Ursula now sets interface info using public key, providing signed interface info. Other Ursulas refuse to propagate unless this info is correct.

2017-11-05 19:04:04 -08:00 · 2017-11-05 19:04:04 -08:00 · d49eb130af
parent 745e5a43b4
commit d49eb130af
2 changed files with 20 additions and 4 deletions
--- a/nkms/characters.py
+++ b/nkms/characters.py
@ -235,7 +235,7 @@ class Ursula(Character):
    interface = None

    def ip_dht_key(self):
-        return b"uaddr-" + bytes(self.seal)
+        return bytes(self.seal)

    def attach_server(self, ksize=20, alpha=3, id=None, storage=None,
                      *args, **kwargs):
@ -254,7 +254,12 @@ class Ursula(Character):
        if not self.port and self.interface:
            raise RuntimeError("Must listen before publishing interface information.")
        ip_dht_key = self.ip_dht_key()
-        setter = self.server.set(key=ip_dht_key, value=msgpack.dumps((self.port, self.interface, bytes(self.seal))))
+
+        interface_info = msgpack.dumps((self.port, self.interface))
+        signature = self.seal(interface_info)
+
+        value = b"uaddr-" + msgpack.dumps([signature, bytes(self.seal), interface_info])
+        setter = self.server.set(key=ip_dht_key, value=value)
        blockchain_client._ursulas_on_blockchain.append(ip_dht_key)
        loop = asyncio.get_event_loop()
        loop.run_until_complete(setter)
--- a/nkms/network/protocols.py
+++ b/nkms/network/protocols.py
@ -1,4 +1,4 @@
-import asyncio
+import msgpack

 from kademlia.node import Node
 from kademlia.protocol import KademliaProtocol
@ -6,6 +6,7 @@ from kademlia.utils import digest
 from nkms.network.constants import NODE_HAS_NO_STORAGE
 from nkms.network.node import NuCypherNode
 from nkms.network.routing import NuCypherRoutingTable
+from nkms.crypto import api as API, _alpha


 class NuCypherHashProtocol(KademliaProtocol):
@ -41,11 +42,21 @@ class NuCypherHashProtocol(KademliaProtocol):
        self.welcomeIfNewNode(source)
        self.log.debug("got a store request from %s" % str(sender))
        if value.startswith(b"uaddr"):
-            assert False
+            signature, ursula_pubkey_sig, interface_info = msgpack.loads(value.lstrip(b"uaddr-"))
+            proper_key = digest(ursula_pubkey_sig)
+            verified = _alpha.verify(signature, interface_info, ursula_pubkey_sig)
+            if not verified or not proper_key == key:
+                # TODO: What exactly to do in this scenario?
+                self.log.warning("Possible Vladimir detected - tried to set incorrect Ursula interface key.")
+                return
        self.storage[key] = value
        return True


+
+
+
+
 class NuCypherSeedOnlyProtocol(NuCypherHashProtocol):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)