Skip to content

Commit

Permalink
Update deps to have curve25519-dalek v4.1.3 (to fix `RUSTSEC-2024-0…
Browse files Browse the repository at this point in the history
…344`) (#104)

* Bump ed25519-zebra to 4.0.3

* Update Update schnorrkel to 0.11.4 and related to it deps

* Bump ed25519-dalek to 2.0

* Upgrade to libp2p 0.51.3 (paritytech#13587)

* client/network: upgrade to libp2p 0.51.0

* make discovery.rs compile

* make peer_info.rs compile

* changes to notifications and request-response proto

* make service.rs compile

* towards making request_responses.rs compile

* make request_responses.rs compile

* make request_responses.rs compile

* fix notifications/behaviour.rs tests

* fix warnings

* remove old code

* allow deprecated code (temporary)

* upgrade to libp2p 0.51.1

* add TODO for behaviour tests

* return empty vec if peer_id is absent

paritytech#13587 (comment)

fyi: I don't really know what the old behaviour was.

* update comment to reflect new defaults

Closes paritytech#13338

* Revert "update comment to reflect new defaults"

This reverts commit 7a981ab.

* remove config.rs (from wrong merge)

* upgrade to libp2p 0.51.2

* fix formatting

* use handle_pending_outbound_connection in networt_state RPC

* update deps

* use re-exports when we use other libp2p packages

* Apply suggestions from code review

Co-authored-by: Dmitry Markin <[email protected]>

* format code

* handle potential errors in network_state RPC

* only update libp2p crate

* update libp2p-core

* fix docs

* use libp2p-identity instead of libp2p

where it's possible. libp2p-identity is much smaller, hence makes sense
to use it instead of larger libp2p crate.

* Update client/network/src/discovery.rs

Co-authored-by: Aaro Altonen <[email protected]>

* update Cargo.lock

* add comment for per_connection_event_buffer_size

current value is somewhat arbitrary and needs to be tweaked depending on
memory usage and network worker sleep stats.

* fix link format

* update Cargo.lock

* upgrade to libp2p 0.51.3

* deprecate mplex

* Revert "deprecate mplex"

This reverts commit 9e25820.

* Revert "upgrade to libp2p 0.51.3"

This reverts commit 6544dd4.

* use new libp2p version in `statement` crate

* pin version temporarily

* libp2p 0.51.3

* deprecate mplex

* deprecate legacy noise handshake

* fix build error

* update libp2p-identity

* enable libp2p-identity:ed25519 feature in sc-consensus

* enable ed25519 for peerset as well

---------

Co-authored-by: Dmitry Markin <[email protected]>
Co-authored-by: Aaro Altonen <[email protected]>
Co-authored-by: parity-processbot <>

* chore: update libp2p to 0.52.1 (paritytech#14429)

* update libp2p to 0.52.0

* proto name now must implement `AsRef<str>`

* update libp2p version everywhere

* ToSwarm, FromBehaviour, ToBehaviour

also LocalProtocolsChange and RemoteProtocolsChange

* new NetworkBehaviour invariants

* replace `Vec<u8>` with `StreamProtocol`

* rename ConnectionHandlerEvent::Custom to NotifyBehaviour

* remove DialError & ListenError invariants

also fix pending_events

* use connection_limits::Behaviour

See libp2p/rust-libp2p#3885

* impl `void::Void` for `BehaviourOut`

also use `Behaviour::with_codec`

* KademliaHandler no longer public

* fix StreamProtocol construction

* update libp2p-identify to 0.2.0

* remove non-existing methods from PollParameters

rename ConnectionHandlerUpgrErr to StreamUpgradeError

* `P2p` now contains `PeerId`, not `Multihash`

* use multihash-codetable crate

* update Cargo.lock

* reformat text

* comment out tests for now

* remove `.into()` from P2p

* confirm observed addr manually

See https://github.com/libp2p/rust-libp2p/blob/master/protocols/identify/CHANGELOG.md#0430

* remove SwarmEvent::Banned

since we're not using `ban_peer_id`, this can be safely removed.
we may want to introduce `libp2p::allow_block_list` module in the future.

* fix imports

* replace `libp2p` with smaller deps in network-gossip

* bring back tests

* finish rewriting tests

* uncomment handler tests

* Revert "uncomment handler tests"

This reverts commit 720a068.

* add a fixme

* update Cargo.lock

* remove extra From

* make void uninhabited

* fix discovery test

* use autonat protocols

confirming external addresses manually is unsafe in open networks

* fix SyncNotificationsClogged invariant

* only set server mode manually in tests

doubt that we need to set it on node since we're adding public addresses

* address @dmitry-markin comments

* remove autonat

* removed unused var

* fix EOL

* update smallvec and sha2

in attempt to compile polkadot

* bump k256

in attempt to build cumulus

---------

Co-authored-by: parity-processbot <>

* Bump libp2p to 0.52.3

* Bump libp2p to 0.52.4

---------

Co-authored-by: Anton <[email protected]>
Co-authored-by: Dmitry Markin <[email protected]>
Co-authored-by: Aaro Altonen <[email protected]>
  • Loading branch information
4 people authored Jun 25, 2024
1 parent fc5aabd commit c8c9722
Show file tree
Hide file tree
Showing 107 changed files with 3,282 additions and 3,452 deletions.
2,961 changes: 1,318 additions & 1,643 deletions Cargo.lock

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion bin/node/cli/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ regex = "1.6.0"
platforms = "2.0"
soketto = "0.7.1"
criterion = { version = "0.4.0", features = ["async_tokio"] }
tokio = { version = "1.22.0", features = ["macros", "time", "parking_lot"] }
tokio = { version = "1.28.0", features = ["macros", "time", "parking_lot"] }
tokio-util = { version = "0.7.4", features = ["compat"] }
wait-timeout = "0.2"
substrate-rpc-client = { path = "../../../utils/frame/rpc/client" }
Expand Down
3 changes: 2 additions & 1 deletion client/authority-discovery/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,8 @@ codec = { package = "parity-scale-codec", version = "3.2.2", default-features =
futures = "0.3.21"
futures-timer = "3.0.1"
ip_network = "0.4.1"
libp2p = { version = "0.50.0", features = ["kad"] }
libp2p = { version = "0.52.4", features = ["kad", "ed25519"] }
multihash-codetable = { version = "0.1.0", features = ["sha2", "digest"] }
log = "0.4.17"
prost = "0.11"
rand = "0.8.5"
Expand Down
2 changes: 1 addition & 1 deletion client/authority-discovery/src/error.rs
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ pub enum Error {
ParsingMultiaddress(#[from] libp2p::core::multiaddr::Error),

#[error("Failed to parse a libp2p key.")]
ParsingLibp2pIdentity(#[from] libp2p::identity::error::DecodingError),
ParsingLibp2pIdentity(#[from] libp2p::identity::DecodingError),

#[error("Failed to sign using a specific public key.")]
MissingSignature(CryptoTypePublicPair),
Expand Down
19 changes: 9 additions & 10 deletions client/authority-discovery/src/tests.rs
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,9 @@ use crate::{
};

use futures::{channel::mpsc::channel, executor::LocalPool, task::LocalSpawn};
use libp2p::core::{
multiaddr::{Multiaddr, Protocol},
use libp2p::{
core::multiaddr::{Multiaddr, Protocol},
identity::ed25519,
PeerId,
};
use std::{collections::HashSet, sync::Arc};
Expand Down Expand Up @@ -56,7 +57,7 @@ fn get_addresses_and_authority_id() {
let remote_addr = "/ip6/2001:db8:0:0:0:0:0:2/tcp/30333"
.parse::<Multiaddr>()
.unwrap()
.with(Protocol::P2p(remote_peer_id.into()));
.with(Protocol::P2p(remote_peer_id));

let test_api = Arc::new(TestApi { authorities: vec![] });

Expand Down Expand Up @@ -87,18 +88,16 @@ fn get_addresses_and_authority_id() {
fn cryptos_are_compatible() {
use sp_core::crypto::Pair;

let libp2p_secret = libp2p::identity::Keypair::generate_ed25519();
let libp2p_public = libp2p_secret.public();
let libp2p_keypair = ed25519::Keypair::generate();
let libp2p_public = libp2p_keypair.public();

let sp_core_secret = {
let libp2p::identity::Keypair::Ed25519(libp2p_ed_secret) = libp2p_secret.clone();
sp_core::ed25519::Pair::from_seed_slice(&libp2p_ed_secret.secret().as_ref()).unwrap()
};
let sp_core_secret =
{ sp_core::ed25519::Pair::from_seed_slice(&libp2p_keypair.secret().as_ref()).unwrap() };
let sp_core_public = sp_core_secret.public();

let message = b"we are more powerful than not to be better";

let libp2p_signature = libp2p_secret.sign(message).unwrap();
let libp2p_signature = libp2p_keypair.sign(message);
let sp_core_signature = sp_core_secret.sign(message); // no error expected...

assert!(sp_core::ed25519::Pair::verify(
Expand Down
22 changes: 9 additions & 13 deletions client/authority-discovery/src/worker.rs
Original file line number Diff line number Diff line change
Expand Up @@ -34,11 +34,9 @@ use futures::{channel::mpsc, future, stream::Fuse, FutureExt, Stream, StreamExt}
use addr_cache::AddrCache;
use codec::Decode;
use ip_network::IpNetwork;
use libp2p::{
core::multiaddr,
multihash::{Multihash, MultihashDigest},
Multiaddr, PeerId,
};
use libp2p::{core::multiaddr, identity::PublicKey, Multiaddr};
use multihash_codetable::{Code, MultihashDigest};

use log::{debug, error, log_enabled};
use prometheus_endpoint::{register, Counter, CounterVec, Gauge, Opts, U64};
use prost::Message;
Expand Down Expand Up @@ -299,7 +297,7 @@ where
}

fn addresses_to_publish(&self) -> impl Iterator<Item = Multiaddr> {
let peer_id: Multihash = self.network.local_peer_id().into();
let peer_id = self.network.local_peer_id();
let publish_non_global_ips = self.publish_non_global_ips;
self.network
.external_addresses()
Expand Down Expand Up @@ -526,7 +524,7 @@ where
.map_err(Error::ParsingMultiaddress)?;

let get_peer_id = |a: &Multiaddr| match a.iter().last() {
Some(multiaddr::Protocol::P2p(key)) => PeerId::from_multihash(key).ok(),
Some(multiaddr::Protocol::P2p(peer_id)) => Some(peer_id),
_ => None,
};

Expand All @@ -546,10 +544,8 @@ where
// properly signed by the owner of the PeerId

if let Some(peer_signature) = peer_signature {
let public_key = libp2p::identity::PublicKey::from_protobuf_encoding(
&peer_signature.public_key,
)
.map_err(Error::ParsingLibp2pIdentity)?;
let public_key = PublicKey::try_decode_protobuf(&peer_signature.public_key)
.map_err(Error::ParsingLibp2pIdentity)?;
let signature = Signature { public_key, bytes: peer_signature.signature };

if !signature.verify(record, &remote_peer_id) {
Expand Down Expand Up @@ -621,7 +617,7 @@ pub trait NetworkProvider: NetworkDHTProvider + NetworkStateInfo + NetworkSigner
impl<T> NetworkProvider for T where T: NetworkDHTProvider + NetworkStateInfo + NetworkSigner {}

fn hash_authority_id(id: &[u8]) -> KademliaKey {
KademliaKey::new(&libp2p::multihash::Code::Sha2_256.digest(id).digest())
KademliaKey::new(&Code::Sha2_256.digest(id).digest())
}

// Makes sure all values are the same and returns it
Expand Down Expand Up @@ -658,7 +654,7 @@ fn sign_record_with_peer_id(
let signature = network
.sign_with_local_identity(serialized_record)
.map_err(|_| Error::Signing)?;
let public_key = signature.public_key.to_protobuf_encoding();
let public_key = signature.public_key.encode_protobuf();
let signature = signature.bytes;
Ok(schema::PeerSignature { signature, public_key })
}
Expand Down
29 changes: 14 additions & 15 deletions client/authority-discovery/src/worker/addr_cache.rs
Original file line number Diff line number Diff line change
Expand Up @@ -162,8 +162,8 @@ impl AddrCache {

fn peer_id_from_multiaddr(addr: &Multiaddr) -> Option<PeerId> {
addr.iter().last().and_then(|protocol| {
if let Protocol::P2p(multihash) = protocol {
PeerId::from_multihash(multihash).ok()
if let Protocol::P2p(peer_id) = protocol {
Some(peer_id)
} else {
None
}
Expand All @@ -178,7 +178,8 @@ fn addresses_to_peer_ids(addresses: &HashSet<Multiaddr>) -> HashSet<PeerId> {
mod tests {
use super::*;

use libp2p::multihash::{self, Multihash};
use libp2p::multihash::Multihash;
use multihash_codetable::Code;
use quickcheck::{Arbitrary, Gen, QuickCheck, TestResult};

use sp_authority_discovery::{AuthorityId, AuthorityPair};
Expand All @@ -200,14 +201,13 @@ mod tests {
impl Arbitrary for TestMultiaddr {
fn arbitrary(g: &mut Gen) -> Self {
let seed = (0..32).map(|_| u8::arbitrary(g)).collect::<Vec<_>>();
let peer_id = PeerId::from_multihash(
Multihash::wrap(multihash::Code::Sha2_256.into(), &seed).unwrap(),
)
.unwrap();
let peer_id =
PeerId::from_multihash(Multihash::wrap(Code::Sha2_256.into(), &seed).unwrap())
.unwrap();
let multiaddr = "/ip6/2001:db8:0:0:0:0:0:2/tcp/30333"
.parse::<Multiaddr>()
.unwrap()
.with(Protocol::P2p(peer_id.into()));
.with(Protocol::P2p(peer_id));

TestMultiaddr(multiaddr)
}
Expand All @@ -219,18 +219,17 @@ mod tests {
impl Arbitrary for TestMultiaddrsSamePeerCombo {
fn arbitrary(g: &mut Gen) -> Self {
let seed = (0..32).map(|_| u8::arbitrary(g)).collect::<Vec<_>>();
let peer_id = PeerId::from_multihash(
Multihash::wrap(multihash::Code::Sha2_256.into(), &seed).unwrap(),
)
.unwrap();
let peer_id =
PeerId::from_multihash(Multihash::wrap(Code::Sha2_256.into(), &seed).unwrap())
.unwrap();
let multiaddr1 = "/ip6/2001:db8:0:0:0:0:0:2/tcp/30333"
.parse::<Multiaddr>()
.unwrap()
.with(Protocol::P2p(peer_id.into()));
.with(Protocol::P2p(peer_id));
let multiaddr2 = "/ip6/2002:db8:0:0:0:0:0:2/tcp/30133"
.parse::<Multiaddr>()
.unwrap()
.with(Protocol::P2p(peer_id.into()));
.with(Protocol::P2p(peer_id));
TestMultiaddrsSamePeerCombo(multiaddr1, multiaddr2)
}
}
Expand Down Expand Up @@ -367,7 +366,7 @@ mod tests {
let mut addr_cache = AddrCache::new();

let peer_id = PeerId::random();
let addr = Multiaddr::empty().with(Protocol::P2p(peer_id.into()));
let addr = Multiaddr::empty().with(Protocol::P2p(peer_id));

let authority_id0 = AuthorityPair::generate().0.public();
let authority_id1 = AuthorityPair::generate().0.public();
Expand Down
6 changes: 3 additions & 3 deletions client/authority-discovery/src/worker/schema/tests.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ mod schema_v1 {
}

use super::*;
use libp2p::{multiaddr::Multiaddr, PeerId};
use libp2p::{identity::Keypair, multiaddr::Multiaddr, PeerId};
use prost::Message;

#[test]
Expand Down Expand Up @@ -55,7 +55,7 @@ fn v2_decodes_v1() {

#[test]
fn v1_decodes_v2() {
let peer_secret = libp2p::identity::Keypair::generate_ed25519();
let peer_secret = Keypair::generate_ed25519();
let peer_public = peer_secret.public();
let peer_id = peer_public.to_peer_id();
let multiaddress: Multiaddr =
Expand All @@ -67,7 +67,7 @@ fn v1_decodes_v2() {
let record_v2 = AuthorityRecord { addresses: vec_addresses.clone() };
let mut vec_record_v2 = vec![];
record_v2.encode(&mut vec_record_v2).unwrap();
let vec_peer_public = peer_public.to_protobuf_encoding();
let vec_peer_public = peer_public.encode_protobuf();
let peer_signature_v2 =
PeerSignature { public_key: vec_peer_public, signature: vec_peer_signature };
let signed_record_v2 = SignedAuthorityRecord {
Expand Down
8 changes: 4 additions & 4 deletions client/authority-discovery/src/worker/tests.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ use futures::{
};
use libp2p::{
core::multiaddr,
identity::{error::SigningError, Keypair},
identity::{Keypair, SigningError},
kad::record::Key as KademliaKey,
PeerId,
};
Expand Down Expand Up @@ -418,7 +418,7 @@ fn dont_stop_polling_dht_event_stream_after_bogus_event() {
let peer_id = PeerId::random();
let address: Multiaddr = "/ip6/2001:db8:0:0:0:0:0:1/tcp/30333".parse().unwrap();

address.with(multiaddr::Protocol::P2p(peer_id.into()))
address.with(multiaddr::Protocol::P2p(peer_id))
};
let remote_key_store = KeyStore::new();
let remote_public_key: AuthorityId =
Expand Down Expand Up @@ -530,7 +530,7 @@ impl DhtValueFoundTester {
let address: Multiaddr =
format!("/ip6/2001:db8:0:0:0:0:0:{:x}/tcp/30333", idx).parse().unwrap();

address.with(multiaddr::Protocol::P2p(peer_id.into()))
address.with(multiaddr::Protocol::P2p(peer_id))
}

fn process_value_found(
Expand Down Expand Up @@ -753,7 +753,7 @@ fn lookup_throttling() {
let peer_id = PeerId::random();
let address: Multiaddr = "/ip6/2001:db8:0:0:0:0:0:1/tcp/30333".parse().unwrap();

address.with(multiaddr::Protocol::P2p(peer_id.into()))
address.with(multiaddr::Protocol::P2p(peer_id))
};
let remote_key_store = KeyStore::new();
let remote_public_keys: Vec<AuthorityId> = (0..20)
Expand Down
4 changes: 2 additions & 2 deletions client/cli/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ chrono = "0.4.10"
clap = { version = "4.0.9", features = ["derive", "string"] }
fdlimit = "0.2.1"
futures = "0.3.21"
libp2p = "0.50.0"
libp2p-identity = { version = "0.2.0", features = ["peerid", "ed25519"]}
log = "0.4.17"
names = { version = "0.13.0", default-features = false }
parity-scale-codec = "3.2.2"
Expand All @@ -29,7 +29,7 @@ serde = "1.0.136"
serde_json = "1.0.85"
thiserror = "1.0.30"
tiny-bip39 = "1.0.0"
tokio = { version = "1.22.0", features = ["signal", "rt-multi-thread", "parking_lot"] }
tokio = { version = "1.28.0", features = ["signal", "rt-multi-thread", "parking_lot"] }
sc-client-api = { version = "4.0.0-dev", path = "../api" }
sc-client-db = { version = "0.10.0-dev", default-features = false, path = "../db" }
sc-keystore = { version = "4.0.0-dev", path = "../keystore" }
Expand Down
6 changes: 3 additions & 3 deletions client/cli/src/commands/generate_node_key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
use crate::Error;
use clap::Parser;
use libp2p::identity::{ed25519 as libp2p_ed25519, PublicKey};
use libp2p_identity::{ed25519, Keypair};
use std::{
fs,
io::{self, Write},
Expand Down Expand Up @@ -50,7 +50,7 @@ pub struct GenerateNodeKeyCmd {
impl GenerateNodeKeyCmd {
/// Run the command
pub fn run(&self) -> Result<(), Error> {
let keypair = libp2p_ed25519::Keypair::generate();
let keypair = ed25519::Keypair::generate();

let secret = keypair.secret();

Expand All @@ -65,7 +65,7 @@ impl GenerateNodeKeyCmd {
None => io::stdout().lock().write_all(&file_data)?,
}

eprintln!("{}", PublicKey::Ed25519(keypair.public()).to_peer_id());
eprintln!("{}", Keypair::from(keypair).public().to_peer_id());

Ok(())
}
Expand Down
10 changes: 4 additions & 6 deletions client/cli/src/commands/inspect_node_key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
use crate::Error;
use clap::Parser;
use libp2p::identity::{ed25519, PublicKey};
use libp2p_identity::Keypair;
use std::{
fs,
io::{self, Read},
Expand Down Expand Up @@ -70,12 +70,10 @@ impl InspectNodeKeyCmd {
.map_err(|_| "failed to decode secret as hex")?;
}

let secret =
ed25519::SecretKey::from_bytes(&mut file_data).map_err(|_| "Bad node key file")?;
let keypair =
Keypair::ed25519_from_bytes(&mut file_data).map_err(|_| "Bad node key file")?;

let keypair = ed25519::Keypair::from(secret);

println!("{}", PublicKey::Ed25519(keypair.public()).to_peer_id());
println!("{}", keypair.public().to_peer_id());

Ok(())
}
Expand Down
13 changes: 8 additions & 5 deletions client/cli/src/params/node_key_params.rs
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ fn invalid_node_key(e: impl std::fmt::Display) -> error::Error {
/// Parse a Ed25519 secret key from a hex string into a `sc_network::Secret`.
fn parse_ed25519_secret(hex: &str) -> error::Result<sc_network::config::Ed25519Secret> {
H256::from_str(hex).map_err(invalid_node_key).and_then(|bytes| {
ed25519::SecretKey::from_bytes(bytes)
ed25519::SecretKey::try_from_bytes(bytes)
.map(sc_network::config::Secret::Input)
.map_err(invalid_node_key)
})
Expand All @@ -123,7 +123,7 @@ fn parse_ed25519_secret(hex: &str) -> error::Result<sc_network::config::Ed25519S
mod tests {
use super::*;
use clap::ValueEnum;
use sc_network::config::identity::{ed25519, Keypair};
use libp2p_identity::ed25519;
use std::fs;

#[test]
Expand Down Expand Up @@ -166,9 +166,12 @@ mod tests {
.into_keypair()
.expect("Creates node key pair");

match node_key {
Keypair::Ed25519(ref pair) if pair.secret().as_ref() == key.as_ref() => {},
_ => panic!("Invalid key"),
if let Ok(pair) = node_key.try_into_ed25519() {
if pair.secret().as_ref() != key.as_ref() {
panic!("Invalid key")
}
} else {
panic!("Invalid key")
}
}

Expand Down
2 changes: 1 addition & 1 deletion client/consensus/aura/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -46,4 +46,4 @@ sp-keyring = { version = "7.0.0", path = "../../../primitives/keyring" }
sp-timestamp = { version = "4.0.0-dev", path = "../../../primitives/timestamp" }
sp-tracing = { version = "6.0.0", path = "../../../primitives/tracing" }
substrate-test-runtime-client = { version = "2.0.0", path = "../../../test-utils/runtime/client" }
tokio = { version = "1.22.0" }
tokio = { version = "1.28.0" }
Loading

0 comments on commit c8c9722

Please sign in to comment.