def test_create_before_wait_timer_expires(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create a wait certificate for the genesis block so that we can
# create another wait certificate that has to play by the rules.
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
def test_create_before_wait_timer_expires(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create a wait certificate for the genesis block so that we can
# create another wait certificate that has to play by the rules.
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
def test_create_with_wrong_wait_timer(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
# Create two timers and try to create the wait certificate with the
# first one, which should fail as it is not the current wait timer
invalid_wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
certificates=[])
valid_wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
certificates=[])
# Verify that we cannot create a wait certificate with the old wait
# timer, but we can with the new one
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=invalid_wt,
block_hash="Reader's Digest")
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=valid_wt,
block_hash="Reader's Digest")
def test_create_before_wait_timer_expires(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
# Create a wait certificate for the genesis block so that we can
# create another wait certificate that has to play by the rules.
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
certificates=[])
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
certificates=[wc])
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
def test_has_expired(self):
# Need to create signup information first
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
# Verify that a timer doesn't expire before its creation time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=[])
self.assertFalse(wt.has_expired(wt.request_time - 1))
# Create a timer and when it has expired, verify that the duration is
# not greater than actual elapsed time.
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=[])
while not wt.has_expired(time.time()):
time.sleep(1)
self.assertLessEqual(wt.duration, time.time() - wt.request_time)
# Tampering with the duration should not affect wait timer expiration
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=[])
assigned_duration = wt.duration
wt.duration = 0
while not wt.has_expired(time.time()):
time.sleep(1)
self.assertLessEqual(assigned_duration, time.time() - wt.request_time)
# Tampering with the request time should not affect wait timer
# expiration
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=[])
assigned_request_time = wt.request_time
wt.request_time -= wt.duration
while not wt.has_expired(time.time()):
time.sleep(1)
self.assertLessEqual(wt.duration, time.time() - assigned_request_time)
def test_create_with_reused_wait_timer(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create a wait certificate for the genesis block so that we can
# create another wait certificate that has to play by the rules.
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
consumed_wt = wt
# Verify that we cannot use the consumed wait timer to create a wait
# certificate either before or after creating a new wait timer
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=consumed_wt,
block_hash="Reader's Digest")
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=consumed_wt,
block_hash="Reader's Digest")
# Verify that once the new timer expires, we can create a wait
# certificate with it
while not wt.has_expired(time.time()):
time.sleep(1)
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
def test_create_with_reused_wait_timer(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create a wait certificate for the genesis block so that we can
# create another wait certificate that has to play by the rules.
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
consumed_wt = wt
# Verify that we cannot use the consumed wait timer to create a wait
# certificate either before or after creating a new wait timer
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=consumed_wt,
block_hash="Reader's Digest")
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=consumed_wt,
block_hash="Reader's Digest")
# Verify that once the new timer expires, we can create a wait
# certificate with it
while not wt.has_expired(time.time()):
time.sleep(1)
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
def test_create_before_create_wait_timer(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Make sure that trying to create a wait certificate before creating
# a wait timer causes an error
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=None,
block_hash="Reader's Digest")
def test_create_before_create_wait_timer(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Make sure that trying to create a wait certificate before creating
# a wait timer causes an error
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=None,
block_hash="Reader's Digest")
def test_serialization(self):
# Need to create signup information and wait timer first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
certificates=[])
while not wt.has_expired(time.time()):
time.sleep(1)
# Now we can create a wait certificate and serialize
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
dumped = wc.dump()
self.assertIsNotNone(dumped.get('SerializedCertificate'))
self.assertIsNotNone(dumped.get('Signature'))
# Deserialize and verify that wait certificates are the same
# and that deserialized one is valid
wc_copy = \
WaitCertificate.wait_certificate_from_serialized(
poet_enclave_module=self.poet_enclave_module,
serialized=dumped.get('SerializedCertificate'),
signature=dumped.get('Signature'))
self.assertEqual(wc.previous_certificate_id,
wc_copy.previous_certificate_id)
self.assertAlmostEqual(wc.local_mean, wc_copy.local_mean)
self.assertAlmostEqual(wc.request_time, wc_copy.request_time)
self.assertAlmostEqual(wc.duration, wc_copy.duration)
self.assertEqual(wc.validator_address, wc_copy.validator_address)
self.assertEqual(wc.block_hash, wc_copy.block_hash)
self.assertEqual(wc.signature, wc_copy.signature)
self.assertEqual(wc.identifier, wc_copy.identifier)
# Serialize the copy and verify that its serialization and
# signature are the same
dumped_copy = wc_copy.dump()
self.assertTrue(dumped.get('SerializedCertificate'),
dumped_copy.get('SerializedCertificate'))
self.assertTrue(dumped.get('Signature'), dumped_copy.get('Signature'))
wc_copy.check_valid(poet_enclave_module=self.poet_enclave_module,
certificates=[],
poet_public_key=signup_info.poet_public_key)
def test_create_with_wrong_signup_data(self):
# Need to create signup information
signup_info = SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
signup_info2 = SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create two timers and try to create the wait certificate with the
# first one, which should fail as it is not the current wait timer
wt1 = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
wt2 = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info2.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Verify that we cannot create a wait certificate using the first
# wait timer with the second signup data
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info2.sealed_signup_data,
wait_timer=wt1,
block_hash="Reader's Digest")
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info2.sealed_signup_data,
wait_timer=wt2,
block_hash="Reader's Digest")
def test_create_with_wrong_signup_data(self):
# Need to create signup information
signup_info = SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
signup_info2 = SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create two timers and try to create the wait certificate with the
# first one, which should fail as it is not the current wait timer
wt1 = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
wt2 = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info2.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Verify that we cannot create a wait certificate using the first
# wait timer with the second signup data
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info2.sealed_signup_data,
wait_timer=wt1,
block_hash="Reader's Digest")
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info2.sealed_signup_data,
wait_timer=wt2,
block_hash="Reader's Digest")
def test_create(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
self.assertIsNotNone(signup_info.poet_public_key)
self.assertIsNotNone(signup_info.proof_data)
self.assertIsNotNone(signup_info.anti_sybil_id)
self.assertIsNotNone(signup_info.sealed_signup_data)
def test_create(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
self.assertIsNotNone(signup_info.poet_public_key)
self.assertIsNotNone(signup_info.proof_data)
self.assertIsNotNone(signup_info.anti_sybil_id)
self.assertIsNotNone(signup_info.sealed_signup_data)
def test_create(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
self.assertIsNotNone(signup_info.poet_public_key)
self.assertIsNotNone(signup_info.proof_data)
self.assertIsNotNone(signup_info.anti_sybil_id)
self.assertIsNotNone(signup_info.sealed_signup_data)
def test_non_matching_originator_public_key(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
with self.assertRaises(ValueError):
signup_info.check_valid(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._another_public_key_hash)
def test_create_with_invalid_certificate_list(self):
# Need to create signup information first
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
# Make sure that invalid certificate lists cause error
with self.assertRaises(TypeError):
wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=None)
with self.assertRaises(TypeError):
wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=dict())
with self.assertRaises(TypeError):
wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=1)
with self.assertRaises(TypeError):
wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates=1.0)
with self.assertRaises(TypeError):
wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
certificates='Not a valid list')
def test_check_valid(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
try:
signup_info.check_valid(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash)
except ValueError as e:
self.fail('Error with SignupInfo: {}'.format(e))
def test_unsealing_data(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
poet_public_key = \
SignupInfo.unseal_signup_data(
poet_enclave_module=poet_enclave,
sealed_signup_data=signup_info.sealed_signup_data)
self.assertEqual(
signup_info.poet_public_key,
poet_public_key,
msg="PoET public key in signup info and sealed data don't match")
def test_create_with_wrong_wait_timer(self):
# Need to create signup information
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create two timers and try to create the wait certificate with the
# first one, which should fail as it is not the current wait timer
invalid_wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
valid_wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Verify that we cannot create a wait certificate with the old wait
# timer, but we can with the new one
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=invalid_wt,
block_hash="Reader's Digest")
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=valid_wt,
block_hash="Reader's Digest")
def test_unsealing_data(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
poet_public_key = \
SignupInfo.unseal_signup_data(
poet_enclave_module=poet_enclave,
sealed_signup_data=signup_info.sealed_signup_data)
self.assertEqual(
signup_info.poet_public_key,
poet_public_key,
msg="PoET public key in signup info and sealed data don't match")
def test_unsealing_data(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
poet_public_key = \
SignupInfo.unseal_signup_data(
poet_enclave_module=poet_enclave,
validator_address='1660 Pennsylvania Avenue NW',
sealed_signup_data=signup_info.sealed_signup_data)
self.assertEqual(
signup_info.poet_public_key,
poet_public_key,
msg="PoET public key in signup info and sealed data don't match")
def test_serialization(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
serialized = signup_info.serialize()
copy_signup_info = \
SignupInfo.signup_info_from_serialized(
poet_enclave_module=poet_enclave,
serialized=serialized)
self.assertEqual(signup_info.poet_public_key,
copy_signup_info.poet_public_key)
self.assertEqual(signup_info.proof_data, copy_signup_info.proof_data)
self.assertEqual(signup_info.anti_sybil_id,
copy_signup_info.anti_sybil_id)
self.assertIsNone(copy_signup_info.sealed_signup_data)
def test_create_after_wait_timer_timed_out(self):
# Need to create signup information
signup_info = SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create a wait certificate for the genesis block so that we can
# create another wait certificate that has to play by the rules.
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
wait_timer=wt,
block_hash="Reader's Digest")
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
while not wt.has_expired(time.time()):
time.sleep(1)
time.sleep(self.poet_enclave_module.TIMER_TIMEOUT_PERIOD + 1)
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
wait_timer=wt,
block_hash="Reader's Digest")
def test_create_after_wait_timer_timed_out(self):
# Need to create signup information
signup_info = SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# Create a wait certificate for the genesis block so that we can
# create another wait certificate that has to play by the rules.
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
wait_timer=wt,
block_hash="Reader's Digest")
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
while not wt.has_expired(time.time()):
time.sleep(1)
time.sleep(self.poet_enclave_module.TIMER_TIMEOUT_PERIOD + 1)
with self.assertRaises(ValueError):
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data,
wait_timer=wt,
block_hash="Reader's Digest")
def test_non_matching_most_recent_wait_certificate_id(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
# NOTE - this requires that the signup information check for validity
# actually make this check. Currently the check is not done.
# Once the check is added back, it should raise a
# ValueError exception and this test will fail, alerting
# you that you need to wrap the call in self.assertRaises
#
# with self.assertRaises(ValueError):
signup_info.check_valid(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id='SomeFunkyCertificateID')
def test_serialization(self):
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
serialized = signup_info.serialize()
copy_signup_info = \
SignupInfo.signup_info_from_serialized(
poet_enclave_module=poet_enclave,
serialized=serialized)
self.assertEqual(
signup_info.poet_public_key,
copy_signup_info.poet_public_key)
self.assertEqual(signup_info.proof_data, copy_signup_info.proof_data)
self.assertEqual(
signup_info.anti_sybil_id,
copy_signup_info.anti_sybil_id)
self.assertIsNone(copy_signup_info.sealed_signup_data)
def test_serialization(self):
# Need to create signup information and wait timer first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature='00112233445566778899aabbccddeeff',
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_wait_certificate
mock_poet_enclave_wait_certificate = \
mock.Mock(duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
request_time=time.time(),
validator_address='1060 W Addison Street',
nonce=NULL_BLOCK_IDENTIFIER,
block_hash="Reader's Digest",
signature='00112233445566778899aabbccddeeff',
serialized_certificate=None)
# create mock_poet_enclave_module
mock_poet_enclave_module = mock.Mock()
mock_poet_enclave_module.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# set the mock enclave wait certificate and wait timer to
# have the same previous_certificate_id
mock_poet_enclave_wait_certificate.previous_certificate_id = \
mock_poet_enclave_wait_timer.previous_certificate_id
mock_poet_enclave_module.create_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
mock_poet_enclave_module.deserialize_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Now we can create a wait certificate and serialize
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=mock_poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
dumped = wc.dump()
self.assertIsNotNone(dumped.get('SerializedCertificate'))
self.assertIsNotNone(dumped.get('Signature'))
# Deserialize and verify that wait certificates are the same
# and that deserialized one is valid
wc_copy = \
WaitCertificate.wait_certificate_from_serialized(
poet_enclave_module=mock_poet_enclave_module,
serialized=dumped.get('SerializedCertificate'),
signature=dumped.get('Signature'))
self.assertEqual(
wc.previous_certificate_id,
wc_copy.previous_certificate_id)
self.assertEqual(wc.local_mean, wc_copy.local_mean)
self.assertAlmostEqual(wc.request_time, wc_copy.request_time)
self.assertAlmostEqual(wc.duration, wc_copy.duration)
self.assertEqual(wc.validator_address, wc_copy.validator_address)
self.assertEqual(wc.block_hash, wc_copy.block_hash)
self.assertEqual(wc.signature, wc_copy.signature)
self.assertEqual(wc.identifier, wc_copy.identifier)
# Serialize the copy and verify that its serialization and
# signature are the same
dumped_copy = wc_copy.dump()
self.assertTrue(
dumped.get('SerializedCertificate'),
dumped_copy.get('SerializedCertificate'))
self.assertTrue(
dumped.get('Signature'),
dumped_copy.get('Signature'))
wc_copy.check_valid(
poet_enclave_module=mock_poet_enclave_module,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
def test_create(self):
# Need to create signup information and wait timer first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature='00112233445566778899aabbccddeeff',
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_wait_certificate
mock_poet_enclave_wait_certificate = \
mock.Mock(duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
request_time=time.time(),
validator_address='1060 W Addison Street',
nonce=NULL_BLOCK_IDENTIFIER,
block_hash="Reader's Digest",
signature='00112233445566778899aabbccddeeff',
serialized_certificate='001122334455667'
'78899aabbccddeeff')
# create mock_poet_enclave_module
mock_poet_enclave_module = mock.Mock()
mock_poet_enclave_module.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# set the mock enclave wait certificate and wait timer to
# have the same request_time
mock_poet_enclave_wait_certificate.request_time = \
mock_poet_enclave_wait_timer.request_time
# set the mock enclave wait certificate and wait timer to
# have the same previous_certificate_id
mock_poet_enclave_wait_certificate.previous_certificate_id = \
mock_poet_enclave_wait_timer.previous_certificate_id
# set the identifier for mock_poet_enclave_wait_certificate
mock_poet_enclave_wait_certificate.identifier.return_value = \
mock_poet_enclave_wait_certificate.previous_certificate_id[:16]
mock_poet_enclave_module.create_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
mock_poet_enclave_module.deserialize_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
# create wait timer
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=mock_poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
self.assertIsNotNone(wc)
self.assertEqual(
wc.previous_certificate_id,
wt.previous_certificate_id)
self.assertAlmostEqual(wc.local_mean, wt.local_mean)
self.assertAlmostEqual(wc.request_time, wt.request_time)
self.assertAlmostEqual(wc.duration, wt.duration)
self.assertEqual(wc.validator_address, wt.validator_address)
self.assertEqual(wc.block_hash, "Reader's Digest")
self.assertIsNotNone(wc.signature)
self.assertIsNotNone(wc.identifier)
# A newly-created wait certificate should be valid
wc.check_valid(
poet_enclave_module=mock_poet_enclave_module,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
validator_info = \
ValidatorInfo(
id='validator_001',
signup_info=SignUpInfo(
poet_public_key='key_001'))
self.mock_consensus_state.validator_did_claim_block(
validator_info=validator_info,
wait_certificate=wc,
poet_settings_view=self.mock_poet_settings_view)
# Create another wait certificate and verify it is valid also
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
another_wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=mock_poet_enclave_module,
wait_timer=wt,
block_hash="Pepto Bismol")
another_wc.check_valid(
poet_enclave_module=mock_poet_enclave_module,
previous_certificate_id=wc.identifier,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
def test_create(self):
# Need to create signup information and wait timer first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
while not wt.has_expired(time.time()):
time.sleep(1)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
self.assertIsNotNone(wc)
self.assertEqual(
wc.previous_certificate_id,
wt.previous_certificate_id)
self.assertAlmostEqual(wc.local_mean, wt.local_mean)
self.assertAlmostEqual(wc.request_time, wt.request_time)
self.assertAlmostEqual(wc.duration, wt.duration)
self.assertEqual(wc.validator_address, wt.validator_address)
self.assertEqual(wc.block_hash, "Reader's Digest")
self.assertIsNotNone(wc.signature)
self.assertIsNotNone(wc.identifier)
# A newly-created wait certificate should be valid
wc.check_valid(
poet_enclave_module=self.poet_enclave_module,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
validator_info = \
ValidatorInfo(
id='validator_001',
signup_info=SignUpInfo(
poet_public_key='key_001'))
self.consensus_state.validator_did_claim_block(
validator_info=validator_info,
wait_certificate=wc,
poet_config_view=self.mock_poet_config_view)
# Create another wait certificate and verify it is valid also
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
while not wt.has_expired(time.time()):
time.sleep(1)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
another_wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Pepto Bismol")
another_wc.check_valid(
poet_enclave_module=self.poet_enclave_module,
previous_certificate_id=wc.identifier,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
def test_create(self):
# Need to create signup information first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
stake_in_the_sand = time.time()
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature=None,
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_simulator
mock_poet_enclave_simulator = mock.Mock()
mock_poet_enclave_simulator.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# An empty certificate list should result in a local mean that is
# the target wait time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertIsNotNone(wt)
self.assertEqual(wt.local_mean,
self.mock_poet_settings_view.target_wait_time)
self.assertEqual(wt.previous_certificate_id, NULL_BLOCK_IDENTIFIER)
self.assertGreaterEqual(wt.request_time, stake_in_the_sand)
self.assertLessEqual(wt.request_time, time.time())
self.assertGreaterEqual(wt.duration, TestWaitTimer.MINIMUM_WAIT_TIME)
self.assertEqual(wt.validator_address, '1060 W Addison Street')
# Ensure that the enclave is set back to initial state
self.poet_enclave_module = reload(poet_enclave)
stake_in_the_sand = time.time()
mock_poet_enclave_wait_timer.request_time = time.time()
# An empty certificate list should result in a local mean that is
# the target wait time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
sealed_signup_data=signup_info.sealed_signup_data,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertIsNotNone(wt)
self.assertEqual(wt.local_mean,
self.mock_poet_settings_view.target_wait_time)
self.assertEqual(wt.previous_certificate_id, NULL_BLOCK_IDENTIFIER)
self.assertGreaterEqual(wt.request_time, stake_in_the_sand)
self.assertLessEqual(wt.request_time, time.time())
self.assertGreaterEqual(wt.duration, TestWaitTimer.MINIMUM_WAIT_TIME)
self.assertEqual(wt.validator_address, '1060 W Addison Street')
def _register_signup_information(self, block_header, poet_enclave_module):
# Create signup information for this validator, putting the block ID
# of the block previous to the block referenced by block_header in the
# nonce. Block ID is better than wait certificate ID for testing
# freshness as we need to account for non-PoET blocks.
public_key_hash = \
hashlib.sha256(
block_header.signer_pubkey.encode()).hexdigest()
nonce = SignupInfo.block_id_to_nonce(block_header.previous_block_id)
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave_module,
originator_public_key_hash=public_key_hash,
nonce=nonce)
# Create the validator registry payload
payload = \
vr_pb.ValidatorRegistryPayload(
verb='register',
name='validator-{}'.format(block_header.signer_pubkey[:8]),
id=block_header.signer_pubkey,
signup_info=vr_pb.SignUpInfo(
poet_public_key=signup_info.poet_public_key,
proof_data=signup_info.proof_data,
anti_sybil_id=signup_info.anti_sybil_id,
nonce=nonce),
)
serialized = payload.SerializeToString()
# Create the address that will be used to look up this validator
# registry transaction. Seems like a potential for refactoring..
validator_entry_address = \
PoetBlockPublisher._validator_registry_namespace + \
hashlib.sha256(block_header.signer_pubkey.encode()).hexdigest()
# Create a transaction header and transaction for the validator
# registry update amd then hand it off to the batch publisher to
# send out.
output_addresses = \
[validator_entry_address,
PoetBlockPublisher._validator_map_address]
input_addresses = \
output_addresses + \
[SettingsView.setting_address(
'sawtooth.poet.report_public_key_pem'),
SettingsView.setting_address(
'sawtooth.poet.valid_enclave_measurements'),
SettingsView.setting_address(
'sawtooth.poet.valid_enclave_basenames')]
header = \
txn_pb.TransactionHeader(
signer_pubkey=block_header.signer_pubkey,
family_name='sawtooth_validator_registry',
family_version='1.0',
inputs=input_addresses,
outputs=output_addresses,
dependencies=[],
payload_sha512=hashlib.sha512(serialized).hexdigest(),
batcher_pubkey=block_header.signer_pubkey,
nonce=time.time().hex().encode()).SerializeToString()
signature = \
signing.sign(header, self._batch_publisher.identity_signing_key)
transaction = \
txn_pb.Transaction(
header=header,
payload=serialized,
header_signature=signature)
LOGGER.info(
'Register Validator Name=%s, ID=%s...%s, PoET public key=%s...%s, '
'Nonce=%s',
payload.name,
payload.id[:8],
payload.id[-8:],
payload.signup_info.poet_public_key[:8],
payload.signup_info.poet_public_key[-8:],
nonce)
self._batch_publisher.send([transaction])
# Store the key state so that we can look it up later if need be and
# set the new key as our active key
LOGGER.info(
'Save key state PPK=%s...%s => SSD=%s...%s',
signup_info.poet_public_key[:8],
signup_info.poet_public_key[-8:],
signup_info.sealed_signup_data[:8],
signup_info.sealed_signup_data[-8:])
self._poet_key_state_store[signup_info.poet_public_key] = \
PoetKeyState(
sealed_signup_data=signup_info.sealed_signup_data,
has_been_refreshed=False)
self._poet_key_state_store.active_key = signup_info.poet_public_key
def do_create(args):
"""Executes the `poet registration` subcommand.
This command generates a validator registry transaction and saves it to a
file, whose location is determined by the args. The signup data, generated
by the selected enclave, is also stored in a well-known location.
"""
signer = _read_signer(args.key)
public_key = signer.get_public_key().as_hex()
public_key_hash = sha256(public_key.encode()).hexdigest()
with PoetEnclaveModuleWrapper(
enclave_module=args.enclave_module,
config_dir=config.get_config_dir(),
data_dir=config.get_data_dir()) as poet_enclave_module:
signup_info = SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave_module,
originator_public_key_hash=public_key_hash,
nonce=SignupInfo.block_id_to_nonce(args.block))
print('Writing key state for PoET public key: {}...{}'.format(
signup_info.poet_public_key[:8], signup_info.poet_public_key[-8:]))
# Store the newly-created PoET key state, associating it with its
# corresponding public key
poet_key_state_store = \
PoetKeyStateStore(
data_dir=config.get_data_dir(),
validator_id=public_key)
poet_key_state_store[signup_info.poet_public_key] = \
PoetKeyState(
sealed_signup_data=signup_info.sealed_signup_data,
has_been_refreshed=False)
# Create the validator registry payload
payload = \
vr_pb.ValidatorRegistryPayload(
verb='register',
name='validator-{}'.format(public_key[:8]),
id=public_key,
signup_info=vr_pb.SignUpInfo(
poet_public_key=signup_info.poet_public_key,
proof_data=signup_info.proof_data,
anti_sybil_id=signup_info.anti_sybil_id,
nonce=SignupInfo.block_id_to_nonce(args.block)))
serialized = payload.SerializeToString()
# Create the address that will be used to look up this validator
# registry transaction. Seems like a potential for refactoring..
validator_entry_address = \
VR_NAMESPACE + sha256(public_key.encode()).hexdigest()
# Create a transaction header and transaction for the validator
# registry update amd then hand it off to the batch publisher to
# send out.
output_addresses = [validator_entry_address, VALIDATOR_MAP_ADDRESS]
input_addresses = \
output_addresses + \
[SettingsView.setting_address('sawtooth.poet.report_public_key_pem'),
SettingsView.setting_address('sawtooth.poet.'
'valid_enclave_measurements'),
SettingsView.setting_address('sawtooth.poet.valid_enclave_basenames')]
header = \
txn_pb.TransactionHeader(
signer_public_key=public_key,
family_name='sawtooth_validator_registry',
family_version='1.0',
inputs=input_addresses,
outputs=output_addresses,
dependencies=[],
payload_sha512=sha512(serialized).hexdigest(),
batcher_public_key=public_key,
nonce=time.time().hex().encode()).SerializeToString()
signature = signer.sign(header)
transaction = \
txn_pb.Transaction(
header=header,
payload=serialized,
header_signature=signature)
batch = _create_batch(signer, [transaction])
batch_list = batch_pb.BatchList(batches=[batch])
try:
print('Generating {}'.format(args.output))
with open(args.output, 'wb') as batch_file:
batch_file.write(batch_list.SerializeToString())
except IOError as e:
raise CliException('Unable to write to batch file: {}'.format(str(e)))
def _register_signup_information(self, block_header, poet_enclave_module):
# Find the most-recent block in the block cache, if such a block
# exists, and get its wait certificate ID
wait_certificate_id = NULL_BLOCK_IDENTIFIER
most_recent_block = self._block_cache.block_store.chain_head
if most_recent_block is not None:
wait_certificate = \
utils.deserialize_wait_certificate(
block=most_recent_block,
poet_enclave_module=poet_enclave_module)
if wait_certificate is not None:
wait_certificate_id = wait_certificate.identifier
# Create signup information for this validator
public_key_hash = \
hashlib.sha256(
block_header.signer_pubkey.encode()).hexdigest()
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave_module,
validator_address=block_header.signer_pubkey,
originator_public_key_hash=public_key_hash,
most_recent_wait_certificate_id=wait_certificate_id)
# Create the validator registry payload
payload = \
vr_pb.ValidatorRegistryPayload(
verb='register',
name='validator-{}'.format(block_header.signer_pubkey[:8]),
id=block_header.signer_pubkey,
signup_info=vr_pb.SignUpInfo(
poet_public_key=signup_info.poet_public_key,
proof_data=signup_info.proof_data,
anti_sybil_id=signup_info.anti_sybil_id),
)
serialized = payload.SerializeToString()
# Create the address that will be used to look up this validator
# registry transaction. Seems like a potential for refactoring..
validator_entry_address = \
PoetBlockPublisher._validator_registry_namespace + \
hashlib.sha256(block_header.signer_pubkey.encode()).hexdigest()
# Create a transaction header and transaction for the validator
# registry update amd then hand it off to the batch publisher to
# send out.
addresses = \
[validator_entry_address,
PoetBlockPublisher._validator_map_address]
header = \
txn_pb.TransactionHeader(
signer_pubkey=block_header.signer_pubkey,
family_name='sawtooth_validator_registry',
family_version='1.0',
inputs=addresses,
outputs=addresses,
dependencies=[],
payload_encoding="application/protobuf",
payload_sha512=hashlib.sha512(serialized).hexdigest(),
batcher_pubkey=block_header.signer_pubkey,
nonce=time.time().hex().encode()).SerializeToString()
signature = \
signing.sign(header, self._batch_publisher.identity_signing_key)
transaction = \
txn_pb.Transaction(
header=header,
payload=serialized,
header_signature=signature)
LOGGER.info(
'Register Validator Name=%s, ID=%s...%s, PoET public key=%s...%s',
payload.name, payload.id[:8], payload.id[-8:],
payload.signup_info.poet_public_key[:8],
payload.signup_info.poet_public_key[-8:])
self._batch_publisher.send([transaction])
# Store the key state so that we can look it up later if need be
LOGGER.info('Save key state PPK=%s...%s => SSD=%s...%s',
signup_info.poet_public_key[:8],
signup_info.poet_public_key[-8:],
signup_info.sealed_signup_data[:8],
signup_info.sealed_signup_data[-8:])
self._poet_key_state_store[signup_info.poet_public_key] = \
PoetKeyState(
sealed_signup_data=signup_info.sealed_signup_data,
has_been_refreshed=False)
# Cache the PoET public key in a class to indicate that this is the
# current public key for the PoET enclave
PoetBlockPublisher._poet_public_key = signup_info.poet_public_key
def test_create(self):
# Need to create signup information and wait timer first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
originator_public_key_hash=self._originator_public_key_hash,
most_recent_wait_certificate_id=NULL_BLOCK_IDENTIFIER)
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
certificates=[])
while not wt.has_expired(time.time()):
time.sleep(1)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
self.assertIsNotNone(wc)
self.assertEqual(wc.previous_certificate_id,
wt.previous_certificate_id)
self.assertAlmostEqual(wc.local_mean, wt.local_mean)
self.assertAlmostEqual(wc.request_time, wt.request_time)
self.assertAlmostEqual(wc.duration, wt.duration)
self.assertEqual(wc.validator_address, wt.validator_address)
self.assertEqual(wc.block_hash, "Reader's Digest")
self.assertIsNotNone(wc.signature)
self.assertIsNotNone(wc.identifier)
# A newly-created wait certificate should be valid
wc.check_valid(poet_enclave_module=self.poet_enclave_module,
certificates=[],
poet_public_key=signup_info.poet_public_key)
# Create another wait certificate and verify it is valid also
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
certificates=[wc])
while not wt.has_expired(time.time()):
time.sleep(1)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
another_wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=self.poet_enclave_module,
wait_timer=wt,
block_hash="Pepto Bismol")
another_wc.check_valid(poet_enclave_module=self.poet_enclave_module,
certificates=[wc],
poet_public_key=signup_info.poet_public_key)
def test_create(self):
# Need to create signup information and wait timer first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature='00112233445566778899aabbccddeeff',
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_wait_certificate
mock_poet_enclave_wait_certificate = \
mock.Mock(duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
request_time=time.time(),
validator_address='1060 W Addison Street',
nonce=NULL_BLOCK_IDENTIFIER,
block_hash="Reader's Digest",
signature='00112233445566778899aabbccddeeff',
serialized_certificate='001122334455667'
'78899aabbccddeeff')
# create mock_poet_enclave_module
mock_poet_enclave_module = mock.Mock()
mock_poet_enclave_module.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# set the mock enclave wait certificate and wait timer to
# have the same request_time
mock_poet_enclave_wait_certificate.request_time = \
mock_poet_enclave_wait_timer.request_time
# set the mock enclave wait certificate and wait timer to
# have the same previous_certificate_id
mock_poet_enclave_wait_certificate.previous_certificate_id = \
mock_poet_enclave_wait_timer.previous_certificate_id
# set the identifier for mock_poet_enclave_wait_certificate
mock_poet_enclave_wait_certificate.identifier.return_value = \
mock_poet_enclave_wait_certificate.previous_certificate_id[:16]
mock_poet_enclave_module.create_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
mock_poet_enclave_module.deserialize_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
# create wait timer
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=mock_poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
self.assertIsNotNone(wc)
self.assertEqual(wc.previous_certificate_id,
wt.previous_certificate_id)
self.assertAlmostEqual(wc.local_mean, wt.local_mean)
self.assertAlmostEqual(wc.request_time, wt.request_time)
self.assertAlmostEqual(wc.duration, wt.duration)
self.assertEqual(wc.validator_address, wt.validator_address)
self.assertEqual(wc.block_hash, "Reader's Digest")
self.assertIsNotNone(wc.signature)
self.assertIsNotNone(wc.identifier)
# A newly-created wait certificate should be valid
wc.check_valid(poet_enclave_module=mock_poet_enclave_module,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
validator_info = \
ValidatorInfo(
id='validator_001',
signup_info=SignUpInfo(
poet_public_key='key_001'))
self.mock_consensus_state.validator_did_claim_block(
validator_info=validator_info,
wait_certificate=wc,
poet_settings_view=self.mock_poet_settings_view)
# Create another wait certificate and verify it is valid also
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=wc.identifier,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Now we can create a wait certificate and verify that it correlates
# to the wait timer we just created
another_wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=mock_poet_enclave_module,
wait_timer=wt,
block_hash="Pepto Bismol")
another_wc.check_valid(poet_enclave_module=mock_poet_enclave_module,
previous_certificate_id=wc.identifier,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
def test_serialization(self):
# Need to create signup information and wait timer first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature='00112233445566778899aabbccddeeff',
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_wait_certificate
mock_poet_enclave_wait_certificate = \
mock.Mock(duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
request_time=time.time(),
validator_address='1060 W Addison Street',
nonce=NULL_BLOCK_IDENTIFIER,
block_hash="Reader's Digest",
signature='00112233445566778899aabbccddeeff',
serialized_certificate=None)
# create mock_poet_enclave_module
mock_poet_enclave_module = mock.Mock()
mock_poet_enclave_module.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# set the mock enclave wait certificate and wait timer to
# have the same previous_certificate_id
mock_poet_enclave_wait_certificate.previous_certificate_id = \
mock_poet_enclave_wait_timer.previous_certificate_id
mock_poet_enclave_module.create_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
mock_poet_enclave_module.deserialize_wait_certificate.return_value = \
mock_poet_enclave_wait_certificate
wt = \
WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Now we can create a wait certificate and serialize
wc = \
WaitCertificate.create_wait_certificate(
poet_enclave_module=mock_poet_enclave_module,
wait_timer=wt,
block_hash="Reader's Digest")
dumped = wc.dump()
self.assertIsNotNone(dumped.get('SerializedCertificate'))
self.assertIsNotNone(dumped.get('Signature'))
# Deserialize and verify that wait certificates are the same
# and that deserialized one is valid
wc_copy = \
WaitCertificate.wait_certificate_from_serialized(
poet_enclave_module=mock_poet_enclave_module,
serialized=dumped.get('SerializedCertificate'),
signature=dumped.get('Signature'))
self.assertEqual(wc.previous_certificate_id,
wc_copy.previous_certificate_id)
self.assertEqual(wc.local_mean, wc_copy.local_mean)
self.assertAlmostEqual(wc.request_time, wc_copy.request_time)
self.assertAlmostEqual(wc.duration, wc_copy.duration)
self.assertEqual(wc.validator_address, wc_copy.validator_address)
self.assertEqual(wc.block_hash, wc_copy.block_hash)
self.assertEqual(wc.signature, wc_copy.signature)
self.assertEqual(wc.identifier, wc_copy.identifier)
# Serialize the copy and verify that its serialization and
# signature are the same
dumped_copy = wc_copy.dump()
self.assertTrue(dumped.get('SerializedCertificate'),
dumped_copy.get('SerializedCertificate'))
self.assertTrue(dumped.get('Signature'), dumped_copy.get('Signature'))
wc_copy.check_valid(poet_enclave_module=mock_poet_enclave_module,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
poet_public_key=signup_info.poet_public_key,
consensus_state=self.mock_consensus_state,
poet_settings_view=self.mock_poet_settings_view)
def do_genesis(args):
"""Executes the `poet genesis` subcommand.
This command generates a validator registry transaction and saves it to a
file, whose location is determined by the args. The signup data, generated
by the selected enclave, is also stored in a well-known location.
"""
if args.enclave_module == 'simulator':
module_name = SIMUATOR_MODULE
elif args.enclave_module == 'sgx':
module_name = SGX_MODULE
else:
raise AssertionError('Unknown enclave module: {}'.format(
args.enclave_module))
try:
poet_enclave_module = importlib.import_module(module_name)
except ImportError as e:
raise AssertionError(str(e))
poet_enclave_module.initialize(**{})
pubkey, signing_key = _read_signing_keys(args.key)
public_key_hash = sha256(pubkey.encode()).hexdigest()
signup_info = SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave_module,
validator_address=pubkey,
originator_public_key_hash=public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
print('Writing key state for PoET public key: {}...{}'.format(
signup_info.poet_public_key[:8], signup_info.poet_public_key[-8:]))
# Store the newly-created PoET key state, associating it with its
# corresponding public key
poet_key_state_store = \
PoetKeyStateStore(
data_dir=config.get_data_dir(),
validator_id=pubkey)
poet_key_state_store[signup_info.poet_public_key] = \
PoetKeyState(
sealed_signup_data=signup_info.sealed_signup_data,
has_been_refreshed=False)
# Create the validator registry payload
payload = \
vr_pb.ValidatorRegistryPayload(
verb='register',
name='validator-{}'.format(pubkey[:8]),
id=pubkey,
signup_info=vr_pb.SignUpInfo(
poet_public_key=signup_info.poet_public_key,
proof_data=signup_info.proof_data,
anti_sybil_id=signup_info.anti_sybil_id,
nonce=NULL_BLOCK_IDENTIFIER))
serialized = payload.SerializeToString()
# Create the address that will be used to look up this validator
# registry transaction. Seems like a potential for refactoring..
validator_entry_address = \
VR_NAMESPACE + sha256(pubkey.encode()).hexdigest()
# Create a transaction header and transaction for the validator
# registry update amd then hand it off to the batch publisher to
# send out.
addresses = [validator_entry_address, VALIDATOR_MAP_ADDRESS]
header = \
txn_pb.TransactionHeader(
signer_pubkey=pubkey,
family_name='sawtooth_validator_registry',
family_version='1.0',
inputs=addresses,
outputs=addresses,
dependencies=[],
payload_encoding="application/protobuf",
payload_sha512=sha512(serialized).hexdigest(),
batcher_pubkey=pubkey,
nonce=time.time().hex().encode()).SerializeToString()
signature = signing.sign(header, signing_key)
transaction = \
txn_pb.Transaction(
header=header,
payload=serialized,
header_signature=signature)
batch = _create_batch(pubkey, signing_key, [transaction])
batch_list = batch_pb.BatchList(batches=[batch])
try:
print('Generating {}'.format(args.output))
with open(args.output, 'wb') as batch_file:
batch_file.write(batch_list.SerializeToString())
except IOError as e:
raise CliException('Unable to write to batch file: {}'.format(str(e)))
def test_create(self):
# Need to create signup information first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
stake_in_the_sand = time.time()
# An empty certificate list should result in a local mean that is
# the target wait time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
self.assertIsNotNone(wt)
self.assertEqual(wt.local_mean,
self.mock_poet_config_view.target_wait_time)
self.assertEqual(wt.previous_certificate_id, NULL_BLOCK_IDENTIFIER)
self.assertGreaterEqual(wt.request_time, stake_in_the_sand)
self.assertLessEqual(wt.request_time, time.time())
self.assertGreaterEqual(wt.duration,
self.mock_poet_config_view.minimum_wait_time)
self.assertEqual(wt.validator_address, '1060 W Addison Street')
# Ensure that the enclave is set back to initial state
self.poet_enclave_module = reload(poet_enclave)
# Make sure that trying to create a wait timer before signup
# information is provided causes an error
with self.assertRaises(ValueError):
wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
# Initialize the enclave with sealed signup data
SignupInfo.unseal_signup_data(
poet_enclave_module=self.poet_enclave_module,
validator_address='1660 Pennsylvania Avenue NW',
sealed_signup_data=signup_info.sealed_signup_data)
stake_in_the_sand = time.time()
# An empty certificate list should result in a local mean that is
# the target wait time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_config_view=self.mock_poet_config_view)
self.assertIsNotNone(wt)
self.assertEqual(wt.local_mean,
self.mock_poet_config_view.target_wait_time)
self.assertEqual(wt.previous_certificate_id, NULL_BLOCK_IDENTIFIER)
self.assertGreaterEqual(wt.request_time, stake_in_the_sand)
self.assertLessEqual(wt.request_time, time.time())
self.assertGreaterEqual(wt.duration,
self.mock_poet_config_view.minimum_wait_time)
self.assertEqual(wt.validator_address, '1060 W Addison Street')
def test_has_expired(self):
# Need to create signup information first
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature=None,
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_simulator
mock_poet_enclave_simulator = mock.Mock()
mock_poet_enclave_simulator.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# Verify that a timer doesn't expire before its creation time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertFalse(wt.has_expired(wt.request_time - 1))
# Create a timer and when it has expired, verify that the duration is
# not greater than actual elapsed time.
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertTrue(wt.has_expired(wt.request_time + wt.duration + 1.0))
# Tampering with the duration should not affect wait timer expiration
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
assigned_duration = wt.duration
wt.duration = 0
self.assertTrue(wt.has_expired
(wt.request_time + assigned_duration + 1.0))
# Tampering with the request time should not affect wait timer
# expiration
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
assigned_request_time = wt.request_time
wt.request_time -= wt.duration
self.assertTrue(wt.has_expired
(assigned_request_time + wt.duration + 1.0))
def test_create(self):
# Need to create signup information first
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
stake_in_the_sand = time.time()
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature=None,
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_simulator
mock_poet_enclave_simulator = mock.Mock()
mock_poet_enclave_simulator.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# An empty certificate list should result in a local mean that is
# the target wait time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertIsNotNone(wt)
self.assertEqual(
wt.local_mean,
self.mock_poet_settings_view.target_wait_time)
self.assertEqual(wt.previous_certificate_id, NULL_BLOCK_IDENTIFIER)
self.assertGreaterEqual(wt.request_time, stake_in_the_sand)
self.assertLessEqual(wt.request_time, time.time())
self.assertGreaterEqual(
wt.duration,
self.mock_poet_settings_view.minimum_wait_time)
self.assertEqual(wt.validator_address, '1060 W Addison Street')
# Ensure that the enclave is set back to initial state
self.poet_enclave_module = reload(poet_enclave)
# Make sure that trying to create a wait timer before signup
# information is provided causes an error
with self.assertRaises(ValueError):
wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=self.poet_enclave_module,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
# Initialize the enclave with sealed signup data
SignupInfo.unseal_signup_data(
poet_enclave_module=self.poet_enclave_module,
sealed_signup_data=signup_info.sealed_signup_data)
stake_in_the_sand = time.time()
mock_poet_enclave_wait_timer.request_time = time.time()
# An empty certificate list should result in a local mean that is
# the target wait time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertIsNotNone(wt)
self.assertEqual(
wt.local_mean,
self.mock_poet_settings_view.target_wait_time)
self.assertEqual(wt.previous_certificate_id, NULL_BLOCK_IDENTIFIER)
self.assertGreaterEqual(wt.request_time, stake_in_the_sand)
self.assertLessEqual(wt.request_time, time.time())
self.assertGreaterEqual(
wt.duration,
self.mock_poet_settings_view.minimum_wait_time)
self.assertEqual(wt.validator_address, '1060 W Addison Street')
def _register_signup_information(self, block_header, poet_enclave_module):
# Create signup information for this validator, putting the block ID
# of the block previous to the block referenced by block_header in the
# nonce. Block ID is better than wait certificate ID for testing
# freshness as we need to account for non-PoET blocks.
public_key_hash = \
hashlib.sha256(
block_header.signer_public_key.encode()).hexdigest()
nonce = SignupInfo.block_id_to_nonce(block_header.previous_block_id)
signup_info = \
SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave_module,
originator_public_key_hash=public_key_hash,
nonce=nonce)
# Create the validator registry payload
payload = \
vr_pb.ValidatorRegistryPayload(
verb='register',
name='validator-{}'.format(block_header.signer_public_key[:8]),
id=block_header.signer_public_key,
signup_info=vr_pb.SignUpInfo(
poet_public_key=signup_info.poet_public_key,
proof_data=signup_info.proof_data,
anti_sybil_id=signup_info.anti_sybil_id,
nonce=nonce),
)
serialized = payload.SerializeToString()
# Create the address that will be used to look up this validator
# registry transaction. Seems like a potential for refactoring..
validator_entry_address = \
PoetBlockPublisher._validator_registry_namespace + \
hashlib.sha256(block_header.signer_public_key.encode()).hexdigest()
# Create a transaction header and transaction for the validator
# registry update amd then hand it off to the batch publisher to
# send out.
output_addresses = \
[validator_entry_address,
PoetBlockPublisher._validator_map_address]
input_addresses = \
output_addresses + \
[SettingsView.setting_address(
'sawtooth.poet.report_public_key_pem'),
SettingsView.setting_address(
'sawtooth.poet.valid_enclave_measurements'),
SettingsView.setting_address(
'sawtooth.poet.valid_enclave_basenames')]
header = \
txn_pb.TransactionHeader(
signer_public_key=block_header.signer_public_key,
family_name='sawtooth_validator_registry',
family_version='1.0',
inputs=input_addresses,
outputs=output_addresses,
dependencies=[],
payload_sha512=hashlib.sha512(serialized).hexdigest(),
batcher_public_key=block_header.signer_public_key,
nonce=time.time().hex().encode()).SerializeToString()
signature = self._batch_publisher.identity_signer.sign(header)
transaction = \
txn_pb.Transaction(
header=header,
payload=serialized,
header_signature=signature)
LOGGER.info(
'Register Validator Name=%s, ID=%s...%s, PoET public key=%s...%s, '
'Nonce=%s',
payload.name,
payload.id[:8],
payload.id[-8:],
payload.signup_info.poet_public_key[:8],
payload.signup_info.poet_public_key[-8:],
nonce)
self._batch_publisher.send([transaction])
# Store the key state so that we can look it up later if need be and
# set the new key as our active key
LOGGER.info(
'Save key state PPK=%s...%s => SSD=%s...%s',
signup_info.poet_public_key[:8],
signup_info.poet_public_key[-8:],
signup_info.sealed_signup_data[:8],
signup_info.sealed_signup_data[-8:])
self._poet_key_state_store[signup_info.poet_public_key] = \
PoetKeyState(
sealed_signup_data=signup_info.sealed_signup_data,
has_been_refreshed=False,
signup_nonce=nonce)
self._poet_key_state_store.active_key = signup_info.poet_public_key
def do_create(args):
"""Executes the `poet registration` subcommand.
This command generates a validator registry transaction and saves it to a
file, whose location is determined by the args. The signup data, generated
by the selected enclave, is also stored in a well-known location.
"""
signer = _read_signer(args.key)
public_key = signer.get_public_key().as_hex()
public_key_hash = sha256(public_key.encode()).hexdigest()
nonce = SignupInfo.block_id_to_nonce(args.block)
with PoetEnclaveModuleWrapper(
enclave_module=args.enclave_module,
config_dir=config.get_config_dir(),
data_dir=config.get_data_dir()) as poet_enclave_module:
signup_info = SignupInfo.create_signup_info(
poet_enclave_module=poet_enclave_module,
originator_public_key_hash=public_key_hash,
nonce=nonce)
print(
'Writing key state for PoET public key: {}...{}'.format(
signup_info.poet_public_key[:8],
signup_info.poet_public_key[-8:]))
# Store the newly-created PoET key state, associating it with its
# corresponding public key
poet_key_state_store = \
PoetKeyStateStore(
data_dir=config.get_data_dir(),
validator_id=public_key)
poet_key_state_store[signup_info.poet_public_key] = \
PoetKeyState(
sealed_signup_data=signup_info.sealed_signup_data,
has_been_refreshed=False,
signup_nonce=nonce)
# Create the validator registry payload
payload = \
vr_pb.ValidatorRegistryPayload(
verb='register',
name='validator-{}'.format(public_key[:8]),
id=public_key,
signup_info=vr_pb.SignUpInfo(
poet_public_key=signup_info.poet_public_key,
proof_data=signup_info.proof_data,
anti_sybil_id=signup_info.anti_sybil_id,
nonce=SignupInfo.block_id_to_nonce(args.block)))
serialized = payload.SerializeToString()
# Create the address that will be used to look up this validator
# registry transaction. Seems like a potential for refactoring..
validator_entry_address = \
VR_NAMESPACE + sha256(public_key.encode()).hexdigest()
# Create a transaction header and transaction for the validator
# registry update amd then hand it off to the batch publisher to
# send out.
output_addresses = [validator_entry_address, VALIDATOR_MAP_ADDRESS]
input_addresses = \
output_addresses + \
[SettingsView.setting_address('sawtooth.poet.report_public_key_pem'),
SettingsView.setting_address('sawtooth.poet.'
'valid_enclave_measurements'),
SettingsView.setting_address('sawtooth.poet.valid_enclave_basenames')]
header = \
txn_pb.TransactionHeader(
signer_public_key=public_key,
family_name='sawtooth_validator_registry',
family_version='1.0',
inputs=input_addresses,
outputs=output_addresses,
dependencies=[],
payload_sha512=sha512(serialized).hexdigest(),
batcher_public_key=public_key,
nonce=time.time().hex().encode()).SerializeToString()
signature = signer.sign(header)
transaction = \
txn_pb.Transaction(
header=header,
payload=serialized,
header_signature=signature)
batch = _create_batch(signer, [transaction])
batch_list = batch_pb.BatchList(batches=[batch])
try:
print('Generating {}'.format(args.output))
with open(args.output, 'wb') as batch_file:
batch_file.write(batch_list.SerializeToString())
except IOError as e:
raise CliException('Unable to write to batch file: {}'.format(str(e)))
def test_has_expired(self):
# Need to create signup information first
SignupInfo.create_signup_info(
poet_enclave_module=self.poet_enclave_module,
originator_public_key_hash=self._originator_public_key_hash,
nonce=NULL_BLOCK_IDENTIFIER)
# create mock_poet_enclave_wait_timer
mock_poet_enclave_wait_timer = \
mock.Mock(validator_address='1060 W Addison Street',
duration=1.0,
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
local_mean=5.0,
signature=None,
serialized_timer=None,
request_time=time.time())
# create mock_poet_enclave_simulator
mock_poet_enclave_simulator = mock.Mock()
mock_poet_enclave_simulator.create_wait_timer.return_value = \
mock_poet_enclave_wait_timer
# Verify that a timer doesn't expire before its creation time
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertFalse(wt.has_expired(wt.request_time - 1))
# Create a timer and when it has expired, verify that the duration is
# not greater than actual elapsed time.
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
self.assertTrue(wt.has_expired(wt.request_time + wt.duration + 1.0))
# Tampering with the duration should not affect wait timer expiration
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
assigned_duration = wt.duration
wt.duration = 0
self.assertTrue(
wt.has_expired(wt.request_time + assigned_duration + 1.0))
# Tampering with the request time should not affect wait timer
# expiration
wt = wait_timer.WaitTimer.create_wait_timer(
poet_enclave_module=mock_poet_enclave_simulator,
validator_address='1060 W Addison Street',
previous_certificate_id=NULL_BLOCK_IDENTIFIER,
consensus_state=self.consensus_state,
poet_settings_view=self.mock_poet_settings_view)
assigned_request_time = wt.request_time
wt.request_time -= wt.duration
self.assertTrue(
wt.has_expired(assigned_request_time + wt.duration + 1.0))
