use fork id to filter out non matching peers (hyperledger#4459)

* use fork id to filter out non matching peers

Signed-off-by: Stefan <stefan.pingel@consensys.net>

acceptance-tests/dsl/src/main/java/org/hyperledger/besu/tests/acceptance/dsl/node/ThreadBesuNodeRunner.java

@@ -220,7 +220,6 @@ public void startNode(final BesuNode node) {
         .besuPluginContext(new BesuPluginContextImpl())
         .autoLogBloomCaching(false)
         .storageProvider(storageProvider)
-        .forkIdSupplier(() -> besuController.getProtocolManager().getForkIdAsBytesList())
         .rpcEndpointService(new RpcEndpointServiceImpl());
     node.engineRpcConfiguration().ifPresent(runnerBuilder::engineJsonRpcConfiguration);
 

besu/src/main/java/org/hyperledger/besu/RunnerBuilder.java

@@ -133,7 +133,6 @@
 import java.util.Optional;
 import java.util.Set;
 import java.util.concurrent.ConcurrentHashMap;
-import java.util.function.Supplier;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -191,9 +190,9 @@ public class RunnerBuilder {
   private boolean autoLogBloomCaching = true;
   private boolean randomPeerPriority;
   private StorageProvider storageProvider;
-  private Supplier<List<Bytes>> forkIdSupplier;
   private RpcEndpointServiceImpl rpcEndpointServiceImpl;
   private JsonRpcIpcConfiguration jsonRpcIpcConfiguration;
+  private boolean legacyForkIdEnabled;
 
   public RunnerBuilder vertx(final Vertx vertx) {
     this.vertx = vertx;
@@ -388,11 +387,6 @@ public RunnerBuilder storageProvider(final StorageProvider storageProvider) {
     return this;
   }
 
-  public RunnerBuilder forkIdSupplier(final Supplier<List<Bytes>> forkIdSupplier) {
-    this.forkIdSupplier = forkIdSupplier;
-    return this;
-  }
-
   public RunnerBuilder rpcEndpointService(final RpcEndpointServiceImpl rpcEndpointService) {
     this.rpcEndpointServiceImpl = rpcEndpointService;
     return this;
@@ -424,6 +418,8 @@ public Runner build() {
       discoveryConfiguration.setDnsDiscoveryURL(ethNetworkConfig.getDnsDiscoveryUrl());
       discoveryConfiguration.setDiscoveryV5Enabled(
           networkingConfiguration.getDiscovery().isDiscoveryV5Enabled());
+      discoveryConfiguration.setFilterOnEnrForkId(
+          networkingConfiguration.getDiscovery().isFilterOnEnrForkIdEnabled());
     } else {
       discoveryConfiguration.setActive(false);
     }
@@ -487,14 +483,16 @@ public Runner build() {
                 .vertx(vertx)
                 .nodeKey(nodeKey)
                 .config(networkingConfiguration)
+                .legacyForkIdEnabled(legacyForkIdEnabled)
                 .peerPermissions(peerPermissions)
                 .metricsSystem(metricsSystem)
                 .supportedCapabilities(caps)
                 .natService(natService)
                 .randomPeerPriority(randomPeerPriority)
                 .storageProvider(storageProvider)
-                .forkIdSupplier(forkIdSupplier)
                 .p2pTLSConfiguration(p2pTLSConfiguration)
+                .blockchain(context.getBlockchain())
+                .forks(besuController.getGenesisConfigOptions().getForks())
                 .build();
 
     final NetworkRunner networkRunner =
@@ -663,7 +661,7 @@ public Runner build() {
               dataDir,
               rpcEndpointServiceImpl);
 
-      Optional<AuthenticationService> authToUse =
+      final Optional<AuthenticationService> authToUse =
           engineJsonRpcConfiguration.get().isAuthenticationEnabled()
               ? Optional.of(
                   new EngineAuthService(
@@ -673,7 +671,7 @@ public Runner build() {
                       dataDir))
               : Optional.empty();
 
-      WebSocketConfiguration engineSocketConfig =
+      final WebSocketConfiguration engineSocketConfig =
           webSocketConfiguration.isEnabled()
               ? webSocketConfiguration
               : WebSocketConfiguration.createEngineDefault();
@@ -784,7 +782,8 @@ public Runner build() {
       createPrivateTransactionObserver(subscriptionManager, privacyParameters);
     }
 
-    Optional<MetricsService> metricsService = createMetricsService(vertx, metricsConfiguration);
+    final Optional<MetricsService> metricsService =
+        createMetricsService(vertx, metricsConfiguration);
 
     final Optional<EthStatsService> ethStatsService;
     if (!Strings.isNullOrEmpty(ethstatsUrl)) {
@@ -807,7 +806,7 @@ public Runner build() {
 
     final Optional<JsonRpcIpcService> jsonRpcIpcService;
     if (jsonRpcIpcConfiguration.isEnabled()) {
-      Map<String, JsonRpcMethod> ipcMethods =
+      final Map<String, JsonRpcMethod> ipcMethods =
           jsonRpcMethods(
               protocolSchedule,
               context,
@@ -1023,9 +1022,10 @@ private Map<String, JsonRpcMethod> jsonRpcMethods(
                 consensusEngineServer);
     methods.putAll(besuController.getAdditionalJsonRpcMethods(jsonRpcApis));
 
-    var pluginMethods = rpcEndpointServiceImpl.getPluginMethods(jsonRpcConfiguration.getRpcApis());
+    final var pluginMethods =
+        rpcEndpointServiceImpl.getPluginMethods(jsonRpcConfiguration.getRpcApis());
 
-    var overriddenMethods =
+    final var overriddenMethods =
         methods.keySet().stream().filter(pluginMethods::containsKey).collect(Collectors.toList());
     if (overriddenMethods.size() > 0) {
       throw new RuntimeException("You can not override built in methods " + overriddenMethods);
@@ -1176,4 +1176,9 @@ public RunnerBuilder minPeers(final int minPeers) {
     this.minPeers = minPeers;
     return this;
   }
+
+  public RunnerBuilder legacyForkId(final boolean legacyEth64ForkIdEnabled) {
+    this.legacyForkIdEnabled = legacyEth64ForkIdEnabled;
+    return this;
+  }
 }

besu/src/main/java/org/hyperledger/besu/cli/BesuCommand.java

@@ -1425,7 +1425,7 @@ public void run() {
 
       besuPluginContext.beforeExternalServices();
 
-      var runner = buildRunner();
+      final var runner = buildRunner();
       runner.startExternalServices();
 
       startPlugins();
@@ -1469,7 +1469,7 @@ private void addSubCommands(final InputStream in) {
     final String generateCompletionSubcommandName = "generate-completion";
     commandLine.addSubcommand(
         generateCompletionSubcommandName, AutoComplete.GenerateCompletion.class);
-    CommandLine generateCompletionSubcommand =
+    final CommandLine generateCompletionSubcommand =
         commandLine.getSubcommands().get(generateCompletionSubcommandName);
     generateCompletionSubcommand.getCommandSpec().usageMessage().hidden(true);
   }
@@ -1849,7 +1849,7 @@ private void ensureValidPeerBoundParams() {
   }
 
   public void validateRpcOptionsParams() {
-    Predicate<String> configuredApis =
+    final Predicate<String> configuredApis =
         apiName ->
             Arrays.stream(RpcApis.values())
                     .anyMatch(builtInApi -> apiName.equals(builtInApi.name()))
@@ -2176,7 +2176,7 @@ private GraphQLConfiguration graphQLConfiguration() {
 
   private JsonRpcConfiguration createEngineJsonRpcConfiguration(
       final Integer listenPort, final List<String> allowCallsFrom) {
-    JsonRpcConfiguration engineConfig =
+    final JsonRpcConfiguration engineConfig =
         jsonRpcConfiguration(listenPort, Arrays.asList("ENGINE", "ETH"), allowCallsFrom);
     engineConfig.setEnabled(isEngineApiEnabled());
     if (!engineRPCOptionGroup.isEngineAuthDisabled) {
@@ -2344,14 +2344,14 @@ private Optional<TlsConfiguration> rpcHttpTlsConfiguration() {
               + ")");
     }
 
-    for (String cipherSuite : jsonRPCHttpOptionGroup.rpcHttpTlsCipherSuites) {
-      if (!getJDKEnabledCypherSuites().contains(cipherSuite)) {
+    for (final String cipherSuite : jsonRPCHttpOptionGroup.rpcHttpTlsCipherSuites) {
+      if (!getJDKEnabledCipherSuites().contains(cipherSuite)) {
         throw new ParameterException(
             commandLine, "Invalid TLS cipher suite specified " + cipherSuite);
       }
     }
 
-    jsonRPCHttpOptionGroup.rpcHttpTlsCipherSuites.retainAll(getJDKEnabledCypherSuites());
+    jsonRPCHttpOptionGroup.rpcHttpTlsCipherSuites.retainAll(getJDKEnabledCipherSuites());
 
     return Optional.of(
         TlsConfiguration.Builder.aTlsConfiguration()
@@ -2864,6 +2864,7 @@ private Runner synchronize(
                     .getValue())
             .randomPeerPriority(p2PDiscoveryOptionGroup.randomPeerPriority)
             .networkingConfiguration(unstableNetworkingOptions.toDomainObject())
+            .legacyForkId(unstableEthProtocolOptions.toDomainObject().isLegacyEth64ForkIdEnabled())
             .graphQLConfiguration(graphQLConfiguration)
             .jsonRpcConfiguration(jsonRpcConfiguration)
             .engineJsonRpcConfiguration(engineJsonRpcConfiguration)
@@ -2883,7 +2884,6 @@ private Runner synchronize(
             .ethstatsUrl(ethstatsOptions.getEthstatsUrl())
             .ethstatsContact(ethstatsOptions.getEthstatsContact())
             .storageProvider(keyValueStorageProvider(keyValueStorageName))
-            .forkIdSupplier(() -> besuController.getProtocolManager().getForkIdAsBytesList())
             .rpcEndpointService(rpcEndpointServiceImpl)
             .build();
 
@@ -3013,7 +3013,7 @@ private static String genesisConfig(final NetworkName networkName) {
     try (final InputStream genesisFileInputStream =
         EthNetworkConfig.class.getResourceAsStream(networkName.getGenesisFile())) {
       return new String(genesisFileInputStream.readAllBytes(), UTF_8);
-    } catch (IOException | NullPointerException e) {
+    } catch (final IOException | NullPointerException e) {
       throw new IllegalStateException(e);
     }
   }
@@ -3300,24 +3300,24 @@ private boolean isEngineApiEnabled() {
     return engineRPCOptionGroup.overrideEngineRpcEnabled || isMergeEnabled();
   }
 
-  public static List<String> getJDKEnabledCypherSuites() {
+  public static List<String> getJDKEnabledCipherSuites() {
     try {
-      SSLContext context = SSLContext.getInstance("TLS");
+      final SSLContext context = SSLContext.getInstance("TLS");
       context.init(null, null, null);
-      SSLEngine engine = context.createSSLEngine();
+      final SSLEngine engine = context.createSSLEngine();
       return Arrays.asList(engine.getEnabledCipherSuites());
-    } catch (KeyManagementException | NoSuchAlgorithmException e) {
+    } catch (final KeyManagementException | NoSuchAlgorithmException e) {
       throw new RuntimeException(e);
     }
   }
 
   public static List<String> getJDKEnabledProtocols() {
     try {
-      SSLContext context = SSLContext.getInstance("TLS");
+      final SSLContext context = SSLContext.getInstance("TLS");
       context.init(null, null, null);
-      SSLEngine engine = context.createSSLEngine();
+      final SSLEngine engine = context.createSSLEngine();
       return Arrays.asList(engine.getEnabledProtocols());
-    } catch (KeyManagementException | NoSuchAlgorithmException e) {
+    } catch (final KeyManagementException | NoSuchAlgorithmException e) {
       throw new RuntimeException(e);
     }
   }

besu/src/main/java/org/hyperledger/besu/cli/options/unstable/NetworkingOptions.java

@@ -33,6 +33,7 @@ public class NetworkingOptions implements CLIOptions<NetworkingConfiguration> {
   private final String DNS_DISCOVERY_SERVER_OVERRIDE_FLAG = "--Xp2p-dns-discovery-server";
   private final String DISCOVERY_PROTOCOL_V5_ENABLED = "--Xv5-discovery-enabled";
   private final String P2P_PEER_LOWER_BOUND_FLAG = "--Xp2p-peer-lower-bound";
+  public static final String FILTER_ON_ENR_FORK_ID = "--Xfilter-on-enr-fork-id";
 
   @CommandLine.Option(
       names = INITIATE_CONNECTIONS_FREQUENCY_FLAG,
@@ -68,6 +69,13 @@ public class NetworkingOptions implements CLIOptions<NetworkingConfiguration> {
       description = "Whether to enable P2P Discovery Protocol v5 (default: ${DEFAULT-VALUE})")
   private final Boolean isPeerDiscoveryV5Enabled = false;
 
+  @CommandLine.Option(
+      names = FILTER_ON_ENR_FORK_ID,
+      hidden = true,
+      defaultValue = "false",
+      description = "Whether to enable filtering of peers based on the ENR field ForkId)")
+  private final Boolean filterOnEnrForkId = false;
+
   @CommandLine.Option(
       hidden = true,
       names = {P2P_PEER_LOWER_BOUND_FLAG},
@@ -99,6 +107,7 @@ public NetworkingConfiguration toDomainObject() {
     config.setInitiateConnectionsFrequency(initiateConnectionsFrequencySec);
     config.setDnsDiscoveryServerOverride(dnsDiscoveryServerOverride);
     config.getDiscovery().setDiscoveryV5Enabled(isPeerDiscoveryV5Enabled);
+    config.getDiscovery().setFilterOnEnrForkId(filterOnEnrForkId);
     config.getRlpx().setPeerLowerBound(peerLowerBound);
     return config;
   }