mirror of
https://github.com/lightningdevkit/rust-lightning.git
synced 2025-03-15 15:39:09 +01:00
Implement the UtxoSource
interface for REST/RPC clients
In LDK, we expect users operating nodes on the public network to implement the `UtxoSource` interface in order to validate the gossip they receive from the network. Sadly, because the DoS attack of flooding a node's gossip store isn't a common issue, and because we do not provide an implementation off-the-shelf to make doing so easily, many of our downstream users do not have a `UtxoSource` implementation. In order to change that, here we implement an async `UtxoSource` in the `lightning-block-sync` crate, providing one for users who sync the chain from Bitcoin Core's RPC or REST interfaces.
This commit is contained in:
parent
8164cb9307
commit
01857b51a1
5 changed files with 354 additions and 0 deletions
|
@ -13,8 +13,14 @@ use serde_json;
|
|||
use std::convert::From;
|
||||
use std::convert::TryFrom;
|
||||
use std::convert::TryInto;
|
||||
use std::str::FromStr;
|
||||
use bitcoin::hashes::Hash;
|
||||
|
||||
impl TryInto<serde_json::Value> for JsonResponse {
|
||||
type Error = std::io::Error;
|
||||
fn try_into(self) -> Result<serde_json::Value, std::io::Error> { Ok(self.0) }
|
||||
}
|
||||
|
||||
/// Conversion from `std::io::Error` into `BlockSourceError`.
|
||||
impl From<std::io::Error> for BlockSourceError {
|
||||
fn from(e: std::io::Error) -> BlockSourceError {
|
||||
|
@ -38,6 +44,17 @@ impl TryInto<Block> for BinaryResponse {
|
|||
}
|
||||
}
|
||||
|
||||
/// Parses binary data as a block hash.
|
||||
impl TryInto<BlockHash> for BinaryResponse {
|
||||
type Error = std::io::Error;
|
||||
|
||||
fn try_into(self) -> std::io::Result<BlockHash> {
|
||||
BlockHash::from_slice(&self.0).map_err(|_|
|
||||
std::io::Error::new(std::io::ErrorKind::InvalidData, "bad block hash length")
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
/// Converts a JSON value into block header data. The JSON value may be an object representing a
|
||||
/// block header or an array of such objects. In the latter case, the first object is converted.
|
||||
impl TryInto<BlockHeaderData> for JsonResponse {
|
||||
|
@ -226,6 +243,46 @@ impl TryInto<Transaction> for JsonResponse {
|
|||
}
|
||||
}
|
||||
|
||||
impl TryInto<BlockHash> for JsonResponse {
|
||||
type Error = std::io::Error;
|
||||
|
||||
fn try_into(self) -> std::io::Result<BlockHash> {
|
||||
match self.0.as_str() {
|
||||
None => Err(std::io::Error::new(std::io::ErrorKind::InvalidData, "expected JSON string")),
|
||||
Some(hex_data) if hex_data.len() != 64 =>
|
||||
Err(std::io::Error::new(std::io::ErrorKind::InvalidData, "invalid hash length")),
|
||||
Some(hex_data) => BlockHash::from_str(hex_data)
|
||||
.map_err(|_| std::io::Error::new(std::io::ErrorKind::InvalidData, "invalid hex data")),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// The REST `getutxos` endpoint retuns a whole pile of data we don't care about and one bit we do
|
||||
/// - whether the `hit bitmap` field had any entries. Thus we condense the result down into only
|
||||
/// that.
|
||||
pub(crate) struct GetUtxosResponse {
|
||||
pub(crate) hit_bitmap_nonempty: bool
|
||||
}
|
||||
|
||||
impl TryInto<GetUtxosResponse> for JsonResponse {
|
||||
type Error = std::io::Error;
|
||||
|
||||
fn try_into(self) -> std::io::Result<GetUtxosResponse> {
|
||||
let bitmap_str =
|
||||
self.0.as_object().ok_or(std::io::Error::new(std::io::ErrorKind::InvalidData, "expected an object"))?
|
||||
.get("bitmap").ok_or(std::io::Error::new(std::io::ErrorKind::InvalidData, "missing bitmap field"))?
|
||||
.as_str().ok_or(std::io::Error::new(std::io::ErrorKind::InvalidData, "bitmap should be an str"))?;
|
||||
let mut hit_bitmap_nonempty = false;
|
||||
for c in bitmap_str.chars() {
|
||||
if c < '0' || c > '9' {
|
||||
return Err(std::io::Error::new(std::io::ErrorKind::InvalidData, "invalid byte"));
|
||||
}
|
||||
if c > '0' { hit_bitmap_nonempty = true; }
|
||||
}
|
||||
Ok(GetUtxosResponse { hit_bitmap_nonempty })
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
pub(crate) mod tests {
|
||||
use super::*;
|
||||
|
|
201
lightning-block-sync/src/gossip.rs
Normal file
201
lightning-block-sync/src/gossip.rs
Normal file
|
@ -0,0 +1,201 @@
|
|||
//! When fetching gossip from peers, lightning nodes need to validate that gossip against the
|
||||
//! current UTXO set. This module defines an implementation of the LDK API required to do so
|
||||
//! against a [`BlockSource`] which implements a few additional methods for accessing the UTXO set.
|
||||
|
||||
use crate::{AsyncBlockSourceResult, BlockData, BlockSource};
|
||||
|
||||
use bitcoin::blockdata::transaction::{TxOut, OutPoint};
|
||||
use bitcoin::hash_types::BlockHash;
|
||||
|
||||
use lightning::sign::NodeSigner;
|
||||
|
||||
use lightning::ln::peer_handler::{CustomMessageHandler, PeerManager, SocketDescriptor};
|
||||
use lightning::ln::msgs::{ChannelMessageHandler, OnionMessageHandler};
|
||||
|
||||
use lightning::routing::gossip::{NetworkGraph, P2PGossipSync};
|
||||
use lightning::routing::utxo::{UtxoFuture, UtxoLookup, UtxoResult, UtxoLookupError};
|
||||
|
||||
use lightning::util::logger::Logger;
|
||||
|
||||
use std::sync::Arc;
|
||||
use std::future::Future;
|
||||
use std::ops::Deref;
|
||||
|
||||
/// A trait which extends [`BlockSource`] and can be queried to fetch the block at a given height
|
||||
/// as well as whether a given output is unspent (i.e. a member of the current UTXO set).
|
||||
///
|
||||
/// Note that while this is implementable for a [`BlockSource`] which returns filtered block data
|
||||
/// (i.e. [`BlockData::HeaderOnly`] for [`BlockSource::get_block`] requests), such an
|
||||
/// implementation will reject all gossip as it is not fully able to verify the UTXOs referenced.
|
||||
///
|
||||
/// For efficiency, an implementation may consider caching some set of blocks, as many redundant
|
||||
/// calls may be made.
|
||||
pub trait UtxoSource : BlockSource + 'static {
|
||||
/// Fetches the block hash of the block at the given height.
|
||||
///
|
||||
/// This will, in turn, be passed to to [`BlockSource::get_block`] to fetch the block needed
|
||||
/// for gossip validation.
|
||||
fn get_block_hash_by_height<'a>(&'a self, block_height: u32) -> AsyncBlockSourceResult<'a, BlockHash>;
|
||||
|
||||
/// Returns true if the given output has *not* been spent, i.e. is a member of the current UTXO
|
||||
/// set.
|
||||
fn is_output_unspent<'a>(&'a self, outpoint: OutPoint) -> AsyncBlockSourceResult<'a, bool>;
|
||||
}
|
||||
|
||||
/// A generic trait which is able to spawn futures in the background.
|
||||
///
|
||||
/// If the `tokio` feature is enabled, this is implemented on `TokioSpawner` struct which
|
||||
/// delegates to `tokio::spawn()`.
|
||||
pub trait FutureSpawner : Send + Sync + 'static {
|
||||
/// Spawns the given future as a background task.
|
||||
///
|
||||
/// This method MUST NOT block on the given future immediately.
|
||||
fn spawn<T: Future<Output = ()> + Send + 'static>(&self, future: T);
|
||||
}
|
||||
|
||||
#[cfg(feature = "tokio")]
|
||||
/// A trivial [`FutureSpawner`] which delegates to `tokio::spawn`.
|
||||
pub struct TokioSpawner;
|
||||
#[cfg(feature = "tokio")]
|
||||
impl FutureSpawner for TokioSpawner {
|
||||
fn spawn<T: Future<Output = ()> + Send + 'static>(&self, future: T) {
|
||||
tokio::spawn(future);
|
||||
}
|
||||
}
|
||||
|
||||
/// A struct which wraps a [`UtxoSource`] and a few LDK objects and implements the LDK
|
||||
/// [`UtxoLookup`] trait.
|
||||
///
|
||||
/// Note that if you're using this against a Bitcoin Core REST or RPC server, you likely wish to
|
||||
/// increase the `rpcworkqueue` setting in Bitcoin Core as LDK attempts to parallelize requests (a
|
||||
/// value of 1024 should more than suffice), and ensure you have sufficient file descriptors
|
||||
/// available on both Bitcoin Core and your LDK application for each request to hold its own
|
||||
/// connection.
|
||||
pub struct GossipVerifier<S: FutureSpawner,
|
||||
Blocks: Deref + Send + Sync + 'static + Clone,
|
||||
L: Deref + Send + Sync + 'static,
|
||||
Descriptor: SocketDescriptor + Send + Sync + 'static,
|
||||
CM: Deref + Send + Sync + 'static,
|
||||
OM: Deref + Send + Sync + 'static,
|
||||
CMH: Deref + Send + Sync + 'static,
|
||||
NS: Deref + Send + Sync + 'static,
|
||||
> where
|
||||
Blocks::Target: UtxoSource,
|
||||
L::Target: Logger,
|
||||
CM::Target: ChannelMessageHandler,
|
||||
OM::Target: OnionMessageHandler,
|
||||
CMH::Target: CustomMessageHandler,
|
||||
NS::Target: NodeSigner,
|
||||
{
|
||||
source: Blocks,
|
||||
peer_manager: Arc<PeerManager<Descriptor, CM, Arc<P2PGossipSync<Arc<NetworkGraph<L>>, Self, L>>, OM, L, CMH, NS>>,
|
||||
gossiper: Arc<P2PGossipSync<Arc<NetworkGraph<L>>, Self, L>>,
|
||||
spawn: S,
|
||||
}
|
||||
|
||||
impl<S: FutureSpawner,
|
||||
Blocks: Deref + Send + Sync + Clone,
|
||||
L: Deref + Send + Sync,
|
||||
Descriptor: SocketDescriptor + Send + Sync,
|
||||
CM: Deref + Send + Sync,
|
||||
OM: Deref + Send + Sync,
|
||||
CMH: Deref + Send + Sync,
|
||||
NS: Deref + Send + Sync,
|
||||
> GossipVerifier<S, Blocks, L, Descriptor, CM, OM, CMH, NS> where
|
||||
Blocks::Target: UtxoSource,
|
||||
L::Target: Logger,
|
||||
CM::Target: ChannelMessageHandler,
|
||||
OM::Target: OnionMessageHandler,
|
||||
CMH::Target: CustomMessageHandler,
|
||||
NS::Target: NodeSigner,
|
||||
{
|
||||
/// Constructs a new [`GossipVerifier`].
|
||||
///
|
||||
/// This is expected to be given to a [`P2PGossipSync`] (initially constructed with `None` for
|
||||
/// the UTXO lookup) via [`P2PGossipSync::add_utxo_lookup`].
|
||||
pub fn new(source: Blocks, spawn: S, gossiper: Arc<P2PGossipSync<Arc<NetworkGraph<L>>, Self, L>>, peer_manager: Arc<PeerManager<Descriptor, CM, Arc<P2PGossipSync<Arc<NetworkGraph<L>>, Self, L>>, OM, L, CMH, NS>>) -> Self {
|
||||
Self { source, spawn, gossiper, peer_manager }
|
||||
}
|
||||
|
||||
async fn retrieve_utxo(source: Blocks, short_channel_id: u64) -> Result<TxOut, UtxoLookupError> {
|
||||
let block_height = (short_channel_id >> 5 * 8) as u32; // block height is most significant three bytes
|
||||
let transaction_index = ((short_channel_id >> 2 * 8) & 0xffffff) as u32;
|
||||
let output_index = (short_channel_id & 0xffff) as u16;
|
||||
|
||||
let block_hash = source.get_block_hash_by_height(block_height).await
|
||||
.map_err(|_| UtxoLookupError::UnknownTx)?;
|
||||
let block_data = source.get_block(&block_hash).await
|
||||
.map_err(|_| UtxoLookupError::UnknownTx)?;
|
||||
let mut block = match block_data {
|
||||
BlockData::HeaderOnly(_) => return Err(UtxoLookupError::UnknownTx),
|
||||
BlockData::FullBlock(block) => block,
|
||||
};
|
||||
if transaction_index as usize >= block.txdata.len() {
|
||||
return Err(UtxoLookupError::UnknownTx);
|
||||
}
|
||||
let mut transaction = block.txdata.swap_remove(transaction_index as usize);
|
||||
if output_index as usize >= transaction.output.len() {
|
||||
return Err(UtxoLookupError::UnknownTx);
|
||||
}
|
||||
let outpoint_unspent =
|
||||
source.is_output_unspent(OutPoint::new(transaction.txid(), output_index.into())).await
|
||||
.map_err(|_| UtxoLookupError::UnknownTx)?;
|
||||
if outpoint_unspent {
|
||||
Ok(transaction.output.swap_remove(output_index as usize))
|
||||
} else {
|
||||
Err(UtxoLookupError::UnknownTx)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<S: FutureSpawner,
|
||||
Blocks: Deref + Send + Sync + Clone,
|
||||
L: Deref + Send + Sync,
|
||||
Descriptor: SocketDescriptor + Send + Sync,
|
||||
CM: Deref + Send + Sync,
|
||||
OM: Deref + Send + Sync,
|
||||
CMH: Deref + Send + Sync,
|
||||
NS: Deref + Send + Sync,
|
||||
> Deref for GossipVerifier<S, Blocks, L, Descriptor, CM, OM, CMH, NS> where
|
||||
Blocks::Target: UtxoSource,
|
||||
L::Target: Logger,
|
||||
CM::Target: ChannelMessageHandler,
|
||||
OM::Target: OnionMessageHandler,
|
||||
CMH::Target: CustomMessageHandler,
|
||||
NS::Target: NodeSigner,
|
||||
{
|
||||
type Target = Self;
|
||||
fn deref(&self) -> &Self { self }
|
||||
}
|
||||
|
||||
|
||||
impl<S: FutureSpawner,
|
||||
Blocks: Deref + Send + Sync + Clone,
|
||||
L: Deref + Send + Sync,
|
||||
Descriptor: SocketDescriptor + Send + Sync,
|
||||
CM: Deref + Send + Sync,
|
||||
OM: Deref + Send + Sync,
|
||||
CMH: Deref + Send + Sync,
|
||||
NS: Deref + Send + Sync,
|
||||
> UtxoLookup for GossipVerifier<S, Blocks, L, Descriptor, CM, OM, CMH, NS> where
|
||||
Blocks::Target: UtxoSource,
|
||||
L::Target: Logger,
|
||||
CM::Target: ChannelMessageHandler,
|
||||
OM::Target: OnionMessageHandler,
|
||||
CMH::Target: CustomMessageHandler,
|
||||
NS::Target: NodeSigner,
|
||||
{
|
||||
fn get_utxo(&self, _genesis_hash: &BlockHash, short_channel_id: u64) -> UtxoResult {
|
||||
let res = UtxoFuture::new();
|
||||
let fut = res.clone();
|
||||
let source = self.source.clone();
|
||||
let gossiper = Arc::clone(&self.gossiper);
|
||||
let pm = Arc::clone(&self.peer_manager);
|
||||
self.spawn.spawn(async move {
|
||||
let res = Self::retrieve_utxo(source, short_channel_id).await;
|
||||
fut.resolve(gossiper.network_graph(), &*gossiper, res);
|
||||
pm.process_events();
|
||||
});
|
||||
UtxoResult::Async(res)
|
||||
}
|
||||
}
|
|
@ -28,6 +28,8 @@ pub mod http;
|
|||
pub mod init;
|
||||
pub mod poll;
|
||||
|
||||
pub mod gossip;
|
||||
|
||||
#[cfg(feature = "rest-client")]
|
||||
pub mod rest;
|
||||
|
||||
|
|
|
@ -3,7 +3,10 @@
|
|||
|
||||
use crate::{BlockData, BlockHeaderData, BlockSource, AsyncBlockSourceResult};
|
||||
use crate::http::{BinaryResponse, HttpEndpoint, HttpClient, JsonResponse};
|
||||
use crate::gossip::UtxoSource;
|
||||
use crate::convert::GetUtxosResponse;
|
||||
|
||||
use bitcoin::OutPoint;
|
||||
use bitcoin::hash_types::BlockHash;
|
||||
use bitcoin::hashes::hex::ToHex;
|
||||
|
||||
|
@ -60,11 +63,30 @@ impl BlockSource for RestClient {
|
|||
}
|
||||
}
|
||||
|
||||
impl UtxoSource for RestClient {
|
||||
fn get_block_hash_by_height<'a>(&'a self, block_height: u32) -> AsyncBlockSourceResult<'a, BlockHash> {
|
||||
Box::pin(async move {
|
||||
let resource_path = format!("blockhashbyheight/{}.bin", block_height);
|
||||
Ok(self.request_resource::<BinaryResponse, _>(&resource_path).await?)
|
||||
})
|
||||
}
|
||||
|
||||
fn is_output_unspent<'a>(&'a self, outpoint: OutPoint) -> AsyncBlockSourceResult<'a, bool> {
|
||||
Box::pin(async move {
|
||||
let resource_path = format!("getutxos/{}-{}.json", outpoint.txid.to_hex(), outpoint.vout);
|
||||
let utxo_result =
|
||||
self.request_resource::<JsonResponse, GetUtxosResponse>(&resource_path).await?;
|
||||
Ok(utxo_result.hit_bitmap_nonempty)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use crate::http::BinaryResponse;
|
||||
use crate::http::client_tests::{HttpServer, MessageBody};
|
||||
use bitcoin::hashes::Hash;
|
||||
|
||||
/// Parses binary data as a string-encoded `u32`.
|
||||
impl TryInto<u32> for BinaryResponse {
|
||||
|
@ -113,4 +135,32 @@ mod tests {
|
|||
Ok(n) => assert_eq!(n, 42),
|
||||
}
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn parses_negative_getutxos() {
|
||||
let server = HttpServer::responding_with_ok(MessageBody::Content(
|
||||
// A real response contains a few more fields, but we actually only look at the
|
||||
// "bitmap" field, so this should suffice for testing
|
||||
"{\"chainHeight\": 1, \"bitmap\":\"0\",\"utxos\":[]}"
|
||||
));
|
||||
let client = RestClient::new(server.endpoint()).unwrap();
|
||||
|
||||
let outpoint = OutPoint::new(bitcoin::Txid::from_inner([0; 32]), 0);
|
||||
let unspent_output = client.is_output_unspent(outpoint).await.unwrap();
|
||||
assert_eq!(unspent_output, false);
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn parses_positive_getutxos() {
|
||||
let server = HttpServer::responding_with_ok(MessageBody::Content(
|
||||
// A real response contains lots more data, but we actually only look at the "bitmap"
|
||||
// field, so this should suffice for testing
|
||||
"{\"chainHeight\": 1, \"bitmap\":\"1\",\"utxos\":[]}"
|
||||
));
|
||||
let client = RestClient::new(server.endpoint()).unwrap();
|
||||
|
||||
let outpoint = OutPoint::new(bitcoin::Txid::from_inner([0; 32]), 0);
|
||||
let unspent_output = client.is_output_unspent(outpoint).await.unwrap();
|
||||
assert_eq!(unspent_output, true);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -3,9 +3,11 @@
|
|||
|
||||
use crate::{BlockData, BlockHeaderData, BlockSource, AsyncBlockSourceResult};
|
||||
use crate::http::{HttpClient, HttpEndpoint, HttpError, JsonResponse};
|
||||
use crate::gossip::UtxoSource;
|
||||
|
||||
use bitcoin::hash_types::BlockHash;
|
||||
use bitcoin::hashes::hex::ToHex;
|
||||
use bitcoin::OutPoint;
|
||||
|
||||
use std::sync::Mutex;
|
||||
|
||||
|
@ -138,11 +140,33 @@ impl BlockSource for RpcClient {
|
|||
}
|
||||
}
|
||||
|
||||
impl UtxoSource for RpcClient {
|
||||
fn get_block_hash_by_height<'a>(&'a self, block_height: u32) -> AsyncBlockSourceResult<'a, BlockHash> {
|
||||
Box::pin(async move {
|
||||
let height_param = serde_json::json!(block_height);
|
||||
Ok(self.call_method("getblockhash", &[height_param]).await?)
|
||||
})
|
||||
}
|
||||
|
||||
fn is_output_unspent<'a>(&'a self, outpoint: OutPoint) -> AsyncBlockSourceResult<'a, bool> {
|
||||
Box::pin(async move {
|
||||
let txid_param = serde_json::json!(outpoint.txid.to_hex());
|
||||
let vout_param = serde_json::json!(outpoint.vout);
|
||||
let include_mempool = serde_json::json!(false);
|
||||
let utxo_opt: serde_json::Value = self.call_method(
|
||||
"gettxout", &[txid_param, vout_param, include_mempool]).await?;
|
||||
Ok(!utxo_opt.is_null())
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use super::*;
|
||||
use crate::http::client_tests::{HttpServer, MessageBody};
|
||||
|
||||
use bitcoin::hashes::Hash;
|
||||
|
||||
/// Credentials encoded in base64.
|
||||
const CREDENTIALS: &'static str = "dXNlcjpwYXNzd29yZA==";
|
||||
|
||||
|
@ -245,4 +269,24 @@ mod tests {
|
|||
Ok(count) => assert_eq!(count, 654470),
|
||||
}
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn fails_to_fetch_spent_utxo() {
|
||||
let response = serde_json::json!({ "result": null });
|
||||
let server = HttpServer::responding_with_ok(MessageBody::Content(response));
|
||||
let client = RpcClient::new(CREDENTIALS, server.endpoint()).unwrap();
|
||||
let outpoint = OutPoint::new(bitcoin::Txid::from_inner([0; 32]), 0);
|
||||
let unspent_output = client.is_output_unspent(outpoint).await.unwrap();
|
||||
assert_eq!(unspent_output, false);
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn fetches_utxo() {
|
||||
let response = serde_json::json!({ "result": {"bestblock": 1, "confirmations": 42}});
|
||||
let server = HttpServer::responding_with_ok(MessageBody::Content(response));
|
||||
let client = RpcClient::new(CREDENTIALS, server.endpoint()).unwrap();
|
||||
let outpoint = OutPoint::new(bitcoin::Txid::from_inner([0; 32]), 0);
|
||||
let unspent_output = client.is_output_unspent(outpoint).await.unwrap();
|
||||
assert_eq!(unspent_output, true);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Add table
Reference in a new issue