Cleanup

Builds/CMake/RippledCore.cmake

@@ -114,7 +114,8 @@ target_sources (xrpl_core PRIVATE
   src/ripple/crypto/impl/RFC1751.cpp
   src/ripple/crypto/impl/csprng.cpp
   src/ripple/crypto/impl/ec_key.cpp
-  src/ripple/crypto/impl/openssl.cpp)
+  src/ripple/crypto/impl/openssl.cpp
+  src/ripple/crypto/impl/secure_erase.cpp)
 
 add_library (Ripple::xrpl_core ALIAS xrpl_core)
 target_include_directories (xrpl_core
@@ -168,6 +169,7 @@ install (
     src/ripple/crypto/GenerateDeterministicKey.h
     src/ripple/crypto/RFC1751.h
     src/ripple/crypto/csprng.h
+    src/ripple/crypto/secure_erase.h
   DESTINATION include/ripple/crypto)
 install (
   FILES
@@ -267,7 +269,6 @@ install (
     src/ripple/beast/crypto/detail/ripemd_context.h
     src/ripple/beast/crypto/detail/sha2_context.h
     src/ripple/beast/crypto/ripemd.h
-    src/ripple/beast/crypto/secure_erase.h
     src/ripple/beast/crypto/sha2.h
   DESTINATION include/ripple/beast/crypto)
 install (
@@ -433,7 +434,6 @@ target_sources (rippled PRIVATE
   src/ripple/basics/impl/BasicConfig.cpp
   src/ripple/basics/impl/PerfLogImp.cpp
   src/ripple/basics/impl/ResolverAsio.cpp
-  src/ripple/basics/impl/Sustain.cpp
   src/ripple/basics/impl/UptimeClock.cpp
   src/ripple/basics/impl/make_SSLContext.cpp
   src/ripple/basics/impl/mulDiv.cpp

Builds/containers/shared/rippled.service

@@ -1,12 +1,12 @@
 [Unit]
 Description=Ripple Daemon
+After=network-online.target
+Wants=network-online.target
 
 [Service]
 Type=simple
 ExecStart=/opt/ripple/bin/rippled --net --silent --conf /etc/opt/ripple/rippled.cfg
-# Default KillSignal can be used if/when rippled handles SIGTERM
-KillSignal=SIGINT
-Restart=no
+Restart=on-failure
 User=rippled
 Group=rippled
 LimitNOFILE=65536

src/ripple/app/consensus/RCLConsensus.cpp

@@ -32,11 +32,13 @@
 #include <ripple/app/misc/TxQ.h>
 #include <ripple/app/misc/ValidatorKeys.h>
 #include <ripple/app/misc/ValidatorList.h>
+#include <ripple/basics/random.h>
 #include <ripple/beast/core/LexicalCast.h>
 #include <ripple/consensus/LedgerTiming.h>
 #include <ripple/nodestore/DatabaseShard.h>
 #include <ripple/overlay/Overlay.h>
 #include <ripple/overlay/predicates.h>
+#include <ripple/protocol/BuildInfo.h>
 #include <ripple/protocol/Feature.h>
 #include <ripple/protocol/digest.h>
 
@@ -85,7 +87,14 @@ RCLConsensus::Adaptor::Adaptor(
     , nodeID_{validatorKeys.nodeID}
     , valPublic_{validatorKeys.publicKey}
     , valSecret_{validatorKeys.secretKey}
+    , valCookie_{
+          rand_int<std::uint64_t>(1, std::numeric_limits<std::uint64_t>::max())}
 {
+    assert(valCookie_ != 0);
+
+    JLOG(j_.info()) << "Consensus engine started"
+                    << " (Node: " << to_string(nodeID_)
+                    << ", Cookie: " << valCookie_ << ")";
 }
 
 boost::optional<RCLCxLedger>
@@ -753,41 +762,68 @@ RCLConsensus::Adaptor::validate(
     bool proposing)
 {
     using namespace std::chrono_literals;
+
     auto validationTime = app_.timeKeeper().closeTime();
     if (validationTime <= lastValidationTime_)
         validationTime = lastValidationTime_ + 1s;
     lastValidationTime_ = validationTime;
 
-    STValidation::FeeSettings fees;
-    std::vector<uint256> amendments;
-
-    auto const& feeTrack = app_.getFeeTrack();
-    std::uint32_t fee =
-        std::max(feeTrack.getLocalFee(), feeTrack.getClusterFee());
-
-    if (fee > feeTrack.getLoadBase())
-        fees.loadFee = fee;
-
-    // next ledger is flag ledger
-    if (((ledger.seq() + 1) % 256) == 0)
-    {
-        // Suggest fee changes and new features
-        feeVote_->doValidation(ledger.ledger_, fees);
-        amendments = app_.getAmendmentTable().doValidation(
-            getEnabledAmendments(*ledger.ledger_));
-    }
-
     auto v = std::make_shared<STValidation>(
-        ledger.id(),
-        ledger.seq(),
-        txns.id(),
-        validationTime,
+        lastValidationTime_,
         valPublic_,
         valSecret_,
         nodeID_,
-        proposing /* full if proposed */,
-        fees,
-        amendments);
+        [&](STValidation& v) {
+            v.setFieldH256(sfLedgerHash, ledger.id());
+            v.setFieldH256(sfConsensusHash, txns.id());
+
+            v.setFieldU32(sfLedgerSequence, ledger.seq());
+
+            if (proposing)
+                v.setFlag(vfFullValidation);
+
+            if (ledger.ledger_->rules().enabled(featureHardenedValidations))
+            {
+                // Attest to the hash of what we consider to be the last fully
+                // validated ledger. This may be the hash of the ledger we are
+                // validating here, and that's fine.
+                if (auto const vl = ledgerMaster_.getValidatedLedger())
+                    v.setFieldH256(sfValidatedHash, vl->info().hash);
+
+                v.setFieldU64(sfCookie, valCookie_);
+
+                // Report our server version every flag ledger:
+                if ((ledger.seq() + 1) % 256 == 0)
+                    v.setFieldU64(
+                        sfServerVersion, BuildInfo::getEncodedVersion());
+            }
+
+            // Report our load
+            {
+                auto const& ft = app_.getFeeTrack();
+                auto const fee = std::max(ft.getLocalFee(), ft.getClusterFee());
+                if (fee > ft.getLoadBase())
+                    v.setFieldU32(sfLoadFee, fee);
+            }
+
+            // If the next ledger is a flag ledger, suggest fee changes and
+            // new features:
+            if ((ledger.seq() + 1) % 256 == 0)
+            {
+                // Fees:
+                feeVote_->doValidation(ledger.ledger_->fees(), v);
+
+                // Amendments
+                // FIXME: pass `v` and have the function insert the array
+                // directly?
+                auto const amendments = app_.getAmendmentTable().doValidation(
+                    getEnabledAmendments(*ledger.ledger_));
+
+                if (!amendments.empty())
+                    v.setFieldV256(
+                        sfAmendments, STVector256(sfAmendments, amendments));
+            }
+        });
 
     // suppress it if we receive it
     app_.getHashRouter().addSuppression(

src/ripple/app/consensus/RCLConsensus.h

@@ -66,6 +66,9 @@ class RCLConsensus
         PublicKey const valPublic_;
         SecretKey const valSecret_;
 
+        // A randomly selected non-zero value used to tag our validations
+        std::uint64_t const valCookie_;
+
         // Ledger we most recently needed to acquire
         LedgerHash acquiringLedger_;
         ConsensusParms parms_;

src/ripple/app/consensus/RCLCxPeerPos.cpp

@@ -78,8 +78,8 @@ proposalUniqueId(
     Slice const& signature)
 {
     Serializer s(512);
-    s.add256(proposeHash);
-    s.add256(previousLedger);
+    s.addBitString(proposeHash);
+    s.addBitString(previousLedger);
     s.add32(proposeSeq);
     s.add32(closeTime.time_since_epoch().count());
     s.addVL(publicKey);

src/ripple/app/consensus/RCLValidations.cpp

@@ -151,15 +151,14 @@ RCLValidationsAdaptor::acquire(LedgerHash const& hash)
 bool
 handleNewValidation(
     Application& app,
-    STValidation::ref val,
+    std::shared_ptr<STValidation> const& val,
     std::string const& source)
 {
     PublicKey const& signingKey = val->getSignerPublic();
     uint256 const& hash = val->getLedgerHash();
 
     // Ensure validation is marked as trusted if signer currently trusted
-    boost::optional<PublicKey> masterKey =
-        app.validators().getTrustedKey(signingKey);
+    auto masterKey = app.validators().getTrustedKey(signingKey);
     if (!val->isTrusted() && masterKey)
         val->setTrusted();
 
@@ -172,13 +171,15 @@ handleNewValidation(
     beast::Journal const j = validations.adaptor().journal();
 
     auto dmp = [&](beast::Journal::Stream s, std::string const& msg) {
-        s << "Val for " << hash
-          << (val->isTrusted() ? " trusted/" : " UNtrusted/")
-          << (val->isFull() ? "full" : "partial") << " from "
-          << (masterKey ? toBase58(TokenType::NodePublic, *masterKey)
-                        : "unknown")
-          << " signing key " << toBase58(TokenType::NodePublic, signingKey)
-          << " " << msg << " src=" << source;
+        std::string id = toBase58(TokenType::NodePublic, signingKey);
+
+        if (masterKey)
+            id += ":" + toBase58(TokenType::NodePublic, *masterKey);
+
+        s << (val->isTrusted() ? "trusted" : "untrusted") << " "
+          << (val->isFull() ? "full" : "partial") << " validation: " << hash
+          << " from " << id << " via " << source << ": " << msg << "\n"
+          << " [" << val->getSerializer().slice() << "]";
     };
 
     if (!val->isFieldPresent(sfLedgerSequence))
@@ -192,13 +193,30 @@ handleNewValidation(
     if (masterKey)
     {
         ValStatus const outcome = validations.add(calcNodeID(*masterKey), val);
+
         if (j.debug())
             dmp(j.debug(), to_string(outcome));
 
-        if (outcome == ValStatus::badSeq && j.warn())
+        if (outcome == ValStatus::conflicting && j.warn())
+        {
+            auto const seq = val->getFieldU32(sfLedgerSequence);
+            dmp(j.warn(),
+                "conflicting validations issued for " + to_string(seq) +
+                    " (likely from a Byzantine validator)");
+        }
+
+        if (outcome == ValStatus::multiple && j.warn())
         {
             auto const seq = val->getFieldU32(sfLedgerSequence);
             dmp(j.warn(),
+                "multiple validations issued for " + to_string(seq) +
+                    " (multiple validators operating with the same key?)");
+        }
+
+        if (outcome == ValStatus::badSeq && j.warn())
+        {
+            auto const seq = val->getFieldU32(sfLedgerSequence);
+            dmp(j.debug(),
                 "already validated sequence at or past " + std::to_string(seq));
         }
 

src/ripple/app/consensus/RCLValidations.h

@@ -33,12 +33,11 @@ class Application;
 
 /** Wrapper over STValidation for generic Validation code
 
-    Wraps an STValidation::pointer for compatibility with the generic validation
-    code.
+    Wraps an STValidation for compatibility with the generic validation code.
 */
 class RCLValidation
 {
-    STValidation::pointer val_;
+    std::shared_ptr<STValidation> val_;
 
 public:
     using NodeKey = ripple::PublicKey;
@@ -48,7 +47,7 @@ class RCLValidation
 
         @param v The validation to wrap.
     */
-    RCLValidation(STValidation::pointer const& v) : val_{v}
+    RCLValidation(std::shared_ptr<STValidation> const& v) : val_{v}
     {
     }
 
@@ -127,8 +126,15 @@ class RCLValidation
         return ~(*val_)[~sfLoadFee];
     }
 
+    /// Get the cookie specified in the validation (0 if not set)
+    std::uint64_t
+    cookie() const
+    {
+        return (*val_)[sfCookie];
+    }
+
     /// Extract the underlying STValidation being wrapped
-    STValidation::pointer
+    std::shared_ptr<STValidation>
     unwrap() const
     {
         return val_;
@@ -243,7 +249,7 @@ using RCLValidations = Validations<RCLValidationsAdaptor>;
 bool
 handleNewValidation(
     Application& app,
-    STValidation::ref val,
+    std::shared_ptr<STValidation> const& val,
     std::string const& source);
 
 }  // namespace ripple

src/ripple/app/ledger/LedgerMaster.h

@@ -51,10 +51,6 @@ class Transaction;
 // Tracks the current ledger and any ledgers in the process of closing
 // Tracks ledger history
 // Tracks held transactions
-
-// VFALCO TODO Rename to Ledgers
-//        It sounds like this holds all the ledgers...
-//
 class LedgerMaster : public Stoppable, public AbstractFetchPackContainer
 {
 public: