Authentication of PeerIds in authority discovery records (#10317)

* Consolidating test and production code

* Signing/verifying authority discovery records with PeerId

Unsigned records cannot be rejected yet, they just produce
a warning in the log.

* Upgrading to libp2p 0.40

* libp2p::identity and sp_core::crypto Ed25519 are compatible

* Rejecting authority records unsigned by peer id can be configured

* Fixes based on review comments

* No command-line argument needed

* info was still too much spam in the logs

* Added tests for both strict and loose validation

* Fixing based on review comments

* Pierre preferred a signing method

* Ooops, I need to slow down

* Update bin/node/cli/src/service.rs

* Reexport libp2p crypto used in sc-network

* Added proto3 compatibility tests. And import noise.

Co-authored-by: Bastian Köcher <bkchr@users.noreply.github.com>

client/authority-discovery/README.md

@@ -1,9 +1,9 @@
-Substrate authority discovery.
+# Substrate authority discovery
 
 This crate enables Substrate authorities to discover and directly connect to
 other authorities. It is split into two components the [`Worker`] and the
 [`Service`].
 
 See [`Worker`] and [`Service`] for more documentation.
 
-License: GPL-3.0-or-later WITH Classpath-exception-2.0
+License: GPL-3.0-or-later WITH Classpath-exception-2.0

client/authority-discovery/build.rs

@@ -1,3 +1,7 @@
 fn main() {
-	prost_build::compile_protos(&["src/worker/schema/dht.proto"], &["src/worker/schema"]).unwrap();
+	prost_build::compile_protos(
+		&["src/worker/schema/dht-v1.proto", "src/worker/schema/dht-v2.proto"],
+		&["src/worker/schema"],
+	)
+	.unwrap();
 }

client/authority-discovery/src/error.rs

@@ -46,10 +46,18 @@ pub enum Error {
 	EncodingDecodingScale(codec::Error),
 	/// Failed to parse a libp2p multi address.
 	ParsingMultiaddress(libp2p::core::multiaddr::Error),
+	/// Failed to parse a libp2p key.
+	ParsingLibp2pIdentity(sc_network::DecodingError),
 	/// Failed to sign using a specific public key.
 	MissingSignature(CryptoTypePublicPair),
 	/// Failed to sign using all public keys.
 	Signing,
 	/// Failed to register Prometheus metric.
 	Prometheus(prometheus_endpoint::PrometheusError),
+	/// Received authority record that contains addresses with multiple peer ids
+	ReceivingDhtValueFoundEventWithDifferentPeerIds,
+	/// Received authority record without any addresses having a peer id
+	ReceivingDhtValueFoundEventWithNoPeerIds,
+	/// Received authority record without a valid signature for the remote peer id.
+	MissingPeerIdSignature,
 }

client/authority-discovery/src/lib.rs

@@ -78,6 +78,11 @@ pub struct WorkerConfig {
 	///
 	/// Defaults to `true` to avoid the surprise factor.
 	pub publish_non_global_ips: bool,
+
+	/// Reject authority discovery records that are not signed by their network identity (PeerId)
+	///
+	/// Defaults to `false` to provide compatibility with old versions
+	pub strict_record_validation: bool,
 }
 
 impl Default for WorkerConfig {
@@ -98,6 +103,7 @@ impl Default for WorkerConfig {
 			// `authority_discovery_dht_event_received`.
 			max_query_interval: Duration::from_secs(10 * 60),
 			publish_non_global_ips: true,
+			strict_record_validation: false,
 		}
 	}
 }

client/authority-discovery/src/tests.rs

@@ -82,3 +82,32 @@ fn get_addresses_and_authority_id() {
 		);
 	});
 }
+
+#[test]
+fn cryptos_are_compatible() {
+	use sp_core::crypto::Pair;
+
+	let libp2p_secret = sc_network::Keypair::generate_ed25519();
+	let libp2p_public = libp2p_secret.public();
+
+	let sp_core_secret = {
+		let libp2p_ed_secret = match libp2p_secret.clone() {
+			sc_network::Keypair::Ed25519(x) => x,
+			_ => panic!("generate_ed25519 should have generated an Ed25519 key ¯\\_(ツ)_/¯"),
+		};
+		sp_core::ed25519::Pair::from_seed_slice(&libp2p_ed_secret.secret().as_ref()).unwrap()
+	};
+	let sp_core_public = sp_core_secret.public();
+
+	let message = b"we are more powerful than not to be better";
+
+	let libp2p_signature = libp2p_secret.sign(message).unwrap();
+	let sp_core_signature = sp_core_secret.sign(message); // no error expected...
+
+	assert!(sp_core::ed25519::Pair::verify(
+		&sp_core::ed25519::Signature::from_slice(&libp2p_signature),
+		message,
+		&sp_core_public
+	));
+	assert!(libp2p_public.verify(message, sp_core_signature.as_ref()));
+}