Line data    Source code

       1             : // Copyright (c) 2019-2025 The Dash Core developers
       2             : // Distributed under the MIT software license, see the accompanying
       3             : // file COPYING or http://www.opensource.org/licenses/mit-license.php.
       4             : 
       5             : #ifndef BITCOIN_EVO_MNAUTH_H
       6             : #define BITCOIN_EVO_MNAUTH_H
       7             : 
       8             : #include <bls/bls.h>
       9             : #include <msg_result.h>
      10             : 
      11             : #include <protocol.h>
      12             : #include <serialize.h>
      13             : #include <uint256.h>
      14             : 
      15             : #include <string_view>
      16             : 
      17             : class CActiveMasternodeManager;
      18             : class CBlockIndex;
      19             : class CConnman;
      20             : class CDataStream;
      21             : class CDeterministicMNList;
      22             : class CDeterministicMNListDiff;
      23             : class CMasternodeMetaMan;
      24             : class CMasternodeSync;
      25             : class CNode;
      26             : 
      27             : enum ServiceFlags : uint64_t;
      28             : 
      29             : /**
      30             :  * This class handles the p2p message MNAUTH. MNAUTH is sent directly after VERACK and authenticates the sender as a
      31             :  * masternode. It is only sent when the sender is actually a masternode.
      32             :  *
      33             :  * MNAUTH signs a challenge that was previously sent via VERSION. The challenge is signed differently depending on
      34             :  * the connection being an inbound or outbound connection, which avoids MITM of this form:
      35             :  *   node1 <- Eve -> node2
      36             :  * while still allowing:
      37             :  *   node1 -> Eve -> node2
      38             :  *
      39             :  * This is fine as we only use this mechanism for DoS protection. It allows us to keep masternode connections open for
      40             :  * a very long time without evicting the connections when inbound connection limits are hit (non-MNs will then be evicted).
      41             :  *
      42             :  * If we ever want to add transfer of sensitive data, THIS AUTHENTICATION MECHANISM IS NOT ENOUGH!! We'd need to implement
      43             :  * proper encryption for these connections first.
      44             :  */
      45             : 
      46             : class CMNAuth
      47             : {
      48             : public:
      49             :     uint256 proRegTxHash;
      50             :     CBLSSignature sig;
      51             : 
      52       26526 :     SERIALIZE_METHODS(CMNAuth, obj)
      53             :     {
      54        8842 :         READWRITE(obj.proRegTxHash, obj.sig);
      55        8842 :     }
      56             : 
      57             :     static void PushMNAUTH(CNode& peer, CConnman& connman, const CActiveMasternodeManager& mn_activeman);
      58             : 
      59             :     /**
      60             :      * @pre CMasternodeMetaMan's database must be successfully loaded before
      61             :      *      attempting to call this function regardless of sync state
      62             :      */
      63             :     [[nodiscard]] static MessageProcessingResult ProcessMessage(CNode& peer, ServiceFlags node_services, CConnman& connman, CMasternodeMetaMan& mn_metaman,
      64             :                                                                 const CActiveMasternodeManager* const mn_activeman, const CMasternodeSync& mn_sync,
      65             :                                                                 const CDeterministicMNList& tip_mn_list, std::string_view msg_type, CDataStream& vRecv);
      66             :     static void NotifyMasternodeListChanged(bool undo, const CDeterministicMNList& oldMNList, const CDeterministicMNListDiff& diff, CConnman& connman);
      67             : };
      68             : 
      69             : 
      70             : #endif // BITCOIN_EVO_MNAUTH_H