async def handle_vote(self, vote: EndpointVote) -> None: self.logger.debug( "Received vote for %s from %s", vote.endpoint, encode_hex(vote.node_id), ) current_enr = await self.enr_db.get(self.local_node_id) # TODO: majority voting, discard old votes are_endpoint_keys_present = (IP_V4_ADDRESS_ENR_KEY in current_enr and UDP_PORT_ENR_KEY in current_enr) enr_needs_update = not are_endpoint_keys_present or ( vote.endpoint.ip_address != current_enr[IP_V4_ADDRESS_ENR_KEY] and vote.endpoint.port != current_enr[UDP_PORT_ENR_KEY]) if enr_needs_update: kv_pairs = merge( current_enr, { IP_V4_ADDRESS_ENR_KEY: vote.endpoint.ip_address, UDP_PORT_ENR_KEY: vote.endpoint.port, }) new_unsigned_enr = UnsignedENR( kv_pairs=kv_pairs, sequence_number=current_enr.sequence_number + 1, identity_scheme_registry=self.identity_scheme_registry, ) signed_enr = new_unsigned_enr.to_signed_enr(self.local_private_key) self.logger.info( f"Updating local endpoint to %s (new ENR sequence number: %d)", vote.endpoint, signed_enr.sequence_number, ) await self.enr_db.update(signed_enr)
def test_signing(mock_identity_scheme, identity_scheme_registry): unsigned_enr = UnsignedENR( sequence_number=0, kv_pairs={b"id": b"mock"}, identity_scheme_registry=identity_scheme_registry) private_key = b"\x00" * 32 enr = unsigned_enr.to_signed_enr(private_key) assert enr.signature == mock_identity_scheme.create_enr_signature( enr, private_key)
def test_repr(mock_identity_scheme, identity_scheme_registry): unsigned_enr = UnsignedENR(0, {b"id": b"mock"}, identity_scheme_registry) enr = unsigned_enr.to_signed_enr(b"\x00" * 32) base64_encoded_enr = base64.urlsafe_b64encode(rlp.encode(enr)) represented_enr = repr(enr) assert represented_enr.startswith("enr:") assert base64_encoded_enr.rstrip(b"=").decode() == represented_enr[4:] assert ENR.from_repr(represented_enr, identity_scheme_registry) == enr
def test_enr_node_id(): private_key = PrivateKey(b"\x11" * 32) unsigned_enr = UnsignedENR(0, { b"id": b"v4", b"secp256k1": private_key.public_key.to_compressed_bytes(), b"key1": b"value1", }) enr = unsigned_enr.to_signed_enr(private_key.to_bytes()) node_id = V4IdentityScheme.extract_node_id(enr) assert node_id == keccak(private_key.public_key.to_bytes())
def test_enr_public_key(): private_key = PrivateKey(b"\x11" * 32) public_key = private_key.public_key.to_compressed_bytes() unsigned_enr = UnsignedENR(0, { b"id": b"v4", b"secp256k1": public_key, b"key1": b"value1", }) enr = unsigned_enr.to_signed_enr(private_key.to_bytes()) assert V4IdentityScheme.extract_public_key(unsigned_enr) == public_key assert V4IdentityScheme.extract_public_key(enr) == public_key
def test_official_test_vector(): enr = ENR.from_repr(OFFICIAL_TEST_DATA["repr"]) # use default identity scheme registry assert enr.sequence_number == OFFICIAL_TEST_DATA["sequence_number"] assert dict(enr) == OFFICIAL_TEST_DATA["kv_pairs"] assert enr.public_key == OFFICIAL_TEST_DATA["public_key"] assert enr.node_id == OFFICIAL_TEST_DATA["node_id"] assert enr.identity_scheme is OFFICIAL_TEST_DATA["identity_scheme"] assert repr(enr) == OFFICIAL_TEST_DATA["repr"] unsigned_enr = UnsignedENR(enr.sequence_number, dict(enr)) reconstructed_enr = unsigned_enr.to_signed_enr(OFFICIAL_TEST_DATA["private_key"]) assert reconstructed_enr == enr
def test_enr_signature_validation(): private_key = PrivateKey(b"\x11" * 32) unsigned_enr = UnsignedENR(0, { b"id": b"v4", b"secp256k1": private_key.public_key.to_compressed_bytes(), b"key1": b"value1", }) enr = unsigned_enr.to_signed_enr(private_key.to_bytes()) V4IdentityScheme.validate_enr_signature(enr) forged_enr = ENR(enr.sequence_number, dict(enr), b"\x00" * 64) with pytest.raises(ValidationError): V4IdentityScheme.validate_enr_signature(forged_enr)
async def _generate_local_enr(self, sequence_number: int) -> ENR: kv_pairs = { IDENTITY_SCHEME_ENR_KEY: V4IdentityScheme.id, V4IdentityScheme.public_key_enr_key: self.pubkey.to_compressed_bytes(), IP_V4_ADDRESS_ENR_KEY: self.address.ip_packed, UDP_PORT_ENR_KEY: self.address.udp_port, TCP_PORT_ENR_KEY: self.address.tcp_port, } for field_provider in self.enr_field_providers: key, value = await field_provider() if key in kv_pairs: raise AssertionError( "ENR field provider attempted to override already used key: %s", key) kv_pairs[key] = value unsigned_enr = UnsignedENR(sequence_number, kv_pairs) return unsigned_enr.to_signed_enr(self.privkey.to_bytes())
def test_signature_validation(mock_identity_scheme, identity_scheme_registry): unsigned_enr = UnsignedENR(0, {b"id": b"mock"}, identity_scheme_registry) private_key = b"\x00" * 32 enr = unsigned_enr.to_signed_enr(private_key) enr.validate_signature() invalid_signature = b"\xff" * 64 invalid_enr = ENR(enr.sequence_number, dict(enr), invalid_signature, identity_scheme_registry=identity_scheme_registry) with pytest.raises(ValidationError): invalid_enr.validate_signature() with pytest.raises(ValidationError): ENR( 0, {b"id": b"unknown"}, b"", identity_scheme_registry=identity_scheme_registry, )
def test_node_id(mock_identity_scheme, identity_scheme_registry): unsigned_enr = UnsignedENR(0, {b"id": b"mock"}, identity_scheme_registry) private_key = b"\x00" * 32 enr = unsigned_enr.to_signed_enr(private_key) assert enr.node_id == private_key
def test_public_key(mock_identity_scheme, identity_scheme_registry): unsigned_enr = UnsignedENR(0, {b"id": b"mock"}, identity_scheme_registry) private_key = b"\x00" * 32 enr = unsigned_enr.to_signed_enr(private_key) assert enr.public_key == mock_identity_scheme.extract_public_key(enr)
async def test_request_enr(nursery, manually_driven_discovery_pair): alice, bob = manually_driven_discovery_pair # Pretend that bob and alice have already bonded, otherwise bob will ignore alice's ENR # request. bob.node_db.set_last_pong_time(alice.this_node.id, int(time.monotonic())) # Add a copy of Bob's node with a stub ENR to alice's RT as later we're going to check that it # gets updated with the received ENR. bobs_node_with_stub_enr = Node.from_pubkey_and_addr( bob.this_node.pubkey, bob.this_node.address) alice.node_db.set_last_pong_time(bob.this_node.id, int(time.monotonic())) await alice.update_routing_table(bobs_node_with_stub_enr) assert alice.routing.get_node( bobs_node_with_stub_enr.id).enr.sequence_number == 0 received_enr = None got_enr = trio.Event() async def fetch_enr(event): nonlocal received_enr received_enr = await alice.request_enr(bobs_node_with_stub_enr) event.set() # Start a task in the background that requests an ENR to bob and then waits for it. nursery.start_soon(fetch_enr, got_enr) # Bob will now consume one datagram containing the ENR_REQUEST from alice, and as part of that # will send an ENR_RESPONSE, which will then be consumed by alice, and as part of that it will # be fed into the request_enr() task we're running the background. with trio.fail_after(0.1): await bob.consume_datagram() await alice.consume_datagram() with trio.fail_after(1): await got_enr.wait() validate_node_enr(bob.this_node, received_enr, sequence_number=1) assert alice.routing.get_node(bob.this_node.id).enr == received_enr # Now, if Bob later sends us a new ENR with no endpoint information, we'll evict him from both # our DB and RT. sequence_number = bob.this_node.enr.sequence_number + 1 new_unsigned_enr = UnsignedENR(sequence_number, kv_pairs={ IDENTITY_SCHEME_ENR_KEY: V4IdentityScheme.id, V4IdentityScheme.public_key_enr_key: bob.pubkey.to_compressed_bytes(), }) bob.this_node = Node(new_unsigned_enr.to_signed_enr( bob.privkey.to_bytes())) received_enr = None got_new_enr = trio.Event() nursery.start_soon(fetch_enr, got_new_enr) with trio.fail_after(0.1): await bob.consume_datagram() await alice.consume_datagram() with trio.fail_after(1): await got_new_enr.wait() assert Node(received_enr).address is None with pytest.raises(KeyError): alice.routing.get_node(bob.this_node.id) with pytest.raises(KeyError): alice.node_db.get_enr(bob.this_node.id)