Skip to content

Commit

Permalink
Add manual scripts for mesh security
Browse files Browse the repository at this point in the history
  • Loading branch information
trinitys7 committed Sep 6, 2024
1 parent d1b7af4 commit 901403c
Show file tree
Hide file tree
Showing 11 changed files with 1,049 additions and 0 deletions.
122 changes: 122 additions & 0 deletions scripts/mesh/multinode.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
#!/bin/bash
set -xeu

# always returns true so set -e doesn't exit if it is not running.
killall meshd || true
rm -rf $HOME/.meshd/

# make four mesh directories
mkdir $HOME/.meshd
cd $HOME/.meshd/
mkdir $HOME/.meshd/validator1
mkdir $HOME/.meshd/validator2
mkdir $HOME/.meshd/validator3

# init all three validators
meshd init --chain-id=testing-1 validator1 --home=$HOME/.meshd/validator1
meshd init --chain-id=testing-1 validator2 --home=$HOME/.meshd/validator2
meshd init --chain-id=testing-1 validator3 --home=$HOME/.meshd/validator3

# create keys for all three validators
meshd keys add validator1 --keyring-backend=test --home=$HOME/.meshd/validator1
meshd keys add validator2 --keyring-backend=test --home=$HOME/.meshd/validator2
meshd keys add validator3 --keyring-backend=test --home=$HOME/.meshd/validator3

# create validator node with tokens to transfer to the three other nodes
meshd add-genesis-account $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator1
meshd add-genesis-account $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator1
meshd add-genesis-account $(meshd keys show validator3 -a --keyring-backend=test --home=$HOME/.meshd/validator3) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator1
meshd add-genesis-account $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator2
meshd add-genesis-account $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator2
meshd add-genesis-account $(meshd keys show validator3 -a --keyring-backend=test --home=$HOME/.meshd/validator3) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator2
meshd add-genesis-account $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator3
meshd add-genesis-account $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator3
meshd add-genesis-account $(meshd keys show validator3 -a --keyring-backend=test --home=$HOME/.meshd/validator3) 10000000000000000000000000000000stake,10000000000000000000000000000000osmo --home=$HOME/.meshd/validator3
meshd gentx validator1 1000000000000000000000stake --keyring-backend=test --home=$HOME/.meshd/validator1 --chain-id=testing-1
meshd gentx validator2 1000000000000000000000stake --keyring-backend=test --home=$HOME/.meshd/validator2 --chain-id=testing-1
meshd gentx validator3 1000000000000000000000stake --keyring-backend=test --home=$HOME/.meshd/validator3 --chain-id=testing-1

cp validator2/config/gentx/*.json $HOME/.meshd/validator1/config/gentx/
cp validator3/config/gentx/*.json $HOME/.meshd/validator1/config/gentx/
meshd collect-gentxs --home=$HOME/.meshd/validator1

# cp validator1/config/genesis.json $HOME/.meshd/validator2/config/genesis.json
# cp validator1/config/genesis.json $HOME/.meshd/validator3/config/genesis.json


# change app.toml values
VALIDATOR1_APP_TOML=$HOME/.meshd/validator1/config/app.toml
VALIDATOR2_APP_TOML=$HOME/.meshd/validator2/config/app.toml
VALIDATOR3_APP_TOML=$HOME/.meshd/validator3/config/app.toml

# validator1
sed -i -E 's|localhost:9090|localhost:9050|g' $VALIDATOR1_APP_TOML
sed -i -E 's|127.0.0.1:9090|127.0.0.1:9050|g' $VALIDATOR1_APP_TOML

# validator2
sed -i -E 's|tcp://localhost:1317|tcp://localhost:1316|g' $VALIDATOR2_APP_TOML
# sed -i -E 's|127.0.0.1:9090|127.0.0.1:9088|g' $VALIDATOR2_APP_TOML
sed -i -E 's|localhost:9090|localhost:9088|g' $VALIDATOR2_APP_TOML
# sed -i -E 's|0.0.0.0:9091|0.0.0.0:9089|g' $VALIDATOR2_APP_TOML
sed -i -E 's|localhost:9091|localhost:9089|g' $VALIDATOR2_APP_TOML
sed -i -E 's|tcp://0.0.0.0:10337|tcp://0.0.0.0:10347|g' $VALIDATOR2_APP_TOML

# validator3
sed -i -E 's|tcp://localhost:1317|tcp://localhost:1315|g' $VALIDATOR3_APP_TOML
# sed -i -E 's|127.0.0.1:9090|127.0.0.1:9086|g' $VALIDATOR3_APP_TOML
sed -i -E 's|localhost:9090|localhost:9086|g' $VALIDATOR3_APP_TOML
# sed -i -E 's|0.0.0.0:9091|0.0.0.0:9087|g' $VALIDATOR3_APP_TOML
sed -i -E 's|localhost:9091|localhost:9087|g' $VALIDATOR3_APP_TOML
sed -i -E 's|tcp://0.0.0.0:10337|tcp://0.0.0.0:10357|g' $VALIDATOR3_APP_TOML

# change config.toml values
VALIDATOR1_CONFIG=$HOME/.meshd/validator1/config/config.toml
VALIDATOR2_CONFIG=$HOME/.meshd/validator2/config/config.toml
VALIDATOR3_CONFIG=$HOME/.meshd/validator3/config/config.toml


# validator1
sed -i -E 's|allow_duplicate_ip = false|allow_duplicate_ip = true|g' $VALIDATOR1_CONFIG
sed -i -E 's|prometheus = false|prometheus = true|g' $VALIDATOR1_CONFIG


# validator2
sed -i -E 's|tcp://127.0.0.1:26658|tcp://127.0.0.1:26655|g' $VALIDATOR2_CONFIG
sed -i -E 's|tcp://127.0.0.1:26657|tcp://127.0.0.1:26654|g' $VALIDATOR2_CONFIG
sed -i -E 's|tcp://0.0.0.0:26656|tcp://0.0.0.0:26653|g' $VALIDATOR2_CONFIG
sed -i -E 's|allow_duplicate_ip = false|allow_duplicate_ip = true|g' $VALIDATOR2_CONFIG
sed -i -E 's|prometheus = false|prometheus = true|g' $VALIDATOR2_CONFIG
sed -i -E 's|prometheus_listen_addr = ":26660"|prometheus_listen_addr = ":26630"|g' $VALIDATOR2_CONFIG

# validator3
sed -i -E 's|tcp://127.0.0.1:26658|tcp://127.0.0.1:26652|g' $VALIDATOR3_CONFIG
sed -i -E 's|tcp://127.0.0.1:26657|tcp://127.0.0.1:26651|g' $VALIDATOR3_CONFIG
sed -i -E 's|tcp://0.0.0.0:26656|tcp://0.0.0.0:26650|g' $VALIDATOR3_CONFIG
sed -i -E 's|allow_duplicate_ip = false|allow_duplicate_ip = true|g' $VALIDATOR3_CONFIG
sed -i -E 's|prometheus = false|prometheus = true|g' $VALIDATOR3_CONFIG
sed -i -E 's|prometheus_listen_addr = ":26660"|prometheus_listen_addr = ":26620"|g' $VALIDATOR3_CONFIG

# copy validator1 genesis file to validator2-3
cp $HOME/.meshd/validator1/config/genesis.json $HOME/.meshd/validator2/config/genesis.json
cp $HOME/.meshd/validator1/config/genesis.json $HOME/.meshd/validator3/config/genesis.json

# copy tendermint node id of validator1 to persistent peers of validator2-3
node1=$(meshd tendermint show-node-id --home=$HOME/.meshd/validator1)
node2=$(meshd tendermint show-node-id --home=$HOME/.meshd/validator2)
node3=$(meshd tendermint show-node-id --home=$HOME/.meshd/validator3)
sed -i -E "s|persistent_peers = \"\"|persistent_peers = \"$node1@localhost:26656,$node2@localhost:26656,$node3@localhost:26656\"|g" $HOME/.meshd/validator1/config/config.toml
sed -i -E "s|persistent_peers = \"\"|persistent_peers = \"$node1@localhost:26656,$node2@localhost:26656,$node3@localhost:26656\"|g" $HOME/.meshd/validator2/config/config.toml
sed -i -E "s|persistent_peers = \"\"|persistent_peers = \"$node1@localhost:26656,$node2@localhost:26656,$node3@localhost:26656\"|g" $HOME/.meshd/validator3/config/config.toml


# # start all three validators/
# meshd start --home=$HOME/.meshd/validator1
screen -S mesh1 -t mesh1 -d -m meshd start --home=$HOME/.meshd/validator1
screen -S mesh2 -t mesh2 -d -m meshd start --home=$HOME/.meshd/validator2
screen -S mesh3 -t mesh3 -d -m meshd start --home=$HOME/.meshd/validator3
# meshd start --home=$HOME/.meshd/validator3

sleep 7

meshd tx bank send $(meshd keys show validator1 -a --keyring-backend=test --home=$HOME/.meshd/validator1) $(meshd keys show validator2 -a --keyring-backend=test --home=$HOME/.meshd/validator2) 100000stake --keyring-backend=test --chain-id=testing-1 -y --home=$HOME/.meshd/validator1 --fees 100000000000000osmo

45 changes: 45 additions & 0 deletions scripts/mesh/runnode.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
#!/bin/bash
killall meshd || true
rm -rf $HOME/.meshd/


meshd keys add val --keyring-backend test
meshd keys add test1 --keyring-backend test
meshd keys add test2 --keyring-backend test
meshd keys add test3 --keyring-backend test

# init chain
meshd init test-1 --chain-id testt

# Change parameter token denominations to stake
cat $HOME/.meshd/config/genesis.json | jq '.app_state["staking"]["params"]["bond_denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json
cat $HOME/.meshd/config/genesis.json | jq '.app_state["crisis"]["constant_fee"]["denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json
cat $HOME/.meshd/config/genesis.json | jq '.app_state["gov"]["deposit_params"]["min_deposit"][0]["denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json
cat $HOME/.meshd/config/genesis.json | jq '.app_state["mint"]["params"]["mint_denom"]="stake"' > $HOME/.meshd/config/tmp_genesis.json && mv $HOME/.meshd/config/tmp_genesis.json $HOME/.meshd/config/genesis.json

# Allocate genesis accounts (cosmos formatted addresses)
meshd add-genesis-account val 1000000000000stake --keyring-backend test
meshd add-genesis-account test1 1000000000stake --keyring-backend test
meshd add-genesis-account test2 1000000000stake --keyring-backend test
meshd add-genesis-account test3 50000000stake --keyring-backend test

# Sign genesis transaction
meshd gentx val 1000000stake --keyring-backend test --chain-id testt

# Collect genesis tx
meshd collect-gentxs

# Run this to ensure everything worked and that the genesis file is setup correctly
meshd validate-genesis

# Start the node (remove the --pruning=nothing flag if historical queries are not needed)


screen -S meshx -t meshx -d -m meshd start

sleep 7

test2=$(meshd keys show test1 --keyring-backend test -a)
val2=$(meshd keys show val --keyring-backend test -a)

meshd tx bank send $val2 $test2 100000stake --chain-id testt --keyring-backend test --fees 10stake -y #--node tcp://127.0.0.1:26657
195 changes: 195 additions & 0 deletions scripts/mesh/test_immediate_unbond.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,195 @@
# !/bin/bash
killall meshd || true
killall rly || true
# deploy chain 1
./scripts/mesh/testibc/chain1.sh
# deploy chain 2
./scripts/mesh/testibc/chain2.sh
sleep 7
./scripts/mesh/testibc/instantiate.sh
# run relayer
./scripts/mesh/testibc/rly.sh

home1node1=$HOME/.meshd/chain1/node1
home2node1=$HOME/.meshd/chain2/node1
node2=tcp://127.0.0.1:26667

virtual_staking=$(meshd q wasm list-contract-by-code 2 --output json | jq -r '.contracts[0]' )
converter=$(meshd q wasm list-contract-by-code 3 --output json | jq -r '.contracts[0]' )
vault=$(meshd q wasm list-contract-by-code 1 --output json --node $node2 | jq -r '.contracts[0]' )
native_staking=$(meshd q wasm list-contract-by-code 3 --output json --node $node2 | jq -r '.contracts[0]' )
ext_staking=$(meshd q wasm list-contract-by-code 4 --output json --node $node2 | jq -r '.contracts[0]' )
test1_provider_addr=$(meshd keys show test1 --keyring-backend test --home=$home2node1 --address)

# Set virtual staking max cap
meshd tx meshsecurity submit-proposal set-virtual-staking-max-cap $virtual_staking 100000000stake --title "a title" --summary "a summary" --from test1 --keyring-backend test --home=$home1node1 --chain-id chain-1 -y --deposit 10000000stake

sleep 7

meshd tx gov vote 1 yes --from val1 --keyring-backend test --home=$home1node1 --chain-id chain-1 -y

sleep 5

# Update mesh security provider module's params
gov_addr=$(meshd q auth --node $node2 module-account gov -o json | jq ".account.base_account.address")

echo "gov addr: $gov_addr"
proposal=$(cat <<EOF
{
"messages": [
{
"@type": "/osmosis.meshsecurityprovider.MsgUpdateParams",
"authority": $gov_addr,
"params": {
"vault_address": "$vault",
"native_staking_address": "$native_staking"
}
}
],
"metadata": "ipfs://CID",
"deposit": "100000000stake",
"title": "Update params",
"summary": "Update params"
}
EOF
)
echo $proposal
echo $proposal > ./scripts/mesh/update_params.json
meshd tx gov submit-proposal ./scripts/mesh/update_params.json --from test1 --keyring-backend test --home=$home2node1 --node $node2 --chain-id chain-2 -y

sleep 7

meshd tx gov vote 1 yes --from val1 --keyring-backend test --home=$home2node1 --chain-id chain-2 --node $node2 -y

sleep 30

# stake from provider(chain2) '{"bond":{}}'=======bond============
meshd tx wasm execute $vault '{"bond":{"amount":{"amount": "20000000", "denom":"stake"}}}' --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929

sleep 7

account_query=$(cat <<EOF
{
"account_details": {
"account": "$test1_provider_addr"
}
}
EOF
)

meshd q wasm state smart $vault "$account_query" --node $node2

# Compare tokens and select the operator address with the larger tokens value
validators=$(meshd q staking validators --output json --node $node2)
tokens_0=$(echo "$validators" | jq -r '.validators[0].tokens')
tokens_1=$(echo "$json_data" | jq -r '.validators[1].tokens')

if (( tokens_0 > tokens_1 )); then
val2_provider_addr=$(echo "$validators" | jq -r '.validators[0].operator_address')
else
val2_provider_addr=$(echo "$validators" | jq -r '.validators[1].operator_address')
fi

echo "validator 2: $val2_provider_addr"

# Stake 10_000_000 stake to val 1 provider chain
stake_msg=$(cat <<EOF
{"validator": "$val2_provider_addr"}
EOF
)
encode_msg=$(echo "$stake_msg" | base64)

stake_local_msg=$(cat <<EOF
{
"stake_local":{
"amount": {
"denom":"stake",
"amount":"10000000"
},
"msg":"$encode_msg"
}
}
EOF
)


meshd tx wasm execute $vault "$stake_local_msg" --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929

# Wait a while for relaying tx to consumer chain
sleep 20

account_query=$(cat <<EOF
{
"account_details": {
"account": "$test1_provider_addr"
}
}
EOF
)
meshd q wasm state smart $vault "$account_query" --node $node2

# Stop running validator 2 to make it jail
pid=$(ps waux | grep -i screen | grep -i mesh2-node2 | grep -v grep | awk '{print $2}' | xargs -I{} pgrep -P {} | xargs -I{} pgrep -P {} | xargs -I{} ps -w -p {} | grep meshd | awk '{print $1}')
kill -9 $pid

# wait for 2 minutes to jail validator
sleep 120

meshd q staking validator $val2_provider_addr --node $node2

val2_status=$(meshd q staking validator $val2_provider_addr --node $node2 -o json| jq '.jailed')
echo "jailed: $val2_status"

# Get proxy contract
proxy_by_owner_query=$(cat <<EOF
{
"proxy_by_owner": {"owner": "$test1_provider_addr"}
}
EOF
)
native_staking_proxy=$(meshd q wasm state smart $native_staking "$proxy_by_owner_query" --node $node2 -o json | jq -r '.data.proxy')

echo "proxy address: $native_staking_proxy"

# Unstake
unstake_msg=$(cat <<EOF
{
"unstake":{
"validator":"$val2_provider_addr",
"amount": {
"denom":"stake",
"amount":"10000000"
}
}
}
EOF
)

meshd tx wasm execute $native_staking_proxy "$unstake_msg" --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929

sleep 7

meshd tx wasm execute $native_staking_proxy '{"release_unbonded": {}}' --from test1 --home=$home2node1 --chain-id chain-2 --keyring-backend test --node $node2 --fees 1stake -y --gas 15406929

sleep 7
account_query=$(cat <<EOF
{
"account": {
"account": "$test1_provider_addr"
}
}
EOF
)

meshd q wasm state smart $vault "$account_query" --node $node2

account_query=$(cat <<EOF
{
"account_details": {
"account": "$test1_provider_addr"
}
}
EOF
)

meshd q wasm state smart $vault "$account_query" --node $node2
Loading

0 comments on commit 901403c

Please sign in to comment.