Skip to content

Commit

Permalink
patch account script for val upgrade (#796)
Browse files Browse the repository at this point in the history
  • Loading branch information
0o-de-lally authored Nov 5, 2021
1 parent 647e6c2 commit 2f67d49
Show file tree
Hide file tree
Showing 11 changed files with 101 additions and 91 deletions.
1 change: 0 additions & 1 deletion Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ module AccountScripts {

// check if this account exists
let (new_account_address, _) = VDF::extract_address_from_challenge(&challenge);
assert(!DiemAccount::exists_at(new_account_address), Errors::invalid_state(ACCOUNT_ALREADY_EXISTS));
// assert(!DiemAccount::exists_at(new_account_address), Errors::invalid_state(ACCOUNT_ALREADY_EXISTS));


DiemAccount::create_validator_account_with_proof(
Expand Down
38 changes: 27 additions & 11 deletions language/diem-framework/modules/doc/DiemAccount.md
Original file line number Diff line number Diff line change
Expand Up @@ -1393,7 +1393,7 @@ Initialize this module. This is only callable from genesis.
difficulty: u64,
security: u64,
):address <b>acquires</b> <a href="DiemAccount.md#0x1_DiemAccount_AccountOperationsCapability">AccountOperationsCapability</a>, <a href="DiemAccount.md#0x1_DiemAccount_Balance">Balance</a>, <a href="DiemAccount.md#0x1_DiemAccount_CumulativeDeposits">CumulativeDeposits</a>, <a href="DiemAccount.md#0x1_DiemAccount">DiemAccount</a> {

// TODO: extract address_duplicated <b>with</b> <a href="TowerState.md#0x1_TowerState_init_miner_state">TowerState::init_miner_state</a>
<b>let</b> (new_account_address, auth_key_prefix) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(challenge);
<b>let</b> new_signer = <a href="DiemAccount.md#0x1_DiemAccount_create_signer">create_signer</a>(new_account_address);
<a href="Roles.md#0x1_Roles_new_user_role_with_proof">Roles::new_user_role_with_proof</a>(&new_signer);
Expand Down Expand Up @@ -1437,8 +1437,6 @@ Initialize this module. This is only callable from genesis.
new_account_authkey_prefix: vector&lt;u8&gt;,
value: u64,
):address <b>acquires</b> <a href="DiemAccount.md#0x1_DiemAccount_AccountOperationsCapability">AccountOperationsCapability</a>, <a href="DiemAccount.md#0x1_DiemAccount_Balance">Balance</a>, <a href="DiemAccount.md#0x1_DiemAccount_CumulativeDeposits">CumulativeDeposits</a>, <a href="DiemAccount.md#0x1_DiemAccount">DiemAccount</a> {

// <b>let</b> (new_account_address, auth_key_prefix) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(challenge);
<b>let</b> new_signer = <a href="DiemAccount.md#0x1_DiemAccount_create_signer">create_signer</a>(new_account);
<a href="Roles.md#0x1_Roles_new_user_role_with_proof">Roles::new_user_role_with_proof</a>(&new_signer);
<a href="../../../../../../move-stdlib/docs/Event.md#0x1_Event_publish_generator">Event::publish_generator</a>(&new_signer);
Expand Down Expand Up @@ -1609,15 +1607,33 @@ Initialize this module. This is only callable from genesis.
<b>let</b> new_signer = <a href="DiemAccount.md#0x1_DiemAccount_create_signer">create_signer</a>(new_account_address);

<b>assert</b>(<a href="DiemAccount.md#0x1_DiemAccount_exists_at">exists_at</a>(new_account_address), <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_not_published">Errors::not_published</a>(<a href="DiemAccount.md#0x1_DiemAccount_EACCOUNT">EACCOUNT</a>));
<b>assert</b>(<a href="TowerState.md#0x1_TowerState_is_init">TowerState::is_init</a>(new_account_address), 120104);
// <b>assert</b>(<a href="TowerState.md#0x1_TowerState_is_init">TowerState::is_init</a>(new_account_address), 120104);
// verifies the <a href="VDF.md#0x1_VDF">VDF</a> proof, since we are not calling <a href="TowerState.md#0x1_TowerState">TowerState</a> init.
<b>let</b> valid = <a href="VDF.md#0x1_VDF_verify">VDF::verify</a>(
challenge,
solution,
&difficulty,
&security,
);
<b>assert</b>(valid, <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_invalid_argument">Errors::invalid_argument</a>(120105));

// <b>if</b> the account already has a tower started just verify the block zero submitted
<b>if</b> (<a href="TowerState.md#0x1_TowerState_is_init">TowerState::is_init</a>(new_account_address)) {
<b>let</b> valid = <a href="VDF.md#0x1_VDF_verify">VDF::verify</a>(
challenge,
solution,
&difficulty,
&security,
);

<b>assert</b>(valid, <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_invalid_argument">Errors::invalid_argument</a>(120105));
} <b>else</b> {
// otherwise initialize this <a href="TowerState.md#0x1_TowerState">TowerState</a> <b>with</b> a block 0.

<b>let</b> proof = <a href="TowerState.md#0x1_TowerState_create_proof_blob">TowerState::create_proof_blob</a>(
*challenge,
*solution,
*&difficulty,
*&security,
);

<a href="TowerState.md#0x1_TowerState_commit_state">TowerState::commit_state</a>(&new_signer, proof);
};



// TODO: Perhaps this needs <b>to</b> be moved <b>to</b> the epoch boundary, so that it is only the VM which can escalate these privileges.
// <a href="Upgrade.md#0x1_Upgrade">Upgrade</a> the user
Expand Down
7 changes: 4 additions & 3 deletions language/diem-framework/modules/doc/TowerState.md
Original file line number Diff line number Diff line change
Expand Up @@ -642,6 +642,10 @@ Permissions: PUBLIC, ANYONE

// This may be the 0th proof of an end user that hasn't had tower state initialized
<b>if</b> (!<a href="TowerState.md#0x1_TowerState_is_init">is_init</a>(miner_addr)) {
// check proof belongs <b>to</b> user.
<b>let</b> (addr_in_proof, _) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(&proof.challenge);
<b>assert</b>(addr_in_proof == <a href="../../../../../../move-stdlib/docs/Signer.md#0x1_Signer_address_of">Signer::address_of</a>(miner_sign), <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_requires_role">Errors::requires_role</a>(130112));

<a href="TowerState.md#0x1_TowerState_init_miner_state">init_miner_state</a>(miner_sign, &proof.challenge, &proof.solution, proof.difficulty, proof.security);
<b>return</b>
};
Expand Down Expand Up @@ -958,9 +962,6 @@ Checks to see if miner submitted enough proofs to be considered compliant
security,
};

// check proof belongs <b>to</b> user.
<b>let</b> (addr_in_proof, _) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(&proof.challenge);
<b>assert</b>(addr_in_proof == <a href="../../../../../../move-stdlib/docs/Signer.md#0x1_Signer_address_of">Signer::address_of</a>(miner_sig), <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_requires_role">Errors::requires_role</a>(130112));

//submit the proof
<a href="TowerState.md#0x1_TowerState_verify_and_update_state">verify_and_update_state</a>(<a href="../../../../../../move-stdlib/docs/Signer.md#0x1_Signer_address_of">Signer::address_of</a>(miner_sig), proof, <b>false</b>);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1393,7 +1393,7 @@ Initialize this module. This is only callable from genesis.
difficulty: u64,
security: u64,
):address <b>acquires</b> <a href="DiemAccount.md#0x1_DiemAccount_AccountOperationsCapability">AccountOperationsCapability</a>, <a href="DiemAccount.md#0x1_DiemAccount_Balance">Balance</a>, <a href="DiemAccount.md#0x1_DiemAccount_CumulativeDeposits">CumulativeDeposits</a>, <a href="DiemAccount.md#0x1_DiemAccount">DiemAccount</a> {

// TODO: extract address_duplicated <b>with</b> <a href="TowerState.md#0x1_TowerState_init_miner_state">TowerState::init_miner_state</a>
<b>let</b> (new_account_address, auth_key_prefix) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(challenge);
<b>let</b> new_signer = <a href="DiemAccount.md#0x1_DiemAccount_create_signer">create_signer</a>(new_account_address);
<a href="Roles.md#0x1_Roles_new_user_role_with_proof">Roles::new_user_role_with_proof</a>(&new_signer);
Expand Down Expand Up @@ -1437,8 +1437,6 @@ Initialize this module. This is only callable from genesis.
new_account_authkey_prefix: vector&lt;u8&gt;,
value: u64,
):address <b>acquires</b> <a href="DiemAccount.md#0x1_DiemAccount_AccountOperationsCapability">AccountOperationsCapability</a>, <a href="DiemAccount.md#0x1_DiemAccount_Balance">Balance</a>, <a href="DiemAccount.md#0x1_DiemAccount_CumulativeDeposits">CumulativeDeposits</a>, <a href="DiemAccount.md#0x1_DiemAccount">DiemAccount</a> {

// <b>let</b> (new_account_address, auth_key_prefix) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(challenge);
<b>let</b> new_signer = <a href="DiemAccount.md#0x1_DiemAccount_create_signer">create_signer</a>(new_account);
<a href="Roles.md#0x1_Roles_new_user_role_with_proof">Roles::new_user_role_with_proof</a>(&new_signer);
<a href="../../../../../../move-stdlib/docs/Event.md#0x1_Event_publish_generator">Event::publish_generator</a>(&new_signer);
Expand Down Expand Up @@ -1609,15 +1607,33 @@ Initialize this module. This is only callable from genesis.
<b>let</b> new_signer = <a href="DiemAccount.md#0x1_DiemAccount_create_signer">create_signer</a>(new_account_address);

<b>assert</b>(<a href="DiemAccount.md#0x1_DiemAccount_exists_at">exists_at</a>(new_account_address), <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_not_published">Errors::not_published</a>(<a href="DiemAccount.md#0x1_DiemAccount_EACCOUNT">EACCOUNT</a>));
<b>assert</b>(<a href="TowerState.md#0x1_TowerState_is_init">TowerState::is_init</a>(new_account_address), 120104);
// <b>assert</b>(<a href="TowerState.md#0x1_TowerState_is_init">TowerState::is_init</a>(new_account_address), 120104);
// verifies the <a href="VDF.md#0x1_VDF">VDF</a> proof, since we are not calling <a href="TowerState.md#0x1_TowerState">TowerState</a> init.
<b>let</b> valid = <a href="VDF.md#0x1_VDF_verify">VDF::verify</a>(
challenge,
solution,
&difficulty,
&security,
);
<b>assert</b>(valid, <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_invalid_argument">Errors::invalid_argument</a>(120105));

// <b>if</b> the account already has a tower started just verify the block zero submitted
<b>if</b> (<a href="TowerState.md#0x1_TowerState_is_init">TowerState::is_init</a>(new_account_address)) {
<b>let</b> valid = <a href="VDF.md#0x1_VDF_verify">VDF::verify</a>(
challenge,
solution,
&difficulty,
&security,
);

<b>assert</b>(valid, <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_invalid_argument">Errors::invalid_argument</a>(120105));
} <b>else</b> {
// otherwise initialize this <a href="TowerState.md#0x1_TowerState">TowerState</a> <b>with</b> a block 0.

<b>let</b> proof = <a href="TowerState.md#0x1_TowerState_create_proof_blob">TowerState::create_proof_blob</a>(
*challenge,
*solution,
*&difficulty,
*&security,
);

<a href="TowerState.md#0x1_TowerState_commit_state">TowerState::commit_state</a>(&new_signer, proof);
};



// TODO: Perhaps this needs <b>to</b> be moved <b>to</b> the epoch boundary, so that it is only the VM which can escalate these privileges.
// <a href="Upgrade.md#0x1_Upgrade">Upgrade</a> the user
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -642,6 +642,10 @@ Permissions: PUBLIC, ANYONE

// This may be the 0th proof of an end user that hasn't had tower state initialized
<b>if</b> (!<a href="TowerState.md#0x1_TowerState_is_init">is_init</a>(miner_addr)) {
// check proof belongs <b>to</b> user.
<b>let</b> (addr_in_proof, _) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(&proof.challenge);
<b>assert</b>(addr_in_proof == <a href="../../../../../../move-stdlib/docs/Signer.md#0x1_Signer_address_of">Signer::address_of</a>(miner_sign), <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_requires_role">Errors::requires_role</a>(130112));

<a href="TowerState.md#0x1_TowerState_init_miner_state">init_miner_state</a>(miner_sign, &proof.challenge, &proof.solution, proof.difficulty, proof.security);
<b>return</b>
};
Expand Down Expand Up @@ -958,9 +962,6 @@ Checks to see if miner submitted enough proofs to be considered compliant
security,
};

// check proof belongs <b>to</b> user.
<b>let</b> (addr_in_proof, _) = <a href="VDF.md#0x1_VDF_extract_address_from_challenge">VDF::extract_address_from_challenge</a>(&proof.challenge);
<b>assert</b>(addr_in_proof == <a href="../../../../../../move-stdlib/docs/Signer.md#0x1_Signer_address_of">Signer::address_of</a>(miner_sig), <a href="../../../../../../move-stdlib/docs/Errors.md#0x1_Errors_requires_role">Errors::requires_role</a>(130112));

//submit the proof
<a href="TowerState.md#0x1_TowerState_verify_and_update_state">verify_and_update_state</a>(<a href="../../../../../../move-stdlib/docs/Signer.md#0x1_Signer_address_of">Signer::address_of</a>(miner_sig), proof, <b>false</b>);
Expand Down
Binary file not shown.
Binary file not shown.
Binary file modified language/diem-framework/staged/stdlib.mv
Binary file not shown.
61 changes: 0 additions & 61 deletions ol/txs/src/commands/create_account_cmd.depr

This file was deleted.

38 changes: 38 additions & 0 deletions ol/util/vfn.node.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
base:
data_dir: "/opt/diem/data"
role: "full_node"
waypoint:
from_storage:
type: "vault"
server: "https://127.0.0.1:8200"
ca_certificate: "/full/path/to/certificate"
token:
from_disk: "/full/path/to/token"

execution:
genesis_file_location: "relative/path/to/genesis"

full_node_networks:
- listen_address: "/ip4/0.0.0.0/tcp/6180"
discovery_method: "onchain"
identity:
type: "from_storage"
key_name: "fullnode_network"
peer_id_name: "operator_account"
backend:
type: "vault"
server: "https://127.0.0.1:8200"
ca_certificate: "/full/path/to/certificate"
token:
from_disk: "/full/path/to/token"
network_id: "public"
- listen_address: "/ip4/0.0.0.0/tcp/7180"
max_outbound_connections: 1
network_id:
private: "vfn"
seeds:
"c227da54069989f283712e4016704660":
addresses:
- "/ip4/127.0.0.1/tcp/58259/ln-noise-ik/c998dcd54c3daf48e0ad516d94b7be0b0b7a27caa00541f2b2c14b13500df10b/ln-handshake/0"
keys: ["c998dcd54c3daf48e0ad516d94b7be0b0b7a27caa00541f2b2c14b13500df10b"]
role: "Validator"

0 comments on commit 2f67d49

Please sign in to comment.