Line data    Source code

       1             : // Copyright (c) 2019-2020 The Dash Core developers
       2             : // Copyright (c) 2021 The PIVX Core developers
       3             : // Distributed under the MIT software license, see the accompanying
       4             : // file COPYING or https://www.opensource.org/licenses/mit-license.php.
       5             : 
       6             : #ifndef PIVX_EVO_MNAUTH_H
       7             : #define PIVX_EVO_MNAUTH_H
       8             : 
       9             : #include "bls/bls_wrapper.h"
      10             : #include "serialize.h"
      11             : 
      12             : class CConnman;
      13             : class CDataStream;
      14             : class CDeterministicMNList;
      15             : class CDeterministicMNListDiff;
      16             : class CNode;
      17             : class CValidationState;
      18             : 
      19             : /**
      20             :  * This class handles the p2p message MNAUTH. MNAUTH is sent directly after VERACK and authenticates the sender as a
      21             :  * masternode. It is only sent when the sender is actually a masternode.
      22             :  *
      23             :  * MNAUTH signs a challenge that was previously sent via VERSION. The challenge is signed differently depending on
      24             :  * the connection being an inbound or outbound connection, which avoids MITM of this form:
      25             :  *   node1 <- Eve -> node2
      26             :  * while still allowing:
      27             :  *   node1 -> Eve -> node2
      28             :  *
      29             :  * This is fine as we only use this mechanism for DoS protection. It allows us to keep masternode connections open for
      30             :  * a very long time without evicting the connections when inbound connection limits are hit (non-MNs will then be evicted).
      31             :  *
      32             :  * If we ever want to add transfer of sensitive data, THIS AUTHENTICATION MECHANISM IS NOT ENOUGH!! We'd need to implement
      33             :  * proper encryption for these connections first.
      34             :  */
      35             : 
      36             : class CMNAuth
      37             : {
      38             : public:
      39             :     uint256 proRegTxHash;
      40             :     CBLSSignature sig;
      41         159 :     SERIALIZE_METHODS(CMNAuth, obj) {
      42         318 :         READWRITE(obj.proRegTxHash, obj.sig);
      43             :     }
      44             : 
      45             :     static void PushMNAUTH(CNode* pnode, CConnman& connman);
      46             :     static bool ProcessMessage(CNode* pnode, const std::string& strCommand, CDataStream& vRecv, CConnman& connman, CValidationState& state);
      47             :     static void NotifyMasternodeListChanged(bool undo, const CDeterministicMNList& oldMNList, const CDeterministicMNListDiff& diff);
      48             : };
      49             : 
      50             : 
      51             : #endif // PIVX_EVO_MNAUTH_H