Mesh the boot node directly from t0. The BIOS Boot node should be behind

a big firewall, with outgoing connections open, but incoming blocked. More input validation on `target_p2p_address`. Destroy accounts: do proper resignment of accounts, Removed the `hook_boot_connect_mesh.sh` as it now meshes from the start.
eoscanada · May 23, 2018 · f5e0cc4 · f5e0cc4
1 parent c89f3a6
commit f5e0cc4
Show file tree

Hide file tree

Showing 7 changed files with 71 additions and 62 deletions.
diff --git a/bios/bios.go b/bios/bios.go
@@ -260,7 +260,9 @@ func (b *BIOS) RunBootSequence() error {
 		}
 	}
 
-	if err := b.DispatchBootNode(genesisData, pubKey.String(), privKey); err != nil {
+	orderedPeers := b.Network.OrderedPeers(b.Network.MyNetwork())
+	otherPeers := b.someTopmostPeersAddresses(orderedPeers)
+	if err := b.DispatchBootNode(genesisData, pubKey.String(), privKey, otherPeers); err != nil {
 		return fmt.Errorf("dispatch boot_node hook: %s", err)
 	}
 
@@ -324,13 +326,6 @@ func (b *BIOS) RunBootSequence() error {
 		os.Exit(0)
 	}
 
-	orderedPeers := b.Network.OrderedPeers(b.Network.MyNetwork())
-
-	otherPeers := b.someTopmostPeersAddresses(orderedPeers)
-	if err := b.DispatchBootConnectMesh(otherPeers); err != nil {
-		return fmt.Errorf("dispatch boot_connect_mesh: %s", err)
-	}
-
 	if err := b.DispatchBootPublishHandoff(); err != nil {
 		return fmt.Errorf("dispatch boot_publish_handoff: %s", err)
 	}

diff --git a/bios/discovery.go b/bios/discovery.go
@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
+	"regexp"
 	"strings"
 
 	"github.com/eoscanada/eos-bios/bios/disco"
@@ -33,6 +34,8 @@ func ValidateDiscoveryFile(filename string) error {
 	return ValidateDiscovery(discovery)
 }
 
+var p2pAddressRE = regexp.MustCompile(`[a-zA-Z0-9.:-]`)
+
 func ValidateDiscovery(discovery *disco.Discovery) error {
 	for _, peer := range discovery.SeedNetworkPeers {
 		if peer.Weight > 100 || peer.Weight < 0 {
@@ -52,16 +55,16 @@ func ValidateDiscovery(discovery *disco.Discovery) error {
 		return errors.New("target_account_name should not contain '.'")
 	}
 
+	if strings.Contains(discovery.TargetP2PAddress, "://") {
+		return fmt.Errorf("target_p2p_address should be of format ip:port, not prefixed with a protocol")
+	}
+
 	if !strings.Contains(discovery.TargetP2PAddress, ":") {
 		return errors.New("target_p2p_address doesn't contain port number")
 	}
 
-	// if strings.Contains(discovery.TargetP2PAddress, "example.com") {
-	// 	return errors.New("target_p2p_address contains an example.com domain, are you sure about that?")
-	// }
-
-	if strings.Contains(discovery.TargetP2PAddress, "://") {
-		return fmt.Errorf("target_p2p_address should be of format ip:port, not prefixed with a protocol")
+	if !p2pAddressRE.MatchString(discovery.TargetP2PAddress) {
+		return errors.New("target_p2p_address is weird, should contain only [a-zA-Z0-9.:-]")
 	}
 
 	if !strings.Contains(discovery.TargetHTTPAddress, "://") {

diff --git a/bios/hooks.go b/bios/hooks.go
@@ -24,16 +24,11 @@ func (b *BIOS) DispatchBootPublishGenesis(genesisJSON string) error {
 	}, nil)
 }
 
-func (b *BIOS) DispatchBootNode(genesisJSON, publicKey, privateKey string) error {
+func (b *BIOS) DispatchBootNode(genesisJSON, publicKey, privateKey string, otherPeers []string) error {
 	return b.dispatch("boot_node", []string{
 		genesisJSON,
 		publicKey,
 		privateKey,
-	}, nil)
-}
-
-func (b *BIOS) DispatchBootConnectMesh(otherPeers []string) error {
-	return b.dispatch("boot_connect_mesh", []string{
 		"p2p-peer-address = " + strings.Join(otherPeers, "\np2p-peer-address = "),
 		strings.Join(otherPeers, ","),
 	}, nil)

diff --git a/bios/ops.go b/bios/ops.go
@@ -458,34 +458,74 @@ func (op *OpDestroyAccounts) ResetTestnetOptions() {
 
 func (op *OpDestroyAccounts) Actions(b *BIOS) (out []*eos.Action, err error) {
 	if op.TestnetKeepAccounts {
-		b.Log.Debugln("DEBUG: Keeping system account around, for testing purposes.")
+		b.Log.Debugln("DEBUG: Keeping system accounts around, for testing purposes.")
 		return
 	}
 
-	nullKey := ecc.PublicKey{Curve: ecc.CurveK1, Content: make([]byte, 33, 33)}
+	systemAccount := AN("eosio")
+	prodsAccount := AN("eosio.prods") // this is a special system account that is granted by 2/3 + 1 of the current BP schedule.
+
+	//nullKey := ecc.PublicKey{Curve: ecc.CurveK1, Content: make([]byte, 33, 33)}
 	for _, acct := range op.Accounts {
+		if acct == systemAccount {
+			continue // special treatment for `eosio` below
+		}
 		out = append(out,
 			system.NewUpdateAuth(acct, PN("active"), PN("owner"), eos.Authority{
 				Threshold: 1,
-				Keys: []eos.KeyWeight{
-					{
-						PublicKey: nullKey,
-						Weight:    1,
+				Accounts: []eos.PermissionLevelWeight{
+					eos.PermissionLevelWeight{
+						Permission: eos.PermissionLevel{
+							Actor:      AN("eosio"),
+							Permission: PN("active"),
+						},
+						Weight: 1,
 					},
 				},
 			}, PN("active")),
 			system.NewUpdateAuth(acct, PN("owner"), PN(""), eos.Authority{
 				Threshold: 1,
-				Keys: []eos.KeyWeight{
-					{
-						PublicKey: nullKey,
-						Weight:    1,
+				Accounts: []eos.PermissionLevelWeight{
+					eos.PermissionLevelWeight{
+						Permission: eos.PermissionLevel{
+							Actor:      AN("eosio"),
+							Permission: PN("active"),
+						},
+						Weight: 1,
 					},
 				},
 			}, PN("owner")),
 			nil, // end transaction
 		)
-		// unregister the producer at the same time ?
 	}
+
+	out = append(out,
+		system.NewUpdateAuth(systemAccount, PN("active"), PN("owner"), eos.Authority{
+			Threshold: 1,
+			Accounts: []eos.PermissionLevelWeight{
+				eos.PermissionLevelWeight{
+					Permission: eos.PermissionLevel{
+						Actor:      prodsAccount,
+						Permission: PN("active"),
+					},
+					Weight: 1,
+				},
+			},
+		}, PN("active")),
+		system.NewUpdateAuth(systemAccount, PN("owner"), PN(""), eos.Authority{
+			Threshold: 1,
+			Accounts: []eos.PermissionLevelWeight{
+				eos.PermissionLevelWeight{
+					Permission: eos.PermissionLevel{
+						Actor:      prodsAccount,
+						Permission: PN("active"),
+					},
+					Weight: 1,
+				},
+			},
+		}, PN("owner")),
+		nil, // end transaction
+	)
+
 	return
 }
diff --git a/files/boot_sequence.yaml b/files/boot_sequence.yaml
@@ -5,6 +5,9 @@ boot_sequence:
     account: eosio
     contract_name_ref: eosio.bios
 
+- op: system.setprods
+  label: Setting the initial Appointed Block Producer schedule
+
 - op: system.newaccount
   label: Create account b1 (to match `validate_b1_vesting` in system contract)
   data:
@@ -122,20 +125,11 @@ boot_sequence:
   data:
     TESTNET_TRUNCATE_SNAPSHOT: 50
 
-- op: system.setprods
-  label: Setting the initial Appointed Block Producer schedule
-
-# - op: producers.register
-#   label: Register all producers with their declared key, URL and location
-
 - op: system.destroy_accounts
-  label: Disabling authorization for system accounts
+  label: Disabling authorization for system accounts, pointing `eosio` to the `eosio.prods` system account.
   data:
     accounts:
-    #- eosio
     - eosio.msig
     - eosio.token
     - eosio.disco
     - eosio.unregd
-
-# TODO: also destroy the signing capability of `eosio`.. or `unregproducer` for `eosio`.
diff --git a/sample_config/hook_boot_connect_mesh.sh b/sample_config/hook_boot_connect_mesh.sh
diff --git a/sample_config/hook_boot_node.sh b/sample_config/hook_boot_node.sh
@@ -4,6 +4,8 @@
 # $1 genesis JSON
 # $2 ephemeral public key
 # $3 ephemeral private key
+# $4 = p2p_address_statements like "p2p-peer-address = 1.2.3.4\np2p-peer-address=2.3.4.5"
+# $5 = p2p_addresses to connect to, split by comma
 #
 # This process must not BLOCK.
 
@@ -16,6 +18,7 @@ echo $1 > genesis.json
 echo "producer-name = eosio" >> config.ini
 echo "enable-stale-production = true" >> config.ini
 echo "private-key = [\"$2\",\"$3\"]" >> config.ini
+echo "$4" >> config.ini
 
 echo "Removing old nodeos data (you might be asked for your sudo password)..."
 sudo rm -rf /tmp/nodeos-data