ENR

[jannikluhn]

Closes #583. Still WIP: A couple of additional tests are needed and we have to use compressed public keys (working on ethereum/eth-keys#55 now).

How was it fixed?

• There's an ENR class that exposes the ENR key value pairs via a dict interface, along the sequence number and signature. If the signature is None it is considered unsigned. A signed copy can be created with to_signed_enr.
• There are special sedes classes ENRSedes and ENRContentSedes to serialize/deserialize an ENR with or without the signature. Values are (de)serialized as binaries, unless there's something better in ENR_KEY_SEDES_MAPPING.
• Identity schemes (responsible for signing and validating signatures) are represented by children of ENRIdentityScheme which define a method to check if they can be used for a given ENR or not (usually by checking if the ENR contains a public key in the right format). The ENR will use the first matching identity scheme it can find (there will probably only be a few).

Cute Animal Picture

[jannikluhn]

Updated to use the new eth-keys API introduced in ethereum/eth-keys#56 and ethereum/eth-keys#58. I still have to add the new version in setup.py, but I can only do this once the new changes have been released. After that, the tests should pass.

I also restructured the code a little in order to have two separate classes for signed and unsigned ENRs (instead of an is_signed property and a signature that may be None).

[hwwhww]

Solid work! 👍
Need to fix linter.

[pipermerriam]

Can you open (or link me to an existing) larger meta-tracking issue to tie these various discv5 PR's together into a larger epoch so that it's easier to understand the big picture as I review these smaller components?

[jannikluhn]

Opened a meta issue here (I guess I should have started with that): #668

[jannikluhn]

I've addressed the feedback and now I'm waiting for ethereum/eth-keys#58 and a subsequent eth-keys release. Then I'll have a look at the outstanding CI errors.

[pipermerriam]

That suggests the verify_signature api should be changed if possible to either convert the exception case to return false. I'm on mobile so haven't really done my homework on feasibility or why the api was designed that way. Sent from ProtonMail mobile

…

-------- Original Message --------

On May 26, 2019, 4:07 PM, jannikluhn wrote: @jannikluhn commented on this pull request. --------------------------------------------------------------- In [p2p/discv5/identity_schemes.py](#586 (comment)): > + signature = private_key.sign_msg_non_recoverable(message) + return bytes(signature) + + @classmethod + def validate_signature(cls, enr: "ENR") -> None: + public_key = PublicKey.from_compressed_bytes(enr[cls.public_key_enr_key]) + signature = NonRecoverableSignature(enr.signature) + message = enr.get_signing_message() + + try: + is_valid = signature.verify_msg(message, public_key) + except BadSignature: + is_valid = False + + if not is_valid: + raise ValidationError("Invalid signature") verify_signature can either return False or raise a BadSignature, depending on the way the signature is invalid. So there isn't away to avoid the variable without copying the raise ValidationError line which I'd like to avoid. — You are receiving this because you commented. Reply to this email directly, [view it on GitHub](#586?email_source=notifications&email_token=AAGJHAVZOCEIGL3VUZMLFCDPXKKR3A5CNFSM4HK56BGKYY3PNVWWK3TUL52HS4DFWFIHK3DMKJSXC5LFON2FEZLWNFSXPKTDN5WW2ZLOORPWSZGOBZWUFBA#discussion_r287599483), or [mute the thread](https://github.com/notifications/unsubscribe-auth/AAGJHARB5O6C3IK65PIMSULPXKKR3ANCNFSM4HK56BGA).

[fjl]

Very nice to see Trinity will have ENR support :).

Note that EIP-778 was changed one more time to add "tcp6", "udp6" keys. They allow relaying IPv6-specific port numbers.

We have also decided to use base64url encoding (without padding) instead of standard base64.
Base64 without padding is not supported in the Python standard library, but you can use these
functions to do it: fjl/p2p-drafts@23ed342#diff-09ba11ec95dfcee8269304dd2cc0abf3R156

[jannikluhn]

• Updated to latest version of ENR spec (thanks @fjl)
• reworked tests: clear separation between ENR and identity scheme
• cleaned up commit history

Unfortunately, now everything breaks due to a version conflict. Pretty much all eth-* libraries require eth_keys < 3.0.0, but here we need eth_keys >= 3.0.0. I guess there's no other way but going through all of them and make a new release? 3.0.0 should be backwards compatible.

[carver]

Unfortunately, now everything breaks due to a version conflict. Pretty much all eth-* libraries require eth_keys < 3.0.0, but here we need eth_keys >= 3.0.0. I guess there's no other way but going through all of them and make a new release? 3.0.0 should be backwards compatible.

Yeah, sorry, this is fixed in #699 and was released so it doesn't affect fresh installs. But it hasn't been merged in yet. I'll ping you when it gets merged in, and the rebase should be painless.

[carver]

@jannikluhn Okay, a rebase should fix the eth-keys issue now.

[jannikluhn]

@carver that didn't do the trick. The problem is that this PR needs eth-keys >= 3.0.0, everything else eth-keys < 3.0.0. So I think there's no other way than updating all of them to use < 4.0.0.

[carver]

Ah, right. @pipermerriam instead of propagating a chain of eth-keys releases up to trinity (I think at least these would need new releases: eth-account, web3, py-evm), maybe we can just do a patch release that includes everything that's in 0.3.0?

[pipermerriam]

v0.2.3 is now available and equal to v0.3.0

[carver]

Hm, interesting, I think this is a legit issue. The new eth-keys is treating a valid signature as invalid?

_ test_rpc_against_fixtures[/home/circleci/repo/fixtures/BlockchainTests/bcValidBlockTest/SimpleTx3.json:SimpleTx3_Frontier:Frontier] _
[gw1] linux -- Python 3.6.8 /home/circleci/repo/.tox/py36-rpc-blockchain/bin/python

event_bus = <trinity.endpoint.TrinityEventBusEndpoint object at 0x7f2f8c0a39b0>
chain_fixture = {'_info': {'comment': '', 'filledwith': 'testeth 1.5.0.dev2-68+commit.4a43125d.dirty', 'lllcversion': 'Version: 0.5.0-...80832fefd8808454c98c8142a056e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b421880102030405060708c0c0', ...}
fixture_data = ('/home/circleci/repo/fixtures/BlockchainTests/bcValidBlockTest/SimpleTx3.json', 'SimpleTx3_Frontier', 'Frontier')

    @pytest.mark.asyncio
    async def test_rpc_against_fixtures(event_bus, chain_fixture, fixture_data):
        rpc = RPCServer(
            initialize_eth1_modules(MainnetFullChain(None), event_bus)
        )
    
        setup_result, setup_error = await call_rpc(rpc, 'evm_resetToGenesisFixture', [chain_fixture])
        # We need to advance the event loop for modules to be able to pickup the new chain
        await asyncio.sleep(0)
        assert setup_error is None and setup_result is True, "cannot load chain for {0}".format(fixture_data)  # noqa: E501
    
        await validate_accounts(rpc, chain_fixture['pre'])
    
        for block_fixture in chain_fixture['blocks']:
            should_be_good_block = 'blockHeader' in block_fixture
    
            if 'rlp_error' in block_fixture:
                assert not should_be_good_block
                continue
    
            block_result, block_error = await call_rpc(rpc, 'evm_applyBlockFixture', [block_fixture])
    
            if should_be_good_block:
>               assert block_error is None
E               AssertionError: assert 'Invalid Signature' is None

block_error = 'Invalid Signature'
block_fixture = {'blockHeader': {'bloom': '0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000...ce': '0x00', ...}, {'data': '0x', 'gasLimit': '0x5208', 'gasPrice': '0x01', 'nonce': '0x03', ...}], 'uncleHeaders': []}
block_result = None
chain_fixture = {'_info': {'comment': '', 'filledwith': 'testeth 1.5.0.dev2-68+commit.4a43125d.dirty', 'lllcversion': 'Version: 0.5.0-...80832fefd8808454c98c8142a056e81f171bcc55a6ff8345e692c0f86e5b48e01b996cadc001622fb5e363b421880102030405060708c0c0', ...}
event_bus  = <trinity.endpoint.TrinityEventBusEndpoint object at 0x7f2f8c0a39b0>
fixture_data = ('/home/circleci/repo/fixtures/BlockchainTests/bcValidBlockTest/SimpleTx3.json', 'SimpleTx3_Frontier', 'Frontier')
rpc        = <trinity.rpc.main.RPCServer object at 0x7f2f68721ba8>
setup_error = None
setup_result = True
should_be_good_block = True

[jannikluhn]

yeah, that's my fault, this PR should fix it: ethereum/eth-keys#62

[jannikluhn]

Finally everything is green 🎉

I think I've addressed all comments so far, but since the last review I've restructured and extended the tests a bit. Anyone wants to have another look? Otherwise this is ready from my side.

[pipermerriam]

I believe historically we've measured operator.itemgetter(0) to be faster and slightly more preferred.

[pipermerriam]

I think this has some unfortunate time complexity. An itertools.Counter does a pretty nice job of both detecting duplicates and allowing easy reporting of which ones are duplicate.

duplicates = {key for key, num in itertools.Counter(keys).items() if num > 1}

That one-liner does the trick pretty concisely.

[jannikluhn]

neat! changed it

[pipermerriam]

Are the value types truly Any or can that be constrained more?

[jannikluhn]

For now it's just int and bytes, but in theory it can be anything -- we might want to add special types for, e.g., libp2p multiaddrs or public key objects in the future. So to keep it easily extendable I'd prefer to keep it Any.

[pipermerriam]

Maybe instead of having to do this try/except checking at runtime it should happen during initialization and be memoized somewhere private since it's probably very natural to do that at whatever place the b'id' key is validated to be present.

[pipermerriam]

We probably still use this pattern in a number of places but I've grown to think that we should be using a registry pattern closer to something like this.

class Registry(collections.UserDict):
    def register_thing(self, thing) -> None:
        ...  # business logic here
        self[thing_key] = thing

default_registry = Registry()
register_thing = default_registry.register_thing

Note that collections.UserDict gives us an easy mechanism for simple registries like this.

https://docs.python.org/3/library/collections.html#collections.UserDict

Note that this requires ALL apis that make use of the registry to have some mechanism for passing in a custom registry. This pattern should result in easier isolation during testing as well as more flexibility when a library needs to override the base registry. I also think this approach has minimal extra overhead with respect to implementation and user facing API since the actualy underlying Registry API can be maintained as private.

[jannikluhn]

Sounds reasonable. I've implemented something like this, but I'm not sure if I fully understood. Please have a look if that's how you imagined it.

[pipermerriam]

This should be parametrized using pytest.mark.parametrize so it runs as 4 different tests.

[pipermerriam]

This looks great. 👍

[pipermerriam]

You might expose the register function as a top level module item that users can import to register a new identity scheme but that's only relevant if you want to expose this as a public API. For now I think it's fine to keep it private.

[pipermerriam]

because pytest is greedy I've tended to avoid naming anything in a module that pytest scrapes with test_ (or classes that start with Test) because it sometimes tries to run them as tests. Naming schemes to get around this that seem appropriate are just to call this identity_scheme_registry or identity_scheme_registry_for_testing