Merge pull request #1231 from SatpalSandhu61/consensysengineering-privacy-support-using-precompile-v3

Privacy Precompile: enables private transactions with extended obfuscated fields

Author: nmvalera

accounts/abi/bind/backend.go

@@ -84,6 +84,9 @@ type ContractTransactor interface {
 	SendTransaction(ctx context.Context, tx *types.Transaction, args PrivateTxArgs) error
 	// PreparePrivateTransaction send the private transaction to Tessera/Constellation's /storeraw API using HTTP
 	PreparePrivateTransaction(data []byte, privateFrom string) (common.EncryptedPayloadHash, error)
+	// DistributeTransaction distributes the private transaction payload to its private recipients, and sends the
+	// private transaction to the nodes PTM, returning a PTM hash for the Private Marker Transaction
+	DistributeTransaction(ctx context.Context, tx *types.Transaction, args PrivateTxArgs) (string, error)
 }
 
 // ContractFilterer defines the methods needed to access log events using one-off

accounts/abi/bind/backends/simulated.go

@@ -602,6 +602,10 @@ func (b *SimulatedBackend) PreparePrivateTransaction(data []byte, privateFrom st
 	return common.EncryptedPayloadHash{}, nil
 }
 
+func (b *SimulatedBackend) DistributeTransaction(ctx context.Context, tx *types.Transaction, args bind.PrivateTxArgs) (string, error) {
+	return tx.Hash().String(), nil
+}
+
 // FilterLogs executes a log filter operation, blocking during execution and
 // returning all the results in one batch.
 //

accounts/abi/bind/base.go

@@ -63,8 +63,9 @@ type TransactOpts struct {
 	Context context.Context // Network context to support cancellation and timeouts (nil = no timeout)
 
 	// Quorum
-	PrivateFrom string   // The public key of the Tessera/Constellation identity to send this tx from.
-	PrivateFor  []string // The public keys of the Tessera/Constellation identities this tx is intended for.
+	PrivateFrom              string   // The public key of the Tessera/Constellation identity to send this tx from.
+	PrivateFor               []string // The public keys of the Tessera/Constellation identities this tx is intended for.
+	IsUsingPrivacyPrecompile bool
 }
 
 // FilterOpts is the collection of options to fine tune filtering for events
@@ -276,6 +277,11 @@ func (c *BoundContract) transact(opts *TransactOpts, contract *common.Address, i
 		}
 		payload = hash.Bytes()
 		rawTx = c.createPrivateTransaction(rawTx, payload)
+
+		if opts.IsUsingPrivacyPrecompile {
+			rawTx, _ = c.createMarkerTx(opts, rawTx, PrivateTxArgs{PrivateFor: opts.PrivateFor})
+			opts.PrivateFor = nil
+		}
 	}
 
 	// Choose signer to sign transaction
@@ -424,6 +430,25 @@ func (c *BoundContract) createPrivateTransaction(tx *types.Transaction, payload
 	return privateTx
 }
 
+// (Quorum) createMarkerTx creates a new public privacy marker transaction for the given private tx, distributing tx to the specified privateFor recipients
+func (c *BoundContract) createMarkerTx(opts *TransactOpts, tx *types.Transaction, args PrivateTxArgs) (*types.Transaction, error) {
+	// Choose signer to sign transaction
+	if opts.Signer == nil {
+		return nil, errors.New("no signer to authorize the transaction with")
+	}
+	signedTx, err := opts.Signer(types.QuorumPrivateTxSigner{}, opts.From, tx)
+	if err != nil {
+		return nil, err
+	}
+
+	hash, err := c.transactor.DistributeTransaction(ensureContext(opts.Context), signedTx, args)
+	if err != nil {
+		return nil, err
+	}
+
+	return types.NewTransaction(signedTx.Nonce(), common.QuorumPrivacyPrecompileContractAddress(), tx.Value(), tx.Gas(), tx.GasPrice(), common.FromHex(hash)), nil
+}
+
 // ensureContext is a helper method to ensure a context is not nil, even if the
 // user specified it as such.
 func ensureContext(ctx context.Context) context.Context {

accounts/abi/bind/bind_quorum_test.go

@@ -0,0 +1,231 @@
+package bind
+
+import (
+	"context"
+	"math/big"
+	"testing"
+
+	"github.com/ethereum/go-ethereum"
+	"github.com/ethereum/go-ethereum/accounts/abi"
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/ethereum/go-ethereum/core/types"
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/stretchr/testify/require"
+)
+
+var (
+	tmPrivatePayloadHash common.EncryptedPayloadHash
+	tmPrivateTxHash      common.EncryptedPayloadHash
+)
+
+func init() {
+	payloadHash := crypto.Keccak512([]byte("encrypted-private-payload"))
+	privateTxHash := crypto.Keccak512([]byte("encrypted-private-tx"))
+	for i := 0; i < 64; i++ {
+		tmPrivatePayloadHash[i] = payloadHash[i]
+		tmPrivateTxHash[i] = privateTxHash[i]
+	}
+}
+
+func TestBoundContract_Transact_ContractCreation_PrivateTransaction(t *testing.T) {
+	transactor := &mockTransactor{}
+
+	c := NewBoundContract(common.Address{}, abi.ABI{}, nil, transactor, nil)
+
+	senderNonce := 1
+
+	opts := &TransactOpts{
+		Nonce:      big.NewInt(int64(senderNonce)),
+		PrivateFor: []string{"tm1"},
+
+		// arbitrary values to skip the logic we're not testing
+		GasPrice: big.NewInt(0),
+		GasLimit: uint64(1),
+		Signer:   passthroughSigner,
+	}
+
+	tx, err := c.transact(opts, nil, nil)
+
+	wantNonce := uint64(senderNonce)
+	wantTo := (*common.Address)(nil)
+	wantData := tmPrivatePayloadHash.Bytes()
+
+	require.NoError(t, err)
+	require.NotNil(t, tx)
+	require.Equal(t, wantNonce, tx.Nonce())
+	require.Equal(t, wantTo, tx.To())
+	require.Equal(t, wantData, tx.Data())
+	require.True(t, tx.IsPrivate())
+}
+
+func TestBoundContract_Transact_ContractCreation_PrivacyPrecompile(t *testing.T) {
+	transactor := &mockTransactor{}
+
+	c := NewBoundContract(common.Address{}, abi.ABI{}, nil, transactor, nil)
+
+	senderNonce := 1
+
+	opts := &TransactOpts{
+		Nonce:                    big.NewInt(int64(senderNonce)),
+		PrivateFor:               []string{"tm1"},
+		IsUsingPrivacyPrecompile: true,
+
+		// arbitrary values to skip the logic we're not testing
+		GasPrice: big.NewInt(0),
+		GasLimit: uint64(1),
+		Signer:   passthroughSigner,
+	}
+
+	pmt, err := c.transact(opts, nil, nil)
+
+	require.NoError(t, err)
+	require.NotNil(t, pmt)
+
+	// verify the private marker transaction
+	wantPMTNonce := uint64(senderNonce)
+	wantPMTTo := common.QuorumPrivacyPrecompileContractAddress()
+	wantPMTData := tmPrivateTxHash.Bytes()
+
+	require.Equal(t, wantPMTNonce, pmt.Nonce())
+	require.Equal(t, &wantPMTTo, pmt.To())
+	require.Equal(t, wantPMTData, pmt.Data())
+	require.False(t, pmt.IsPrivate())
+
+	// verify the captured internal private transaction
+	pvtTx := transactor.capturedInternalPrivateTransaction
+	pvtTxArgs := transactor.capturedInternalPrivateTransactionArgs
+
+	wantPvtTxNonce := uint64(senderNonce)
+	wantPvtTxTo := (*common.Address)(nil)
+	wantPvtTxData := tmPrivatePayloadHash.Bytes()
+
+	require.NotNil(t, pvtTx)
+	require.Equal(t, wantPvtTxNonce, pvtTx.Nonce())
+	require.Equal(t, wantPvtTxTo, pvtTx.To())
+	require.Equal(t, wantPvtTxData, pvtTx.Data())
+	require.True(t, pvtTx.IsPrivate())
+
+	require.Equal(t, []string{"tm1"}, pvtTxArgs.PrivateFor)
+}
+
+func TestBoundContract_Transact_Transaction_PrivateTransaction(t *testing.T) {
+	transactor := &mockTransactor{}
+
+	contractAddr := common.HexToAddress("0x1932c48b2bf8102ba33b4a6b545c32236e342f34")
+	c := NewBoundContract(contractAddr, abi.ABI{}, nil, transactor, nil)
+
+	senderNonce := 1
+
+	opts := &TransactOpts{
+		Nonce:      big.NewInt(int64(senderNonce)),
+		PrivateFor: []string{"tm1"},
+
+		// arbitrary values to skip the logic we're not testing
+		GasPrice: big.NewInt(0),
+		GasLimit: uint64(1),
+		Signer:   passthroughSigner,
+	}
+
+	tx, err := c.transact(opts, &contractAddr, nil)
+
+	wantNonce := uint64(senderNonce)
+	wantTo := &contractAddr
+	wantData := tmPrivatePayloadHash.Bytes()
+
+	require.NoError(t, err)
+	require.NotNil(t, tx)
+	require.Equal(t, wantNonce, tx.Nonce())
+	require.Equal(t, wantTo, tx.To())
+	require.Equal(t, wantData, tx.Data())
+	require.True(t, tx.IsPrivate())
+}
+
+func TestBoundContract_Transact_Transaction_PrivacyPrecompile(t *testing.T) {
+	transactor := &mockTransactor{}
+
+	contractAddr := common.HexToAddress("0x1932c48b2bf8102ba33b4a6b545c32236e342f34")
+	c := NewBoundContract(contractAddr, abi.ABI{}, nil, transactor, nil)
+
+	senderNonce := 1
+
+	opts := &TransactOpts{
+		Nonce:                    big.NewInt(int64(senderNonce)),
+		PrivateFor:               []string{"tm1"},
+		IsUsingPrivacyPrecompile: true,
+
+		// arbitrary values to skip the logic we're not testing
+		GasPrice: big.NewInt(0),
+		GasLimit: uint64(1),
+		Signer:   passthroughSigner,
+	}
+
+	pmt, err := c.transact(opts, &contractAddr, nil)
+
+	require.NoError(t, err)
+	require.NotNil(t, pmt)
+
+	// verify the private marker transaction
+	wantPMTNonce := uint64(senderNonce)
+	wantPMTTo := common.QuorumPrivacyPrecompileContractAddress()
+	wantPMTData := tmPrivateTxHash.Bytes()
+
+	require.Equal(t, wantPMTNonce, pmt.Nonce())
+	require.Equal(t, &wantPMTTo, pmt.To())
+	require.Equal(t, wantPMTData, pmt.Data())
+	require.False(t, pmt.IsPrivate())
+
+	// verify the captured internal private transaction
+	pvtTx := transactor.capturedInternalPrivateTransaction
+	pvtTxArgs := transactor.capturedInternalPrivateTransactionArgs
+
+	wantPvtTxNonce := uint64(senderNonce)
+	wantPvtTxTo := &contractAddr
+	wantPvtTxData := tmPrivatePayloadHash.Bytes()
+
+	require.NotNil(t, pvtTx)
+	require.Equal(t, wantPvtTxNonce, pvtTx.Nonce())
+	require.Equal(t, wantPvtTxTo, pvtTx.To())
+	require.Equal(t, wantPvtTxData, pvtTx.Data())
+	require.True(t, pvtTx.IsPrivate())
+
+	require.Equal(t, []string{"tm1"}, pvtTxArgs.PrivateFor)
+}
+
+func passthroughSigner(_ types.Signer, _ common.Address, tx *types.Transaction) (*types.Transaction, error) {
+	return tx, nil
+}
+
+type mockTransactor struct {
+	capturedInternalPrivateTransaction     *types.Transaction
+	capturedInternalPrivateTransactionArgs PrivateTxArgs
+}
+
+func (s *mockTransactor) PreparePrivateTransaction(_ []byte, _ string) (common.EncryptedPayloadHash, error) {
+	return tmPrivatePayloadHash, nil
+}
+
+func (s *mockTransactor) DistributeTransaction(_ context.Context, tx *types.Transaction, args PrivateTxArgs) (string, error) {
+	s.capturedInternalPrivateTransaction = tx
+	s.capturedInternalPrivateTransactionArgs = args
+	return tmPrivateTxHash.Hex(), nil
+}
+
+func (s *mockTransactor) SendTransaction(_ context.Context, _ *types.Transaction, _ PrivateTxArgs) error {
+	return nil
+}
+
+func (s *mockTransactor) PendingCodeAt(_ context.Context, _ common.Address) ([]byte, error) {
+	panic("implement me")
+}
+
+func (s *mockTransactor) PendingNonceAt(_ context.Context, _ common.Address) (uint64, error) {
+	panic("implement me")
+}
+
+func (s *mockTransactor) SuggestGasPrice(_ context.Context) (*big.Int, error) {
+	panic("implement me")
+}
+
+func (s *mockTransactor) EstimateGas(_ context.Context, _ ethereum.CallMsg) (gas uint64, err error) {
+	panic("implement me")
+}

cmd/geth/config.go

@@ -171,6 +171,11 @@ func checkWhisper(ctx *cli.Context) {
 func makeFullNode(ctx *cli.Context) (*node.Node, ethapi.Backend) {
 	stack, cfg := makeConfigNode(ctx)
 
+	//Must occur before registering the extension service, as it needs an initialised PTM to be enabled
+	if err := quorumInitialisePrivacy(ctx); err != nil {
+		utils.Fatalf("Error initialising Private Transaction Manager: %s", err.Error())
+	}
+
 	// Quorum - returning `ethService` too for the Raft and extension service
 	backend, ethService := utils.RegisterEthService(stack, &cfg.Eth)
 

cmd/geth/main.go

@@ -182,6 +182,7 @@ var (
 		utils.EVMCallTimeOutFlag,
 		utils.MultitenancyFlag,
 		utils.RevertReasonFlag,
+		utils.QuorumEnablePrivacyMarker,
 		utils.QuorumPTMUnixSocketFlag,
 		utils.QuorumPTMUrlFlag,
 		utils.QuorumPTMTimeoutFlag,

cmd/geth/retesteth.go

@@ -527,6 +527,7 @@ func (api *RetestethAPI) mineBlock() error {
 					statedb, pvtstdb,
 					header, tx, &header.GasUsed, *api.blockchain.GetVMConfig(),
 					false,
+					nil,
 				)
 				if err != nil {
 					statedb.RevertToSnapshot(snap)

cmd/geth/usage.go

@@ -260,6 +260,7 @@ var AppHelpFlagGroups = []flags.FlagGroup{
 			utils.MultitenancyFlag,
 			utils.RevertReasonFlag,
 			utils.PrivateCacheTrieJournalFlag,
+			utils.QuorumEnablePrivacyMarker,
 		},
 	},
 	{

cmd/utils/flags.go

@@ -866,6 +866,11 @@ var (
 		Value: eth.DefaultConfig.PrivateTrieCleanCacheJournal,
 	}
 
+	QuorumEnablePrivacyMarker = cli.BoolFlag{
+		Name:  "privacymarker.enable",
+		Usage: "Enable use of privacy marker transactions (PMT) for this node.",
+	}
+
 	// Quorum Private Transaction Manager connection options
 	QuorumPTMUnixSocketFlag = DirectoryFlag{
 		Name:  "ptm.socket",
@@ -1710,6 +1715,8 @@ func setQuorumConfig(ctx *cli.Context, cfg *eth.Config) error {
 	cfg.EVMCallTimeOut = time.Duration(ctx.GlobalInt(EVMCallTimeOutFlag.Name)) * time.Second
 	cfg.EnableMultitenancy = ctx.GlobalBool(MultitenancyFlag.Name)
 	cfg.SaveRevertReason = ctx.GlobalBool(RevertReasonFlag.Name)
+	cfg.QuorumPrivacyMarkerTransactionsEnabled = ctx.GlobalBool(QuorumEnablePrivacyMarker.Name)
+
 	setIstanbul(ctx, cfg)
 	setRaft(ctx, cfg)
 	if ctx.GlobalIsSet(PrivateCacheTrieJournalFlag.Name) {