diem_logger/
security.rs

1// Copyright (c) The Diem Core Contributors
2// SPDX-License-Identifier: Apache-2.0
3
4// Copyright 2021 Conflux Foundation. All rights reserved.
5// Conflux is free software and distributed under GNU General Public License.
6// See http://www.gnu.org/licenses/
7
8//!
9//! The security module gathers security-related logs:
10//! logs to detect malicious behavior from other validators.
11//!
12//! TODO: This likely belongs outside of the logging crate
13//!
14//! ```
15//! use diem_logger::{error, SecurityEvent};
16//!
17//! error!(
18//!     SecurityEvent::InvalidRetrievedBlock,
19//!     "some_key" = "some data",
20//! );
21//! ```
22
23use crate::{Key, Schema, Value, Visitor};
24use serde::{Deserialize, Serialize};
25
26#[derive(Clone, Copy, Debug, Serialize, Deserialize)]
27#[serde(rename_all = "snake_case")]
28pub enum SecurityEvent {
29    //
30    // Mempool
31    /// Mempool received a transaction from another peer with an invalid
32    /// signature
33    InvalidTransactionMempool,
34
35    /// Mempool received an invalid network event
36    InvalidNetworkEventMempool,
37
38    // Consensus
39    // ---------
40    /// Consensus received an invalid message (not well-formed, invalid vote
41    /// data or incorrect signature)
42    ConsensusInvalidMessage,
43
44    /// Consensus received an equivocating vote
45    ConsensusEquivocatingVote,
46
47    /// Consensus received an invalid proposal
48    InvalidConsensusProposal,
49
50    /// Consensus received an invalid new round message
51    InvalidConsensusRound,
52
53    /// Consensus received an invalid sync info message
54    InvalidSyncInfoMsg,
55
56    /// A received block is invalid
57    InvalidRetrievedBlock,
58
59    /// A block being committed or executed is invalid
60    InvalidBlock,
61
62    // State-Sync
63    // ----------
64    /// Invalid chunk of transactions received
65    StateSyncInvalidChunk,
66
67    // Health Checker
68    // --------------
69    /// HealthChecker received an invalid network event
70    InvalidNetworkEventHC,
71
72    /// HealthChecker received an invalid message
73    InvalidHealthCheckerMsg,
74
75    // Network
76    // -------
77    /// Network received an invalid message from a remote peer
78    InvalidNetworkEvent,
79
80    /// A failed noise handshake that's either a clear bug or indicates some
81    /// security issue.
82    NoiseHandshake,
83}
84
85impl Schema for SecurityEvent {
86    fn visit(&self, visitor: &mut dyn Visitor) {
87        visitor.visit_pair(Key::new("security-event"), Value::from_serde(self))
88    }
89}