Example 1 with AuthorizationException
use of com.radixdlt.constraintmachine.exceptions.AuthorizationException in project radixdlt by radixdlt.
the class RadixEngine method executeInternal.
private RadixEngineResult executeInternal(EngineStore.EngineStoreInTransaction<M> engineStoreInTransaction, List<Txn> txns, M meta, PermissionLevel permissionLevel, boolean skipAuthorization) throws RadixEngineException {
var processedTxns = new ArrayList<REProcessedTxn>();
// FIXME: This is quite the hack to increase sigsLeft for execution on noncommits (e.g. mempool)
// FIXME: Should probably just change metering
// Start with 0
var sigsLeft = meta != null ? 0 : 1000;
var storageStopwatch = Stopwatch.createUnstarted();
var verificationStopwatch = Stopwatch.createUnstarted();
for (int i = 0; i < txns.size(); i++) {
var txn = txns.get(i);
verificationStopwatch.start();
var context = new ExecutionContext(txn, permissionLevel, skipAuthorization, sigsLeft);
final REProcessedTxn processedTxn;
try {
processedTxn = this.verify(engineStoreInTransaction, txn, context);
} catch (TxnParseException | AuthorizationException | ConstraintMachineException e) {
throw new RadixEngineException(i, txns.size(), txn, e);
}
verificationStopwatch.stop();
// Carry sigs left to the next transaction
sigsLeft = context.sigsLeft();
storageStopwatch.start();
try {
engineStoreInTransaction.storeTxn(processedTxn);
} catch (Exception e) {
logger.error("Store of atom failed: " + processedTxn, e);
throw e;
}
storageStopwatch.stop();
processedTxns.add(processedTxn);
}
try {
batchVerifier.testMetadata(meta, processedTxns);
} catch (MetadataException e) {
logger.error("Invalid metadata: " + processedTxns);
throw e;
}
if (meta != null) {
engineStoreInTransaction.storeMetadata(meta);
}
return RadixEngineResult.create(processedTxns, verificationStopwatch.elapsed(TimeUnit.MILLISECONDS), storageStopwatch.elapsed(TimeUnit.MILLISECONDS));
}
Also used :
ConstraintMachineException(com.radixdlt.constraintmachine.exceptions.ConstraintMachineException)
ExecutionContext(com.radixdlt.constraintmachine.ExecutionContext)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
ArrayList(java.util.ArrayList)
TxnParseException(com.radixdlt.engine.parser.exceptions.TxnParseException)
REProcessedTxn(com.radixdlt.constraintmachine.REProcessedTxn)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
TxBuilderException(com.radixdlt.atom.TxBuilderException)
ConstraintMachineException(com.radixdlt.constraintmachine.exceptions.ConstraintMachineException)
TxnParseException(com.radixdlt.engine.parser.exceptions.TxnParseException)
DeserializeException(com.radixdlt.serialization.DeserializeException)
FeeReserveCompleteException(com.radixdlt.application.system.construction.FeeReserveCompleteException)
Example 2 with AuthorizationException
use of com.radixdlt.constraintmachine.exceptions.AuthorizationException in project radixdlt by radixdlt.
the class RadixEngine method getSignedByKey.
private Optional<ECPublicKey> getSignedByKey(ParsedTxn parsedTxn, ExecutionContext context) throws AuthorizationException {
if (!context.skipAuthorization() && context.permissionLevel() != PermissionLevel.SYSTEM) {
var payloadHashAndSigMaybe = parsedTxn.getPayloadHashAndSig();
if (payloadHashAndSigMaybe.isPresent()) {
var payloadHashAndSig = payloadHashAndSigMaybe.get();
var hash = payloadHashAndSig.getFirst();
var sig = payloadHashAndSig.getSecond();
var pubKey = ECPublicKey.recoverFrom(hash, sig).orElseThrow(() -> new AuthorizationException("Invalid signature"));
// TODO: do we still need this verify?
if (!pubKey.verify(hash, sig)) {
throw new AuthorizationException("Invalid signature");
}
return Optional.of(pubKey);
}
}
return Optional.empty();
}
Also used :
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
Example 3 with AuthorizationException
use of com.radixdlt.constraintmachine.exceptions.AuthorizationException in project radixdlt by radixdlt.
the class RadixEngine method executeInternal.
private RadixEngineResult<M> executeInternal(EngineStore.EngineStoreInTransaction<M> engineStoreInTransaction, List<Txn> txns, Optional<M> metaOpt, PermissionLevel permissionLevel, boolean skipAuthorization) throws RadixEngineException {
var processedTxns = new ArrayList<REProcessedTxn>();
// FIXME: This is quite the hack to increase sigsLeft for execution on noncommits (e.g. mempool)
// FIXME: Should probably just change metering
// Start with 0
var sigsLeft = metaOpt.isPresent() ? 0 : 1000;
var storageStopwatch = Stopwatch.createUnstarted();
var verificationStopwatch = Stopwatch.createUnstarted();
for (int i = 0; i < txns.size(); i++) {
var txn = txns.get(i);
verificationStopwatch.start();
var context = new ExecutionContext(txn, permissionLevel, skipAuthorization, sigsLeft);
final REProcessedTxn processedTxn;
try {
processedTxn = this.verify(engineStoreInTransaction, txn, context);
} catch (TxnParseException | AuthorizationException | ConstraintMachineException e) {
throw new RadixEngineException(i, txns.size(), txn, e);
}
verificationStopwatch.stop();
// Carry sigs left to the next transaction
sigsLeft = context.sigsLeft();
storageStopwatch.start();
try {
engineStoreInTransaction.storeTxn(processedTxn);
} catch (Exception e) {
logger.error("Store of atom failed: " + processedTxn, e);
throw e;
}
storageStopwatch.stop();
processedTxns.add(processedTxn);
}
try {
final var resultMetadata = metaOpt.map(meta -> {
final var postProcessedMetadata = postProcessor.process(meta, engineStoreInTransaction, processedTxns);
engineStoreInTransaction.storeMetadata(postProcessedMetadata);
return postProcessedMetadata;
}).orElse(null);
return RadixEngineResult.create(processedTxns, resultMetadata, verificationStopwatch.elapsed(TimeUnit.MILLISECONDS), storageStopwatch.elapsed(TimeUnit.MILLISECONDS));
} catch (PostProcessorException e) {
logger.error("Invalid metadata: " + processedTxns);
throw e;
}
}
Also used :
SubstateSerialization(com.radixdlt.constraintmachine.SubstateSerialization)
TxAction(com.radixdlt.atom.TxAction)
BiFunction(java.util.function.BiFunction)
TxBuilder(com.radixdlt.atom.TxBuilder)
TxnConstructionRequest(com.radixdlt.atom.TxnConstructionRequest)
ResourceInBucket(com.radixdlt.application.tokens.ResourceInBucket)
VirtualSubstateDeserialization(com.radixdlt.constraintmachine.VirtualSubstateDeserialization)
ParsedTxn(com.radixdlt.engine.parser.ParsedTxn)
Map(java.util.Map)
SystemMapKey(com.radixdlt.constraintmachine.SystemMapKey)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
Predicate(java.util.function.Predicate)
Set(java.util.Set)
ExecutionContext(com.radixdlt.constraintmachine.ExecutionContext)
REAddr(com.radixdlt.identifiers.REAddr)
TxBuilderException(com.radixdlt.atom.TxBuilderException)
EngineStore(com.radixdlt.store.EngineStore)
Particle(com.radixdlt.constraintmachine.Particle)
Objects(java.util.Objects)
List(java.util.List)
Logger(org.apache.logging.log4j.Logger)
ConstraintMachineException(com.radixdlt.constraintmachine.exceptions.ConstraintMachineException)
Optional(java.util.Optional)
TxnParseException(com.radixdlt.engine.parser.exceptions.TxnParseException)
SubstateId(com.radixdlt.atom.SubstateId)
UInt384(com.radixdlt.utils.UInt384)
Stopwatch(com.google.common.base.Stopwatch)
SubstateStore(com.radixdlt.atom.SubstateStore)
HashMap(java.util.HashMap)
PermissionLevel(com.radixdlt.constraintmachine.PermissionLevel)
ECPublicKey(com.radixdlt.crypto.ECPublicKey)
AtomicReference(java.util.concurrent.atomic.AtomicReference)
Function(java.util.function.Function)
RawSubstateBytes(com.radixdlt.constraintmachine.RawSubstateBytes)
ArrayList(java.util.ArrayList)
TransientEngineStore(com.radixdlt.store.TransientEngineStore)
SubstateDeserialization(com.radixdlt.constraintmachine.SubstateDeserialization)
REParser(com.radixdlt.engine.parser.REParser)
UInt256(com.radixdlt.utils.UInt256)
REProcessedTxn(com.radixdlt.constraintmachine.REProcessedTxn)
SubstateIndex(com.radixdlt.constraintmachine.SubstateIndex)
ConstraintMachineConfig(com.radixdlt.constraintmachine.ConstraintMachineConfig)
Txn(com.radixdlt.atom.Txn)
TimeUnit(java.util.concurrent.TimeUnit)
CloseableCursor(com.radixdlt.atom.CloseableCursor)
ConstraintMachine(com.radixdlt.constraintmachine.ConstraintMachine)
DeserializeException(com.radixdlt.serialization.DeserializeException)
FeeReserveCompleteException(com.radixdlt.application.system.construction.FeeReserveCompleteException)
LogManager(org.apache.logging.log4j.LogManager)
REConstructor(com.radixdlt.atom.REConstructor)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
ArrayList(java.util.ArrayList)
TxnParseException(com.radixdlt.engine.parser.exceptions.TxnParseException)
REProcessedTxn(com.radixdlt.constraintmachine.REProcessedTxn)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
TxBuilderException(com.radixdlt.atom.TxBuilderException)
ConstraintMachineException(com.radixdlt.constraintmachine.exceptions.ConstraintMachineException)
TxnParseException(com.radixdlt.engine.parser.exceptions.TxnParseException)
DeserializeException(com.radixdlt.serialization.DeserializeException)
FeeReserveCompleteException(com.radixdlt.application.system.construction.FeeReserveCompleteException)
ConstraintMachineException(com.radixdlt.constraintmachine.exceptions.ConstraintMachineException)
ExecutionContext(com.radixdlt.constraintmachine.ExecutionContext)
Example 4 with AuthorizationException
use of com.radixdlt.constraintmachine.exceptions.AuthorizationException in project radixdlt by radixdlt.
the class ConstraintMachine method callProcedure.
/**
* Executes a transition procedure given the next spun particle and a current validation state.
*/
private ReducerState callProcedure(Procedure procedure, Object procedureParam, ReducerState reducerState, Resources immutableAddrs, ExecutionContext context) throws SignedSystemException, InvalidPermissionException, AuthorizationException, MeterException, ProcedureException {
// System permissions don't require additional authorization
var authorization = procedure.authorization(procedureParam);
var requiredLevel = authorization.permissionLevel();
context.verifyPermissionLevel(requiredLevel);
if (context.permissionLevel() != PermissionLevel.SYSTEM) {
try {
if (requiredLevel == PermissionLevel.USER) {
this.meter.onUserProcedure(procedure.key(), procedureParam, context);
} else if (requiredLevel == PermissionLevel.SUPER_USER) {
this.meter.onSuperUserProcedure(procedure.key(), procedureParam, context);
}
} catch (Exception e) {
throw new MeterException(e);
}
if (!context.skipAuthorization()) {
try {
authorization.authorizer().verify(immutableAddrs, context);
} catch (Exception e) {
throw new AuthorizationException(e);
}
}
}
return procedure.call(procedureParam, reducerState, immutableAddrs, context).state();
}
Also used :
MeterException(com.radixdlt.constraintmachine.exceptions.MeterException)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
MeterException(com.radixdlt.constraintmachine.exceptions.MeterException)
ProcedureException(com.radixdlt.constraintmachine.exceptions.ProcedureException)
MissingProcedureException(com.radixdlt.constraintmachine.exceptions.MissingProcedureException)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
SignedSystemException(com.radixdlt.constraintmachine.exceptions.SignedSystemException)
SubstateNotFoundException(com.radixdlt.constraintmachine.exceptions.SubstateNotFoundException)
NotAResourceException(com.radixdlt.constraintmachine.exceptions.NotAResourceException)
VirtualSubstateAlreadyDownException(com.radixdlt.constraintmachine.exceptions.VirtualSubstateAlreadyDownException)
ConstraintMachineException(com.radixdlt.constraintmachine.exceptions.ConstraintMachineException)
LocalSubstateNotFoundException(com.radixdlt.constraintmachine.exceptions.LocalSubstateNotFoundException)
TrailingBytesException(com.radixdlt.engine.parser.exceptions.TrailingBytesException)
InvalidPermissionException(com.radixdlt.constraintmachine.exceptions.InvalidPermissionException)
TxnParseException(com.radixdlt.engine.parser.exceptions.TxnParseException)
DeserializeException(com.radixdlt.serialization.DeserializeException)
Example 5 with AuthorizationException
use of com.radixdlt.constraintmachine.exceptions.AuthorizationException in project radixdlt by radixdlt.
the class ValidatorRegisterConstraintScrypt method main.
@Override
public void main(Loader os) {
os.substate(new SubstateDefinition<>(ValidatorRegisteredCopy.class, SubstateTypeId.VALIDATOR_REGISTERED_FLAG_COPY.id(), buf -> {
REFieldSerialization.deserializeReservedByte(buf);
var epochUpdate = REFieldSerialization.deserializeOptionalNonNegativeLong(buf);
var key = REFieldSerialization.deserializeKey(buf);
var flag = REFieldSerialization.deserializeBoolean(buf);
return new ValidatorRegisteredCopy(epochUpdate, key, flag);
}, (s, buf) -> {
REFieldSerialization.serializeReservedByte(buf);
REFieldSerialization.serializeOptionalLong(buf, s.epochUpdate());
REFieldSerialization.serializeKey(buf, s.validatorKey());
buf.put((byte) (s.isRegistered() ? 1 : 0));
}, buf -> REFieldSerialization.deserializeKey(buf), (k, buf) -> REFieldSerialization.serializeKey(buf, (ECPublicKey) k), k -> new ValidatorRegisteredCopy(OptionalLong.empty(), (ECPublicKey) k, false)));
os.procedure(new DownProcedure<>(VoidReducerState.class, ValidatorRegisteredCopy.class, d -> new Authorization(PermissionLevel.USER, (r, c) -> {
if (!c.key().map(d.validatorKey()::equals).orElse(false)) {
throw new AuthorizationException("Key does not match.");
}
}), (d, s, r, c) -> {
return ReducerResult.incomplete(new UpdatingRegisteredNeedToReadEpoch(d.validatorKey()));
}));
os.procedure(new ReadProcedure<>(UpdatingRegisteredNeedToReadEpoch.class, EpochData.class, u -> new Authorization(PermissionLevel.USER, (r, c) -> {
}), (s, u, r) -> ReducerResult.incomplete(s.readEpoch(u))));
os.procedure(new UpProcedure<>(UpdatingRegistered.class, ValidatorRegisteredCopy.class, u -> new Authorization(PermissionLevel.USER, (r, c) -> {
}), (s, u, c, r) -> {
s.update(u);
return ReducerResult.complete();
}));
}
Also used :
SubstateTypeId(com.radixdlt.atom.SubstateTypeId)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
ReducerResult(com.radixdlt.constraintmachine.ReducerResult)
ReadProcedure(com.radixdlt.constraintmachine.ReadProcedure)
VoidReducerState(com.radixdlt.constraintmachine.VoidReducerState)
Loader(com.radixdlt.atomos.Loader)
ReducerState(com.radixdlt.constraintmachine.ReducerState)
REFieldSerialization(com.radixdlt.atom.REFieldSerialization)
ValidatorRegisteredCopy(com.radixdlt.application.validators.state.ValidatorRegisteredCopy)
Authorization(com.radixdlt.constraintmachine.Authorization)
SubstateDefinition(com.radixdlt.atomos.SubstateDefinition)
PermissionLevel(com.radixdlt.constraintmachine.PermissionLevel)
ECPublicKey(com.radixdlt.crypto.ECPublicKey)
OptionalLong(java.util.OptionalLong)
UpProcedure(com.radixdlt.constraintmachine.UpProcedure)
ConstraintScrypt(com.radixdlt.atomos.ConstraintScrypt)
DownProcedure(com.radixdlt.constraintmachine.DownProcedure)
ProcedureException(com.radixdlt.constraintmachine.exceptions.ProcedureException)
EpochData(com.radixdlt.application.system.state.EpochData)
EpochData(com.radixdlt.application.system.state.EpochData)
VoidReducerState(com.radixdlt.constraintmachine.VoidReducerState)
AuthorizationException(com.radixdlt.constraintmachine.exceptions.AuthorizationException)
Authorization(com.radixdlt.constraintmachine.Authorization)
ValidatorRegisteredCopy(com.radixdlt.application.validators.state.ValidatorRegisteredCopy)
Aggregations
AuthorizationException (com.radixdlt.constraintmachine.exceptions.AuthorizationException)7
PermissionLevel (com.radixdlt.constraintmachine.PermissionLevel)4
ProcedureException (com.radixdlt.constraintmachine.exceptions.ProcedureException)4
ECPublicKey (com.radixdlt.crypto.ECPublicKey)4
DeserializeException (com.radixdlt.serialization.DeserializeException)4
EpochData (com.radixdlt.application.system.state.EpochData)3
REFieldSerialization (com.radixdlt.atom.REFieldSerialization)3
SubstateTypeId (com.radixdlt.atom.SubstateTypeId)3
ConstraintScrypt (com.radixdlt.atomos.ConstraintScrypt)3
Loader (com.radixdlt.atomos.Loader)3
SubstateDefinition (com.radixdlt.atomos.SubstateDefinition)3
Authorization (com.radixdlt.constraintmachine.Authorization)3
DownProcedure (com.radixdlt.constraintmachine.DownProcedure)3
ReadProcedure (com.radixdlt.constraintmachine.ReadProcedure)3
ReducerResult (com.radixdlt.constraintmachine.ReducerResult)3
ReducerState (com.radixdlt.constraintmachine.ReducerState)3
UpProcedure (com.radixdlt.constraintmachine.UpProcedure)3
VoidReducerState (com.radixdlt.constraintmachine.VoidReducerState)3
ConstraintMachineException (com.radixdlt.constraintmachine.exceptions.ConstraintMachineException)3
TxnParseException (com.radixdlt.engine.parser.exceptions.TxnParseException)3
