<std::string> cfgKeys(
1207 {toBase58(TokenType::NodePublic, masterPublic)});
1208
1209 BEAST_EXPECT(
1210 trustedKeysOuter->load({}, cfgKeys, cfgPublishersOuter));
1211
1212 auto const signingKeys1 = randomKeyPair(KeyType::secp256k1);
1213 auto const signingPublic1 = signingKeys1.first;
1214 activeValidatorsOuter.emplace(calcNodeID(masterPublic));
1215
1216 // Should not trust ephemeral signing key if there is no manifest
1217 TrustChanges changes = trustedKeysOuter->updateTrusted(
1218 activeValidatorsOuter,
1219 env.timeKeeper().now(),
1220 env.app().getOPs(),
1221 env.app().overlay(),
1222 env.app().getHashRouter());
1223 BEAST_EXPECT(changes.added == asNodeIDs({masterPublic}));
1224 BEAST_EXPECT(changes.removed.empty());
1225 BEAST_EXPECT(
1226 trustedKeysOuter->quorum() == std::ceil((maxKeys + 1) * 0.8f));
1227 BEAST_EXPECT(trustedKeysOuter->listed(masterPublic));
1228 BEAST_EXPECT(trustedKeysOuter->trusted(masterPublic));
1229 BEAST_EXPECT(!trustedKeysOuter->listed(signingPublic1));
1230 BEAST_EXPECT(!trustedKeysOuter->trusted(signingPublic1));
1231
1232 // Should trust the ephemeral signing key from the applied manifest
1233 auto m1 = deserializeManifest(makeManifestString(
1234 masterPublic,
1235 masterPrivate,
1236 signingPublic1,
1237 signingKeys1.second,
1238 1));
1239
1240 BEAST_EXPECT(
1241 manifestsOuter.applyManifest(std::move(*m1)) ==
1242 ManifestDisposition::accepted);
1243 BEAST_EXPECT(trustedKeysOuter->listed(masterPublic));
1244 BEAST_EXPECT(trustedKeysOuter->trusted(masterPublic));
1245 BEAST_EXPECT(trustedKeysOuter->listed(signingPublic1));
1246 BEAST_EXPECT(trustedKeysOuter->trusted(signingPublic1));
1247
1248 // Should only trust the ephemeral signing key
1249 // from the newest applied manifest
1250 auto const signingKeys2 = randomKeyPair(KeyType::secp256k1);
1251 auto const signingPublic2 = signingKeys2.first;
1252 auto m2 = deserializeManifest(makeManifestString(
1253 masterPublic,
1254 masterPrivate,
1255 signingPublic2,
1256 signingKeys2.second,
1257 2));
1258 BEAST_EXPECT(
1259 manifestsOuter.applyManifest(std::move(*m2)) ==
1260 ManifestDisposition::accepted);
1261 BEAST_EXPECT(trustedKeysOuter->listed(masterPublic));
1262 BEAST_EXPECT(trustedKeysOuter->trusted(masterPublic));
1263 BEAST_EXPECT(trustedKeysOuter->listed(signingPublic2));
1264 BEAST_EXPECT(trustedKeysOuter->trusted(signingPublic2));
1265 BEAST_EXPECT(!trustedKeysOuter->listed(signingPublic1));
1266 BEAST_EXPECT(!trustedKeysOuter->trusted(signingPublic1));
1267
1268 // Should not trust keys from revoked master public key
1269 auto const signingKeysMax = randomKeyPair(KeyType::secp256k1);
1270 auto const signingPublicMax = signingKeysMax.first;
1271 activeValidatorsOuter.emplace(calcNodeID(signingPublicMax));
1272 auto mMax = deserializeManifest(
1273 makeRevocationString(masterPublic, masterPrivate));
1274
1275 BEAST_EXPECT(mMax->revoked());
1276 BEAST_EXPECT(
1277 manifestsOuter.applyManifest(std::move(*mMax)) ==
1278 ManifestDisposition::accepted);
1279 BEAST_EXPECT(
1280 manifestsOuter.getSigningKey(masterPublic) == masterPublic);
1281 BEAST_EXPECT(manifestsOuter.revoked(masterPublic));
1282
1283 // Revoked key remains trusted until list is updated
1284 BEAST_EXPECT(trustedKeysOuter->listed(masterPublic));
1285 BEAST_EXPECT(trustedKeysOuter->trusted(masterPublic));
1286
1287 changes = trustedKeysOuter->updateTrusted(
1288 activeValidatorsOuter,
1289 env.timeKeeper().now(),
1290 env.app().getOPs(),
1291 env.app().overlay(),
1292 env.app().getHashRouter());
1293 BEAST_EXPECT(changes.removed == asNodeIDs({masterPublic}));
1294 BEAST_EXPECT(changes.added.empty());
1295 BEAST_EXPECT(
1296 trustedKeysOuter->quorum() == std::ceil(maxKeys * 0.8f));
1297 BEAST_EXPECT(trustedKeysOuter->listed(masterPublic));
1298 BEAST_EXPECT(!trustedKeysOuter->trusted(masterPublic));
1299 BEAST_EXPECT(!trustedKeysOuter->listed(signingPublicMax));
1300 BEAST_EXPECT(!trustedKeysOuter->trusted(signingPublicMax));
1301 BEAST_EXPECT(!trustedKeysOuter->listed(signingPublic2));
1302 BEAST_EXPECT(!trustedKeysOuter->trusted(signingPublic2));
1303 BEAST_EXPECT(!trustedKeysOuter->listed(signingPublic1));
1304 BEAST_EXPECT(!trustedKeysOuter->trusted(signingPublic1));
1305 }
1306 {
1307 // Make quorum unattainable if lists from any publishers are
1308 // unavailable
1309 auto trustedKeys = std::make_unique<ValidatorList>(
1310 manifestsOuter,
1311 manifestsOuter,
1312 env.timeKeeper(),
1313 app.config().legacy("database_path"),
1314 env.journal);
1315 auto const publisherSecret = randomSecretKey();
1316 auto const publisherPublic =
1317 derivePublicKey(KeyType::ed25519, publisherSecret);
1318
1319 std::vector<std::string> cfgPublishers({strHex(publisherPublic)});
1320 std::vector<std::string> emptyCfgKeys;
1321
1322 BEAST_EXPECT(trustedKeys->load({}, emptyCfgKeys, cfgPublishers));
1323
1324 TrustChanges changes = trustedKeys->updateTrusted(
1325 activeValidatorsOuter,
1326 env.timeKeeper().now(),
1327 env.app().getOPs(),
1328 env.app().overlay(),
1329 env.app().getHashRouter());
1330 BEAST_EXPECT(changes.removed.empty());
1331 BEAST_EXPECT(changes.added.empty());
1332 BEAST_EXPECT(
1333 trustedKeys->quorum() ==
1334 std::numeric_limits<std::size_t>::max());
1335 }
1336 {
1337 // Trust explicitly listed validators also when list threshold is
1338 // higher than 1
1339 auto trustedKeys = std::make_unique<ValidatorList>(
1340 manifestsOuter,
1341 manifestsOuter,
1342 env.timeKeeper(),
1343 app.config().legacy("database_path"),
1344 env.journal);
1345 auto const masterPrivate = randomSecretKey();
1346 auto const masterPublic =
1347 derivePublicKey(KeyType::ed25519, masterPrivate);
1348 std::vector<std::string> cfgKeys(
1349 {toBase58(TokenType::NodePublic, masterPublic)});
1350
1351 auto const publisher1Secret = randomSecretKey();
1352 auto const publisher1Public =
1353 derivePublicKey(KeyType::ed25519, publisher1Secret);
1354 auto const publisher2Secret = randomSecretKey();
1355 auto const publisher2Public =
1356 derivePublicKey(KeyType::ed25519, publisher2Secret);
1357 std::vector<std::string> cfgPublishers(
1358 {strHex(publisher1Public), strHex(publisher2Public)});
1359
1360 BEAST_EXPECT(
1361 trustedKeys->load({}, cfgKeys, cfgPublishers, std::size_t(2)));
1362
1363 TrustChanges changes = trustedKeys->updateTrusted(
1364 activeValidatorsOuter,
1365 env.timeKeeper().now(),
1366 env.app().getOPs(),
1367 env.app().overlay(),
1368 env.app().getHashRouter());
1369 BEAST_EXPECT(changes.removed.empty());
1370 BEAST_EXPECT(changes.added.size() == 1);
1371 BEAST_EXPECT(trustedKeys->listed(masterPublic));
1372 BEAST_EXPECT(trustedKeys->trusted(masterPublic));
1373 }
1374 {
1375 // Should use custom minimum quorum
1376 std::size_t const minQuorum = 1;
1377 ManifestCache manifests;
1378 auto trustedKeys = std::make_unique<ValidatorList>(
1379 manifests,
1380 manifests,
1381 env.timeKeeper(),
1382 app.config().legacy("database_path"),
1383 env.journal,
1384 minQuorum);
1385
1386 std::size_t n = 10;
1387 std::vector<std::string> cfgKeys;
1388 cfgKeys.reserve(n);
1389 hash_set<NodeID> expectedTrusted;
1390 hash_set<NodeID> activeValidators;
1391 NodeID toBeSeen;
1392
1393 while (cfgKeys.size() < n)
1394 {
1395 auto const valKey = randomNode();
1396 cfgKeys.push_back(toBase58(TokenType::NodePublic, valKey));
1397 expectedTrusted.emplace(calcNodeID(valKey));
1398 if (cfgKeys.size() < std::ceil(n * 0.8f))
1399 activeValidators.emplace(calcNodeID(valKey));
1400 else if (cfgKeys.size() < std::ceil(n * 0.8f))
1401 toBeSeen = calcNodeID(valKey);
1402 }
1403
1404 BEAST_EXPECT(trustedKeys->load({}, cfgKeys, cfgPublishersOuter));
1405
1406 TrustChanges changes = trustedKeys->updateTrusted(
1407 activeValidators,
1408 env.timeKeeper().now(),
1409 env.app().getOPs(),
1410 env.app().overlay(),
1411 env.app().getHashRouter());
1412 BEAST_EXPECT(changes.removed.empty());
1413 BEAST_EXPECT(changes.added == expectedTrusted);
1414 BEAST_EXPECT(trustedKeys->quorum() == minQuorum);
1415
1416 // Use configured quorum even when seen validators >= quorum
1417 activeValidators.emplace(toBeSeen);
1418 changes = trustedKeys->updateTrusted(
1419 activeValidators,
1420 env.timeKeeper().now(),
1421 env.app().getOPs(),
1422 env.app().overlay(),
1423 env.app().getHashRouter());
1424 BEAST_EXPECT(changes.removed.empty());
1425 BEAST_EXPECT(changes.added.empty());
1426 BEAST_EXPECT(trustedKeys->quorum() == minQuorum);
1427 }
1428 {
1429 // Remove expired published list
1430 auto trustedKeys = std::make_unique<ValidatorList>(
1431 manifestsOuter,
1432 manifestsOuter,
1433 env.app().timeKeeper(),
1434 app.config().legacy("database_path"),
1435 env.journal);
1436
1437 std::vector<std::string> emptyCfgKeys;
1438 auto const publisherKeys = randomKeyPair(KeyType::secp256k1);
1439 auto const pubSigningKeys = randomKeyPair(KeyType::secp256k1);
1440 auto const manifest = base64_encode(makeManifestString(
1441 publisherKeys.first,
1442 publisherKeys.second,
1443 pubSigningKeys.first,
1444 pubSigningKeys.second,
1445 1));
1446
1447 std::vector<std::string> cfgKeys({strHex(publisherKeys.first)});
1448
1449 BEAST_EXPECT(trustedKeys->load({}, emptyCfgKeys, cfgKeys));
1450
1451 std::vector<Validator> list({randomValidator(), randomValidator()});
1452 hash_set<NodeID> activeValidators(
1453 asNodeIDs({list[0].masterPublic, list[1].masterPublic}));
1454
1455 // do not apply expired list
1456 auto const version = 1;
1457 auto const sequence = 1;
1458 using namespace std::chrono_literals;
1459 NetClock::time_point const validUntil =
1460 env.timeKeeper().now() + 60s;
1461 auto const blob =
1462 makeList(list, sequence, validUntil.time_since_epoch().count());
1463 auto const sig = signList(blob, pubSigningKeys);
1464
1465 BEAST_EXPECT(
1466 ListDisposition::accepted ==
1467 trustedKeys
1468 ->applyLists(manifest, version, {{blob, sig, {}}}, siteUri)
1469 .bestDisposition());
1470
1471 TrustChanges changes = trustedKeys->updateTrusted(
1472 activeValidators,
1473 env.timeKeeper().now(),
1474 env.app().getOPs(),
1475 env.app().overlay(),
1476 env.app().getHashRouter());
1477 BEAST_EXPECT(changes.removed.empty());
1478 BEAST_EXPECT(changes.added == activeValidators);
1479 for (Validator const& val : list)
1480 {
1481 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
1482 BEAST_EXPECT(trustedKeys->trusted(val.signingPublic));
1483 }
1484 BEAST_EXPECT(trustedKeys->quorum() == 2);
1485
1486 env.timeKeeper().set(validUntil);
1487 changes = trustedKeys->updateTrusted(
1488 activeValidators,
1489 env.timeKeeper().now(),
1490 env.app().getOPs(),
1491 env.app().overlay(),
1492 env.app().getHashRouter());
1493 BEAST_EXPECT(changes.removed == activeValidators);
1494 BEAST_EXPECT(changes.added.empty());
1495 BEAST_EXPECT(!trustedKeys->trusted(list[0].masterPublic));
1496 BEAST_EXPECT(!trustedKeys->trusted(list[1].masterPublic));
1497 BEAST_EXPECT(
1498 trustedKeys->quorum() ==
1499 std::numeric_limits<std::size_t>::max());
1500
1501 // (Re)trust validators from new valid list
1502 std::vector<Validator> list2({list[0], randomValidator()});
1503 activeValidators.insert(calcNodeID(list2[1].masterPublic));
1504 auto const sequence2 = 2;
1505 NetClock::time_point const expiration2 =
1506 env.timeKeeper().now() + 60s;
1507 auto const blob2 = makeList(
1508 list2, sequence2, expiration2.time_since_epoch().count());
1509 auto const sig2 = signList(blob2, pubSigningKeys);
1510
1511 BEAST_EXPECT(
1512 ListDisposition::accepted ==
1513 trustedKeys
1514 ->applyLists(
1515 manifest, version, {{blob2, sig2, {}}}, siteUri)
1516 .bestDisposition());
1517
1518 changes = trustedKeys->updateTrusted(
1519 activeValidators,
1520 env.timeKeeper().now(),
1521 env.app().getOPs(),
1522 env.app().overlay(),
1523 env.app().getHashRouter());
1524 BEAST_EXPECT(changes.removed.empty());
1525 BEAST_EXPECT(
1526 changes.added ==
1527 asNodeIDs({list2[0].masterPublic, list2[1].masterPublic}));
1528 for (Validator const& val : list2)
1529 {
1530 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
1531 BEAST_EXPECT(trustedKeys->trusted(val.signingPublic));
1532 }
1533 BEAST_EXPECT(!trustedKeys->trusted(list[1].masterPublic));
1534 BEAST_EXPECT(!trustedKeys->trusted(list[1].signingPublic));
1535 BEAST_EXPECT(trustedKeys->quorum() == 2);
1536 }
1537 {
1538 // Test 1-9 configured validators
1539 auto trustedKeys = std::make_unique<ValidatorList>(
1540 manifestsOuter,
1541 manifestsOuter,
1542 env.timeKeeper(),
1543 app.config().legacy("database_path"),
1544 env.journal);
1545
1546 std::vector<std::string> cfgPublishers;
1547 hash_set<NodeID> activeValidators;
1548 hash_set<PublicKey> activeKeys;
1549
1550 std::vector<std::string> cfgKeys;
1551 cfgKeys.reserve(9);
1552
1553 while (cfgKeys.size() < cfgKeys.capacity())
1554 {
1555 auto const valKey = randomNode();
1556 cfgKeys.push_back(toBase58(TokenType::NodePublic, valKey));
1557 activeValidators.emplace(calcNodeID(valKey));
1558 activeKeys.emplace(valKey);
1559 BEAST_EXPECT(trustedKeys->load({}, cfgKeys, cfgPublishers));
1560 TrustChanges changes = trustedKeys->updateTrusted(
1561 activeValidators,
1562 env.timeKeeper().now(),
1563 env.app().getOPs(),
1564 env.app().overlay(),
1565 env.app().getHashRouter());
1566 BEAST_EXPECT(changes.removed.empty());
1567 BEAST_EXPECT(changes.added == asNodeIDs({valKey}));
1568 BEAST_EXPECT(
1569 trustedKeys->quorum() == std::ceil(cfgKeys.size() * 0.8f));
1570 for (auto const& key : activeKeys)
1571 BEAST_EXPECT(trustedKeys->trusted(key));
1572 }
1573 }
1574 {
1575 // Test 2-9 configured validators as validator
1576 auto trustedKeys = std::make_unique<ValidatorList>(
1577 manifestsOuter,
1578 manifestsOuter,
1579 env.timeKeeper(),
1580 app.config().legacy("database_path"),
1581 env.journal);
1582
1583 auto const localKey = randomNode();
1584 std::vector<std::string> cfgPublishers;
1585 hash_set<NodeID> activeValidators;
1586 hash_set<PublicKey> activeKeys;
1587 std::vector<std::string> cfgKeys{
1588 toBase58(TokenType::NodePublic, localKey)};
1589 cfgKeys.reserve(9);
1590
1591 while (cfgKeys.size() < cfgKeys.capacity())
1592 {
1593 auto const valKey = randomNode();
1594 cfgKeys.push_back(toBase58(TokenType::NodePublic, valKey));
1595 activeValidators.emplace(calcNodeID(valKey));
1596 activeKeys.emplace(valKey);
1597
1598 BEAST_EXPECT(
1599 trustedKeys->load(localKey, cfgKeys, cfgPublishers));
1600 TrustChanges changes = trustedKeys->updateTrusted(
1601 activeValidators,
1602 env.timeKeeper().now(),
1603 env.app().getOPs(),
1604 env.app().overlay(),
1605 env.app().getHashRouter());
1606 BEAST_EXPECT(changes.removed.empty());
1607 if (cfgKeys.size() > 2)
1608 BEAST_EXPECT(changes.added == asNodeIDs({valKey}));
1609 else
1610 BEAST_EXPECT(
1611 changes.added == asNodeIDs({localKey, valKey}));
1612
1613 BEAST_EXPECT(
1614 trustedKeys->quorum() == std::ceil(cfgKeys.size() * 0.8f));
1615
1616 for (auto const& key : activeKeys)
1617 BEAST_EXPECT(trustedKeys->trusted(key));
1618 }
1619 }
1620 {
1621 // Trusted set should include all validators from multiple lists
1622 ManifestCache manifests;
1623 auto trustedKeys = std::make_unique<ValidatorList>(
1624 manifests,
1625 manifests,
1626 env.timeKeeper(),
1627 app.config().legacy("database_path"),
1628 env.journal);
1629
1630 hash_set<NodeID> activeValidators;
1631 std::vector<Validator> valKeys;
1632 valKeys.reserve(maxKeys);
1633
1634 while (valKeys.size() != maxKeys)
1635 {
1636 valKeys.push_back(randomValidator());
1637 activeValidators.emplace(
1638 calcNodeID(valKeys.back().masterPublic));
1639 }
1640
1641 // locals[0]: from 0 to maxKeys - 4
1642 // locals[1]: from 1 to maxKeys - 2
1643 // locals[2]: from 2 to maxKeys
1644 constexpr static int publishers = 3;
1645 std::array<
1646 std::pair<
1647 decltype(valKeys)::const_iterator,
1648 decltype(valKeys)::const_iterator>,
1649 publishers>
1650 locals = {
1651 std::make_pair(valKeys.cbegin(), valKeys.cend() - 4),
1652 std::make_pair(valKeys.cbegin() + 1, valKeys.cend() - 2),
1653 std::make_pair(valKeys.cbegin() + 2, valKeys.cend()),
1654 };
1655
1656 auto addPublishedList = [&, this](int i) {
1657 auto const publisherSecret = randomSecretKey();
1658 auto const publisherPublic =
1659 derivePublicKey(KeyType::ed25519, publisherSecret);
1660 auto const pubSigningKeys = randomKeyPair(KeyType::secp256k1);
1661 auto const manifest = base64_encode(makeManifestString(
1662 publisherPublic,
1663 publisherSecret,
1664 pubSigningKeys.first,
1665 pubSigningKeys.second,
1666 1));
1667
1668 std::vector<std::string> cfgPublishers(
1669 {strHex(publisherPublic)});
1670 std::vector<std::string> emptyCfgKeys;
1671
1672 // Threshold of 1 will result in a union of all the lists
1673 BEAST_EXPECT(trustedKeys->load(
1674 {}, emptyCfgKeys, cfgPublishers, std::size_t(1)));
1675
1676 auto const version = 1;
1677 auto const sequence = 1;
1678 using namespace std::chrono_literals;
1679 NetClock::time_point const validUntil =
1680 env.timeKeeper().now() + 3600s;
1681 std::vector<Validator> localKeys{
1682 locals[i].first, locals[i].second};
1683 auto const blob = makeList(
1684 localKeys, sequence, validUntil.time_since_epoch().count());
1685 auto const sig = signList(blob, pubSigningKeys);
1686
1687 BEAST_EXPECT(
1688 ListDisposition::accepted ==
1689 trustedKeys
1690 ->applyLists(
1691 manifest, version, {{blob, sig, {}}}, siteUri)
1692 .bestDisposition());
1693 };
1694
1695 // Apply multiple published lists
1696 for (auto i = 0; i < publishers; ++i)
1697 addPublishedList(i);
1698 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
1699
1700 TrustChanges changes = trustedKeys->updateTrusted(
1701 activeValidators,
1702 env.timeKeeper().now(),
1703 env.app().getOPs(),
1704 env.app().overlay(),
1705 env.app().getHashRouter());
1706
1707 BEAST_EXPECT(
1708 trustedKeys->quorum() == std::ceil(valKeys.size() * 0.8f));
1709
1710 hash_set<NodeID> added;
1711 for (auto const& val : valKeys)
1712 {
1713 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
1714 added.insert(calcNodeID(val.masterPublic));
1715 }
1716 BEAST_EXPECT(changes.added == added);
1717 BEAST_EXPECT(changes.removed.empty());
1718 }
1719 {
1720 // Trusted set should include validators from intersection of lists
1721 ManifestCache manifests;
1722 auto trustedKeys = std::make_unique<ValidatorList>(
1723 manifests,
1724 manifests,
1725 env.timeKeeper(),
1726 app.config().legacy("database_path"),
1727 env.journal);
1728
1729 hash_set<NodeID> activeValidators;
1730 std::vector<Validator> valKeys;
1731 valKeys.reserve(maxKeys);
1732
1733 while (valKeys.size() != maxKeys)
1734 {
1735 valKeys.push_back(randomValidator());
1736 activeValidators.emplace(
1737 calcNodeID(valKeys.back().masterPublic));
1738 }
1739
1740 // locals[0]: from 0 to maxKeys - 4
1741 // locals[1]: from 1 to maxKeys - 2
1742 // locals[2]: from 2 to maxKeys
1743 // intersection of at least 2: same as locals[1]
1744 // intersection when 1 is dropped: from 2 to maxKeys - 4
1745 constexpr static int publishers = 3;
1746 std::array<
1747 std::pair<
1748 decltype(valKeys)::const_iterator,
1749 decltype(valKeys)::const_iterator>,
1750 publishers>
1751 locals = {
1752 std::make_pair(valKeys.cbegin(), valKeys.cend() - 4),
1753 std::make_pair(valKeys.cbegin() + 1, valKeys.cend() - 2),
1754 std::make_pair(valKeys.cbegin() + 2, valKeys.cend()),
1755 };
1756
1757 auto addPublishedList = [&, this](
1758 int i,
1759 NetClock::time_point& validUntil1,
1760 NetClock::time_point& validUntil2) {
1761 auto const publisherSecret = randomSecretKey();
1762 auto const publisherPublic =
1763 derivePublicKey(KeyType::ed25519, publisherSecret);
1764 auto const pubSigningKeys = randomKeyPair(KeyType::secp256k1);
1765 auto const manifest = base64_encode(makeManifestString(
1766 publisherPublic,
1767 publisherSecret,
1768 pubSigningKeys.first,
1769 pubSigningKeys.second,
1770 1));
1771
1772 std::vector<std::string> cfgPublishers(
1773 {strHex(publisherPublic)});
1774 std::vector<std::string> emptyCfgKeys;
1775
1776 BEAST_EXPECT(
1777 trustedKeys->load({}, emptyCfgKeys, cfgPublishers));
1778
1779 auto const version = 1;
1780 auto const sequence = 1;
1781 using namespace std::chrono_literals;
1782 // Want to drop 1 sooner
1783 NetClock::time_point const validUntil = env.timeKeeper().now() +
1784 (i == 2 ? 120s
1785 : i == 1 ? 60s
1786 : 3600s);
1787 if (i == 1)
1788 validUntil1 = validUntil;
1789 else if (i == 2)
1790 validUntil2 = validUntil;
1791 std::vector<Validator> localKeys{
1792 locals[i].first, locals[i].second};
1793 auto const blob = makeList(
1794 localKeys, sequence, validUntil.time_since_epoch().count());
1795 auto const sig = signList(blob, pubSigningKeys);
1796
1797 BEAST_EXPECT(
1798 ListDisposition::accepted ==
1799 trustedKeys
1800 ->applyLists(
1801 manifest, version, {{blob, sig, {}}}, siteUri)
1802 .bestDisposition());
1803 };
1804
1805 // Apply multiple published lists
1806 // validUntil1 is expiration time for locals[1]
1807 NetClock::time_point validUntil1, validUntil2;
1808 for (auto i = 0; i < publishers; ++i)
1809 addPublishedList(i, validUntil1, validUntil2);
1810 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
1811
1812 TrustChanges changes = trustedKeys->updateTrusted(
1813 activeValidators,
1814 env.timeKeeper().now(),
1815 env.app().getOPs(),
1816 env.app().overlay(),
1817 env.app().getHashRouter());
1818
1819 BEAST_EXPECT(
1820 trustedKeys->quorum() ==
1821 std::ceil((valKeys.size() - 3) * 0.8f));
1822
1823 for (auto const& val : valKeys)
1824 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
1825
1826 hash_set<NodeID> added;
1827 for (std::size_t i = 0; i < maxKeys; ++i)
1828 {
1829 auto const& val = valKeys[i];
1830 if (i >= 1 && i < maxKeys - 2)
1831 {
1832 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
1833 added.insert(calcNodeID(val.masterPublic));
1834 }
1835 else
1836 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
1837 }
1838 BEAST_EXPECT(changes.added == added);
1839 BEAST_EXPECT(changes.removed.empty());
1840
1841 // Expire locals[1]
1842 env.timeKeeper().set(validUntil1);
1843 changes = trustedKeys->updateTrusted(
1844 activeValidators,
1845 env.timeKeeper().now(),
1846 env.app().getOPs(),
1847 env.app().overlay(),
1848 env.app().getHashRouter());
1849
1850 BEAST_EXPECT(
1851 trustedKeys->quorum() ==
1852 std::ceil((valKeys.size() - 6) * 0.8f));
1853
1854 for (auto const& val : valKeys)
1855 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
1856
1857 hash_set<NodeID> removed;
1858 for (std::size_t i = 0; i < maxKeys; ++i)
1859 {
1860 auto const& val = valKeys[i];
1861 if (i >= 2 && i < maxKeys - 4)
1862 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
1863 else
1864 {
1865 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
1866 if (i >= 1 && i < maxKeys - 2)
1867 removed.insert(calcNodeID(val.masterPublic));
1868 }
1869 }
1870
1871 BEAST_EXPECT(changes.added.empty());
1872 BEAST_EXPECT(changes.removed == removed);
1873
1874 // Expire locals[2], which removes all validators
1875 env.timeKeeper().set(validUntil2);
1876 changes = trustedKeys->updateTrusted(
1877 activeValidators,
1878 env.timeKeeper().now(),
1879 env.app().getOPs(),
1880 env.app().overlay(),
1881 env.app().getHashRouter());
1882
1883 BEAST_EXPECT(
1884 trustedKeys->quorum() ==
1885 std::numeric_limits<std::size_t>::max());
1886
1887 removed.clear();
1888 for (std::size_t i = 0; i < maxKeys; ++i)
1889 {
1890 auto const& val = valKeys[i];
1891 if (i < maxKeys - 4)
1892 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
1893 else
1894 BEAST_EXPECT(!trustedKeys->listed(val.masterPublic));
1895
1896 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
1897 if (i >= 2 && i < maxKeys - 4)
1898 removed.insert(calcNodeID(val.masterPublic));
1899 }
1900
1901 BEAST_EXPECT(changes.added.empty());
1902 BEAST_EXPECT(changes.removed == removed);
1903 }
1904 }
1905
1906 void
1907 testExpires()
1908 {
1909 testcase("Expires");
1910
1911 std::string const siteUri = "testExpires.test";
1912
1913 jtx::Env env(*this);
1914 auto& app = env.app();
1915
1916 auto toStr = [](PublicKey const& publicKey) {
1917 return toBase58(TokenType::NodePublic, publicKey);
1918 };
1919
1920 // Config listed keys
1921 {
1922 ManifestCache manifests;
1923 auto trustedKeys = std::make_unique<ValidatorList>(
1924 manifests,
1925 manifests,
1926 env.timeKeeper(),
1927 app.config().legacy("database_path"),
1928 env.journal);
1929
1930 // Empty list has no expiration
1931 BEAST_EXPECT(trustedKeys->expires() == std::nullopt);
1932
1933 // Config listed keys have maximum expiry
1934 PublicKey localCfgListed = randomNode();
1935 trustedKeys->load({}, {toStr(localCfgListed)}, {});
1936 BEAST_EXPECT(
1937 trustedKeys->expires() &&
1938 trustedKeys->expires().value() == NetClock::time_point::max());
1939 BEAST_EXPECT(trustedKeys->listed(localCfgListed));
1940 }
1941
1942 // Published keys with expirations
1943 {
1944 ManifestCache manifests;
1945 auto trustedKeys = std::make_unique<ValidatorList>(
1946 manifests,
1947 manifests,
1948 env.app().timeKeeper(),
1949 app.config().legacy("database_path"),
1950 env.journal);
1951
1952 std::vector<Validator> validators = {randomValidator()};
1953 hash_set<NodeID> activeValidators;
1954 for (Validator const& val : validators)
1955 activeValidators.insert(calcNodeID(val.masterPublic));
1956 // Store prepared list data to control when it is applied
1957 struct PreparedList
1958 {
1959 PublicKey publisherPublic;
1960 std::string manifest;
1961 std::vector<ValidatorBlobInfo> blobs;
1962 int version;
1963 std::vector<NetClock::time_point> expirations;
1964 };
1965
1966 using namespace std::chrono_literals;
1967 auto addPublishedList = [this, &env, &trustedKeys, &validators]() {
1968 auto const publisherSecret = randomSecretKey();
1969 auto const publisherPublic =
1970 derivePublicKey(KeyType::ed25519, publisherSecret);
1971 auto const pubSigningKeys = randomKeyPair(KeyType::secp256k1);
1972 auto const manifest = base64_encode(makeManifestString(
1973 publisherPublic,
1974 publisherSecret,
1975 pubSigningKeys.first,
1976 pubSigningKeys.second,
1977 1));
1978
1979 std::vector<std::string> cfgPublishers(
1980 {strHex(publisherPublic)});
1981 std::vector<std::string> emptyCfgKeys;
1982
1983 BEAST_EXPECT(
1984 trustedKeys->load({}, emptyCfgKeys, cfgPublishers));
1985
1986 auto const version = 2;
1987 auto const sequence1 = 1;
1988 NetClock::time_point const expiration1 =
1989 env.timeKeeper().now() + 1800s;
1990 auto const blob1 = makeList(
1991 validators,
1992 sequence1,
1993 expiration1.time_since_epoch().count());
1994 auto const sig1 = signList(blob1, pubSigningKeys);
1995
1996 NetClock::time_point const effective2 = expiration1 - 300s;
1997 NetClock::time_point const expiration2 = effective2 + 1800s;
1998 auto const sequence2 = 2;
1999 auto const blob2 = makeList(
2000 validators,
2001 sequence2,
2002 expiration2.time_since_epoch().count(),
2003 effective2.time_since_epoch().count());
2004 auto const sig2 = signList(blob2, pubSigningKeys);
2005
2006 return PreparedList{
2007 publisherPublic,
2008 manifest,
2009 {{blob1, sig1, {}}, {blob2, sig2, {}}},
2010 version,
2011 {expiration1, expiration2}};
2012 };
2013
2014 // Configure two publishers and prepare 2 lists
2015 PreparedList prep1 = addPublishedList();
2016 env.timeKeeper().set(env.timeKeeper().now() + 200s);
2017 PreparedList prep2 = addPublishedList();
2018
2019 // Initially, no list has been published, so no known expiration
2020 BEAST_EXPECT(trustedKeys->expires() == std::nullopt);
2021
2022 // Apply first list
2023 checkResult(
2024 trustedKeys->applyLists(
2025 prep1.manifest, prep1.version, prep1.blobs, siteUri),
2026 prep1.publisherPublic,
2027 ListDisposition::pending,
2028 ListDisposition::accepted);
2029
2030 // One list still hasn't published, so expiration is still
2031 // unknown
2032 BEAST_EXPECT(trustedKeys->expires() == std::nullopt);
2033
2034 // Apply second list
2035 checkResult(
2036 trustedKeys->applyLists(
2037 prep2.manifest, prep2.version, prep2.blobs, siteUri),
2038 prep2.publisherPublic,
2039 ListDisposition::pending,
2040 ListDisposition::accepted);
2041 // We now have loaded both lists, so expiration is known
2042 BEAST_EXPECT(
2043 trustedKeys->expires() &&
2044 trustedKeys->expires().value() == prep1.expirations.back());
2045
2046 // Advance past the first list's LAST validFrom date. It remains
2047 // the earliest validUntil, while rotating in the second list
2048 {
2049 env.timeKeeper().set(prep1.expirations.front() - 1s);
2050 auto changes = trustedKeys->updateTrusted(
2051 activeValidators,
2052 env.timeKeeper().now(),
2053 env.app().getOPs(),
2054 env.app().overlay(),
2055 env.app().getHashRouter());
2056 BEAST_EXPECT(
2057 trustedKeys->expires() &&
2058 trustedKeys->expires().value() == prep1.expirations.back());
2059 BEAST_EXPECT(!changes.added.empty());
2060 BEAST_EXPECT(changes.removed.empty());
2061 }
2062
2063 // Advance past the first list's LAST validUntil, but it remains
2064 // the earliest validUntil, while being invalidated
2065 {
2066 env.timeKeeper().set(prep1.expirations.back() + 1s);
2067 auto changes = trustedKeys->updateTrusted(
2068 activeValidators,
2069 env.timeKeeper().now(),
2070 env.app().getOPs(),
2071 env.app().overlay(),
2072 env.app().getHashRouter());
2073 BEAST_EXPECT(
2074 trustedKeys->expires() &&
2075 trustedKeys->expires().value() == prep1.expirations.back());
2076 BEAST_EXPECT(changes.added.empty());
2077 BEAST_EXPECT(changes.removed.empty());
2078 }
2079 }
2080 }
2081
2082 void
2083 testNegativeUNL()
2084 {
2085 testcase("NegativeUNL");
2086 jtx::Env env(*this);
2087 ManifestCache manifests;
2088
2089 auto createValidatorList =
2090 [&](std::uint32_t vlSize,
2091 std::optional<std::size_t> minimumQuorum = {})
2092 -> std::shared_ptr<ValidatorList> {
2093 auto trustedKeys = std::make_shared<ValidatorList>(
2094 manifests,
2095 manifests,
2096 env.timeKeeper(),
2097 env.app().config().legacy("database_path"),
2098 env.journal,
2099 minimumQuorum);
2100
2101 std::vector<std::string> cfgPublishers;
2102 std::vector<std::string> cfgKeys;
2103 hash_set<NodeID> activeValidators;
2104 cfgKeys.reserve(vlSize);
2105 while (cfgKeys.size() < cfgKeys.capacity())
2106 {
2107 auto const valKey = randomNode();
2108 cfgKeys.push_back(toBase58(TokenType::NodePublic, valKey));
2109 activeValidators.emplace(calcNodeID(valKey));
2110 }
2111 if (trustedKeys->load({}, cfgKeys, cfgPublishers))
2112 {
2113 trustedKeys->updateTrusted(
2114 activeValidators,
2115 env.timeKeeper().now(),
2116 env.app().getOPs(),
2117 env.app().overlay(),
2118 env.app().getHashRouter());
2119 if (minimumQuorum == trustedKeys->quorum() ||
2120 trustedKeys->quorum() == std::ceil(cfgKeys.size() * 0.8f))
2121 return trustedKeys;
2122 }
2123 return nullptr;
2124 };
2125
2126 /*
2127 * Test NegativeUNL
2128 * == Combinations ==
2129 * -- UNL size: 34, 35, 57
2130 * -- nUNL size: 0%, 20%, 30%, 50%
2131 *
2132 * == with UNL size 60
2133 * -- set == get,
2134 * -- check quorum, with nUNL size: 0, 12, 30, 18
2135 * -- nUNL overlap: |nUNL - UNL| = 5, with nUNL size: 18
2136 * -- with command line minimumQuorum = 50%,
2137 * seen_reliable affected by nUNL
2138 */
2139
2140 {
2141 hash_set<NodeID> activeValidators;
2142 //== Combinations ==
2143 std::array<std::uint32_t, 4> unlSizes = {34, 35, 39, 60};
2144 std::array<std::uint32_t, 4> nUnlPercent = {0, 20, 30, 50};
2145 for (auto us : unlSizes)
2146 {
2147 for (auto np : nUnlPercent)
2148 {
2149 auto validators = createValidatorList(us);
2150 BEAST_EXPECT(validators);
2151 if (validators)
2152 {
2153 std::uint32_t nUnlSize = us * np / 100;
2154 auto unl = validators->getTrustedMasterKeys();
2155 hash_set<PublicKey> nUnl;
2156 auto it = unl.begin();
2157 for (std::uint32_t i = 0; i < nUnlSize; ++i)
2158 {
2159 nUnl.insert(*it);
2160 ++it;
2161 }
2162 validators->setNegativeUNL(nUnl);
2163 validators->updateTrusted(
2164 activeValidators,
2165 env.timeKeeper().now(),
2166 env.app().getOPs(),
2167 env.app().overlay(),
2168 env.app().getHashRouter());
2169 BEAST_EXPECT(
2170 validators->quorum() ==
2171 static_cast<std::size_t>(std::ceil(
2172 std::max((us - nUnlSize) * 0.8f, us * 0.6f))));
2173 }
2174 }
2175 }
2176 }
2177
2178 {
2179 //== with UNL size 60
2180 auto validators = createValidatorList(60);
2181 BEAST_EXPECT(validators);
2182 if (validators)
2183 {
2184 hash_set<NodeID> activeValidators;
2185 auto unl = validators->getTrustedMasterKeys();
2186 BEAST_EXPECT(unl.size() == 60);
2187 {
2188 //-- set == get,
2189 //-- check quorum, with nUNL size: 0, 30, 18, 12
2190 auto nUnlChange = [&](std::uint32_t nUnlSize,
2191 std::uint32_t quorum) -> bool {
2192 hash_set<PublicKey> nUnl;
2193 auto it = unl.begin();
2194 for (std::uint32_t i = 0; i < nUnlSize; ++i)
2195 {
2196 nUnl.insert(*it);
2197 ++it;
2198 }
2199 validators->setNegativeUNL(nUnl);
2200 auto nUnl_temp = validators->getNegativeUNL();
2201 if (nUnl_temp.size() == nUnl.size())
2202 {
2203 for (auto& n : nUnl_temp)
2204 {
2205 if (nUnl.find(n) == nUnl.end())
2206 return false;
2207 }
2208 validators->updateTrusted(
2209 activeValidators,
2210 env.timeKeeper().now(),
2211 env.app().getOPs(),
2212 env.app().overlay(),
2213 env.app().getHashRouter());
2214 return validators->quorum() == quorum;
2215 }
2216 return false;
2217 };
2218 BEAST_EXPECT(nUnlChange(0, 48));
2219 BEAST_EXPECT(nUnlChange(30, 36));
2220 BEAST_EXPECT(nUnlChange(18, 36));
2221 BEAST_EXPECT(nUnlChange(12, 39));
2222 }
2223
2224 {
2225 // nUNL overlap: |nUNL - UNL| = 5, with nUNL size:
2226 // 18
2227 auto nUnl = validators->getNegativeUNL();
2228 BEAST_EXPECT(nUnl.size() == 12);
2229 std::size_t ss = 33;
2230 std::vector<uint8_t> data(ss, 0);
2231 data[0] = 0xED;
2232 for (int i = 0; i < 6; ++i)
2233 {
2234 Slice s(data.data(), ss);
2235 data[1]++;
2236 nUnl.emplace(s);
2237 }
2238 validators->setNegativeUNL(nUnl);
2239 validators->updateTrusted(
2240 activeValidators,
2241 env.timeKeeper().now(),
2242 env.app().getOPs(),
2243 env.app().overlay(),
2244 env.app().getHashRouter());
2245 BEAST_EXPECT(validators->quorum() == 39);
2246 }
2247 }
2248 }
2249
2250 {
2251 //== with UNL size 60
2252 //-- with command line minimumQuorum = 50%,
2253 // seen_reliable affected by nUNL
2254 auto validators = createValidatorList(60, 30);
2255 BEAST_EXPECT(validators);
2256 if (validators)
2257 {
2258 hash_set<NodeID> activeValidators;
2259 hash_set<PublicKey> unl = validators->getTrustedMasterKeys();
2260 auto it = unl.begin();
2261 for (std::uint32_t i = 0; i < 50; ++i)
2262 {
2263 activeValidators.insert(calcNodeID(*it));
2264 ++it;
2265 }
2266 validators->updateTrusted(
2267 activeValidators,
2268 env.timeKeeper().now(),
2269 env.app().getOPs(),
2270 env.app().overlay(),
2271 env.app().getHashRouter());
2272 BEAST_EXPECT(validators->quorum() == 30);
2273 hash_set<PublicKey> nUnl;
2274 it = unl.begin();
2275 for (std::uint32_t i = 0; i < 20; ++i)
2276 {
2277 nUnl.insert(*it);
2278 ++it;
2279 }
2280 validators->setNegativeUNL(nUnl);
2281 validators->updateTrusted(
2282 activeValidators,
2283 env.timeKeeper().now(),
2284 env.app().getOPs(),
2285 env.app().overlay(),
2286 env.app().getHashRouter());
2287 BEAST_EXPECT(validators->quorum() == 30);
2288 }
2289 }
2290 }
2291
2292 void
2293 testSha512Hash()
2294 {
2295 testcase("Sha512 hashing");
2296 // Tests that ValidatorList hash_append helpers with a single blob
2297 // returns the same result as xrpl::Sha512Half used by the
2298 // TMValidatorList protocol message handler
2299 std::string const manifest = "This is not really a manifest";
2300 std::string const blob = "This is not really a blob";
2301 std::string const signature = "This is not really a signature";
2302 std::uint32_t const version = 1;
2303
2304 auto const global = sha512Half(manifest, blob, signature, version);
2305 BEAST_EXPECT(!!global);
2306
2307 std::vector<ValidatorBlobInfo> blobVector(1);
2308 blobVector[0].blob = blob;
2309 blobVector[0].signature = signature;
2310 BEAST_EXPECT(global == sha512Half(manifest, blobVector, version));
2311 BEAST_EXPECT(global != sha512Half(signature, blobVector, version));
2312
2313 {
2314 std::map<std::size_t, ValidatorBlobInfo> blobMap{
2315 {99, blobVector[0]}};
2316 BEAST_EXPECT(global == sha512Half(manifest, blobMap, version));
2317 BEAST_EXPECT(global != sha512Half(blob, blobMap, version));
2318 }
2319
2320 {
2321 protocol::TMValidatorList msg1;
2322 msg1.set_manifest(manifest);
2323 msg1.set_blob(blob);
2324 msg1.set_signature(signature);
2325 msg1.set_version(version);
2326 BEAST_EXPECT(global == sha512Half(msg1));
2327 msg1.set_signature(blob);
2328 BEAST_EXPECT(global != sha512Half(msg1));
2329 }
2330
2331 {
2332 protocol::TMValidatorListCollection msg2;
2333 msg2.set_manifest(manifest);
2334 msg2.set_version(version);
2335 auto& bi = *msg2.add_blobs();
2336 bi.set_blob(blob);
2337 bi.set_signature(signature);
2338 BEAST_EXPECT(global == sha512Half(msg2));
2339 bi.set_manifest(manifest);
2340 BEAST_EXPECT(global != sha512Half(msg2));
2341 }
2342 }
2343
2344 void
2345 testBuildMessages()
2346 {
2347 testcase("Build and split messages");
2348
2349 std::uint32_t const manifestCutoff = 7;
2350 auto extractHeader = [this](Message& message) {
2351 auto const& buffer =
2352 message.getBuffer(compression::Compressed::Off);
2353
2354 boost::beast::multi_buffer buffers;
2355
2356 // simulate multi-buffer
2357 auto start = buffer.begin();
2358 auto end = buffer.end();
2359 std::vector<std::uint8_t> slice(start, end);
2360 buffers.commit(boost::asio::buffer_copy(
2361 buffers.prepare(slice.size()), boost::asio::buffer(slice)));
2362
2363 boost::system::error_code ec;
2364 auto header =
2365 detail::parseMessageHeader(ec, buffers.data(), buffers.size());
2366 BEAST_EXPECT(!ec);
2367 return std::make_pair(header, buffers);
2368 };
2369 auto extractProtocolMessage1 = [this,
2370 &extractHeader](Message& message) {
2371 auto [header, buffers] = extractHeader(message);
2372 if (BEAST_EXPECT(header) &&
2373 BEAST_EXPECT(
2374 header->message_type == protocol::mtVALIDATOR_LIST))
2375 {
2376 auto const msg =
2377 detail::parseMessageContent<protocol::TMValidatorList>(
2378 *header, buffers.data());
2379 BEAST_EXPECT(msg);
2380 return msg;
2381 }
2382 return std::shared_ptr<protocol::TMValidatorList>();
2383 };
2384 auto extractProtocolMessage2 = [this,
2385 &extractHeader](Message& message) {
2386 auto [header, buffers] = extractHeader(message);
2387 if (BEAST_EXPECT(header) &&
2388 BEAST_EXPECT(
2389 header->message_type ==
2390 protocol::mtVALIDATOR_LIST_COLLECTION))
2391 {
2392 auto const msg = detail::parseMessageContent<
2393 protocol::TMValidatorListCollection>(
2394 *header, buffers.data());
2395 BEAST_EXPECT(msg);
2396 return msg;
2397 }
2398 return std::shared_ptr<protocol::TMValidatorListCollection>();
2399 };
2400 auto verifyMessage =
2401 [this,
2402 manifestCutoff,
2403 &extractProtocolMessage1,
2404 &extractProtocolMessage2](
2405 auto const version,
2406 auto const& manifest,
2407 auto const& blobInfos,
2408 auto const& messages,
2409 std::vector<std::pair<std::size_t, std::vector<std::uint32_t>>>
2410 expectedInfo) {
2411 BEAST_EXPECT(messages.size() == expectedInfo.size());
2412 auto msgIter = expectedInfo.begin();
2413 for (auto const& messageWithHash : messages)
2414 {
2415 if (!BEAST_EXPECT(msgIter != expectedInfo.end()))
2416 break;
2417 if (!BEAST_EXPECT(messageWithHash.message))
2418 continue;
2419 auto const& expectedSeqs = msgIter->second;
2420 auto seqIter = expectedSeqs.begin();
2421 auto const size =
2422 messageWithHash.message
2423 ->getBuffer(compression::Compressed::Off)
2424 .size();
2425 // This size is arbitrary, but shouldn't change
2426 BEAST_EXPECT(size == msgIter->first);
2427 if (expectedSeqs.size() == 1)
2428 {
2429 auto const msg =
2430 extractProtocolMessage1(*messageWithHash.message);
2431 auto const expectedVersion = 1;
2432 if (BEAST_EXPECT(msg))
2433 {
2434 BEAST_EXPECT(msg->version() == expectedVersion);
2435 if (!BEAST_EXPECT(seqIter != expectedSeqs.end()))
2436 continue;
2437 auto const& expectedBlob = blobInfos.at(*seqIter);
2438 BEAST_EXPECT(
2439 (*seqIter < manifestCutoff) ==
2440 !!expectedBlob.manifest);
2441 auto const expectedManifest =
2442 *seqIter < manifestCutoff &&
2443 expectedBlob.manifest
2444 ? *expectedBlob.manifest
2445 : manifest;
2446 BEAST_EXPECT(msg->manifest() == expectedManifest);
2447 BEAST_EXPECT(msg->blob() == expectedBlob.blob);
2448 BEAST_EXPECT(
2449 msg->signature() == expectedBlob.signature);
2450 ++seqIter;
2451 BEAST_EXPECT(seqIter == expectedSeqs.end());
2452
2453 BEAST_EXPECT(
2454 messageWithHash.hash ==
2455 sha512Half(
2456 expectedManifest,
2457 expectedBlob.blob,
2458 expectedBlob.signature,
2459 expectedVersion));
2460 }
2461 }
2462 else
2463 {
2464 std::vector<ValidatorBlobInfo> hashingBlobs;
2465 hashingBlobs.reserve(msgIter->second.size());
2466
2467 auto const msg =
2468 extractProtocolMessage2(*messageWithHash.message);
2469 if (BEAST_EXPECT(msg))
2470 {
2471 BEAST_EXPECT(msg->version() == version);
2472 BEAST_EXPECT(msg->manifest() == manifest);
2473 for (auto const& blobInfo : msg->blobs())
2474 {
2475 if (!BEAST_EXPECT(
2476 seqIter != expectedSeqs.end()))
2477 break;
2478 auto const& expectedBlob =
2479 blobInfos.at(*seqIter);
2480 hashingBlobs.push_back(expectedBlob);
2481 BEAST_EXPECT(
2482 blobInfo.has_manifest() ==
2483 !!expectedBlob.manifest);
2484 BEAST_EXPECT(
2485 blobInfo.has_manifest() ==
2486 (*seqIter < manifestCutoff));
2487
2488 if (*seqIter < manifestCutoff)
2489 BEAST_EXPECT(
2490 blobInfo.manifest() ==
2491 *expectedBlob.manifest);
2492 BEAST_EXPECT(
2493 blobInfo.blob() == expectedBlob.blob);
2494 BEAST_EXPECT(
2495 blobInfo.signature() ==
2496 expectedBlob.signature);
2497 ++seqIter;
2498 }
2499 BEAST_EXPECT(seqIter == expectedSeqs.end());
2500 }
2501 BEAST_EXPECT(
2502 messageWithHash.hash ==
2503 sha512Half(manifest, hashingBlobs, version));
2504 }
2505 ++msgIter;
2506 }
2507 BEAST_EXPECT(msgIter == expectedInfo.end());
2508 };
2509 auto verifyBuildMessages =
2510 [this](
2511 std::pair<std::size_t, std::size_t> const& result,
2512 std::size_t expectedSequence,
2513 std::size_t expectedSize) {
2514 BEAST_EXPECT(result.first == expectedSequence);
2515 BEAST_EXPECT(result.second == expectedSize);
2516 };
2517
2518 std::string const manifest = "This is not a manifest";
2519 std::uint32_t const version = 2;
2520 // Mutable so items can be removed in later tests.
2521 auto const blobInfos = [manifestCutoff = manifestCutoff]() {
2522 std::map<std::size_t, ValidatorBlobInfo> bis;
2523
2524 for (auto seq : {5, 6, 7, 10, 12})
2525 {
2526 auto& b = bis[seq];
2527 std::stringstream s;
2528 s << "This is not a blob with sequence " << seq;
2529 b.blob = s.str();
2530 s.str(std::string());
2531 s << "This is not a signature for sequence " << seq;
2532 b.signature = s.str();
2533 if (seq < manifestCutoff)
2534 {
2535 // add a manifest for the "early" blobs
2536 s.str(std::string());
2537 s << "This is not manifest " << seq;
2538 b.manifest = s.str();
2539 }
2540 }
2541 return bis;
2542 }();
2543 auto const maxSequence = blobInfos.rbegin()->first;
2544 BEAST_EXPECT(maxSequence == 12);
2545
2546 std::vector<ValidatorList::MessageWithHash> messages;
2547
2548 // Version 1
2549
2550 // This peer has a VL ahead of our "current"
2551 verifyBuildMessages(
2552 ValidatorList::buildValidatorListMessages(
2553 1, 8, maxSequence, version, manifest, blobInfos, messages),
2554 0,
2555 0);
2556 BEAST_EXPECT(messages.size() == 0);
2557
2558 // Don't repeat the work if messages is populated, even though the
2559 // peerSequence provided indicates it should. Note that this
2560 // situation is contrived for this test and should never happen in
2561 // real code.
2562 messages.emplace_back();
2563 verifyBuildMessages(
2564 ValidatorList::buildValidatorListMessages(
2565 1, 3, maxSequence, version, manifest, blobInfos, messages),
2566 5,
2567 0);
2568 BEAST_EXPECT(messages.size() == 1 && !messages.front().message);
2569
2570 // Generate a version 1 message
2571 messages.clear();
2572 verifyBuildMessages(
2573 ValidatorList::buildValidatorListMessages(
2574 1, 3, maxSequence, version, manifest, blobInfos, messages),
2575 5,
2576 1);
2577 if (BEAST_EXPECT(messages.size() == 1) &&
2578 BEAST_EXPECT(messages.front().message))
2579 {
2580 auto const& messageWithHash = messages.front();
2581 auto const msg = extractProtocolMessage1(*messageWithHash.message);
2582 auto const size =
2583 messageWithHash.message->getBuffer(compression::Compressed::Off)
2584 .size();
2585 // This size is arbitrary, but shouldn't change
2586 BEAST_EXPECT(size == 108);
2587 auto const& expected = blobInfos.at(5);
2588 if (BEAST_EXPECT(msg))
2589 {
2590 BEAST_EXPECT(msg->version() == 1);
2591 BEAST_EXPECT(msg->manifest() == *expected.manifest);
2592 BEAST_EXPECT(msg->blob() == expected.blob);
2593 BEAST_EXPECT(msg->signature() == expected.signature);
2594 }
2595 BEAST_EXPECT(
2596 messageWithHash.hash ==
2597 sha512Half(
2598 *expected.manifest, expected.blob, expected.signature, 1));
2599 }
2600
2601 // Version 2
2602
2603 messages.clear();
2604
2605 // This peer has a VL ahead of us.
2606 verifyBuildMessages(
2607 ValidatorList::buildValidatorListMessages(
2608 2,
2609 maxSequence * 2,
2610 maxSequence,
2611 version,
2612 manifest,
2613 blobInfos,
2614 messages),
2615 0,
2616 0);
2617 BEAST_EXPECT(messages.size() == 0);
2618
2619 // Don't repeat the work if messages is populated, even though the
2620 // peerSequence provided indicates it should. Note that this
2621 // situation is contrived for this test and should never happen in
2622 // real code.
2623 messages.emplace_back();
2624 verifyBuildMessages(
2625 ValidatorList::buildValidatorListMessages(
2626 2, 3, maxSequence, version, manifest, blobInfos, messages),
2627 maxSequence,
2628 0);
2629 BEAST_EXPECT(messages.size() == 1 && !messages.front().message);
2630
2631 // Generate a version 2 message. Don't send the current
2632 messages.clear();
2633 verifyBuildMessages(
2634 ValidatorList::buildValidatorListMessages(
2635 2, 5, maxSequence, version, manifest, blobInfos, messages),
2636 maxSequence,
2637 4);
2638 verifyMessage(
2639 version, manifest, blobInfos, messages, {{372, {6, 7, 10, 12}}});
2640
2641 // Test message splitting on size limits.
2642
2643 // Set a limit that should give two messages
2644 messages.clear();
2645 verifyBuildMessages(
2646 ValidatorList::buildValidatorListMessages(
2647 2, 5, maxSequence, version, manifest, blobInfos, messages, 300),
2648 maxSequence,
2649 4);
2650 verifyMessage(
2651 version,
2652 manifest,
2653 blobInfos,
2654 messages,
2655 {{212, {6, 7}}, {192, {10, 12}}});
2656
2657 // Set a limit between the size of the two earlier messages so one
2658 // will split and the other won't
2659 messages.clear();
2660 verifyBuildMessages(
2661 ValidatorList::buildValidatorListMessages(
2662 2, 5, maxSequence, version, manifest, blobInfos, messages, 200),
2663 maxSequence,
2664 4);
2665 verifyMessage(
2666 version,
2667 manifest,
2668 blobInfos,
2669 messages,
2670 {{108, {6}}, {108, {7}}, {192, {10, 12}}});
2671
2672 // Set a limit so that all the VLs are sent individually
2673 messages.clear();
2674 verifyBuildMessages(
2675 ValidatorList::buildValidatorListMessages(
2676 2, 5, maxSequence, version, manifest, blobInfos, messages, 150),
2677 maxSequence,
2678 4);
2679 verifyMessage(
2680 version,
2681 manifest,
2682 blobInfos,
2683 messages,
2684 {{108, {6}}, {108, {7}}, {110, {10}}, {110, {12}}});
2685
2686 // Set a limit smaller than some of the messages. Because single
2687 // messages send regardless, they will all still be sent
2688 messages.clear();
2689 verifyBuildMessages(
2690 ValidatorList::buildValidatorListMessages(
2691 2, 5, maxSequence, version, manifest, blobInfos, messages, 108),
2692 maxSequence,
2693 4);
2694 verifyMessage(
2695 version,
2696 manifest,
2697 blobInfos,
2698 messages,
2699 {{108, {6}}, {108, {7}}, {110, {10}}, {110, {12}}});
2700 }
2701
2702 void
2703 testQuorumDisabled()
2704 {
2705 testcase("Test quorum disabled");
2706
2707 std::string const siteUri = "testQuorumDisabled.test";
2708 jtx::Env env(*this);
2709 auto& app = env.app();
2710
2711 constexpr std::size_t maxKeys = 20;
2712 hash_set<NodeID> activeValidators;
2713 std::vector<Validator> valKeys;
2714 while (valKeys.size() != maxKeys)
2715 {
2716 valKeys.push_back(randomValidator());
2717 activeValidators.emplace(calcNodeID(valKeys.back().masterPublic));
2718 }
2719
2720 struct Publisher
2721 {
2722 bool revoked;
2723 PublicKey pubKey;
2724 std::pair<PublicKey, SecretKey> signingKeys;
2725 std::string manifest;
2726 NetClock::time_point expiry = {};
2727 };
2728
2729 // Create ValidatorList with a set of countTotal publishers, of which
2730 // first countRevoked are revoked and the last one expires early
2731 auto makeValidatorList = [&, this](
2732 std::size_t countTotal,
2733 std::size_t countRevoked,
2734 std::size_t listThreshold,
2735 ManifestCache& pubManifests,
2736 ManifestCache& valManifests,
2737 std::optional<Validator> self,
2738 std::vector<Publisher>& publishers // out
2739 ) -> std::unique_ptr<ValidatorList> {
2740 auto result = std::make_unique<ValidatorList>(
2741 valManifests,
2742 pubManifests,
2743 env.timeKeeper(),
2744 app.config().legacy("database_path"),
2745 env.journal);
2746
2747 std::vector<std::string> cfgPublishers;
2748 for (std::size_t i = 0; i < countTotal; ++i)
2749 {
2750 auto const publisherSecret = randomSecretKey();
2751 auto const publisherPublic =
2752 derivePublicKey(KeyType::ed25519, publisherSecret);
2753 auto const pubSigningKeys = randomKeyPair(KeyType::secp256k1);
2754 cfgPublishers.push_back(strHex(publisherPublic));
2755
2756 constexpr auto revoked =
2757 std::numeric_limits<std::uint32_t>::max();
2758 auto const manifest = base64_encode(makeManifestString(
2759 publisherPublic,
2760 publisherSecret,
2761 pubSigningKeys.first,
2762 pubSigningKeys.second,
2763 i < countRevoked ? revoked : 1));
2764 publishers.push_back(Publisher{
2765 i < countRevoked,
2766 publisherPublic,
2767 pubSigningKeys,
2768 manifest});
2769 }
2770
2771 std::vector<std::string> const emptyCfgKeys;
2772 auto threshold =
2773 listThreshold > 0 ? std::optional(listThreshold) : std::nullopt;
2774 if (self)
2775 {
2776 valManifests.applyManifest(
2777 *deserializeManifest(base64_decode(self->manifest)));
2778 BEAST_EXPECT(result->load(
2779 self->signingPublic,
2780 emptyCfgKeys,
2781 cfgPublishers,
2782 threshold));
2783 }
2784 else
2785 {
2786 BEAST_EXPECT(
2787 result->load({}, emptyCfgKeys, cfgPublishers, threshold));
2788 }
2789
2790 for (std::size_t i = 0; i < countTotal; ++i)
2791 {
2792 using namespace std::chrono_literals;
2793 publishers[i].expiry = env.timeKeeper().now() +
2794 (i == countTotal - 1 ? 60s : 3600s);
2795 auto const blob = makeList(
2796 valKeys,
2797 1,
2798 publishers[i].expiry.time_since_epoch().count());
2799 auto const sig = signList(blob, publishers[i].signingKeys);
2800
2801 BEAST_EXPECT(
2802 result
2803 ->applyLists(
2804 publishers[i].manifest,
2805 1,
2806 {{blob, sig, {}}},
2807 siteUri)
2808 .bestDisposition() ==
2809 (publishers[i].revoked ? ListDisposition::untrusted
2810 : ListDisposition::accepted));
2811 }
2812
2813 return result;
2814 };
2815
2816 // Test cases use 5 publishers.
2817 constexpr auto quorumDisabled = std::numeric_limits<std::size_t>::max();
2818 {
2819 // List threshold = 5 (same as number of trusted publishers)
2820 ManifestCache pubManifests;
2821 ManifestCache valManifests;
2822 std::vector<Publisher> publishers;
2823 // Self is a random validator
2824 auto const self = randomValidator();
2825 auto const keysTotal = valKeys.size() + 1;
2826 auto trustedKeys = makeValidatorList(
2827 5, //
2828 0,
2829 5,
2830 pubManifests,
2831 valManifests,
2832 self,
2833 publishers);
2834 BEAST_EXPECT(trustedKeys->getListThreshold() == 5);
2835 for (auto const& p : publishers)
2836 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
2837
2838 TrustChanges changes = trustedKeys->updateTrusted(
2839 activeValidators,
2840 env.timeKeeper().now(),
2841 env.app().getOPs(),
2842 env.app().overlay(),
2843 env.app().getHashRouter());
2844 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
2845 BEAST_EXPECT(
2846 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
2847
2848 hash_set<NodeID> added;
2849 added.insert(calcNodeID(self.masterPublic));
2850 for (auto const& val : valKeys)
2851 {
2852 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
2853 added.insert(calcNodeID(val.masterPublic));
2854 }
2855 BEAST_EXPECT(changes.added == added);
2856 BEAST_EXPECT(changes.removed.empty());
2857
2858 // Expire one publisher - only trusted validator is self
2859 env.timeKeeper().set(publishers.back().expiry);
2860 changes = trustedKeys->updateTrusted(
2861 activeValidators,
2862 env.timeKeeper().now(),
2863 env.app().getOPs(),
2864 env.app().overlay(),
2865 env.app().getHashRouter());
2866 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
2867 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
2868
2869 hash_set<NodeID> removed;
2870 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
2871 for (auto const& val : valKeys)
2872 {
2873 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
2874 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
2875 removed.insert(calcNodeID(val.masterPublic));
2876 }
2877 BEAST_EXPECT(changes.added.empty());
2878 BEAST_EXPECT(changes.removed == removed);
2879 }
2880 {
2881 // List threshold = 5 (same as number of trusted publishers)
2882 ManifestCache pubManifests;
2883 ManifestCache valManifests;
2884 std::vector<Publisher> publishers;
2885 auto const keysTotal = valKeys.size();
2886 auto trustedKeys = makeValidatorList(
2887 5, //
2888 0,
2889 5,
2890 pubManifests,
2891 valManifests,
2892 {},
2893 publishers);
2894 BEAST_EXPECT(trustedKeys->getListThreshold() == 5);
2895 for (auto const& p : publishers)
2896 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
2897
2898 TrustChanges changes = trustedKeys->updateTrusted(
2899 activeValidators,
2900 env.timeKeeper().now(),
2901 env.app().getOPs(),
2902 env.app().overlay(),
2903 env.app().getHashRouter());
2904 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
2905 BEAST_EXPECT(
2906 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
2907
2908 hash_set<NodeID> added;
2909 for (auto const& val : valKeys)
2910 {
2911 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
2912 added.insert(calcNodeID(val.masterPublic));
2913 }
2914 BEAST_EXPECT(changes.added == added);
2915 BEAST_EXPECT(changes.removed.empty());
2916
2917 // Expire one publisher - no trusted validators
2918 env.timeKeeper().set(publishers.back().expiry);
2919 changes = trustedKeys->updateTrusted(
2920 activeValidators,
2921 env.timeKeeper().now(),
2922 env.app().getOPs(),
2923 env.app().overlay(),
2924 env.app().getHashRouter());
2925 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
2926 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 0);
2927
2928 hash_set<NodeID> removed;
2929 for (auto const& val : valKeys)
2930 {
2931 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
2932 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
2933 removed.insert(calcNodeID(val.masterPublic));
2934 }
2935 BEAST_EXPECT(changes.added.empty());
2936 BEAST_EXPECT(changes.removed == removed);
2937 }
2938 {
2939 // List threshold = 4, 1 publisher is revoked
2940 ManifestCache pubManifests;
2941 ManifestCache valManifests;
2942 std::vector<Publisher> publishers;
2943 // Self is in UNL
2944 auto const self = valKeys[1];
2945 auto const keysTotal = valKeys.size();
2946 auto trustedKeys = makeValidatorList(
2947 5, //
2948 1,
2949 4,
2950 pubManifests,
2951 valManifests,
2952 self,
2953 publishers);
2954 BEAST_EXPECT(trustedKeys->getListThreshold() == 4);
2955 int untrustedCount = 0;
2956 for (auto const& p : publishers)
2957 {
2958 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
2959 BEAST_EXPECT(p.revoked ^ trusted);
2960 untrustedCount += trusted ? 0 : 1;
2961 }
2962 BEAST_EXPECT(untrustedCount == 1);
2963
2964 TrustChanges changes = trustedKeys->updateTrusted(
2965 activeValidators,
2966 env.timeKeeper().now(),
2967 env.app().getOPs(),
2968 env.app().overlay(),
2969 env.app().getHashRouter());
2970 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
2971 BEAST_EXPECT(
2972 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
2973
2974 hash_set<NodeID> added;
2975 for (auto const& val : valKeys)
2976 {
2977 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
2978 added.insert(calcNodeID(val.masterPublic));
2979 }
2980 BEAST_EXPECT(changes.added == added);
2981 BEAST_EXPECT(changes.removed.empty());
2982
2983 // Expire one publisher - only trusted validator is self
2984 env.timeKeeper().set(publishers.back().expiry);
2985 changes = trustedKeys->updateTrusted(
2986 activeValidators,
2987 env.timeKeeper().now(),
2988 env.app().getOPs(),
2989 env.app().overlay(),
2990 env.app().getHashRouter());
2991 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
2992 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
2993
2994 hash_set<NodeID> removed;
2995 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
2996 for (auto const& val : valKeys)
2997 {
2998 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
2999 if (val.masterPublic != self.masterPublic)
3000 {
3001 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3002 removed.insert(calcNodeID(val.masterPublic));
3003 }
3004 }
3005 BEAST_EXPECT(changes.added.empty());
3006 BEAST_EXPECT(changes.removed == removed);
3007 }
3008 {
3009 // List threshold = 3 (default), 2 publishers are revoked
3010 ManifestCache pubManifests;
3011 ManifestCache valManifests;
3012 std::vector<Publisher> publishers;
3013 // Self is a random validator
3014 auto const self = randomValidator();
3015 auto const keysTotal = valKeys.size() + 1;
3016 auto trustedKeys = makeValidatorList(
3017 5, //
3018 2,
3019 0,
3020 pubManifests,
3021 valManifests,
3022 self,
3023 publishers);
3024 BEAST_EXPECT(trustedKeys->getListThreshold() == 3);
3025 int untrustedCount = 0;
3026 for (auto const& p : publishers)
3027 {
3028 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
3029 BEAST_EXPECT(p.revoked ^ trusted);
3030 untrustedCount += trusted ? 0 : 1;
3031 }
3032 BEAST_EXPECT(untrustedCount == 2);
3033
3034 TrustChanges changes = trustedKeys->updateTrusted(
3035 activeValidators,
3036 env.timeKeeper().now(),
3037 env.app().getOPs(),
3038 env.app().overlay(),
3039 env.app().getHashRouter());
3040 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3041 BEAST_EXPECT(
3042 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3043
3044 hash_set<NodeID> added;
3045 added.insert(calcNodeID(self.masterPublic));
3046 for (auto const& val : valKeys)
3047 {
3048 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3049 added.insert(calcNodeID(val.masterPublic));
3050 }
3051 BEAST_EXPECT(changes.added == added);
3052 BEAST_EXPECT(changes.removed.empty());
3053
3054 // Expire one publisher - no quorum, only trusted validator is self
3055 env.timeKeeper().set(publishers.back().expiry);
3056 changes = trustedKeys->updateTrusted(
3057 activeValidators,
3058 env.timeKeeper().now(),
3059 env.app().getOPs(),
3060 env.app().overlay(),
3061 env.app().getHashRouter());
3062 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3063 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
3064
3065 hash_set<NodeID> removed;
3066 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3067 for (auto const& val : valKeys)
3068 {
3069 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3070 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3071 removed.insert(calcNodeID(val.masterPublic));
3072 }
3073 BEAST_EXPECT(changes.added.empty());
3074 BEAST_EXPECT(changes.removed == removed);
3075 }
3076 {
3077 // List threshold = 3 (default), 2 publishers are revoked
3078 ManifestCache pubManifests;
3079 ManifestCache valManifests;
3080 std::vector<Publisher> publishers;
3081 // Self is in UNL
3082 auto const self = valKeys[5];
3083 auto const keysTotal = valKeys.size();
3084 auto trustedKeys = makeValidatorList(
3085 5, //
3086 2,
3087 0,
3088 pubManifests,
3089 valManifests,
3090 self,
3091 publishers);
3092 BEAST_EXPECT(trustedKeys->getListThreshold() == 3);
3093 int untrustedCount = 0;
3094 for (auto const& p : publishers)
3095 {
3096 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
3097 BEAST_EXPECT(p.revoked ^ trusted);
3098 untrustedCount += trusted ? 0 : 1;
3099 }
3100 BEAST_EXPECT(untrustedCount == 2);
3101
3102 TrustChanges changes = trustedKeys->updateTrusted(
3103 activeValidators,
3104 env.timeKeeper().now(),
3105 env.app().getOPs(),
3106 env.app().overlay(),
3107 env.app().getHashRouter());
3108 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3109 BEAST_EXPECT(
3110 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3111
3112 hash_set<NodeID> added;
3113 for (auto const& val : valKeys)
3114 {
3115 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3116 added.insert(calcNodeID(val.masterPublic));
3117 }
3118 BEAST_EXPECT(changes.added == added);
3119 BEAST_EXPECT(changes.removed.empty());
3120
3121 // Expire one publisher - no quorum, only trusted validator is self
3122 env.timeKeeper().set(publishers.back().expiry);
3123 changes = trustedKeys->updateTrusted(
3124 activeValidators,
3125 env.timeKeeper().now(),
3126 env.app().getOPs(),
3127 env.app().overlay(),
3128 env.app().getHashRouter());
3129 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3130 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
3131
3132 hash_set<NodeID> removed;
3133 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3134 for (auto const& val : valKeys)
3135 {
3136 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3137 if (val.masterPublic != self.masterPublic)
3138 {
3139 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3140 removed.insert(calcNodeID(val.masterPublic));
3141 }
3142 }
3143 BEAST_EXPECT(changes.added.empty());
3144 BEAST_EXPECT(changes.removed == removed);
3145 }
3146 {
3147 // List threshold = 3 (default), 2 publishers are revoked
3148 ManifestCache pubManifests;
3149 ManifestCache valManifests;
3150 std::vector<Publisher> publishers;
3151 auto const keysTotal = valKeys.size();
3152 auto trustedKeys = makeValidatorList(
3153 5, //
3154 2,
3155 0,
3156 pubManifests,
3157 valManifests,
3158 {},
3159 publishers);
3160 BEAST_EXPECT(trustedKeys->getListThreshold() == 3);
3161 int untrustedCount = 0;
3162 for (auto const& p : publishers)
3163 {
3164 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
3165 BEAST_EXPECT(p.revoked ^ trusted);
3166 untrustedCount += trusted ? 0 : 1;
3167 }
3168 BEAST_EXPECT(untrustedCount == 2);
3169
3170 TrustChanges changes = trustedKeys->updateTrusted(
3171 activeValidators,
3172 env.timeKeeper().now(),
3173 env.app().getOPs(),
3174 env.app().overlay(),
3175 env.app().getHashRouter());
3176 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3177 BEAST_EXPECT(
3178 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3179
3180 hash_set<NodeID> added;
3181 for (auto const& val : valKeys)
3182 {
3183 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3184 added.insert(calcNodeID(val.masterPublic));
3185 }
3186 BEAST_EXPECT(changes.added == added);
3187 BEAST_EXPECT(changes.removed.empty());
3188
3189 // Expire one publisher - no quorum, no trusted validators
3190 env.timeKeeper().set(publishers.back().expiry);
3191 changes = trustedKeys->updateTrusted(
3192 activeValidators,
3193 env.timeKeeper().now(),
3194 env.app().getOPs(),
3195 env.app().overlay(),
3196 env.app().getHashRouter());
3197 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3198 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 0);
3199
3200 hash_set<NodeID> removed;
3201 for (auto const& val : valKeys)
3202 {
3203 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3204 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3205 removed.insert(calcNodeID(val.masterPublic));
3206 }
3207 BEAST_EXPECT(changes.added.empty());
3208 BEAST_EXPECT(changes.removed == removed);
3209 }
3210 {
3211 // List threshold = 2, 1 publisher is revoked
3212 ManifestCache pubManifests;
3213 ManifestCache valManifests;
3214 std::vector<Publisher> publishers;
3215 // Self is a random validator
3216 auto const self = randomValidator();
3217 auto const keysTotal = valKeys.size() + 1;
3218 auto trustedKeys = makeValidatorList(
3219 5, //
3220 1,
3221 2,
3222 pubManifests,
3223 valManifests,
3224 self,
3225 publishers);
3226 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
3227 int untrustedCount = 0;
3228 for (auto const& p : publishers)
3229 {
3230 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
3231 BEAST_EXPECT(p.revoked ^ trusted);
3232 untrustedCount += trusted ? 0 : 1;
3233 }
3234 BEAST_EXPECT(untrustedCount == 1);
3235
3236 TrustChanges changes = trustedKeys->updateTrusted(
3237 activeValidators,
3238 env.timeKeeper().now(),
3239 env.app().getOPs(),
3240 env.app().overlay(),
3241 env.app().getHashRouter());
3242 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3243 BEAST_EXPECT(
3244 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3245
3246 hash_set<NodeID> added;
3247 added.insert(calcNodeID(self.masterPublic));
3248 for (auto const& val : valKeys)
3249 {
3250 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3251 added.insert(calcNodeID(val.masterPublic));
3252 }
3253 BEAST_EXPECT(changes.added == added);
3254 BEAST_EXPECT(changes.removed.empty());
3255
3256 // Expire one publisher - no quorum
3257 env.timeKeeper().set(publishers.back().expiry);
3258 changes = trustedKeys->updateTrusted(
3259 activeValidators,
3260 env.timeKeeper().now(),
3261 env.app().getOPs(),
3262 env.app().overlay(),
3263 env.app().getHashRouter());
3264 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3265 BEAST_EXPECT(
3266 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3267
3268 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3269 for (auto const& val : valKeys)
3270 {
3271 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3272 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3273 }
3274 BEAST_EXPECT(changes.added.empty());
3275 BEAST_EXPECT(changes.removed.empty());
3276 }
3277 {
3278 // List threshold = 1
3279 ManifestCache pubManifests;
3280 ManifestCache valManifests;
3281 std::vector<Publisher> publishers;
3282 // Self is a random validator
3283 auto const self = randomValidator();
3284 auto const keysTotal = valKeys.size() + 1;
3285 auto trustedKeys = makeValidatorList(
3286 5, //
3287 0,
3288 1,
3289 pubManifests,
3290 valManifests,
3291 self,
3292 publishers);
3293 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
3294 for (auto const& p : publishers)
3295 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3296
3297 TrustChanges changes = trustedKeys->updateTrusted(
3298 activeValidators,
3299 env.timeKeeper().now(),
3300 env.app().getOPs(),
3301 env.app().overlay(),
3302 env.app().getHashRouter());
3303 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3304 BEAST_EXPECT(
3305 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3306
3307 hash_set<NodeID> added;
3308 added.insert(calcNodeID(self.masterPublic));
3309 for (auto const& val : valKeys)
3310 {
3311 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3312 added.insert(calcNodeID(val.masterPublic));
3313 }
3314 BEAST_EXPECT(changes.added == added);
3315 BEAST_EXPECT(changes.removed.empty());
3316
3317 // Expire one publisher - no quorum
3318 env.timeKeeper().set(publishers.back().expiry);
3319 changes = trustedKeys->updateTrusted(
3320 activeValidators,
3321 env.timeKeeper().now(),
3322 env.app().getOPs(),
3323 env.app().overlay(),
3324 env.app().getHashRouter());
3325 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3326 BEAST_EXPECT(
3327 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3328
3329 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3330 for (auto const& val : valKeys)
3331 {
3332 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3333 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3334 }
3335 BEAST_EXPECT(changes.added.empty());
3336 BEAST_EXPECT(changes.removed.empty());
3337 }
3338 {
3339 // List threshold = 1
3340 ManifestCache pubManifests;
3341 ManifestCache valManifests;
3342 std::vector<Publisher> publishers;
3343 // Self is in UNL
3344 auto const self = valKeys[7];
3345 auto const keysTotal = valKeys.size();
3346 auto trustedKeys = makeValidatorList(
3347 5, //
3348 0,
3349 1,
3350 pubManifests,
3351 valManifests,
3352 self,
3353 publishers);
3354 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
3355 for (auto const& p : publishers)
3356 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3357
3358 TrustChanges changes = trustedKeys->updateTrusted(
3359 activeValidators,
3360 env.timeKeeper().now(),
3361 env.app().getOPs(),
3362 env.app().overlay(),
3363 env.app().getHashRouter());
3364 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3365 BEAST_EXPECT(
3366 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3367
3368 hash_set<NodeID> added;
3369 for (auto const& val : valKeys)
3370 {
3371 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3372 added.insert(calcNodeID(val.masterPublic));
3373 }
3374 BEAST_EXPECT(changes.added == added);
3375 BEAST_EXPECT(changes.removed.empty());
3376
3377 // Expire one publisher - no quorum
3378 env.timeKeeper().set(publishers.back().expiry);
3379 changes = trustedKeys->updateTrusted(
3380 activeValidators,
3381 env.timeKeeper().now(),
3382 env.app().getOPs(),
3383 env.app().overlay(),
3384 env.app().getHashRouter());
3385 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3386 BEAST_EXPECT(
3387 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3388
3389 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3390 for (auto const& val : valKeys)
3391 {
3392 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3393 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3394 }
3395 BEAST_EXPECT(changes.added.empty());
3396 BEAST_EXPECT(changes.removed.empty());
3397 }
3398 {
3399 // List threshold = 1
3400 ManifestCache pubManifests;
3401 ManifestCache valManifests;
3402 std::vector<Publisher> publishers;
3403 auto const keysTotal = valKeys.size();
3404 auto trustedKeys = makeValidatorList(
3405 5, //
3406 0,
3407 1,
3408 pubManifests,
3409 valManifests,
3410 {},
3411 publishers);
3412 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
3413 for (auto const& p : publishers)
3414 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3415
3416 TrustChanges changes = trustedKeys->updateTrusted(
3417 activeValidators,
3418 env.timeKeeper().now(),
3419 env.app().getOPs(),
3420 env.app().overlay(),
3421 env.app().getHashRouter());
3422 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3423 BEAST_EXPECT(
3424 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3425
3426 hash_set<NodeID> added;
3427 for (auto const& val : valKeys)
3428 {
3429 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3430 added.insert(calcNodeID(val.masterPublic));
3431 }
3432 BEAST_EXPECT(changes.added == added);
3433 BEAST_EXPECT(changes.removed.empty());
3434
3435 // Expire one publisher - no quorum
3436 env.timeKeeper().set(publishers.back().expiry);
3437 changes = trustedKeys->updateTrusted(
3438 activeValidators,
3439 env.timeKeeper().now(),
3440 env.app().getOPs(),
3441 env.app().overlay(),
3442 env.app().getHashRouter());
3443 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3444 BEAST_EXPECT(
3445 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3446
3447 for (auto const& val : valKeys)
3448 {
3449 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3450 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3451 }
3452 BEAST_EXPECT(changes.added.empty());
3453 BEAST_EXPECT(changes.removed.empty());
3454 }
3455
3456 // Test cases use 2 publishers
3457 {
3458 // List threshold = 1, 1 publisher revoked
3459 ManifestCache pubManifests;
3460 ManifestCache valManifests;
3461 std::vector<Publisher> publishers;
3462 // Self is a random validator
3463 auto const self = randomValidator();
3464 auto const keysTotal = valKeys.size() + 1;
3465 auto trustedKeys = makeValidatorList(
3466 2, //
3467 1,
3468 1,
3469 pubManifests,
3470 valManifests,
3471 self,
3472 publishers);
3473 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
3474 int untrustedCount = 0;
3475 for (auto const& p : publishers)
3476 {
3477 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
3478 BEAST_EXPECT(p.revoked ^ trusted);
3479 untrustedCount += trusted ? 0 : 1;
3480 }
3481 BEAST_EXPECT(untrustedCount == 1);
3482
3483 TrustChanges changes = trustedKeys->updateTrusted(
3484 activeValidators,
3485 env.timeKeeper().now(),
3486 env.app().getOPs(),
3487 env.app().overlay(),
3488 env.app().getHashRouter());
3489 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3490 BEAST_EXPECT(
3491 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3492
3493 hash_set<NodeID> added;
3494 added.insert(calcNodeID(self.masterPublic));
3495 for (auto const& val : valKeys)
3496 {
3497 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3498 added.insert(calcNodeID(val.masterPublic));
3499 }
3500 BEAST_EXPECT(changes.added == added);
3501 BEAST_EXPECT(changes.removed.empty());
3502
3503 // Expire one publisher - no quorum, only trusted validator is self
3504 env.timeKeeper().set(publishers.back().expiry);
3505 changes = trustedKeys->updateTrusted(
3506 activeValidators,
3507 env.timeKeeper().now(),
3508 env.app().getOPs(),
3509 env.app().overlay(),
3510 env.app().getHashRouter());
3511 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3512 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
3513
3514 hash_set<NodeID> removed;
3515 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3516 for (auto const& val : valKeys)
3517 {
3518 BEAST_EXPECT(!trustedKeys->listed(val.masterPublic));
3519 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3520 removed.insert(calcNodeID(val.masterPublic));
3521 }
3522 BEAST_EXPECT(changes.added.empty());
3523 BEAST_EXPECT(changes.removed == removed);
3524 }
3525 {
3526 // List threshold = 1, 1 publisher revoked
3527 ManifestCache pubManifests;
3528 ManifestCache valManifests;
3529 std::vector<Publisher> publishers;
3530 // Self is in UNL
3531 auto const self = valKeys[5];
3532 auto const keysTotal = valKeys.size();
3533 auto trustedKeys = makeValidatorList(
3534 2, //
3535 1,
3536 1,
3537 pubManifests,
3538 valManifests,
3539 self,
3540 publishers);
3541 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
3542 int untrustedCount = 0;
3543 for (auto const& p : publishers)
3544 {
3545 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
3546 BEAST_EXPECT(p.revoked ^ trusted);
3547 untrustedCount += trusted ? 0 : 1;
3548 }
3549 BEAST_EXPECT(untrustedCount == 1);
3550
3551 TrustChanges changes = trustedKeys->updateTrusted(
3552 activeValidators,
3553 env.timeKeeper().now(),
3554 env.app().getOPs(),
3555 env.app().overlay(),
3556 env.app().getHashRouter());
3557 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3558 BEAST_EXPECT(
3559 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3560
3561 hash_set<NodeID> added;
3562 for (auto const& val : valKeys)
3563 {
3564 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3565 added.insert(calcNodeID(val.masterPublic));
3566 }
3567 BEAST_EXPECT(changes.added == added);
3568 BEAST_EXPECT(changes.removed.empty());
3569
3570 // Expire one publisher - no quorum, only trusted validator is self
3571 env.timeKeeper().set(publishers.back().expiry);
3572 changes = trustedKeys->updateTrusted(
3573 activeValidators,
3574 env.timeKeeper().now(),
3575 env.app().getOPs(),
3576 env.app().overlay(),
3577 env.app().getHashRouter());
3578 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3579 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
3580
3581 hash_set<NodeID> removed;
3582 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3583 for (auto const& val : valKeys)
3584 {
3585 if (val.masterPublic != self.masterPublic)
3586 {
3587 BEAST_EXPECT(!trustedKeys->listed(val.masterPublic));
3588 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3589 removed.insert(calcNodeID(val.masterPublic));
3590 }
3591 }
3592 BEAST_EXPECT(changes.added.empty());
3593 BEAST_EXPECT(changes.removed == removed);
3594 }
3595 {
3596 // List threshold = 1, 1 publisher revoked
3597 ManifestCache pubManifests;
3598 ManifestCache valManifests;
3599 std::vector<Publisher> publishers;
3600 auto const keysTotal = valKeys.size();
3601 auto trustedKeys = makeValidatorList(
3602 2, //
3603 1,
3604 1,
3605 pubManifests,
3606 valManifests,
3607 {},
3608 publishers);
3609 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
3610 int untrustedCount = 0;
3611 for (auto const& p : publishers)
3612 {
3613 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
3614 BEAST_EXPECT(p.revoked ^ trusted);
3615 untrustedCount += trusted ? 0 : 1;
3616 }
3617 BEAST_EXPECT(untrustedCount == 1);
3618
3619 TrustChanges changes = trustedKeys->updateTrusted(
3620 activeValidators,
3621 env.timeKeeper().now(),
3622 env.app().getOPs(),
3623 env.app().overlay(),
3624 env.app().getHashRouter());
3625 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3626 BEAST_EXPECT(
3627 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3628
3629 hash_set<NodeID> added;
3630 for (auto const& val : valKeys)
3631 {
3632 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3633 added.insert(calcNodeID(val.masterPublic));
3634 }
3635 BEAST_EXPECT(changes.added == added);
3636 BEAST_EXPECT(changes.removed.empty());
3637
3638 // Expire one publisher - no quorum, no trusted validators
3639 env.timeKeeper().set(publishers.back().expiry);
3640 changes = trustedKeys->updateTrusted(
3641 activeValidators,
3642 env.timeKeeper().now(),
3643 env.app().getOPs(),
3644 env.app().overlay(),
3645 env.app().getHashRouter());
3646 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3647 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 0);
3648
3649 hash_set<NodeID> removed;
3650 for (auto const& val : valKeys)
3651 {
3652 BEAST_EXPECT(!trustedKeys->listed(val.masterPublic));
3653 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3654 removed.insert(calcNodeID(val.masterPublic));
3655 }
3656 BEAST_EXPECT(changes.added.empty());
3657 BEAST_EXPECT(changes.removed == removed);
3658 }
3659 {
3660 // List threshold = 2 (same as number of trusted publishers)
3661 ManifestCache pubManifests;
3662 ManifestCache valManifests;
3663 std::vector<Publisher> publishers;
3664 // Self is a random validator
3665 auto const self = randomValidator();
3666 auto const keysTotal = valKeys.size() + 1;
3667 auto trustedKeys = makeValidatorList(
3668 2, //
3669 0,
3670 2,
3671 pubManifests,
3672 valManifests,
3673 self,
3674 publishers);
3675 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
3676 for (auto const& p : publishers)
3677 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3678
3679 TrustChanges changes = trustedKeys->updateTrusted(
3680 activeValidators,
3681 env.timeKeeper().now(),
3682 env.app().getOPs(),
3683 env.app().overlay(),
3684 env.app().getHashRouter());
3685 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3686 BEAST_EXPECT(
3687 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3688
3689 hash_set<NodeID> added;
3690 added.insert(calcNodeID(self.masterPublic));
3691 for (auto const& val : valKeys)
3692 {
3693 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3694 added.insert(calcNodeID(val.masterPublic));
3695 }
3696 BEAST_EXPECT(changes.added == added);
3697 BEAST_EXPECT(changes.removed.empty());
3698
3699 // Expire one publisher - only trusted validator is self
3700 env.timeKeeper().set(publishers.back().expiry);
3701 changes = trustedKeys->updateTrusted(
3702 activeValidators,
3703 env.timeKeeper().now(),
3704 env.app().getOPs(),
3705 env.app().overlay(),
3706 env.app().getHashRouter());
3707 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3708 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
3709
3710 hash_set<NodeID> removed;
3711 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3712 for (auto const& val : valKeys)
3713 {
3714 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3715 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3716 removed.insert(calcNodeID(val.masterPublic));
3717 }
3718 BEAST_EXPECT(changes.added.empty());
3719 BEAST_EXPECT(changes.removed == removed);
3720 }
3721 {
3722 // List threshold = 2 (same as number of trusted publishers)
3723 ManifestCache pubManifests;
3724 ManifestCache valManifests;
3725 std::vector<Publisher> publishers;
3726 // Self is in UNL
3727 auto const self = valKeys[5];
3728 auto const keysTotal = valKeys.size();
3729 auto trustedKeys = makeValidatorList(
3730 2, //
3731 0,
3732 2,
3733 pubManifests,
3734 valManifests,
3735 self,
3736 publishers);
3737 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
3738 for (auto const& p : publishers)
3739 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3740
3741 TrustChanges changes = trustedKeys->updateTrusted(
3742 activeValidators,
3743 env.timeKeeper().now(),
3744 env.app().getOPs(),
3745 env.app().overlay(),
3746 env.app().getHashRouter());
3747 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3748 BEAST_EXPECT(
3749 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3750
3751 hash_set<NodeID> added;
3752 added.insert(calcNodeID(self.masterPublic));
3753 for (auto const& val : valKeys)
3754 {
3755 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3756 added.insert(calcNodeID(val.masterPublic));
3757 }
3758 BEAST_EXPECT(changes.added == added);
3759 BEAST_EXPECT(changes.removed.empty());
3760
3761 // Expire one publisher - only trusted validator is self
3762 env.timeKeeper().set(publishers.back().expiry);
3763 changes = trustedKeys->updateTrusted(
3764 activeValidators,
3765 env.timeKeeper().now(),
3766 env.app().getOPs(),
3767 env.app().overlay(),
3768 env.app().getHashRouter());
3769 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3770 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
3771
3772 hash_set<NodeID> removed;
3773 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3774 for (auto const& val : valKeys)
3775 {
3776 if (val.masterPublic != self.masterPublic)
3777 {
3778 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3779 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3780 removed.insert(calcNodeID(val.masterPublic));
3781 }
3782 }
3783 BEAST_EXPECT(changes.added.empty());
3784 BEAST_EXPECT(changes.removed == removed);
3785 }
3786 {
3787 // List threshold = 2 (same as number of trusted publishers)
3788 ManifestCache pubManifests;
3789 ManifestCache valManifests;
3790 std::vector<Publisher> publishers;
3791 auto const keysTotal = valKeys.size();
3792 auto trustedKeys = makeValidatorList(
3793 2, //
3794 0,
3795 2,
3796 pubManifests,
3797 valManifests,
3798 {},
3799 publishers);
3800 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
3801 for (auto const& p : publishers)
3802 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3803
3804 TrustChanges changes = trustedKeys->updateTrusted(
3805 activeValidators,
3806 env.timeKeeper().now(),
3807 env.app().getOPs(),
3808 env.app().overlay(),
3809 env.app().getHashRouter());
3810 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3811 BEAST_EXPECT(
3812 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3813
3814 hash_set<NodeID> added;
3815 for (auto const& val : valKeys)
3816 {
3817 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3818 added.insert(calcNodeID(val.masterPublic));
3819 }
3820 BEAST_EXPECT(changes.added == added);
3821 BEAST_EXPECT(changes.removed.empty());
3822
3823 // Expire one publisher - no trusted validators
3824 env.timeKeeper().set(publishers.back().expiry);
3825 changes = trustedKeys->updateTrusted(
3826 activeValidators,
3827 env.timeKeeper().now(),
3828 env.app().getOPs(),
3829 env.app().overlay(),
3830 env.app().getHashRouter());
3831 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3832 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 0);
3833
3834 hash_set<NodeID> removed;
3835 for (auto const& val : valKeys)
3836 {
3837 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
3838 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3839 removed.insert(calcNodeID(val.masterPublic));
3840 }
3841 BEAST_EXPECT(changes.added.empty());
3842 BEAST_EXPECT(changes.removed == removed);
3843 }
3844
3845 // Test case for 1 publisher
3846 {
3847 // List threshold = 1 (default), no publisher revoked
3848 ManifestCache pubManifests;
3849 ManifestCache valManifests;
3850 std::vector<Publisher> publishers;
3851 // Self is a random validator
3852 auto const self = randomValidator();
3853 auto const keysTotal = valKeys.size() + 1;
3854 auto trustedKeys = makeValidatorList(
3855 1, //
3856 0,
3857 0,
3858 pubManifests,
3859 valManifests,
3860 self,
3861 publishers);
3862 BEAST_EXPECT(trustedKeys->getListThreshold() == 1);
3863 for (auto const& p : publishers)
3864 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3865
3866 TrustChanges changes = trustedKeys->updateTrusted(
3867 activeValidators,
3868 env.timeKeeper().now(),
3869 env.app().getOPs(),
3870 env.app().overlay(),
3871 env.app().getHashRouter());
3872 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3873 BEAST_EXPECT(
3874 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3875
3876 hash_set<NodeID> added;
3877 added.insert(calcNodeID(self.masterPublic));
3878 for (auto const& val : valKeys)
3879 {
3880 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3881 added.insert(calcNodeID(val.masterPublic));
3882 }
3883 BEAST_EXPECT(changes.added == added);
3884 BEAST_EXPECT(changes.removed.empty());
3885
3886 // Expire one publisher - no quorum, only trusted validator is self
3887 env.timeKeeper().set(publishers.back().expiry);
3888 changes = trustedKeys->updateTrusted(
3889 activeValidators,
3890 env.timeKeeper().now(),
3891 env.app().getOPs(),
3892 env.app().overlay(),
3893 env.app().getHashRouter());
3894 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
3895 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
3896
3897 hash_set<NodeID> removed;
3898 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
3899 for (auto const& val : valKeys)
3900 {
3901 BEAST_EXPECT(!trustedKeys->listed(val.masterPublic));
3902 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
3903 removed.insert(calcNodeID(val.masterPublic));
3904 }
3905 BEAST_EXPECT(changes.added.empty());
3906 BEAST_EXPECT(changes.removed == removed);
3907 }
3908
3909 // Test case for 3 publishers (for 2 is a block above)
3910 {
3911 // List threshold = 2 (default), no publisher revoked
3912 ManifestCache pubManifests;
3913 ManifestCache valManifests;
3914 std::vector<Publisher> publishers;
3915 // Self is in UNL
3916 auto const self = valKeys[2];
3917 auto const keysTotal = valKeys.size();
3918 auto trustedKeys = makeValidatorList(
3919 3, //
3920 0,
3921 0,
3922 pubManifests,
3923 valManifests,
3924 self,
3925 publishers);
3926 BEAST_EXPECT(trustedKeys->getListThreshold() == 2);
3927 for (auto const& p : publishers)
3928 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3929
3930 TrustChanges changes = trustedKeys->updateTrusted(
3931 activeValidators,
3932 env.timeKeeper().now(),
3933 env.app().getOPs(),
3934 env.app().overlay(),
3935 env.app().getHashRouter());
3936 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3937 BEAST_EXPECT(
3938 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3939
3940 hash_set<NodeID> added;
3941 for (auto const& val : valKeys)
3942 {
3943 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3944 added.insert(calcNodeID(val.masterPublic));
3945 }
3946 BEAST_EXPECT(changes.added == added);
3947 BEAST_EXPECT(changes.removed.empty());
3948 }
3949
3950 // Test case for 4 publishers
3951 {
3952 // List threshold = 3 (default), no publisher revoked
3953 ManifestCache pubManifests;
3954 ManifestCache valManifests;
3955 std::vector<Publisher> publishers;
3956 auto const keysTotal = valKeys.size();
3957 auto trustedKeys = makeValidatorList(
3958 4, //
3959 0,
3960 0,
3961 pubManifests,
3962 valManifests,
3963 {},
3964 publishers);
3965 BEAST_EXPECT(trustedKeys->getListThreshold() == 3);
3966 for (auto const& p : publishers)
3967 BEAST_EXPECT(trustedKeys->trustedPublisher(p.pubKey));
3968
3969 TrustChanges changes = trustedKeys->updateTrusted(
3970 activeValidators,
3971 env.timeKeeper().now(),
3972 env.app().getOPs(),
3973 env.app().overlay(),
3974 env.app().getHashRouter());
3975 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
3976 BEAST_EXPECT(
3977 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
3978
3979 hash_set<NodeID> added;
3980 for (auto const& val : valKeys)
3981 {
3982 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
3983 added.insert(calcNodeID(val.masterPublic));
3984 }
3985 BEAST_EXPECT(changes.added == added);
3986 BEAST_EXPECT(changes.removed.empty());
3987 }
3988
3989 // Test case for 6 publishers (for 5 is a large block above)
3990 {
3991 // List threshold = 4 (default), 2 publishers revoked
3992 ManifestCache pubManifests;
3993 ManifestCache valManifests;
3994 std::vector<Publisher> publishers;
3995 // Self is a random validator
3996 auto const self = randomValidator();
3997 auto const keysTotal = valKeys.size() + 1;
3998 auto trustedKeys = makeValidatorList(
3999 6, //
4000 2,
4001 0,
4002 pubManifests,
4003 valManifests,
4004 self,
4005 publishers);
4006 BEAST_EXPECT(trustedKeys->getListThreshold() == 4);
4007 int untrustedCount = 0;
4008 for (auto const& p : publishers)
4009 {
4010 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
4011 BEAST_EXPECT(p.revoked ^ trusted);
4012 untrustedCount += trusted ? 0 : 1;
4013 }
4014 BEAST_EXPECT(untrustedCount == 2);
4015
4016 TrustChanges changes = trustedKeys->updateTrusted(
4017 activeValidators,
4018 env.timeKeeper().now(),
4019 env.app().getOPs(),
4020 env.app().overlay(),
4021 env.app().getHashRouter());
4022 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
4023 BEAST_EXPECT(
4024 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
4025
4026 hash_set<NodeID> added;
4027 added.insert(calcNodeID(self.masterPublic));
4028 for (auto const& val : valKeys)
4029 {
4030 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
4031 added.insert(calcNodeID(val.masterPublic));
4032 }
4033 BEAST_EXPECT(changes.added == added);
4034 BEAST_EXPECT(changes.removed.empty());
4035
4036 // Expire one publisher - no quorum, only trusted validator is self
4037 env.timeKeeper().set(publishers.back().expiry);
4038 changes = trustedKeys->updateTrusted(
4039 activeValidators,
4040 env.timeKeeper().now(),
4041 env.app().getOPs(),
4042 env.app().overlay(),
4043 env.app().getHashRouter());
4044 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
4045 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
4046
4047 hash_set<NodeID> removed;
4048 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
4049 for (auto const& val : valKeys)
4050 {
4051 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
4052 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
4053 removed.insert(calcNodeID(val.masterPublic));
4054 }
4055 BEAST_EXPECT(changes.added.empty());
4056 BEAST_EXPECT(changes.removed == removed);
4057 }
4058
4059 // Test case for 7 publishers
4060 {
4061 // List threshold = 4 (default), 3 publishers revoked
4062 ManifestCache pubManifests;
4063 ManifestCache valManifests;
4064 std::vector<Publisher> publishers;
4065 // Self is in UNL
4066 auto const self = valKeys[2];
4067 auto const keysTotal = valKeys.size();
4068 auto trustedKeys = makeValidatorList(
4069 7, //
4070 3,
4071 0,
4072 pubManifests,
4073 valManifests,
4074 self,
4075 publishers);
4076 BEAST_EXPECT(trustedKeys->getListThreshold() == 4);
4077 int untrustedCount = 0;
4078 for (auto const& p : publishers)
4079 {
4080 bool const trusted = trustedKeys->trustedPublisher(p.pubKey);
4081 BEAST_EXPECT(p.revoked ^ trusted);
4082 untrustedCount += trusted ? 0 : 1;
4083 }
4084 BEAST_EXPECT(untrustedCount == 3);
4085
4086 TrustChanges changes = trustedKeys->updateTrusted(
4087 activeValidators,
4088 env.timeKeeper().now(),
4089 env.app().getOPs(),
4090 env.app().overlay(),
4091 env.app().getHashRouter());
4092 BEAST_EXPECT(trustedKeys->quorum() == std::ceil(keysTotal * 0.8f));
4093 BEAST_EXPECT(
4094 trustedKeys->getTrustedMasterKeys().size() == keysTotal);
4095
4096 hash_set<NodeID> added;
4097 for (auto const& val : valKeys)
4098 {
4099 BEAST_EXPECT(trustedKeys->trusted(val.masterPublic));
4100 added.insert(calcNodeID(val.masterPublic));
4101 }
4102 BEAST_EXPECT(changes.added == added);
4103 BEAST_EXPECT(changes.removed.empty());
4104
4105 // Expire one publisher - only trusted validator is self
4106 env.timeKeeper().set(publishers.back().expiry);
4107 changes = trustedKeys->updateTrusted(
4108 activeValidators,
4109 env.timeKeeper().now(),
4110 env.app().getOPs(),
4111 env.app().overlay(),
4112 env.app().getHashRouter());
4113 BEAST_EXPECT(trustedKeys->quorum() == quorumDisabled);
4114 BEAST_EXPECT(trustedKeys->getTrustedMasterKeys().size() == 1);
4115
4116 hash_set<NodeID> removed;
4117 BEAST_EXPECT(trustedKeys->trusted(self.masterPublic));
4118 for (auto const& val : valKeys)
4119 {
4120 if (val.masterPublic != self.masterPublic)
4121 {
4122 BEAST_EXPECT(trustedKeys->listed(val.masterPublic));
4123 BEAST_EXPECT(!trustedKeys->trusted(val.masterPublic));
4124 removed.insert(calcNodeID(val.masterPublic));
4125 }
4126 }
4127 BEAST_EXPECT(changes.added.empty());
4128 BEAST_EXPECT(changes.removed == removed);
4129 }
4130 }
4131
4132public:
4133 void
4134 run() override
4135 {
4136 testGenesisQuorum();
4137 testConfigLoad();
4138 testApplyLists();
4139 testGetAvailable();
4140 testUpdateTrusted();
4141 testExpires();
4142 testNegativeUNL();
4143 testSha512Hash();
4144 testBuildMessages();
4145 testQuorumDisabled();
4146 }
4147}; // namespace test
4148
4149BEAST_DEFINE_TESTSUITE(ValidatorList, app, xrpl);
4150
4151} // namespace test
4152} // namespace xrpl
std::map::at
T at(T... args)
std::vector::back
T back(T... args)
std::vector::cbegin
T cbegin(T... args)
std::vector::capacity
T capacity(T... args)
std::ceil
T ceil(T... args)
beast::unit_test::suite
A testsuite class.
Definition suite.h:52
beast::unit_test::suite::testcase
testcase_t testcase
Memberspace for declaring test cases.
Definition suite.h:152
xrpl::Application::getHashRouter
virtual HashRouter & getHashRouter()=0
xrpl::Application::config
virtual Config & config()=0
xrpl::Application::timeKeeper
virtual TimeKeeper & timeKeeper()=0
xrpl::Application::overlay
virtual Overlay & overlay()=0
xrpl::Application::getOPs
virtual NetworkOPs & getOPs()=0
xrpl::BasicConfig::legacy
void legacy(std::string const &section, std::string value)
Set a value that is not a key/value pair.
Definition BasicConfig.cpp:154
xrpl::Dir::const_iterator
Definition Dir.h:43
xrpl::ManifestCache
Remembers manifests with the highest sequence number.
Definition Manifest.h:237
xrpl::ManifestCache::getSigningKey
std::optional< PublicKey > getSigningKey(PublicKey const &pk) const
Returns master key's current signing key.
Definition Manifest.cpp:291
xrpl::ManifestCache::applyManifest
ManifestDisposition applyManifest(Manifest m)
Add manifest to cache.
Definition Manifest.cpp:363
xrpl::ManifestCache::revoked
bool revoked(PublicKey const &pk) const
Returns true if master key has been revoked in a manifest.
Definition Manifest.cpp:351
xrpl::PublicKey
A public key.
Definition PublicKey.h:43
xrpl::STObject::add
void add(Serializer &s) const override
Definition STObject.cpp:122
xrpl::SecretKey
A secret key.
Definition SecretKey.h:19
xrpl::Serializer::size
std::size_t size() const noexcept
Definition Serializer.h:53
xrpl::Serializer::data
void const * data() const noexcept
Definition Serializer.h:59
xrpl::Slice
An immutable linear range of bytes.
Definition Slice.h:27
xrpl::base_uint< 160, detail::NodeIDTag >
xrpl::test::ManualTimeKeeper::now
time_point now() const override
Returns the current time.
Definition ManualTimeKeeper.h:20
xrpl::test::ValidatorList_test
Definition ValidatorList_test.cpp:23
xrpl::test::ValidatorList_test::makeList
std::string makeList(std::vector< Validator > const &validators, std::size_t sequence, std::size_t validUntil, std::optional< std::size_t > validFrom={})
Definition ValidatorList_test.cpp:113
xrpl::test::ValidatorList_test::randomNode
static PublicKey randomNode()
Definition ValidatorList_test.cpp:33
xrpl::test::ValidatorList_test::signList
std::string signList(std::string const &blob, std::pair< PublicKey, SecretKey > const &keys)
Definition ValidatorList_test.cpp:137
xrpl::test::ValidatorList_test::testGetAvailable
void testGetAvailable()
Definition ValidatorList_test.cpp:987
xrpl::test::ValidatorList_test::makeRevocationString
static std::string makeRevocationString(PublicKey const &pk, SecretKey const &sk)
Definition ValidatorList_test.cpp:76
xrpl::test::ValidatorList_test::testQuorumDisabled
void testQuorumDisabled()
Definition ValidatorList_test.cpp:2703
xrpl::test::ValidatorList_test::testBuildMessages
void testBuildMessages()
Definition ValidatorList_test.cpp:2345
xrpl::test::ValidatorList_test::asNodeIDs
static hash_set< NodeID > asNodeIDs(std::initializer_list< PublicKey > const &pks)
Definition ValidatorList_test.cpp:146
xrpl::test::ValidatorList_test::testGenesisQuorum
void testGenesisQuorum()
Definition ValidatorList_test.cpp:170
xrpl::test::ValidatorList_test::testUpdateTrusted
void testUpdateTrusted()
Definition ValidatorList_test.cpp:1123
xrpl::test::ValidatorList_test::randomMasterKey
static PublicKey randomMasterKey()
Definition ValidatorList_test.cpp:39
xrpl::test::ValidatorList_test::testNegativeUNL
void testNegativeUNL()
Definition ValidatorList_test.cpp:2083
xrpl::test::ValidatorList_test::randomValidator
static Validator randomValidator()
Definition ValidatorList_test.cpp:96
xrpl::test::ValidatorList_test::checkResult
void checkResult(ValidatorList::PublisherListStats const &result, PublicKey pubKey, ListDisposition expectedWorst, ListDisposition expectedBest)
Definition ValidatorList_test.cpp:156
xrpl::test::ValidatorList_test::testExpires
void testExpires()
Definition ValidatorList_test.cpp:1907
xrpl::test::ValidatorList_test::run
void run() override
Runs the suite.
Definition ValidatorList_test.cpp:4134
xrpl::test::ValidatorList_test::testSha512Hash
void testSha512Hash()
Definition ValidatorList_test.cpp:2293
xrpl::test::ValidatorList_test::testApplyLists
void testApplyLists()
Definition ValidatorList_test.cpp:520
xrpl::test::ValidatorList_test::makeManifestString
static std::string makeManifestString(PublicKey const &pk, SecretKey const &sk, PublicKey const &spk, SecretKey const &ssk, int seq)
Definition ValidatorList_test.cpp:45
xrpl::test::ValidatorList_test::testConfigLoad
void testConfigLoad()
Definition ValidatorList_test.cpp:200
xrpl::test::jtx::Env
A transaction testing environment.
Definition Env.h:102
xrpl::test::jtx::Env::app
Application & app()
Definition Env.h:244
xrpl::test::jtx::Env::timeKeeper
ManualTimeKeeper & timeKeeper()
Definition Env.h:256
xrpl::test::jtx::Env::journal
beast::Journal const journal
Definition Env.h:143
xrpl::test::jtx::sig
Set the regular signature on a JTx.
Definition sig.h:16
std::vector::clear
T clear(T... args)
std::unordered_set::emplace
T emplace(T... args)
std::vector::cend
T cend(T... args)
std::unordered_set::find
T find(T... args)
std::unordered_set::insert
T insert(T... args)
std::is_same_v
T is_same_v
std::make_pair
T make_pair(T... args)
std::numeric_limits::max
T max(T... args)
xrpl::test::jtx::data
auto const data
General field definitions, or fields used in multiple transaction namespaces.
Definition TestHelpers.h:299
xrpl::test::jtx::sign
void sign(Json::Value &jv, Account const &account, Json::Value &sigObject)
Sign automatically into a specific Json field of the jv object.
Definition utility.cpp:27
xrpl::test::jtx::envconfig
std::unique_ptr< Config > envconfig()
creates and initializes a default configuration for jtx::Env
Definition envconfig.h:35
xrpl
Use hash_* containers for keys that do not need a cryptographically secure hashing algorithm.
Definition algorithm.h:6
xrpl::randomKeyPair
std::pair< PublicKey, SecretKey > randomKeyPair(KeyType type)
Create a key pair using secure random numbers.
Definition SecretKey.cpp:366
xrpl::derivePublicKey
PublicKey derivePublicKey(KeyType type, SecretKey const &sk)
Derive the public key from a secret key.
Definition SecretKey.cpp:311
xrpl::sha512Half
sha512_half_hasher::result_type sha512Half(Args const &... args)
Returns the SHA512-Half of a series of objects.
Definition digest.h:205
xrpl::strHex
std::string strHex(FwdIt begin, FwdIt end)
Definition strHex.h:11
xrpl::base64_decode
std::string base64_decode(std::string_view data)
Definition libxrpl/basics/base64.cpp:226
xrpl::ListDisposition
ListDisposition
Definition ValidatorList.h:36
xrpl::ListDisposition::accepted
@ accepted
List is valid.
xrpl::ListDisposition::same_sequence
@ same_sequence
Same sequence as current list.
xrpl::ListDisposition::expired
@ expired
List is expired, but has the largest non-pending sequence seen so far.
xrpl::sfGeneric
SField const sfGeneric
xrpl::toBase58
std::string toBase58(AccountID const &v)
Convert AccountID to base58 checked string.
Definition AccountID.cpp:95
xrpl::base64_encode
std::string base64_encode(std::uint8_t const *data, std::size_t len)
Definition libxrpl/basics/base64.cpp:217
xrpl::publicKeyType
std::optional< KeyType > publicKeyType(Slice const &slice)
Returns the type of public key.
Definition PublicKey.cpp:204
xrpl::deserializeManifest
std::optional< Manifest > deserializeManifest(Slice s, beast::Journal journal)
Constructs Manifest from serialized string.
Definition Manifest.cpp:35
xrpl::calcNodeID
NodeID calcNodeID(PublicKey const &)
Calculate the 160-bit node ID from a node public key.
Definition PublicKey.cpp:295
xrpl::randomSecretKey
SecretKey randomSecretKey()
Create a secret key using secure random numbers.
Definition SecretKey.cpp:279
xrpl::HashPrefix::manifest
@ manifest
Manifest.
xrpl::makeSlice
std::enable_if_t< std::is_same< T, char >::value||std::is_same< T, unsigned char >::value, Slice > makeSlice(std::array< T, N > const &a)
Definition Slice.h:225
std::string::pop_back
T pop_back(T... args)
std::vector::push_back
T push_back(T... args)
std::map::rbegin
T rbegin(T... args)
std::unordered_set::reserve
T reserve(T... args)
std::stringstream::str
T str(T... args)
xrpl::TrustChanges
Changes in trusted nodes after updating validator list.
Definition ValidatorList.h:89
xrpl::TrustChanges::added
hash_set< NodeID > added
Definition ValidatorList.h:92
xrpl::TrustChanges::removed
hash_set< NodeID > removed
Definition ValidatorList.h:93
xrpl::ValidatorList::PublisherListStats
Describes the result of processing a Validator List (UNL), including some of the information from the...
Definition ValidatorList.h:273
xrpl::ValidatorList::PublisherListStats::publisherKey
std::optional< PublicKey > publisherKey
Definition ValidatorList.h:292
xrpl::test::ValidatorList_test::Validator
Definition ValidatorList_test.cpp:26
xrpl::test::ValidatorList_test::Validator::masterPublic
PublicKey masterPublic
Definition ValidatorList_test.cpp:27
xrpl::test::ValidatorList_test::Validator::signingPublic
PublicKey signingPublic
Definition ValidatorList_test.cpp:28
xrpl::test::ValidatorList_test::Validator::manifest
std::string manifest
Definition ValidatorList_test.cpp:29
xrpl::test::jtx::seq
Set the sequence number on a JTx.
Definition seq.h:15
std::chrono::time_point::time_since_epoch
T time_since_epoch(T... args)
std::to_string
T to_string(T... args)
Generated by doxygen 1.9.8