Peerplays_Blockchain/peerplays_migrated
1
0
Fork 0
Code Issues 35 Pull requests 4 Projects Releases 20 Packages Wiki Activity Actions

improve authority checking performance, adding automatic transaction signing helpers

Browse source
This commit is contained in:
Daniel Larimer 2015-07-10 15:56:44 -04:00
parent 0f6e5a74cd
commit e8d2b45d67
3 changed files with 211 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
libraries/chain/include/graphene/chain/protocol/transaction.hpp
View file

@ -114,7 +114,7 @@ namespace graphene { namespace chain {
op.visit( std::forward<Visitor>( visitor ) ); op.visit( std::forward<Visitor>( visitor ) );
} }
void get_required_authorities( flat_set<account_id_type>& active, flat_set<account_id_type>& owner, vector<authority>& other ); void get_required_authorities( flat_set<account_id_type>& active, flat_set<account_id_type>& owner, vector<authority>& other )const;
protected: protected:
// Intentionally unreflected: does not go on wire // Intentionally unreflected: does not go on wire
@ -129,7 +129,23 @@ namespace graphene { namespace chain {
signed_transaction( const transaction& trx = transaction() ) signed_transaction( const transaction& trx = transaction() )
: transaction(trx){} : transaction(trx){}
void sign( const private_key_type& key ); /** signs and appends to signatures */
const signature_type& sign( const private_key_type& key );
/** returns signature but does not append */
signature_type sign( const private_key_type& key )const;
/**
* Given a set of private keys sign this transaction with a minimial subset of required keys.
*
* @pram get_auth - used to fetch the active authority required for an account referenced by another authority
*/
void sign( const vector<private_key_type>& keys,
const std::function<const authority*(account_id_type)>& get_active,
const std::function<const authority*(account_id_type)>& get_owner );
bool verify( const std::function<const authority*(account_id_type)>& get_active,
const std::function<const authority*(account_id_type)>& get_owner )const;
vector<signature_type> signatures; vector<signature_type> signatures;

170
libraries/chain/protocol/transaction.cpp
View file

@ -63,16 +63,27 @@ graphene::chain::transaction_id_type graphene::chain::transaction::id() const
return result; return result;
} }
void graphene::chain::signed_transaction::sign(const private_key_type& key) const signature_type& graphene::chain::signed_transaction::sign(const private_key_type& key)
{ {
if( relative_expiration != 0 ) if( relative_expiration != 0 )
{ {
// Relative expiration is set, meaning we must include the block ID in the signature // Relative expiration is set, meaning we must include the block ID in the signature
assert(block_id_cache.valid()); FC_ASSERT(block_id_cache.valid());
signatures.push_back(key.sign_compact(digest(*block_id_cache))); signatures.push_back(key.sign_compact(digest(*block_id_cache)));
} else { } else {
signatures.push_back(key.sign_compact(digest())); signatures.push_back(key.sign_compact(digest()));
} }
return signatures.back();
}
signature_type graphene::chain::signed_transaction::sign(const private_key_type& key)const
{
if( relative_expiration != 0 )
{
// Relative expiration is set, meaning we must include the block ID in the signature
FC_ASSERT(block_id_cache.valid());
return key.sign_compact(digest(*block_id_cache));
}
return key.sign_compact(digest());
} }
void transaction::set_expiration( fc::time_point_sec expiration_time ) void transaction::set_expiration( fc::time_point_sec expiration_time )
@ -90,10 +101,163 @@ void transaction::set_expiration( const block_id_type& reference_block, unsigned
relative_expiration = lifetime_intervals; relative_expiration = lifetime_intervals;
block_id_cache = reference_block; block_id_cache = reference_block;
} }
void transaction::get_required_authorities( flat_set<account_id_type>& active, flat_set<account_id_type>& owner, vector<authority>& other ) void transaction::get_required_authorities( flat_set<account_id_type>& active, flat_set<account_id_type>& owner, vector<authority>& other )const
{ {
for( const auto& op : operations ) for( const auto& op : operations )
operation_get_required_authorities( op, active, owner, other ); operation_get_required_authorities( op, active, owner, other );
} }
struct sign_state
{
/** returns true if we have a signature for this key or can
* produce a signature for this key, else returns false.
*/
bool signed_by( const public_key_type& k )
{
auto itr = signatures.find(k);
if( itr == signatures.end() )
{
auto pk = keys.find(k);
if( pk != keys.end() )
{
signatures[k] = trx.sign(pk->second);
checked_sigs.insert(k);
return true;
}
return false;
}
checked_sigs.insert(k);
return true;
}
/**
* Checks to see if we have signatures of the active authorites of
* the accounts specified in authority or the keys specified.
*/
bool check_authority( const authority* au, int depth = 0 )
{
if( au == nullptr ) return false;
const authority& auth = *au;
uint32_t total_weight = 0;
for( const auto& k : auth.key_auths )
if( signed_by( k.first ) )
{
total_weight += k.second;
if( total_weight >= auth.weight_threshold )
return true;
}
for( const auto& a : auth.account_auths )
{
if( approved_by.find(a.first) == approved_by.end() )
{
if( depth == GRAPHENE_MAX_SIG_CHECK_DEPTH )
return false;
if( check_authority( get_active( a.first ), depth+1 ) )
{
approved_by.insert( a.first );
total_weight += a.second;
if( total_weight >= auth.weight_threshold )
return true;
}
}
else
{
total_weight += a.second;
if( total_weight >= auth.weight_threshold )
return true;
}
}
return total_weight >= auth.weight_threshold;
}
bool remove_unused_signatures()
{
vector<public_key_type> remove_sigs;
for( const auto& sig : signatures )
if( checked_sigs.find(sig.first) == checked_sigs.end() )
remove_sigs.push_back( sig.first );
for( auto& sig : remove_sigs )
signatures.erase(sig);
return remove_sigs.size() != 0;
}
sign_state( const signed_transaction& t, const std::function<const authority*(account_id_type)>& a,
const vector<private_key_type>& kys = vector<private_key_type>() )
:trx(t),get_active(a)
{
auto d = trx.digest();
for( const auto& sig : trx.signatures )
signatures[ fc::ecc::public_key( sig, d ) ] = sig;
for( const auto& key : kys )
keys[key.get_public_key()] = key;
}
const signed_transaction& trx;
const std::function<const authority*(account_id_type)>& get_active;
flat_map<public_key_type,private_key_type> keys;
flat_map<public_key_type,signature_type> signatures;
set<public_key_type> checked_sigs;
flat_set<account_id_type> approved_by;
};
/**
* Given a set of private keys sign this transaction with a minimial subset of required keys.
*/
void signed_transaction::sign( const vector<private_key_type>& keys,
const std::function<const authority*(account_id_type)>& get_active,
const std::function<const authority*(account_id_type)>& get_owner )
{
flat_set<account_id_type> required_active;
flat_set<account_id_type> required_owner;
vector<authority> other;
get_required_authorities( required_active, required_owner, other );
sign_state s(*this,get_active,keys);
for( const auto& auth : other )
s.check_authority(&auth);
for( auto id : required_active )
s.check_authority(get_active(id));
for( auto id : required_owner )
s.check_authority(get_owner(id));
s.remove_unused_signatures();
signatures.clear();
for( const auto& sig : s.signatures )
signatures.push_back(sig.second);
}
bool signed_transaction::verify( const std::function<const authority*(account_id_type)>& get_active,
const std::function<const authority*(account_id_type)>& get_owner )const
{
flat_set<account_id_type> required_active;
flat_set<account_id_type> required_owner;
vector<authority> other;
get_required_authorities( required_active, required_owner, other );
sign_state s(*this,get_active);
for( const auto& auth : other )
if( !s.check_authority(&auth) )
return false;
// fetch all of the top level authorities
for( auto id : required_active )
if( !s.check_authority(get_active(id)) )
return false;
for( auto id : required_owner )
if( !s.check_authority(get_owner(id)) )
return false;
if( s.remove_unused_signatures() )
return false;
return true;
}
} } // graphene::chain } } // graphene::chain

36
libraries/chain/transaction_evaluation_state.cpp
View file

@ -60,10 +60,34 @@ namespace graphene { namespace chain {
return true; return true;
uint32_t total_weight = 0; uint32_t total_weight = 0;
for( const auto& key : au.key_auths )
{
if( signed_by( key.first ) )
{
total_weight += key.second;
if( total_weight >= au.weight_threshold )
return true;
}
}
for( const auto& key : au.address_auths )
{
if( signed_by( key.first ) )
{
total_weight += key.second;
if( total_weight >= au.weight_threshold )
return true;
}
}
for( const auto& auth : au.account_auths ) for( const auto& auth : au.account_auths )
{ {
if( approved_by.find( std::make_pair(auth.first,auth_class) ) != approved_by.end() ) if( approved_by.find( std::make_pair(auth.first,auth_class) ) != approved_by.end() )
{
total_weight += auth.second; total_weight += auth.second;
if( total_weight >= au.weight_threshold )
return true;
}
else else
{ {
if( depth == GRAPHENE_MAX_SIG_CHECK_DEPTH ) if( depth == GRAPHENE_MAX_SIG_CHECK_DEPTH )
@ -76,19 +100,11 @@ namespace graphene { namespace chain {
{ {
approved_by.insert( std::make_pair(acnt.id,auth_class) ); approved_by.insert( std::make_pair(acnt.id,auth_class) );
total_weight += auth.second; total_weight += auth.second;
if( total_weight >= au.weight_threshold )
return true;
} }
} }
} }
for( const auto& key : au.key_auths )
{
if( signed_by( key.first ) )
total_weight += key.second;
}
for( const auto& key : au.address_auths )
{
if( signed_by( key.first ) )
total_weight += key.second;
}
return total_weight >= au.weight_threshold; return total_weight >= au.weight_threshold;
} FC_CAPTURE_AND_RETHROW( (au)(auth_class)(depth) ) } } FC_CAPTURE_AND_RETHROW( (au)(auth_class)(depth) ) }