Skip to content

Commit

Permalink
Update light client attack test scripts with permissionless ics
Browse files Browse the repository at this point in the history
  • Loading branch information
ljoss17 committed Oct 18, 2024
1 parent a75f031 commit a22dbe8
Show file tree
Hide file tree
Showing 2 changed files with 292 additions and 52 deletions.
176 changes: 148 additions & 28 deletions ci/misbehaviour-ics/light_client_attack_freeze_test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,10 @@ rm -rf "${CONS_FORK_NODE_DIR}"

# Build genesis file and node directory structure
interchain-security-pd init $MONIKER --chain-id provider --home ${PROV_NODE_DIR}
jq ".app_state.gov.params.voting_period = \"5s\" | .app_state.staking.params.unbonding_time = \"86400s\"" \
jq ".app_state.gov.params.voting_period = \"5s\" \
| .app_state.gov.params.expedited_voting_period = \"4s\" \
| .app_state.staking.params.unbonding_time = \"86400s\" \
| .app_state.provider.params.blocks_per_epoch = \"5\"" \
${PROV_NODE_DIR}/config/genesis.json > \
${PROV_NODE_DIR}/edited_genesis.json && mv ${PROV_NODE_DIR}/edited_genesis.json ${PROV_NODE_DIR}/config/genesis.json

Expand Down Expand Up @@ -160,31 +163,146 @@ interchain-security-pd start \
waiting 10 "for provider sub-node to start"

# Build consumer chain proposal file
tee ${PROV_NODE_DIR}/consumer-proposal.json<<EOF
tee ${PROV_NODE_DIR}/create-consumer-msg.json<<EOF
{
"title": "Create a chain",
"summary": "Gonna be a great chain",
"chain_id": "consumer",
"initial_height": {
"revision_height": 1
},
"genesis_hash": "Z2VuX2hhc2g=",
"binary_hash": "YmluX2hhc2g=",
"spawn_time": "2022-03-11T09:02:14.718477-08:00",
"deposit": "10000001stake",
"consumer_redistribution_fraction": "0.75",
"historical_entries": 1000,
"blocks_per_distribution_transmission": 1000,
"unbonding_period": 1728000000000000,
"ccv_timeout_period": 2419200000000000,
"transfer_timeout_period": 3600000000000
"chain_id" : "consumer",
"metadata": {
"name": "consumer-1-metadata-name",
"description":"consumer-1-metadata-description",
"metadata": "consumer-1-metadata-metadata"
}
}
EOF

interchain-security-pd keys show $PROV_KEY --keyring-backend test --home ${PROV_NODE_DIR}
TX_RES=$(interchain-security-pd tx provider create-consumer \
${PROV_NODE_DIR}/create-consumer-msg.json \
--chain-id provider \
--from $PROV_KEY \
--keyring-backend test \
--home $PROV_NODE_DIR \
--node tcp://${NODE_IP}:26658 \
-o json -y)

# Submit consumer chain proposal
interchain-security-pd tx gov submit-legacy-proposal consumer-addition ${PROV_NODE_DIR}/consumer-proposal.json --chain-id provider --from $PROV_KEY --home ${PROV_NODE_DIR} --node tcp://${NODE_IP}:26658 --keyring-backend test -y --gas auto
sleep 5

TX_RES=$(interchain-security-pd q tx --type=hash $(echo $TX_RES | jq -r '.txhash') \
--home ${PROV_NODE_DIR} \
--node tcp://${NODE_IP}:26658 \
-o json)


echo $TX_RES | jq .code

if [ "$(echo $TX_RES | jq -r .code )" != "0" ]; then
echo consumer creation failed with code: $(echo $TX_RES | jq .code )
exit 1
fi


EVENTS=$(echo $TX_RES | jq -c '.events[]')
found=false
CONSUMER_ID=""
for event in $EVENTS; do
type=$(echo "$event" | jq -r '.type')
echo $type
if [ "$type" = "create_consumer" ]; then
attrs=$(echo $event | jq -c '.attributes[]')
for attr in $attrs; do
key=$(echo "$attr" | jq -r '.key')
if [ "$key" = "consumer_id" ]; then
CONSUMER_ID=$(echo "$attr" | jq -r '.value')
fi
done
found=true
break
fi
done

if [ "$found" = false ]; then
echo "consumer creation event not found"
exit 1
fi

echo "consumer created: $CONSUMER_ID"


AUTHORITY=cosmos10d07y265gmmuvt4z0w9aw880jnsr700j6zn9kn
PROV_ACCOUNT_ADDR=$(jq -r '.address' ${PROV_NODE_DIR}/${PROV_KEY}.json)

## Grant the consumer ownership to the Gov module
tee ${PROV_NODE_DIR}/update-consumer-msg.json<<EOF
{
"consumer_id" : "$CONSUMER_ID",
"owner_address": "$PROV_ACCOUNT_ADDR",
"new_owner_address": "$AUTHORITY",
"metadata": $(jq -r '.metadata' ${PROV_NODE_DIR}/create-consumer-msg.json)
}
EOF

TX_RES=$(interchain-security-pd tx provider update-consumer \
${PROV_NODE_DIR}/update-consumer-msg.json \
--chain-id provider \
--from $PROV_KEY \
--keyring-backend test \
--home $PROV_NODE_DIR \
--node tcp://${NODE_IP}:26658 \
-o json -y)

sleep 5

## Update consumer to TopN by submitting a gov proposal
tee ${PROV_NODE_DIR}/consumer_prop.json<<EOF
{
"messages": [
{
"@type": "/interchain_security.ccv.provider.v1.MsgUpdateConsumer",
"consumer_id": "${CONSUMER_ID}",
"owner": "$AUTHORITY",
"metadata": $(jq -r '.metadata' ${PROV_NODE_DIR}/create-consumer-msg.json),
"initialization_parameters": {
"initial_height": {
"revision_number": 0,
"revision_height": 1
},
"genesis_hash": "2D5C2110941DA54BE07CBB9FACD7E4A2E3253E79BE7BE3E5A1A7BDA518BAA4BE",
"binary_hash": "2D5C2110941DA54BE07CBB9FACD7E4A2E3253E79BE7BE3E5A1A7BDA518BAA4BE",
"spawn_time": "2023-03-11T09:02:14.718477-08:00",
"ccv_timeout_period": "2419200s",
"unbonding_period": "2419200s",
"transfer_timeout_period": "3600s",
"consumer_redistribution_fraction": "0.75",
"blocks_per_distribution_transmission": 1500,
"historical_entries": 1000,
"distribution_transmission_channel": ""
},
"power_shaping_parameters": {
"top_N": 100,
"validators_power_cap": 0,
"validator_set_cap": 50,
"allowlist": [],
"denylist": [],
"min_stake": 1000,
"allow_inactive_vals": true
}
}
],
"metadata": "ipfs://CID",
"deposit": "10000000stake",
"title": "\"update consumer 0 to top N\"",
"summary": "\"update consumer 0 to top N\"",
"expedited": false
}
EOF

PROP_ID=1

interchain-security-pd tx gov submit-proposal ${PROV_NODE_DIR}/consumer_prop.json \
--chain-id provider \
--from $PROV_KEY \
--keyring-backend test \
--home $PROV_NODE_DIR \
--node tcp://${NODE_IP}:26658 \
-o json -y

waiting 3 "for proposal to be submitted"

Expand All @@ -203,7 +321,7 @@ cat ${PROV_NODE_DIR}/config/genesis.json | grep "period"
while [ $TRIES -lt $MAX_TRIES ]; do
output=$(interchain-security-pd query gov proposal 1 --home ${PROV_NODE_DIR} --node tcp://${NODE_IP}:26658 --output json)

proposal_status=$(echo "$output" | grep -o '"status":"[^"]*' | awk -F ':"' '{print $2}')
proposal_status=$(echo "$output" | grep -o '"status": "[^"]*' | awk -F ': "' '{print $2}')
if [ "$proposal_status" = "$PROPOSAL_STATUS_PASSED" ]; then
echo "Proposal status is now $proposal_status. Exiting loop."
break
Expand All @@ -221,7 +339,7 @@ if [ $TRIES -eq $MAX_TRIES ]; then
exit 0
fi

waiting 3 "for passed proposal to be executed"
sleep 6

# Build genesis file and node directory structure
interchain-security-cd init $MONIKER --chain-id consumer --home ${CONS_NODE_DIR}
Expand All @@ -234,7 +352,7 @@ CONS_ACCOUNT_ADDR=$(jq -r '.address' ${CONS_NODE_DIR}/${PROV_KEY}.json)
interchain-security-cd genesis add-genesis-account "$CONS_ACCOUNT_ADDR" 1000000000stake --home ${CONS_NODE_DIR}

# Add consumer genesis states to genesis file
interchain-security-pd query provider consumer-genesis consumer --home ${PROV_NODE_DIR} -o json > consumer_gen.json
interchain-security-pd query provider consumer-genesis $CONSUMER_ID --home ${PROV_NODE_DIR} -o json > consumer_gen.json
jq -s '.[0].app_state.ccvconsumer = .[1] | .[0]' ${CONS_NODE_DIR}/config/genesis.json consumer_gen.json > ${CONS_NODE_DIR}/edited_genesis.json \
&& mv ${CONS_NODE_DIR}/edited_genesis.json ${CONS_NODE_DIR}/config/genesis.json
rm consumer_gen.json
Expand Down Expand Up @@ -296,7 +414,7 @@ rpc_addr = "http://${NODE_IP}:26648"
rpc_timeout = "10s"
store_prefix = "ibc"
trusting_period = "2days"
event_source = { mode = 'push', url = 'ws://${NODE_IP}:26648/websocket' , batch_delay = '50ms' }
event_source = { mode = 'pull', interval = '500ms', max_retries = 4 }
[chains.gas_price]
denom = "stake"
Expand All @@ -319,7 +437,7 @@ rpc_addr = "http://${NODE_IP}:26658"
rpc_timeout = "10s"
store_prefix = "ibc"
trusting_period = "2days"
event_source = { mode = 'push', url = 'ws://${NODE_IP}:26658/websocket' , batch_delay = '50ms' }
event_source = { mode = 'pull', interval = '500ms', max_retries = 4 }
[chains.gas_price]
denom = "stake"
Expand Down Expand Up @@ -419,7 +537,7 @@ rpc_addr = "http://${NODE_IP}:26638"
rpc_timeout = "10s"
store_prefix = "ibc"
trusting_period = "2days"
event_source = { mode = 'push', url = 'ws://${NODE_IP}:26638/websocket' , batch_delay = '50ms' }
event_source = { mode = 'pull', interval = '500ms', max_retries = 4 }
[chains.gas_price]
denom = "stake"
Expand All @@ -442,7 +560,7 @@ rpc_addr = "http://${NODE_IP}:26658"
rpc_timeout = "10s"
store_prefix = "ibc"
trusting_period = "2days"
event_source = { mode = 'push', url = 'ws://${NODE_IP}:26658/websocket' , batch_delay = '50ms' }
event_source = { mode = 'pull', interval = '500ms', max_retries = 4 }
[chains.gas_price]
denom = "stake"
Expand Down Expand Up @@ -506,13 +624,15 @@ if [ "$FROZEN_HEIGHT" != "null" ]; then
diag "Client is frozen, as expected."
else
diag "Client is not frozen, aborting."
${HOME_DIR}/hermes-evidence-logs.txt
exit 1
fi

if grep -q "found light client attack evidence" ${HOME_DIR}/hermes-evidence-logs.txt; then
diag "Evidence found, proceeding."
else
diag "Evidence not found, aborting."
cat ${HOME_DIR}/hermes-evidence-logs.txt
exit 1
fi

Expand Down
Loading

0 comments on commit a22dbe8

Please sign in to comment.