Restrict first node selection based on the specified node ip and port

shardeum · Sep 19, 2024 · 6d51e9a · 6d51e9a
1 parent ae109e3
commit 6d51e9a
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 4 deletions.
diff --git a/src/API.ts b/src/API.ts
@@ -81,6 +81,7 @@ export function registerRoutes(server: FastifyInstance<Server, IncomingMessage,
     const signedFirstNodeInfo = request.body
 
     if (State.isFirst && NodeList.isEmpty() && !NodeList.foundFirstNode) {
+      // TODO - validate signedFirstNodeInfo payload before signature verification
       try {
         const isSignatureValid = Crypto.verify(signedFirstNodeInfo)
         if (!isSignatureValid) {
@@ -93,16 +94,22 @@ export function registerRoutes(server: FastifyInstance<Server, IncomingMessage,
         reply.send({ success: false, error: 'Signature verification failed' })
         return
       }
+      const ip = signedFirstNodeInfo.nodeInfo.externalIp
+      const port = signedFirstNodeInfo.nodeInfo.externalPort
+      const publicKey = signedFirstNodeInfo.nodeInfo.publicKey
+      if (config.restrictFirstNodeSelection) {
+        if (ip !== config.firstNodeInfo.IP || port !== config.firstNodeInfo.PORT) {
+          Logger.mainLogger.error('Invalid first node info', signedFirstNodeInfo)
+          reply.send({ success: false, error: 'Invalid first node info' })
+          return
+        }
+      }
       if (NodeList.foundFirstNode) {
         const res = NodeList.getCachedNodeList()
         reply.send(res)
         return
       }
       NodeList.toggleFirstNode()
-      const ip = signedFirstNodeInfo.nodeInfo.externalIp
-      const port = signedFirstNodeInfo.nodeInfo.externalPort
-      const publicKey = signedFirstNodeInfo.nodeInfo.publicKey
-
       const firstNode: NodeList.ConsensusNodeInfo = {
         ip,
         port,

diff --git a/src/Config.ts b/src/Config.ts
@@ -96,6 +96,11 @@ export interface Config {
     txCronSchedule: string
   }
   workerProcessesDebugLog: boolean // To enable debug logs for worker processes managed by the main process
+  restrictFirstNodeSelection: boolean // The flag to pick the first node that matches the IP and PORT specified in the firstNodeInfo
+  firstNodeInfo: {
+    IP: string
+    PORT: number
+  }
 }
 
 let config: Config = {
@@ -184,6 +189,11 @@ let config: Config = {
     txCronSchedule: '*/5 * * * *',
   },
   workerProcessesDebugLog: false,
+  restrictFirstNodeSelection: true,
+  firstNodeInfo: {
+    IP: '127.0.0.1',
+    PORT: 4000,
+  },
 }
 // Override default config params from config file, env vars, and cli args
 export async function overrideDefaultConfig(file: string): Promise<void> {