spacemeshos · fasmat · Aug 29, 2024 · Aug 29, 2024 · Aug 29, 2024 · Aug 29, 2024
@@ -276,6 +276,7 @@ func Test_MarryAndMerge(t *testing.T) {
 	require.NoError(t, err)
 
 	mFetch := smocks.NewMockFetcher(ctrl)
+	mMalPublish := activation.NewMockatxMalfeasancePublisher(ctrl)
 	mLegacyPublish := activation.NewMocklegacyMalfeasancePublisher(ctrl)
 	mBeacon := activation.NewMockatxReceiver(ctrl)
 	mTortoise := smocks.NewMockTortoise(ctrl)
@@ -290,6 +291,7 @@ func Test_MarryAndMerge(t *testing.T) {
 		mFetch,
 		goldenATX,
 		validator,
+		mMalPublish,
 		mLegacyPublish,
 		mBeacon,
 		mTortoise,

@@ -118,6 +118,7 @@ func TestBuilder_SwitchesToBuildV2(t *testing.T) {
 	edVerifier := signing.NewEdVerifier()
 	mpub := mocks.NewMockPublisher(ctrl)
 	mFetch := smocks.NewMockFetcher(ctrl)
+	mMalPublish := activation.NewMockatxMalfeasancePublisher(ctrl)
 	mLegacyPublish := activation.NewMocklegacyMalfeasancePublisher(ctrl)
 	mBeacon := activation.NewMockatxReceiver(ctrl)
 	mTortoise := smocks.NewMockTortoise(ctrl)
@@ -131,6 +132,7 @@ func TestBuilder_SwitchesToBuildV2(t *testing.T) {
 		mFetch,
 		goldenATX,
 		validator,
+		mMalPublish,
 		mLegacyPublish,
 		mBeacon,
 		mTortoise,

@@ -107,6 +107,7 @@ func Test_CheckpointAfterMerge(t *testing.T) {
 	require.NoError(t, err)
 
 	mFetch := smocks.NewMockFetcher(ctrl)
+	mMalPublish := activation.NewMockatxMalfeasancePublisher(ctrl)
 	mLegacyPublish := activation.NewMocklegacyMalfeasancePublisher(ctrl)
 	mBeacon := activation.NewMockatxReceiver(ctrl)
 	mTortoise := smocks.NewMockTortoise(ctrl)
@@ -120,6 +121,7 @@ func Test_CheckpointAfterMerge(t *testing.T) {
 		mFetch,
 		goldenATX,
 		validator,
+		mMalPublish,
 		mLegacyPublish,
 		mBeacon,
 		mTortoise,
@@ -299,6 +301,7 @@ func Test_CheckpointAfterMerge(t *testing.T) {
 		mFetch,
 		goldenATX,
 		validator,
+		mMalPublish,
 		mLegacyPublish,
 		mBeacon,
 		mTortoise,

@@ -103,6 +103,7 @@ func TestCheckpoint_PublishingSoloATXs(t *testing.T) {
 	atxVersions := activation.AtxVersions{0: types.AtxV2}
 	edVerifier := signing.NewEdVerifier()
 	mFetch := smocks.NewMockFetcher(ctrl)
+	mMalPublish := activation.NewMockatxMalfeasancePublisher(ctrl)
 	mLegacyPublish := activation.NewMocklegacyMalfeasancePublisher(ctrl)
 	mBeacon := activation.NewMockatxReceiver(ctrl)
 	mTortoise := smocks.NewMockTortoise(ctrl)
@@ -116,6 +117,7 @@ func TestCheckpoint_PublishingSoloATXs(t *testing.T) {
 		mFetch,
 		goldenATX,
 		validator,
+		mMalPublish,
 		mLegacyPublish,
 		mBeacon,
 		mTortoise,
@@ -206,6 +208,7 @@ func TestCheckpoint_PublishingSoloATXs(t *testing.T) {
 		mFetch,
 		goldenATX,
 		validator,
+		mMalPublish,
 		mLegacyPublish,
 		mBeacon,
 		mTortoise,

@@ -101,6 +101,7 @@ func NewHandler(
 	fetcher system.Fetcher,
 	goldenATXID types.ATXID,
 	nipostValidator nipostValidator,
+	malPublisher atxMalfeasancePublisher,
 	legacyMalPublisher legacyMalfeasancePublisher,
 	beacon atxReceiver,
 	tortoise system.Tortoise,
@@ -142,7 +143,7 @@ func NewHandler(
 			fetcher:         fetcher,
 			beacon:          beacon,
 			tortoise:        tortoise,
-			malPublisher:    &MalfeasanceHandlerV2{}, // TODO(mafa): pass real publisher when available
+			malPublisher:    malPublisher,
 		},
 	}
 

@@ -215,8 +215,6 @@ func newTestHandler(tb testing.TB, goldenATXID types.ATXID, opts ...HandlerOptio
 	edVerifier := signing.NewEdVerifier()
 
 	mocks := newTestHandlerMocks(tb, goldenATXID)
-	// TODO(mafa): make mandatory parameter when real publisher is available
-	opts = append(opts, func(h *Handler) { h.v2.malPublisher = mocks.mMalPublish })
 	atxHdlr := NewHandler(
 		"localID",
 		cdb,
@@ -226,6 +224,7 @@ func newTestHandler(tb testing.TB, goldenATXID types.ATXID, opts ...HandlerOptio
 		mocks.mockFetch,
 		goldenATXID,
 		mocks.mValidator,
+		mocks.mMalPublish,
 		mocks.mLegacyMalPublish,
 		mocks.mBeacon,
 		mocks.mTortoise,

@@ -495,8 +495,8 @@ func (n nipostSizes) sumUp() (units uint32, weight uint64, err error) {
 
 func (h *HandlerV2) verifyIncludedIDsUniqueness(atx *wire.ActivationTxV2) error {
 	seen := make(map[uint32]struct{})
-	for _, niposts := range atx.NIPosts {
-		for _, post := range niposts.Posts {
+	for _, niPosts := range atx.NIPosts {
+		for _, post := range niPosts.Posts {
 			if _, ok := seen[post.MarriageIndex]; ok {
 				return fmt.Errorf("ID present twice (duplicated marriage index): %d", post.MarriageIndex)
 			}
@@ -528,7 +528,7 @@ func (h *HandlerV2) syntacticallyValidateDeps(
 			return nil, fmt.Errorf("fetching previous atx: %w", err)
 		}
 		if prevAtx.PublishEpoch >= atx.PublishEpoch {
-			err := fmt.Errorf("previous atx is too new (%d >= %d) (%s) ", prevAtx.PublishEpoch, atx.PublishEpoch, prev)
+			err := fmt.Errorf("previous atx (%s) is too new (%d >= %d)", prev, prevAtx.PublishEpoch, atx.PublishEpoch)
 			return nil, err
 		}
 		previousAtxs[i] = prevAtx
@@ -541,9 +541,9 @@ func (h *HandlerV2) syntacticallyValidateDeps(
 
 	// validate previous ATXs
 	nipostSizes := make(nipostSizes, len(atx.NIPosts))
-	for i, niposts := range atx.NIPosts {
+	for i, niPosts := range atx.NIPosts {
 		nipostSizes[i] = new(nipostSize)
-		for _, post := range niposts.Posts {
+		for _, post := range niPosts.Posts {
 			if post.MarriageIndex >= uint32(len(equivocationSet)) {
 				err := fmt.Errorf("marriage index out of bounds: %d > %d", post.MarriageIndex, len(equivocationSet)-1)
 				return nil, err
@@ -563,11 +563,11 @@ func (h *HandlerV2) syntacticallyValidateDeps(
 	}
 
 	// validate poet membership proofs
-	for i, niposts := range atx.NIPosts {
+	for i, niPosts := range atx.NIPosts {
 		// verify PoET memberships in a single go
 		indexedChallenges := make(map[uint64][]byte)
 
-		for _, post := range niposts.Posts {
+		for _, post := range niPosts.Posts {
 			if _, ok := indexedChallenges[post.MembershipLeafIndex]; ok {
 				continue
 			}
@@ -591,10 +591,10 @@ func (h *HandlerV2) syntacticallyValidateDeps(
 		}
 
 		membership := types.MultiMerkleProof{
-			Nodes:       niposts.Membership.Nodes,
+			Nodes:       niPosts.Membership.Nodes,
 			LeafIndices: leafIndices,
 		}
-		leaves, err := h.nipostValidator.PoetMembership(ctx, &membership, niposts.Challenge, poetChallenges)
+		leaves, err := h.nipostValidator.PoetMembership(ctx, &membership, niPosts.Challenge, poetChallenges)
 		if err != nil {
 			return nil, fmt.Errorf("validating poet membership: %w", err)
 		}
@@ -606,7 +606,7 @@ func (h *HandlerV2) syntacticallyValidateDeps(
 		return nil, err
 	}
 
-	// validate all niposts
+	// validate all NIPoSTs
 	if atx.Initial != nil {
 		commitment := atx.Initial.CommitmentATX
 		nipostIdx := 0
@@ -625,8 +625,8 @@ func (h *HandlerV2) syntacticallyValidateDeps(
 	}
 
 	var smesherCommitment *types.ATXID
-	for idx, niposts := range atx.NIPosts {
-		for _, post := range niposts.Posts {
+	for idx, niPosts := range atx.NIPosts {
+		for _, post := range niPosts.Posts {
 			id := equivocationSet[post.MarriageIndex]
 			commitment, err := atxs.CommitmentATX(h.cdb, id)
 			if err != nil {
@@ -635,7 +635,7 @@ func (h *HandlerV2) syntacticallyValidateDeps(
 			if id == atx.SmesherID {
 				smesherCommitment = &commitment
 			}
-			if err := h.validatePost(ctx, id, atx, commitment, niposts.Challenge, post, idx); err != nil {
+			if err := h.validatePost(ctx, id, atx, commitment, niPosts.Challenge, post, idx); err != nil {
 				return nil, err
 			}
 			result.ids[id] = idData{
@@ -847,7 +847,7 @@ func (h *HandlerV2) checkDoubleMerge(ctx context.Context, tx sql.Transaction, at
 	if err != nil {
 		return true, fmt.Errorf("creating double merge proof: %w", err)
 	}
-	return true, h.malPublisher.Publish(ctx, atx.SmesherID, proof)
+	return true, h.malPublisher.Publish(ctx, atx.ActivationTxV2.SmesherID, proof)
 }
 
 func (h *HandlerV2) checkPrevAtx(ctx context.Context, tx sql.Transaction, atx *activationTx) (bool, error) {

@@ -3,6 +3,7 @@ package activation
 import (
 	"context"
 	"errors"
+	"fmt"
 	"math"
 	"slices"
 	"testing"
@@ -996,7 +997,7 @@ func TestHandlerV2_ProcessMergedATX(t *testing.T) {
 			gomock.Any(),
 			merged.SmesherID,
 			gomock.AssignableToTypeOf(&wire.ProofDoubleMerge{}),
-		).DoAndReturn(func(ctx context.Context, id types.NodeID, proof wire.Proof) error {
+		).DoAndReturn(func(ctx context.Context, _ types.NodeID, proof wire.Proof) error {
 			malProof := proof.(*wire.ProofDoubleMerge)
 			nId, err := malProof.Valid(context.Background(), verifier)
 			require.NoError(t, err)
@@ -1504,7 +1505,7 @@ func TestHandlerV2_SyntacticallyValidateDeps(t *testing.T) {
 		atx.Sign(sig)
 
 		_, err := atxHandler.syntacticallyValidateDeps(context.Background(), atx)
-		require.ErrorContains(t, err, "previous atx is too new")
+		require.ErrorContains(t, err, fmt.Sprintf("previous atx (%s) is too new", prev.ID()))
 	})
 	t.Run("previous ATX by different smesher", func(t *testing.T) {
 		atxHandler := newV2TestHandler(t, golden)

@@ -109,6 +109,14 @@ type atxMalfeasancePublisher interface {
 	Publish(ctx context.Context, nodeID types.NodeID, proof wire.Proof) error
 }
 
+// malfeasancePublisher is an interface for publishing malfeasance proofs.
+//
+// Additionally the publisher will only gossip proofs when the node is in sync, otherwise it will only store them
+// and mark the associated identity as malfeasant.
+type malfeasancePublisher interface {
+	PublishATXProof(ctx context.Context, nodeID types.NodeID, proof []byte) error
+}
+
 type atxProvider interface {
 	GetAtx(id types.ATXID) (*types.ActivationTx, error)
 }

@@ -3,16 +3,84 @@ package activation
 import (
 	"context"
 	"fmt"
+	"sync"
+
+	"go.uber.org/zap"
 
 	"github.com/spacemeshos/go-spacemesh/activation/wire"
 	"github.com/spacemeshos/go-spacemesh/codec"
 	"github.com/spacemeshos/go-spacemesh/common/types"
+	"github.com/spacemeshos/go-spacemesh/log"
+	"github.com/spacemeshos/go-spacemesh/signing"
 )
 
-type MalfeasanceHandlerV2 struct{}
+type MalfeasanceHandlerV2 struct {
+	logger *zap.Logger
+
+	malPublisher malfeasancePublisher
+	edVerifier   *signing.EdVerifier
+	validator    nipostValidatorV2
+
+	smeshingMutex sync.Mutex
+	signers       map[types.NodeID]*signing.EdSigner
+}
+
+func NewMalfeasanceHandlerV2(
+	logger *zap.Logger,
+	malPublisher malfeasancePublisher,
+	edVerifier *signing.EdVerifier,
+	validator nipostValidatorV2,
+) *MalfeasanceHandlerV2 {
+	return &MalfeasanceHandlerV2{
+		logger:       logger,
+		malPublisher: malPublisher,
+		edVerifier:   edVerifier,
+		validator:    validator,
+
+		signers: make(map[types.NodeID]*signing.EdSigner),
+	}
+}
+
+func (p *MalfeasanceHandlerV2) Register(sig *signing.EdSigner) {
+	p.smeshingMutex.Lock()
+	defer p.smeshingMutex.Unlock()
+	if _, exists := p.signers[sig.NodeID()]; exists {
+		p.logger.Error("signing key already registered", log.ZShortStringer("id", sig.NodeID()))
+		return
+	}
 
-func NewMalfeasanceHandlerV2() *MalfeasanceHandlerV2 {
-	return &MalfeasanceHandlerV2{}
+	p.logger.Debug("registered signing key", log.ZShortStringer("id", sig.NodeID()))
+	p.signers[sig.NodeID()] = sig
+}
+
+// Publish publishes an ATX proof by encoding it and sending it to the malfeasance publisher.
+func (p *MalfeasanceHandlerV2) Publish(ctx context.Context, nodeID types.NodeID, proof wire.Proof) error {
+	p.smeshingMutex.Lock()
+	_, exists := p.signers[nodeID]
+	p.smeshingMutex.Unlock()
+
+	if exists {
+		// do not publish proofs against one self
+		return fmt.Errorf("publish ATX malfeasance proof: identity %s is managed by node", nodeID)
+	}
+
+	proofNodeID, err := proof.Valid(ctx, p)
+	if err != nil {
+		return fmt.Errorf("publish ATX malfeasance proof: proof not valid: %w", err)
+	}
+	if proofNodeID != nodeID {
+		return fmt.Errorf("publish ATX malfeasance proof: proof for %s does not match node ID %s",
+			proofNodeID.ShortString(), nodeID.ShortString(),
+		)
+	}
+
+	atxProof := &wire.ATXProof{
+		Version:   0x01, // for now we only have one version
+		ProofType: proof.Type(),
+
+		Proof: codec.MustEncode(proof),
+	}
+	return p.malPublisher.PublishATXProof(ctx, nodeID, codec.MustEncode(atxProof))
 }
 
 func (mh *MalfeasanceHandlerV2) decodeProof(data []byte) (wire.Proof, error) {
@@ -28,6 +96,19 @@ func (mh *MalfeasanceHandlerV2) decodeProof(data []byte) (wire.Proof, error) {
 	return proof, nil
 }
 
+func (mh *MalfeasanceHandlerV2) Validate(ctx context.Context, data []byte) (types.NodeID, error) {
+	proof, err := mh.decodeProof(data)
+	if err != nil {
+		return types.EmptyNodeID, fmt.Errorf("decoding ATX malfeasance proof: %w", err)
+	}
+
+	id, err := proof.Valid(ctx, mh)
+	if err != nil {
+		return types.EmptyNodeID, fmt.Errorf("validating ATX malfeasance proof: %w", err)
+	}
+	return id, nil
+}
+
 func (mh *MalfeasanceHandlerV2) Info(data []byte) (map[string]string, error) {
 	proof, err := mh.decodeProof(data)
 	if err != nil {
@@ -46,7 +127,18 @@ func (mh *MalfeasanceHandlerV2) ReportLabels(data []byte) []string {
 	return []string{"ATX", proof.String()}
 }
 
-func (p *MalfeasanceHandlerV2) Publish(ctx context.Context, id types.NodeID, proof wire.Proof) error {
-	// TODO(mafa): implement me
-	return nil
+func (mh *MalfeasanceHandlerV2) PostIndex(
+	ctx context.Context,
+	smesherID types.NodeID,
+	commitment types.ATXID,
+	post *types.Post,
+	challenge []byte,
+	numUnits uint32,
+	idx int,
+) error {
+	return mh.validator.PostV2(ctx, smesherID, commitment, post, challenge, numUnits, PostIndex(idx))
+}
+
+func (mh *MalfeasanceHandlerV2) Signature(d signing.Domain, nodeID types.NodeID, m []byte, sig types.EdSignature) bool {
+	return mh.edVerifier.Verify(d, nodeID, m, sig)
 }