Merge pull request #2519 from nspcc-dev/fix-getrand

core:  adjust System.Runtime.GetRandom

config/protocol.unit_testnet.single.yml

@@ -21,7 +21,7 @@ ProtocolConfiguration:
     OracleContract: [0]
     Notary: [0]
   Hardforks:
-    HF_2712_FixSyscallFees: 25
+    HF_Aspidochelone: 25
 
 ApplicationConfiguration:
   # LogPath could be set up in case you need stdout logs to some proper file.

config/protocol.unit_testnet.yml

@@ -30,7 +30,7 @@ ProtocolConfiguration:
     OracleContract: [0]
     Notary: [0]
   Hardforks:
-    HF_2712_FixSyscallFees: 25
+    HF_Aspidochelone: 25
 
 ApplicationConfiguration:
   # LogPath could be set up in case you need stdout logs to some proper file.

docs/node-configuration.md

@@ -204,7 +204,7 @@ protocol-related settings described in the table below.
 | --- | --- | --- | --- | --- |
 | CommitteeHistory | map[uint32]int | none | Number of committee members after the given height, for example `{0: 1, 20: 4}` sets up a chain with one committee member since the genesis and then changes the setting to 4 committee members at the height of 20. `StandbyCommittee` committee setting must have the number of keys equal or exceeding the highest value in this option. Blocks numbers where the change happens must be divisible by the old and by the new values simultaneously. If not set, committee size is derived from the `StandbyCommittee` setting and never changes. |
 | GarbageCollectionPeriod | `uint32` | 10000 | Controls MPT garbage collection interval (in blocks) for configurations with `RemoveUntraceableBlocks` enabled and `KeepOnlyLatestState` disabled. In this mode the node stores a number of MPT trees (corresponding to `MaxTraceableBlocks` and `StateSyncInterval`), but the DB needs to be clean from old entries from time to time. Doing it too often will cause too much processing overhead, doing it too rarely will leave more useless data in the DB. |
-| Hardforks | `map[string]uint32` | [] | The set of incompatible changes that affect node behaviour starting from the specified height. The default value is an empty set which should be interpreted as "each known hard-fork is applied from the zero blockchain height". The list of valid hard-fork names:<br>• `HF_2712_FixSyscallFees` represents hard-fork introduced in [#2469](https://github.com/nspcc-dev/neo-go/pull/2469) (ported from the [reference](https://github.com/neo-project/neo/pull/2712)). It adjusts the prices of `System.Contract.CreateStandardAccount` and `System.Contract.CreateMultisigAccount` interops so that the resulting prices are in accordance with `sha256` method of native `CryptoLib` contract. |
+| Hardforks | `map[string]uint32` | [] | The set of incompatible changes that affect node behaviour starting from the specified height. The default value is an empty set which should be interpreted as "each known hard-fork is applied from the zero blockchain height". The list of valid hard-fork names:<br>• `HF_Aspidochelone` represents hard-fork introduced in [#2469](https://github.com/nspcc-dev/neo-go/pull/2469) (ported from the [reference](https://github.com/neo-project/neo/pull/2712)). It adjusts the prices of `System.Contract.CreateStandardAccount` and `System.Contract.CreateMultisigAccount` interops so that the resulting prices are in accordance with `sha256` method of native `CryptoLib` contract. `HF_Aspidochelone` is also includes [#2519](https://github.com/nspcc-dev/neo-go/pull/2519) (ported from the [reference](https://github.com/neo-project/neo/pull/2749)). It adjusts the price of `System.Runtime.GetRandom` interop and fixes its vulnerability. |
 | KeepOnlyLatestState | `bool` | `false` | Specifies if MPT should only store latest state. If true, DB size will be smaller, but older roots won't be accessible. This value should remain th
 e same for the same database. | Conflicts with `P2PStateExchangeExtensions`. |
 | Magic | `uint32` | `0` | Magic number which uniquely identifies NEO network. |

pkg/config/hardfork.go

@@ -6,19 +6,18 @@ package config
 type Hardfork byte
 
 const (
-	// HF2712FixSyscallFees represents hard-fork introduced in #2469 (ported from
-	// https://github.com/neo-project/neo/pull/2712) changing the prices of
-	// System.Contract.CreateStandardAccount and
-	// System.Contract.CreateMultisigAccount interops.
-	HF2712FixSyscallFees Hardfork = 1 << iota // HF_2712_FixSyscallFees
+	// HFAspidochelone represents hard-fork introduced in #2469 (ported from
+	// https://github.com/neo-project/neo/pull/2712) and #2519 (ported from
+	// https://github.com/neo-project/neo/pull/2749).
+	HFAspidochelone Hardfork = 1 << iota // HF_Aspidochelone
 )
 
 // hardforks holds a map of Hardfork string representation to its type.
 var hardforks map[string]Hardfork
 
 func init() {
 	hardforks = make(map[string]Hardfork)
-	for _, hf := range []Hardfork{HF2712FixSyscallFees} {
+	for _, hf := range []Hardfork{HFAspidochelone} {
 		hardforks[hf.String()] = hf
 	}
 }

pkg/core/interop/context.go

@@ -45,26 +45,27 @@ type Ledger interface {
 
 // Context represents context in which interops are executed.
 type Context struct {
-	Chain          Ledger
-	Container      hash.Hashable
-	Network        uint32
-	Hardforks      map[string]uint32
-	Natives        []Contract
-	Trigger        trigger.Type
-	Block          *block.Block
-	NonceData      [16]byte
-	Tx             *transaction.Transaction
-	DAO            *dao.Simple
-	Notifications  []state.NotificationEvent
-	Log            *zap.Logger
-	VM             *vm.VM
-	Functions      []Function
-	Invocations    map[util.Uint160]int
-	cancelFuncs    []context.CancelFunc
-	getContract    func(*dao.Simple, util.Uint160) (*state.Contract, error)
-	baseExecFee    int64
-	baseStorageFee int64
-	signers        []transaction.Signer
+	Chain            Ledger
+	Container        hash.Hashable
+	Network          uint32
+	Hardforks        map[string]uint32
+	Natives          []Contract
+	Trigger          trigger.Type
+	Block            *block.Block
+	NonceData        [16]byte
+	Tx               *transaction.Transaction
+	DAO              *dao.Simple
+	Notifications    []state.NotificationEvent
+	Log              *zap.Logger
+	VM               *vm.VM
+	Functions        []Function
+	Invocations      map[util.Uint160]int
+	cancelFuncs      []context.CancelFunc
+	getContract      func(*dao.Simple, util.Uint160) (*state.Contract, error)
+	baseExecFee      int64
+	baseStorageFee   int64
+	GetRandomCounter uint32
+	signers          []transaction.Signer
 }
 
 // NewContext returns new interop context.

pkg/core/interop/runtime/util.go

@@ -5,6 +5,7 @@ import (
 	"errors"
 	"math/big"
 
+	"github.com/nspcc-dev/neo-go/pkg/config"
 	"github.com/nspcc-dev/neo-go/pkg/core/interop"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/encoding/address"
@@ -88,9 +89,26 @@ func GetNetwork(ic *interop.Context) error {
 
 // GetRandom returns pseudo-random number which depends on block nonce and transaction hash.
 func GetRandom(ic *interop.Context) error {
-	res := murmur128(ic.NonceData[:], ic.Network)
+	var (
+		price int64
+		seed  = ic.Network
+	)
+	isHF := ic.IsHardforkEnabled(config.HFAspidochelone)
+	if isHF {
+		price = 1 << 13
+		seed += ic.GetRandomCounter
+		ic.GetRandomCounter++
+	} else {
+		price = 1 << 4
+	}
+	res := murmur128(ic.NonceData[:], seed)
+	if !isHF {
+		copy(ic.NonceData[:], res)
+	}
+	if !ic.VM.AddGas(ic.BaseExecFee() * price) {
+		return errors.New("gas limit exceeded")
+	}
 	ic.VM.Estack().PushItem(stackitem.NewBigInteger(bigint.FromBytesUnsigned(res)))
-	copy(ic.NonceData[:], res)
 	return nil
 }
 

pkg/core/interop_system.go

@@ -225,7 +225,7 @@ func contractCreateMultisigAccount(ic *interop.Context) error {
 		pubs[i] = p
 	}
 	var invokeFee int64
-	if ic.IsHardforkEnabled(config.HF2712FixSyscallFees) {
+	if ic.IsHardforkEnabled(config.HFAspidochelone) {
 		invokeFee = fee.ECDSAVerifyPrice * int64(len(pubs))
 	} else {
 		invokeFee = 1 << 8
@@ -250,7 +250,7 @@ func contractCreateStandardAccount(ic *interop.Context) error {
 		return err
 	}
 	var invokeFee int64
-	if ic.IsHardforkEnabled(config.HF2712FixSyscallFees) {
+	if ic.IsHardforkEnabled(config.HFAspidochelone) {
 		invokeFee = fee.ECDSAVerifyPrice
 	} else {
 		invokeFee = 1 << 8

pkg/core/interop_system_core_test.go

@@ -46,25 +46,26 @@ func TestRuntimeGetRandomCompatibility(t *testing.T) {
 	b := getSharpTestGenesis(t)
 	tx := getSharpTestTx(util.Uint160{})
 	ic := bc.newInteropContext(trigger.Application, bc.dao.GetWrapped(), b, tx)
-	ic.Network = 5195086 // Old mainnet magic used by C# tests.
+	ic.Network = 860833102 // Old mainnet magic used by C# tests.
 
 	ic.VM = vm.New()
 	ic.VM.LoadScript([]byte{0x01})
+	ic.VM.GasLimit = 1100_00000000
 
 	require.NoError(t, runtime.GetRandom(ic))
-	require.Equal(t, "225932872514876835587448704843370203748", ic.VM.Estack().Pop().BigInt().String())
+	require.Equal(t, "271339657438512451304577787170704246350", ic.VM.Estack().Pop().BigInt().String())
 
 	require.NoError(t, runtime.GetRandom(ic))
-	require.Equal(t, "190129535548110356450238097068474508661", ic.VM.Estack().Pop().BigInt().String())
+	require.Equal(t, "98548189559099075644778613728143131367", ic.VM.Estack().Pop().BigInt().String())
 
 	require.NoError(t, runtime.GetRandom(ic))
-	require.Equal(t, "48930406787011198493485648810190184269", ic.VM.Estack().Pop().BigInt().String())
+	require.Equal(t, "247654688993873392544380234598471205121", ic.VM.Estack().Pop().BigInt().String())
 
 	require.NoError(t, runtime.GetRandom(ic))
-	require.Equal(t, "66199389469641263539889463157823839112", ic.VM.Estack().Pop().BigInt().String())
+	require.Equal(t, "291082758879475329976578097236212073607", ic.VM.Estack().Pop().BigInt().String())
 
 	require.NoError(t, runtime.GetRandom(ic))
-	require.Equal(t, "217172703763162599519098299724476526911", ic.VM.Estack().Pop().BigInt().String())
+	require.Equal(t, "247152297361212656635216876565962360375", ic.VM.Estack().Pop().BigInt().String())
 }
 
 func getSharpTestTx(sender util.Uint160) *transaction.Transaction {
@@ -74,7 +75,8 @@ func getSharpTestTx(sender util.Uint160) *transaction.Transaction {
 		Account: sender,
 		Scopes:  transaction.CalledByEntry,
 	})
-	tx.Scripts = append(tx.Scripts, transaction.Witness{})
+	tx.Attributes = []transaction.Attribute{}
+	tx.Scripts = append(tx.Scripts, transaction.Witness{InvocationScript: []byte{}, VerificationScript: []byte{}})
 	return tx
 }
 

pkg/core/interop_system_neotest_test.go

@@ -261,7 +261,7 @@ func TestSystemContractCreateAccount_Hardfork(t *testing.T) {
 	bc, acc := chain.NewSingleWithCustomConfig(t, func(c *config.ProtocolConfiguration) {
 		c.P2PSigExtensions = true // `initBasicChain` requires Notary enabled
 		c.Hardforks = map[string]uint32{
-			config.HF2712FixSyscallFees.String(): 2,
+			config.HFAspidochelone.String(): 2,
 		}
 	})
 	e := neotest.NewExecutor(t, bc, acc, acc)

pkg/core/interops.go

@@ -53,7 +53,7 @@ var systemInterops = []interop.Function{
 	{Name: interopnames.SystemRuntimeGetInvocationCounter, Func: runtime.GetInvocationCounter, Price: 1 << 4},
 	{Name: interopnames.SystemRuntimeGetNetwork, Func: runtime.GetNetwork, Price: 1 << 3},
 	{Name: interopnames.SystemRuntimeGetNotifications, Func: runtime.GetNotifications, Price: 1 << 12, ParamCount: 1},
-	{Name: interopnames.SystemRuntimeGetRandom, Func: runtime.GetRandom, Price: 1 << 4},
+	{Name: interopnames.SystemRuntimeGetRandom, Func: runtime.GetRandom, Price: 0},
 	{Name: interopnames.SystemRuntimeGetScriptContainer, Func: engineGetScriptContainer, Price: 1 << 3},
 	{Name: interopnames.SystemRuntimeGetTime, Func: runtime.GetTime, Price: 1 << 3, RequiredFlags: callflag.ReadStates},
 	{Name: interopnames.SystemRuntimeGetTrigger, Func: runtime.GetTrigger, Price: 1 << 3},