From 697f6aebfe53ea5f0a06a20cb61fefad1877be7e Mon Sep 17 00:00:00 2001 From: shawayush Date: Sat, 28 Nov 2020 00:59:30 +0530 Subject: [PATCH 1/8] Documents to the function --- chains/irisnet/handlerIrisnet.go | 39 ++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/chains/irisnet/handlerIrisnet.go b/chains/irisnet/handlerIrisnet.go index 9479d58..86f379c 100644 --- a/chains/irisnet/handlerIrisnet.go +++ b/chains/irisnet/handlerIrisnet.go @@ -38,6 +38,11 @@ var ServicedTMCore chains.NodeType = chains.NodeType{Version: "0.32.2", Network: // ---------------------- DATA CONNECT INTERFACE -------------------------------- + +// RunDataConnect checks for errors while making connection with the base. +// This Error may include base connection establishment, creating TM Handler, +// handhsaking, upgrading connection of handshaking. It will also reattempt +// the connection. func RunDataConnect(peerAddr string, marlinTo chan marlinTypes.MarlinMessage, marlinFrom chan marlinTypes.MarlinMessage, @@ -93,6 +98,10 @@ func RunDataConnect(peerAddr string, } } +// dialPeer will check if the Peer has dialed succesfully or not, +// This function is used RunDataConnect, if there are errors +// found while dialling the connection then it will return +// an error to RunDataConnect, otherwise return "nil" func (h *TendermintHandler) dialPeer() error { var err error h.baseConnection, err = net.DialTimeout("tcp", h.peerAddr, 2000*time.Millisecond) @@ -103,6 +112,10 @@ func (h *TendermintHandler) dialPeer() error { return nil } +// acceptPeer will check the if the Peer has connected succesfully +// or not, this function is used in RunDataConnect, if there are +// errors found while making an successful connection then it will return +// an error to RunDataConnect, otherwise return "nil" func (h *TendermintHandler) acceptPeer() error { log.Info("TMCore side listening for dials to ", string(hex.EncodeToString(h.privateKey.PubKey().Address())), "@:", h.listenPort) @@ -120,6 +133,10 @@ func (h *TendermintHandler) acceptPeer() error { return nil } +// upgradeConnectionAndHandshake checks if there has been a secret +// connecton established or if there is a problem with handshaking. +// if no error has been captured, it will give a successful connection +// with Address and node info func (h *TendermintHandler) upgradeConnectionAndHandshake() error { var err error h.secretConnection, err = conn.MakeSecretConnection(h.baseConnection, h.privateKey) @@ -138,6 +155,12 @@ func (h *TendermintHandler) upgradeConnectionAndHandshake() error { return nil } +// handshake function follows the protocol set on amino spec, +// MarshalBinaryLengthPrefixed encodes the object according to the Amino spec +// same goes for UnmarshalBinaryLengthPrefixedReader +// Error encounterd while seniding handhshaking message or reciving +// using Amino spec will be checked here and +// returned to upgradeConnectionAndHandshake func (h *TendermintHandler) handshake() error { var ( errc = make(chan error, 2) @@ -183,6 +206,8 @@ func (h *TendermintHandler) handshake() error { return nil } +// forms a P2P connection with the registered node +// sends and recives routines accordingly func (h *TendermintHandler) beginServicing() error { // Register Messages RegisterPacket(h.codec) @@ -215,6 +240,13 @@ func (h *TendermintHandler) beginServicing() error { return nil } +// Datas are recived by TM Core +// sendRoutine sends PING and PONG message to TM Core +// case h.p2pConnection.pingTimer.C: Sends PING messages to TM Core +// case h.p2pConnection.pong: Sends PONG messages to TM Core +// case timeout: Check if PONG messages are received in time +// case h.signalShutSend: Block to Shut down sendRoutine +// case marlinmsg: messages are recived from the marlin relay func (h *TendermintHandler) sendRoutine() { log.Info("TMCore <- Connector Routine Started") @@ -394,6 +426,10 @@ func (h *TendermintHandler) sendRoutine() { } } +// Data processed and sent back +// case PacketPing: Received PING messages from TM Core +// case PacketPong: Received PONG messages from TM Core +// case PacketMsg: Actual message packets from TM Core (encoded form) func (h *TendermintHandler) recvRoutine() { log.Info("TMCore -> Connector Routine Started") @@ -619,6 +655,7 @@ FOR_LOOP: } } +//decodes the Consensus Messages From the Channel Buffer func (h *TendermintHandler) decodeConsensusMsgFromChannelBuffer(chanbuf []marlinTypes.PacketMsg) (ConsensusMessage, error) { var databuf []byte var msg ConsensusMessage @@ -633,6 +670,8 @@ func (h *TendermintHandler) decodeConsensusMsgFromChannelBuffer(chanbuf []marlin return msg, err } +// Stop the PONG time when the PING is called upon in +// recvRoutine func (c *P2PConnection) stopPongTimer() { if c.pongTimer != nil { _ = c.pongTimer.Stop() From ff5c6e31c684b07abdf255dfc289810cfa1b1a75 Mon Sep 17 00:00:00 2001 From: shawayush Date: Sat, 28 Nov 2020 17:54:07 +0530 Subject: [PATCH 2/8] Documents to complete Handler_iris --- chains/irisnet/handlerIrisnet.go | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/chains/irisnet/handlerIrisnet.go b/chains/irisnet/handlerIrisnet.go index 86f379c..52acf1a 100644 --- a/chains/irisnet/handlerIrisnet.go +++ b/chains/irisnet/handlerIrisnet.go @@ -682,6 +682,8 @@ func (c *P2PConnection) stopPongTimer() { // ---------------------- SPAM FILTER INTERFACE -------------------------------- // RunSpamFilter serves as the entry point for a TM Core handler when serving as a spamfilter +// This function also acts as filter at the very begining of the TM Core, spam filter depends +// on the Core count. Number of spam filter will be "2* core count". func RunSpamFilter(rpcAddr string, marlinTo chan marlinTypes.MarlinMessage, marlinFrom chan marlinTypes.MarlinMessage) { @@ -709,6 +711,10 @@ func RunSpamFilter(rpcAddr string, handler.throughput.presentThroughput(5, handler.signalShutThroughput) } +// Spam Filter executions begins from beginServicingSpamFilter +// this function will check for all possible spam from TM Core. +// Spam can also be produced from Marlin Relay. So beginServicingSpamFilter +// will also check for that. func (h *TendermintHandler) beginServicingSpamFilter(id int) { log.Info("Running TM side spam filter handler ", id) // Register Messages @@ -803,6 +809,8 @@ func (h *TendermintHandler) beginServicingSpamFilter(id int) { } } +// thoroughMessageCheck is used in beginServicingSpamFilter. +// thoroughMessageCheck verify the Messages from the Marlin Relay func (h *TendermintHandler) thoroughMessageCheck(msg ConsensusMessage) bool { switch msg.(type) { case *VoteMessage: @@ -830,6 +838,7 @@ func (h *TendermintHandler) thoroughMessageCheck(msg ConsensusMessage) bool { } } +// func (vote *Vote) SignBytes(chainID string, cdc *amino.Codec) []byte { bz, err := cdc.MarshalBinaryLengthPrefixed(CanonicalizeVote(chainID, vote)) if err != nil { @@ -838,6 +847,8 @@ func (vote *Vote) SignBytes(chainID string, cdc *amino.Codec) []byte { return bz } +// Get the height of block chain +// func (h *TendermintHandler) getValidators(height int64) ([]Validator, bool) { if height+10 < h.maxValidHeight { // Don't service messages too old @@ -892,6 +903,12 @@ func (h *TendermintHandler) getValidators(height int64) ([]Validator, bool) { } } +// spamVerdictMessage used in beginServicingSpamFilter. This function +// is used to store Messages of Marlin and even return the Boolean value +// in beginServicingSpamFilter, according to boolean value. flow of this +// function gets executed. If the messages are recived in the form of 0x01 +// channel, it will allow the request to be proccessed, otherwise it will +// deny it func (h *TendermintHandler) spamVerdictMessage(msg marlinTypes.MarlinMessage, allow bool) marlinTypes.MarlinMessage { if allow { return marlinTypes.MarlinMessage{ @@ -915,6 +932,7 @@ var isKeyFileUsed, memoized bool var keyFileLocation string var privateKey ed25519.PrivKeyEd25519 +//Generates privatekey and publickey func GenerateKeyFile(fileLocation string) { log.Info("Generating KeyPair for irisnet-0.16.3-mainnet") @@ -944,6 +962,7 @@ func GenerateKeyFile(fileLocation string) { log.Info("Successfully written keyfile ", fileLocation) } +// VerifyKeyFile verify's the 'key' file-location func VerifyKeyFile(fileLocation string) (bool, error) { log.Info("Accessing disk to extract info from KeyFile: ", fileLocation) jsonFile, err := os.Open(fileLocation) @@ -972,6 +991,8 @@ func VerifyKeyFile(fileLocation string) (bool, error) { } } +// This functions gets the private key from the keyfile! +// Also verifies the Keyfile integrity func getPrivateKey() ed25519.PrivKeyEd25519 { if !isKeyFileUsed { return ed25519.GenPrivKey() @@ -1010,7 +1031,7 @@ func getPrivateKey() ed25519.PrivKeyEd25519 { // ---------------------- COMMON UTILITIES --------------------------------- - +//Creates Tendermint Handler between Marlin Relay and TM Core func createTMHandler(peerAddr string, rpcAddr string, marlinTo chan marlinTypes.MarlinMessage, @@ -1055,6 +1076,7 @@ func createTMHandler(peerAddr string, }, nil } +//putInfo function into "to", "from", "spam" func (t *throughPutData) putInfo(direction string, key string, count uint32) { t.mu.Lock() switch direction { @@ -1067,7 +1089,8 @@ func (t *throughPutData) putInfo(direction string, key string, count uint32) { } t.mu.Unlock() } - +// This function display the logs/stats of marlin to +// and marlin from or SpamFilter func (t *throughPutData) presentThroughput(sec time.Duration, shutdownCh chan struct{}) { for { time.Sleep(sec * time.Second) From 3b3eef58c6529812b773b312ae7d6e55733a79b7 Mon Sep 17 00:00:00 2001 From: shawayush Date: Sat, 28 Nov 2020 22:55:24 +0530 Subject: [PATCH 3/8] Documentation of structsTendermint.go --- chains/irisnet/structsTendermint.go | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/chains/irisnet/structsTendermint.go b/chains/irisnet/structsTendermint.go index b3ecb9d..ffc395b 100644 --- a/chains/irisnet/structsTendermint.go +++ b/chains/irisnet/structsTendermint.go @@ -14,12 +14,15 @@ import ( "github.com/tendermint/tendermint/crypto/merkle" ) +// ProtocolVersion defines the structure consisting of P2P, block and App type ProtocolVersion struct { P2P uint64 `json:"p2p"` Block uint64 `json:"block"` App uint64 `json:"app"` } +// DefaultNodeInfo defines the structure consisting of ID, Listener Address, +// Chain/Network ID, Version(Major/Minor), Channels, Moniker type DefaultNodeInfo struct { ProtocolVersion ProtocolVersion `json:"protocol_version"` @@ -43,6 +46,7 @@ type DefaultNodeInfoOther struct { RPCAddress string `json:"rpc_address"` } +// P2PConnection defines the structure of P2P Layer type P2PConnection struct { conn net.Conn bufConnReader *bufio.Reader @@ -87,7 +91,8 @@ type P2PConnection struct { type Packet interface { AssertIsPacket() } - +// RegisterPacket registers the PING and PONG in the +// form of packet func RegisterPacket(cdc *amino.Codec) { cdc.RegisterInterface((*Packet)(nil), nil) cdc.RegisterConcrete(PacketPing{}, "tendermint/p2p/PacketPing", nil) @@ -99,18 +104,22 @@ func (_ PacketPing) AssertIsPacket() {} func (_ PacketPong) AssertIsPacket() {} func (_ PacketMsg) AssertIsPacket() {} +// Structure for Ping Packet type PacketPing struct { } +// Strucutre for Pong Packet type PacketPong struct { } +// Structure for Messages packet type PacketMsg struct { ChannelID byte EOF byte // 1 means message ends here. Bytes []byte } +// String fucntion for Channel ID, Bytes, EOF func (mp PacketMsg) String() string { return fmt.Sprintf("PacketMsg{%X:%X T:%X}", mp.ChannelID, mp.Bytes, mp.EOF) } @@ -120,6 +129,8 @@ type ConsensusMessage interface { ValidateBasic() error } +// RegisterConsensusMessages registers the Consensus Messages +// between tendermint and consensus layer func RegisterConsensusMessages(cdc *amino.Codec) { cdc.RegisterInterface((*ConsensusMessage)(nil), nil) cdc.RegisterConcrete(&NewRoundStepMessage{}, "tendermint/NewRoundStepMessage", nil) From 105e8f652b904cf0a338d51a60456aa6c242be7d Mon Sep 17 00:00:00 2001 From: shawayush Date: Sun, 29 Nov 2020 01:49:48 +0530 Subject: [PATCH 4/8] Documents to secret_connection.go --- chains/irisnet/conn/secret_connection.go | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/chains/irisnet/conn/secret_connection.go b/chains/irisnet/conn/secret_connection.go index 990261b..eef5449 100644 --- a/chains/irisnet/conn/secret_connection.go +++ b/chains/irisnet/conn/secret_connection.go @@ -256,6 +256,7 @@ func (sc *SecretConnection) SetWriteDeadline(t time.Time) error { return sc.conn.(net.Conn).SetWriteDeadline(t) } +// genEphKeys generates Ephemeral key-pair func genEphKeys() (ephPub, ephPriv *[32]byte) { var err error ephPub, ephPriv, err = box.GenerateKey(crand.Reader) @@ -264,7 +265,7 @@ func genEphKeys() (ephPub, ephPriv *[32]byte) { } return } - +// shareEphPubKey shares the generated Ephemeral key-pair func shareEphPubKey(conn io.ReadWriteCloser, locEphPub *[32]byte) (remEphPub *[32]byte, err error) { // Send our pubkey and receive theirs in tandem. @@ -335,6 +336,8 @@ var blacklist = [][32]byte{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f}, } +// hasSmallOrder used in shareEphPubKey, the function is used to +// check the if the Empherial key generated has small order or not func hasSmallOrder(pubKey [32]byte) bool { isSmallOrderPoint := false for _, bl := range blacklist { @@ -346,6 +349,9 @@ func hasSmallOrder(pubKey [32]byte) bool { return isSmallOrderPoint } +// Creates hash function according to challenge, generally the +// hash function created is encrypted with 256 bytes and here the +// last 32 bytes has been encrypted for the challenge func deriveSecretAndChallenge(dhSecret *[32]byte, locIsLeast bool) (recvSecret, sendSecret *[aeadKeySize]byte, challenge *[32]byte) { hash := sha256.New hkdf := hkdf.New(hash, dhSecret[:], nil, []byte("TENDERMINT_SECRET_CONNECTION_KEY_AND_CHALLENGE_GEN")) @@ -418,6 +424,8 @@ type authSigMessage struct { Sig []byte } +// Used in MakeSecretConnection and used to share the +// Authentic Share func shareAuthSignature(sc *SecretConnection, pubKey crypto.PubKey, signature []byte) (recvMsg authSigMessage, err error) { // Send our info and receive theirs in tandem. From 6f0715cca7489d2b2fce460bf1864796d8c9255e Mon Sep 17 00:00:00 2001 From: shawayush Date: Mon, 7 Dec 2020 06:15:32 +0530 Subject: [PATCH 5/8] Requested changes --- chains/irisnet/conn/secret_connection.go | 1 - chains/irisnet/handlerIrisnet.go | 64 +++++++++++------------- chains/irisnet/structsTendermint.go | 1 - 3 files changed, 29 insertions(+), 37 deletions(-) diff --git a/chains/irisnet/conn/secret_connection.go b/chains/irisnet/conn/secret_connection.go index eef5449..2d53fc6 100644 --- a/chains/irisnet/conn/secret_connection.go +++ b/chains/irisnet/conn/secret_connection.go @@ -256,7 +256,6 @@ func (sc *SecretConnection) SetWriteDeadline(t time.Time) error { return sc.conn.(net.Conn).SetWriteDeadline(t) } -// genEphKeys generates Ephemeral key-pair func genEphKeys() (ephPub, ephPriv *[32]byte) { var err error ephPub, ephPriv, err = box.GenerateKey(crand.Reader) diff --git a/chains/irisnet/handlerIrisnet.go b/chains/irisnet/handlerIrisnet.go index 52acf1a..74c8827 100644 --- a/chains/irisnet/handlerIrisnet.go +++ b/chains/irisnet/handlerIrisnet.go @@ -99,9 +99,8 @@ func RunDataConnect(peerAddr string, } // dialPeer will check if the Peer has dialed succesfully or not, -// This function is used RunDataConnect, if there are errors -// found while dialling the connection then it will return -// an error to RunDataConnect, otherwise return "nil" +// if there are errors found while dialling the connection then it +// will return an error to RunDataConnect, otherwise return "nil" func (h *TendermintHandler) dialPeer() error { var err error h.baseConnection, err = net.DialTimeout("tcp", h.peerAddr, 2000*time.Millisecond) @@ -113,9 +112,8 @@ func (h *TendermintHandler) dialPeer() error { } // acceptPeer will check the if the Peer has connected succesfully -// or not, this function is used in RunDataConnect, if there are -// errors found while making an successful connection then it will return -// an error to RunDataConnect, otherwise return "nil" +// or not, if there are errors found while making an successful connection +// then it will return an error to RunDataConnect, otherwise return "nil" func (h *TendermintHandler) acceptPeer() error { log.Info("TMCore side listening for dials to ", string(hex.EncodeToString(h.privateKey.PubKey().Address())), "@:", h.listenPort) @@ -133,7 +131,7 @@ func (h *TendermintHandler) acceptPeer() error { return nil } -// upgradeConnectionAndHandshake checks if there has been a secret +// upgradeConnectionAndHandshake establishes if there has been a secret // connecton established or if there is a problem with handshaking. // if no error has been captured, it will give a successful connection // with Address and node info @@ -156,8 +154,8 @@ func (h *TendermintHandler) upgradeConnectionAndHandshake() error { } // handshake function follows the protocol set on amino spec, -// MarshalBinaryLengthPrefixed encodes the object according to the Amino spec -// same goes for UnmarshalBinaryLengthPrefixedReader +// During the handshake the server client will exchange +// information required to establish the secure connection. // Error encounterd while seniding handhshaking message or reciving // using Amino spec will be checked here and // returned to upgradeConnectionAndHandshake @@ -206,7 +204,7 @@ func (h *TendermintHandler) handshake() error { return nil } -// forms a P2P connection with the registered node +// establishes a P2P connection with the TM Core // sends and recives routines accordingly func (h *TendermintHandler) beginServicing() error { // Register Messages @@ -240,13 +238,12 @@ func (h *TendermintHandler) beginServicing() error { return nil } -// Datas are recived by TM Core -// sendRoutine sends PING and PONG message to TM Core -// case h.p2pConnection.pingTimer.C: Sends PING messages to TM Core -// case h.p2pConnection.pong: Sends PONG messages to TM Core -// case timeout: Check if PONG messages are received in time -// case h.signalShutSend: Block to Shut down sendRoutine -// case marlinmsg: messages are recived from the marlin relay +// Datas are recived by TM Core. sendRoutine sends PING +// and PONG message to TM Core. Basically, it will +// Sends PING messages to TM Core or Sends PONG messages +// to TM Core or Check if PONG messages are received +// in time or Block to Shut down sendRoutine or +// messages are recived from the marlin relay. func (h *TendermintHandler) sendRoutine() { log.Info("TMCore <- Connector Routine Started") @@ -426,10 +423,9 @@ func (h *TendermintHandler) sendRoutine() { } } -// Data processed and sent back -// case PacketPing: Received PING messages from TM Core -// case PacketPong: Received PONG messages from TM Core -// case PacketMsg: Actual message packets from TM Core (encoded form) +// Data is processed and sent back +// Received PING and PONG messages from TM Core +// and Actual message packets are encoded from TM Core func (h *TendermintHandler) recvRoutine() { log.Info("TMCore -> Connector Routine Started") @@ -682,8 +678,7 @@ func (c *P2PConnection) stopPongTimer() { // ---------------------- SPAM FILTER INTERFACE -------------------------------- // RunSpamFilter serves as the entry point for a TM Core handler when serving as a spamfilter -// This function also acts as filter at the very begining of the TM Core, spam filter depends -// on the Core count. Number of spam filter will be "2* core count". +// Number of goroutines spawned will be "2* core count". func RunSpamFilter(rpcAddr string, marlinTo chan marlinTypes.MarlinMessage, marlinFrom chan marlinTypes.MarlinMessage) { @@ -712,7 +707,7 @@ func RunSpamFilter(rpcAddr string, } // Spam Filter executions begins from beginServicingSpamFilter -// this function will check for all possible spam from TM Core. +// this function will check for all possible spam at ingress point of Marlin Relay. // Spam can also be produced from Marlin Relay. So beginServicingSpamFilter // will also check for that. func (h *TendermintHandler) beginServicingSpamFilter(id int) { @@ -809,8 +804,8 @@ func (h *TendermintHandler) beginServicingSpamFilter(id int) { } } -// thoroughMessageCheck is used in beginServicingSpamFilter. -// thoroughMessageCheck verify the Messages from the Marlin Relay +// +// func (h *TendermintHandler) thoroughMessageCheck(msg ConsensusMessage) bool { switch msg.(type) { case *VoteMessage: @@ -904,11 +899,10 @@ func (h *TendermintHandler) getValidators(height int64) ([]Validator, bool) { } // spamVerdictMessage used in beginServicingSpamFilter. This function -// is used to store Messages of Marlin and even return the Boolean value -// in beginServicingSpamFilter, according to boolean value. flow of this -// function gets executed. If the messages are recived in the form of 0x01 -// channel, it will allow the request to be proccessed, otherwise it will -// deny it +// return the Boolean value in beginServicingSpamFilter, according to +// boolean value. flow of this function gets executed. If the messages +// are recived in the form of 0x01 channel, it will allow the request +// to be proccessed, otherwise it will deny it func (h *TendermintHandler) spamVerdictMessage(msg marlinTypes.MarlinMessage, allow bool) marlinTypes.MarlinMessage { if allow { return marlinTypes.MarlinMessage{ @@ -932,7 +926,8 @@ var isKeyFileUsed, memoized bool var keyFileLocation string var privateKey ed25519.PrivKeyEd25519 -//Generates privatekey and publickey +// Generates privatekey and publickey +// ED25519 Keypair is generated func GenerateKeyFile(fileLocation string) { log.Info("Generating KeyPair for irisnet-0.16.3-mainnet") @@ -1031,7 +1026,7 @@ func getPrivateKey() ed25519.PrivKeyEd25519 { // ---------------------- COMMON UTILITIES --------------------------------- -//Creates Tendermint Handler between Marlin Relay and TM Core +//Creates Handler object between Marlin Relay and TM Core func createTMHandler(peerAddr string, rpcAddr string, marlinTo chan marlinTypes.MarlinMessage, @@ -1089,8 +1084,7 @@ func (t *throughPutData) putInfo(direction string, key string, count uint32) { } t.mu.Unlock() } -// This function display the logs/stats of marlin to -// and marlin from or SpamFilter +// This function display the logs/stats of SpamFilter func (t *throughPutData) presentThroughput(sec time.Duration, shutdownCh chan struct{}) { for { time.Sleep(sec * time.Second) diff --git a/chains/irisnet/structsTendermint.go b/chains/irisnet/structsTendermint.go index ffc395b..bec6d96 100644 --- a/chains/irisnet/structsTendermint.go +++ b/chains/irisnet/structsTendermint.go @@ -130,7 +130,6 @@ type ConsensusMessage interface { } // RegisterConsensusMessages registers the Consensus Messages -// between tendermint and consensus layer func RegisterConsensusMessages(cdc *amino.Codec) { cdc.RegisterInterface((*ConsensusMessage)(nil), nil) cdc.RegisterConcrete(&NewRoundStepMessage{}, "tendermint/NewRoundStepMessage", nil) From 977e9da5b0ea806a57ed6659b3e38abbc1e85150 Mon Sep 17 00:00:00 2001 From: shawayush Date: Sun, 13 Dec 2020 11:38:14 +0530 Subject: [PATCH 6/8] Adds to secret_connection.go --- chains/irisnet/conn/secret_connection.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/chains/irisnet/conn/secret_connection.go b/chains/irisnet/conn/secret_connection.go index 2d53fc6..b966a47 100644 --- a/chains/irisnet/conn/secret_connection.go +++ b/chains/irisnet/conn/secret_connection.go @@ -255,7 +255,9 @@ func (sc *SecretConnection) SetReadDeadline(t time.Time) error { func (sc *SecretConnection) SetWriteDeadline(t time.Time) error { return sc.conn.(net.Conn).SetWriteDeadline(t) } - +// genEphKeys generates the Ephemeral key- pair. +// A cryptographic key is called Ephemeral if it is generated +// for each execution of a key establishment process. func genEphKeys() (ephPub, ephPriv *[32]byte) { var err error ephPub, ephPriv, err = box.GenerateKey(crand.Reader) @@ -335,8 +337,8 @@ var blacklist = [][32]byte{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f}, } -// hasSmallOrder used in shareEphPubKey, the function is used to -// check the if the Empherial key generated has small order or not +// hasSmallOrder is used to check the if the Empherial key +// generated has small order or not func hasSmallOrder(pubKey [32]byte) bool { isSmallOrderPoint := false for _, bl := range blacklist { From e4f5f999ab1efd30c912838ccdbe80691985bac7 Mon Sep 17 00:00:00 2001 From: shawayush Date: Sun, 13 Dec 2020 16:54:33 +0530 Subject: [PATCH 7/8] Documentation of secret_connection_test --- chains/irisnet/conn/secret_connection_test.go | 25 ++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/chains/irisnet/conn/secret_connection_test.go b/chains/irisnet/conn/secret_connection_test.go index 4a4c2a3..0589f5f 100644 --- a/chains/irisnet/conn/secret_connection_test.go +++ b/chains/irisnet/conn/secret_connection_test.go @@ -28,6 +28,7 @@ type kvstoreConn struct { *io.PipeWriter } +// Close function will close the established connection func (drw kvstoreConn) Close() (err error) { err2 := drw.PipeWriter.CloseWithError(io.EOF) err1 := drw.PipeReader.Close() @@ -44,6 +45,9 @@ func makeKVStoreConnPair() (fooConn, barConn kvstoreConn) { return kvstoreConn{fooReader, fooWriter}, kvstoreConn{barReader, barWriter} } +// makeSecretConnPair Establishes the secret connection pair +// Also makes sure that the connection has been established +// successfully, if not established successfully then return an error func makeSecretConnPair(tb testing.TB) (fooSecConn, barSecConn *SecretConnection) { var fooConn, barConn = makeKVStoreConnPair() @@ -92,6 +96,7 @@ func makeSecretConnPair(tb testing.TB) (fooSecConn, barSecConn *SecretConnection return } +// Tests the Handshake of Secret Connections func TestSecretConnectionHandshake(t *testing.T) { fooSecConn, barSecConn := makeSecretConnPair(t) if err := fooSecConn.Close(); err != nil { @@ -145,6 +150,7 @@ func TestComputeDHFailsOnLowOrder(t *testing.T) { } } +// Test for concurrent write func TestConcurrentWrite(t *testing.T) { fooSecConn, barSecConn := makeSecretConnPair(t) fooWriteText := cmn.RandStr(dataMaxSize) @@ -166,7 +172,7 @@ func TestConcurrentWrite(t *testing.T) { t.Error(err) } } - +// Test for concurrent read func TestConcurrentRead(t *testing.T) { fooSecConn, barSecConn := makeSecretConnPair(t) fooWriteText := cmn.RandStr(dataMaxSize) @@ -188,7 +194,7 @@ func TestConcurrentRead(t *testing.T) { t.Error(err) } } - +// writeLots writes in the fooSecConn, if not then return an error func writeLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, txt string, n int) { defer wg.Done() for i := 0; i < n; i++ { @@ -200,6 +206,7 @@ func writeLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, txt string, n in } } +// reads from fooSecConn func readLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, n int) { readBuffer := make([]byte, dataMaxSize) for i := 0; i < n; i++ { @@ -209,6 +216,9 @@ func readLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, n int) { wg.Done() } +// Test the secret connection has been established or not +// Also checks if the connection can read or write from node +// and even check the accurate number of bytes to be written func TestSecretConnectionReadWrite(t *testing.T) { fooConn, barConn := makeKVStoreConnPair() fooWrites, barWrites := []string{}, []string{} @@ -375,6 +385,8 @@ func (pk privKeyWithNilPubKey) Sign(msg []byte) ([]byte, error) { return pk.orig func (pk privKeyWithNilPubKey) PubKey() crypto.PubKey { return nil } func (pk privKeyWithNilPubKey) Equals(pk2 crypto.PrivKey) bool { return pk.orig.Equals(pk2) } +// TestNilPubkey checks if ed25519 public key has been +// generated, otherwise return error func TestNilPubkey(t *testing.T) { var fooConn, barConn = makeKVStoreConnPair() var fooPrvKey = ed25519.GenPrivKey() @@ -392,7 +404,10 @@ func TestNilPubkey(t *testing.T) { } }) } - +// TestNonEd25519Pubkey tests if public key ed25519 has been +// genreated or the secp256k1.PubKeySecp256k1 has been +// generated, if secp256k1.PubKeySecp256k1 has been genreated +// then it will throw the error of "secp256k1.PubKeySecp256k1" func TestNonEd25519Pubkey(t *testing.T) { var fooConn, barConn = makeKVStoreConnPair() var fooPrvKey = ed25519.GenPrivKey() @@ -431,6 +446,8 @@ func createGoldenTestVectors(t *testing.T) string { return data } +// Write to secret connection +// (need help) func BenchmarkWriteSecretConnection(b *testing.B) { b.StopTimer() b.ReportAllocs() @@ -479,6 +496,8 @@ func BenchmarkWriteSecretConnection(b *testing.B) { //barSecConn.Close() race condition } +// read to secret connection +// (need help) func BenchmarkReadSecretConnection(b *testing.B) { b.StopTimer() b.ReportAllocs() From 32a7e17ee2f180f0ec3135abc4112aa0ed480a67 Mon Sep 17 00:00:00 2001 From: shawayush Date: Sun, 13 Dec 2020 22:51:46 +0530 Subject: [PATCH 8/8] Documentation of Cosmos --- chains/cosmos/conn/secret_connection.go | 11 ++++ chains/cosmos/conn/secret_connection_test.go | 18 +++++++ chains/cosmos/handlerCosmos.go | 55 ++++++++++++++++++-- 3 files changed, 80 insertions(+), 4 deletions(-) diff --git a/chains/cosmos/conn/secret_connection.go b/chains/cosmos/conn/secret_connection.go index 990261b..a29b623 100644 --- a/chains/cosmos/conn/secret_connection.go +++ b/chains/cosmos/conn/secret_connection.go @@ -256,6 +256,9 @@ func (sc *SecretConnection) SetWriteDeadline(t time.Time) error { return sc.conn.(net.Conn).SetWriteDeadline(t) } +// genEphKeys generates the Ephemeral key- pair. +// A cryptographic key is called Ephemeral if it is generated +// for each execution of a key establishment process. func genEphKeys() (ephPub, ephPriv *[32]byte) { var err error ephPub, ephPriv, err = box.GenerateKey(crand.Reader) @@ -265,6 +268,7 @@ func genEphKeys() (ephPub, ephPriv *[32]byte) { return } +// shareEphPubKey shares the generated Ephemeral key-pair func shareEphPubKey(conn io.ReadWriteCloser, locEphPub *[32]byte) (remEphPub *[32]byte, err error) { // Send our pubkey and receive theirs in tandem. @@ -335,6 +339,8 @@ var blacklist = [][32]byte{ 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f}, } +// hasSmallOrder is used to check the if the Empherial key +// generated has small order or not func hasSmallOrder(pubKey [32]byte) bool { isSmallOrderPoint := false for _, bl := range blacklist { @@ -346,6 +352,9 @@ func hasSmallOrder(pubKey [32]byte) bool { return isSmallOrderPoint } +// Creates hash function according to challenge, generally the +// hash function created is encrypted with 256 bytes and here the +// last 32 bytes has been encrypted for the challenge func deriveSecretAndChallenge(dhSecret *[32]byte, locIsLeast bool) (recvSecret, sendSecret *[aeadKeySize]byte, challenge *[32]byte) { hash := sha256.New hkdf := hkdf.New(hash, dhSecret[:], nil, []byte("TENDERMINT_SECRET_CONNECTION_KEY_AND_CHALLENGE_GEN")) @@ -418,6 +427,8 @@ type authSigMessage struct { Sig []byte } +// Used in MakeSecretConnection and used to share the +// Authentic Share func shareAuthSignature(sc *SecretConnection, pubKey crypto.PubKey, signature []byte) (recvMsg authSigMessage, err error) { // Send our info and receive theirs in tandem. diff --git a/chains/cosmos/conn/secret_connection_test.go b/chains/cosmos/conn/secret_connection_test.go index 4a4c2a3..6211b4c 100644 --- a/chains/cosmos/conn/secret_connection_test.go +++ b/chains/cosmos/conn/secret_connection_test.go @@ -28,6 +28,7 @@ type kvstoreConn struct { *io.PipeWriter } +// Close function will close the established connection func (drw kvstoreConn) Close() (err error) { err2 := drw.PipeWriter.CloseWithError(io.EOF) err1 := drw.PipeReader.Close() @@ -44,6 +45,9 @@ func makeKVStoreConnPair() (fooConn, barConn kvstoreConn) { return kvstoreConn{fooReader, fooWriter}, kvstoreConn{barReader, barWriter} } +// makeSecretConnPair Establishes the secret connection pair +// Also makes sure that the connection has been established +// successfully, if not established successfully then return an error func makeSecretConnPair(tb testing.TB) (fooSecConn, barSecConn *SecretConnection) { var fooConn, barConn = makeKVStoreConnPair() @@ -92,6 +96,7 @@ func makeSecretConnPair(tb testing.TB) (fooSecConn, barSecConn *SecretConnection return } +// Tests the Handshake of Secret Connections func TestSecretConnectionHandshake(t *testing.T) { fooSecConn, barSecConn := makeSecretConnPair(t) if err := fooSecConn.Close(); err != nil { @@ -145,6 +150,7 @@ func TestComputeDHFailsOnLowOrder(t *testing.T) { } } +// Test for concurrent write func TestConcurrentWrite(t *testing.T) { fooSecConn, barSecConn := makeSecretConnPair(t) fooWriteText := cmn.RandStr(dataMaxSize) @@ -167,6 +173,7 @@ func TestConcurrentWrite(t *testing.T) { } } +// Test for concurrent read func TestConcurrentRead(t *testing.T) { fooSecConn, barSecConn := makeSecretConnPair(t) fooWriteText := cmn.RandStr(dataMaxSize) @@ -189,6 +196,7 @@ func TestConcurrentRead(t *testing.T) { } } +// writeLots writes in the fooSecConn, if not then return an error func writeLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, txt string, n int) { defer wg.Done() for i := 0; i < n; i++ { @@ -200,6 +208,7 @@ func writeLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, txt string, n in } } +// reads from fooSecConn func readLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, n int) { readBuffer := make([]byte, dataMaxSize) for i := 0; i < n; i++ { @@ -209,6 +218,9 @@ func readLots(t *testing.T, wg *sync.WaitGroup, conn net.Conn, n int) { wg.Done() } +// Test the secret connection has been established or not +// Also checks if the connection can read or write from node +// and even check the accurate number of bytes to be written func TestSecretConnectionReadWrite(t *testing.T) { fooConn, barConn := makeKVStoreConnPair() fooWrites, barWrites := []string{}, []string{} @@ -375,6 +387,8 @@ func (pk privKeyWithNilPubKey) Sign(msg []byte) ([]byte, error) { return pk.orig func (pk privKeyWithNilPubKey) PubKey() crypto.PubKey { return nil } func (pk privKeyWithNilPubKey) Equals(pk2 crypto.PrivKey) bool { return pk.orig.Equals(pk2) } +// TestNilPubkey checks if ed25519 public key has been +// generated, otherwise return error func TestNilPubkey(t *testing.T) { var fooConn, barConn = makeKVStoreConnPair() var fooPrvKey = ed25519.GenPrivKey() @@ -393,6 +407,10 @@ func TestNilPubkey(t *testing.T) { }) } +// TestNonEd25519Pubkey tests if public key ed25519 has been +// genreated or the secp256k1.PubKeySecp256k1 has been +// generated, if secp256k1.PubKeySecp256k1 has been genreated +// then it will throw the error of "secp256k1.PubKeySecp256k1" func TestNonEd25519Pubkey(t *testing.T) { var fooConn, barConn = makeKVStoreConnPair() var fooPrvKey = ed25519.GenPrivKey() diff --git a/chains/cosmos/handlerCosmos.go b/chains/cosmos/handlerCosmos.go index 08b80b8..2531fa7 100644 --- a/chains/cosmos/handlerCosmos.go +++ b/chains/cosmos/handlerCosmos.go @@ -38,6 +38,10 @@ var ServicedTMCore chains.NodeType = chains.NodeType{Version: "0.32.13", Network // ---------------------- DATA CONNECT INTERFACE -------------------------------- +//RunDataConnect checks for errors while making connection with the base. +// This Error may include base connection establishment, creating TM Handler, +// handhsaking, upgrading connection of handshaking. It will also reattempt +// the connection. func RunDataConnect(peerAddr string, marlinTo chan marlinTypes.MarlinMessage, marlinFrom chan marlinTypes.MarlinMessage, @@ -93,6 +97,9 @@ func RunDataConnect(peerAddr string, } } +// dialPeer will check if the Peer has dialed succesfully or not, +// if there are errors found while dialling the connection then it +// will return an error to RunDataConnect, otherwise return "nil" func (h *TendermintHandler) dialPeer() error { var err error h.baseConnection, err = net.DialTimeout("tcp", h.peerAddr, 2000*time.Millisecond) @@ -103,6 +110,9 @@ func (h *TendermintHandler) dialPeer() error { return nil } +// acceptPeer will check the if the Peer has connected succesfully +// or not, if there are errors found while making an successful connection +// then it will return an error to RunDataConnect, otherwise return "nil" func (h *TendermintHandler) acceptPeer() error { log.Info("TMCore side listening for dials to ", string(hex.EncodeToString(h.privateKey.PubKey().Address())), "@:", h.listenPort) @@ -120,6 +130,10 @@ func (h *TendermintHandler) acceptPeer() error { return nil } +// upgradeConnectionAndHandshake establishes if there has been a secret +// connecton established or if there is a problem with handshaking. +// if no error has been captured, it will give a successful connection +// with Address and node info func (h *TendermintHandler) upgradeConnectionAndHandshake() error { var err error h.secretConnection, err = conn.MakeSecretConnection(h.baseConnection, h.privateKey) @@ -138,6 +152,12 @@ func (h *TendermintHandler) upgradeConnectionAndHandshake() error { return nil } +// handshake function follows the protocol set on amino spec, +// During the handshake the server client will exchange +// information required to establish the secure connection. +// Error encounterd while seniding handhshaking message or reciving +// using Amino spec will be checked here and +// returned to upgradeConnectionAndHandshake func (h *TendermintHandler) handshake() error { var ( errc = make(chan error, 2) @@ -183,6 +203,8 @@ func (h *TendermintHandler) handshake() error { return nil } +// establishes a P2P connection with the TM Core +// sends and recives routines accordingly func (h *TendermintHandler) beginServicing() error { // Register Messages RegisterPacket(h.codec) @@ -215,6 +237,12 @@ func (h *TendermintHandler) beginServicing() error { return nil } +// Datas are recived by TM Core. sendRoutine sends PING +// and PONG message to TM Core. Basically, it will +// Sends PING messages to TM Core or Sends PONG messages +// to TM Core or Check if PONG messages are received +// in time or Block to Shut down sendRoutine or +// messages are recived from the marlin relay. func (h *TendermintHandler) sendRoutine() { log.Info("TMCore <- Connector Routine Started") @@ -394,6 +422,9 @@ func (h *TendermintHandler) sendRoutine() { } } +// Data is processed and sent back +// Received PING and PONG messages from TM Core +// and Actual message packets are encoded from TM Core func (h *TendermintHandler) recvRoutine() { log.Info("TMCore -> Connector Routine Started") @@ -618,7 +649,7 @@ FOR_LOOP: // Drain } } - +//decodes the Consensus Messages From the Channel Buffer func (h *TendermintHandler) decodeConsensusMsgFromChannelBuffer(chanbuf []marlinTypes.PacketMsg) (ConsensusMessage, error) { var databuf []byte var msg ConsensusMessage @@ -632,7 +663,7 @@ func (h *TendermintHandler) decodeConsensusMsgFromChannelBuffer(chanbuf []marlin err = h.codec.UnmarshalBinaryBare(databuf, &msg) return msg, err } - +// Stop the PONG time when the PING is called upon in recvRoutine func (c *P2PConnection) stopPongTimer() { if c.pongTimer != nil { _ = c.pongTimer.Stop() @@ -670,6 +701,10 @@ func RunSpamFilter(rpcAddr string, handler.throughput.presentThroughput(5, handler.signalShutThroughput) } +// Spam Filter executions begins from beginServicingSpamFilter +// this function will check for all possible spam at ingress point of Marlin Relay. +// Spam can also be produced from Marlin Relay. So beginServicingSpamFilter +// will also check for that. func (h *TendermintHandler) beginServicingSpamFilter(id int) { log.Info("Running TM side spam filter handler ", id) // Register Messages @@ -798,7 +833,7 @@ func (vote *Vote) SignBytes(chainID string, cdc *amino.Codec) []byte { } return bz } - +// Get the height of block chain func (h *TendermintHandler) getValidators(height int64) ([]Validator, bool) { if height+10 < h.maxValidHeight { // Don't service messages too old @@ -853,6 +888,11 @@ func (h *TendermintHandler) getValidators(height int64) ([]Validator, bool) { } } +// spamVerdictMessage used in beginServicingSpamFilter. This function +// return the Boolean value in beginServicingSpamFilter, according to +// boolean value. flow of this function gets executed. If the messages +// are recived in the form of 0x01 channel, it will allow the request +// to be proccessed, otherwise it will deny it func (h *TendermintHandler) spamVerdictMessage(msg marlinTypes.MarlinMessage, allow bool) marlinTypes.MarlinMessage { if allow { return marlinTypes.MarlinMessage{ @@ -876,6 +916,8 @@ var isKeyFileUsed, memoized bool var keyFileLocation string var privateKey ed25519.PrivKeyEd25519 +// Generates privatekey and publickey +// ED25519 Keypair is generated func GenerateKeyFile(fileLocation string) { log.Info("Generating KeyPair for cosmos-3-mainnet") @@ -905,6 +947,7 @@ func GenerateKeyFile(fileLocation string) { log.Info("Successfully written keyfile ", fileLocation) } +// VerifyKeyFile verify's the 'key' file-location func VerifyKeyFile(fileLocation string) (bool, error) { log.Info("Accessing disk to extract info from KeyFile: ", fileLocation) jsonFile, err := os.Open(fileLocation) @@ -933,6 +976,8 @@ func VerifyKeyFile(fileLocation string) (bool, error) { } } +// This functions gets the private key from the keyfile! +// Also verifies the Keyfile integrity func getPrivateKey() ed25519.PrivKeyEd25519 { if !isKeyFileUsed { return ed25519.GenPrivKey() @@ -972,6 +1017,7 @@ func getPrivateKey() ed25519.PrivKeyEd25519 { // ---------------------- COMMON UTILITIES --------------------------------- +//Creates Handler object between Marlin Relay and TM Core func createTMHandler(peerAddr string, rpcAddr string, marlinTo chan marlinTypes.MarlinMessage, @@ -1016,6 +1062,7 @@ func createTMHandler(peerAddr string, }, nil } +// This function display the logs/stats of SpamFilter func (t *throughPutData) putInfo(direction string, key string, count uint32) { t.mu.Lock() switch direction { @@ -1028,7 +1075,7 @@ func (t *throughPutData) putInfo(direction string, key string, count uint32) { } t.mu.Unlock() } - +// This function display the logs/stats of SpamFilter func (t *throughPutData) presentThroughput(sec time.Duration, shutdownCh chan struct{}) { for { time.Sleep(sec * time.Second)