various changes to runtime checkpoint updating

json checkpoints will be checked every 10 minutes, dns every 60.

json checkpoints always enforced, dns still with flag.

conflicting checkpoints is hard fail, but soft if dns enforce flag not
set and dns checkpoints are wonky.
This commit is contained in:
Thomas Winget 2014-09-29 16:30:47 -04:00
parent 7568f89c55
commit f0b4138f1f
7 changed files with 113 additions and 23 deletions

View File

@ -1782,16 +1782,11 @@ bool blockchain_storage::add_new_block(const block& bl_, block_verification_cont
return handle_block_to_main_chain(bl, id, bvc); return handle_block_to_main_chain(bl, id, bvc);
} }
//------------------------------------------------------------------ //------------------------------------------------------------------
bool blockchain_storage::update_checkpoints(const std::string& file_path) void blockchain_storage::check_against_checkpoints(checkpoints& points, bool enforce)
{ {
if (!cryptonote::load_new_checkpoints(m_checkpoints, file_path)) const auto& pts = points.get_points();
{
return false;
}
const auto& points = m_checkpoints.get_points(); for (const auto& pt : pts)
for (const auto& pt : points)
{ {
// if the checkpoint is for a block we don't have yet, move on // if the checkpoint is for a block we don't have yet, move on
if (pt.first >= m_blocks.size()) if (pt.first >= m_blocks.size())
@ -1801,8 +1796,8 @@ bool blockchain_storage::update_checkpoints(const std::string& file_path)
if (!m_checkpoints.check_block(pt.first, get_block_hash(m_blocks[pt.first].bl))) if (!m_checkpoints.check_block(pt.first, get_block_hash(m_blocks[pt.first].bl)))
{ {
// if we're enforcing dns checkpoints, roll back to a couple of blocks before the checkpoint // if asked to enforce checkpoints, roll back to a couple of blocks before the checkpoint
if (m_enforce_dns_checkpoints) if (enforce)
{ {
LOG_ERROR("Checkpoint failed when adding new checkpoints, rolling back!"); LOG_ERROR("Checkpoint failed when adding new checkpoints, rolling back!");
std::list<block> empty; std::list<block> empty;
@ -1814,8 +1809,46 @@ bool blockchain_storage::update_checkpoints(const std::string& file_path)
} }
} }
} }
}
//------------------------------------------------------------------
// returns false if any of the checkpoints loading returns false.
// That should happen only if a checkpoint is added that conflicts
// with an existing checkpoint.
bool blockchain_storage::update_checkpoints(const std::string& file_path, bool check_dns)
{
if (!cryptonote::load_checkpoints_from_json(m_checkpoints, file_path))
{
return false;
}
// if we're checking both dns and json, load checkpoints from dns.
// if we're not hard-enforcing dns checkpoints, handle accordingly
if (m_enforce_dns_checkpoints && check_dns)
{
if (!cryptonote::load_checkpoints_from_dns(m_checkpoints))
{
return false;
}
}
else if (check_dns)
{
checkpoints dns_points;
cryptonote::load_checkpoints_from_dns(dns_points);
if (m_checkpoints.check_for_conflicts(dns_points))
{
check_against_checkpoints(dns_points, false);
}
else
{
LOG_PRINT_L0("One or more checkpoints fetched from DNS conflicted with existing checkpoints!");
}
}
check_against_checkpoints(m_checkpoints, true);
return true; return true;
} }
//------------------------------------------------------------------
void blockchain_storage::set_enforce_dns_checkpoints(bool enforce_checkpoints) void blockchain_storage::set_enforce_dns_checkpoints(bool enforce_checkpoints)
{ {
m_enforce_dns_checkpoints = enforce_checkpoints; m_enforce_dns_checkpoints = enforce_checkpoints;

View File

@ -180,7 +180,8 @@ namespace cryptonote
void print_blockchain(uint64_t start_index, uint64_t end_index); void print_blockchain(uint64_t start_index, uint64_t end_index);
void print_blockchain_index(); void print_blockchain_index();
void print_blockchain_outs(const std::string& file); void print_blockchain_outs(const std::string& file);
bool update_checkpoints(const std::string& file_path); void check_against_checkpoints(checkpoints& points, bool enforce);
bool update_checkpoints(const std::string& file_path, bool check_dns);
void set_enforce_dns_checkpoints(bool enforce_checkpoints); void set_enforce_dns_checkpoints(bool enforce_checkpoints);
private: private:

View File

@ -113,4 +113,15 @@ namespace cryptonote
return m_points; return m_points;
} }
bool checkpoints::check_for_conflicts(checkpoints& other)
{
for (auto& pt : other.get_points())
{
if (m_points.count(pt.first))
{
CHECK_AND_ASSERT_MES(pt.second == m_points[pt.first], false, "Checkpoint at given height already exists, and hash for new checkpoint was different!");
}
}
return true;
}
} }

View File

@ -47,6 +47,7 @@ namespace cryptonote
bool is_alternative_block_allowed(uint64_t blockchain_height, uint64_t block_height) const; bool is_alternative_block_allowed(uint64_t blockchain_height, uint64_t block_height) const;
uint64_t get_max_height(); uint64_t get_max_height();
const std::map<uint64_t, crypto::hash>& get_points(); const std::map<uint64_t, crypto::hash>& get_points();
bool check_for_conflicts(checkpoints& other);
private: private:
std::map<uint64_t, crypto::hash> m_points; std::map<uint64_t, crypto::hash> m_points;
}; };

View File

@ -32,6 +32,7 @@
#include "common/dns_utils.h" #include "common/dns_utils.h"
#include "include_base_utils.h" #include "include_base_utils.h"
#include <sstream> #include <sstream>
#include <random>
#include "storages/portable_storage_template_helper.h" // epee json include #include "storages/portable_storage_template_helper.h" // epee json include
namespace cryptonote namespace cryptonote
@ -110,15 +111,47 @@ bool load_checkpoints_from_json(cryptonote::checkpoints& checkpoints, std::strin
return true; return true;
} }
bool load_checkpoints_from_dns(cryptonote::checkpoints& checkpoints, const std::string& url) bool load_checkpoints_from_dns(cryptonote::checkpoints& checkpoints)
{ {
static const std::vector<std::string> dns_urls = { "checkpoints.moneropulse.se"
, "checkpoints.moneropulse.org"
, "checkpoints.moneropulse.net"
, "checkpoints.moneropulse.co"
};
bool avail, valid; bool avail, valid;
auto records = tools::DNSResolver::instance().get_txt_record(url, avail, valid); std::vector<std::string> records;
std::random_device rd;
std::mt19937 gen(rd());
std::uniform_int_distribution<int> dis(0, dns_urls.size() - 1);
int first_index = dis(gen);
int cur_index = first_index;
do
{
records = tools::DNSResolver::instance().get_txt_record(dns_urls[cur_index], avail, valid);
if (records.size() == 0 || (avail && !valid))
{
cur_index++;
if (cur_index == dns_urls.size())
{
cur_index = 0;
}
continue;
}
break;
} while (cur_index != first_index);
if (records.size() == 0)
{
LOG_PRINT_L1("Fetching checkpoints from DNS TXT records failed, no TXT records available.");
return true;
}
if (avail && !valid) if (avail && !valid)
{ {
LOG_ERROR("DNSSEC present and failed validation for query to" << url); LOG_PRINT_L0("DNSSEC present and failed validation for query last url, and all other urls either failed validation or returned no records");
return false; return true;
} }
for (auto& record : records) for (auto& record : records)
@ -154,7 +187,7 @@ bool load_checkpoints_from_dns(cryptonote::checkpoints& checkpoints, const std::
bool load_new_checkpoints(cryptonote::checkpoints& checkpoints, std::string json_hashfile_fullpath) bool load_new_checkpoints(cryptonote::checkpoints& checkpoints, std::string json_hashfile_fullpath)
{ {
// TODO: replace hard-coded url with const string or #define // TODO: replace hard-coded url with const string or #define
return (load_checkpoints_from_json(checkpoints, json_hashfile_fullpath) && load_checkpoints_from_dns(checkpoints, "checkpoints.moneropulse.org")); return (load_checkpoints_from_json(checkpoints, json_hashfile_fullpath) && load_checkpoints_from_dns(checkpoints));
} }
} // namespace cryptonote } // namespace cryptonote

View File

@ -56,7 +56,8 @@ namespace cryptonote
m_starter_message_showed(false), m_starter_message_showed(false),
m_target_blockchain_height(0), m_target_blockchain_height(0),
m_checkpoints_path(""), m_checkpoints_path(""),
m_last_checkpoints_update(0) m_last_dns_checkpoints_update(0),
m_last_json_checkpoints_update(0)
{ {
set_cryptonote_protocol(pprotocol); set_cryptonote_protocol(pprotocol);
} }
@ -86,10 +87,16 @@ namespace cryptonote
bool core::update_checkpoints() bool core::update_checkpoints()
{ {
bool res = true; bool res = true;
if (time(NULL) - m_last_checkpoints_update >= 3600) if (time(NULL) - m_last_dns_checkpoints_update >= 3600)
{ {
res = m_blockchain_storage.update_checkpoints(m_checkpoints_path); res = m_blockchain_storage.update_checkpoints(m_checkpoints_path, true);
m_last_checkpoints_update = time(NULL); m_last_dns_checkpoints_update = time(NULL);
m_last_json_checkpoints_update = time(NULL);
}
else if (time(NULL) - m_last_json_checkpoints_update >= 600)
{
res = m_blockchain_storage.update_checkpoints(m_checkpoints_path, false);
m_last_json_checkpoints_update = time(NULL);
} }
return res; return res;
} }
@ -152,7 +159,7 @@ namespace cryptonote
// load json & DNS checkpoints, and verify them // load json & DNS checkpoints, and verify them
// with respect to what blocks we already have // with respect to what blocks we already have
update_checkpoints(); CHECK_AND_ASSERT_MES(update_checkpoints(), false, "One or more checkpoints loaded from json or dns conflicted with existing checkpoints.");
r = m_miner.init(vm, testnet); r = m_miner.init(vm, testnet);
CHECK_AND_ASSERT_MES(r, false, "Failed to initialize blockchain storage"); CHECK_AND_ASSERT_MES(r, false, "Failed to initialize blockchain storage");
@ -445,7 +452,10 @@ namespace cryptonote
//----------------------------------------------------------------------------------------------- //-----------------------------------------------------------------------------------------------
bool core::handle_incoming_block(const blobdata& block_blob, block_verification_context& bvc, bool update_miner_blocktemplate) bool core::handle_incoming_block(const blobdata& block_blob, block_verification_context& bvc, bool update_miner_blocktemplate)
{ {
update_checkpoints(); // load json & DNS checkpoints every 10min/hour respectively,
// and verify them with respect to what blocks we already have
CHECK_AND_ASSERT_MES(update_checkpoints(), false, "One or more checkpoints loaded from json or dns conflicted with existing checkpoints.");
bvc = boost::value_initialized<block_verification_context>(); bvc = boost::value_initialized<block_verification_context>();
if(block_blob.size() > get_max_block_size()) if(block_blob.size() > get_max_block_size())
{ {

View File

@ -163,7 +163,8 @@ namespace cryptonote
uint64_t m_target_blockchain_height; uint64_t m_target_blockchain_height;
std::string m_checkpoints_path; std::string m_checkpoints_path;
time_t m_last_checkpoints_update; time_t m_last_dns_checkpoints_update;
time_t m_last_json_checkpoints_update;
}; };
} }