From 35227c463649df0238613944b2238313740a64e1 Mon Sep 17 00:00:00 2001 From: HaoyangLiu Date: Tue, 27 Jun 2023 14:49:42 +0800 Subject: [PATCH 01/15] [R4R] - {0.4.2}: Resolve audit feedback from Sigma: MNT-9, MNT-10 and MNT-12 (#1131) * ensure key length is no less than 16 * add signature length checker * return pointer instead of struct and return the relevant err1 or err2 instead of err * ensure sig length is no less than 64 --- tss/manager/sign.go | 11 ++++++--- tss/node/tsslib/keysign.go | 7 +++--- tss/node/tsslib/keysign/tss_keysign.go | 32 +++++++++++++++----------- tss/node/tsslib/storage/shamir_mgr.go | 10 +++++--- tss/ws/server/handler.go | 4 ++++ 5 files changed, 41 insertions(+), 23 deletions(-) diff --git a/tss/manager/sign.go b/tss/manager/sign.go index b2c02e4b7..bb3ab7ea3 100644 --- a/tss/manager/sign.go +++ b/tss/manager/sign.go @@ -6,13 +6,14 @@ import ( "encoding/json" "errors" "fmt" - "github.com/influxdata/influxdb/pkg/slices" - "github.com/mantlenetworkio/mantle/l2geth/crypto" - tmjson "github.com/tendermint/tendermint/libs/json" "strings" "sync" "time" + "github.com/influxdata/influxdb/pkg/slices" + "github.com/mantlenetworkio/mantle/l2geth/crypto" + tmjson "github.com/tendermint/tendermint/libs/json" + "github.com/mantlenetworkio/mantle/l2geth/log" tss "github.com/mantlenetworkio/mantle/tss/common" "github.com/mantlenetworkio/mantle/tss/manager/types" @@ -87,6 +88,10 @@ func (m Manager) sign(ctx types.Context, request interface{}, digestBz []byte, m } poolPubKeyBz, _ := hex.DecodeString(ctx.TssInfos().ClusterPubKey) + if len(signResponse.Signature) < 64 { + log.Error(fmt.Sprintf("invalid signature, expected length is no less than 64, actual length is %d", len(signResponse.Signature))) + return + } if !crypto.VerifySignature(poolPubKeyBz, digestBz, signResponse.Signature[:64]) { log.Error("illegal signature") return diff --git a/tss/node/tsslib/keysign.go b/tss/node/tsslib/keysign.go index 5ae7204ec..0a5800dc3 100644 --- a/tss/node/tsslib/keysign.go +++ b/tss/node/tsslib/keysign.go @@ -4,6 +4,9 @@ import ( "encoding/hex" "errors" "fmt" + "strings" + "time" + "github.com/libp2p/go-libp2p/core/peer" "github.com/mantlenetworkio/mantle/tss/node/tsslib/abnormal" "github.com/mantlenetworkio/mantle/tss/node/tsslib/common" @@ -11,8 +14,6 @@ import ( keysign2 "github.com/mantlenetworkio/mantle/tss/node/tsslib/keysign" "github.com/mantlenetworkio/mantle/tss/node/tsslib/messages" "github.com/mantlenetworkio/mantle/tss/node/tsslib/storage" - "strings" - "time" ) func (t *TssServer) generateSignature(onlinePeers []peer.ID, req keysign2.Request, localStateItem storage.KeygenLocalState, keysignInstance *keysign2.TssKeySign) (keysign2.Response, error) { @@ -56,7 +57,7 @@ func (t *TssServer) generateSignature(onlinePeers []peer.ID, req keysign2.Reques } return keysign2.NewResponse( - &signatureData, + signatureData, common.Success, "", nil, diff --git a/tss/node/tsslib/keysign/tss_keysign.go b/tss/node/tsslib/keysign/tss_keysign.go index 1773bd684..6aa0f2523 100644 --- a/tss/node/tsslib/keysign/tss_keysign.go +++ b/tss/node/tsslib/keysign/tss_keysign.go @@ -4,6 +4,9 @@ import ( "crypto/ecdsa" "errors" "fmt" + "sync" + "time" + tsscommon "github.com/binance-chain/tss-lib/common" "github.com/binance-chain/tss-lib/ecdsa/signing" "github.com/binance-chain/tss-lib/tss" @@ -16,8 +19,6 @@ import ( "github.com/mantlenetworkio/mantle/tss/node/tsslib/storage" "github.com/rs/zerolog" "github.com/rs/zerolog/log" - "sync" - "time" ) type TssKeySign struct { @@ -60,16 +61,15 @@ func (tKeySign *TssKeySign) GetTssCommonStruct() *common2.TssCommon { } // signMessage -func (tKeySign *TssKeySign) SignMessage(msgToSign []byte, localStateItem storage.KeygenLocalState, parties []string) (tsscommon.SignatureData, error) { +func (tKeySign *TssKeySign) SignMessage(msgToSign []byte, localStateItem storage.KeygenLocalState, parties []string) (*tsscommon.SignatureData, error) { partiesID, localPartyID, err := conversion.GetParties(parties, localStateItem.LocalPartyKey) - var emptySignatureData tsscommon.SignatureData if err != nil { - return emptySignatureData, fmt.Errorf("fail to form key sign party: %w", err) + return nil, fmt.Errorf("fail to form key sign party: %w", err) } if !common2.Contains(partiesID, localPartyID) { tKeySign.logger.Info().Msgf("we are not in this rounds key sign") - return emptySignatureData, nil + return nil, nil } outCh := make(chan tss.Message, 2*len(partiesID)) @@ -78,13 +78,13 @@ func (tKeySign *TssKeySign) SignMessage(msgToSign []byte, localStateItem storage m, err := common2.MsgToHashInt(msgToSign) if err != nil { - return emptySignatureData, fmt.Errorf("fail to convert msg to hash int: %w", err) + return nil, fmt.Errorf("fail to convert msg to hash int: %w", err) } moniker := m.String() partiesID, eachLocalPartyID, err := conversion.GetParties(parties, localStateItem.LocalPartyKey) ctx := tss.NewPeerContext(partiesID) if err != nil { - return emptySignatureData, fmt.Errorf("error to create parties in batch signging %w\n", err) + return nil, fmt.Errorf("error to create parties in batch signging %w\n", err) } tKeySign.logger.Info().Msgf("message: (%s) keysign parties: %+v", m.String(), parties) @@ -95,11 +95,15 @@ func (tKeySign *TssKeySign) SignMessage(msgToSign []byte, localStateItem storage abnormalMgr := tKeySign.tssCommonStruct.GetAbnormalMgr() partyIDMap := conversion.SetupPartyIDMap(partiesID) - err1 := conversion.SetupIDMaps(partyIDMap, tKeySign.tssCommonStruct.PartyIDtoP2PID) - err2 := conversion.SetupIDMaps(partyIDMap, abnormalMgr.PartyIDtoP2PID) - if err1 != nil || err2 != nil { + err = conversion.SetupIDMaps(partyIDMap, tKeySign.tssCommonStruct.PartyIDtoP2PID) + if err != nil { + tKeySign.logger.Error().Err(err).Msgf("error in creating mapping between partyID and P2P ID") + return nil, err + } + err = conversion.SetupIDMaps(partyIDMap, abnormalMgr.PartyIDtoP2PID) + if err != nil { tKeySign.logger.Error().Err(err).Msgf("error in creating mapping between partyID and P2P ID") - return emptySignatureData, err + return nil, err } tKeySign.tssCommonStruct.SetPartyInfo(&abnormal.PartyInfo{ @@ -127,7 +131,7 @@ func (tKeySign *TssKeySign) SignMessage(msgToSign []byte, localStateItem storage result, err := tKeySign.processKeySign(errCh, outCh, endCh) if err != nil { close(tKeySign.commStopChan) - return emptySignatureData, fmt.Errorf("fail to process key sign: %w", err) + return nil, fmt.Errorf("fail to process key sign: %w", err) } select { @@ -138,7 +142,7 @@ func (tKeySign *TssKeySign) SignMessage(msgToSign []byte, localStateItem storage } keySignWg.Wait() tKeySign.logger.Info().Msgf("%s successfully sign the message", tKeySign.p2pComm.GetHost().ID().String()) - return result, nil + return &result, nil } func (tKeySign *TssKeySign) processKeySign(errChan chan struct{}, outCh <-chan tss.Message, endCh <-chan tsscommon.SignatureData) (tsscommon.SignatureData, error) { diff --git a/tss/node/tsslib/storage/shamir_mgr.go b/tss/node/tsslib/storage/shamir_mgr.go index d9cb988e0..7a2c5650b 100644 --- a/tss/node/tsslib/storage/shamir_mgr.go +++ b/tss/node/tsslib/storage/shamir_mgr.go @@ -7,6 +7,10 @@ import ( "encoding/json" "errors" "fmt" + "sort" + "strconv" + "strings" + sssas "github.com/SSSaaS/sssa-golang" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/credentials" @@ -19,9 +23,6 @@ import ( "github.com/google/uuid" nodeconfig "github.com/mantlenetworkio/mantle/tss/common" "github.com/rs/zerolog/log" - "sort" - "strconv" - "strings" ) const ( @@ -546,6 +547,9 @@ func NewSession(region, id, secret string) (*session.Session, error) { } func createUUID(key string) (string, error) { + if len(key) < 16 { + return "", fmt.Errorf("key length should not be less than 16") + } uuidBytes := make([]byte, 16) keyBytes := []byte(key) copy(uuidBytes, keyBytes[len(keyBytes)-16:len(keyBytes)]) diff --git a/tss/ws/server/handler.go b/tss/ws/server/handler.go index 13e1766c8..6021e2e0c 100644 --- a/tss/ws/server/handler.go +++ b/tss/ws/server/handler.go @@ -180,6 +180,10 @@ func (wm *WebsocketManager) WebsocketHandler(w http.ResponseWriter, r *http.Requ wm.logger.Error("hex decode error for pubkey or sig", "err", err) return } + if len(sigBytes) < 64 { + wm.logger.Error(fmt.Sprintf("invalid sigBytes, expected length is no less than 64, actual length is %d", len(sigBytes))) + return + } digestBz := crypto.Keccak256Hash([]byte(timeStr)).Bytes() if !crypto.VerifySignature(pubKeyBytes, digestBz, sigBytes[:64]) { wm.logger.Error("illegal signature", "publicKey", pubKey, "time", timeStr, "signature", sig) From db5ceb2771197a9bcc4850bacff6c0eabc462b57 Mon Sep 17 00:00:00 2001 From: HaoyangLiu Date: Tue, 27 Jun 2023 14:50:28 +0800 Subject: [PATCH 02/15] [R4R] - {0.4.2}: Resolve audit feedback from Sigma: MNT23 (#1137) Fix unreachable error handling --- proxyd/cache.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/proxyd/cache.go b/proxyd/cache.go index 69dbb0b81..b03350332 100644 --- a/proxyd/cache.go +++ b/proxyd/cache.go @@ -146,12 +146,10 @@ func (c *rpcCache) GetRPC(ctx context.Context, req *RPCReq) (*RPCRes, error) { return nil, nil } res, err := handler.GetRPCMethod(ctx, req) - if res != nil { - if res == nil { - RecordCacheMiss(req.Method) - } else { - RecordCacheHit(req.Method) - } + if res == nil { + RecordCacheMiss(req.Method) + } else { + RecordCacheHit(req.Method) } return res, err } From ebc38671b76f0fe5d0782c66573ad011c372f0ab Mon Sep 17 00:00:00 2001 From: ethan <101823964+Ethanncnm@users.noreply.github.com> Date: Tue, 27 Jun 2023 15:13:53 +0800 Subject: [PATCH 03/15] [R4R] - {0.4.2}: add necessary license (#1123) * fix Consensys audit 4.3: add necessary LICENSE * add mit license for tss node lib --------- Co-authored-by: Shijiang Guo --- LICENSE | 2 +- bss-core/LICENSE | 22 ++++++++++++++++++++++ fraud-proof/LICENSE | 22 ++++++++++++++++++++++ integration-tests/LICENSE | 2 +- mt-batcher/LICENSE | 22 ++++++++++++++++++++++ mt-challenger/LICENSE | 22 ++++++++++++++++++++++ packages/common-ts/LICENSE | 2 +- packages/contracts/LICENSE | 2 +- packages/core-utils/LICENSE | 2 +- packages/data-transport-layer/LICENSE | 2 +- packages/fault-detector/LICENSE | 2 +- packages/hardhat-deploy-config/LICENSE | 2 +- packages/replica-healthcheck/LICENSE | 2 +- packages/sdk/LICENSE | 2 +- tss/LICENSE | 22 ++++++++++++++++++++++ tss/node/tsslib/LICENSE | 21 +++++++++++++++++++++ 16 files changed, 141 insertions(+), 10 deletions(-) create mode 100644 bss-core/LICENSE create mode 100644 fraud-proof/LICENSE create mode 100644 mt-batcher/LICENSE create mode 100644 mt-challenger/LICENSE create mode 100644 tss/LICENSE create mode 100644 tss/node/tsslib/LICENSE diff --git a/LICENSE b/LICENSE index 090d39a3f..ec55f3cec 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2022-2023 Mantle Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/bss-core/LICENSE b/bss-core/LICENSE new file mode 100644 index 000000000..ec55f3cec --- /dev/null +++ b/bss-core/LICENSE @@ -0,0 +1,22 @@ +(The MIT License) + +Copyright 2022-2023 Mantle + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/fraud-proof/LICENSE b/fraud-proof/LICENSE new file mode 100644 index 000000000..ec55f3cec --- /dev/null +++ b/fraud-proof/LICENSE @@ -0,0 +1,22 @@ +(The MIT License) + +Copyright 2022-2023 Mantle + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/integration-tests/LICENSE b/integration-tests/LICENSE index 090d39a3f..6a7da5218 100644 --- a/integration-tests/LICENSE +++ b/integration-tests/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2020-2021 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/mt-batcher/LICENSE b/mt-batcher/LICENSE new file mode 100644 index 000000000..ec55f3cec --- /dev/null +++ b/mt-batcher/LICENSE @@ -0,0 +1,22 @@ +(The MIT License) + +Copyright 2022-2023 Mantle + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/mt-challenger/LICENSE b/mt-challenger/LICENSE new file mode 100644 index 000000000..ec55f3cec --- /dev/null +++ b/mt-challenger/LICENSE @@ -0,0 +1,22 @@ +(The MIT License) + +Copyright 2022-2023 Mantle + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/packages/common-ts/LICENSE b/packages/common-ts/LICENSE index 090d39a3f..6a7da5218 100644 --- a/packages/common-ts/LICENSE +++ b/packages/common-ts/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2020-2021 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/packages/contracts/LICENSE b/packages/contracts/LICENSE index 090d39a3f..6a7da5218 100644 --- a/packages/contracts/LICENSE +++ b/packages/contracts/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2020-2021 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/packages/core-utils/LICENSE b/packages/core-utils/LICENSE index 090d39a3f..6a7da5218 100644 --- a/packages/core-utils/LICENSE +++ b/packages/core-utils/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2020-2021 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/packages/data-transport-layer/LICENSE b/packages/data-transport-layer/LICENSE index 090d39a3f..6a7da5218 100644 --- a/packages/data-transport-layer/LICENSE +++ b/packages/data-transport-layer/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2020-2021 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/packages/fault-detector/LICENSE b/packages/fault-detector/LICENSE index 090d39a3f..6a7da5218 100644 --- a/packages/fault-detector/LICENSE +++ b/packages/fault-detector/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2020-2021 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/packages/hardhat-deploy-config/LICENSE b/packages/hardhat-deploy-config/LICENSE index 090d39a3f..6a7da5218 100644 --- a/packages/hardhat-deploy-config/LICENSE +++ b/packages/hardhat-deploy-config/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2020-2021 Mantle +Copyright 2020-2021 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/packages/replica-healthcheck/LICENSE b/packages/replica-healthcheck/LICENSE index f621e7800..eb3071204 100644 --- a/packages/replica-healthcheck/LICENSE +++ b/packages/replica-healthcheck/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2022 Mantle +Copyright 2022 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/packages/sdk/LICENSE b/packages/sdk/LICENSE index f621e7800..eb3071204 100644 --- a/packages/sdk/LICENSE +++ b/packages/sdk/LICENSE @@ -1,6 +1,6 @@ (The MIT License) -Copyright 2022 Mantle +Copyright 2022 Optimism Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/tss/LICENSE b/tss/LICENSE new file mode 100644 index 000000000..ec55f3cec --- /dev/null +++ b/tss/LICENSE @@ -0,0 +1,22 @@ +(The MIT License) + +Copyright 2022-2023 Mantle + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/tss/node/tsslib/LICENSE b/tss/node/tsslib/LICENSE new file mode 100644 index 000000000..0a88df476 --- /dev/null +++ b/tss/node/tsslib/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2020 THORChain / THORChain TSS + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. From 473517daf33b555de8f71491b07a128ea366ccb2 Mon Sep 17 00:00:00 2001 From: Sha3n Date: Tue, 27 Jun 2023 15:20:54 +0800 Subject: [PATCH 04/15] [R4R] - {0.4.2}: Bugfix/sigma mnt 30 (#1133) [fix]: fix sigma MNT-30 --- fraud-proof/proof/state/stack.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fraud-proof/proof/state/stack.go b/fraud-proof/proof/state/stack.go index 96ac21e7a..84b4d6394 100644 --- a/fraud-proof/proof/state/stack.go +++ b/fraud-proof/proof/state/stack.go @@ -90,7 +90,7 @@ func (st *Stack) Back(n int) *uint256.Int { } func (st *Stack) HashAfterPops(n int) common.Hash { - return st.hash[st.Len()-n] + return st.hash[len(st.hash)-n] } func (st *Stack) EncodeState() []byte { From f2fd3f4bde6ecb5c769f44444128a81588828ddb Mon Sep 17 00:00:00 2001 From: ethan <101823964+Ethanncnm@users.noreply.github.com> Date: Tue, 27 Jun 2023 15:28:04 +0800 Subject: [PATCH 05/15] [R4R] - {0.4.2}: add zero address in oracle.sol (#1135) * add zero address check on oracle.sol * fix comments --- l2geth/contracts/checkpointoracle/contract/oracle.sol | 1 + 1 file changed, 1 insertion(+) diff --git a/l2geth/contracts/checkpointoracle/contract/oracle.sol b/l2geth/contracts/checkpointoracle/contract/oracle.sol index 010644727..a58f8abc7 100644 --- a/l2geth/contracts/checkpointoracle/contract/oracle.sol +++ b/l2geth/contracts/checkpointoracle/contract/oracle.sol @@ -18,6 +18,7 @@ contract CheckpointOracle { */ constructor(address[] memory _adminlist, uint _sectionSize, uint _processConfirms, uint _threshold) public { for (uint i = 0; i < _adminlist.length; i++) { + require(_adminlist[i] != address(0),"admin list can't contain 0 address"); admins[_adminlist[i]] = true; adminList.push(_adminlist[i]); } From 9b37a07cc7ccad0c5b97b79e4b8646b8ad08af96 Mon Sep 17 00:00:00 2001 From: Sha3n Date: Tue, 27 Jun 2023 16:33:12 +0800 Subject: [PATCH 06/15] [R4R] - {0.4.2}: fix sigma MNT-26 (#1132) [fix]: fix sigma MNT-26 --- mt-batcher/services/restorer/handle.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mt-batcher/services/restorer/handle.go b/mt-batcher/services/restorer/handle.go index 024350ed9..7cef026b5 100644 --- a/mt-batcher/services/restorer/handle.go +++ b/mt-batcher/services/restorer/handle.go @@ -148,6 +148,10 @@ func (s *DaService) GetDtlBatchTransactionByDataStoreId(c gecho.Context) error { for i := 0; i < len(newBatchTxn); i++ { l2Tx := new(types.Transaction) txDecodeMetaData := new(eigenda.TransactionMeta) + if newBatchTxn[i].TxMeta == nil { + log.Error("Batch tx metadata shouldn't be nil") + continue + } err = json.Unmarshal(newBatchTxn[i].TxMeta, txDecodeMetaData) if err != nil { log.Error("Unmarshal json fail") From ba1be87adbfd659522293a9cbb31cdcac180025f Mon Sep 17 00:00:00 2001 From: I know Date: Tue, 27 Jun 2023 16:34:02 +0800 Subject: [PATCH 07/15] [R4R] - {0.4.2}: fix audit issue from sigma (#1138) fix audit issue from sigma --- tss/common/merkle_tree.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tss/common/merkle_tree.go b/tss/common/merkle_tree.go index b464475c8..7e4e41d07 100644 --- a/tss/common/merkle_tree.go +++ b/tss/common/merkle_tree.go @@ -41,6 +41,10 @@ func GetMerkleRoot(elements [][32]byte) ([32]byte, error) { return elements[0], nil } + if len(elements) > 131071 { + return [32]byte{}, errors.New("element size exceeds maximum allowed value") + } + // We'll need to keep track of left and right siblings. var leftSibling [32]byte var rightSibling [32]byte From 4119ae9fb2c4ea5168b3d9bc63212ae3b070377f Mon Sep 17 00:00:00 2001 From: Shijiang Guo Date: Tue, 27 Jun 2023 16:36:28 +0800 Subject: [PATCH 08/15] [R4R]: Feature/sj audit fix (#1140) * feat: fix some sigma audit * fix some code * feat: fix http api error * revert l2geth --- mt-batcher/services/restorer/handle.go | 16 +++++++++------- mt-batcher/services/restorer/service.go | 4 ++-- tss/node/tsslib/p2p/communication.go | 12 ------------ tss/ws/client/tm/client.go | 5 +---- 4 files changed, 12 insertions(+), 25 deletions(-) diff --git a/mt-batcher/services/restorer/handle.go b/mt-batcher/services/restorer/handle.go index 7cef026b5..d0ca9f826 100644 --- a/mt-batcher/services/restorer/handle.go +++ b/mt-batcher/services/restorer/handle.go @@ -22,6 +22,10 @@ import ( "strings" ) +const ( + maxCallReceiveMessageSize = 314572800 +) + type RollupStoreRequest struct { BatchIndex int64 `json:"batch_index"` } @@ -94,7 +98,7 @@ func (s *DaService) GetBatchTransactionByDataStoreId(c gecho.Context) error { defer conn.Close() client := pb.NewDataRetrievalClient(conn) - opt := grpc.MaxCallRecvMsgSize(1024 * 1024 * 300) + opt := grpc.MaxCallRecvMsgSize(maxCallReceiveMessageSize) request := &pb.FramesAndDataRequest{ DataStoreId: txReq.StoreNumber, } @@ -125,7 +129,7 @@ func (s *DaService) GetDtlBatchTransactionByDataStoreId(c gecho.Context) error { defer conn.Close() client := pb.NewDataRetrievalClient(conn) - opt := grpc.MaxCallRecvMsgSize(1024 * 1024 * 300) + opt := grpc.MaxCallRecvMsgSize(maxCallReceiveMessageSize) request := &pb.FramesAndDataRequest{ DataStoreId: txReq.StoreNumber, } @@ -154,12 +158,11 @@ func (s *DaService) GetDtlBatchTransactionByDataStoreId(c gecho.Context) error { } err = json.Unmarshal(newBatchTxn[i].TxMeta, txDecodeMetaData) if err != nil { - log.Error("Unmarshal json fail") + return c.JSON(http.StatusBadRequest, errors.New("Unmarshal json fail")) } rlpStream := l2rlp.NewStream(bytes.NewBuffer(newBatchTxn[i].RawTx), 0) if err := l2Tx.DecodeRLP(rlpStream); err != nil { - log.Error("Decode RLP fail") - continue + return c.JSON(http.StatusBadRequest, errors.New("Decode RLP fail")) } log.Info("transaction", "hash", l2Tx.Hash().Hex()) newBlockNumber := new(big.Int).SetBytes(newBatchTxn[i].BlockNumber) @@ -171,7 +174,6 @@ func (s *DaService) GetDtlBatchTransactionByDataStoreId(c gecho.Context) error { l1MessageSender = nil } else { queueOrigin = types.QueueOriginL1ToL2 - //TODO still need to add the L1msg addrLs := common2.HexToAddress("") l1MessageSender = &addrLs } @@ -279,7 +281,7 @@ func (s *DaService) GetTransactionListByStoreNumber(c gecho.Context) error { rlpStream := l2rlp.NewStream(bytes.NewBuffer(newBatchTxn[i].RawTx), 0) if err := l2Tx.DecodeRLP(rlpStream); err != nil { log.Error("Decode RLP fail") - continue + return c.JSON(http.StatusBadRequest, errors.New("Decode RLP fail")) } log.Info("transaction", "hash", l2Tx.Hash().Hex()) newBlockNumber := new(big.Int).SetBytes(newBatchTxn[i].BlockNumber) diff --git a/mt-batcher/services/restorer/service.go b/mt-batcher/services/restorer/service.go index 0d349afea..570d11984 100644 --- a/mt-batcher/services/restorer/service.go +++ b/mt-batcher/services/restorer/service.go @@ -37,7 +37,7 @@ type DaService struct { } func NewDaService(ctx context.Context, cfg *DaServiceConfig) (*DaService, error) { - _, cancel := context.WithTimeout(ctx, common.DefaultTimeout) + subCtx, cancel := context.WithTimeout(ctx, common.DefaultTimeout) defer cancel() e := gecho.New() e.Use(middleware.LoggerWithConfig(middleware.LoggerConfig{ @@ -48,7 +48,7 @@ func NewDaService(ctx context.Context, cfg *DaServiceConfig) (*DaService, error) graphClient := graphView.NewGraphClient(cfg.GraphProvider, nil) graphqlClient := graphql.NewClient(graphClient.GetEndpoint(), nil) server := &DaService{ - Ctx: ctx, + Ctx: subCtx, Cfg: cfg, GraphClient: graphClient, GraphqlClient: graphqlClient, diff --git a/tss/node/tsslib/p2p/communication.go b/tss/node/tsslib/p2p/communication.go index fdd26bb04..acde02a73 100644 --- a/tss/node/tsslib/p2p/communication.go +++ b/tss/node/tsslib/p2p/communication.go @@ -124,18 +124,6 @@ func (c *Communication) disconnect(remotePeer peer.ID) { if err := cn.Close(); err != nil { c.logger.Err(err).Msgf("fail to close to peer: %s", remotePeer) } - //func() { - // ctx, cancel := context.WithTimeout(context.Background(), TimeoutConnecting) - // defer cancel() - // addrInfo, err := peer.AddrInfoFromP2pAddr(remoteMultiAddr) - // if err != nil { - // c.logger.Err(err).Msgf("fail to converts a MultiAddr to an AddrInfo, peer: %s", remotePeer) - // return - // } - // if err := c.host.Connect(ctx, *addrInfo); err != nil { - // c.logger.Err(err).Msgf("fail to connect to peer: %s", remotePeer) - // } - //}() } } diff --git a/tss/ws/client/tm/client.go b/tss/ws/client/tm/client.go index f6e629987..1d33ed4e0 100644 --- a/tss/ws/client/tm/client.go +++ b/tss/ws/client/tm/client.go @@ -15,7 +15,6 @@ import ( "github.com/ethereum/go-ethereum/crypto" "github.com/gorilla/websocket" "github.com/rcrowley/go-metrics" - tmrand "github.com/tendermint/tendermint/libs/rand" "github.com/tendermint/tendermint/libs/service" tmsync "github.com/tendermint/tendermint/libs/sync" "github.com/tendermint/tendermint/rpc/jsonrpc/types" @@ -285,9 +284,7 @@ func (c *WSClient) reconnect() error { }() for { - jitter := time.Duration(tmrand.Float64() * float64(time.Second)) // 1s == (1e9 ns) - backoffDuration := jitter + ((1 << uint(attempt)) * time.Second) - + backoffDuration := (1 << uint(attempt)) * time.Second c.Logger.Info("reconnecting", "attempt", attempt+1, "backoff_duration", backoffDuration) time.Sleep(backoffDuration) From 860ead8e380fbc620e38d65155c6da03cd730eff Mon Sep 17 00:00:00 2001 From: I know Date: Tue, 27 Jun 2023 17:08:09 +0800 Subject: [PATCH 09/15] Return error messages to avoid null pointer exceptions from occurring. (#1145) --- tss/node/tsslib/keysign/tss_keysign.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tss/node/tsslib/keysign/tss_keysign.go b/tss/node/tsslib/keysign/tss_keysign.go index 6aa0f2523..8060d1ac8 100644 --- a/tss/node/tsslib/keysign/tss_keysign.go +++ b/tss/node/tsslib/keysign/tss_keysign.go @@ -69,7 +69,7 @@ func (tKeySign *TssKeySign) SignMessage(msgToSign []byte, localStateItem storage if !common2.Contains(partiesID, localPartyID) { tKeySign.logger.Info().Msgf("we are not in this rounds key sign") - return nil, nil + return nil, fmt.Errorf("we are not in this rounds key sign") } outCh := make(chan tss.Message, 2*len(partiesID)) From f8e3fbb5737dbc2f891702869d132dc923a74f9c Mon Sep 17 00:00:00 2001 From: Tri-stone Date: Tue, 27 Jun 2023 17:08:32 +0800 Subject: [PATCH 10/15] [l2geth & gasoracle]feat: calculate & collect l2 fee (#1144) --- l2geth/rollup/fees/rollup_fee.go | 4 ++-- l2geth/rollup/sync_service.go | 32 +++++++++++++++++-------- packages/contracts/hardhat.config.ts | 4 ++-- packages/contracts/src/deploy-config.ts | 4 ++-- 4 files changed, 28 insertions(+), 16 deletions(-) diff --git a/l2geth/rollup/fees/rollup_fee.go b/l2geth/rollup/fees/rollup_fee.go index c632c5198..9f24550aa 100644 --- a/l2geth/rollup/fees/rollup_fee.go +++ b/l2geth/rollup/fees/rollup_fee.go @@ -354,8 +354,8 @@ func PaysEnough(opts *PaysEnoughOpts) error { } // Protect users from overpaying by too much if opts.ThresholdUp != nil { - // overpaying = user fee - expected fee - overpaying := new(big.Int).Sub(opts.UserGasPrice, opts.ExpectedGasPrice) + // overpaying = user fee + overpaying := opts.UserGasPrice threshold := mulByFloat(opts.ExpectedGasPrice, opts.ThresholdUp) // if overpaying > threshold, return error if overpaying.Cmp(threshold) == 1 { diff --git a/l2geth/rollup/sync_service.go b/l2geth/rollup/sync_service.go index ff0e357f4..35e448ac2 100644 --- a/l2geth/rollup/sync_service.go +++ b/l2geth/rollup/sync_service.go @@ -4,6 +4,7 @@ import ( "context" "errors" "fmt" + "math" "math/big" "strconv" "sync" @@ -39,7 +40,8 @@ var ( // errZeroGasPriceTx is the error for when a user submits a transaction // with gas price zero and fees are currently enforced errZeroGasPriceTx = errors.New("cannot accept 0 gas price transaction") - float1 = big.NewFloat(1) + feeThresholdDown = big.NewFloat(1) + feeThresholdUp = big.NewFloat(4000) ) // SyncService implements the main functionality around pulling in transactions @@ -127,17 +129,17 @@ func NewSyncService(ctx context.Context, cfg Config, txpool *core.TxPool, bc *co } // Ensure sane values for the fee thresholds if cfg.FeeThresholdDown != nil { - // The fee threshold down should be less than 1 - if cfg.FeeThresholdDown.Cmp(float1) != -1 { - return nil, fmt.Errorf("%w: fee threshold down not lower than 1: %f", errBadConfig, - cfg.FeeThresholdDown) + // The fee threshold down should be <= feeThresholdDown + if cfg.FeeThresholdDown.Cmp(feeThresholdDown) == 1 { + return nil, fmt.Errorf("%w: fee threshold down not lower than %f: %f", errBadConfig, + feeThresholdDown, cfg.FeeThresholdDown) } } if cfg.FeeThresholdUp != nil { - // The fee threshold up should be greater than 1 - if cfg.FeeThresholdUp.Cmp(float1) != 1 { - return nil, fmt.Errorf("%w: fee threshold up not larger than 1: %f", errBadConfig, - cfg.FeeThresholdUp) + // The fee threshold up should be >= feeThresholdUp + if cfg.FeeThresholdUp.Cmp(feeThresholdUp) == -1 { + return nil, fmt.Errorf("%w: fee threshold up not larger than %f: %f", errBadConfig, + feeThresholdUp, cfg.FeeThresholdUp) } } @@ -1249,7 +1251,7 @@ func (s *SyncService) verifyFee(tx *types.Transaction) error { } if errors.Is(err, fees.ErrGasPriceTooHigh) { return fmt.Errorf("%w: %d wei, use at most tx.gasPrice = %s wei", - fees.ErrGasPriceTooHigh, tx.GasPrice(), l2GasPrice) + fees.ErrGasPriceTooHigh, tx.GasPrice(), mulByFloat(l2GasPrice, opts.ThresholdUp)) } return err } @@ -1626,3 +1628,13 @@ func (s *SyncService) GetTxStatusByNumber(number uint64) (*types.TxStatusRespons return stateRsp, nil } + +// mulByFloat multiplies a big.Int by a float and returns the +// big.Int rounded upwards +func mulByFloat(num *big.Int, float *big.Float) *big.Int { + n := new(big.Float).SetUint64(num.Uint64()) + product := n.Mul(n, float) + pfloat, _ := product.Float64() + rounded := math.Ceil(pfloat) + return new(big.Int).SetUint64(uint64(rounded)) +} diff --git a/packages/contracts/hardhat.config.ts b/packages/contracts/hardhat.config.ts index fa2cd0aa3..77a99ffec 100644 --- a/packages/contracts/hardhat.config.ts +++ b/packages/contracts/hardhat.config.ts @@ -339,7 +339,7 @@ const config: HardhatUserConfig = { }, gasPriceOracleCharge: { type: 'number', - default: 0, + default: 1, }, gasPriceOracleL1BaseFee: { type: 'number', @@ -347,7 +347,7 @@ const config: HardhatUserConfig = { }, gasPriceOracleL2GasPrice: { type: 'number', - default: 1, + default: 50_000_000, }, hfBerlinBlock: { type: 'number', diff --git a/packages/contracts/src/deploy-config.ts b/packages/contracts/src/deploy-config.ts index b2451ea0f..84cf50f4d 100644 --- a/packages/contracts/src/deploy-config.ts +++ b/packages/contracts/src/deploy-config.ts @@ -309,7 +309,7 @@ const configSpec: { }, gasPriceOracleCharge: { type: 'number', - default: 0, + default: 1, }, gasPriceOracleL1BaseFee: { type: 'number', @@ -317,7 +317,7 @@ const configSpec: { }, gasPriceOracleL2GasPrice: { type: 'number', - default: 1, + default: 50_000_000, }, hfBerlinBlock: { type: 'number', From 4d4f0c611a82170756d00636f3bb48c8b7284bc9 Mon Sep 17 00:00:00 2001 From: Sha3n Date: Tue, 27 Jun 2023 17:09:38 +0800 Subject: [PATCH 11/15] [R4R] - {0.4.2}: Bugfix/sigma mnt 11 (#1141) * [fix]: fix challenger * [fix]: ad context size check, add block size check * [fix]: fix batch-submitter readUint64 * [fix]: update go import --- batch-submitter/drivers/sequencer/encoding.go | 3 ++ .../drivers/sequencer/encoding_test.go | 39 ++++++++++++++++--- fraud-proof/rollup/types/tx_batch.go | 6 +++ mt-challenger/challenger/challenger.go | 5 +++ mt-challenger/challenger/challenger_test.go | 23 +++++++++++ 5 files changed, 70 insertions(+), 6 deletions(-) create mode 100644 mt-challenger/challenger/challenger_test.go diff --git a/batch-submitter/drivers/sequencer/encoding.go b/batch-submitter/drivers/sequencer/encoding.go index 18412429d..a2544f5c3 100644 --- a/batch-submitter/drivers/sequencer/encoding.go +++ b/batch-submitter/drivers/sequencer/encoding.go @@ -443,6 +443,9 @@ func writeUint64(w io.Writer, val uint64, n uint) error { // of `val`. func readUint64(r io.Reader, val *uint64, n uint) error { var buf [8]byte + if n > 8 { + return fmt.Errorf("bytes shift out of range") + } if _, err := r.Read(buf[8-n:]); err != nil { return err } diff --git a/batch-submitter/drivers/sequencer/encoding_test.go b/batch-submitter/drivers/sequencer/encoding_test.go index 40b4d46c4..bb0577e5d 100644 --- a/batch-submitter/drivers/sequencer/encoding_test.go +++ b/batch-submitter/drivers/sequencer/encoding_test.go @@ -2,8 +2,11 @@ package sequencer_test import ( "bytes" + "encoding/binary" "encoding/hex" "encoding/json" + "fmt" + "io" "os" "testing" @@ -15,10 +18,10 @@ import ( // TestBatchContextEncodeDecode tests the (de)serialization of a BatchContext // against the spec test vector. The encoding should be: -// - num_sequenced_txs: 3 bytes -// - num_subsequent_queue_txs: 3 bytes -// - timestamp: 5 bytes -// - block_number: 5 bytes +// - num_sequenced_txs: 3 bytes +// - num_subsequent_queue_txs: 3 bytes +// - timestamp: 5 bytes +// - block_number: 5 bytes func TestBatchContextEncodeDecode(t *testing.T) { t.Parallel() @@ -147,7 +150,7 @@ func testAppendSequencerBatchParamsEncodeDecode( // Finally, encode the decoded object and assert it matches the original // hex string. - paramsBytes, err := params.Serialize(sequencer.BatchTypeLegacy) + paramsBytes, err := params.Serialize(sequencer.BatchTypeLegacy, nil, nil) // Return early when testing error cases, no need to reserialize again if test.Error { @@ -159,7 +162,7 @@ func testAppendSequencerBatchParamsEncodeDecode( require.Equal(t, test.HexEncoding, hex.EncodeToString(paramsBytes)) // Serialize the batches in compressed form - compressedParamsBytes, err := params.Serialize(sequencer.BatchTypeZlib) + compressedParamsBytes, err := params.Serialize(sequencer.BatchTypeZlib, nil, nil) require.Nil(t, err) // Deserialize the compressed batch @@ -252,3 +255,27 @@ func TestIsMarkerContext(t *testing.T) { } require.True(t, batchContext.IsMarkerContext()) } + +func TestReadUint64(t *testing.T) { + readUint64 := func(r io.Reader, val *uint64, n uint) error { + var byteOrder = binary.BigEndian + var buf [8]byte + if n > 8 { + return fmt.Errorf("bytes shift out of range") + } + if _, err := r.Read(buf[8-n:]); err != nil { + return err + } + *val = byteOrder.Uint64(buf[:]) + return nil + } + + var be = make([]byte, 8) + var x uint64 + bytes.NewBuffer(be) + binary.BigEndian.PutUint64(be, 100) + require.NoError(t, readUint64(bytes.NewBuffer(be), &x, 8)) + require.Equal(t, x, uint64(100)) + + require.Error(t, readUint64(bytes.NewBuffer(be), &x, 9)) +} diff --git a/fraud-proof/rollup/types/tx_batch.go b/fraud-proof/rollup/types/tx_batch.go index d61882f83..d617fee66 100644 --- a/fraud-proof/rollup/types/tx_batch.go +++ b/fraud-proof/rollup/types/tx_batch.go @@ -47,10 +47,16 @@ func NewTxBatch(blocks []*types.Block, maxBatchSize uint64) *TxBatch { } func (b *TxBatch) LastBlockNumber() uint64 { + if len(b.Contexts) == 0 { + return 0 + } return b.Contexts[len(b.Contexts)-1].BlockNumber } func (b *TxBatch) LastBlockRoot() common.Hash { + if len(b.Blocks) == 0 { + return common.Hash{} + } return b.Blocks[len(b.Blocks)-1].Root() } diff --git a/mt-challenger/challenger/challenger.go b/mt-challenger/challenger/challenger.go index bf92c90e6..222fa2691 100644 --- a/mt-challenger/challenger/challenger.go +++ b/mt-challenger/challenger/challenger.go @@ -293,6 +293,11 @@ func (c *Challenger) constructFraudProof(store *graphView.DataStore, data []byte //then we shift over by 1 to get past the first 0 byte, and then (startingSymbolIndex % 31) startingSymbolIndex = (startingSymbolIndex/31)*32 + 1 + (startingSymbolIndex % 31) + //check frames range + if startingChunkIndex > len(frames) { + return nil, fmt.Errorf("startingChunkIndex is out of frames range, startingChunkIndex: %d, len(frames): %d", startingChunkIndex, len(frames)) + } + //generate parameters for proving data on chain //this is // polys: the []byte representation of the polynomials diff --git a/mt-challenger/challenger/challenger_test.go b/mt-challenger/challenger/challenger_test.go new file mode 100644 index 000000000..5412da474 --- /dev/null +++ b/mt-challenger/challenger/challenger_test.go @@ -0,0 +1,23 @@ +package challenger + +import ( + "fmt" + "testing" + + "github.com/stretchr/testify/require" +) + +func TestSliceRange(t *testing.T) { + var frames = make([]int, 10, 20) + testFunc := func(frames []int, startingChunkIndex int) error { + if startingChunkIndex > len(frames) { + return fmt.Errorf("startingChunkIndex is out of frames range, startingChunkIndex: %d, len(frames): %d", startingChunkIndex, len(frames)) + } else { + return nil + } + } + + require.NoError(t, testFunc(frames, len(frames)-1)) + require.NoError(t, testFunc(frames, len(frames))) + require.Error(t, testFunc(frames, len(frames)+1)) +} From d18c6801324cb0aa787ec6a5199b5129cf39b9e2 Mon Sep 17 00:00:00 2001 From: Sha3n Date: Tue, 27 Jun 2023 17:09:55 +0800 Subject: [PATCH 12/15] [R4R] - {0.4.2}: Bugfix/sigma mnt 26 (#1142) * [fix]: fix sigma MNT-26 * [fix]: return decode error when request rpc --- mt-batcher/services/restorer/handle.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mt-batcher/services/restorer/handle.go b/mt-batcher/services/restorer/handle.go index d0ca9f826..a8221c936 100644 --- a/mt-batcher/services/restorer/handle.go +++ b/mt-batcher/services/restorer/handle.go @@ -154,7 +154,7 @@ func (s *DaService) GetDtlBatchTransactionByDataStoreId(c gecho.Context) error { txDecodeMetaData := new(eigenda.TransactionMeta) if newBatchTxn[i].TxMeta == nil { log.Error("Batch tx metadata shouldn't be nil") - continue + return c.JSON(http.StatusBadRequest, errors.New("Batch tx metadata shouldn't be nil")) } err = json.Unmarshal(newBatchTxn[i].TxMeta, txDecodeMetaData) if err != nil { From 2df61b72f34fd6b7e6c19185c480220afa2ae117 Mon Sep 17 00:00:00 2001 From: Shijiang Guo Date: Tue, 27 Jun 2023 22:03:26 +0800 Subject: [PATCH 13/15] [R4R]: fix dtl tx status api bug (#1150) bugfix: fix dtl tx status api bug --- packages/data-transport-layer/src/services/server/service.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packages/data-transport-layer/src/services/server/service.ts b/packages/data-transport-layer/src/services/server/service.ts index 6e6b1b888..905626a13 100644 --- a/packages/data-transport-layer/src/services/server/service.ts +++ b/packages/data-transport-layer/src/services/server/service.ts @@ -794,7 +794,9 @@ export class L1TransportServer extends BaseService { const daBatch = await this.state.db.getRollupStoreByBatchIndex( transaction.batchIndex ) - datastore = await this.state.db.getDsById(daBatch.data_store_id) + datastore = await this.state.db.getDsById( + daBatch.data_store_id + this.options.mantleDaUpgradeDataStoreId + ) return { batch, From e19fe2f89372a01e65bf16bc4cc58efd89405d2f Mon Sep 17 00:00:00 2001 From: Shijiang Guo Date: Tue, 27 Jun 2023 22:04:10 +0800 Subject: [PATCH 14/15] [R4R]: node package version upgrade for release 0.4.2 (#1149) * feat: node package version upgrade for release 0.4.2 * fix sdk version bug --- integration-tests/package.json | 4 +-- mt-challenger/go.mod | 4 +++ mt-challenger/go.sum | 4 +++ packages/contracts/package.json | 2 +- packages/data-transport-layer/package.json | 4 +-- packages/fault-detector/package.json | 6 ++--- packages/message-relayer/package.json | 2 +- packages/sdk/package.json | 4 +-- yarn.lock | 29 ---------------------- 9 files changed, 19 insertions(+), 40 deletions(-) diff --git a/integration-tests/package.json b/integration-tests/package.json index 6ea5501b7..c3970a317 100644 --- a/integration-tests/package.json +++ b/integration-tests/package.json @@ -29,9 +29,9 @@ }, "devDependencies": { "@babel/eslint-parser": "^7.5.4", - "@mantleio/contracts": "0.1.0", + "@mantleio/contracts": "0.1.4", "@mantleio/core-utils": "0.1.0", - "@mantleio/sdk": "0.1.5", + "@mantleio/sdk": "0.2.1", "@ethersproject/abstract-provider": "^5.6.1", "@ethersproject/providers": "^5.6.8", "@ethersproject/transactions": "^5.6.2", diff --git a/mt-challenger/go.mod b/mt-challenger/go.mod index 0111c046a..af64e0186 100644 --- a/mt-challenger/go.mod +++ b/mt-challenger/go.mod @@ -25,6 +25,7 @@ require ( github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.15.1 github.com/shurcooL/graphql v0.0.0-20220606043923-3cf50f8a0a29 + github.com/stretchr/testify v1.8.4 github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 github.com/urfave/cli v1.22.14 google.golang.org/grpc v1.55.0 @@ -45,6 +46,7 @@ require ( github.com/consensys/bavard v0.1.13 // indirect github.com/consensys/gnark-crypto v0.8.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/davecgh/go-spew v1.1.1 // indirect github.com/deckarep/golang-set v1.8.0 // indirect github.com/decred/base58 v1.0.3 // indirect github.com/decred/dcrd/crypto/blake256 v1.0.0 // indirect @@ -76,6 +78,7 @@ require ( github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mmcloughlin/addchain v0.4.0 // indirect github.com/olekukonko/tablewriter v0.0.5 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.42.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect @@ -105,5 +108,6 @@ require ( google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect google.golang.org/protobuf v1.30.0 // indirect gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect rsc.io/tmplfunc v0.0.3 // indirect ) diff --git a/mt-challenger/go.sum b/mt-challenger/go.sum index 833f0fa52..fbc44e076 100644 --- a/mt-challenger/go.sum +++ b/mt-challenger/go.sum @@ -311,8 +311,10 @@ github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgo github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/labstack/echo/v4 v4.5.0/go.mod h1:czIriw4a0C1dFun+ObrXp7ok03xON0N1awStJ6ArI7Y= github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= github.com/leanovate/gopter v0.2.9 h1:fQjYxZaynp97ozCzfOyOuAGOU4aU/z37zf/tOujFk7c= @@ -404,6 +406,7 @@ github.com/rjeczalik/notify v0.9.2 h1:MiTWrPj55mNDHEiIX5YUSKefw/+lCQVoAFmD6oQm5w github.com/rjeczalik/notify v0.9.2/go.mod h1:aErll2f0sUX9PXZnVNyeiObbmTlk5jnMoCa4QEjJeqM= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rs/cors v1.8.2 h1:KCooALfAYGs415Cwu5ABvv9n9509fSiG5SQJn/AQo4U= github.com/rs/cors v1.8.2/go.mod h1:XyqrcTp5zjWr1wsJ8PIRZssZ8b/WMcMf71DJnit4EMU= github.com/rs/xid v1.3.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= @@ -821,6 +824,7 @@ google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= diff --git a/packages/contracts/package.json b/packages/contracts/package.json index fa8db2b3a..dd73bc374 100644 --- a/packages/contracts/package.json +++ b/packages/contracts/package.json @@ -1,6 +1,6 @@ { "name": "@mantleio/contracts", - "version": "0.1.3", + "version": "0.1.4", "description": "[Mantle] L1 and L2 smart contracts for Mantle", "main": "dist/index", "types": "dist/index", diff --git a/packages/data-transport-layer/package.json b/packages/data-transport-layer/package.json index 7762fe165..8f2f9e178 100644 --- a/packages/data-transport-layer/package.json +++ b/packages/data-transport-layer/package.json @@ -1,7 +1,7 @@ { "private": true, "name": "@mantleio/data-transport-layer", - "version": "0.1.1", + "version": "0.1.2", "description": "[Mantle] Service for shuttling data from L1 into L2", "main": "dist/index", "types": "dist/index", @@ -39,7 +39,7 @@ "@ethersproject/providers": "^5.6.8", "@ethersproject/transactions": "^5.6.2", "@mantleio/common-ts": "0.1.0", - "@mantleio/contracts": "0.1.3", + "@mantleio/contracts": "0.1.4", "@mantleio/core-utils": "0.1.0", "@sentry/node": "^6.3.1", "@sentry/tracing": "^6.3.1", diff --git a/packages/fault-detector/package.json b/packages/fault-detector/package.json index fbc97e7b0..2f3ed16a4 100644 --- a/packages/fault-detector/package.json +++ b/packages/fault-detector/package.json @@ -1,7 +1,7 @@ { "private": true, "name": "@mantleio/fault-detector", - "version": "0.1.0", + "version": "0.1.2", "description": "[Mantle] Service for detecting faulty L2 output proposals", "main": "dist/index", "types": "dist/index", @@ -48,9 +48,9 @@ }, "dependencies": { "@mantleio/common-ts": "0.1.0", - "@mantleio/contracts": "0.1.0", + "@mantleio/contracts": "0.1.4", "@mantleio/core-utils": "0.1.0", - "@mantleio/sdk": "0.1.6", + "@mantleio/sdk": "0.2.1", "@ethersproject/abstract-provider": "^5.6.1" } } diff --git a/packages/message-relayer/package.json b/packages/message-relayer/package.json index 035d0d9a0..14db68556 100644 --- a/packages/message-relayer/package.json +++ b/packages/message-relayer/package.json @@ -33,7 +33,7 @@ "dependencies": { "@mantleio/common-ts": "0.1.0", "@mantleio/core-utils": "0.1.0", - "@mantleio/sdk": "0.1.6", + "@mantleio/sdk": "0.2.1", "ethers": "^5.6.8" }, "devDependencies": { diff --git a/packages/sdk/package.json b/packages/sdk/package.json index 21420b7cf..601b1952c 100644 --- a/packages/sdk/package.json +++ b/packages/sdk/package.json @@ -1,6 +1,6 @@ { "name": "@mantleio/sdk", - "version": "0.1.6", + "version": "0.2.1", "description": "[Mantle] Tools for working with Mantle", "main": "dist/index", "types": "dist/index", @@ -47,7 +47,7 @@ "typedoc": "^0.22.13" }, "dependencies": { - "@mantleio/contracts": "0.1.3", + "@mantleio/contracts": "0.1.4", "@mantleio/core-utils": "0.1.0", "lodash": "^4.17.21", "merkletreejs": "^0.2.27", diff --git a/yarn.lock b/yarn.lock index 66b33fef5..2f869db0b 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2346,35 +2346,6 @@ npmlog "^4.1.2" write-file-atomic "^3.0.3" -"@mantleio/contracts@0.1.0": - version "0.1.0" - resolved "https://registry.npmjs.org/@mantleio/contracts/-/contracts-0.1.0.tgz" - integrity sha512-X79+qigsX55T88Xb9hN53gk1TAO7C67Q8NDVYg3/a566itmze2yXpd4uR9Gl1xK9uTmm2x6A+cYrnTPY9g2SOg== - dependencies: - "@ethersproject/abstract-provider" "^5.6.1" - "@ethersproject/abstract-signer" "^5.6.2" - "@mantleio/core-utils" "0.1.0" - -"@mantleio/contracts@0.1.2": - version "0.1.2" - resolved "https://registry.npmmirror.com/@mantleio/contracts/-/contracts-0.1.2.tgz#b4325a911ee182aa659586fcac60e511cedb3b25" - integrity sha512-189fW0ZfLEJYTX5py57nrIjfKjJplLTXLROvMGoIlgkGwFEeekZMGZoocfnlAA/KpM5ztG+4n+3ByDXFPuAzwg== - dependencies: - "@ethersproject/abstract-provider" "^5.6.1" - "@ethersproject/abstract-signer" "^5.6.2" - "@mantleio/core-utils" "0.1.0" - -"@mantleio/sdk@0.1.5": - version "0.1.5" - resolved "https://registry.npmmirror.com/@mantleio/sdk/-/sdk-0.1.5.tgz#40a50fa2959e732a8cf889083f8c094009c7cb86" - integrity sha512-jx2N6M8mhyfYhJfUDUXdTVrCWHY23UDK9Zo38ziOfoVJNO8JGlcGEF+hdDOPhjNaknra7wnDzcHyDw9qpJ2lCA== - dependencies: - "@mantleio/contracts" "0.1.2" - "@mantleio/core-utils" "0.1.0" - lodash "^4.17.21" - merkletreejs "^0.2.27" - rlp "^2.2.7" - "@manypkg/find-root@^1.1.0": version "1.1.0" resolved "https://registry.npmjs.org/@manypkg/find-root/-/find-root-1.1.0.tgz" From 3c21611098f51c0b62c630ef4eeed087b746f3a1 Mon Sep 17 00:00:00 2001 From: Sha3n Date: Tue, 27 Jun 2023 22:10:39 +0800 Subject: [PATCH 15/15] [R4R] - {0.4.2}: add change log (#1151) [fix]: add change log --- CHANGELOG.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a6fcff160..859954a25 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,29 @@ # Changelog + +## [v0.4.2-alpha.0](https://github.com/mantlenetworkio/mantle/commits/v0.4.2-alpha.0) - 2023-06-27 + +### Features +- Gas Oracle + - Add additional sources for exchange rates and optimize the calculation method for token ratio([#1014](https://github.com/mantlenetworkio/mantle/pull/1014),[#1108](https://github.com/mantlenetworkio/mantle/pull/1108)) + - Improve metrics monitoring([#1102](https://github.com/mantlenetworkio/mantle/pull/1102)) + - Added a strategy of real-time adjustment of layer1 overhead based on rollup capacity, to obtain a lower tx fee experience([#926](https://github.com/mantlenetworkio/mantle/pull/926)) +- L2 Fee Calculation + - Support L2 fee collection, optimize the method for setting L2 gas price and allow for floating within a certain range([#1144](https://github.com/mantlenetworkio/mantle/pull/1144)) +- Upgrade Framework + - Enhance the upgrade framework of l2geth to support management of upgrade heights across different networks([#1007](https://github.com/mantlenetworkio/mantle/pull/1007)) +- Batch Submitter + - Expose Tss expected response with metric data, enrich handle logics for unexpected case, enrich control workflow([#1107](https://github.com/mantlenetworkio/mantle/pull/1107)) +- L2geth + - Support debug api debug_traceCall([#940](https://github.com/mantlenetworkio/mantle/pull/940)) + +### Bug Fixes +- Fix issues of missing permission verification in contract([#1118](https://github.com/mantlenetworkio/mantle/pull/1118)) +- Fix issues of unreasonable contract naming convention([#1095](https://github.com/mantlenetworkio/mantle/pull/1095)) +- Fix smart contract related bugs in audit reports([#1043](https://github.com/mantlenetworkio/mantle/pull/1043), [#1138](https://github.com/mantlenetworkio/mantle/pull/1138)) +- Adjust checking strategies for staker staking of MantleDa contracts([#1120](https://github.com/mantlenetworkio/mantle/pull/1120), [#1103](https://github.com/mantlenetworkio/mantle/pull/1103)) +- Code optimization for batch-submitter, dtl and mt-batcher([#1063](https://github.com/mantlenetworkio/mantle/pull/1063), [#1045](https://github.com/mantlenetworkio/mantle/pull/1045), [#1043](https://github.com/mantlenetworkio/mantle/pull/1043)) +- Add permission verification to tss http api([#854](https://github.com/mantlenetworkio/mantle/pull/854)) + ## [v0.4.1](https://github.com/mantlenetworkio/mantle/commits/v0.4.1) - 2023-06-25 ### Bug Fixes