From f78fadb5d9c062b8b1496eb7ddc0cbd1f9adfb3f Mon Sep 17 00:00:00 2001 From: Vitaly Drogan Date: Tue, 29 Oct 2024 16:30:32 +0100 Subject: [PATCH] README, validate fix --- README.md | 69 +++++++++++++++--------------------------- cmd/httpserver/main.go | 8 ++--- proxy/api.go | 24 +++++++-------- proxy/api_validate.go | 4 +-- proxy/proxy.go | 4 ++- proxy/proxy_test.go | 7 ++++- proxy/sharing.go | 34 ++++++++++++++++++--- 7 files changed, 81 insertions(+), 69 deletions(-) diff --git a/README.md b/README.md index c8e4553..9caaccc 100644 --- a/README.md +++ b/README.md @@ -13,20 +13,21 @@ make build ## Run -`./build/orderflow-proxy` - -This Will +Orderflow proxy will: * generate SSL certificate +* generate orderflow signer * create 2 input servers serving TLS with that certificate (user-listen-addr, network-listen-addr) * create 1 local http server serving /cert (cert-listen-addr) * create metrics server (metrict-addr) -* proxy requests from (user and network listen addresses to the builder-endpoint) +* proxy requests to local builder (from user and network/users listen addresses to the builder-endpoint) +* proxy user request to other builders in the network +* archive user requests by sending them to archive endpoint Flags for the orderflow proxy ``` -./build/orderflow-proxy -h +./build/orderflow-proxy -h NAME: orderflow-proxy - Serve API, and metrics @@ -37,44 +38,22 @@ COMMANDS: help, h Shows a list of commands or help for one command GLOBAL OPTIONS: - --users-listen-addr value address to listen on for orderflow proxy API for external users and local operator (default: "127.0.0.1:443") - --network-listen-addr value address to listen on for orderflow proxy API for other network participants (default: "127.0.0.1:5544") - --cert-listen-addr value address to listen on for orderflow proxy serving its SSL certificate on /cert (default: "127.0.0.1:14727") - --builder-endpoint value address to send local ordeflow to (default: "127.0.0.1:8645") - --cert-duration value generated certificate duration (default: 8760h0m0s) - --cert-hosts value [ --cert-hosts value ] generated certificate hosts (default: "127.0.0.1", "localhost") - --metrics-addr value address to listen on for Prometheus metrics (metrics are served on $metrics-addr/metrics) (default: "127.0.0.1:8090") - --log-json log in JSON format (default: false) - --log-debug log debug messages (default: false) - --log-uid generate a uuid and add to all log messages (default: false) - --log-service value add 'service' tag to logs (default: "your-project") - --pprof enable pprof debug endpoint (pprof is served on $metrics-addr/debug/pprof/*) (default: false) - --help, -h show help -``` - - -## curl TLS example - -1. Run orderflow proxy - -```bash -make build -./build/orderflow-proxy --users-listen-addr 127.0.0.1:6789 --network-listen-addr 127.0.0.1:6799 --cert-listen-addr 127.0.0.1:6889 --builder-endpoint http://127.0.0.1:8769 -``` - -2. Extract self signed certificate -```bash -# using cert port -curl http://127.0.0.1:6889/cert > cacert.pem - - -# or using curl -# -k will tell curl to ignore the fact that cert is self signed -curl -w %{certs} -k https://127.0.0.1:6789 > cacert.pem - - -``` -3. Make call using this certificate -```bash -curl https://127.0.0.1:6789 --cacert cacert.pem + --users-listen-addr value address to listen on for orderflow proxy API for external users and local operator (default: "127.0.0.1:443") + --network-listen-addr value address to listen on for orderflow proxy API for other network participants (default: "127.0.0.1:5544") + --cert-listen-addr value address to listen on for orderflow proxy serving its SSL certificate on /cert (default: "127.0.0.1:14727") + --builder-endpoint value address to send local ordeflow to (default: "http://127.0.0.1:8645") + --rpc-endpoint value address of the node RPC that supports eth_blockNumber (default: "http://127.0.0.1:8545") + --builder-confighub-endpoint value address of the builder config hub enpoint (directly or throught the cvm-proxy) (default: "http://127.0.0.1:14892") + --orderflow-archive-endpoint value address of the ordreflow archive endpoint (block-processor) (default: "http://127.0.0.1:14893") + --builder-name value name of this builder (same as in confighub) (default: "test-builder") + --flashbots-orderflow-signer-address value ordreflow from Flashbots will be signed with this address (default: "0x5015Fa72E34f75A9eC64f44a4Fcf0837919D1bB7") + --cert-duration value generated certificate duration (default: 8760h0m0s) + --cert-hosts value [ --cert-hosts value ] generated certificate hosts (default: "127.0.0.1", "localhost") + --metrics-addr value address to listen on for Prometheus metrics (metrics are served on $metrics-addr/metrics) (default: "127.0.0.1:8090") + --log-json log in JSON format (default: false) + --log-debug log debug messages (default: false) + --log-uid generate a uuid and add to all log messages (default: false) + --log-service value add 'service' tag to logs (default: "your-project") + --pprof enable pprof debug endpoint (pprof is served on $metrics-addr/debug/pprof/*) (default: false) + --help, -h show help ``` diff --git a/cmd/httpserver/main.go b/cmd/httpserver/main.go index 35c382a..f967806 100644 --- a/cmd/httpserver/main.go +++ b/cmd/httpserver/main.go @@ -36,22 +36,22 @@ var flags []cli.Flag = []cli.Flag{ }, &cli.StringFlag{ Name: "builder-endpoint", - Value: "127.0.0.1:8645", + Value: "http://127.0.0.1:8645", Usage: "address to send local ordeflow to", }, &cli.StringFlag{ Name: "rpc-endpoint", - Value: "127.0.0.1:8545", + Value: "http://127.0.0.1:8545", Usage: "address of the node RPC that supports eth_blockNumber", }, &cli.StringFlag{ Name: "builder-confighub-endpoint", - Value: "127.0.0.1:14892", + Value: "http://127.0.0.1:14892", Usage: "address of the builder config hub enpoint (directly or throught the cvm-proxy)", }, &cli.StringFlag{ Name: "orderflow-archive-endpoint", - Value: "127.0.0.1:14893", + Value: "http://127.0.0.1:14893", Usage: "address of the ordreflow archive endpoint (block-processor)", }, &cli.StringFlag{ diff --git a/proxy/api.go b/proxy/api.go index 64fc180..55e983d 100644 --- a/proxy/api.go +++ b/proxy/api.go @@ -83,6 +83,10 @@ func (prx *NewProxy) IsValidPublicSigner(address common.Address) bool { } func (prx *NewProxy) EthSendBundle(ctx context.Context, ethSendBundle rpctypes.EthSendBundleArgs, publicEndpoint bool) error { + err := ValidateEthSendBundle(ðSendBundle, publicEndpoint) + if err != nil { + return err + } signer := rpcserver.GetSigner(ctx) if publicEndpoint { if !prx.IsValidPublicSigner(signer) { @@ -91,10 +95,6 @@ func (prx *NewProxy) EthSendBundle(ctx context.Context, ethSendBundle rpctypes.E } else { ethSendBundle.SigningAddress = &signer } - err := ValidateEthSendBundle(ðSendBundle, publicEndpoint) - if err != nil { - return err - } parsedRequest := ParsedRequest{ publicEndpoint: publicEndpoint, signer: signer, @@ -114,6 +114,10 @@ func (prx *NewProxy) EthSendBundleLocal(ctx context.Context, ethSendBundle rpcty func (prx *NewProxy) MevSendBundle(ctx context.Context, mevSendBundle rpctypes.MevSendBundleArgs, publicEndpoint bool) error { // TODO: make sure that cancellations are handled + err := ValidateMevSendBundle(&mevSendBundle, publicEndpoint) + if err != nil { + return err + } signer := rpcserver.GetSigner(ctx) if publicEndpoint { if !prx.IsValidPublicSigner(signer) { @@ -122,10 +126,6 @@ func (prx *NewProxy) MevSendBundle(ctx context.Context, mevSendBundle rpctypes.M } else { mevSendBundle.Metadata.Signer = &signer } - err := ValidateMevSendBundle(&mevSendBundle, publicEndpoint) - if err != nil { - return err - } parsedRequest := ParsedRequest{ publicEndpoint: publicEndpoint, signer: signer, @@ -144,6 +144,10 @@ func (prx *NewProxy) MevSendBundleLocal(ctx context.Context, mevSendBundle rpcty } func (prx *NewProxy) EthCancelBundle(ctx context.Context, ethCancelBundle rpctypes.EthCancelBundleArgs, publicEndpoint bool) error { + err := ValidateEthCancelBundle(ðCancelBundle, publicEndpoint) + if err != nil { + return err + } signer := rpcserver.GetSigner(ctx) if publicEndpoint { if !prx.IsValidPublicSigner(signer) { @@ -152,10 +156,6 @@ func (prx *NewProxy) EthCancelBundle(ctx context.Context, ethCancelBundle rpctyp } else { ethCancelBundle.SigningAddress = &signer } - err := ValidateEthCancelBundle(ðCancelBundle, publicEndpoint) - if err != nil { - return err - } parsedRequest := ParsedRequest{ publicEndpoint: publicEndpoint, signer: signer, diff --git a/proxy/api_validate.go b/proxy/api_validate.go index 9f37b91..4120314 100644 --- a/proxy/api_validate.go +++ b/proxy/api_validate.go @@ -18,7 +18,7 @@ var ( ) func ValidateEthSendBundle(args *rpctypes.EthSendBundleArgs, publicEndpoint bool) error { - if publicEndpoint { + if !publicEndpoint { if args.SigningAddress != nil { return errSigningAddress } @@ -46,7 +46,7 @@ func ValidateEthSendBundle(args *rpctypes.EthSendBundleArgs, publicEndpoint bool } func ValidateEthCancelBundle(args *rpctypes.EthCancelBundleArgs, publicEndpoint bool) error { - if publicEndpoint { + if !publicEndpoint { if args.SigningAddress != nil { return errSigningAddress } diff --git a/proxy/proxy.go b/proxy/proxy.go index 28baf25..bdf101b 100644 --- a/proxy/proxy.go +++ b/proxy/proxy.go @@ -97,7 +97,9 @@ func NewNewProxy(config NewProxyConfig) (*NewProxy, error) { prx.CertHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.Header().Add("Content-Type", "application/octet-stream") _, err := w.Write([]byte(prx.PublicCertPEM)) - prx.Log.Warn("Failed to serve certificate", slog.Any("error", err)) + if err != nil { + prx.Log.Warn("Failed to serve certificate", slog.Any("error", err)) + } }) shareQeueuCh := make(chan *ParsedRequest) diff --git a/proxy/proxy_test.go b/proxy/proxy_test.go index 41d9670..8972b63 100644 --- a/proxy/proxy_test.go +++ b/proxy/proxy_test.go @@ -246,16 +246,19 @@ func TestProxyBundleRequestWithPeerUpdate(t *testing.T) { require.NoError(t, err) proxiesUpdatePeers(t) - _, err = client.Call(context.Background(), EthSendBundleMethod, &rpctypes.EthSendBundleArgs{ + resp, err := client.Call(context.Background(), EthSendBundleMethod, &rpctypes.EthSendBundleArgs{ BlockNumber: 1000, }) require.NoError(t, err) + require.Nil(t, resp.Error) builderRequest := expectRequest(t, proxies[0].localBuilderRequests) require.Equal(t, expectedRequest, builderRequest.body) expectNoRequest(t, proxies[1].localBuilderRequests) expectNoRequest(t, proxies[2].localBuilderRequests) + slog.Info("Adding first peer") + // add one more peer err = proxies[1].proxy.RegisterSecrets() require.NoError(t, err) @@ -273,6 +276,8 @@ func TestProxyBundleRequestWithPeerUpdate(t *testing.T) { expectNoRequest(t, proxies[2].localBuilderRequests) // add another peer + slog.Info("Adding second peer") + err = proxies[2].proxy.RegisterSecrets() require.NoError(t, err) proxiesUpdatePeers(t) diff --git a/proxy/sharing.go b/proxy/sharing.go index af663d4..e2814d9 100644 --- a/proxy/sharing.go +++ b/proxy/sharing.go @@ -35,7 +35,7 @@ func (sq *ShareQueue) Run() { for { select { case req, more := <-sq.queue: - sq.log.Info("Received req", slog.String("name", sq.name)) + sq.log.Debug("Received request", slog.String("name", sq.name), slog.String("method", req.method)) if !more { return } @@ -81,6 +81,7 @@ func (sq *ShareQueue) Run() { } func (sq *ShareQueue) proxyRequests(ch chan *ParsedRequest, client rpcclient.RPCClient, name string) { + logger := sq.log.With(slog.String("target", name), slog.String("name", sq.name)) for { req, more := <-ch if !more { @@ -88,10 +89,35 @@ func (sq *ShareQueue) proxyRequests(ch chan *ParsedRequest, client rpcclient.RPC } ctx, cancel := context.WithTimeout(context.Background(), requestTimeout) defer cancel() + var ( + method string + data any + ) if req.ethSendBundle != nil { - // log - _, _ = client.Call(ctx, EthSendBundleMethod, req.ethSendBundle) + method = EthSendBundleMethod + data = req.ethSendBundle + } else if req.mevSendBundle != nil { + method = MevSendBundleMethod + data = req.mevSendBundle + } else if req.ethCancelBundle != nil { + method = EthCancelBundleMethod + data = req.ethCancelBundle + } else if req.ethSendRawTransaction != nil { + method = EthSendRawTransactionMethod + data = req.ethSendRawTransaction + } else if req.bidSubsidiseBlock != nil { + continue + } else { + logger.Error("Unknown request type", slog.String("name", sq.name)) + continue } - sq.log.Debug("Message proxied", slog.String("target", name), slog.String("name", sq.name)) + resp, err := client.Call(ctx, method, data) + if err != nil { + logger.Warn("Error while proxying request", slog.Any("error", err)) + } + if resp != nil && resp.Error != nil { + logger.Warn("Error returned form target while proxying", slog.Any("error", resp.Error)) + } + logger.Debug("Message proxied") } }