hashgraph-like-consensus 0.4.0

A lightweight Rust library for making binary decisions in networks using hashgraph-style consensus
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180

//! End-to-end test that exercises [`ConsensusService`] with a non-Ethereum
//! signature scheme. Proves the [`ConsensusSignatureScheme`] abstraction
//! holds for embedders integrating Ed25519, HSMs, libchat accounts, etc.
//!
//! The stub scheme used here is intentionally trivial — signatures are
//! `SHA256(identity || payload)` — which is enough to demonstrate that votes
//! signed by one peer and validated by another round-trip cleanly through the
//! service without any Ethereum-specific assumptions.

use hashgraph_like_consensus::{
    events::BroadcastEventBus,
    scope::ScopeID,
    service::ConsensusService,
    session::ConsensusConfig,
    signing::{ConsensusSchemeError, ConsensusSignatureScheme},
    storage::{ConsensusStorage, InMemoryConsensusStorage},
    types::CreateProposalRequest,
    utils::build_vote,
};
use sha2::{Digest, Sha256};

const STUB_IDENTITY_LEN: usize = 8;

/// Trivial signature scheme used to validate the generic plumbing.
///
/// **Not cryptographically secure** — any holder of the identity can forge
/// signatures. Only suitable as a test stub for verifying that
/// [`ConsensusService`] does not bake in Ethereum-specific assumptions.
#[derive(Debug, Clone)]
struct StubSigner {
    identity: [u8; STUB_IDENTITY_LEN],
}

impl StubSigner {
    fn new(identity: [u8; STUB_IDENTITY_LEN]) -> Self {
        Self { identity }
    }

    fn expected_signature(identity: &[u8], payload: &[u8]) -> Vec<u8> {
        let mut h = Sha256::new();
        h.update(identity);
        h.update(payload);
        h.finalize().to_vec()
    }
}

impl ConsensusSignatureScheme for StubSigner {
    fn identity(&self) -> &[u8] {
        &self.identity
    }

    async fn sign(&self, payload: &[u8]) -> Result<Vec<u8>, ConsensusSchemeError> {
        Ok(Self::expected_signature(&self.identity, payload))
    }

    fn verify(
        identity: &[u8],
        payload: &[u8],
        signature: &[u8],
    ) -> Result<bool, ConsensusSchemeError> {
        if identity.len() != STUB_IDENTITY_LEN {
            return Err(ConsensusSchemeError::Verify(format!(
                "stub identity must be {STUB_IDENTITY_LEN} bytes, got {}",
                identity.len()
            )));
        }
        Ok(signature == Self::expected_signature(identity, payload))
    }
}

type StubService = ConsensusService<
    ScopeID,
    InMemoryConsensusStorage<ScopeID>,
    BroadcastEventBus<ScopeID>,
    StubSigner,
>;

/// Build a per-peer service sharing storage and event bus.
fn peer_service(
    storage: &InMemoryConsensusStorage<ScopeID>,
    bus: &BroadcastEventBus<ScopeID>,
    signer: StubSigner,
) -> StubService {
    StubService::new_with_components(storage.clone(), bus.clone(), signer, 10)
}

#[tokio::test]
async fn stub_scheme_reaches_consensus_without_ethereum_types() {
    let storage = InMemoryConsensusStorage::<ScopeID>::new();
    let bus = BroadcastEventBus::<ScopeID>::default();
    let scope = ScopeID::from("stub-scope");

    let owner = peer_service(&storage, &bus, StubSigner::new([1; STUB_IDENTITY_LEN]));
    let voter_two = peer_service(&storage, &bus, StubSigner::new([2; STUB_IDENTITY_LEN]));
    let voter_three = peer_service(&storage, &bus, StubSigner::new([3; STUB_IDENTITY_LEN]));

    let proposal = owner
        .create_proposal_with_config(
            &scope,
            CreateProposalRequest::new(
                "stub-proposal".into(),
                b"payload".to_vec(),
                owner.signer().identity().to_vec(),
                3,
                60,
                true,
            )
            .expect("valid proposal request"),
            Some(ConsensusConfig::gossipsub()),
        )
        .await
        .expect("proposal should be created");

    owner
        .cast_vote(&scope, proposal.proposal_id, true)
        .await
        .expect("owner vote");
    voter_two
        .cast_vote(&scope, proposal.proposal_id, true)
        .await
        .expect("voter two");
    voter_three
        .cast_vote(&scope, proposal.proposal_id, true)
        .await
        .expect("voter three");

    let session = owner
        .storage()
        .get_session(&scope, proposal.proposal_id)
        .await
        .expect("get session")
        .expect("session exists");
    assert!(
        session.get_consensus_result().expect("consensus reached"),
        "3 YES votes via stub scheme should reach consensus"
    );
}

#[tokio::test]
async fn stub_scheme_rejects_forged_signature() {
    let storage = InMemoryConsensusStorage::<ScopeID>::new();
    let bus = BroadcastEventBus::<ScopeID>::default();
    let scope = ScopeID::from("stub-scope-forge");

    let owner = peer_service(&storage, &bus, StubSigner::new([9; STUB_IDENTITY_LEN]));
    let voter = StubSigner::new([10; STUB_IDENTITY_LEN]);

    let proposal = owner
        .create_proposal_with_config(
            &scope,
            CreateProposalRequest::new(
                "stub-proposal".into(),
                b"payload".to_vec(),
                owner.signer().identity().to_vec(),
                2,
                60,
                true,
            )
            .expect("valid proposal request"),
            Some(ConsensusConfig::gossipsub()),
        )
        .await
        .expect("proposal should be created");

    let mut vote = build_vote(&proposal, true, &voter).await.expect("vote");
    // Tamper with the signature so verify() returns false.
    vote.signature.iter_mut().for_each(|b| *b ^= 0xFF);

    let err = owner
        .process_incoming_vote(&scope, vote)
        .await
        .expect_err("forged signature must be rejected");
    assert!(
        matches!(
            err,
            hashgraph_like_consensus::error::ConsensusError::InvalidVoteSignature
        ),
        "expected InvalidVoteSignature, got {err:?}"
    );
}