From bee55ed9207f16153c3fd8ebf73c219e68685def Mon Sep 17 00:00:00 2001 From: pschork <354473+pschork@users.noreply.github.com> Date: Mon, 28 Oct 2024 15:31:33 -0700 Subject: [PATCH] Normalize allowlist lookups to use lowercase non-checksummed authenticated address (#838) --- disperser/apiserver/config.go | 7 +++++-- disperser/apiserver/server.go | 5 +++++ disperser/apiserver/server_test.go | 32 ++++++++++++++++++++++++++++-- 3 files changed, 40 insertions(+), 4 deletions(-) diff --git a/disperser/apiserver/config.go b/disperser/apiserver/config.go index a4121427d3..947e45ac95 100644 --- a/disperser/apiserver/config.go +++ b/disperser/apiserver/config.go @@ -8,6 +8,7 @@ import ( "log" "os" "strconv" + "strings" "time" "github.com/Layr-Labs/eigenda/common" @@ -164,9 +165,11 @@ func ReadAllowlistFromFile(f string) (Allowlist, error) { } for _, entry := range allowlistEntries { - rateInfoByQuorum, ok := allowlist[entry.Account] + // normalize to lowercase (non-checksummed) address or IP address + account := strings.ToLower(entry.Account) + rateInfoByQuorum, ok := allowlist[account] if !ok { - allowlist[entry.Account] = map[core.QuorumID]PerUserRateInfo{ + allowlist[account] = map[core.QuorumID]PerUserRateInfo{ core.QuorumID(entry.QuorumID): { Name: entry.Name, Throughput: common.RateParam(entry.ByteRate), diff --git a/disperser/apiserver/server.go b/disperser/apiserver/server.go index dea50ee6db..78720ee82d 100644 --- a/disperser/apiserver/server.go +++ b/disperser/apiserver/server.go @@ -325,6 +325,9 @@ func (s *DispersalServer) getAccountRate(origin, authenticatedAddress string, qu // Check if the address is in the allowlist if len(authenticatedAddress) > 0 { + // normalize to lowercase (non-checksummed) address or IP address + authenticatedAddress = strings.ToLower(authenticatedAddress) + quorumRates, ok := s.rateConfig.Allowlist[authenticatedAddress] if ok { rateInfo, ok := quorumRates[quorumID] @@ -339,6 +342,8 @@ func (s *DispersalServer) getAccountRate(origin, authenticatedAddress string, qu rates.Name = rateInfo.Name return rates, key, nil } + } else { + s.logger.Warn("authenticated address not found in allowlist", "authenticatedAddress", authenticatedAddress) } } diff --git a/disperser/apiserver/server_test.go b/disperser/apiserver/server_test.go index f55ae90829..c37c60cd9f 100644 --- a/disperser/apiserver/server_test.go +++ b/disperser/apiserver/server_test.go @@ -453,6 +453,13 @@ func TestParseAllowlist(t *testing.T) { "quorumID": 1, "blobRate": 0.1, "byteRate": 4092 + }, + { + "name": "bar", + "account": "0xcb14cFAaC122E52024232583e7354589AedE74Ff", + "quorumID": 1, + "blobRate": 0.1, + "byteRate": 4092 } ] `) @@ -466,7 +473,6 @@ func TestParseAllowlist(t *testing.T) { assert.Contains(t, rateConfig.Allowlist, "5.5.5.5") assert.Contains(t, rateConfig.Allowlist["0.1.2.3"], uint8(0)) assert.Contains(t, rateConfig.Allowlist["0.1.2.3"], uint8(1)) - assert.Contains(t, rateConfig.Allowlist["5.5.5.5"], uint8(1)) assert.NotContains(t, rateConfig.Allowlist["5.5.5.5"], uint8(0)) assert.Equal(t, rateConfig.Allowlist["0.1.2.3"][0].Name, "eigenlabs") assert.Equal(t, rateConfig.Allowlist["0.1.2.3"][0].BlobRate, uint32(0.01*1e6)) @@ -477,6 +483,13 @@ func TestParseAllowlist(t *testing.T) { assert.Equal(t, rateConfig.Allowlist["5.5.5.5"][1].Name, "foo") assert.Equal(t, rateConfig.Allowlist["5.5.5.5"][1].BlobRate, uint32(0.1*1e6)) assert.Equal(t, rateConfig.Allowlist["5.5.5.5"][1].Throughput, uint32(4092)) + + // verify checksummed address is normalized to lowercase + assert.Contains(t, rateConfig.Allowlist, "0xcb14cfaac122e52024232583e7354589aede74ff") + assert.Contains(t, rateConfig.Allowlist["0xcb14cfaac122e52024232583e7354589aede74ff"], uint8(1)) + assert.Equal(t, rateConfig.Allowlist["0xcb14cfaac122e52024232583e7354589aede74ff"][1].Name, "bar") + assert.Equal(t, rateConfig.Allowlist["0xcb14cfaac122e52024232583e7354589aede74ff"][1].BlobRate, uint32(0.1*1e6)) + assert.Equal(t, rateConfig.Allowlist["0xcb14cfaac122e52024232583e7354589aede74ff"][1].Throughput, uint32(4092)) } func TestLoadAllowlistFromFile(t *testing.T) { @@ -513,6 +526,7 @@ func TestLoadAllowlistFromFile(t *testing.T) { assert.Contains(t, al["0.1.2.3"], uint8(1)) assert.Contains(t, al["5.5.5.5"], uint8(1)) assert.NotContains(t, al["5.5.5.5"], uint8(0)) + assert.NotContains(t, al, "0xcb14cfaac122e52024232583e7354589aede74ff") assert.Equal(t, al["0.1.2.3"][0].Name, "eigenlabs") assert.Equal(t, al["0.1.2.3"][0].BlobRate, uint32(0.01*1e6)) assert.Equal(t, al["0.1.2.3"][0].Throughput, uint32(1024)) @@ -538,6 +552,13 @@ func TestLoadAllowlistFromFile(t *testing.T) { "quorumID": 1, "blobRate": 1, "byteRate": 1234 + }, + { + "name": "bar", + "account": "0xcb14cFAaC122E52024232583e7354589AedE74Ff", + "quorumID": 1, + "blobRate": 0.1, + "byteRate": 4092 } ] `) @@ -556,6 +577,13 @@ func TestLoadAllowlistFromFile(t *testing.T) { assert.Equal(t, al["7.7.7.7"][1].Name, "world") assert.Equal(t, al["7.7.7.7"][1].BlobRate, uint32(1*1e6)) assert.Equal(t, al["7.7.7.7"][1].Throughput, uint32(1234)) + + // verify checksummed address is normalized to lowercase + assert.Contains(t, al, "0xcb14cfaac122e52024232583e7354589aede74ff") + assert.Contains(t, al["0xcb14cfaac122e52024232583e7354589aede74ff"], uint8(1)) + assert.Equal(t, al["0xcb14cfaac122e52024232583e7354589aede74ff"][1].Name, "bar") + assert.Equal(t, al["0xcb14cfaac122e52024232583e7354589aede74ff"][1].BlobRate, uint32(0.1*1e6)) + assert.Equal(t, al["0xcb14cfaac122e52024232583e7354589aede74ff"][1].Throughput, uint32(4092)) } func overwriteFile(t *testing.T, f *os.File, content string) { @@ -677,7 +705,7 @@ func newTestServer(transactor core.Writer) *apiserver.DispersalServer { BlobRate: 5 * 1e6, }, }, - "0x1aa8226f6d354380dDE75eE6B634875c4203e522": map[uint8]apiserver.PerUserRateInfo{ + "0x1aa8226f6d354380dde75ee6b634875c4203e522": map[uint8]apiserver.PerUserRateInfo{ 0: { Name: "eigenlabs", Throughput: 100 * 1024,