optimism icon indicating copy to clipboard operation
optimism copied to clipboard

Published 20 hours ago verified publisher icon ethereum-optimism

L2Geth: Block synchronization requires importing leaked private key

Open wjmelements opened this issue 3 years ago • 5 comments

Ask

Your nodes should not require users to import a leaked private key into their keychain

Context (Resolved)

When syncing from L1 it seems to get stuck.

I am on commit 907ef2ee21db7f1e7ef438095ece1537178f7559 trying to follow the sync from L1 steps in the docs. I have attempted the setup three times on two different machines. I setup the DTL and the l2geth.

Current DTL:

$ curl -s http://localhost:7878/eth/syncing?backend=l1
{"syncing":true,"highestKnownTransactionIndex":17499838,"currentTransactionIndex":434044}

l2geth output, to the point it gets stuck:

INFO [08-03|13:56:02.860] Maximum peer count                       ETH=50 LES=0 total=50
INFO [08-03|13:56:02.860] Smartcard socket not found, disabling    err="stat /run/pcscd/pcscd.comm: no such file or directory"
INFO [08-03|13:56:02.861] Starting peer-to-peer node               instance=Geth/v1.9.10-stable/linux-amd64/go1.19
INFO [08-03|13:56:02.861] Allocated trie memory caches             clean=8.00GiB dirty=0.00B
INFO [08-03|13:56:02.861] Allocated cache and file handles         database=/shared_ebs/optimism_data/geth/chaindata cache=8.00GiB handles=262144
INFO [08-03|13:56:03.004] Opened ancient database                  database=/shared_ebs/optimism_data/geth/chaindata/ancient
INFO [08-03|13:56:03.007] Initialised chain configuration          config="{ChainID: 10 Homestead: 0 DAO: <nil> DAOSupport: false EIP150: 0 EIP155: 0 EIP158: 0 Byzantium: 0 Constantinople: 0 Petersburg: 0 Istanbul: 0, Muir Glacier: 0, Berlin: 3950000, Engine: clique}"
INFO [08-03|13:56:03.008] Initialising Ethereum protocol           versions="[64 63]" network=10 dbversion=7
INFO [08-03|13:56:03.012] Loaded most recent local header          number=0 hash=c02471�~@�726846 td=1 age=53y4mo1w
INFO [08-03|13:56:03.012] Loaded most recent local full block      number=0 hash=c02471�~@�726846 td=1 age=53y4mo1w
INFO [08-03|13:56:03.012] Loaded most recent local fast block      number=0 hash=c02471�~@�726846 td=1 age=53y4mo1w
INFO [08-03|13:56:03.013] Loaded local transaction journal         transactions=0 dropped=0
INFO [08-03|13:56:03.013] Regenerated local transaction journal    transactions=0 accounts=0
INFO [08-03|13:56:03.013] Running in verifier mode                 sync-backend=l1
INFO [08-03|13:56:03.013] Configured rollup client                 url=http://localhost:7878 chain-id=10 ctc-deploy-height=13596466
INFO [08-03|13:56:03.126] Connected to upstream service
INFO [08-03|13:56:03.126] Initializing initial OVM Context         ctc-deploy-height=13596466
INFO [08-03|13:56:03.141] Found latest queue index                 queue-index=9422
INFO [08-03|13:56:03.141] Hit genesis block when fixing queue index
INFO [08-03|13:56:03.141] Initialized Latest L1 Info               blocknumber=13596466 timestamp=1636654670
INFO [08-03|13:56:03.141] Initial Rollup State                     state=0x8cd430ffda5fc66b3b87c1de38a08f26d9e568cc6afee1759ac528e2db6436b1 index=<nil> queue-index=9422 verified-index=<nil>
INFO [08-03|13:56:03.256] Allocated fast sync bloom                size=8.00GiB
INFO [08-03|13:56:03.260] Backend Config                           max-calldata-size=40000 gas-limit=15000000 is-verifier=true using-ovm=true
INFO [08-03|13:56:03.310] New local node record                    seq=6 id=2e8f41a2ddd81e38 ip=127.0.0.1 udp=0 tcp=30010
INFO [08-03|13:56:03.310] Started P2P networking                   self="enode://d16ca5c58f1d5f3a56af71b407d880f94b6ac8d0ffaf47e8470e562777ffb8b31602e706658fc1ff0bd6e71cdda6642b04318657bfd360fedd1d75f7bf9c4931@127.0.0.1:30010?discport=0"
INFO [08-03|13:56:03.313] IPC endpoint opened                      url=/shared_ebs/optimism_data/geth.ipc
INFO [08-03|13:56:03.314] HTTP endpoint opened                     url=http://0.0.0.0:8610                cors=* vhosts=*
INFO [08-03|13:56:03.316] WebSocket endpoint opened                url=ws://[::]:8611
INFO [08-03|13:56:05.707] Unlocked account                         address=0x81E17523ad50960b0B4c98969E20cD5115b68735
INFO [08-03|13:56:05.708] Transaction pool price threshold updated price=0
INFO [08-03|13:56:05.708] Transaction pool price threshold updated price=0
INFO [08-03|13:56:05.708] Initializing Sync Service
INFO [08-03|13:56:05.710] Set L2 Gas Price                         gasprice=1
INFO [08-03|13:56:05.710] Set L1 Gas Price                         gasprice=1
INFO [08-03|13:56:05.710] Set batch overhead                       overhead=2750
INFO [08-03|13:56:05.711] Set scalar                               scalar=1.5
INFO [08-03|13:56:05.711] Starting Verifier Loop                   poll-interval=1s timestamp-refresh-threshold=5m0s
INFO [08-03|13:56:06.176] Syncing transaction batch range          start=0 end=2560
INFO [08-03|13:56:06.248] New block                                index=0     l1-timestamp=1636665399 l1-blocknumber=13597253 tx-hash=0x5e77a04531c7c107af1882d76cbff9486d0a9aa53701c30888509d4f5f2b003a queue-orign=sequencer gas=202813 fees=2.02813e-13 elapsed=42.689ms
WARN [08-03|13:56:06.248] Block sealing failed                     err="unauthorized signer"
INFO [08-03|13:56:11.256] Initializing fast sync bloom             items=1193683 errorrate=0.000 elapsed=8.000s
INFO [08-03|13:56:19.273] Initializing fast sync bloom             items=2201729 errorrate=0.000 elapsed=16.016s
INFO [08-03|13:56:27.273] Initializing fast sync bloom             items=3586677 errorrate=0.000 elapsed=24.016s
INFO [08-03|13:56:30.796] Initialized fast sync bloom              items=4883104 errorrate=0.000 elapsed=27.540s

wjmelements avatar Aug 03 '22 21:08 wjmelements

Based on the logs I believe the most likely cause is

WARN [08-03|13:56:06.248] Block sealing failed                     err="unauthorized signer"

which may be related to the docs saying

Create the geth account. The private key needs to be the one specified in the configuration, otherwise the consensus algorithm fails and the node does not synchronize.

Indeed I am using the account and private key that I specified in the configuration but I am not using the one for 0x00000398232E2064F896018496b4b44b3D62751F. I will see if I am indeed supposed to use your "private" key. If that is truly the fix, yall should either incorporate this key into the repo or remove the check, depending on the actual reason you made this necessary. Your protocol should not require users to import a leaked private key into their keychain. But I will see if this the fix

wjmelements avatar Aug 03 '22 21:08 wjmelements

I will see if I am indeed supposed to use your "private" key

Indeed the fix is to keep 0x00000398232E2064F896018496b4b44b3D62751F from the example configuration

wjmelements avatar Aug 03 '22 21:08 wjmelements

Your protocol should not require users to import a leaked private key into their keychain

Unfortunately due to the way that the current system was built, the same key must be used for the clique signer to get deterministic block hashes. This is a huge face palm and will be fixed when we migrate to the new bedrock architecture.

An improvement would be to hardcode the key into the l2geth codebase and just use it at runtime

tynes avatar Aug 04 '22 18:08 tynes

Marking "wontfix" since this will not be addressed until Bedrock makes the issue obsolete. Like @tynes stated, we import a specific known private key to get deterministic block hashes. Does not impact user security.

smartcontracts avatar Aug 15 '22 21:08 smartcontracts

Kvvlbı

aslanbayramov avatar Dec 15 '22 23:12 aslanbayramov