Prem Chaitanya Prathi 6a954bdec0
feat(mix): DoS protection + libp2p v2.0.0 + stateless RLN + tests (rebased onto #3935)
Squash of 13 commits from feat/mix-dos-protection-libp2p-v2.0.0 onto the
logos_delivery/ folder-restructure base from #3935 (build-messaging-folder).

Original commit history (squashed):
- d8e6dcef feat(mix): integrate mix protocol with extended kademlia + RLN spam protection
- fb72f18d refactor(mix): split DoS-protection self-registration into background retry
- d8bbef0c feat(mix): bump libp2p stack to v2.0.0 + adopt stateless RLN spam protection
- 2f24448a fix(tests): use HmacDrbgContext.new() instead of crypto.newRng()
- 5a21455c fix(ci): regen nimble.lock for v2.0.0 + disambiguate rng in wakucore
- 03ef02a2 fix(tests): wrap HmacDrbgContext via newBearSslRng for libp2p v2.0.0
- 167ab1df fix(nix): regenerate deps.nix from updated nimble.lock
- 97a27222 fix(tests): wrap or pass Rng correctly for 3-arg PrivateKey.random
- 5561fcb5 fix(tests): replace removed newStandardSwitch with SwitchBuilder
- ba39ee4a fix(tests): libp2p v2.0.0 API migrations across test suite
- 328e11df fix: gitignore test binaries + remove accidentally-committed binary
- cc712444 fix(tests): more v2.0.0 API migrations (rng template, PeerId.random, etc.)
- 412d97a9 fix(tests): unblock CI — nph, excise orphan waku_noise, complete v2.0.0 Rng migration

Conflict resolutions (#3935 → ours):
- 11 import-path migrations: waku/X → logos_delivery/waku/X
- waku_node/waku_node/relay.nim: dropped our `registerRelayHandler` proc
  (relocated to subscription_manager.nim by #3935; see cascade fix below)
- factory/builder.nim: combined both sides' new imports (net_config + waku_switch)
- factory/conf_builder/mix_conf_builder.nim: libp2p_mix package (not libp2p/protocols/mix)
- waku_mix/protocol.nim: combined paths + our mix_rln_spam_protection/relay/nimchronos imports
- 3 test files: dropped noise_utils import (replicates noise excision from original PR)
- 2 UA file moves: option_shims.nim and waku_mix_coordination.nim added at new paths

Cascade fixes (#3935 lost our work, restored):
- subscription_manager.nim: added `mixHandler` to #3935's `registerRelayHandler`,
  and added `waku_mix` to its imports. Without this, mix messages were silently
  dropped from the relay handler chain.
- config.nims: option_shims auto-import path migrated to logos_delivery/...

Validation:
- nph check on all 82 staged .nim files: clean (0 reformats needed)
- wakunode2 build: exit 0, 38 MB binary
- (sim PASS confirmed in earlier identical-state run: 5/5 mix init,
  5 RLN proofs gen/verify, 0 errors)

Backup tag at original tip: backup/3931-pre-3935-rebase (412d97a9).
2026-06-19 18:54:40 -04:00

92 lines
2.5 KiB
Nim

import
std/[options, times],
results,
stew/byteutils,
chronos,
libp2p/switch,
libp2p/builders,
libp2p/crypto/crypto as libp2p_keys,
eth/keys as eth_keys
import logos_delivery/waku/waku_core, ./common
export switch
# Time
proc now*(): Timestamp =
getNanosecondTime(getTime().toUnixFloat())
proc ts*(offset = 0, origin = now()): Timestamp =
origin + getNanosecondTime(int64(offset))
# Switch
proc generateEcdsaKey*(): libp2p_keys.PrivateKey =
# libp2p v2.0.0's 3-arg `random(T, scheme, rng)` overload now takes the
# `Rng` wrapper instead of `var HmacDrbgContext`. Wrap our existing
# `ref HmacDrbgContext` (from `common.rng`) via `newBearSslRng` to satisfy
# the new signature without re-seeding a fresh PRNG each call.
libp2p_keys.PrivateKey.random(ECDSA, newBearSslRng(common.rng())).get()
proc generateEcdsaKeyPair*(): libp2p_keys.KeyPair =
libp2p_keys.KeyPair.random(ECDSA, newBearSslRng(common.rng())).get()
proc generateSecp256k1Key*(): libp2p_keys.PrivateKey =
libp2p_keys.PrivateKey.random(Secp256k1, newBearSslRng(common.rng())).get()
proc ethSecp256k1Key*(hex: string): eth_keys.PrivateKey =
eth_keys.PrivateKey.fromHex(hex).get()
proc newTestSwitch*(
key = none(libp2p_keys.PrivateKey), address = none(MultiAddress)
): Switch =
# libp2p v2.0.0 dropped the `newStandardSwitch` convenience constructor;
# callers now compose a `SwitchBuilder` explicitly with the same transport/
# muxer/security defaults the v1.x helper used (TCP + Mplex + Noise).
let peerKey = key.get(generateSecp256k1Key())
let peerAddr = address.get(MultiAddress.init("/ip4/127.0.0.1/tcp/0").get())
return SwitchBuilder
.new()
.withRng(newBearSslRng(common.rng()))
.withPrivateKey(peerKey)
.withAddress(peerAddr)
.withTcpTransport()
.withMplex()
.withNoise()
.build()
# Waku message
export waku_core.DefaultPubsubTopic, waku_core.DefaultContentTopic
proc fakeWakuMessage*(
payload: string | seq[byte] = "TEST-PAYLOAD",
contentTopic = DefaultContentTopic,
meta: string | seq[byte] = newSeq[byte](),
ts = now(),
ephemeral = false,
proof = newSeq[byte](),
): WakuMessage =
var payloadBytes: seq[byte]
var metaBytes: seq[byte]
when payload is string:
payloadBytes = toBytes(payload)
else:
payloadBytes = payload
when meta is string:
metaBytes = toBytes(meta)
else:
metaBytes = meta
WakuMessage(
payload: payloadBytes,
contentTopic: contentTopic,
meta: metaBytes,
version: 2,
timestamp: ts,
ephemeral: ephemeral,
proof: proof,
)