insecure

package
v0.26.16-access-conn-pool Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 18, 2022 License: AGPL-3.0 Imports: 16 Imported by: 14

README

Insecure Package

The insecure package encapsulates tools and technologies for testing codebase against attack vectors of malicious nodes. The package and sub-packages namings are chosen in a way that reflect this purpose. This package if fore testing only and should not be utilized for any production-grade development that affects production networks such as the mainnet.

Documentation

Index

Constants

View Source
const (
	ProtocolUnicast   = "protocol-unicast"
	ProtocolMulticast = "protocol-multicast"
	ProtocolPublish   = "protocol-publish"
	ProtocolUnknown   = "unknown-protocol"
)

Variables

View Source
var Protocol_name = map[int32]string{
	0: "UNKNOWN",
	1: "UNICAST",
	2: "MULTICAST",
	3: "PUBLISH",
}
View Source
var Protocol_value = map[string]int32{
	"UNKNOWN":   0,
	"UNICAST":   1,
	"MULTICAST": 2,
	"PUBLISH":   3,
}

Functions

func MessageFixture added in v0.26.0

func MessageFixture(t *testing.T, codec network.Codec, protocol Protocol, content interface{}) (*Message, *Event, *flow.Identity)

MessageFixture creates and returns a randomly generated gRPC message that is sent between a corruptible conduit and the attack network. It also generates and returns the corresponding application-layer event of that message, which is sent between the attack network and the orchestrator.

func MessageFixtures added in v0.26.0

func MessageFixtures(t *testing.T, codec network.Codec, protocol Protocol, count int) ([]*Message, []*Event,
	flow.IdentityList)

MessageFixtures creates and returns randomly generated gRCP messages and their corresponding protocol-level events. The messages are sent between a corruptible conduit and the attack network. The events are the corresponding protocol-level representation of messages.

func ProtocolStr added in v0.26.0

func ProtocolStr(p Protocol) string

func RegisterAttackerServer

func RegisterAttackerServer(s *grpc.Server, srv AttackerServer)

func RegisterCorruptibleConduitFactoryServer

func RegisterCorruptibleConduitFactoryServer(s *grpc.Server, srv CorruptibleConduitFactoryServer)

Types

type AttackNetwork

type AttackNetwork interface {
	component.Component
	// Send enforces dissemination of given event via its encapsulated corrupted node networking layer through the Flow network.
	Send(*Event) error
}

AttackNetwork represents the networking interface that is available to the attacker for sending messages "through" corrupted nodes "to" the rest of the network.

type AttackOrchestrator

type AttackOrchestrator interface {
	// HandleEventFromCorruptedNode implements logic of processing the events received from a corrupted node.
	//
	// In Corruptible Conduit Framework for BFT testing, corrupted nodes relay their outgoing events to
	// the attacker instead of dispatching them to the network.
	HandleEventFromCorruptedNode(*Event) error

	WithAttackNetwork(AttackNetwork)
}

AttackOrchestrator represents the stateful interface that implements a certain type of attack, e.g., wintermute attack.

type AttackerClient

type AttackerClient interface {
	Observe(ctx context.Context, opts ...grpc.CallOption) (Attacker_ObserveClient, error)
}

AttackerClient is the client API for Attacker service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewAttackerClient

func NewAttackerClient(cc *grpc.ClientConn) AttackerClient

type AttackerRegisterMessage

type AttackerRegisterMessage struct {
	Address              string   `protobuf:"bytes,1,opt,name=address,proto3" json:"address,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

AttackerRegisterMessage is the message an attacker uses to register itself to the chosen CorruptibleConduitFactory, and takes its control.

func (*AttackerRegisterMessage) Descriptor

func (*AttackerRegisterMessage) Descriptor() ([]byte, []int)

func (*AttackerRegisterMessage) GetAddress

func (m *AttackerRegisterMessage) GetAddress() string

func (*AttackerRegisterMessage) ProtoMessage

func (*AttackerRegisterMessage) ProtoMessage()

func (*AttackerRegisterMessage) Reset

func (m *AttackerRegisterMessage) Reset()

func (*AttackerRegisterMessage) String

func (m *AttackerRegisterMessage) String() string

func (*AttackerRegisterMessage) XXX_DiscardUnknown

func (m *AttackerRegisterMessage) XXX_DiscardUnknown()

func (*AttackerRegisterMessage) XXX_Marshal

func (m *AttackerRegisterMessage) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AttackerRegisterMessage) XXX_Merge

func (m *AttackerRegisterMessage) XXX_Merge(src proto.Message)

func (*AttackerRegisterMessage) XXX_Size

func (m *AttackerRegisterMessage) XXX_Size() int

func (*AttackerRegisterMessage) XXX_Unmarshal

func (m *AttackerRegisterMessage) XXX_Unmarshal(b []byte) error

type AttackerServer

type AttackerServer interface {
	Observe(Attacker_ObserveServer) error
}

AttackerServer is the server API for Attacker service.

type Attacker_ObserveClient

type Attacker_ObserveClient interface {
	Send(*Message) error
	CloseAndRecv() (*empty.Empty, error)
	grpc.ClientStream
}

type Attacker_ObserveServer

type Attacker_ObserveServer interface {
	SendAndClose(*empty.Empty) error
	Recv() (*Message, error)
	grpc.ServerStream
}

type ConduitController added in v0.25.2

type ConduitController interface {
	// HandleIncomingEvent sends an incoming event to the conduit factory to process.
	HandleIncomingEvent(interface{}, network.Channel, Protocol, uint32, ...flow.Identifier) error

	// EngineClosingChannel informs the conduit factory that the corresponding engine of the given channel is not going to
	// use it anymore, hence the channel can be closed.
	EngineClosingChannel(network.Channel) error
}

ConduitController defines part of the behavior of a corruptible conduit factory that controls the conduits it creates.

type CorruptedNodeConnection added in v0.25.2

type CorruptedNodeConnection interface {
	// SendMessage sends the message from orchestrator to the corrupted conduit factory.
	SendMessage(*Message) error

	// CloseConnection closes the connection to the corrupted conduit factory.
	CloseConnection() error
}

CorruptedNodeConnection abstracts connection from orchestrator to a corrupted conduit factory through the attack network.

type CorruptedNodeConnector added in v0.25.2

type CorruptedNodeConnector interface {
	// Connect creates a connection the corruptible conduit factory of the given corrupted identity.
	Connect(context.Context, flow.Identifier) (CorruptedNodeConnection, error)

	// WithAttackerAddress sets the address of attacker for registration on corruptible conduit factories.
	WithAttackerAddress(string)
}

CorruptedNodeConnector establishes a connection to a remote corrupted node.

type CorruptibleConduitFactoryClient

type CorruptibleConduitFactoryClient interface {
	RegisterAttacker(ctx context.Context, in *AttackerRegisterMessage, opts ...grpc.CallOption) (*empty.Empty, error)
	ProcessAttackerMessage(ctx context.Context, opts ...grpc.CallOption) (CorruptibleConduitFactory_ProcessAttackerMessageClient, error)
}

CorruptibleConduitFactoryClient is the client API for CorruptibleConduitFactory service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.

func NewCorruptibleConduitFactoryClient

func NewCorruptibleConduitFactoryClient(cc *grpc.ClientConn) CorruptibleConduitFactoryClient

type CorruptibleConduitFactoryServer

type CorruptibleConduitFactoryServer interface {
	RegisterAttacker(context.Context, *AttackerRegisterMessage) (*empty.Empty, error)
	ProcessAttackerMessage(CorruptibleConduitFactory_ProcessAttackerMessageServer) error
}

CorruptibleConduitFactoryServer is the server API for CorruptibleConduitFactory service.

type CorruptibleConduitFactory_ProcessAttackerMessageClient

type CorruptibleConduitFactory_ProcessAttackerMessageClient interface {
	Send(*Message) error
	CloseAndRecv() (*empty.Empty, error)
	grpc.ClientStream
}

type CorruptibleConduitFactory_ProcessAttackerMessageServer

type CorruptibleConduitFactory_ProcessAttackerMessageServer interface {
	SendAndClose(*empty.Empty) error
	Recv() (*Message, error)
	grpc.ServerStream
}

type Event added in v0.25.2

type Event struct {
	CorruptedNodeId flow.Identifier // identifier of corrupted flow node that this corruptible conduit belongs to
	Channel         network.Channel // channel of the event on the corrupted conduit
	Protocol        Protocol        // networking-layer protocol that this event was meant to send on.
	TargetNum       uint32          // number of randomly chosen targets (used in multicast protocol).

	// set of target identifiers (can be any subset of nodes, either honest or corrupted).
	TargetIds flow.IdentifierList

	// the protocol-level event that the corrupted node is relaying to
	// the attacker. The event is originated by the corrupted node, and is
	// sent to attacker to decide on its content before dispatching it to the
	// Flow network.
	FlowProtocolEvent interface{}
}

Event represents the data model that is exchanged between the attacker and the attack orchestrator. An event is the protocol-level representation of an outgoing message of a corruptible conduit. The corruptible conduit relays the message to the attacker instead of dispatching it through the Flow network. The attacker decodes the message into an event and relays it to the orchestrator. Each corrupted conduit is uniquely identified by 1) corrupted node ID and 2) channel

type Message

type Message struct {
	ChannelID            string   `protobuf:"bytes,1,opt,name=ChannelID,proto3" json:"ChannelID,omitempty"`
	OriginID             []byte   `protobuf:"bytes,2,opt,name=OriginID,proto3" json:"OriginID,omitempty"`
	TargetNum            uint32   `protobuf:"varint,3,opt,name=TargetNum,proto3" json:"TargetNum,omitempty"`
	TargetIDs            [][]byte `protobuf:"bytes,4,rep,name=TargetIDs,proto3" json:"TargetIDs,omitempty"`
	Payload              []byte   `protobuf:"bytes,5,opt,name=Payload,proto3" json:"Payload,omitempty"`
	Protocol             Protocol `protobuf:"varint,6,opt,name=protocol,proto3,enum=corruptible.Protocol" json:"protocol,omitempty"`
	XXX_NoUnkeyedLiteral struct{} `json:"-"`
	XXX_unrecognized     []byte   `json:"-"`
	XXX_sizecache        int32    `json:"-"`
}

Message is represents the message exchanged between the CorruptibleConduitFactory and Attacker services.

func (*Message) Descriptor

func (*Message) Descriptor() ([]byte, []int)

func (*Message) GetChannelID

func (m *Message) GetChannelID() string

func (*Message) GetOriginID

func (m *Message) GetOriginID() []byte

func (*Message) GetPayload

func (m *Message) GetPayload() []byte

func (*Message) GetProtocol

func (m *Message) GetProtocol() Protocol

func (*Message) GetTargetIDs

func (m *Message) GetTargetIDs() [][]byte

func (*Message) GetTargetNum added in v0.25.2

func (m *Message) GetTargetNum() uint32

func (*Message) ProtoMessage

func (*Message) ProtoMessage()

func (*Message) Reset

func (m *Message) Reset()

func (*Message) String

func (m *Message) String() string

func (*Message) XXX_DiscardUnknown

func (m *Message) XXX_DiscardUnknown()

func (*Message) XXX_Marshal

func (m *Message) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Message) XXX_Merge

func (m *Message) XXX_Merge(src proto.Message)

func (*Message) XXX_Size

func (m *Message) XXX_Size() int

func (*Message) XXX_Unmarshal

func (m *Message) XXX_Unmarshal(b []byte) error

type Protocol

type Protocol int32
const (
	Protocol_UNKNOWN   Protocol = 0
	Protocol_UNICAST   Protocol = 1
	Protocol_MULTICAST Protocol = 2
	Protocol_PUBLISH   Protocol = 3
)

func (Protocol) EnumDescriptor

func (Protocol) EnumDescriptor() ([]byte, []int)

func (Protocol) String

func (x Protocol) String() string

type UnimplementedAttackerServer

type UnimplementedAttackerServer struct {
}

UnimplementedAttackerServer can be embedded to have forward compatible implementations.

func (*UnimplementedAttackerServer) Observe

type UnimplementedCorruptibleConduitFactoryServer

type UnimplementedCorruptibleConduitFactoryServer struct {
}

UnimplementedCorruptibleConduitFactoryServer can be embedded to have forward compatible implementations.

func (*UnimplementedCorruptibleConduitFactoryServer) ProcessAttackerMessage

func (*UnimplementedCorruptibleConduitFactoryServer) RegisterAttacker

Directories

Path Synopsis
cmd
integration

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL