Improve the Byzantine validator detector:

This commit expands the detection capabilities of the Byzantine validation detector. Prior to this commit, only validators that were on a server's UNL were monitored. Now, all the validations that a server receives are passed through the detector.
2026-06-03 00:36:37 +00:00 · 2021-02-19 19:08:52 -08:00
parent 27d978b891
commit b4699c3b46
18 changed files with 360 additions and 235 deletions
--- a/src/ripple/protocol/impl/STValidation.cpp
+++ b/src/ripple/protocol/impl/STValidation.cpp
@@ -31,24 +31,26 @@ STValidation::validationFormat()
    // We can't have this be a magic static at namespace scope because
    // it relies on the SField's below being initialized, and we can't
    // guarantee the initialization order.
+    // clang-format off
    static SOTemplate const format{
-        {sfFlags, soeREQUIRED},
-        {sfLedgerHash, soeREQUIRED},
-        {sfLedgerSequence, soeREQUIRED},
-        {sfCloseTime, soeOPTIONAL},
-        {sfLoadFee, soeOPTIONAL},
-        {sfAmendments, soeOPTIONAL},
-        {sfBaseFee, soeOPTIONAL},
-        {sfReserveBase, soeOPTIONAL},
-        {sfReserveIncrement, soeOPTIONAL},
-        {sfSigningTime, soeREQUIRED},
-        {sfSigningPubKey, soeREQUIRED},
-        {sfSignature, soeREQUIRED},
-        {sfConsensusHash, soeOPTIONAL},
-        {sfCookie, soeDEFAULT},
-        {sfValidatedHash, soeOPTIONAL},
-        {sfServerVersion, soeOPTIONAL},
+        {sfFlags,               soeREQUIRED},
+        {sfLedgerHash,          soeREQUIRED},
+        {sfLedgerSequence,      soeREQUIRED},
+        {sfCloseTime,           soeOPTIONAL},
+        {sfLoadFee,             soeOPTIONAL},
+        {sfAmendments,          soeOPTIONAL},
+        {sfBaseFee,             soeOPTIONAL},
+        {sfReserveBase,         soeOPTIONAL},
+        {sfReserveIncrement,    soeOPTIONAL},
+        {sfSigningTime,         soeREQUIRED},
+        {sfSigningPubKey,       soeREQUIRED},
+        {sfSignature,           soeREQUIRED},
+        {sfConsensusHash,       soeOPTIONAL},
+        {sfCookie,              soeDEFAULT},
+        {sfValidatedHash,       soeOPTIONAL},
+        {sfServerVersion,       soeOPTIONAL},
    };
+    // clang-format on

    return format;
 };
@@ -78,40 +80,30 @@ STValidation::getSignTime() const
 }

 NetClock::time_point
-STValidation::getSeenTime() const
+STValidation::getSeenTime() const noexcept
 {
    return seenTime_;
 }

 bool
-STValidation::isValid() const
+STValidation::isValid() const noexcept
 {
-    try
+    if (!valid_)
    {
-        if (publicKeyType(getSignerPublic()) != KeyType::secp256k1)
-            return false;
+        assert(publicKeyType(getSignerPublic()) == KeyType::secp256k1);

-        return verifyDigest(
+        valid_ = verifyDigest(
            getSignerPublic(),
            getSigningHash(),
            makeSlice(getFieldVL(sfSignature)),
            getFlags() & vfFullyCanonicalSig);
    }
-    catch (std::exception const&)
-    {
-        JLOG(debugLog().error()) << "Exception validating validation";
-        return false;
-    }
-}

-PublicKey
-STValidation::getSignerPublic() const
-{
-    return PublicKey(makeSlice(getFieldVL(sfSigningPubKey)));
+    return valid_.value();
 }

 bool
-STValidation::isFull() const
+STValidation::isFull() const noexcept
 {
    return (getFlags() & vfFullValidation) != 0;
 }