chore: add validator for dos protec metrics and move to app

waku-org · May 2, 2023 · b08037d · b08037d
1 parent 16b4452
commit b08037d
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 15 deletions.
diff --git a/apps/wakunode2/app.nim b/apps/wakunode2/app.nim
@@ -37,10 +37,10 @@ import
   ../../waku/v2/waku_enr,
   ../../waku/v2/waku_discv5,
   ../../waku/v2/waku_peer_exchange,
-  ../../waku/v2/waku_relay/validators,
   ../../waku/v2/waku_store,
   ../../waku/v2/waku_lightpush,
   ../../waku/v2/waku_filter,
+  ./wakunode2_validator_signed,
   ./config
 import
   ../../waku/v2/node/message_cache,

diff --git a/waku/v2/waku_relay/validators.nim → .../wakunode2/wakunode2_validator_signed.nim b/waku/v2/waku_relay/validators.nim → .../wakunode2/wakunode2_validator_signed.nim
@@ -6,6 +6,7 @@ else:
 import
   chronicles,
   chronos,
+  metrics,
   stew/byteutils,
   libp2p/protocols/pubsub/gossipsub,
   libp2p/protocols/pubsub/rpc/messages,
@@ -14,8 +15,10 @@ import
   secp256k1
 
 import
-  ./protocol,
-  ../waku_core
+  ../../waku/v2/waku_relay/protocol,
+  ../../waku/v2/waku_core
+
+declarePublicCounter waku_msg_validator_signed_outcome, "number of messages for each validation outcome", ["result"]
 
 # Application level message hash
 proc msgHash*(pubSubTopic: string, msg: WakuMessage): array[32, byte] =
@@ -27,25 +30,23 @@ proc msgHash*(pubSubTopic: string, msg: WakuMessage): array[32, byte] =
   ctx.update(msg.payload)
   ctx.update(msg.contentTopic.toBytes())
 
-  # TODO: Other fields?
-
   return ctx.finish()
 
 proc addSignedTopicValidator*(w: WakuRelay, topic: PubsubTopic, publicTopicKey: SkPublicKey) =
   debug "adding validator to signed topic", topic=topic, publicTopicKey=publicTopicKey
 
   proc validator(topic: string, message: messages.Message): Future[errors.ValidationResult] {.async.} =
     let msg = WakuMessage.decode(message.data)
+    var outcome = errors.ValidationResult.Reject
+
     if msg.isOk():
       let msgHash = SkMessage(topic.msgHash(msg.get))
       let recoveredSignature = SkSignature.fromRaw(msg.get.meta)
-      if recoveredSignature.isErr():
-        # TODO: add metrics for accept/reject
-        return errors.ValidationResult.Reject
-      if recoveredSignature.get.verify(msgHash, publicTopicKey):
-        return errors.ValidationResult.Accept
-      else:
-        return errors.ValidationResult.Reject
-    return errors.ValidationResult.Reject
+      if recoveredSignature.isOk():
+        if recoveredSignature.get.verify(msgHash, publicTopicKey):
+          outcome = errors.ValidationResult.Accept
+
+    waku_msg_validator_signed_outcome.inc(labelValues = [$outcome])
+    return outcome
 
   w.addValidator(topic, validator)
diff --git a/tests/v2/waku_relay/test_wakunode_relay.nim b/tests/v2/waku_relay/test_wakunode_relay.nim
@@ -248,8 +248,7 @@ suite "WakuNode - Relay":
 
     await allFutures(nodes.mapIt(it.stop()))
 
-  # TODO: Test multiple protected topics
-
+# TODO: move to app tests when ready
   asyncTest "Spam protected topic accepts signed messages":
     # Create 5 nodes
     let nodes = toSeq(0..<5).mapIt(newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("0.0.0.0"), Port(0)))
@@ -319,6 +318,7 @@ suite "WakuNode - Relay":
     # Stop all nodes
     await allFutures(nodes.mapIt(it.stop()))
 
+# TODO: move to app tests when ready
   asyncTest "Spam protected topic rejects non-signed and wrongly-signed messages":
     # Create 5 nodes
     let nodes = toSeq(0..<5).mapIt(newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("0.0.0.0"), Port(0)))
@@ -403,6 +403,7 @@ suite "WakuNode - Relay":
 
     await allFutures(nodes.mapIt(it.stop()))
 
+# TODO: move to app tests when ready
   asyncTest "Spam protected topic rejects a spammer node":
     # Create 5 nodes
     let nodes = toSeq(0..<5).mapIt(newTestWakuNode(generateSecp256k1Key(), ValidIpAddress.init("0.0.0.0"), Port(0)))