Ban bad block-sync peers

- Added a check to ban a misbahaving peer after block sync when not supplying any
  or all of the blocks corresponding to the accumulated difficulty they claimed
  they had.
- Added a check in the RPC block-sync server method to not try and supply blocks
  past its own end of chain best block.
- Added integration level unit tests for block sync.

Author: hansieodendaal

base_layer/core/src/base_node/sync/block_sync/error.rs

@@ -69,6 +69,8 @@ pub enum BlockSyncError {
     SyncRoundFailed,
     #[error("Could not find peer info")]
     PeerNotFound,
+    #[error("Peer did not supply all the blocks they claimed they had: {0}")]
+    PeerDidNotSupplyAllClaimedBlocks(String),
 }
 
 impl BlockSyncError {
@@ -93,6 +95,7 @@ impl BlockSyncError {
             BlockSyncError::FixedHashSizeError(_) => "FixedHashSizeError",
             BlockSyncError::SyncRoundFailed => "SyncRoundFailed",
             BlockSyncError::PeerNotFound => "PeerNotFound",
+            BlockSyncError::PeerDidNotSupplyAllClaimedBlocks(_) => "PeerDidNotSupplyAllClaimedBlocks",
         }
     }
 }
@@ -102,8 +105,6 @@ impl BlockSyncError {
         match self {
             // no ban
             BlockSyncError::AsyncTaskFailed(_) |
-            BlockSyncError::RpcError(_) |
-            BlockSyncError::RpcRequestError(_) |
             BlockSyncError::ChainStorageError(_) |
             BlockSyncError::ConnectivityError(_) |
             BlockSyncError::NoMoreSyncPeers(_) |
@@ -113,7 +114,10 @@ impl BlockSyncError {
             BlockSyncError::SyncRoundFailed => None,
 
             // short ban
-            err @ BlockSyncError::MaxLatencyExceeded { .. } => Some(BanReason {
+            err @ BlockSyncError::MaxLatencyExceeded { .. } |
+            err @ BlockSyncError::PeerDidNotSupplyAllClaimedBlocks(_) |
+            err @ BlockSyncError::RpcError(_) |
+            err @ BlockSyncError::RpcRequestError(_) => Some(BanReason {
                 reason: format!("{}", err),
                 ban_duration: short_ban,
             }),

base_layer/core/src/base_node/sync/block_sync/synchronizer.rs

@@ -128,7 +128,9 @@ impl<'a, B: BlockchainBackend + 'static> BlockSynchronizer<'a, B> {
                     warn!(target: LOG_TARGET, "{} ({})", err, sync_round);
                     continue;
                 },
-                Err(err) => return Err(err),
+                Err(err) => {
+                    return Err(err);
+                },
             }
         }
     }
@@ -407,6 +409,15 @@ impl<'a, B: BlockchainBackend + 'static> BlockSynchronizer<'a, B> {
             last_sync_timer = Instant::now();
         }
 
+        let accumulated_difficulty = self.db.get_chain_metadata().await?.accumulated_difficulty();
+        if accumulated_difficulty < sync_peer.claimed_chain_metadata().accumulated_difficulty() {
+            return Err(BlockSyncError::PeerDidNotSupplyAllClaimedBlocks(format!(
+                "Their claimed difficulty: {}, our local difficulty after block sync: {}",
+                sync_peer.claimed_chain_metadata().accumulated_difficulty(),
+                accumulated_difficulty
+            )));
+        }
+
         if let Some(block) = current_block {
             self.hooks.call_on_complete_hooks(block, best_height);
         }

base_layer/core/src/base_node/sync/rpc/service.rs

@@ -117,6 +117,9 @@ impl<B: BlockchainBackend + 'static> BaseNodeSyncService for BaseNodeSyncRpcServ
             .start_hash
             .try_into()
             .map_err(|_| RpcStatus::bad_request(&"Malformed starting hash received".to_string()))?;
+        if db.fetch_block_by_hash(hash, true).await.is_err() {
+            return Err(RpcStatus::not_found("Requested start block sync hash was not found"));
+        }
         let start_header = db
             .fetch_header_by_block_hash(hash)
             .await
@@ -134,13 +137,13 @@ impl<B: BlockchainBackend + 'static> BaseNodeSyncService for BaseNodeSyncRpcServ
             )));
         }
 
-        if start_height > metadata.height_of_longest_chain() {
-            return Ok(Streaming::empty());
-        }
         let hash = message
             .end_hash
             .try_into()
             .map_err(|_| RpcStatus::bad_request(&"Malformed end hash received".to_string()))?;
+        if db.fetch_block_by_hash(hash, true).await.is_err() {
+            return Err(RpcStatus::not_found("Requested end block sync hash was not found"));
+        }
         let end_header = db
             .fetch_header_by_block_hash(hash)
             .await

base_layer/core/src/common/mod.rs

@@ -42,7 +42,7 @@ pub type ConfidentialOutputHasher = DomainSeparatedConsensusHasher<ConfidentialO
 
 /// The reason for a peer being banned
 #[cfg(feature = "base_node")]
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 pub struct BanReason {
     /// The reason for the ban
     pub reason: String,

base_layer/core/tests/helpers/sync.rs

@@ -28,7 +28,7 @@ use tari_comms::peer_manager::NodeId;
 use tari_core::{
     base_node::{
         chain_metadata_service::PeerChainMetadata,
-        state_machine_service::states::{HeaderSyncState, StateEvent, StatusInfo},
+        state_machine_service::states::{BlockSync, HeaderSyncState, StateEvent, StatusInfo},
         sync::SyncPeer,
         BaseNodeStateMachine,
         BaseNodeStateMachineConfig,
@@ -76,6 +76,21 @@ pub async fn sync_headers_execute(
     header_sync.next_event(state_machine).await
 }
 
+pub fn initialize_sync_blocks(peer_node_interfaces: &NodeInterfaces) -> BlockSync {
+    BlockSync::from(vec![SyncPeer::from(PeerChainMetadata::new(
+        peer_node_interfaces.node_identity.node_id().clone(),
+        peer_node_interfaces.blockchain_db.get_chain_metadata().unwrap(),
+        None,
+    ))])
+}
+
+pub async fn sync_blocks_execute(
+    state_machine: &mut BaseNodeStateMachine<TempDatabase>,
+    block_sync: &mut BlockSync,
+) -> StateEvent {
+    block_sync.next_event(state_machine).await
+}
+
 pub async fn create_network_with_local_and_peer_nodes() -> (
     BaseNodeStateMachine<TempDatabase>,
     NodeInterfaces,
@@ -140,6 +155,7 @@ pub async fn create_network_with_local_and_peer_nodes() -> (
 #[allow(dead_code)]
 #[derive(Debug)]
 pub enum WhatToDelete {
+    BlocksAndHeaders,
     Blocks,
     Headers,
 }
@@ -149,44 +165,48 @@ pub fn delete_some_blocks_and_headers(
     blocks_with_anchor: &[ChainBlock],
     instruction: WhatToDelete,
     node: &NodeInterfaces,
-    set_best_block: Option<bool>,
 ) {
     if blocks_with_anchor.is_empty() || blocks_with_anchor.len() < 2 {
         panic!("blocks must have at least 2 elements");
     }
-    let set_best_block = set_best_block.unwrap_or(false);
     let mut blocks: Vec<_> = blocks_with_anchor.to_vec();
-    blocks.reverse();
-    for i in 0..blocks.len() - 1 {
-        let mut txn = DbTransaction::new();
-        match instruction {
-            WhatToDelete::Blocks => {
-                txn.delete_block(*blocks[i].hash());
-                txn.delete_orphan(*blocks[i].hash());
-                if set_best_block {
-                    txn.set_best_block(
-                        blocks[i + 1].height(),
-                        blocks[i + 1].accumulated_data().hash,
-                        blocks[i + 1].accumulated_data().total_accumulated_difficulty,
-                        *node.blockchain_db.get_chain_metadata().unwrap().best_block(),
-                        blocks[i + 1].to_chain_header().timestamp(),
-                    );
+    match instruction {
+        WhatToDelete::BlocksAndHeaders => {
+            node.blockchain_db.rewind_to_height(blocks[0].height()).unwrap();
+            for block in &blocks[1..] {
+                if node.blockchain_db.block_exists(*block.hash()).unwrap() {
+                    let mut txn = DbTransaction::new();
+                    txn.delete_orphan(*block.hash());
+                    node.blockchain_db.write(txn).unwrap();
                 }
-            },
-            WhatToDelete::Headers => {
-                txn.delete_header(blocks[i].height());
-            },
-        }
-        node.blockchain_db.write(txn).unwrap();
-        // Note: Something is funny here... the block is deleted but the block exists in the db. This should be
-        //       investigated and fixed as it will enhance the tests. If we uncomment the following assertion, the
-        //       tests depending on this function will fail.
-        // match instruction {
-        //     WhatToDelete::Blocks => {
-        //         assert!(!node.blockchain_db.block_exists(*blocks[i].hash()).unwrap());
-        //     }
-        //     WhatToDelete::Headers => {}
-        // }
+                assert!(!node.blockchain_db.block_exists(*block.hash()).unwrap());
+            }
+        },
+        WhatToDelete::Blocks => {
+            let headers = blocks.iter().map(|b| b.to_chain_header()).collect::<Vec<_>>();
+            node.blockchain_db.rewind_to_height(blocks[0].height()).unwrap();
+            for block in &blocks[1..] {
+                if node.blockchain_db.block_exists(*block.hash()).unwrap() {
+                    let mut txn = DbTransaction::new();
+                    txn.delete_orphan(*block.hash());
+                    node.blockchain_db.write(txn).unwrap();
+                }
+                assert!(!node.blockchain_db.block_exists(*block.hash()).unwrap());
+            }
+            node.blockchain_db.insert_valid_headers(headers[1..].to_vec()).unwrap();
+            // Note: This seems funny, as inserting the headers back into the db will cause this test to fail
+            // for block in &blocks[1..] {
+            //     assert!(!node.blockchain_db.block_exists(*block.hash()).unwrap());
+            // }
+        },
+        WhatToDelete::Headers => {
+            blocks.reverse();
+            for block in blocks.iter().take(blocks.len() - 1) {
+                let mut txn = DbTransaction::new();
+                txn.delete_header(block.height());
+                node.blockchain_db.write(txn).unwrap();
+            }
+        },
     }
 }
 

base_layer/core/tests/tests/block_sync.rs

@@ -0,0 +1,176 @@
+//  Copyright 2022. The Tari Project
+//
+//  Redistribution and use in source and binary forms, with or without modification, are permitted provided that the
+//  following conditions are met:
+//
+//  1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following
+//  disclaimer.
+//
+//  2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the
+//  following disclaimer in the documentation and/or other materials provided with the distribution.
+//
+//  3. Neither the name of the copyright holder nor the names of its contributors may be used to endorse or promote
+//  products derived from this software without specific prior written permission.
+//
+//  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+//  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+//  DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+//  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+//  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+//  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+//  USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+use tari_core::base_node::state_machine_service::states::StateEvent;
+
+use crate::helpers::{sync, sync::WhatToDelete};
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
+async fn test_block_sync_happy_path() {
+    // env_logger::init(); // Set `$env:RUST_LOG = "trace"`
+
+    // Create the network with Alice node and Bob node
+    let (mut alice_state_machine, alice_node, bob_node, initial_block, consensus_manager, key_manager) =
+        sync::create_network_with_local_and_peer_nodes().await;
+
+    // Add some block to Bob's chain
+    let _bob_blocks =
+        sync::create_and_add_some_blocks(&bob_node, &initial_block, 5, &consensus_manager, &key_manager, &[3; 5]).await;
+    assert_eq!(bob_node.blockchain_db.get_height().unwrap(), 5);
+
+    // Alice attempts header sync
+    let mut header_sync = sync::initialize_sync_headers_with_ping_pong_data(&alice_node, &bob_node);
+    let event = sync::sync_headers_execute(&mut alice_state_machine, &mut header_sync).await;
+    match event.clone() {
+        StateEvent::HeadersSynchronized(..) => {
+            // Good, headers are synced
+        },
+        _ => panic!("Expected HeadersSynchronized event"),
+    }
+
+    // Alice attempts block sync
+    println!();
+    assert_eq!(alice_node.blockchain_db.get_height().unwrap(), 0);
+    let mut block_sync = sync::initialize_sync_blocks(&bob_node);
+    let event = sync::sync_blocks_execute(&mut alice_state_machine, &mut block_sync).await;
+    match event {
+        StateEvent::BlocksSynchronized => {
+            // Good, blocks are synced
+        },
+        _ => panic!("Expected BlocksSynchronized event"),
+    }
+    assert_eq!(alice_node.blockchain_db.get_height().unwrap(), 5);
+
+    // Alice attempts block sync again
+    println!();
+    let mut block_sync = sync::initialize_sync_blocks(&bob_node);
+    let event = sync::sync_blocks_execute(&mut alice_state_machine, &mut block_sync).await;
+    match event {
+        StateEvent::BlocksSynchronized => {
+            // Good, blocks are synced
+        },
+        _ => panic!("Expected BlocksSynchronized event"),
+    }
+    assert_eq!(alice_node.blockchain_db.get_height().unwrap(), 5);
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
+async fn test_block_sync_peer_supplies_no_blocks_with_ban() {
+    // env_logger::init(); // Set `$env:RUST_LOG = "trace"`
+
+    // Create the network with Alice node and Bob node
+    let (mut alice_state_machine, alice_node, bob_node, initial_block, consensus_manager, key_manager) =
+        sync::create_network_with_local_and_peer_nodes().await;
+
+    // Add some block to Bob's chain
+    let blocks = sync::create_and_add_some_blocks(
+        &bob_node,
+        &initial_block,
+        10,
+        &consensus_manager,
+        &key_manager,
+        &[3; 10],
+    )
+    .await;
+    assert_eq!(bob_node.blockchain_db.get_height().unwrap(), 10);
+    // Add blocks to Alice's chain
+    sync::add_some_existing_blocks(&blocks[1..=5], &alice_node);
+    assert_eq!(alice_node.blockchain_db.get_height().unwrap(), 5);
+
+    // Alice attempts header sync
+    let mut header_sync = sync::initialize_sync_headers_with_ping_pong_data(&alice_node, &bob_node);
+    let event = sync::sync_headers_execute(&mut alice_state_machine, &mut header_sync).await;
+    match event.clone() {
+        StateEvent::HeadersSynchronized(..) => {
+            // Good, headers are synced
+        },
+        _ => panic!("Expected HeadersSynchronized event"),
+    }
+
+    // Alice attempts block sync, Bob will not send any blocks and be banned
+    println!();
+    let mut block_sync = sync::initialize_sync_blocks(&bob_node);
+    sync::delete_some_blocks_and_headers(&blocks[5..=10], WhatToDelete::Blocks, &bob_node);
+    assert_eq!(bob_node.blockchain_db.get_height().unwrap(), 5);
+    let event = sync::sync_blocks_execute(&mut alice_state_machine, &mut block_sync).await;
+    match event {
+        StateEvent::BlockSyncFailed => {
+            // Good, Bob is banned.
+        },
+        _ => panic!("Expected BlockSyncFailed event"),
+    }
+    assert_eq!(alice_node.blockchain_db.get_height().unwrap(), 5);
+
+    // Bob will be banned
+    assert!(sync::wait_for_is_peer_banned(&alice_node, bob_node.node_identity.node_id(), 1).await);
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 1)]
+async fn test_block_sync_peer_supplies_not_all_blocks_with_ban() {
+    // env_logger::init(); // Set `$env:RUST_LOG = "trace"`
+
+    // Create the network with Alice node and Bob node
+    let (mut alice_state_machine, alice_node, bob_node, initial_block, consensus_manager, key_manager) =
+        sync::create_network_with_local_and_peer_nodes().await;
+
+    // Add some block to Bob's chain
+    let blocks = sync::create_and_add_some_blocks(
+        &bob_node,
+        &initial_block,
+        10,
+        &consensus_manager,
+        &key_manager,
+        &[3; 10],
+    )
+    .await;
+    assert_eq!(bob_node.blockchain_db.get_height().unwrap(), 10);
+    // Add blocks to Alice's chain
+    sync::add_some_existing_blocks(&blocks[1..=5], &alice_node);
+    assert_eq!(alice_node.blockchain_db.get_height().unwrap(), 5);
+
+    // Alice attempts header sync
+    let mut header_sync = sync::initialize_sync_headers_with_ping_pong_data(&alice_node, &bob_node);
+    let event = sync::sync_headers_execute(&mut alice_state_machine, &mut header_sync).await;
+    match event.clone() {
+        StateEvent::HeadersSynchronized(..) => {
+            // Good, headers are synced
+        },
+        _ => panic!("Expected HeadersSynchronized event"),
+    }
+
+    // Alice attempts block sync, Bob will not send all blocks and be banned
+    println!();
+    let mut block_sync = sync::initialize_sync_blocks(&bob_node);
+    sync::delete_some_blocks_and_headers(&blocks[8..=10], WhatToDelete::Blocks, &bob_node);
+    assert_eq!(bob_node.blockchain_db.get_height().unwrap(), 8);
+    let event = sync::sync_blocks_execute(&mut alice_state_machine, &mut block_sync).await;
+    match event {
+        StateEvent::BlockSyncFailed => {
+            // Good, Bob is banned.
+        },
+        _ => panic!("Expected BlockSyncFailed event"),
+    }
+    assert_eq!(alice_node.blockchain_db.get_height().unwrap(), 5);
+
+    // Bob will be banned
+    assert!(sync::wait_for_is_peer_banned(&alice_node, bob_node.node_identity.node_id(), 1).await);
+}