Introduce private attributes of the storage nodes #2580
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
cthulhu-rider
commented
Sep 14, 2023
•
cthulhu-rider
commented
- based on and blocked by https://github.com/nspcc-dev/neofs-contract/milestone/31
- closes Verifiable attributes #2280
Codecov Report
@@ Coverage Diff @@
## master #2580 +/- ##
==========================================
- Coverage 29.74% 29.71% -0.03%
==========================================
Files 408 411 +3
Lines 31215 31431 +216
==========================================
+ Hits 9284 9341 +57
- Misses 21119 21279 +160
+ Partials 812 811 -1
... and 1 file with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
from
871b6f9 to
3e2169b
Compare
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
6 times, most recently
from
e9c205e to
3b0d613
Compare
cthulhu-rider
requested review from
roman-khimov and
carpawell
as code owners
roman-khimov
requested changes
Sep 26, 2023
There was a problem hiding this comment.
Please adjust the scheme to have a fixed key that contains arbitrary NeoFS NNS domain (that can be registered by anyone and that's the key). This domain then should have a list of TXT records with addresses derived from node keys. IR will check for presence in this list.
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
2 times, most recently
from
d087255 to
bb00094
Compare
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
from
bb00094 to
3fc9e32
Compare
|
changes are done https://github.com/nspcc-dev/neofs-contract/releases/tag/v0.18.0 is now available, but it pulls https://github.com/nspcc-dev/neo-go/releases/tag/v0.102.0 along. So, lets wait for #2587 first |
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
3 times, most recently
from
d747829 to
5562ada
Compare
roman-khimov
requested changes
Oct 3, 2023
|
|
||
| ### Domain record format | ||
|
|
||
| For each public key, a record is created - a structure with at least 3 fields: |
There was a problem hiding this comment.
But why talking about structures when in fact it's just https://pkg.go.dev/github.com/nspcc-dev/neofs-contract/rpc/nns#Contract.AddRecord ?
There was a problem hiding this comment.
AddRecord only creates the record, then we read the structures. This may be useful for alternative integrations
docs/verified-node-domains.md
Outdated
| For each public key, a record is created - a structure with at least 3 fields: | ||
| 1. `ByteString` with name of the corresponding domain | ||
| 2. `Integer` that should be `16` (TXT records) | ||
| 3. `ByteString` with Neo address of the storage node's public key |
There was a problem hiding this comment.
address= as in NEP-18? https://github.com/neo-project/proposals/pull/133/files
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
4 times, most recently
from
23f9c70 to
50401cf
Compare
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
2 times, most recently
from
de115ad to
cc4add1
Compare
Signed-off-by: Leonard Lyubich <[email protected]>
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
from
cc4add1 to
be4c57d
Compare
From now, the Inner Ring checks any incoming node for permission to associate itself with optional private node group (kind of subnet). Access lists are stored in the NeoFS NNS. Closes #2280. Signed-off-by: Leonard Lyubich <[email protected]>
Add commands to get and set list of the storage nodes allowed to use domain of the private node group. Refs #2280. Signed-off-by: Leonard Lyubich <[email protected]>
Previously, Inner Ring called `getAllRecords` method to lookup for the particular entry. In particular, this method was used during validation of verified nodes' domains. Implementation was pretty complex due to low-levelness. The `resolve` method is much simpler, but it returns all records on each call. Taking into account that each domain can have no more than 255 records, this drawback is considered insignificant. From now, Inner Ring calls `resolve` method to check domain record existence. This is done as simple as possible through RPC interface provided by NeoFS Contracts lib. Refs #2280. Signed-off-by: Leonard Lyubich <[email protected]>
Similar motivation as in 8b0e5ed. Refs #2280. Signed-off-by: Leonard Lyubich <[email protected]>
From now verified nodes' domain records are prefixed with `address=` in order to comply the Neo specification. Signed-off-by: Leonard Lyubich <[email protected]>
cthulhu-rider
force-pushed
the
feature/2280-node-attr-validation
branch
from
be4c57d to
b87545a
Compare
roman-khimov
approved these changes
Oct 11, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.