Safe checkpoint fetching (MystenLabs#2823)

* Safe checkpoint fetching * Verify returned sequence number is correct
tahos81 · Jun 30, 2022 · 6a274da · 6a274da
1 parent 97d54f3
commit 6a274da
Show file tree

Hide file tree

Showing 4 changed files with 77 additions and 31 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/crates/sui-core/src/checkpoints/mod.rs b/crates/sui-core/src/checkpoints/mod.rs
@@ -333,7 +333,7 @@ impl CheckpointStore {
     }
 
     pub fn handle_past_checkpoint(
-        &mut self,
+        &self,
         detail: bool,
         seq: CheckpointSequenceNumber,
     ) -> Result<CheckpointResponse, SuiError> {

diff --git a/crates/sui-core/src/safe_client.rs b/crates/sui-core/src/safe_client.rs
@@ -6,7 +6,10 @@ use crate::authority_client::{AuthorityAPI, BatchInfoResponseItemStream};
 use futures::StreamExt;
 use sui_types::batch::{AuthorityBatch, SignedBatch, TxSequenceNumber, UpdateItem};
 use sui_types::crypto::PublicKeyBytes;
-use sui_types::messages_checkpoint::{CheckpointRequest, CheckpointResponse};
+use sui_types::messages_checkpoint::{
+    AuthenticatedCheckpoint, AuthorityCheckpointInfo, CheckpointRequest, CheckpointRequestType,
+    CheckpointResponse, CheckpointSequenceNumber,
+};
 use sui_types::{base_types::*, committee::*, fp_ensure};
 use sui_types::{
     error::{SuiError, SuiResult},
@@ -398,13 +401,73 @@ where
         Ok(transaction_info)
     }
 
+    fn verify_authenticated_checkpoint(
+        &self,
+        expected_seq: Option<CheckpointSequenceNumber>,
+        checkpoint: &AuthenticatedCheckpoint,
+    ) -> SuiResult {
+        let observed_seq = match checkpoint {
+            AuthenticatedCheckpoint::None => None,
+            AuthenticatedCheckpoint::Signed(s) => {
+                s.verify()?;
+                Some(*s.summary.sequence_number())
+            }
+            AuthenticatedCheckpoint::Certified(c) => {
+                c.verify(&self.committee)?;
+                Some(*c.summary.sequence_number())
+            }
+        };
+
+        match (expected_seq, observed_seq) {
+            (Some(e), Some(o)) => {
+                fp_ensure!(
+                    e == o,
+                    SuiError::ByzantineAuthoritySuspicion {
+                        authority: self.address,
+                    }
+                );
+                Ok(())
+            }
+            (None, _) => Ok(()),
+            _ => Err(SuiError::ByzantineAuthoritySuspicion {
+                authority: self.address,
+            }),
+        }
+    }
+
     pub async fn handle_checkpoint(
         &self,
         request: CheckpointRequest,
     ) -> Result<CheckpointResponse, SuiError> {
-        // SECURITY TODO: Implement all checks!
+        let req_type = request.request_type.clone();
 
-        self.authority_client.handle_checkpoint(request).await
+        let resp = self.authority_client.handle_checkpoint(request).await?;
+
+        match req_type {
+            CheckpointRequestType::LatestCheckpointProposal => {
+                if let AuthorityCheckpointInfo::Proposal { current, previous } = &resp.info {
+                    if let Some(current) = current {
+                        current.verify()?;
+                    }
+                    self.verify_authenticated_checkpoint(None, previous)?;
+                    Ok(resp)
+                } else {
+                    Err(SuiError::ByzantineAuthoritySuspicion {
+                        authority: self.address,
+                    })
+                }
+            }
+            CheckpointRequestType::PastCheckpoint(seq) => {
+                if let AuthorityCheckpointInfo::Past(past) = &resp.info {
+                    self.verify_authenticated_checkpoint(Some(seq), past)?;
+                    Ok(resp)
+                } else {
+                    Err(SuiError::ByzantineAuthoritySuspicion {
+                        authority: self.address,
+                    })
+                }
+            }
+        }
     }
 
     /// Handle Batch information requests for this authority.

diff --git a/crates/workspace-hack/Cargo.toml b/crates/workspace-hack/Cargo.toml
@@ -97,7 +97,7 @@ console-subscriber = { version = "0.1", features = ["env-filter"] }
 constant_time_eq = { version = "0.1", default-features = false }
 core2 = { version = "0.4", default-features = false, features = ["alloc"] }
 crc = { version = "2", default-features = false }
-crc-catalog = { version = "2", default-features = false }
+crc-catalog = { version = "1", default-features = false }
 crc32fast = { version = "1", features = ["std"] }
 criterion = { version = "0.3", features = ["cargo_bench_support"] }
 criterion-plot = { version = "0.4", default-features = false }
@@ -195,7 +195,7 @@ h2 = { version = "0.3", default-features = false }
 hakari = { version = "0.10", default-features = false, features = ["cli-support", "include_dir", "owo-colors", "serde", "tabular", "toml"] }
 half = { version = "1", default-features = false }
 hashbrown-a6292c17cd707f01 = { package = "hashbrown", version = "0.11", features = ["ahash", "inline-more", "raw"] }
-hashbrown-5ef9efb8ec2df382 = { package = "hashbrown", version = "0.12", features = ["ahash", "inline-more"] }
+hashbrown-5ef9efb8ec2df382 = { package = "hashbrown", version = "0.12", features = ["ahash", "inline-more", "raw"] }
 hashlink = { version = "0.7", default-features = false }
 hdrhistogram = { version = "7", features = ["base64", "crossbeam-channel", "flate2", "nom", "serialization", "sync"] }
 heck-468e82937335b1c9 = { package = "heck", version = "0.3", default-features = false }
@@ -445,7 +445,7 @@ smallvec = { version = "1", default-features = false }
 socket2 = { version = "0.4", default-features = false, features = ["all"] }
 soketto = { version = "0.7" }
 spin = { version = "0.9", features = ["barrier", "lazy", "lock_api", "lock_api_crate", "mutex", "once", "rwlock", "spin_mutex"] }
-sqlformat = { version = "0.2", default-features = false }
+sqlformat = { version = "0.1", default-features = false }
 sqlx = { version = "0.5", features = ["_rt-tokio", "macros", "migrate", "runtime-tokio-rustls", "sqlite", "sqlx-macros"] }
 sqlx-core = { version = "0.5", default-features = false, features = ["_rt-tokio", "_tls-rustls", "crc", "flume", "futures-executor", "libsqlite3-sys", "migrate", "runtime-tokio-rustls", "rustls", "sha2", "sqlite", "tokio-stream", "webpki", "webpki-roots"] }
 sqlx-rt = { version = "0.5", default-features = false, features = ["_rt-tokio", "_tls-rustls", "once_cell", "runtime-tokio-rustls", "tokio", "tokio-rustls"] }
@@ -661,7 +661,7 @@ console-subscriber = { version = "0.1", features = ["env-filter"] }
 constant_time_eq = { version = "0.1", default-features = false }
 core2 = { version = "0.4", default-features = false, features = ["alloc"] }
 crc = { version = "2", default-features = false }
-crc-catalog = { version = "2", default-features = false }
+crc-catalog = { version = "1", default-features = false }
 crc32fast = { version = "1", features = ["std"] }
 criterion = { version = "0.3", features = ["cargo_bench_support"] }
 criterion-plot = { version = "0.4", default-features = false }
@@ -772,7 +772,7 @@ h2 = { version = "0.3", default-features = false }
 hakari = { version = "0.10", default-features = false, features = ["cli-support", "include_dir", "owo-colors", "serde", "tabular", "toml"] }
 half = { version = "1", default-features = false }
 hashbrown-a6292c17cd707f01 = { package = "hashbrown", version = "0.11", features = ["ahash", "inline-more", "raw"] }
-hashbrown-5ef9efb8ec2df382 = { package = "hashbrown", version = "0.12", features = ["ahash", "inline-more"] }
+hashbrown-5ef9efb8ec2df382 = { package = "hashbrown", version = "0.12", features = ["ahash", "inline-more", "raw"] }
 hashlink = { version = "0.7", default-features = false }
 hdrhistogram = { version = "7", features = ["base64", "crossbeam-channel", "flate2", "nom", "serialization", "sync"] }
 heck-468e82937335b1c9 = { package = "heck", version = "0.3", default-features = false }
@@ -1066,7 +1066,7 @@ smallvec = { version = "1", default-features = false }
 socket2 = { version = "0.4", default-features = false, features = ["all"] }
 soketto = { version = "0.7" }
 spin = { version = "0.9", features = ["barrier", "lazy", "lock_api", "lock_api_crate", "mutex", "once", "rwlock", "spin_mutex"] }
-sqlformat = { version = "0.2", default-features = false }
+sqlformat = { version = "0.1", default-features = false }
 sqlx = { version = "0.5", features = ["_rt-tokio", "macros", "migrate", "runtime-tokio-rustls", "sqlite", "sqlx-macros"] }
 sqlx-core = { version = "0.5", default-features = false, features = ["_rt-tokio", "_tls-rustls", "crc", "flume", "futures-executor", "libsqlite3-sys", "migrate", "runtime-tokio-rustls", "rustls", "sha2", "sqlite", "tokio-stream", "webpki", "webpki-roots"] }
 sqlx-macros = { version = "0.5", default-features = false, features = ["_rt-tokio", "migrate", "runtime-tokio-rustls", "sha2", "sqlite"] }