def _mock_ursula_reencrypts(ursula, corrupt_cfrag: bool = False):
delegating_privkey = UmbralPrivateKey.gen_key()
_symmetric_key, capsule = pre._encapsulate(delegating_privkey.get_pubkey())
signing_privkey = UmbralPrivateKey.gen_key()
signing_pubkey = signing_privkey.get_pubkey()
signer = Signer(signing_privkey)
priv_key_bob = UmbralPrivateKey.gen_key()
pub_key_bob = priv_key_bob.get_pubkey()
kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey,
signer=signer,
receiving_pubkey=pub_key_bob,
threshold=2,
N=4,
sign_delegating_key=False,
sign_receiving_key=False)
capsule.set_correctness_keys(delegating_privkey.get_pubkey(), pub_key_bob,
signing_pubkey)
ursula_pubkey = ursula.stamp.as_umbral_pubkey()
alice_address = canonical_address_from_umbral_key(signing_pubkey)
blockhash = bytes(32)
specification = b''.join((bytes(capsule), bytes(ursula_pubkey),
bytes(ursula.decentralized_identity_evidence),
alice_address, blockhash))
bobs_signer = Signer(priv_key_bob)
task_signature = bytes(bobs_signer(specification))
metadata = bytes(ursula.stamp(task_signature))
cfrag = pre.reencrypt(kfrags[0], capsule, metadata=metadata)
if corrupt_cfrag:
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_signature = bytes(ursula.stamp(bytes(cfrag)))
bob = Bob.from_public_keys(verifying_key=pub_key_bob)
task = WorkOrder.Task(capsule, task_signature, cfrag, cfrag_signature)
work_order = WorkOrder(bob, None, alice_address, [task], None, ursula,
blockhash)
evidence = IndisputableEvidence(task, work_order)
return evidence
def test_evaluate_cfrag(testerchain, escrow, adjudicator_contract):
creator, miner, wrong_miner, investigator, *everyone_else = testerchain.interface.w3.eth.accounts
evaluation_log = adjudicator_contract.events.CFragEvaluated.createFilter(
fromBlock='latest')
worker_stake = 1000
worker_penalty_history = 0
investigator_balance = 0
number_of_evaluations = 0
# Prepare one miner
tx = escrow.functions.setMinerInfo(miner, worker_stake).transact()
testerchain.wait_for_receipt(tx)
# Generate miner's Umbral key
miner_umbral_private_key = UmbralPrivateKey.gen_key()
miner_umbral_public_key_bytes = miner_umbral_private_key.get_pubkey(
).to_bytes(is_compressed=False)
# Sign Umbral public key using eth-key
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(miner_umbral_public_key_bytes)
miner_umbral_public_key_hash = hash_ctx.finalize()
provider = testerchain.interface.provider
address = to_canonical_address(miner)
sig_key = provider.ethereum_tester.backend._key_lookup[address]
signed_miner_umbral_public_key = bytes(
sig_key.sign_msg_hash(miner_umbral_public_key_hash))
# Prepare hash of the data
metadata = os.urandom(33)
capsule, cfrag = fragments(metadata)
assert cfrag.verify_correctness(capsule)
capsule_bytes = capsule.to_bytes()
cfrag_bytes = cfrag.to_bytes()
# Bob prepares supporting Evidence
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
assert len(evidence_data) == 20 * 32 + 32 + 20 + 1
# This check is a workaround in order to test the signature validation is correct.
# In reality, this check should be part of the isCapsuleFragCorrect logic,
# but we're facing with "Stack too deep" errors at the moment.
# address = adjudicator_contract.functions.aliceAddress(cfrag_bytes, evidence_data).call()
# assert address == to_checksum_address(evidence_data[-21:-1].hex())
proof_challenge_scalar = int(evidence.get_proof_challenge_scalar())
# computeProofChallengeScalar = adjudicator_contract.functions.computeProofChallengeScalar
# assert proof_challenge_scalar == computeProofChallengeScalar(capsule_bytes, cfrag_bytes).call()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
# This capsule and cFrag are not yet evaluated
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
# Generate requester's Umbral key
requester_umbral_private_key = UmbralPrivateKey.gen_key()
requester_umbral_public_key_bytes = requester_umbral_private_key.get_pubkey(
).to_bytes(is_compressed=False)
# Sign capsule and cFrag
capsule_signature_by_requester = sign_data(capsule_bytes,
requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(
capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
# Challenge using good data
args = (capsule_bytes, capsule_signature_by_requester,
capsule_signature_by_requester_and_miner, cfrag_bytes,
cfrag_signature_by_miner, requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes, signed_miner_umbral_public_key,
evidence_data)
assert worker_stake == escrow.functions.minerInfo(miner).call()[0]
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact(
{'from': investigator})
testerchain.wait_for_receipt(tx)
number_of_evaluations += 1
# Hash of the data is saved and miner was not slashed
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
assert worker_stake == escrow.functions.minerInfo(miner).call()[0]
assert investigator_balance == escrow.functions.rewardInfo(
investigator).call()
events = evaluation_log.get_all_entries()
assert number_of_evaluations == len(events)
event_args = events[-1]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert event_args['correctness']
# Test: Don't evaluate miner with data that already was checked
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact()
testerchain.wait_for_receipt(tx)
# Test: Ursula produces incorrect proof:
metadata = os.urandom(34)
capsule, cfrag = fragments(metadata)
capsule_bytes = capsule.to_bytes()
# Corrupt proof
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_bytes = cfrag.to_bytes()
assert not cfrag.verify_correctness(capsule)
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
capsule_signature_by_requester = sign_data(capsule_bytes,
requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(
capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
args = (capsule_bytes, capsule_signature_by_requester,
capsule_signature_by_requester_and_miner, cfrag_bytes,
cfrag_signature_by_miner, requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes, signed_miner_umbral_public_key,
evidence_data)
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact(
{'from': investigator})
testerchain.wait_for_receipt(tx)
number_of_evaluations += 1
# Hash of the data is saved and miner was slashed
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
penalty, reward = compute_penalty_and_reward(worker_stake,
worker_penalty_history)
worker_stake -= penalty
investigator_balance += reward
worker_penalty_history += 1
assert worker_stake == escrow.functions.minerInfo(miner).call()[0]
assert investigator_balance == escrow.functions.rewardInfo(
investigator).call()
events = evaluation_log.get_all_entries()
assert number_of_evaluations == len(events)
event_args = events[-1]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert not event_args['correctness']
###############################
# Test: Bob produces wrong precomputed data
###############################
metadata = os.urandom(34)
capsule, cfrag = fragments(metadata)
capsule_bytes = capsule.to_bytes()
cfrag_bytes = cfrag.to_bytes()
assert cfrag.verify_correctness(capsule)
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
capsule_signature_by_requester = sign_data(capsule_bytes,
requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(
capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
# Bob produces a random point and gets the bytes of coords x and y
random_point_bytes = Point.gen_rand().to_bytes(is_compressed=False)[1:]
# He uses this garbage instead of correct precomputation of z*E
evidence_data = bytearray(evidence_data)
evidence_data[32:32 + 64] = random_point_bytes
evidence_data = bytes(evidence_data)
args = (capsule_bytes, capsule_signature_by_requester,
capsule_signature_by_requester_and_miner, cfrag_bytes,
cfrag_signature_by_miner, requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes, signed_miner_umbral_public_key,
evidence_data)
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
# Evaluation must fail since Bob precomputed wrong values
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact(
{'from': investigator})
testerchain.wait_for_receipt(tx)
###############################
# Test: Signatures and Metadata mismatch
###############################
# TODO
###############################
# Test: Second violation. Penalty is increased
###############################
# Prepare hash of the data
metadata = os.urandom(34)
capsule, cfrag = fragments(metadata)
capsule_bytes = capsule.to_bytes()
# Corrupt proof
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_bytes = cfrag.to_bytes()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
capsule_signature_by_requester = sign_data(capsule_bytes,
requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(
capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
args = [
capsule_bytes, capsule_signature_by_requester,
capsule_signature_by_requester_and_miner, cfrag_bytes,
cfrag_signature_by_miner, requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes, signed_miner_umbral_public_key,
evidence_data
]
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
worker_stake = escrow.functions.minerInfo(miner).call()[0]
investigator_balance = escrow.functions.rewardInfo(investigator).call()
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact(
{'from': investigator})
testerchain.wait_for_receipt(tx)
number_of_evaluations += 1
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
previous_penalty = penalty
penalty, reward = compute_penalty_and_reward(worker_stake,
worker_penalty_history)
# Penalty was increased because it's the second violation
assert penalty == previous_penalty + PENALTY_HISTORY_COEFFICIENT
worker_stake -= penalty
investigator_balance += reward
worker_penalty_history += 1
assert worker_stake == escrow.functions.minerInfo(miner).call()[0]
assert investigator_balance == escrow.functions.rewardInfo(
investigator).call()
events = evaluation_log.get_all_entries()
assert number_of_evaluations == len(events)
event_args = events[-1]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert not event_args['correctness']
###############################
# Test: Third violation. Penalty reaches the maximum allowed
###############################
# Prepare corrupted data again
capsule, cfrag = fragments(metadata)
capsule_bytes = capsule.to_bytes()
# Corrupt proof
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_bytes = cfrag.to_bytes()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
capsule_signature_by_requester = sign_data(capsule_bytes,
requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(
capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
args = [
capsule_bytes, capsule_signature_by_requester,
capsule_signature_by_requester_and_miner, cfrag_bytes,
cfrag_signature_by_miner, requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes, signed_miner_umbral_public_key,
evidence_data
]
worker_stake = escrow.functions.minerInfo(miner).call()[0]
investigator_balance = escrow.functions.rewardInfo(investigator).call()
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact(
{'from': investigator})
testerchain.wait_for_receipt(tx)
number_of_evaluations += 1
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
penalty, reward = compute_penalty_and_reward(worker_stake,
worker_penalty_history)
# Penalty has reached maximum available percentage of value
assert penalty == worker_stake // PERCENTAGE_PENALTY_COEFFICIENT
worker_stake -= penalty
investigator_balance += reward
worker_penalty_history += 1
assert worker_stake == escrow.functions.minerInfo(miner).call()[0]
assert investigator_balance == escrow.functions.rewardInfo(
investigator).call()
events = evaluation_log.get_all_entries()
assert number_of_evaluations == len(events)
event_args = events[-1]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert not event_args['correctness']
#################
# Test: Invalid evaluations
##############
# Can't evaluate miner using broken signatures
wrong_args = args[:]
wrong_args[1] = capsule_signature_by_requester[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[2] = capsule_signature_by_requester_and_miner[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[4] = cfrag_signature_by_miner[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[7] = signed_miner_umbral_public_key[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
# Can't evaluate miner using wrong keys
wrong_args = args[:]
wrong_args[5] = UmbralPrivateKey.gen_key().get_pubkey().to_bytes(
is_compressed=False)
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[6] = UmbralPrivateKey.gen_key().get_pubkey().to_bytes(
is_compressed=False)
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
# Can't use signature for another data
wrong_args = args[:]
wrong_args[0] = bytes(args[0][0] + 1) + args[0][1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[3] = bytes(args[3][0] + 1) + args[3][1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
# Can't evaluate nonexistent miner
address = to_canonical_address(wrong_miner)
sig_key = provider.ethereum_tester.backend._key_lookup[address]
signed_wrong_miner_umbral_public_key = bytes(
sig_key.sign_msg_hash(miner_umbral_public_key_hash))
wrong_args = args[:]
wrong_args[7] = signed_wrong_miner_umbral_public_key
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(
*wrong_args).transact()
testerchain.wait_for_receipt(tx)
def collect_evidence(self, capsule, cfrag, ursula):
from nucypher.policy.models import IndisputableEvidence
return IndisputableEvidence(capsule, cfrag, ursula)
def generate_args_for_slashing(testerchain, miner, corrupt: bool = True):
def sign_data(data, umbral_privkey):
umbral_pubkey_bytes = umbral_privkey.get_pubkey().to_bytes(
is_compressed=False)
# Prepare hash of the data
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(data)
data_hash = hash_ctx.finalize()
# Sign data and calculate recoverable signature
cryptography_priv_key = umbral_privkey.to_cryptography_privkey()
signature_der_bytes = cryptography_priv_key.sign(
data, ec.ECDSA(hashes.SHA256()))
signature = Signature.from_bytes(signature_der_bytes, der_encoded=True)
recoverable_signature = bytes(signature) + bytes([0])
pubkey_bytes = coincurve.PublicKey.from_signature_and_message(recoverable_signature, data_hash, hasher=None) \
.format(compressed=False)
if pubkey_bytes != umbral_pubkey_bytes:
recoverable_signature = bytes(signature) + bytes([1])
return recoverable_signature
delegating_privkey = UmbralPrivateKey.gen_key()
_symmetric_key, capsule = pre._encapsulate(delegating_privkey.get_pubkey())
signing_privkey = UmbralPrivateKey.gen_key()
signer = Signer(signing_privkey)
priv_key_bob = UmbralPrivateKey.gen_key()
pub_key_bob = priv_key_bob.get_pubkey()
kfrags = pre.generate_kfrags(delegating_privkey=delegating_privkey,
signer=signer,
receiving_pubkey=pub_key_bob,
threshold=2,
N=4,
sign_delegating_key=False,
sign_receiving_key=False)
capsule.set_correctness_keys(delegating_privkey.get_pubkey(), pub_key_bob,
signing_privkey.get_pubkey())
cfrag = pre.reencrypt(kfrags[0], capsule, metadata=os.urandom(34))
capsule_bytes = capsule.to_bytes()
if corrupt:
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_bytes = cfrag.to_bytes()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
requester_umbral_private_key = UmbralPrivateKey.gen_key()
requester_umbral_public_key_bytes = requester_umbral_private_key.get_pubkey(
).to_bytes(is_compressed=False)
capsule_signature_by_requester = sign_data(capsule_bytes,
requester_umbral_private_key)
miner_umbral_private_key = UmbralPrivateKey.gen_key()
miner_umbral_public_key_bytes = miner_umbral_private_key.get_pubkey(
).to_bytes(is_compressed=False)
# Sign Umbral public key using eth-key
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(miner_umbral_public_key_bytes)
miner_umbral_public_key_hash = hash_ctx.finalize()
address = to_canonical_address(miner)
sig_key = testerchain.interface.provider.ethereum_tester.backend._key_lookup[
address]
signed_miner_umbral_public_key = bytes(
sig_key.sign_msg_hash(miner_umbral_public_key_hash))
capsule_signature_by_requester_and_miner = sign_data(
capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
return (capsule_bytes, capsule_signature_by_requester,
capsule_signature_by_requester_and_miner, cfrag_bytes,
cfrag_signature_by_miner, requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes, signed_miner_umbral_public_key,
evidence_data)
def test_evaluate_cfrag(testerchain, escrow, adjudicator_contract):
creator, miner, wrong_miner, investigator, *everyone_else = testerchain.interface.w3.eth.accounts
evaluation_log = adjudicator_contract.events.CFragEvaluated.createFilter(fromBlock='latest')
# TODO: Move this to an integration test?
umbral_params = default_params()
u_xcoord, u_ycoord = umbral_params.u.to_affine()
u_sign = 2 + (u_ycoord % 2)
assert u_sign == adjudicator_contract.functions.UMBRAL_PARAMETER_U_SIGN().call()
assert u_xcoord == adjudicator_contract.functions.UMBRAL_PARAMETER_U_XCOORD().call()
assert u_ycoord == adjudicator_contract.functions.UMBRAL_PARAMETER_U_YCOORD().call()
# TODO: Move this to an integration test?
test_data = os.urandom(40)
h = hash_to_curvebn(test_data,
params=umbral_params,
hash_class=ExtendedKeccak)
assert int(h) == adjudicator_contract.functions.extendedKeccakToBN(test_data).call()
# Prepare one miner
tx = escrow.functions.setMinerInfo(miner, 1000).transact()
testerchain.wait_for_receipt(tx)
# Generate miner's Umbral key
miner_umbral_private_key = UmbralPrivateKey.gen_key()
miner_umbral_public_key_bytes = miner_umbral_private_key.get_pubkey().to_bytes(is_compressed=False)
# Sign Umbral public key using eth-key
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(miner_umbral_public_key_bytes)
miner_umbral_public_key_hash = hash_ctx.finalize()
provider = testerchain.interface.provider
address = to_canonical_address(miner)
sig_key = provider.ethereum_tester.backend._key_lookup[address]
signed_miner_umbral_public_key = bytes(sig_key.sign_msg_hash(miner_umbral_public_key_hash))
# Prepare hash of the data
metadata = os.urandom(33)
capsule, cfrag = fragments(metadata)
assert cfrag.verify_correctness(capsule)
capsule_bytes = capsule.to_bytes()
cfrag_bytes = cfrag.to_bytes()
# Bob prepares supporting Evidence
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
assert len(evidence_data) == 20 * 32 + 32 + 20 + 1
# This check is a workaround in order to test the signature validation is correct.
# In reality, this check should be part of the isCapsuleFragCorrect logic,
# but we're facing with "Stack too deep" errors at the moment.
address = adjudicator_contract.functions.aliceAddress(cfrag_bytes, evidence_data).call()
assert address == to_checksum_address(evidence_data[-21:-1].hex())
proof_challenge_scalar = int(evidence.get_proof_challenge_scalar())
computeProofChallengeScalar = adjudicator_contract.functions.computeProofChallengeScalar
assert proof_challenge_scalar == computeProofChallengeScalar(capsule_bytes, cfrag_bytes).call()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
# This capsule and cFrag are not yet evaluated
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
# Generate requester's Umbral key
requester_umbral_private_key = UmbralPrivateKey.gen_key()
requester_umbral_public_key_bytes = requester_umbral_private_key.get_pubkey().to_bytes(is_compressed=False)
# Sign capsule and cFrag
capsule_signature_by_requester = sign_data(capsule_bytes, requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
# Challenge using good data
args = (capsule_bytes,
capsule_signature_by_requester,
capsule_signature_by_requester_and_miner,
cfrag_bytes,
cfrag_signature_by_miner,
requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes,
signed_miner_umbral_public_key,
evidence_data)
value = escrow.functions.minerInfo(miner).call()[0]
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact({'from': investigator})
testerchain.wait_for_receipt(tx)
# Hash of the data is saved and miner was not slashed
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
assert value == escrow.functions.minerInfo(miner).call()[0]
assert 0 == escrow.functions.rewardInfo(investigator).call()
events = evaluation_log.get_all_entries()
assert 1 == len(events)
event_args = events[0]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert event_args['correctness']
# Can't evaluate miner with data that already was checked
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact()
testerchain.wait_for_receipt(tx)
# Challenge using bad data
metadata = os.urandom(34)
capsule, cfrag = fragments(metadata)
capsule_bytes = capsule.to_bytes()
# Corrupt proof
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_bytes = cfrag.to_bytes()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
capsule_signature_by_requester = sign_data(capsule_bytes, requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
args = (capsule_bytes,
capsule_signature_by_requester,
capsule_signature_by_requester_and_miner,
cfrag_bytes,
cfrag_signature_by_miner,
requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes,
signed_miner_umbral_public_key,
evidence_data)
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact({'from': investigator})
testerchain.wait_for_receipt(tx)
# Hash of the data is saved and miner was slashed
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
assert value - BASE_PENALTY == escrow.functions.minerInfo(miner).call()[0]
assert BASE_PENALTY / REWARD_COEFFICIENT == escrow.functions.rewardInfo(investigator).call()
events = evaluation_log.get_all_entries()
assert 2 == len(events)
event_args = events[1]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert not event_args['correctness']
# Prepare hash of the data
metadata = os.urandom(34)
capsule, cfrag = fragments(metadata)
capsule_bytes = capsule.to_bytes()
# Corrupt proof
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_bytes = cfrag.to_bytes()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
capsule_signature_by_requester = sign_data(capsule_bytes, requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
args = [capsule_bytes,
capsule_signature_by_requester,
capsule_signature_by_requester_and_miner,
cfrag_bytes,
cfrag_signature_by_miner,
requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes,
signed_miner_umbral_public_key,
evidence_data]
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
# Can't evaluate miner using broken signatures
wrong_args = args[:]
wrong_args[1] = capsule_signature_by_requester[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[2] = capsule_signature_by_requester_and_miner[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[4] = cfrag_signature_by_miner[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[7] = signed_miner_umbral_public_key[1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
# Can't evaluate miner using wrong keys
wrong_args = args[:]
wrong_args[5] = UmbralPrivateKey.gen_key().get_pubkey().to_bytes(is_compressed=False)
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[6] = UmbralPrivateKey.gen_key().get_pubkey().to_bytes(is_compressed=False)
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
# Can't use signature for another data
wrong_args = args[:]
wrong_args[0] = bytes(args[0][0] + 1) + args[0][1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
wrong_args = args[:]
wrong_args[3] = bytes(args[3][0] + 1) + args[3][1:]
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
# Can't evaluate nonexistent miner
address = to_canonical_address(wrong_miner)
sig_key = provider.ethereum_tester.backend._key_lookup[address]
signed_wrong_miner_umbral_public_key = bytes(sig_key.sign_msg_hash(miner_umbral_public_key_hash))
wrong_args = args[:]
wrong_args[7] = signed_wrong_miner_umbral_public_key
with pytest.raises((TransactionFailed, ValueError)):
tx = adjudicator_contract.functions.evaluateCFrag(*wrong_args).transact()
testerchain.wait_for_receipt(tx)
# Initial arguments were correct
value = escrow.functions.minerInfo(miner).call()[0]
reward = escrow.functions.rewardInfo(investigator).call()
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact({'from': investigator})
testerchain.wait_for_receipt(tx)
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
# Penalty was increased because it's the second violation
assert value - (BASE_PENALTY + PENALTY_HISTORY_COEFFICIENT) == escrow.functions.minerInfo(miner).call()[0]
assert reward + (BASE_PENALTY + PENALTY_HISTORY_COEFFICIENT) / REWARD_COEFFICIENT == \
escrow.functions.rewardInfo(investigator).call()
events = evaluation_log.get_all_entries()
assert 3 == len(events)
event_args = events[2]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert not event_args['correctness']
# Prepare corrupted data again
capsule, cfrag = fragments(metadata)
capsule_bytes = capsule.to_bytes()
# Corrupt proof
cfrag.proof.bn_sig = CurveBN.gen_rand(capsule.params.curve)
cfrag_bytes = cfrag.to_bytes()
hash_ctx = hashes.Hash(hashes.SHA256(), backend=backend)
hash_ctx.update(capsule_bytes + cfrag_bytes)
data_hash = hash_ctx.finalize()
capsule_signature_by_requester = sign_data(capsule_bytes, requester_umbral_private_key)
capsule_signature_by_requester_and_miner = sign_data(capsule_signature_by_requester, miner_umbral_private_key)
cfrag_signature_by_miner = sign_data(cfrag_bytes, miner_umbral_private_key)
evidence = IndisputableEvidence(capsule, cfrag, ursula=None)
evidence_data = evidence.precompute_values()
args = (capsule_bytes,
capsule_signature_by_requester,
capsule_signature_by_requester_and_miner,
cfrag_bytes,
cfrag_signature_by_miner,
requester_umbral_public_key_bytes,
miner_umbral_public_key_bytes,
signed_miner_umbral_public_key,
evidence_data)
value = escrow.functions.minerInfo(miner).call()[0]
reward = escrow.functions.rewardInfo(investigator).call()
assert not adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
tx = adjudicator_contract.functions.evaluateCFrag(*args).transact({'from': investigator})
testerchain.wait_for_receipt(tx)
assert adjudicator_contract.functions.evaluatedCFrags(data_hash).call()
# Penalty was decreased because it's more than maximum available percentage of value
assert value - value // PERCENTAGE_PENALTY_COEFFICIENT == escrow.functions.minerInfo(miner).call()[0]
assert reward + value // PERCENTAGE_PENALTY_COEFFICIENT / REWARD_COEFFICIENT == \
escrow.functions.rewardInfo(investigator).call()
events = evaluation_log.get_all_entries()
assert 4 == len(events)
event_args = events[3]['args']
assert data_hash == event_args['evaluationHash']
assert miner == event_args['miner']
assert investigator == event_args['investigator']
assert not event_args['correctness']