Skip to content

Commit

Permalink
feat: configure protected topics via cli (#1696)
Browse files Browse the repository at this point in the history
  • Loading branch information
alrevuelta authored May 2, 2023
1 parent 2151042 commit 16b4452
Show file tree
Hide file tree
Showing 2 changed files with 43 additions and 8 deletions.
15 changes: 8 additions & 7 deletions apps/wakunode2/app.nim
Original file line number Diff line number Diff line change
Expand Up @@ -547,19 +547,20 @@ proc setupProtocols(node: WakuNode, conf: WakuNodeConf,
peerExchangeHandler = some(handlePeerExchange)

if conf.relay:
let pubsubTopics = conf.topics.split(" ")
try:
let pubsubTopics = conf.topics.split(" ")
await mountRelay(node, pubsubTopics, peerExchangeHandler = peerExchangeHandler)
except CatchableError:
return err("failed to mount waku relay protocol: " & getCurrentExceptionMsg())

# TODO: Get this from cli
var topicsPublicKeys = initTable[string, SkPublicKey]()
# Add validation keys to protected topics
for topic, publicKey in topicsPublicKeys.pairs:
info "routing only signed traffic", topic=topic, publicKey=publicKey
node.wakuRelay.addSignedTopicValidator(Pubsubtopic(topic), publicKey)

for topicKey in conf.protectedTopics:
if topicKey.topic notin pubsubTopics:
warn "protected topic not in subscribed pubsub topics, skipping adding validator",
protectedTopic=topicKey.topic, subscribedTopics=pubsubTopics
continue
notice "routing only signed traffic", protectedTopic=topicKey.topic, publicKey=topicKey.key
node.wakuRelay.addSignedTopicValidator(Pubsubtopic(topicKey.topic), topicKey.key)

# Keepalive mounted on all nodes
try:
Expand Down
36 changes: 35 additions & 1 deletion apps/wakunode2/config.nim
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@ import
libp2p/crypto/crypto,
libp2p/crypto/secp,
libp2p/multiaddress,
nimcrypto/utils
nimcrypto/utils,
secp256k1
import
../../waku/common/confutils/envvar/defs as confEnvvarDefs,
../../waku/common/confutils/envvar/std/net as confEnvvarNet,
Expand All @@ -25,13 +26,22 @@ export


type ConfResult*[T] = Result[T, string]
type ProtectedTopic* = object
topic*: string
key*: secp256k1.SkPublicKey

type
WakuNodeConf* = object
configFile* {.
desc: "Loads configuration from a TOML file (cmd-line parameters take precedence)"
name: "config-file" }: Option[InputFile]

## Application-level configuration
protectedTopics* {.
desc: "Topics and its public key to be used for message validation, topic:pubkey. Argument may be repeated."
defaultValue: newSeq[ProtectedTopic](0)
name: "protected-topic" .}: seq[ProtectedTopic]


## Log configuration
logLevel* {.
Expand Down Expand Up @@ -457,6 +467,19 @@ proc parseCmdArg*(T: type crypto.PrivateKey, p: string): T =
proc completeCmdArg*(T: type crypto.PrivateKey, val: string): seq[string] =
return @[]

proc parseCmdArg*(T: type ProtectedTopic, p: string): T =
let elements = p.split(":")
if elements.len != 2:
raise newException(ConfigurationError, "Invalid format for protected topic expected topic:publickey")

let publicKey = secp256k1.SkPublicKey.fromHex(elements[1])
if publicKey.isErr:
raise newException(ConfigurationError, "Invalid public key")

return ProtectedTopic(topic: elements[0], key: publicKey.get())

proc completeCmdArg*(T: type ProtectedTopic, val: string): seq[string] =
return @[]

proc parseCmdArg*(T: type ValidIpAddress, p: string): T =
try:
Expand Down Expand Up @@ -533,6 +556,17 @@ proc readValue*(r: var EnvvarReader, value: var crypto.PrivateKey) {.raises: [Se
except CatchableError:
raise newException(SerializationError, getCurrentExceptionMsg())

proc readValue*(r: var TomlReader, value: var ProtectedTopic) {.raises: [SerializationError].} =
try:
value = parseCmdArg(ProtectedTopic, r.readValue(string))
except CatchableError:
raise newException(SerializationError, getCurrentExceptionMsg())

proc readValue*(r: var EnvvarReader, value: var ProtectedTopic) {.raises: [SerializationError].} =
try:
value = parseCmdArg(ProtectedTopic, r.readValue(string))
except CatchableError:
raise newException(SerializationError, getCurrentExceptionMsg())

{.push warning[ProveInit]: off.}

Expand Down

0 comments on commit 16b4452

Please sign in to comment.