github.com/SmartMeshFoundation/Spectrum@v0.0.0-20220621030607-452a266fee1e/trie/secure_trie.go (about)

     1  // Copyright 2015 The Spectrum Authors
     2  // This file is part of the Spectrum library.
     3  //
     4  // The Spectrum library is free software: you can redistribute it and/or modify
     5  // it under the terms of the GNU Lesser General Public License as published by
     6  // the Free Software Foundation, either version 3 of the License, or
     7  // (at your option) any later version.
     8  //
     9  // The Spectrum library is distributed in the hope that it will be useful,
    10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    12  // GNU Lesser General Public License for more details.
    13  //
    14  // You should have received a copy of the GNU Lesser General Public License
    15  // along with the Spectrum library. If not, see <http://www.gnu.org/licenses/>.
    16  
    17  package trie
    18  
    19  import (
    20  	"fmt"
    21  
    22  	"github.com/SmartMeshFoundation/Spectrum/common"
    23  	"github.com/SmartMeshFoundation/Spectrum/log"
    24  )
    25  
    26  var secureKeyPrefix = []byte("secure-key-")
    27  
    28  const secureKeyLength = 11 + 32 // Length of the above prefix + 32byte hash
    29  
    30  // SecureTrie wraps a trie with key hashing. In a secure trie, all
    31  // access operations hash the key using keccak256. This prevents
    32  // calling code from creating long chains of nodes that
    33  // increase the access time.
    34  //
    35  // Contrary to a regular trie, a SecureTrie can only be created with
    36  // New and must have an attached database. The database also stores
    37  // the preimage of each key.
    38  //
    39  // SecureTrie is not safe for concurrent use.
    40  type SecureTrie struct {
    41  	trie             Trie
    42  	hashKeyBuf       [secureKeyLength]byte
    43  	secKeyBuf        [200]byte
    44  	secKeyCache      map[string][]byte
    45  	secKeyCacheOwner *SecureTrie // Pointer to self, replace the key cache on mismatch
    46  }
    47  
    48  // NewSecure creates a trie with an existing root node from db.
    49  //
    50  // If root is the zero hash or the sha3 hash of an empty string, the
    51  // trie is initially empty. Otherwise, New will panic if db is nil
    52  // and returns MissingNodeError if the root node cannot be found.
    53  //
    54  // Accessing the trie loads nodes from db on demand.
    55  // Loaded nodes are kept around until their 'cache generation' expires.
    56  // A new cache generation is created by each call to Commit.
    57  // cachelimit sets the number of past cache generations to keep.
    58  func NewSecure(root common.Hash, db Database, cachelimit uint16) (*SecureTrie, error) {
    59  	if db == nil {
    60  		panic("NewSecure called with nil database")
    61  	}
    62  	trie, err := New(root, db)
    63  	if err != nil {
    64  		return nil, err
    65  	}
    66  	trie.SetCacheLimit(cachelimit)
    67  	return &SecureTrie{trie: *trie}, nil
    68  }
    69  
    70  // Get returns the value for key stored in the trie.
    71  // The value bytes must not be modified by the caller.
    72  func (t *SecureTrie) Get(key []byte) []byte {
    73  	res, err := t.TryGet(key)
    74  	if err != nil {
    75  		log.Error(fmt.Sprintf("Unhandled trie error: %v", err))
    76  	}
    77  	return res
    78  }
    79  
    80  // TryGet returns the value for key stored in the trie.
    81  // The value bytes must not be modified by the caller.
    82  // If a node was not found in the database, a MissingNodeError is returned.
    83  func (t *SecureTrie) TryGet(key []byte) ([]byte, error) {
    84  	return t.trie.TryGet(t.hashKey(key))
    85  }
    86  
    87  // Update associates key with value in the trie. Subsequent calls to
    88  // Get will return value. If value has length zero, any existing value
    89  // is deleted from the trie and calls to Get will return nil.
    90  //
    91  // The value bytes must not be modified by the caller while they are
    92  // stored in the trie.
    93  func (t *SecureTrie) Update(key, value []byte) {
    94  	if err := t.TryUpdate(key, value); err != nil {
    95  		log.Error(fmt.Sprintf("Unhandled trie error: %v", err))
    96  	}
    97  }
    98  
    99  // TryUpdate associates key with value in the trie. Subsequent calls to
   100  // Get will return value. If value has length zero, any existing value
   101  // is deleted from the trie and calls to Get will return nil.
   102  //
   103  // The value bytes must not be modified by the caller while they are
   104  // stored in the trie.
   105  //
   106  // If a node was not found in the database, a MissingNodeError is returned.
   107  func (t *SecureTrie) TryUpdate(key, value []byte) error {
   108  	hk := t.hashKey(key)
   109  	err := t.trie.TryUpdate(hk, value)
   110  	if err != nil {
   111  		return err
   112  	}
   113  	t.getSecKeyCache()[string(hk)] = common.CopyBytes(key)
   114  	return nil
   115  }
   116  
   117  // Delete removes any existing value for key from the trie.
   118  func (t *SecureTrie) Delete(key []byte) {
   119  	if err := t.TryDelete(key); err != nil {
   120  		log.Error(fmt.Sprintf("Unhandled trie error: %v", err))
   121  	}
   122  }
   123  
   124  // TryDelete removes any existing value for key from the trie.
   125  // If a node was not found in the database, a MissingNodeError is returned.
   126  func (t *SecureTrie) TryDelete(key []byte) error {
   127  	hk := t.hashKey(key)
   128  	delete(t.getSecKeyCache(), string(hk))
   129  	return t.trie.TryDelete(hk)
   130  }
   131  
   132  // GetKey returns the sha3 preimage of a hashed key that was
   133  // previously used to store a value.
   134  func (t *SecureTrie) GetKey(shaKey []byte) []byte {
   135  	if key, ok := t.getSecKeyCache()[string(shaKey)]; ok {
   136  		return key
   137  	}
   138  	key, _ := t.trie.db.Get(t.secKey(shaKey))
   139  	return key
   140  }
   141  
   142  // Commit writes all nodes and the secure hash pre-images to the trie's database.
   143  // Nodes are stored with their sha3 hash as the key.
   144  //
   145  // Committing flushes nodes from memory. Subsequent Get calls will load nodes
   146  // from the database.
   147  func (t *SecureTrie) Commit() (root common.Hash, err error) {
   148  	return t.CommitTo(t.trie.db)
   149  }
   150  
   151  func (t *SecureTrie) Hash() common.Hash {
   152  	return t.trie.Hash()
   153  }
   154  
   155  func (t *SecureTrie) Root() []byte {
   156  	return t.trie.Root()
   157  }
   158  
   159  func (t *SecureTrie) Copy() *SecureTrie {
   160  	cpy := *t
   161  	return &cpy
   162  }
   163  
   164  // NodeIterator returns an iterator that returns nodes of the underlying trie. Iteration
   165  // starts at the key after the given start key.
   166  func (t *SecureTrie) NodeIterator(start []byte) NodeIterator {
   167  	return t.trie.NodeIterator(start)
   168  }
   169  
   170  // CommitTo writes all nodes and the secure hash pre-images to the given database.
   171  // Nodes are stored with their sha3 hash as the key.
   172  //
   173  // Committing flushes nodes from memory. Subsequent Get calls will load nodes from
   174  // the trie's database. Calling code must ensure that the changes made to db are
   175  // written back to the trie's attached database before using the trie.
   176  func (t *SecureTrie) CommitTo(db DatabaseWriter) (root common.Hash, err error) {
   177  	if len(t.getSecKeyCache()) > 0 {
   178  		for hk, key := range t.secKeyCache {
   179  			if err := db.Put(t.secKey([]byte(hk)), key); err != nil {
   180  				return common.Hash{}, err
   181  			}
   182  		}
   183  		t.secKeyCache = make(map[string][]byte)
   184  	}
   185  	return t.trie.CommitTo(db)
   186  }
   187  
   188  // secKey returns the database key for the preimage of key, as an ephemeral buffer.
   189  // The caller must not hold onto the return value because it will become
   190  // invalid on the next call to hashKey or secKey.
   191  func (t *SecureTrie) secKey(key []byte) []byte {
   192  	buf := append(t.secKeyBuf[:0], secureKeyPrefix...)
   193  	buf = append(buf, key...)
   194  	return buf
   195  }
   196  
   197  // hashKey returns the hash of key as an ephemeral buffer.
   198  // The caller must not hold onto the return value because it will become
   199  // invalid on the next call to hashKey or secKey.
   200  func (t *SecureTrie) hashKey(key []byte) []byte {
   201  	h := newHasher(0, 0)
   202  	calculator := h.newCalculator()
   203  	calculator.sha.Write(key)
   204  	buf := calculator.sha.Sum(t.hashKeyBuf[:0])
   205  	h.returnCalculator(calculator)
   206  	return buf
   207  }
   208  
   209  // getSecKeyCache returns the current secure key cache, creating a new one if
   210  // ownership changed (i.e. the current secure trie is a copy of another owning
   211  // the actual cache).
   212  func (t *SecureTrie) getSecKeyCache() map[string][]byte {
   213  	if t != t.secKeyCacheOwner {
   214  		t.secKeyCacheOwner = t
   215  		t.secKeyCache = make(map[string][]byte)
   216  	}
   217  	return t.secKeyCache
   218  }