fix merge test scripts (#3781)

2022-06-20 18:03:57 +00:00 · 2022-06-20 18:03:57 +00:00 · 7e61198260
parent 88532c6177
commit 7e61198260
3 changed files with 155 additions and 43 deletions
--- a/beacon_chain/spec/engine_authentication.nim
+++ b/beacon_chain/spec/engine_authentication.nim
@ -83,6 +83,7 @@ proc checkJwtSecret*(
    return ok(newSecret)

  try:
+    # TODO replace with separate function
    let lines = readLines(jwtSecret.get, 1)
    if lines.len > 0:
      # Secret JWT key is parsed in constant time using nimcrypto:
--- a/scripts/test_merge_node.nim
+++ b/scripts/test_merge_node.nim
@ -0,0 +1,65 @@
+# https://notes.ethereum.org/@9AeMAlpyQYaAAyuj47BzRw/rkwW3ceVY
+# Monitor traffic: socat -v TCP-LISTEN:9550,fork TCP-CONNECT:127.0.0.1:8550
+
+import
+  std/options,
+  stew/results,
+  chronos,
+  ../beacon_chain/eth1/eth1_monitor
+
+{.push raises: [Defect].}
+
+from std/os import paramCount, paramStr
+from nimcrypto/utils import fromHex
+from web3/engine_api_types import PayloadExecutionStatus
+from ../beacon_chain/beacon_chain_db import DepositContractSnapshot
+from ../beacon_chain/networking/network_metadata import Eth1Network
+from ../beacon_chain/spec/datatypes/base import ZERO_HASH
+from ../beacon_chain/spec/presets import Eth1Address, defaultRuntimeConfig
+from ../tests/testdbutil import makeTestDB
+
+# TODO factor this out and have a version with the result of the jwt secret
+# slurp for testing purposes
+proc readJwtSecret(jwtSecretFile: string): Result[seq[byte], cstring] =
+  # https://github.com/ethereum/execution-apis/blob/v1.0.0-alpha.9/src/engine/authentication.md#key-distribution
+  # If such a parameter is given, but the file cannot be read, or does not
+  # contain a hex-encoded key of at least 256 bits, the client should treat
+  # this as an error: either abort the startup, or show error and continue
+  # without exposing the authenticated port.
+  const MIN_SECRET_LEN = 32
+
+  try:
+    let lines = readLines(jwtSecretFile, 1)
+    if lines.len > 0:
+      # Secret JWT key is parsed in constant time using nimcrypto:
+      # https://github.com/cheatfate/nimcrypto/pull/44
+      let secret = utils.fromHex(lines[0])
+      if secret.len >= MIN_SECRET_LEN:
+        ok(secret)
+      else:
+        err("JWT secret not at least 256 bits")
+    else:
+      err("JWT secret file empty")
+  except IOError as exc:
+    err("JWT secret file could not be read from")
+
+proc run() {.async.} =
+  if paramCount() < 2:
+    echo "args are: web3url jwtsecretfilename"
+
+  let
+    db = makeTestDB(64)
+    eth1Monitor = Eth1Monitor.init(
+      defaultRuntimeConfig, db, nil, @[paramStr(1)],
+      none(DepositContractSnapshot), none(Eth1Network), false,
+      some readJwtSecret(paramStr(2)).get)
+
+  await eth1Monitor.ensureDataProvider()
+  try:
+    await eth1Monitor.exchangeTransitionConfiguration()
+  except ValueError as exc:
+    # Expected, since nothing here sets up the Nimbus TTD correctly
+    echo "exchangeTransitionConfiguration ValueError: " & exc.msg
+    echo "Invalid TTD errors are fine in this context"
+
+waitFor run()
--- a/scripts/test_merge_vectors.nim
+++ b/scripts/test_merge_vectors.nim
@ -2,50 +2,96 @@
 # Monitor traffic: socat -v TCP-LISTEN:9550,fork TCP-CONNECT:127.0.0.1:8550

 import
-  unittest2,
-  chronos, web3/[engine_api_types, ethtypes],
-  ../beacon_chain/eth1/eth1_monitor,
-  ../beacon_chain/spec/[digest, presets],
-  ../tests/testutil
+  std/options,
+  stew/results,
+  chronos,
+  ../beacon_chain/eth1/eth1_monitor

-suite "Merge test vectors":
-  setup:
-    let web3Provider = (waitFor Web3DataProvider.new(
-      default(Eth1Address), "http://127.0.0.1:8545")).get
+from nimcrypto/utils import fromHex
+from web3/engine_api_types import PayloadExecutionStatus
+from ../beacon_chain/beacon_chain_db import DepositContractSnapshot
+from ../beacon_chain/networking/network_metadata import Eth1Network
+from ../beacon_chain/spec/datatypes/base import ZERO_HASH
+from ../beacon_chain/spec/presets import Eth1Address, defaultRuntimeConfig
+from ../tests/testdbutil import makeTestDB

-  test "getPayload, newPayload, and forkchoiceUpdated":
-    const feeRecipient =
-      Eth1Address.fromHex("0xa94f5374fce5edbc8e2a8697c15331677e6ebf0b")
-    let
-      existingBlock = waitFor web3Provider.getBlockByNumber(0)
-      payloadId = waitFor web3Provider.forkchoiceUpdated(
-        existingBlock.hash.asEth2Digest,
-        existingBlock.hash.asEth2Digest,
-        existingBlock.timestamp.uint64 + 12,
-        ZERO_HASH.data,  # Random
-        feeRecipient)
-      payload =         waitFor web3Provider.getPayload(
-        array[8, byte] (payloadId.payloadId.get))
-      payloadStatus =   waitFor web3Provider.newPayload(payload)
-      fcupdatedStatus = waitFor web3Provider.forkchoiceUpdated(
-        payload.blockHash.asEth2Digest,
-        payload.blockHash.asEth2Digest,
-        existingBlock.timestamp.uint64 + 24,
-        ZERO_HASH.data,  # Random
-        feeRecipient)
+{.push raises: [Defect].}

-      payload2 =         waitFor web3Provider.getPayload(
-        array[8, byte] (fcupdatedStatus.payloadId.get))
-      payloadStatus2 =   waitFor web3Provider.newPayload(payload2)
-      fcupdatedStatus2 = waitFor web3Provider.forkchoiceUpdated(
-        payload2.blockHash.asEth2Digest,
-        payload2.blockHash.asEth2Digest,
-        existingBlock.timestamp.uint64 + 36,
-        ZERO_HASH.data,  # Random
-        feeRecipient)
+# TODO hm, actually factor this out into a callable function
+# and have a version with the result of the jwt secret slurp for testing purposes
+proc readJwtSecret(jwtSecretFile: string): Result[seq[byte], cstring] =
+  # https://github.com/ethereum/execution-apis/blob/v1.0.0-alpha.9/src/engine/authentication.md#key-distribution
+  # If such a parameter is given, but the file cannot be read, or does not
+  # contain a hex-encoded key of at least 256 bits, the client should treat
+  # this as an error: either abort the startup, or show error and continue
+  # without exposing the authenticated port.
+  const MIN_SECRET_LEN = 32

-    check:
-      payloadStatus.status == PayloadExecutionStatus.valid
-      fcupdatedStatus.payloadStatus.status == PayloadExecutionStatus.valid
-      payloadStatus2.status == PayloadExecutionStatus.valid
-      fcupdatedStatus2.payloadStatus.status == PayloadExecutionStatus.valid
+  try:
+    let lines = readLines(jwtSecretFile, 1)
+    if lines.len > 0:
+      # Secret JWT key is parsed in constant time using nimcrypto:
+      # https://github.com/cheatfate/nimcrypto/pull/44
+      let secret = utils.fromHex(lines[0])
+      if secret.len >= MIN_SECRET_LEN:
+        ok(secret)
+      else:
+        err("JWT secret not at least 256 bits")
+    else:
+      err("JWT secret file empty")
+  except IOError as exc:
+    err("JWT secret file could not be read from")
+
+const
+  feeRecipient =
+    Eth1Address.fromHex("0xa94f5374fce5edbc8e2a8697c15331677e6ebf0b")
+  web3Url = "http://127.0.0.1:8551"
+
+proc run() {.async.} =
+  let
+    db = makeTestDB(64)
+    jwtSecret = some readJwtSecret("jwt.hex").get
+    eth1Monitor = Eth1Monitor.init(
+      defaultRuntimeConfig, db, nil, @[web3Url],
+      none(DepositContractSnapshot), none(Eth1Network), false, jwtSecret)
+    web3Provider = (await Web3DataProvider.new(
+      default(Eth1Address), web3Url, jwtSecret)).get
+
+  const feeRecipient =
+    Eth1Address.fromHex("0xa94f5374fce5edbc8e2a8697c15331677e6ebf0b")
+  let
+    existingBlock = await web3Provider.getBlockByNumber(0)
+  await eth1Monitor.ensureDataProvider()
+  let
+    payloadId = await eth1Monitor.forkchoiceUpdated(
+      existingBlock.hash.asEth2Digest,
+      existingBlock.hash.asEth2Digest,
+      existingBlock.timestamp.uint64 + 12,
+      ZERO_HASH.data,  # Random
+      feeRecipient)
+    payload =         await eth1Monitor.getPayload(
+      array[8, byte] (payloadId.payloadId.get))
+    payloadStatus =   await eth1Monitor.newPayload(payload)
+    fcupdatedStatus = await eth1Monitor.forkchoiceUpdated(
+      payload.blockHash.asEth2Digest,
+      payload.blockHash.asEth2Digest,
+      existingBlock.timestamp.uint64 + 24,
+      ZERO_HASH.data,  # Random
+      feeRecipient)
+
+    payload2 =         await eth1Monitor.getPayload(
+      array[8, byte] (fcupdatedStatus.payloadId.get))
+    payloadStatus2 =   await eth1Monitor.newPayload(payload2)
+    fcupdatedStatus2 = await eth1Monitor.forkchoiceUpdated(
+      payload2.blockHash.asEth2Digest,
+      payload2.blockHash.asEth2Digest,
+      existingBlock.timestamp.uint64 + 36,
+      ZERO_HASH.data,  # Random
+      feeRecipient)
+
+  doAssert payloadStatus.status == PayloadExecutionStatus.valid
+  doAssert fcupdatedStatus.payloadStatus.status == PayloadExecutionStatus.valid
+  doAssert payloadStatus2.status == PayloadExecutionStatus.valid
+  doAssert fcupdatedStatus2.payloadStatus.status == PayloadExecutionStatus.valid
+
+waitFor run()