diff --git a/cmd/receiver-proxy/main.go b/cmd/receiver-proxy/main.go index 83db67a..50a6c6f 100644 --- a/cmd/receiver-proxy/main.go +++ b/cmd/receiver-proxy/main.go @@ -239,6 +239,13 @@ func runMain(cCtx *cli.Context) error { } }() + err = instance.RegisterSecrets(registerContext) + registerCancel() + if err != nil { + log.Error("Failed to publish secrets", "err", err) + return err + } + userListenAddr := cCtx.String(flagUserListenAddr) systemListenAddr := cCtx.String(flagSystemListenAddr) diff --git a/proxy/confighub.go b/proxy/confighub.go index 23ee195..f97eccf 100644 --- a/proxy/confighub.go +++ b/proxy/confighub.go @@ -14,7 +14,7 @@ import ( ) type ConfighubOrderflowProxyCredentials struct { - TLSCert string `json:"tls_cert"` // for backward compatibility + TLSCert string `json:"tls_cert,omitempty"` // for backward compatibility EcdsaPubkeyAddress common.Address `json:"ecdsa_pubkey_address"` } diff --git a/proxy/receiver_proxy.go b/proxy/receiver_proxy.go index bfdc929..6f69ef0 100644 --- a/proxy/receiver_proxy.go +++ b/proxy/receiver_proxy.go @@ -1,6 +1,7 @@ package proxy import ( + "context" "log/slog" "net/http" "sync" @@ -216,3 +217,34 @@ func (prx *ReceiverProxy) RequestNewPeers() error { func (prx *ReceiverProxy) FlushArchiveQueue() { prx.archiveFlushQueue <- struct{}{} } + +func (prx *ReceiverProxy) RegisterSecrets(ctx context.Context) error { + const maxRetries = 10 + const timeBetweenRetries = time.Second * 10 + + retry := 0 + for { + if ctx.Err() != nil { + return ctx.Err() + } + err := prx.ConfigHub.RegisterCredentials(ctx, ConfighubOrderflowProxyCredentials{ + TLSCert: "", + EcdsaPubkeyAddress: prx.OrderflowSigner.Address(), + }) + if err == nil { + prx.Log.Info("Credentials registered on config hub") + return nil + } + + retry += 1 + if retry >= maxRetries { + return err + } + prx.Log.Error("Fail to register credentials", slog.Any("error", err)) + select { + case <-ctx.Done(): + return ctx.Err() + case <-time.After(timeBetweenRetries): + } + } +} diff --git a/proxy/receiver_proxy_test.go b/proxy/receiver_proxy_test.go index 377a218..d213ba9 100644 --- a/proxy/receiver_proxy_test.go +++ b/proxy/receiver_proxy_test.go @@ -44,24 +44,34 @@ var ( flashbotsSigner *signature.Signer ) -func testAddBuilderhubPeer(proxyIndex int) { +func testAddBuilderhubPeer(t *testing.T, proxyIndex int) { + t.Helper() proxy := proxies[proxyIndex] + // first we ask proxy to register its own credentials on the builderhub (its will register signign key address) + err := proxy.proxy.RegisterSecrets(context.Background()) + if err != nil { + t.Fatal("Failed to register secret", err) + } + + // next we add instance data for a valid TLS certificate ip := proxy.ip name := proxy.proxy.Name - req := ConfighubOrderflowProxyCredentials{ - EcdsaPubkeyAddress: proxy.proxy.OrderflowSigner.Address(), + index := -1 + for i, peer := range builderHubPeers { + if peer.Name == name && peer.IP == ip { + index = i + break + } + } + if index == -1 { + t.Fatal("Peer is not properly registered on the builerhub") } - builderHubPeers = append(builderHubPeers, ConfighubBuilder{ - Name: name, - DNSName: ip, - OrderflowProxy: req, - Instance: ConfighubInstanceData{ - TLSCert: string(proxy.PublicCertPEM), - }, - }) + builderHubPeers[index].Instance = ConfighubInstanceData{ + TLSCert: string(proxy.PublicCertPEM), + } } func ServeHTTPRequestToChan(channel chan *RequestData) *httptest.Server { @@ -168,7 +178,32 @@ func TestMain(m *testing.M) { archiveServerRequests = make(chan *RequestData) builderHub = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == "/api/l1-builder/v1/builders" { + body, _ := io.ReadAll(r.Body) + + if r.URL.Path == "/api/l1-builder/v1/register_credentials/orderflow_proxy" { + var req ConfighubOrderflowProxyCredentials + err := json.Unmarshal(body, &req) + if err != nil { + w.WriteHeader(http.StatusBadRequest) + _, _ = w.Write([]byte(err.Error())) + } + var ( + ip string + name string + ) + for _, proxy := range proxies { + if proxy.proxy.OrderflowSigner.Address() == req.EcdsaPubkeyAddress { + ip = proxy.ip + name = proxy.proxy.Name + break + } + } + builderHubPeers = append(builderHubPeers, ConfighubBuilder{ + Name: name, + IP: ip, + OrderflowProxy: req, + }) + } else if r.URL.Path == "/api/l1-builder/v1/builders" { res, err := json.Marshal(builderHubPeers) if err != nil { panic(err) @@ -294,7 +329,7 @@ func TestProxyBundleRequestWithPeerUpdate(t *testing.T) { // we start with no peers builderHubPeers = nil - testAddBuilderhubPeer(0) + testAddBuilderhubPeer(t, 0) proxiesUpdatePeers(t) blockNumber := hexutil.Uint64(1000) @@ -312,7 +347,7 @@ func TestProxyBundleRequestWithPeerUpdate(t *testing.T) { slog.Info("Adding first peer") // add one more peer - testAddBuilderhubPeer(1) + testAddBuilderhubPeer(t, 1) proxiesUpdatePeers(t) blockNumber = hexutil.Uint64(1001) @@ -331,7 +366,7 @@ func TestProxyBundleRequestWithPeerUpdate(t *testing.T) { // add another peer slog.Info("Adding second peer") - testAddBuilderhubPeer(2) + testAddBuilderhubPeer(t, 2) proxiesUpdatePeers(t) blockNumber = hexutil.Uint64(1002) @@ -375,7 +410,7 @@ func TestProxySendToArchive(t *testing.T) { // we start with no peers builderHubPeers = nil - testAddBuilderhubPeer(0) + testAddBuilderhubPeer(t, 0) proxiesUpdatePeers(t) apiNow = func() time.Time { @@ -458,7 +493,7 @@ func TestProxyShareBundleReplacementUUIDAndCancellation(t *testing.T) { // we start with no peers builderHubPeers = nil - testAddBuilderhubPeer(0) + testAddBuilderhubPeer(t, 0) proxiesUpdatePeers(t) // first call @@ -538,7 +573,7 @@ func TestProxyBidSubsidiseBlockCall(t *testing.T) { // we add all proxies to the list of peers builderHubPeers = nil for i := range proxies { - testAddBuilderhubPeer(i) + testAddBuilderhubPeer(t, i) } proxiesUpdatePeers(t) @@ -564,7 +599,7 @@ func TestValidateLocalBundles(t *testing.T) { // we start with no peers builderHubPeers = nil - testAddBuilderhubPeer(0) + testAddBuilderhubPeer(t, 0) proxiesUpdatePeers(t) apiNow = func() time.Time {