nklave-core 0.1.0

Core signing logic, BLS/Ed25519 keys, and slashing protection rules for Nklave
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315

//! Replication protocol messages
//!
//! Defines the wire format for primary-passive communication.

use crate::state::integrity::DecisionRecord;
use serde::{Deserialize, Serialize};

/// Protocol version for compatibility checking
pub const PROTOCOL_VERSION: u32 = 1;

/// Maximum message size (10MB)
pub const MAX_MESSAGE_SIZE: usize = 10 * 1024 * 1024;

/// Replication protocol messages
#[derive(Debug, Clone, Serialize, Deserialize)]
pub enum ReplicationMessage {
    /// Handshake to establish connection
    Hello(HelloMessage),

    /// Periodic heartbeat from primary
    Heartbeat(Heartbeat),

    /// Decision record streamed after signing
    Decision(DecisionRecord),

    /// Request to sync from a sequence number
    SyncRequest(SyncRequest),

    /// Response with batch of decision records
    SyncResponse(SyncResponse),

    /// Acknowledgment of received messages
    Ack(AckMessage),

    /// Error message
    Error(ErrorMessage),

    /// Fencing token for split-brain prevention
    FencingToken(FencingToken),
}

/// Initial handshake message
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct HelloMessage {
    /// Protocol version
    pub version: u32,

    /// Node identifier
    pub node_id: String,

    /// Current role (Primary or Passive)
    pub role: String,

    /// Current sequence number
    pub sequence: u64,

    /// Current state hash
    #[serde(with = "hex_bytes")]
    pub state_hash: [u8; 32],

    /// Genesis validators root (if set)
    #[serde(with = "option_hex_bytes")]
    pub genesis_root: Option<[u8; 32]>,
}

/// Heartbeat message sent periodically by primary
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Heartbeat {
    /// Current sequence number on primary
    pub sequence: u64,

    /// Current state hash on primary
    #[serde(with = "hex_bytes")]
    pub state_hash: [u8; 32],

    /// Unix timestamp (milliseconds)
    pub timestamp_ms: u64,

    /// Current fencing token
    pub fencing_token: u64,
}

impl Heartbeat {
    /// Create a new heartbeat
    pub fn new(sequence: u64, state_hash: [u8; 32], fencing_token: u64) -> Self {
        let timestamp_ms = std::time::SystemTime::now()
            .duration_since(std::time::UNIX_EPOCH)
            .unwrap_or_default()
            .as_millis() as u64;

        Self {
            sequence,
            state_hash,
            timestamp_ms,
            fencing_token,
        }
    }
}

/// Request to sync decision records from a specific sequence
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SyncRequest {
    /// Start sequence number (exclusive)
    pub from_sequence: u64,

    /// Maximum number of records to return
    pub max_records: u32,

    /// Expected state hash at from_sequence
    #[serde(with = "hex_bytes")]
    pub expected_hash: [u8; 32],
}

/// Response containing batched decision records
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SyncResponse {
    /// Records in sequence order
    pub records: Vec<DecisionRecord>,

    /// Whether there are more records available
    pub has_more: bool,

    /// Current sequence on primary
    pub current_sequence: u64,
}

/// Acknowledgment message
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct AckMessage {
    /// Sequence number being acknowledged
    pub sequence: u64,

    /// State hash after applying up to this sequence
    #[serde(with = "hex_bytes")]
    pub state_hash: [u8; 32],
}

/// Error message
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ErrorMessage {
    /// Error code
    pub code: ErrorCode,

    /// Human-readable description
    pub description: String,

    /// Sequence number where error occurred (if applicable)
    pub sequence: Option<u64>,
}

/// Error codes for replication protocol
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
pub enum ErrorCode {
    /// Protocol version mismatch
    VersionMismatch,

    /// State hash mismatch (divergence detected)
    HashMismatch,

    /// Sequence gap detected
    SequenceGap,

    /// Invalid fencing token
    InvalidFencingToken,

    /// Genesis root mismatch
    GenesisRootMismatch,

    /// Not authorized (wrong role)
    NotAuthorized,

    /// Internal error
    Internal,
}

/// Fencing token for split-brain prevention
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct FencingToken {
    /// Token value (monotonically increasing)
    pub token: u64,

    /// Node ID that generated this token
    pub issued_by: String,

    /// Unix timestamp when issued
    pub issued_at: u64,

    /// Signature over (token, issued_by, issued_at) - optional for now
    pub signature: Option<Vec<u8>>,
}

impl FencingToken {
    /// Create a new fencing token
    pub fn new(token: u64, node_id: &str) -> Self {
        let issued_at = std::time::SystemTime::now()
            .duration_since(std::time::UNIX_EPOCH)
            .unwrap_or_default()
            .as_secs();

        Self {
            token,
            issued_by: node_id.to_string(),
            issued_at,
            signature: None,
        }
    }

    /// Check if this token supersedes another
    pub fn supersedes(&self, other: &FencingToken) -> bool {
        self.token > other.token
    }
}

/// Serialize/deserialize helper for [u8; 32]
mod hex_bytes {
    use serde::{Deserialize, Deserializer, Serializer};

    pub fn serialize<S>(bytes: &[u8; 32], serializer: S) -> Result<S::Ok, S::Error>
    where
        S: Serializer,
    {
        serializer.serialize_str(&hex::encode(bytes))
    }

    pub fn deserialize<'de, D>(deserializer: D) -> Result<[u8; 32], D::Error>
    where
        D: Deserializer<'de>,
    {
        let s: String = Deserialize::deserialize(deserializer)?;
        let s = s.strip_prefix("0x").unwrap_or(&s);
        let bytes = hex::decode(s).map_err(serde::de::Error::custom)?;
        if bytes.len() != 32 {
            return Err(serde::de::Error::custom(format!(
                "expected 32 bytes, got {}",
                bytes.len()
            )));
        }
        let mut arr = [0u8; 32];
        arr.copy_from_slice(&bytes);
        Ok(arr)
    }
}

/// Serialize/deserialize helper for Option<[u8; 32]>
mod option_hex_bytes {
    use serde::{Deserialize, Deserializer, Serializer};

    pub fn serialize<S>(bytes: &Option<[u8; 32]>, serializer: S) -> Result<S::Ok, S::Error>
    where
        S: Serializer,
    {
        match bytes {
            Some(b) => serializer.serialize_some(&hex::encode(b)),
            None => serializer.serialize_none(),
        }
    }

    pub fn deserialize<'de, D>(deserializer: D) -> Result<Option<[u8; 32]>, D::Error>
    where
        D: Deserializer<'de>,
    {
        let opt: Option<String> = Deserialize::deserialize(deserializer)?;
        match opt {
            Some(s) => {
                let s = s.strip_prefix("0x").unwrap_or(&s);
                let bytes = hex::decode(s).map_err(serde::de::Error::custom)?;
                if bytes.len() != 32 {
                    return Err(serde::de::Error::custom(format!(
                        "expected 32 bytes, got {}",
                        bytes.len()
                    )));
                }
                let mut arr = [0u8; 32];
                arr.copy_from_slice(&bytes);
                Ok(Some(arr))
            }
            None => Ok(None),
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_heartbeat_creation() {
        let hb = Heartbeat::new(100, [1u8; 32], 5);
        assert_eq!(hb.sequence, 100);
        assert_eq!(hb.fencing_token, 5);
        assert!(hb.timestamp_ms > 0);
    }

    #[test]
    fn test_fencing_token_supersedes() {
        let token1 = FencingToken::new(1, "node-a");
        let token2 = FencingToken::new(2, "node-b");

        assert!(token2.supersedes(&token1));
        assert!(!token1.supersedes(&token2));
    }

    #[test]
    fn test_message_serialization() {
        let msg = ReplicationMessage::Heartbeat(Heartbeat::new(100, [0u8; 32], 1));
        let json = serde_json::to_string(&msg).unwrap();
        let parsed: ReplicationMessage = serde_json::from_str(&json).unwrap();

        if let ReplicationMessage::Heartbeat(hb) = parsed {
            assert_eq!(hb.sequence, 100);
        } else {
            panic!("Expected Heartbeat message");
        }
    }
}