onflow
[BFT] Authorize execution data requests over bitswap
ENs and ANs use bitswap to share ExecutionData within the staked network. To support permissionless nodes, all messages must be authorized to the specific node/roles that are allowed to participate.
This PR adds an authorization check to all ExecutionData requests over bitswap. It also adds configuration to Execution nodes that allows them to specify an allow list of nodes that can request ExecutionData directly. This enable additional options for handling malicious peers, as well as scaling the execution sync protocol.
Codecov Report
Merging #3373 (8d2546e) into master (0f23f96) will decrease coverage by
0.06%. The diff coverage is48.61%.
@@ Coverage Diff @@
## master #3373 +/- ##
==========================================
- Coverage 55.45% 55.38% -0.07%
==========================================
Files 752 753 +1
Lines 68282 68481 +199
==========================================
+ Hits 37866 37929 +63
- Misses 27341 27481 +140
+ Partials 3075 3071 -4
| Flag | Coverage Δ | |
|---|---|---|
| unittests | 55.38% <48.61%> (-0.07%) |
:arrow_down: |
Flags with carried forward coverage won't be shown. Click here to find out more.
| Impacted Files | Coverage Δ | |
|---|---|---|
| cmd/execution_builder.go | 0.00% <0.00%> (ø) |
|
| cmd/execution_config.go | 0.00% <0.00%> (ø) |
|
| network/p2p/blob/blob_service.go | 22.72% <100.00%> (ø) |
|
| fvm/transactionVerifier.go | 77.90% <0.00%> (-2.10%) |
:arrow_down: |
| insecure/corruptnet/network.go | 58.20% <0.00%> (-0.60%) |
:arrow_down: |
| fvm/errors/txVerifier.go | 17.77% <0.00%> (ø) |
|
| engine/common/synchronization/engine.go | 73.30% <0.00%> (ø) |
|
| fvm/environment/contract_updater.go | 67.54% <0.00%> (+0.65%) |
:arrow_up: |
| consensus/hotstuff/eventloop/event_loop.go | 74.82% <0.00%> (+1.36%) |
:arrow_up: |
| ... and 4 more |
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.
Build succeeded:
- Integration Tests (make -C integration access-tests)
- Integration Tests (make -C integration bft-tests)
- Integration Tests (make -C integration collection-tests)
- Integration Tests (make -C integration consensus-tests)
- Integration Tests (make -C integration epochs-tests)
- Integration Tests (make -C integration execution-tests)
- Integration Tests (make -C integration ghost-tests)
- Integration Tests (make -C integration mvp-tests)
- Integration Tests (make -C integration network-tests)
- Integration Tests (make -C integration verification-tests)
- Lint (./)
- Lint (./crypto/)
- Lint (./integration/)
- Unit Tests (access)
- Unit Tests (admin)
- Unit Tests (cmd)
- Unit Tests (consensus)
- Unit Tests (engine)
- Unit Tests (fvm)
- Unit Tests (ledger)
- Unit Tests (module)
- Unit Tests (network)
- Unit Tests (others)
- Unit Tests (utils)
![bors[bot] avatar](https://avatars.githubusercontent.com/in/1847?v=4 "Published by a pub.dev verified publisher"){kind=small}