use of tech.pegasys.web3signer.dsl.signer.Signer in project web3signer by ConsenSys.
the class SlashingPruningAcceptanceTest method slashingDataIsPruned.
@Test
void slashingDataIsPruned(@TempDir Path testDirectory) throws IOException {
final TestDatabaseInfo testDatabaseInfo = DatabaseUtil.create();
final String dbUrl = testDatabaseInfo.databaseUrl();
final Jdbi jdbi = testDatabaseInfo.getJdbi();
final Path keyConfigFile = testDirectory.resolve("keyfile.yaml");
metadataFileHelpers.createUnencryptedYamlFileAt(keyConfigFile, keyPair.getSecretKey().toBytes().toHexString(), KeyType.BLS);
final SignerConfigurationBuilder signerBuilder = new SignerConfigurationBuilder().withMode("eth2").withSlashingEnabled(true).withSlashingProtectionDbUsername(DB_USERNAME).withSlashingProtectionDbPassword(DB_PASSWORD).withSlashingProtectionDbUrl(dbUrl).withNetwork("minimal").withKeyStoreDirectory(testDirectory);
final Signer dataCreatingSigner = new Signer(signerBuilder.build(), null);
dataCreatingSigner.start();
dataCreatingSigner.awaitStartupCompletion();
// populate slashing database with 2 block signings and 2 attestation signings
dataCreatingSigner.eth2Sign(keyPair.getPublicKey().toString(), createAttestationRequest(1, 2, UInt64.ZERO));
dataCreatingSigner.eth2Sign(keyPair.getPublicKey().toString(), createAttestationRequest(2, 3, UInt64.ZERO));
dataCreatingSigner.eth2Sign(keyPair.getPublicKey().toString(), Eth2RequestUtils.createBlockRequest(UInt64.valueOf(1), Bytes32.fromHexString("0x1111")));
dataCreatingSigner.eth2Sign(keyPair.getPublicKey().toString(), Eth2RequestUtils.createBlockRequest(UInt64.valueOf(2), Bytes32.fromHexString("0x1111")));
dataCreatingSigner.shutdown();
final List<Map<String, Object>> attestationsBeforePruning = getAttestations(jdbi);
final List<Map<String, Object>> blocksBeforePruning = getSignedBlocks(jdbi);
assertThat(attestationsBeforePruning).hasSize(2);
assertThat(blocksBeforePruning).hasSize(2);
// start signer with pruning enabled configured to only keep one block and attestation
signerBuilder.withSlashingPruningEnabled(true).withSlashingPruningEpochsToKeep(1).withSlashingPruningSlotsPerEpoch(1).withSlashingPruningInterval(1);
final Signer pruningSigner = new Signer(signerBuilder.build(), null);
pruningSigner.start();
pruningSigner.awaitStartupCompletion();
final List<Map<String, Object>> attestations = getAttestations(jdbi);
final Map<String, Object> expectedHeadAttestation = attestationsBeforePruning.get(1);
assertThat(attestations).hasSize(1);
assertThat(attestations.get(0).get("validator_id")).isEqualTo(expectedHeadAttestation.get("validator_id"));
assertThat(attestations.get(0).get("source_epoch")).isEqualTo(expectedHeadAttestation.get("source_epoch"));
assertThat(attestations.get(0).get("target_epoch")).isEqualTo(expectedHeadAttestation.get("target_epoch"));
assertThat(attestations.get(0).get("signing_root")).isEqualTo(expectedHeadAttestation.get("signing_root"));
final List<Map<String, Object>> blocks = getSignedBlocks(jdbi);
final Map<String, Object> expectedHeadBlock = blocksBeforePruning.get(1);
assertThat(blocks).hasSize(1);
assertThat(blocks.get(0).get("validator_id")).isEqualTo(expectedHeadBlock.get("validator_id"));
assertThat(blocks.get(0).get("slot")).isEqualTo(expectedHeadBlock.get("slot"));
assertThat(blocks.get(0).get("signing_root")).isEqualTo(expectedHeadBlock.get("signing_root"));
}
use of tech.pegasys.web3signer.dsl.signer.Signer in project web3signer by ConsenSys.
the class ServerSideTlsAcceptanceTest method createTlsSigner.
private Signer createTlsSigner(final TlsCertificateDefinition serverPresentedCerts, final TlsCertificateDefinition clientExpectedCert, final TlsCertificateDefinition clientCertInServerWhitelist, final TlsCertificateDefinition clientToPresent, final int fixedListenPort, final boolean useConfigFile) {
try {
final SignerConfigurationBuilder configBuilder = new SignerConfigurationBuilder().withHttpPort(fixedListenPort).withUseConfigFile(useConfigFile).withMode("eth1");
final ClientAuthConstraints clientAuthConstraints;
if (clientCertInServerWhitelist != null) {
final Path fingerPrintFilePath = dataPath.resolve("known_clients");
populateFingerprintFile(fingerPrintFilePath, clientCertInServerWhitelist, Optional.empty());
clientAuthConstraints = BasicClientAuthConstraints.fromFile(fingerPrintFilePath.toFile());
} else {
clientAuthConstraints = null;
}
final Path passwordPath = dataPath.resolve("keystore.passwd");
if (serverPresentedCerts.getPassword() != null) {
writeString(passwordPath, serverPresentedCerts.getPassword());
}
final TlsOptions serverOptions = new BasicTlsOptions(serverPresentedCerts.getPkcs12File(), passwordPath.toFile(), Optional.ofNullable(clientAuthConstraints));
configBuilder.withServerTlsOptions(serverOptions);
final ClientTlsConfig clientTlsConfig;
if (clientExpectedCert != null) {
clientTlsConfig = new ClientTlsConfig(clientExpectedCert, clientToPresent);
} else {
clientTlsConfig = null;
}
return new Signer(configBuilder.build(), clientTlsConfig);
} catch (final Exception e) {
fail("Failed to create EthSigner.", e);
return null;
}
}
use of tech.pegasys.web3signer.dsl.signer.Signer in project web3signer by ConsenSys.
the class ServerSideTlsAcceptanceTest method missingKeyStoreFileResultsInEthSignerExiting.
@ParameterizedTest
@ValueSource(booleans = { true, false })
void missingKeyStoreFileResultsInEthSignerExiting(final boolean useConfigFile) throws IOException {
final TlsOptions serverOptions = new BasicTlsOptions(dataPath.resolve("missing_keystore").toFile(), Files.writeString(dataPath.resolve("password"), "password").toFile(), Optional.empty());
// Requires arbitrary port to avoid waiting for Ports file
final SignerConfigurationBuilder configBuilder = new SignerConfigurationBuilder().withUseConfigFile(useConfigFile).withServerTlsOptions(serverOptions).withHttpPort(9000);
signer = new Signer(configBuilder.withMode("eth2").build(), null);
signer.start();
waitFor(() -> assertThat(signer.isRunning()).isFalse());
}
Aggregations