Commit Graph

463 Commits

Author SHA1 Message Date
UdjinM6
8ffdcbf999
A bunch of mostly trivial tweaks/fixes (#2889)
* Trivial: vout->txout

* Re-use SetHexStr in few more places

* Tweak log output

* fix v13 release notes links

* Drop no longer used stuff

* Few more trivial fixes

* Adjust few rpc help strings

* Apply review suggestions
2019-04-30 15:48:21 +03:00
UdjinM6
03021fa53c
Harden DIP3 activation (#2881)
* Harden DIP3 activation height

Also drop all related but no longer used parts.

* Pass current block index to GetCommitmentsFromBlock

* Allow to change dip3 activation height for tests

And fix them.
2019-04-25 18:39:04 +03:00
UdjinM6
5cfceab860
Refactor IS-lock GUI notification and implement a similar one for ChainLocks (#2875)
* Refactor IS-lock GUI notification and implement a similar one for ChainLocks

* Initialize cachedNumISLocks in TransactionStatus ctor
2019-04-25 18:37:39 +03:00
Alexander Block
22ae0bc212 Archive islock hashes when removing confirmed islocks (#2872)
This allows AlreadyHave to check if an announced (via INV) islock was
already known in the past. This avoids requesting islocks which got
obsolete due to ChainLocks.
2019-04-16 16:40:26 +03:00
Alexander Block
cd94cbe6f0 Track which TXs are not locked yet and use this info in ProcessPendingRetryLockTxs (#2869)
* Track which TXs are not locked yet and use this info in ProcessPendingRetryLockTxs

Instead of relying on ReadBlockFromDisk. This should be less disk+CPU
intensive but require more RAM.

It also fixes a bug in ProcessPendingRetryLockTxs which caused ChainLocked
parents to not be considered for retrying of its children.

* Handle review commments
2019-04-16 16:39:34 +03:00
UdjinM6
cff9f97179
Prefix all bls/quorum threads with dash- (#2865)
Makes it easier to find them. Note: had to s/quorum/q/ to fit into 15 characters.
2019-04-15 17:42:43 +03:00
UdjinM6
5e865f9c8a
Bump mempool counter on each successful IS lock (#2864) 2019-04-15 17:41:51 +03:00
Alexander Block
0c54e41f22 Retry locking of child TXs in batches instead of per locked parent (#2858)
This especially avoids many calls to ReadBlockFromDisk
2019-04-12 14:36:52 +03:00
Alexander Block
7fe1a4a78b Also invoke WriteInstantSendLockMined when IS lock comes after the mined block (#2861) 2019-04-11 23:11:56 +03:00
Alexander Block
f32f9523b9 Use lazy BLS signatures more often and don't always verify self-recovered sigs (#2860)
* Make CBLSLazySignature thread safe

* Perform malleability check in CBLSLazySignature

* Use CBLSLazySignature in CRecoveredSig and CInstantSendLock

* Only sporadically verify self-recovered signatures

* test
2019-04-11 23:11:39 +03:00
Alexander Block
5e8ae2ceb6 Disable optimistic send in PushMessage by default (#2859)
* Automatically wake up select() when optimistic send was not used

But only when we know that we are actually inside select() and that it
currenlty is unlikely for it to have selected the node's socket for
sending. We accept race conditions here as the select() timeout
will ensure that we always send the data.

* Don't manually call WakeSelect() in CSigSharesManager::SendMessages

Not needed anymore

* Disable optimistic send in PushMessage by default
2019-04-11 15:43:22 +03:00
Alexander Block
90b1b71967 Move processing of InstantSend locks into its own worker thread (#2857)
* Let ProcessPendingInstantSendLocks return true when it did some work

* Introduce own worker thread for CInstantSendManager

Instead of using the scheduler.

* Remove scheduler from CInstantSendManager

* Add missing reset() call for workInterrupt
2019-04-11 15:43:00 +03:00
Alexander Block
ae78360e5d Add cache to CQuorumManager::ScanQuorums (#2856) 2019-04-11 15:42:35 +03:00
Alexander Block
82a47f5432 Allow testing ChainLocks enforcement with spork19 == 1 (#2854)
This is only for testnet.
2019-04-11 15:41:51 +03:00
Alexander Block
225c3898d8
Don't skip "safe TX" check when ChainLocks are not enforced yet (#2851) 2019-04-10 18:16:33 +02:00
Alexander Block
b0260e970f Do not maintain CService in masternodeQuorumNodes
Not needed anymore as we retrieve the service/address of a masternode
on-the-fly in ThreadOpenMasternodeConnections.
2019-04-09 12:32:52 +02:00
Alexander Block
b5bc7c9dac Call HandleFullyConfirmedBlock when ChainLocks are enabled but not enforced (#2844)
Otherwise IS locks never get removed before DIP8 activates via BIP9.
2019-04-08 08:07:47 +03:00
Alexander Block
565754e019
Merge pull request #2839 from codablock/pr_llmq_scanquorumsfix
Fix invalid results from ScanQuorum
2019-04-05 14:39:17 +02:00
Alexander Block
f8bedba7c4
Don't retry locks when new IS system is disabled (#2837)
Retrying still failed, but this spammed logs quite a bit.
2019-04-05 14:38:58 +02:00
Alexander Block
206e5a1b47 Use big endian inversed height in CInstantSendDb 2019-04-05 13:40:18 +02:00
Alexander Block
4b9f6cd3a9 Use big endian inversed height in BuildInversedHeightKey
Otherwise keys are not properly sorted.
2019-04-05 13:39:29 +02:00
Alexander Block
d34ec78664 Update wallet transactions when confirmed IS locks are removed 2019-04-05 08:18:56 +02:00
Alexander Block
b897505f85 Remove the need for maintaining the last ChainLocked block in the DB 2019-04-05 08:05:12 +02:00
Alexander Block
8e7083cb89 Use db.RemoveConfirmedISLocks() in NotifyChainLock to remove confirmed locks
Also move the actual logic into HandleFullyConfirmedBlock and call it
from NotifyChainLock and UpdatedBlockTip.
2019-04-05 08:05:12 +02:00
Alexander Block
4577438e87 Implement RemoveConfirmedInstantSendLocks to prune confirmed IS locks from DB 2019-04-05 08:05:12 +02:00
Alexander Block
d6e7758519 Keep track of when IS locks were mined 2019-04-05 06:36:09 +02:00
Alexander Block
20ec1de4c6
Merge pull request #2833 from codablock/pr_dip4_quorums
Implement quorum merkle roots for DIP4 coinbases and add quorums to MNLISTDIFF
2019-04-05 05:58:05 +02:00
UdjinM6
0a6416e064 Wipe llmq db on reindex (#2835) 2019-04-05 05:57:46 +02:00
UdjinM6
208406df71 Re-introduce nInstantSendKeepLock check for LLMQ-based IS when spork19 is OFF (#2829) 2019-04-05 05:55:30 +02:00
Alexander Block
7d765a0fce Track best block to later know if a DB upgrade is needed 2019-04-04 17:58:51 +02:00
Alexander Block
44a3b9c90f Don't use pindex->GetBlockHash() in ProcessCommitment
The block hash is not necessarily set at this point, for example when
coming from TestBlockValidity().
2019-04-04 12:27:35 +02:00
Alexander Block
f9dbe3ed50 Track in which block a quorum commitment was mined
And return it in GetMinedCommitment and the "quorum info" RPC
2019-04-04 12:27:35 +02:00
Alexander Block
07620746a5 Implement GetMined(AndActive)CommitmentsUntilBlock and use it in ScanQuorums
This fixes a bug in ScanQuorums which made it return quorums which were not
mined at the time of pindexStart. This was due to quorumHashes being based
on older blocks (the phase=0 block) which are ancestors of pindexStart even
if the commitment was actually mined in a later block.

GetMinedAndActiveCommitmentsUntilBlock is also going to be used for quorum
commitment merkle roots in CCbTx.

This also removes GetFirstMinedQuorumHash as it's not needed anymore.
2019-04-04 12:27:35 +02:00
Alexander Block
d5250a333a Track at which height a quorum commitment was mined
Also add upgrade code to allow smooth upgrades from v13 to v14.
2019-04-04 12:27:35 +02:00
Alexander Block
806948f90e Store the full commitment in CQuorum
Instead of just individual fields of it.
2019-04-04 12:27:35 +02:00
UdjinM6
9f04855ae0
Fix blsWorker (#2820)
Use a pointer instead of a static variable, start/stop together with other llmq modules.
2019-04-01 14:10:39 +03:00
Alexander Block
8f280f3466
Split "llmq" debug category into "llmq", "llmq-dkg" and "llmq-sigs" (#2799)
* Use llmq-sig log category for CSigSharesManager

* Use llmq-dkg log category for DKG related logging
2019-03-25 05:48:18 +01:00
Alexander Block
15c720dd43 Stop tracking interested/participating nodes and send/announce to MNAUTH peers (#2798)
* Pass CNode* to IsMasternodeQuorumNode and let it also check verifiedProRegTxHash

This makes IsMasternodeQuorumNode return true on incoming peer connections
as well.

* Let GetMasternodeQuorumNodes also take verifiedProRegTxHash into account

This makes it return NodeIds for incoming peer connections as well.

* Remove AddParticipatingNode and the need for it

This was needed in the past when we were unable to identify incoming
connections from other quorum members. Now that we have MNAUTH, we can
easily identify all connected members.

* Don't track interestedIn quorums in CSigSharesNodeState anymore

Same as with the previous commit, we're now able to easily identify which
nodes to announce sig shares to.

* Remove unused CConnman::GetMasternodeQuorumAddresses
2019-03-22 17:21:34 +03:00
Alexander Block
b18f8cb77c
Implement MNAUTH and allow unlimited inbound MN connections (#2790)
* Sort evo/* source files in Makefile.am

* Keep track of proRegTxHash in CConnman::masternodeQuorumNodes map

We will later need the proRegTxHash

* Fix serialization of std::tuple with const rvalue elements

Having serialization and deserialization in the same specialized template
results in compilation failures due to the "if(for_read)" branch.

* Implement MNAUTH message

This allows masternodes to authenticate themself.

* Protect fresh incoming connections for a second from eviction

Give fresh connections some time to do the VERSION/VERACK handshake and
an optional MNAUTH when it's a masternode. When an MNAUTH happened, the
incoming connection is then forever protected against eviction.

If a timeout of 1 second occurs or the first message after VERACK is not
MNAUTH, the node is not protected anymore and becomes eligable for
eviction.

* Avoid connecting to masternodes if an incoming connection is from the same one

Now that incoming connections from MNs authenticate them self, we can avoid
connecting to the same MNs through intra-quorum connections.

* Apply review suggestions
2019-03-22 11:52:37 +01:00
Alexander Block
7b76e7abb2
Implement BIP9 style deployment for DIP8/ChainLocks and fix a bug with late headers (#2793)
* Also update bestChainLockWithKnownBlock in AcceptedBlockHeader

* Implement BIP9 style DIP8 deployment

* Fix ChainLocks tests

* Apply suggestions from code review

Co-Authored-By: codablock <ablock84@gmail.com>
2019-03-22 11:51:50 +01:00
Alexander Block
02db06658e
Fix loop in CLLMQUtils::GetQuorumConnections to add at least 2 connections (#2796)
* Fix warning about size_t to int conversion

* Fix loop in CLLMQUtils::GetQuorumConnections to add at least 2 connections

When reaching very small quorum sizes, the current algorithm results in
only a single connection to be added. This would be fine usually, but is an
issue when this connection fails. We should always have at least one backup
connection.

This fixes simple PoSe test failures where the quorum size gets down to 4
with one of the 4 members being down. If other nodes are unlucky to connect
to this node, they fail as well even though 3 members in a quorum should
work fine.

* Update src/llmq/quorums_utils.cpp

Co-Authored-By: codablock <ablock84@gmail.com>
2019-03-22 11:51:12 +01:00
Alexander Block
9e70209e49
Honor bloom filters when announcing LLMQ based IS locks (#2784)
* Split out GetInstantSendLockHashByTxid from GetInstantSendLockByTxid

* Filter ISLOCK messages based on provided filter
2019-03-21 07:47:39 +01:00
Alexander Block
12274e578a
Introduce "qsendrecsigs" to indicate that plain recovered sigs should be sent (#2783)
* Introduce "qsendrecsigs" to indicate that plain recovered sigs should be sent

Full nodes, including masternodes, will send this message automatically.
Other node implementations (e.g. SPV) are usually not interested and would
not send this message.

* Use std::atomic<bool> instead of std::atomic_bool

Not related to this PR, but a small enough change to include it here as
well.
2019-03-21 07:47:02 +01:00
Alexander Block
b87821047c
Make LLMQ/InstantSend/ChainLocks code less spammy (#2781)
* Add support for log category to CBatchedLogger

* Use "llmq" logging category in LLMQ code

* Use "chainlocks" logging category in ChainLocks code

* Log errors without logging category
2019-03-21 07:46:27 +01:00
Alexander Block
591b0185c5
Bump proto version and only send LLMQ related messages to v14 nodes (#2780)
* Bump PROTOCOL_VERSION to 70214

* Introduce LLMQS_PROTO_VERSION to avoid relaying to old nodes
2019-03-20 10:58:14 +01:00
Alexander Block
c3602372cc Implement retroactive IS locking of transactions first seen in blocks instead of mempool (#2770)
* Don't rely on UTXO set in CheckCanLock

The UTXO set only works for TXs in the mempool and won't work when we try
to retroactively lock unlocked TXs from blocks.

This is safe as ProcessTx is only called when a TX was accepted into the
mempool or connected in a block, which means that all input checks were
good.

* Rename RetryLockMempoolTxs to RetryLockTxs and let it retry connected TXs

* Instead of manually calling ProcessTx, let SyncTransaction handle all cases

SyncTransaction is called from AcceptToMemoryPool and when transactions got
connected in a block. So this is the time we want to run TXs through
ProcessTx. This also enables retroactive signing of TXs that were unknown
before a new block appeared.

* Test retroactive signing and safe TXs in LLMQ ChainLocks tests

* Also test for retroactive signing of chained TXs

* Honor lockedParentTx when looking for TXs to retry signing

* Stop scanning for TXs to retry after a depth of 6

* Generate 6 block to avoid retroactive signing overloading Travis

* Avoid retroactive signing

* Don't rely on NewPoWValidBlock and use SyncTransaction to build blockTxs

NewPoWValidBlock is not guaranteed to be called when blocks come in fast.
When a block is accepted in AcceptBlock, NewPoWValidBlock is only called
when the new block is a successor of the currently active tip. This is not
the case when after the first block a second block is accepted immediately
as the first block is not connected yet.

This might be a bug actually in the handling of NewPoWValidBlock, so we
might need to check/fix this later, but currently I prefer to not touch
that part.

Instead, we now use SyncTransaction to gather TXs for blockTxs. This works
because SyncTransaction is called for all transactions in a freshly
connected block in one go. The call also happens before UpdatedBlockTip is
called, so it's fine with the existing logic.

* Use tx.IsCoinBase() instead of checking index 0

Also check for empty vin.
2019-03-19 13:55:51 +03:00
Alexander Block
5299d39338 Multiple refactorings/fixes for LLMQ bases InstantSend and ChainLocks (#2779)
* Remove unused parameters from CInstantSendManager::ProcessTx

* Pass txHash in CheckCanLock by reference instead of pointer

* Dont' allow locking of TXs without inputs

* Remove unused local variable nInstantSendConfirmationsRequired

* Don't subtract 1 from nInstantSendConfirmationsRequired

This was necessary in the old system but is not necessary in the new system.
It also prevented proper retroactive signing of chained TXs in regtest as
it resulted in child TXs to return true immediately for CheckCanLock when
it should actually have waited for the parent TX to become locked first.

* Access chainActive.Height() while cs_main is locked

* Properly read and write lastChainLockBlock

"pindex" is NOT the chainlocked block after the while loop finishes. We
must use the pindex (renamed to pindexChainLock now) given on method entry.

Also, the GetLastChainLockBlock() result was not assigned to,
lastChainLockBlock which resulted in the while loop to run unnecessarily
long.

* Generalize filtering in NewPoWValidBlock and SyncTransaction

We're actually interested in all TXs that have inputs, so no need to
explicitly check for tx types.

* Use tx.IsCoinBase() instead of checking for index 0

* Handle cases where a TX is not received yet in wait_for_instantlock

* Wait on all nodes for the locks

Otherwise we end up with the sender having it locked but other nodes
not yet, failing the test.

* Fix LogPrintf call in CChainLocksHandler::DoInvalidateBlock
2019-03-19 10:38:16 +03:00
Alexander Block
a69a5cf4a0 Use smaller (3 out of 5) quorums for regtest/Travis (#2774)
* Require only 3 out of 5 signatures for old InstantSend in regtest mode

* Use LLMQs of size 5 with threshold of 3 for regtest

* Fix wrong check for out-of-range bits in CFixedBitSet

* Reduce number of masternodes in masternode/LLMQ tests

* Add missing \n to LogPrintf call

* Use correct indexes for isolated/receiver/sender nodes

The way it was before resulted in nodes 1-3 being unused and 6-8 being used
for these 3 special nodes even though these are masternodes.

* Avoid stopping/starting isolated node in p2p-instantsend.py

It's enough to disable networking for this node.
2019-03-15 11:48:24 +03:00
UdjinM6
6350adf1b9
Slightly refactor ProcessInstantSendLock (#2767)
Rewrite `if (var =  func())` in a less confusing way
2019-03-13 18:21:40 +03:00
Alexander Block
3a1aeb000e Multiple fixes/refactorings for ChainLocks (#2765)
* Print which DKG type aborted

* Don't directly call EnforceBestChainLock and instead schedule the call

Calling EnforceBestChainLock might result in switching chains, which in
turn might end up calling signals, so we get into a recursive call chain.

Better to call EnforceBestChainLock from the scheduler.

* Regularly call EnforceBestChainLock and reset error flags on locked chain

* Don't invalidate blocks from CChainLocksHandler::TrySignChainTip

As the name of this method implies, it's trying to sign something and not
enforce/invalidate chains. Invalidating blocks is the job of
EnforceBestChainLock.

* Only call ActivateBestChain when tip != best CL tip

* Fix unprotected access of bestChainLockBlockIndex and bail out if its null

* Fix ChainLocks tests after changes in enforcement handling

* Only invoke NotifyChainLock signal from EnforceBestChainLock

This ensures that NotifyChainLock is not prematurely called before the
block is fully connected.

* Use a mutex to ensure that only one thread executes ActivateBestChain

It might happen that 2 threads enter ActivateBestChain at the same time
start processing block by block, while randomly switching between threads
so that sometimes one thread processed the block and then another one
processes it. A mutex protects ActivateBestChain now against this race.

* Rename local copy of bestChainLockBlockIndex to currentBestChainLockBlockIndex

* Don't call ActivateBestChain when best CL is part of the main chain
2019-03-13 16:00:54 +03:00
Alexander Block
4ae52758bd Remove size check in CDKGSessionManager::GetVerifiedContributions
It's actually not true that these should always be the same. In case a
quorum is built and the total number of masternodes in the network is below
the quorum size, we might still end up having a valid quorum as long as
the total number of masternodes is >= minSize.
2019-03-12 07:02:52 +01:00
Alexander Block
effcd0ca53
Merge pull request #2756 from codablock/pr_llmq_instantsend_perstency
Implement persistence for LLMQ based InstantSend
2019-03-12 07:02:14 +01:00
Alexander Block
e763310b54 Add missing LOCK(cs_main) 2019-03-11 15:18:15 +01:00
UdjinM6
3a5e7c4334
Do not hold cs_vNodes in CSigSharesManager::SendMessages() for too long (#2758) 2019-03-11 16:33:17 +03:00
UdjinM6
fbf0dcb086
Various small cleanups (#2761)
* Fix remaining `print`s in tests

* use AssertLockHeld(cs) instead of relying on comments

* actually use `clsig` in `EnforceBestChainLock()`

* fix log output in `EnforceBestChainLock()`

* drop comments
2019-03-11 16:32:26 +03:00
Alexander Block
588eb30b86 Fix deadlock in CSigSharesManager::SendMessages (#2757)
* Fix deadlock in CSigSharesManager::SendMessages

Locking "cs" at this location caused a (potential) deadlock due to changed
order of cs and cs_vNodes locking. This changes the method to not require
the session object anymore which removes the need for locking.

* Pass size of LLMQ instead of llmqType into CSigSharesInv::Init

This allows use of sizes which are not supported in chainparams.
2019-03-11 16:31:51 +03:00
Alexander Block
ac00c66287 Make InstantSend locks persistent 2019-03-11 07:37:08 +01:00
Alexander Block
293c9ad6a1 Use unordered_lru_cache in CRecoveredSigsDb 2019-03-11 07:31:25 +01:00
Alexander Block
f351145e60 Use GetVoteForId instead of maintaining votes on inputs 2019-03-08 17:58:59 +01:00
Alexander Block
d4cf78fe25 Add HasVotedOnId/GetVoteForId to CSigningManager
These just pass through to CRecoveredSigsDb
2019-03-08 17:57:53 +01:00
Alexander Block
43e1bf674e Add key prefix to "rs_" for CRecoveredSigsDb keys
This avoids future conflicts with other data stored in llmqDb
2019-03-08 17:57:16 +01:00
Alexander Block
61e10f6512 Use llmqDb for CRecoveredSigsDb
Instead of creating its own CDBWrapper internally.
2019-03-08 17:34:09 +01:00
Alexander Block
b2cd1db406 Don't use CEvoDB in CDKGSessionManager and instead use llmqDb
Contributions are not part of on-chain consensus and shouldn't be stored in
CEvoDB.
2019-03-08 17:34:09 +01:00
Alexander Block
e2cad1bd69 Introduce global llmq::llmqDb instance of CDBWrapper
This DB is for LLMQ related data that is not part of on-chain consensus.
This for example included LLMQ secret key shares and recovered signatures.
2019-03-08 17:34:09 +01:00
Alexander Block
acb52f6ec1 Don't pass CEvoDB to CDKGSessionHandler and CDKGSession
Was never used.
2019-03-08 17:34:09 +01:00
Alexander Block
06fc655595 Actually remove from finalInstantSendLocks in CInstantSendManager::RemoveFinalISLock 2019-03-07 21:15:09 +01:00
Alexander Block
fae33e03ae Let ProcessPendingReconstructedRecoveredSigs return void instead of bool
Return value is unused and the method actually never returned something.
2019-03-07 21:15:09 +01:00
UdjinM6
41a71fe443 update autoix-mempool.py to test both "old" and "new" InstantSend (and fix CheckCanLock to respect mempool limits) 2019-03-07 21:15:09 +01:00
Alexander Block
2299ee2836 Rename IXLOCK to ISLOCK and InstantX to InstantSend 2019-03-07 21:15:09 +01:00
Alexander Block
f5dcb00acf Introduce spork SPORK_20_INSTANTSEND_LLMQ_BASED to switch between new/old system 2019-03-07 21:15:09 +01:00
Alexander Block
280690792a Combine loops in CChainLocksHandler::NewPoWValidBlock 2019-03-07 21:15:09 +01:00
Alexander Block
5b8344e8f8 Use scheduleFromNow instead of schedule+boost::chrono 2019-03-07 21:15:09 +01:00
Alexander Block
baf8b81c4a Fix no-wallet build 2019-03-07 21:15:09 +01:00
Alexander Block
2a7a5c6338 Only sign ChainLocks when all included TXs are "safe"
Safe means that the TX is either ixlocked or known since at least 10
minutes.

Also change miner code to only include safe TXs in block templates.
2019-03-07 21:15:09 +01:00
Alexander Block
96291e7a0f Cheaper/Faster bailout from TrySignChainTip when already signed before 2019-03-07 21:15:09 +01:00
Alexander Block
0a5e8eb862 Move ChainLock signing into TrySignChainTip and call it periodically
Later commits will introduce checks for "safe TXs" which might abort the
signing on first try, but succeed a few seconds later, so we periodically
retry to sign the tip.
2019-03-07 21:15:09 +01:00
Alexander Block
bd7edc8ae9 Track txids of new blocks and first-seen time of TXs in CChainLocksHandler 2019-03-07 21:15:09 +01:00
Alexander Block
83dbcc483f Implement CInstantSendManager and related P2P messages 2019-03-07 21:14:31 +01:00
Alexander Block
5bbc122749 Implement PushReconstructedRecoveredSig in CSigningManager
We can reconstruct recovered sigs from other P2P messages to avoid
re-validation of those. We will do this later in InstantSend code.
2019-03-07 21:14:31 +01:00
Alexander Block
2bbac8ff77 Introduce NotifyChainLock signal and invoke it when CLSIGs get processed 2019-03-07 21:14:31 +01:00
Alexander Block
8dd9349224
Don't be too harsh for invalid CLSIGs (#2742)
The local node might be the bad one actually as it might not have catched
up with the chain. In that case, LLMQs might be different for the sending
and receiving node.
2019-03-06 08:00:21 +01:00
Alexander Block
a34fb6d6f7 Fix banning when local node doesn't have the vvec (#2739)
When ProcessMessageBatchedSigShares returns false, it's interpreted as
if an invalid/malicious message was received, causing a ban. So, we should
return "!ban" instead of just "ban".
2019-03-05 14:04:04 +03:00
Alexander Block
9eb0ca7040 Ignore sig share inv messages when we don't have the quorum vvec (#2733)
* Ignore sig share inv messages when we don't have the quorum vvec

* Update src/llmq/quorums_signing_shares.cpp

Co-Authored-By: codablock <ablock84@gmail.com>
2019-03-01 18:30:11 +03:00
Alexander Block
2041186f4d
On timeout, print members proTxHashes from members which did not send a share (#2731)
* On timeout, print members proTxHashes from members which did not send a share

* Move inactive quorums check above timeout checks

This allows to reuse things in the next commit

* Avoid locking cs_main through GetQuorum by using a pre-filled map

* Use find() instead of [] to access quorums map
2019-03-01 08:21:42 +01:00
Alexander Block
ea90296b6d
Actually start the timers for sig share and recSig verification (#2730)
Was wondering why verification was always 0ms...this explains it :)
2019-03-01 08:21:28 +01:00
Alexander Block
5c84cab0f1
Send/Receive multiple messages as part of one P2P message in CSigSharesManager (#2729)
* Return bool in ProcessMessageXXX methods to indicate misbehaviour

* Send/Receive multiple messages as part of one P2P message in CSigSharesManager

Many messages, especially QSIGSHARESINV and QGETSIGSHARES, are very small
by nature (5-14 bytes for a 50 members LLMQ). The message headers are
24 bytes, meaning that we produce a lot of overhead for these small messages.
This sums up quite a bit when thousands of signing sessions are happening
in parallel.

This commit changes all related P2P messages to send a vector of messages
instead of a single message.

* Remove bogus lines

Included these by accident

* Unify handling of BanNode in ProcessMessageXXX methods

* Remove bogus check for fMasternodeMode

* Properly use == instead of misleading >= in SendMessages

* Put "didSend = true" near PushMessage
2019-03-01 08:21:09 +01:00
Alexander Block
6ac49da246 Send QSIGSESANN messages when sending first message for a session 2019-02-27 17:34:08 +01:00
Alexander Block
8ce8cb9ca8 Remove MarkXXX methods from CSigSharesNodeState
We're now directly calling the Merge/Set methods on the inventory objects.
2019-02-27 17:33:40 +01:00
Alexander Block
fa25728ca5 Use new sessionId based session management in CSigSharesManager
Stop relying on the information previously found in the CSigSharesInv
and CBatchedSigShares messages and instead use the information found in
the session refereced by the session id.

This also updates a few LogPrintf calls. Previously, CSigSharesInv::ToString
also included the signHash in the returned string, which is not the case
anymore, so we have to add it manually.
2019-02-27 17:33:40 +01:00
Alexander Block
34e3f8eb53 Implement session management based on session ids and announcements 2019-02-27 17:33:40 +01:00
Alexander Block
7372f6f10b Move RebuildSigShare from CBatchedSigShares to CSigSharesManager
Needed as CBatchedSigShares doesn't have the necessary info anymore
2019-02-27 17:33:40 +01:00
Alexander Block
55a6182b10 Introduce QSIGSESANN/CSigSesAnn P2P message 2019-02-27 17:33:40 +01:00
Alexander Block
80375a0b4f Change CSigSharesInv and CBatchedSigShares to be sessionId based 2019-02-27 17:33:40 +01:00
Alexander Block
9b4285b1c8 Use salted hashing for keys for unordered maps/sets in LLMQ code
We must watch out to not blindly use externally provided keys in unordered
sets/maps, as attackers might find ways to cause unbalanced hash buckets
causing performance degradation.
2019-02-27 14:41:20 +01:00
Alexander Block
c52e8402c0 Remove now obsolete TODO comment above CRecoveredSigsDb 2019-02-27 14:40:52 +01:00
Alexander Block
e83e32b956 Add in-memory cache for CRecoveredSigsDb::HasRecoveredSigForHash 2019-02-27 14:40:52 +01:00
Alexander Block
677c0040cd Add in-memory cache to CQuorumBlockProcessor::HasMinedCommitment 2019-02-27 14:40:52 +01:00
Alexander Block
f305cf77b6 Multiple fixes and optimizations for LLMQs and ChainLocks (#2724)
* Indicate success when signing was unnecessary

* Fix typo in name of LLMQ_400_60

* Move RemoveAskFor call for CLSIGs into ProcessNewChainLock

In case we got INV items for the same CLSIG that we recreated through
HandleNewRecoveredSig, (re-)requesting of the CLSIG from other peers
becomes unnecessary.

* Move Cleanup() call in CChainLocksHandler::UpdatedBlockTip up

We bail out early in a few situations from this method, so that Cleanup()
might not be called while its at the bottom.

* Bail out from CChainLocksHandler::UpdatedBlockTip if we already got the CLSIG

* Call RemoveAskFor when QFCOMMITMENT was received

Otherwise we might end up re-requesting it for a very long time when the
commitment INV was received shortly before it got mined.

* Call RemoveSigSharesForSession when a recovered sig is received

Otherwise we end up with session data in node states lingering around until
a fake "timeout" occurs (can be seen in the logs).

* Better handling of false-positive conflicts in CSigningManager

The old code was emitting a lot of messages in logs as it treated sigs
for exactly the same session as a conflict. This commit fixes this by
looking at the signHash before logging.

Also handle a corner-case where a recovered sig might be deleted between
the HasRecoveredSigForId and GetRecoveredSigById call.

* Don't run into session timeout when sig shares come in slow

Instead of just tracking when the first share was received, we now also
track when the last (non-duplicate) share was received. Sessios will now
timeout 5 minutes after the first share arrives, or 1 minute after the last
one arrived.
2019-02-27 16:10:12 +03:00
UdjinM6
252ee89c34
Implement new algo for quorum connections (#2710)
Instead of trying to manually figure out params for different quorum/ring sizes, connect to nodes at indexes (i+2^k)%n where k: 0..floor(log2(n-1))-1, n: size of the quorum/ring
2019-02-19 13:05:39 +03:00
UdjinM6
a79b928532
Merge pull request #2682 from PastaPastaPasta/backports-0.15-pr6
Backports 0.15 pr6
2019-02-19 13:04:49 +03:00
Alexander Block
104c6e7767 Cleanup successful sessions before doing timeout check (#2712)
Otherwise we get some false-positive timeout messages in logs.
2019-02-18 14:07:57 +03:00
UdjinM6
26db020d17
Separate init/destroy and start/stop steps in LLMQ flow (#2709) 2019-02-17 14:39:43 +03:00
Alexander Block
9f58690322 Avoid using ordered maps in LLMQ signing code (#2708)
* Implement and use SigShareMap instead of ordered map with helper methods

The old implementation was relying on the maps being ordered, which allowed
us to grab all sig shares for the same signHash by doing range queries on
the map. This has the disadvantage of being unnecessarily slow when the
maps get larger. Using an unordered map would be the naive solution, but
then it's not possible to query by range anymore.

The solution now is to have a specialized map "SigShareMap" which is
indexed by "SigShareKey". It's internally just an unordered map, indexed by
the sign hash and another unordered map for the value, indexed by the
quorum member index.

* Only use unordered maps/sets in CSigSharesManager

These are faster when maps/sets get larger.

* Use unorderes sets/maps in CSigningManager
2019-02-17 14:38:56 +03:00
Pasta
bb90eb4bf0 backports-0.15-pr6 code review 2019-02-16 15:09:51 -06:00
Alexander Block
7a192e2e4c Optimize sleeping behavior in CSigSharesManager::WorkThreadMain (#2707)
* Don't sleep in WorkThreadMain when CPU intensive work was done

When the current iteration resulted in CPU intensive work, it's likely that
the next iteration will result in work as well. Do not sleep in that case,
as we're otherwise wasting (unused) CPU resources.

* No matter how fast we process sig shares, always force 100ms between sending

* Apply review suggestions
2019-02-16 19:59:48 +03:00
Alexander Block
feb4e0ac74
Merge pull request #2706 from codablock/pr_llmq_optimizations3
Implement caching in CRecoveredSigsDb
2019-02-16 15:51:24 +01:00
Alexander Block
dae1542a0e
Merge pull request #2705 from codablock/pr_llmq_optimizations2
Optimize LLMQs initialization and (de)serialization of BLS signatures
2019-02-16 15:50:23 +01:00
Alexander Block
742a258987 Implement caching in CRecoveredSigsDb
To avoid repeated calls into LevelDB
2019-02-15 15:52:51 +01:00
Alexander Block
500b9c89a7 Use CBLSLazySignature in CBatchedSigShares
This removes the burden on the message handler thread when many sig batches
arrive. The expensive part of deserialization is now performed in the sig
shares worker thread.

This also removes the need for the specialized deserialization of the sig
shares which tried to avoid the malleability check, as CBLSLazySignature does
not perform malleability checks at all.
2019-02-15 15:44:19 +01:00
Alexander Block
c03480d20f Disable optimistic sending when pushing sig share related messages
And instead let the network thread do the actual sending.
2019-02-15 15:20:15 +01:00
UdjinM6
bedfc262e2 Rework handling of CSigSharesManager worker thread (#2703) 2019-02-15 15:11:50 +01:00
UdjinM6
3e4286a584 Less cs_main locks in quorums (#2702)
* Drop cs_main from CQuorumManager::UpdatedBlockTip()

* CLLMQUtils::IsQuorumActive() shouldn't require cs_main to be held

* Revert comment deletion
2019-02-15 15:11:35 +01:00
Alexander Block
67a86091aa Implement and use secure BLS batch verification (#2681)
* Implement secure verification in bls_batchverifier

* Rename CBLSInsecureBatchVerifier to CBLSBatchVerifier

* Add unit tests for simple BLS verifcation and CBLSBatchVerifier
2019-02-04 21:58:28 +03:00
Alexander Block
03fa115503 Speed up CQuorumManager::ScanQuorums (#2677)
* Store quorumHash of first mined commitment in evoDb

This allows to skip scanning for quorums below this block.

* Speed up CQuorumManager::ScanQuorums

This does 2 things:
1. Only call HasQuorum for blocks that are potentially a quorumBlockHash
   These are only blocks which are at index 0 of each DKG interval
2. Stop scanning for quorums when we get below the first block that
   contained a commitment. If no commitment was ever mined, we bail out
   immediately.

* Return result instead of {}

* Remove HasQuorum() call as GetQuorum already does this

* Remove unnecessary "if (!qc.IsNull()))"

It's already checked at the top of the loop

* When necessary, remove DB_FIRST_MINED_COMMITMENT from evoDb in UndoBlock
2019-02-02 03:08:51 +03:00
Alexander Block
088525bde3 Multiple fixes for LLMQs and BLS batch verification (#2674)
* Check aggPubKey for IsValid() instead of aggSig

aggSig is not reliable here as it might already be initialized by the
previous message.

* Significantly reduce sleep time for each DKG phase

Turns out the DKG is much faster then expected, and waiting multiple
minutes for each phase in a devnet is not much fun.

* Correctly use SIGN_HEIGHT_OFFSET when checking for out of bound height

* Introduce startBlockHeight to make things more explicit
2019-02-01 12:07:21 +03:00
Alexander Block
18950f923e Optimize DKG debug message processing for performance and lower bandwidth (#2672)
* Allow sub-batch verification in CBLSInsecureBatchVerifier

* Implement batch verification of CDKGDebugStatus messages

* Use uint8_t for statusBitset in CDKGDebugMemberStatus and CDKGDebugSessionStatus

No need to waste one byte per member and per LLMQ type.

* Reserve 4k of buffer for CSerializedNetMsg buffer

Profiling has shown that a lot of time is spent in resizing the data
vector when large messages are involved.

* Remove nHeight from CDKGDebugStatus

This field changes every block and causes all masternodes to propagate
its status for every block, even if nothing DKG related has changed.

* Leave out session statuses when we're not a member of that session

Otherwise MNs which are not members of DKG sessions will spam the network

* Remove receivedFinalCommitment from CDKGDebugSessionStatus

This is not bound to a session and thus is prone to spam the network when
final commitments are propagated in the finalization phase.

* Add "minableCommitments" to "quorum dkgstatus"

* Hold cs_main while calling GetMinableCommitment

* Abort processing of pending debug messages when spork18 gets disabled

* Don't ask for debug messages when we've already seen them

"statuses" only contains the current messages but none of the old messages,
so nodes kept re-requesting old messages.
2019-02-01 10:49:01 +03:00
Alexander Block
54f576ea7c
Fix LLMQ related test failures on Travis (#2666)
* Use fast_dip3_enforcement instead of fast_dip3_activation

DashTestFramework was refactored before ChainLocks got merged, causing tests
to fail now.

* Move updating of DKG debug status into WaitForNextPhase

Otherwise callers of the RPCs might believe that the next phase has already
started and start producing more blocks, which would then cancel the
current session if it happens faster than the phase handler thread can
progress to the next phase.
2019-01-30 14:05:22 +01:00
Alexander Block
6fe479aa12
Don't leak skShare in logs (#2662) 2019-01-30 14:05:04 +01:00
Alexander Block
f6828b19b6
Merge pull request #2643 from codablock/pr_llmq_chainlocks
Implement LLMQ based ChainLocks
2019-01-29 15:59:05 +01:00
UdjinM6
805aeaa16c Drop cs_main from UpdatedBlockTip in CDKGSessionManager/CDKGSessionHandler (#2655) 2019-01-29 15:55:18 +01:00
UdjinM6
25cb14b615 Fix confusion between dip3 activation and enforcement (#2651)
* Fix confusion between dip3 activation and enforcement

* drop DIP0003ActivationHeight for now
2019-01-29 15:54:38 +01:00
PastaPastaPasta
f123248f1c update copyright (#2648)
* update copyright

* Update copyright in configure.ac and COPYING
2019-01-29 15:53:14 +01:00
Alexander Block
3237668b1d Rename inInvalidate->inEnforceBestChainLock and make it atomic 2019-01-28 12:24:15 +01:00
Alexander Block
135829dc49 Add SPORK_19_CHAINLOCKS_ENABLED 2019-01-28 12:24:15 +01:00
Alexander Block
29532ba196 Implement and enforce ChainLocks 2019-01-28 12:24:15 +01:00
Alexander Block
04a51c9ef4 Use a block that is 8 blocks in the past for SelectQuorumForSigning
Otherwise nodes might already fail to verify sigs when just 1 block away
from the tip.
2019-01-28 12:24:15 +01:00
Alexander Block
cf33efc9e1 Move SelectQuorumForSigning into CSigningManager and make it height based 2019-01-28 12:24:15 +01:00
Alexander Block
4026ea203b Implement VerifyRecoveredSig to allow verifcation of sigs found in P2P messages 2019-01-28 12:24:15 +01:00
Alexander Block
9f211ef12d Add listener interface to listen for recovered sigs 2019-01-28 12:24:15 +01:00
Alexander Block
189cee2108 Don't pass poolSize to SelectQuorum and instead use consensus params 2019-01-28 12:24:15 +01:00
Alexander Block
13855674d7 Add missing new-line character in log output 2019-01-28 12:24:15 +01:00
UdjinM6
fda16f1fea
Fix off-by-1 in phase calculations and the rest of llmq-signing.py issues (#2641)
* Fix off-by-1 in phase calculations

* Fix wait_for_quorum_phase, should look for check_received_messages

* Fix wait_for_quorum_phase for complain phase

* Bump default timeout in wait_for_quorum_phase/wait_for_quorum_commitment to 15
2019-01-23 17:02:56 +03:00
Alexander Block
b595f9e6a1 Fix LLMQ signing integration tests (#2640)
* Fix cleanup of old recovered sigs

When iterating the db, we should also include entries that match exactly
the end time.

* Fix key not found error

* Raise AssertionError in case wait_for_quorum_phase/wait_for_quorum_commitment time out
2019-01-23 11:37:02 +03:00
UdjinM6
5977486897
Bring back ResetLocalSessionStatus call (#2639)
It was dropped accidentally on refactoring.
2019-01-23 11:34:31 +03:00
UdjinM6
d2ddc2a008
A couple of fixes/refactorings for CDKGSessionHandler (#2637)
* Fix confusion: `quorumHash` is both a class member and an argument of a function

Rename `height` too while at it

* Make sure height and hash we pass to InitNewQuorum are related

* Don't update expectedQuorumHash, make it const

This also streamlines logic a bit

* Compact phase calculation

* Decouple invCs and cs_vPendingMasternodes

Not an issue atm but we'd better avoid any potential interlocking if possible

* wrap `%` in `()`

Co-Authored-By: UdjinM6 <UdjinM6@users.noreply.github.com>
2019-01-22 16:33:42 +03:00
Alexander Block
b0ad1425e2 Review fixes (mostly if/else related but no change in logic) 2019-01-22 05:32:56 +01:00
Alexander Block
0cc1cf2798 Add receivedFinalCommitment flag to CDKGDebugSessionStatus 2019-01-21 14:42:08 +01:00
Alexander Block
c38f889e77 Implement processing, verifcation and propagation of signature shares 2019-01-21 14:42:08 +01:00
Alexander Block
43fd1b352f Implement CSigningManager to process and propagage recovered signatures 2019-01-21 14:42:08 +01:00
Alexander Block
b627528cef Use void as return type for WriteContributions 2019-01-17 15:25:43 +01:00
Alexander Block
217f3941d5 Skip starting of cache populator thread in case we don't have a valid vvec 2019-01-16 10:07:47 +01:00
Alexander Block
679a9895b6 Add comments about why it's ok to ignore some failures 2019-01-16 10:07:47 +01:00
Alexander Block
15c34ccbd8 Implement CQuorum and CQuorumManager 2019-01-15 15:47:24 +01:00
UdjinM6
8b7771a311 Add some consts 2019-01-11 13:45:32 +01:00
Alexander Block
0b1347c0d3 Pass self-created message to CDKGPendingMessages instead of processing them 2019-01-11 13:43:19 +01:00
UdjinM6
5daeedabf0 Batched logger should not break log parsing
It's expected to have timestamp to be the first thing in every row if it's not a whitespace
2019-01-11 07:07:54 +01:00
Alexander Block
5958f8b81d Remove dkgRndSleepTime from consensus params and make sleeping it non-random 2019-01-10 07:07:58 +01:00
Alexander Block
0dae46c2fb Move RandBool() into random.h/cpp 2019-01-09 12:16:12 +01:00
Alexander Block
e1901d24aa Handle review suggestions 2019-01-09 12:16:12 +01:00
Alexander Block
352edbd33e Introduce SPORK_18_QUORUM_DEBUG_ENABLED to enable/disable LLMQ debug messages 2019-01-09 12:16:12 +01:00
Alexander Block
324406bfed Implement debugging messages and RPC for LLMQ DKGs 2019-01-09 12:16:12 +01:00
Alexander Block
098b094959 Pass scheduler to InitLLMQSystem 2019-01-09 12:16:12 +01:00
Alexander Block
6836f8c38b Implement LLMQ DKG 2019-01-09 12:16:12 +01:00
Alexander Block
0df3871d14 Remove dummy DKG 2019-01-09 12:16:11 +01:00
Alexander Block
9d33d216b7 Remove temporary code which forked testnet at block 274000 2018-12-13 13:55:46 +01:00
UdjinM6
2127a426b8 Further refactoring of CQuorumBlockProcessor (#2545)
* Switch GetQuorumBlockHash from CBlockIndex* to nHeight

* `pindexPrev -> pindex` for ProcessCommitment

* Switch IsCommitmentRequired from CBlockIndex* to block height

* Switch GetMinableCommitment/Tx from CBlockIndex* to block height

* Add `AssertLockHeld(cs_main);`

Co-Authored-By: UdjinM6 <UdjinM6@users.noreply.github.com>
2018-12-13 09:04:08 +01:00
UdjinM6
15414dac29 Refactor CQuorumBlockProcessor and CDeterministicMNManager (#2536)
* Refactor CDeterministicMNManager::ProcessBlock: pintexPrev -> pindex->pprev and/or adjust logic accordingly

* Refactor CQuorumBlockProcessor::ProcessBlock: pintexPrev -> pindex->pprev and/or adjust logic accordingly

* Drop unused
2018-12-10 06:05:29 +01:00
Alexander Block
d9b28fe1ad
Introduce dummy (ping-like) contributions for the dummy DKG (#2542)
* Implement creation and propagation of dummy contributions

These act as a ping which is broadcast a few blocks before the dummy
commitments are created. They are meant to determine online/offline members.

* Use information about received dummy contributions to determine validMembers

* Fix PoSe tests

* Fix dummy DKG phase progress in PoSe tests and give tests more time

Mine one block at a time until we reach the mining phase.
2018-12-10 06:04:33 +01:00
Alexander Block
5a3f64310b Deserialize CFinalCommitmentTxPayload instead of CFinalCommitment in TxToJSON (#2510)
* Deserialize CFinalCommitmentTxPayload instead of CFinalCommitment in TxToJSON

* Implement ToJson for CFinalCommitmentTxPayload and use it in TxToJSON

Otherwise the nVersion and nHeight members of it are not shown.
2018-11-29 21:51:04 +03:00
Alexander Block
f96563462b
Fix check for nTemporaryTestnetForkDIP3Height (#2508)
This caused a crash when performing a full-sync.
2018-11-29 09:12:51 +01:00
Alexander Block
812834dc5f
Put height into mined commitments and use it instead of the special handling of quorumVvecHash (#2501)
* Allow to skip sig verification for CFinalCommitment::Verify

* Add CFinalCommitmentTxPayload and CheckLLMQCommitment and use it

As described in https://github.com/dashpay/dips/pull/31 (see discussion).

* Properly ban nodes for invalid commitments
2018-11-27 08:04:08 +01:00
Alexander Block
a4f5ba38b6
Implement CDummyDKG and CDummyCommitment until we have the real DKG merged (#2492)
* Add SPORK_17_QUORUM_DKG_ENABLED spork

* Implement CDummyDKG and CDummyCommitment until we have the real DKG merged

This is only used on testnet/devnet/regtest and will NEVER be used on
mainnet. It is NOT SECURE AT ALL!

See comment in quorums_dummydkg.h for more details.

* Test simple PoSe in DIP3 tests

* Generate 2 instead of 4 blocks per iteration in PoSe tests

4 was based on old chainparams where I used larger phases.

* Only sleep when necessary in PoSe tests

* Fix typo in comment

* Give PoSe tests more time and sync after fast-forward
2018-11-26 16:53:20 +01:00
Alexander Block
22b5952c5a
Implement and enforce DIP6 commitments (#2477)
* Add LLMQ parameters to consensus params

* Add DIP6 quorum commitment special TX

* Implement CQuorumBlockProcessor which validates and handles commitments

* Add quorum commitments to new blocks

* Propagate QFCOMMITMENT messages to all nodes

* Allow special transactions in blocks which have no inputs/outputs

But only for TRANSACTION_QUORUM_COMMITMENT for now.

* Add quorum commitments to self-crafted blocks in DIP3 tests

* Add simple fork logic for current testnet

This should avoid a fork on the current testnet. It only applies to the
current chain which activated DIP3 at height 264000 and block
00000048e6e71d4bd90e7c456dcb94683ae832fcad13e1760d8283f7e89f332f.

When we revert the chain to retest the DIP3 deployment, this fork logic
can be removed again.

* Use quorumVvecHash instead of quorumHash to make null commitments unique

Implementation of https://github.com/dashpay/dips/pull/31

* Re-add quorum commitments after pruning mempool selected blocks

* Refactor CQuorumBlockProcessor::ProcessBlock to have less nested if/else statements

Also add BEGIN/END markers for temporary code.

* Add comments/documentation to LLMQParams

* Move code which determines if a commitment is required into IsCommitmentRequired

This should make the code easier to read and also removes some duplication.

The also changes the error types that are possible from 3 to 2 now. Instead
of having "bad-qc-already-mined" and "bad-qc-not-mining-phase", there is
only "bad-qc-not-allowed" now.

* Use new parameter from consensus parames for the temporary fork
2018-11-23 15:42:09 +01:00