aptos_logger_link/
security.rs

1// Copyright (c) Aptos
2// SPDX-License-Identifier: Apache-2.0
3
4//!
5//! The security module gathers security-related logs:
6//! logs to detect malicious behavior from other validators.
7//!
8//! TODO: This likely belongs outside of the logging crate
9//!
10//! ```
11//! use aptos_logger::{error, SecurityEvent};
12//!
13//! error!(
14//!     SecurityEvent::InvalidRetrievedBlock,
15//!     "some_key" = "some data",
16//! );
17//! ```
18//!
19
20use crate::{Key, Schema, Value, Visitor};
21use serde::{Deserialize, Serialize};
22
23#[derive(Clone, Copy, Debug, Serialize, Deserialize)]
24#[serde(rename_all = "snake_case")]
25pub enum SecurityEvent {
26    //
27    // Mempool
28    //
29    /// Mempool received a transaction from another peer with an invalid signature
30    InvalidTransactionMempool,
31
32    /// Mempool received an invalid network event
33    InvalidNetworkEventMempool,
34
35    // Consensus
36    // ---------
37    /// Consensus received an invalid message (not well-formed, invalid vote data or incorrect signature)
38    ConsensusInvalidMessage,
39
40    /// Consensus received an equivocating vote
41    ConsensusEquivocatingVote,
42
43    /// Consensus received an invalid proposal
44    InvalidConsensusProposal,
45
46    /// Consensus received an invalid new round message
47    InvalidConsensusRound,
48
49    /// Consensus received an invalid sync info message
50    InvalidSyncInfoMsg,
51
52    /// A received block is invalid
53    InvalidRetrievedBlock,
54
55    /// A block being committed or executed is invalid
56    InvalidBlock,
57
58    // State-Sync
59    // ----------
60    /// Invalid chunk of transactions received
61    StateSyncInvalidChunk,
62
63    // Health Checker
64    // --------------
65    /// HealthChecker received an invalid network event
66    InvalidNetworkEventHC,
67
68    /// HealthChecker received an invalid message
69    InvalidHealthCheckerMsg,
70
71    // Network
72    // -------
73    /// Network received an invalid message from a remote peer
74    InvalidNetworkEvent,
75
76    /// A failed noise handshake that's either a clear bug or indicates some
77    /// security issue.
78    NoiseHandshake,
79}
80
81impl Schema for SecurityEvent {
82    fn visit(&self, visitor: &mut dyn Visitor) {
83        visitor.visit_pair(Key::new("security-event"), Value::from_serde(self))
84    }
85}