[tools] fix network address registration for validators (#74)

Co-authored-by: 0o-de-lally <[email protected]>

framework/libra-framework/sources/ol_sources/jail.move

@@ -49,6 +49,11 @@ module ol_framework::jail {
 
   /// Validator is misconfigured cannot unjail.
   const EVALIDATOR_CONFIG: u64 = 1;
+  /// You are not a validator in the current set, you can't unjail anyone.
+  const EVOUCHER_NOT_IN_SET: u64 = 2;
+
+  /// You not actually a valid voucher for this user. Did it expire?
+  const EU_NO_VOUCHER: u64 = 3;
 
   struct Jail has key {
       is_jailed: bool,
@@ -120,12 +125,13 @@ module ol_framework::jail {
       error::invalid_state(EVALIDATOR_CONFIG),
     );
     let voucher = signer::address_of(sender);
+    assert!(vouch::is_valid_voucher_for(voucher, addr), EU_NO_VOUCHER);
 
     let current_set = stake::get_current_validators();
     let (vouchers_in_set, _) = vouch::true_friends_in_list(addr, &current_set);
 
     let (is_found, _idx) = vector::index_of(&vouchers_in_set, &voucher);
-    assert!(is_found, 100103);
+    assert!(is_found, EVOUCHER_NOT_IN_SET);
 
     unjail(addr);
   }

framework/libra-framework/sources/ol_sources/vouch.move

@@ -149,6 +149,14 @@ module ol_framework::vouch {
       filtered_ancestry
     }
 
+    #[view]
+    /// check if the user is in fact a valid voucher
+    public fun is_valid_voucher_for(voucher: address, recipient: address):bool
+    acquires MyVouches {
+      let list = true_friends(recipient);
+      vector::contains(&list, &voucher)
+    }
+
 
     fun is_not_expired(voucher: address, state: &MyVouches): bool {
       let (found, i) = vector::index_of(&state.my_buddies, &voucher);

tools/config/Cargo.toml

@@ -22,6 +22,7 @@ diem-types = { workspace = true }
 libra-types = { workspace = true }
 libra-wallet = { workspace = true }
 reqwest = { workspace = true }
+serde_json = { workspace = true }
 tokio = { workspace = true }
 url = { workspace = true }
 

tools/config/src/config_cli.rs

@@ -1,6 +1,6 @@
 use crate::host::initialize_validator_configs;
 use crate::{legacy_config, make_profile};
-use anyhow::Result;
+use anyhow::{Context, Result};
 use clap::Parser;
 use libra_types::exports::AccountAddress;
 use libra_types::exports::AuthenticationKey;
@@ -9,6 +9,8 @@ use libra_types::exports::NamedChain;
 use libra_types::global_config_dir;
 use libra_types::legacy_types::app_cfg::{self, AppCfg};
 use libra_types::type_extensions::client_ext::ClientExt;
+use libra_wallet::utils::read_operator_file;
+use libra_wallet::validator_files::OPERATOR_FILE;
 use std::path::PathBuf;
 use url::Url;
 
@@ -83,7 +85,11 @@ enum ConfigSub {
         workspace: bool,
     },
     /// Generate validators' config file
-    ValidatorInit {},
+    ValidatorInit {
+        /// check the files generated
+        #[clap(short, long, default_value = "false")]
+        check: bool,
+    },
 }
 
 impl ConfigCli {
@@ -160,7 +166,50 @@ impl ConfigCli {
 
                 Ok(())
             }
-            Some(ConfigSub::ValidatorInit {}) => {
+            Some(ConfigSub::ValidatorInit { check }) => {
+                if *check {
+                    let home_dir = self.path.clone().unwrap_or_else(global_config_dir);
+
+                    let public_keys_file = home_dir.join(OPERATOR_FILE);
+
+                    let public_identity = read_operator_file(public_keys_file.as_path())?;
+                    println!("validator public credentials:");
+                    println!(
+                        "{}",
+                        serde_json::to_string_pretty(&public_identity).unwrap()
+                    );
+
+                    println!("network addresses:");
+                    let validator_net = public_identity.validator_host;
+                    let net_addr = validator_net
+                        .as_network_address(public_identity.validator_network_public_key)?;
+                    println!(
+                        "validator: {}",
+                        serde_json::to_string_pretty(&net_addr).unwrap()
+                    );
+
+                    if let Some(fn_host) = public_identity.full_node_host {
+                        let net_addr_fn = fn_host.as_network_address(
+                            public_identity.full_node_network_public_key.context(
+                                "expected a full_node_network_public_key in operator.yaml",
+                            )?,
+                        )?;
+
+                        println!(
+                            "vfn: {}",
+                            serde_json::to_string_pretty(&net_addr_fn).unwrap()
+                        );
+                    } else {
+                        println!("WARN: no config information found for Validator Full Node (VFN)")
+                    }
+
+                    println!(
+                        "\nNOTE: to check if this matches your mnemonic try `libra wallet whoami`"
+                    );
+
+                    return Ok(());
+                }
+
                 let data_path = global_config_dir();
                 if !&data_path.exists() {
                     println!(

tools/query/Cargo.toml

@@ -20,3 +20,4 @@ tokio = { workspace = true }
 
 [dev-dependencies]
 libra-smoke-tests = { workspace = true }
+hex = { workspace = true }

tools/query/src/query_type.rs

@@ -2,7 +2,7 @@ use crate::{
     account_queries::{get_account_balance_libra, get_tower_state, get_val_config},
     query_view::get_view,
 };
-use anyhow::{bail, Result};
+use anyhow::{bail, Context, Result};
 use diem_sdk::{rest_client::Client, types::account_address::AccountAddress};
 use indoc::indoc;
 use libra_types::exports::AuthenticationKey;
@@ -127,11 +127,6 @@ pub enum QueryType {
     //     /// what event sequence number to start querying from, if DB does not have all.
     //     seq_start: Option<u64>,
     // },
-    // /// get the validator's on-chain configuration, including network discovery addresses
-    // ValConfig {
-    //     /// the account of the validator
-    //     account: AccountAddress,
-    // },
 }
 
 impl QueryType {
@@ -192,8 +187,8 @@ impl QueryType {
           // make this readable, turn the network address into a string
           Ok(json!({
             "consensus_public_key": res.consensus_public_key,
-            "validator_network_addresses": res.validator_network_addresses().unwrap(),
-            "fullnode_network_addresses": res.fullnode_network_addresses().unwrap(),
+            "validator_network_addresses": res.validator_network_addresses().context("can't BCS decode the validator network address")?,
+            "fullnode_network_addresses": res.validator_network_addresses().context("can't BCS decode the fullnode network address")?,
             "validator_index": res.validator_index,
           }))
         }

tools/txs/src/txs_cli.rs

@@ -69,8 +69,10 @@ pub struct TxsCli {
 #[derive(clap::Subcommand)]
 pub enum TxsSub {
     #[clap(subcommand)]
+    /// Validator configuration transactions
     Validator(ValidatorTxs),
     #[clap(subcommand)]
+    /// Network upgrade transactions
     Upgrade(UpgradeTxs),
     /// Transfer coins between accounts. Transferring can also be used to create accounts.
     Transfer {

tools/txs/src/txs_cli_vals.rs

@@ -17,6 +17,7 @@ use libra_wallet::validator_files::OPERATOR_FILE;
 
 #[derive(clap::Subcommand)]
 pub enum ValidatorTxs {
+    /// txs proof-of-fee settings
     Pof {
         #[clap(short, long)]
         /// the percentage of the nominal reward you will bid to join the validator set. Numbers can include three decimal places: 1.234 is 123.4%. Note this is the maximum precision allowed in the bid (i.e. one decimal of a percent). Numbers with more decimals will be truncated (not rounded)
@@ -28,11 +29,13 @@ pub enum ValidatorTxs {
         /// eliminates the bid. There are only a limited amount of retractions that can happen in an epoch.
         retract: bool,
     },
+    /// jail and unjail transactions
     Jail {
         #[clap(short, long)]
         /// you are a voucher for a validator which is jailed. you are un-jailing this validator after checking that they are able to join again.
         unjail_acct: AccountAddress,
     },
+    /// vouch transactions
     Vouch {
         #[clap(short, long)]
         /// This is an account that you are vouching for. They may not be a validator account.
@@ -41,11 +44,13 @@ pub enum ValidatorTxs {
         /// If you are revoking the vouch for the account specified here.
         revoke: bool,
     },
+    /// register as a validator
     Register {
         #[clap(short('f'), long)]
         /// optional, Path to files with registration files
         operator_file: Option<PathBuf>,
     },
+    /// update validator configurations
     Update {
         #[clap(short('f'), long)]
         /// optional, Path to files with registration files
@@ -118,8 +123,8 @@ impl ValidatorTxs {
                 ValidatorUniverseRegisterValidator {
                     consensus_pubkey: oc.consensus_public_key.to_bytes().to_vec(),
                     proof_of_possession: oc.consensus_proof_of_possession.to_bytes().to_vec(),
-                    network_addresses: bcs::to_bytes(&val_net_protocol)?,
-                    fullnode_addresses: bcs::to_bytes(&vfn_fullnode_protocol)?,
+                    network_addresses: bcs::to_bytes(&vec![val_net_protocol])?,
+                    fullnode_addresses: bcs::to_bytes(&vec![vfn_fullnode_protocol])?,
                 }
             }
             ValidatorTxs::Update { operator_file } => {
@@ -146,8 +151,8 @@ impl ValidatorTxs {
 
                 StakeUpdateNetworkAndFullnodeAddresses {
                     validator_address: oc.operator_account_address.into(),
-                    new_network_addresses: bcs::to_bytes(&val_net_protocol)?,
-                    new_fullnode_addresses: bcs::to_bytes(&vfn_fullnode_protocol)?,
+                    new_network_addresses: bcs::to_bytes(&vec![val_net_protocol])?,
+                    new_fullnode_addresses: bcs::to_bytes(&vec![vfn_fullnode_protocol])?,
                 }
             }
         };

tools/txs/tests/encode_net_addr.rs

@@ -0,0 +1,24 @@
+use std::path::Path;
+
+use diem_genesis::config::OperatorConfiguration;
+use diem_types::network_address::NetworkAddress;
+
+#[test]
+fn encode_net_addr() -> anyhow::Result<()> {
+    let file = Path::new(env!("CARGO_MANIFEST_DIR")).join("tests/fixtures/operator.yaml");
+
+    let yaml_str = std::fs::read_to_string(file)?;
+
+    let oc: OperatorConfiguration = serde_yaml::from_str(&yaml_str)?;
+
+    let val_net_protocol = oc
+        .validator_host
+        .as_network_address(oc.validator_network_public_key)?;
+    let enc = bcs::to_bytes(&val_net_protocol)?;
+
+    // dbg!(&hex::encode(&enc));
+    let dec: NetworkAddress = bcs::from_bytes(&enc)?;
+    assert!(dec == val_net_protocol);
+
+    Ok(())
+}

tools/txs/tests/fixtures/operator.yaml

@@ -0,0 +1,12 @@
+operator_account_address: 40534327a3cfe4e93faf210b9b70e5958236a2ca6fb70eaa9d9ef351fdc2cf75
+operator_account_public_key: "0x8f73437282e51577421450e528cc91a36e3257199bb5bd4cd16c670355789cee"
+consensus_public_key: "0xb0d9d43e8f0e0d8939f11529d91a3acf39b5bbfd09e102491696f804c69bd786f7865939b326b94c3131b6666acc70eb"
+consensus_proof_of_possession: "0x8c788101bc1ef2f7ed7d5b663dc3031d5484f17792402ca9de033e727b037dca4bdba1c16f789e160ea23ab791c5ba3a0e8a1808279e9deca0976dd01011377661a494760cc5b560fba510d1e2e620d5de0d82305ce20d2d0ac59469d8b73f47"
+validator_network_public_key: "0x64d495a02294e7a7a4f3e6c3be8c9a9f813dfd1e86a2127a2a43ddc9313bc263"
+validator_host:
+  host: 134.209.32.159
+  port: 6180
+full_node_network_public_key: "0x737f357ddc2d6fa10a4020846898083bc18a3cb5ea80ba08db8bb0095509c973"
+full_node_host:
+  host: 134.209.32.159
+  port: 6182

tools/wallet/src/account_keys.rs

@@ -167,8 +167,14 @@ impl KeyChain {
         Ok(())
     }
 
-    pub fn display(&self) {
-        eprintln!("{}", serde_json::to_string_pretty(&self).unwrap());
+    pub fn display(&self, display_private: bool) {
+        if display_private {
+            eprintln!("{}", serde_json::to_string_pretty(&self).unwrap());
+        } else {
+            let owner = &self.child_0_owner;
+            println!("owner account: {}", owner.account);
+            // TODO: include more keys to derive
+        }
     }
 }
 

tools/wallet/src/keys.rs

@@ -73,6 +73,37 @@ pub fn refresh_validator_files(
     PrivateIdentity,
     PublicIdentity,
     KeyChain,
+)> {
+    let (validator_blob, vfn_blob, private_identity, public_identity, legacy_keys) =
+        make_validator_keys(mnem, keep_legacy_addr)?;
+
+    save_val_files(
+        output_opt,
+        &validator_blob,
+        &vfn_blob,
+        &private_identity,
+        &public_identity,
+    )?;
+
+    Ok((
+        validator_blob,
+        vfn_blob,
+        private_identity,
+        public_identity,
+        legacy_keys,
+    ))
+}
+
+/// create all the validator key structs from mnemonic
+pub fn make_validator_keys(
+    mnem: Option<String>,
+    keep_legacy_addr: bool,
+) -> anyhow::Result<(
+    IdentityBlob,
+    IdentityBlob,
+    PrivateIdentity,
+    PublicIdentity,
+    KeyChain,
 )> {
     let mut legacy_keys = if let Some(m) = mnem {
         get_keys_from_mnem(m)?
@@ -88,14 +119,6 @@ pub fn refresh_validator_files(
     let (validator_blob, vfn_blob, private_identity, public_identity) =
         generate_key_objects_from_legacy(&legacy_keys)?;
 
-    save_val_files(
-        output_opt,
-        &validator_blob,
-        &vfn_blob,
-        &private_identity,
-        &public_identity,
-    )?;
-
     Ok((
         validator_blob,
         vfn_blob,

tools/wallet/src/lib.rs

@@ -10,3 +10,4 @@ pub mod load_keys;
 pub mod utils;
 pub mod validator_files;
 pub mod wallet_cli;
+pub mod whoami;