[tests] Test that nodes respond to getdata with notfound

If a node has not announced a tx at all, then it should respond to getdata messages for that tx with notfound, to avoid leaking tx origination privacy.
2018-09-15 20:01:20 -04:00 · 2018-09-15 20:01:20 -04:00 · fa78a2fc67
commit fa78a2fc67
parent 2b88f67e0b
4 changed files with 109 additions and 1 deletions
--- a/test/functional/p2p_leak_tx.py
+++ b/test/functional/p2p_leak_tx.py
@ -0,0 +1,57 @@
+#!/usr/bin/env python3
+# Copyright (c) 2017-2018 The Bitcoin Core developers
+# Distributed under the MIT software license, see the accompanying
+# file COPYING or http://www.opensource.org/licenses/mit-license.php.
+"""Test that we don't leak txs to inbound peers that we haven't yet announced to"""
+
+from test_framework.messages import msg_getdata, CInv
+from test_framework.mininode import P2PDataStore
+from test_framework.test_framework import BitcoinTestFramework
+from test_framework.util import (
+    assert_equal,
+)
+
+
+class P2PNode(P2PDataStore):
+    def on_inv(self, msg):
+        pass
+
+
+class P2PLeakTxTest(BitcoinTestFramework):
+    def set_test_params(self):
+        self.num_nodes = 1
+
+    def skip_test_if_missing_module(self):
+        self.skip_if_no_wallet()
+
+    def run_test(self):
+        gen_node = self.nodes[0]  # The block and tx generating node
+        gen_node.generate(1)
+
+        inbound_peer = self.nodes[0].add_p2p_connection(P2PNode())  # An "attacking" inbound peer
+
+        MAX_REPEATS = 100
+        self.log.info("Running test up to {} times.".format(MAX_REPEATS))
+        for i in range(MAX_REPEATS):
+            self.log.info('Run repeat {}'.format(i + 1))
+            txid = gen_node.sendtoaddress(gen_node.getnewaddress(), 0.01)
+
+            want_tx = msg_getdata()
+            want_tx.inv.append(CInv(t=1, h=int(txid, 16)))
+            inbound_peer.last_message.pop('notfound', None)
+            inbound_peer.send_message(want_tx)
+            inbound_peer.sync_with_ping()
+
+            if inbound_peer.last_message.get('notfound'):
+                self.log.debug('tx {} was not yet announced to us.'.format(txid))
+                self.log.debug("node has responded with a notfound message. End test.")
+                assert_equal(inbound_peer.last_message['notfound'].vec[0].hash, int(txid, 16))
+                inbound_peer.last_message.pop('notfound')
+                break
+            else:
+                self.log.debug('tx {} was already announced to us. Try test again.'.format(txid))
+                assert int(txid, 16) in [inv.hash for inv in inbound_peer.last_message['inv'].inv]
+
+
+if __name__ == '__main__':
+    P2PLeakTxTest().main()
--- a/test/functional/test_framework/messages.py
+++ b/test/functional/test_framework/messages.py
@ -1232,6 +1232,23 @@ class msg_mempool:
        return "msg_mempool()"


+class msg_notfound:
+    __slots__ = ("vec", )
+    command = b"notfound"
+
+    def __init__(self, vec=None):
+        self.vec = vec or []
+
+    def deserialize(self, f):
+        self.vec = deser_vector(f, CInv)
+
+    def serialize(self):
+        return ser_vector(self.vec)
+
+    def __repr__(self):
+        return "msg_notfound(vec=%s)" % (repr(self.vec))
+
+
 class msg_sendheaders:
    __slots__ = ()
    command = b"sendheaders"
--- a/test/functional/test_framework/mininode.py
+++ b/test/functional/test_framework/mininode.py
@ -21,7 +21,38 @@ import struct
 import sys
 import threading

-from test_framework.messages import CBlockHeader, MIN_VERSION_SUPPORTED, msg_addr, msg_block, MSG_BLOCK, msg_blocktxn, msg_cmpctblock, msg_feefilter, msg_getaddr, msg_getblocks, msg_getblocktxn, msg_getdata, msg_getheaders, msg_headers, msg_inv, msg_mempool, msg_ping, msg_pong, msg_reject, msg_sendcmpct, msg_sendheaders, msg_tx, MSG_TX, MSG_TYPE_MASK, msg_verack, msg_version, NODE_NETWORK, NODE_WITNESS, sha256
+from test_framework.messages import (
+    CBlockHeader,
+    MIN_VERSION_SUPPORTED,
+    msg_addr,
+    msg_block,
+    MSG_BLOCK,
+    msg_blocktxn,
+    msg_cmpctblock,
+    msg_feefilter,
+    msg_getaddr,
+    msg_getblocks,
+    msg_getblocktxn,
+    msg_getdata,
+    msg_getheaders,
+    msg_headers,
+    msg_inv,
+    msg_mempool,
+    msg_notfound,
+    msg_ping,
+    msg_pong,
+    msg_reject,
+    msg_sendcmpct,
+    msg_sendheaders,
+    msg_tx,
+    MSG_TX,
+    MSG_TYPE_MASK,
+    msg_verack,
+    msg_version,
+    NODE_NETWORK,
+    NODE_WITNESS,
+    sha256,
+)
 from test_framework.util import wait_until

 logger = logging.getLogger("TestFramework.mininode")
@ -40,6 +71,7 @@ MESSAGEMAP = {
    b"headers": msg_headers,
    b"inv": msg_inv,
    b"mempool": msg_mempool,
+    b"notfound": msg_notfound,
    b"ping": msg_ping,
    b"pong": msg_pong,
    b"reject": msg_reject,
@ -295,6 +327,7 @@ class P2PInterface(P2PConnection):
    def on_getheaders(self, message): pass
    def on_headers(self, message): pass
    def on_mempool(self, message): pass
+    def on_notfound(self, message): pass
    def on_pong(self, message): pass
    def on_reject(self, message): pass
    def on_sendcmpct(self, message): pass
--- a/test/functional/test_runner.py
+++ b/test/functional/test_runner.py
@ -152,6 +152,7 @@ BASE_SCRIPTS = [
    'feature_versionbits_warning.py',
    'rpc_preciousblock.py',
    'wallet_importprunedfunds.py',
+    'p2p_leak_tx.py',
    'rpc_signmessage.py',
    'feature_nulldummy.py',
    'mempool_accept.py',