quorums_dkgsession.h

Go to the documentation of this file.

// Copyright (c) 2018-2021 The Dash Core developers
// Copyright (c) 2022 The PIVX Core developers
// Distributed under the MIT/X11 software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
 
#ifndef PIVX_LLMQ_QUORUMS_DKGSESSION_H
#define PIVX_LLMQ_QUORUMS_DKGSESSION_H
 
#include "bls/bls_ies.h"
#include "bls/bls_worker.h"
#include "consensus/params.h"
#include "evo/deterministicmns.h"
#include "net.h"
#include "llmq/quorums_utils.h"
#include "logging.h"
 
class UniValue;
 
namespace llmq
{
 
class CFinalCommitment;
class CDKGSession;
class CDKGSessionManager;
class CDKGPendingMessages;
 
class CDKGLogger : public CBatchedLogger
{
public:
    CDKGLogger(const CDKGSession& _quorumDkg, const std::string& _func);
    CDKGLogger(const std::string& _llmqTypeName, const uint256& _quorumHash, int _height, bool _areWeMember, const std::string& _func);
};
 
class CDKGContribution
{
public:
    uint8_t llmqType;
    uint256 quorumHash;
    uint256 proTxHash;
    BLSVerificationVectorPtr vvec;
    std::shared_ptr<CBLSIESMultiRecipientObjects<CBLSSecretKey>> contributions;
    CBLSSignature sig;
 
public:
    template<typename Stream>
    inline void SerializeWithoutSig(Stream& s) const
    {
        s << llmqType;
        s << quorumHash;
        s << proTxHash;
        s << *vvec;
        s << *contributions;
    }
    template<typename Stream>
    inline void Serialize(Stream& s) const
    {
        SerializeWithoutSig(s);
        s << sig;
    }
    template<typename Stream>
    inline void Unserialize(Stream& s)
    {
        BLSVerificationVector tmp1;
        CBLSIESMultiRecipientObjects<CBLSSecretKey> tmp2;
 
        s >> llmqType;
        s >> quorumHash;
        s >> proTxHash;
        s >> tmp1;
        s >> tmp2;
        s >> sig;
 
        vvec = std::make_shared<BLSVerificationVector>(std::move(tmp1));
        contributions = std::make_shared<CBLSIESMultiRecipientObjects<CBLSSecretKey>>(std::move(tmp2));
    }
 
    uint256 GetSignHash() const
    {
        CHashWriter hw(SER_GETHASH, 0);
        SerializeWithoutSig(hw);
        hw << CBLSSignature();
        return hw.GetHash();
    }
};
 
class CDKGComplaint
{
public:
    uint8_t llmqType;
    uint256 quorumHash;
    uint256 proTxHash;
    std::vector<bool> badMembers;
    std::vector<bool> complainForMembers;
    CBLSSignature sig;
 
public:
    CDKGComplaint() {}
    explicit CDKGComplaint(const Consensus::LLMQParams& params);
 
    SERIALIZE_METHODS(CDKGComplaint, obj)
    {
        READWRITE(obj.llmqType);
        READWRITE(obj.quorumHash);
        READWRITE(obj.proTxHash);
        READWRITE(DYNBITSET(obj.badMembers));
        READWRITE(DYNBITSET(obj.complainForMembers));
        READWRITE(obj.sig);
    }
 
    uint256 GetSignHash() const
    {
        CDKGComplaint tmp(*this);
        tmp.sig = CBLSSignature();
        return ::SerializeHash(tmp);
    }
};
 
class CDKGJustification
{
public:
    uint8_t llmqType;
    uint256 quorumHash;
    uint256 proTxHash;
    std::vector<std::pair<uint32_t, CBLSSecretKey>> contributions;
    CBLSSignature sig;
 
public:
 
    SERIALIZE_METHODS(CDKGJustification, obj)
    {
        READWRITE(obj.llmqType);
        READWRITE(obj.quorumHash);
        READWRITE(obj.proTxHash);
        READWRITE(obj.contributions);
        READWRITE(obj.sig);
    }
 
    uint256 GetSignHash() const
    {
        CDKGJustification tmp(*this);
        tmp.sig = CBLSSignature();
        return ::SerializeHash(tmp);
    }
};
 
// each member commits to a single set of valid members with this message
// then each node aggregate all received premature commitments
// into a single CFinalCommitment, which is only valid if
// enough (>=minSize) premature commitments were aggregated
class CDKGPrematureCommitment
{
public:
    uint8_t llmqType;
    uint256 quorumHash;
    uint256 proTxHash;
    std::vector<bool> validMembers;
 
    CBLSPublicKey quorumPublicKey;
    uint256 quorumVvecHash;
 
    CBLSSignature quorumSig; // threshold sig share of quorumHash+validMembers+pubKeyHash+vvecHash
    CBLSSignature sig; // single member sig of quorumHash+validMembers+pubKeyHash+vvecHash
 
public:
    CDKGPrematureCommitment() {}
    explicit CDKGPrematureCommitment(const Consensus::LLMQParams& params);
 
    int CountValidMembers() const
    {
        return (int)std::count(validMembers.begin(), validMembers.end(), true);
    }
 
public:
 
    SERIALIZE_METHODS(CDKGPrematureCommitment, obj)
    {
        READWRITE(obj.llmqType);
        READWRITE(obj.quorumHash);
        READWRITE(obj.proTxHash);
        READWRITE(DYNBITSET(obj.validMembers));
        READWRITE(obj.quorumPublicKey);
        READWRITE(obj.quorumVvecHash);
        READWRITE(obj.quorumSig);
        READWRITE(obj.sig);
    }
 
    uint256 GetSignHash() const
    {
        return utils::BuildCommitmentHash((Consensus::LLMQType)llmqType, quorumHash, validMembers, quorumPublicKey, quorumVvecHash);
    }
};
 
class CDKGMember
{
public:
    CDKGMember(CDeterministicMNCPtr _dmn, size_t _idx);
 
    CDeterministicMNCPtr dmn;
    size_t idx;
    CBLSId id;
 
    std::set<uint256> contributions;
    std::set<uint256> complaints;
    std::set<uint256> justifications;
    std::set<uint256> prematureCommitments;
 
    std::set<uint256> badMemberVotes;
    std::set<uint256> complaintsFromOthers;
 
    bool bad{false};
    bool weComplain{false};
    bool someoneComplain{false};
};
 
class CDKGSession
{
    friend class CDKGSessionHandler;
    friend class CDKGSessionManager;
    friend class CDKGLogger;
    template<typename Message> friend class CDKGMessageHandler;
 
private:
    const Consensus::LLMQParams& params;
 
    CBLSWorker& blsWorker;
    CBLSWorkerCache cache;
    CDKGSessionManager& dkgManager;
 
    const CBlockIndex* pindexQuorum;
 
    std::vector<std::unique_ptr<CDKGMember>> members;
    std::map<uint256, size_t> membersMap;
    std::set<uint256> relayMembers;
    BLSVerificationVectorPtr vvecContribution;
    BLSSecretKeyVector skContributions;
 
    BLSIdVector memberIds;
    std::vector<BLSVerificationVectorPtr> receivedVvecs;
    // these are not necessarily verified yet. Only trust in what was written to the DB
    BLSSecretKeyVector receivedSkContributions;
 
    uint256 myProTxHash;
    CBLSId myId;
    size_t myIdx{(size_t)-1};
 
    // all indexed by msg hash
    // we expect to only receive a single vvec and contribution per member, but we must also be able to relay
    // conflicting messages as otherwise an attacker might be able to broadcast conflicting (valid+invalid) messages
    // and thus split the quorum. Such members are later removed from the quorum.
    mutable RecursiveMutex invCs;
    std::map<uint256, CDKGContribution> contributions;
    std::map<uint256, CDKGComplaint> complaints;
    std::map<uint256, CDKGJustification> justifications;
    std::map<uint256, CDKGPrematureCommitment> prematureCommitments;
 
    std::set<uint256> seenMessages;
 
    std::vector<size_t> pendingContributionVerifications;
 
    // filled by ReceivePrematureCommitment and used by FinalizeCommitments
    std::set<uint256> validCommitments;
 
public:
    CDKGSession(const Consensus::LLMQParams& _params, CBLSWorker& _blsWorker, CDKGSessionManager& _dkgManager) :
        params(_params), blsWorker(_blsWorker), cache(_blsWorker), dkgManager(_dkgManager) {}
 
    bool Init(const CBlockIndex* _pindexQuorum, const std::vector<CDeterministicMNCPtr>& mns, const uint256& _myProTxHash);
 
    size_t GetMyMemberIndex() const { return myIdx; }
 
    // Phase 1: contribution
    void Contribute(CDKGPendingMessages& pendingMessages);
    void SendContributions(CDKGPendingMessages& pendingMessages);
    bool PreVerifyMessage(const CDKGContribution& qc, bool& retBan) const;
    void ReceiveMessage(const uint256& hash, const CDKGContribution& qc, bool& retBan);
    void VerifyPendingContributions();
 
    // Phase 2: complaint
    void VerifyAndComplain(CDKGPendingMessages& pendingMessages);
    void VerifyConnectionAndMinProtoVersions();
    void SendComplaint(CDKGPendingMessages& pendingMessages);
    bool PreVerifyMessage(const CDKGComplaint& qc, bool& retBan) const;
    void ReceiveMessage(const uint256& hash, const CDKGComplaint& qc, bool& retBan);
 
    // Phase 3: justification
    void VerifyAndJustify(CDKGPendingMessages& pendingMessages);
    void SendJustification(CDKGPendingMessages& pendingMessages, const std::set<uint256>& forMembers);
    bool PreVerifyMessage(const CDKGJustification& qj, bool& retBan) const;
    void ReceiveMessage(const uint256& hash, const CDKGJustification& qj, bool& retBan);
 
    // Phase 4: commit
    void VerifyAndCommit(CDKGPendingMessages& pendingMessages);
    void SendCommitment(CDKGPendingMessages& pendingMessages);
    bool PreVerifyMessage(const CDKGPrematureCommitment& qc, bool& retBan) const;
    void ReceiveMessage(const uint256& hash, const CDKGPrematureCommitment& qc, bool& retBan);
 
    // Phase 5: aggregate/finalize
    std::vector<CFinalCommitment> FinalizeCommitments();
 
    bool AreWeMember() const { return !myProTxHash.IsNull(); }
    void MarkBadMember(CDKGMember* member);
 
    void RelayInvToParticipants(const CInv& inv) const;
 
    CDKGMember* GetMember(const uint256& proTxHash) const;
 
private:
    bool ShouldSimulateError(const std::string& error_type);
};
 
// Return false if error_type is not found
bool SetSimulatedDKGErrorRate(const std::string& error_type, double rate);
 
}
 
#endif // PIVX_LLMQ_QUORUMS_DKGSESSION_H