refactor(all): remove term whitelist and blacklist (#1994)

This commit is contained in:
Daniel Liu 2026-02-10 19:39:21 +08:00 committed by GitHub
parent 85f2bebfd1
commit 50210d90e3
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
27 changed files with 172 additions and 171 deletions

View file

@ -61,8 +61,8 @@ var (
utils.IdentityFlag, utils.IdentityFlag,
utils.UnlockedAccountFlag, utils.UnlockedAccountFlag,
utils.PasswordFileFlag, utils.PasswordFileFlag,
utils.PeersWhitelistFlag, utils.PeersAllowlistFlag,
utils.PeersBlacklistFlag, utils.PeersDenylistFlag,
utils.BootnodesFlag, utils.BootnodesFlag,
utils.BootnodesV4Flag, utils.BootnodesV4Flag,
utils.BootnodesV5Flag, utils.BootnodesV5Flag,

View file

@ -157,7 +157,7 @@ func checkEthstats(client *sshClient, network string) (*ethstatsInfos, error) {
if port != 80 && port != 443 { if port != 80 && port != 443 {
config += fmt.Sprintf(":%d", port) config += fmt.Sprintf(":%d", port)
} }
// Retrieve the IP blacklist // Retrieve the IP denylist
banned := strings.Split(infos.envvars["BANNED"], ",") banned := strings.Split(infos.envvars["BANNED"], ",")
// Run a sanity check to see if the port is reachable // Run a sanity check to see if the port is reachable

View file

@ -63,20 +63,20 @@ func (w *wizard) deployEthstats() {
fmt.Printf("What should be the secret password for the API? (default = %s)\n", infos.secret) fmt.Printf("What should be the secret password for the API? (default = %s)\n", infos.secret)
infos.secret = w.readDefaultString(infos.secret) infos.secret = w.readDefaultString(infos.secret)
} }
// Gather any blacklists to ban from reporting // Gather any denylist to ban from reporting
if existed { if existed {
fmt.Println() fmt.Println()
fmt.Printf("Keep existing IP %v blacklist (y/n)? (default = yes)\n", infos.banned) fmt.Printf("Keep existing IP %v denylist (y/n)? (default = yes)\n", infos.banned)
if w.readDefaultString("y") != "y" { if w.readDefaultString("y") != "y" {
// The user might want to clear the entire list, although generally probably not // The user might want to clear the entire list, although generally probably not
fmt.Println() fmt.Println()
fmt.Printf("Clear out blacklist and start over (y/n)? (default = no)\n") fmt.Printf("Clear out denylist and start over (y/n)? (default = no)\n")
if w.readDefaultString("n") != "n" { if w.readDefaultString("n") != "n" {
infos.banned = nil infos.banned = nil
} }
// Offer the user to explicitly add/remove certain IP addresses // Offer the user to explicitly add/remove certain IP addresses
fmt.Println() fmt.Println()
fmt.Println("Which additional IP addresses should be blacklisted?") fmt.Println("Which additional IP addresses should be denylisted?")
for { for {
if ip := w.readIPAddress(); ip != "" { if ip := w.readIPAddress(); ip != "" {
infos.banned = append(infos.banned, ip) infos.banned = append(infos.banned, ip)
@ -85,7 +85,7 @@ func (w *wizard) deployEthstats() {
break break
} }
fmt.Println() fmt.Println()
fmt.Println("Which IP addresses should not be blacklisted?") fmt.Println("Which IP addresses should not be denylisted?")
for { for {
if ip := w.readIPAddress(); ip != "" { if ip := w.readIPAddress(); ip != "" {
for i, addr := range infos.banned { for i, addr := range infos.banned {

View file

@ -629,15 +629,15 @@ var (
Value: 30303, Value: 30303,
Category: flags.NetworkingCategory, Category: flags.NetworkingCategory,
} }
PeersWhitelistFlag = &cli.StringFlag{ PeersAllowlistFlag = &cli.StringFlag{
Name: "peers-whitelist", Name: "peers-allowlist",
Usage: "Comma separated NodeID or enode URLs for peer whitelist (only connect to them)", Usage: "Comma separated NodeID or enode URLs for peer allowlist (only connect to them)",
Value: "", Value: "",
Category: flags.NetworkingCategory, Category: flags.NetworkingCategory,
} }
PeersBlacklistFlag = &cli.StringFlag{ PeersDenylistFlag = &cli.StringFlag{
Name: "peers-blacklist", Name: "peers-denylist",
Usage: "Comma separated NodeID or enode URLs for peer blacklist (will not connect to them)", Usage: "Comma separated NodeID or enode URLs for peer denylist (will not connect to them)",
Value: "", Value: "",
Category: flags.NetworkingCategory, Category: flags.NetworkingCategory,
} }
@ -918,66 +918,66 @@ func setNodeUserIdent(ctx *cli.Context, cfg *node.Config) {
} }
} }
func setWhiteBlackListPeers(ctx *cli.Context, cfg *p2p.Config) { func setAllowlistAndDenylistForPeers(ctx *cli.Context, cfg *p2p.Config) {
flags.CheckExclusive(ctx, PeersWhitelistFlag, PeersBlacklistFlag) flags.CheckExclusive(ctx, PeersAllowlistFlag, PeersDenylistFlag)
// setup whitelist for peers // setup allowlist for peers
if ctx.IsSet(PeersWhitelistFlag.Name) { if ctx.IsSet(PeersAllowlistFlag.Name) {
urls := SplitAndTrim(ctx.String(PeersWhitelistFlag.Name)) urls := SplitAndTrim(ctx.String(PeersAllowlistFlag.Name))
cfg.WhitePeers = make(map[discover.NodeID]struct{}, len(urls)) cfg.AllowPeers = make(map[discover.NodeID]struct{}, len(urls))
for _, url := range urls { for _, url := range urls {
if url != "" { if url != "" {
node1, err1 := discover.HexID(url) node1, err1 := discover.HexID(url)
if err1 == nil { if err1 == nil {
cfg.WhitePeers[node1] = struct{}{} cfg.AllowPeers[node1] = struct{}{}
log.Info("Add peer to whitelist", "id", node1) log.Info("Add peer to allowlist", "id", node1)
continue continue
} }
node2, err2 := discover.ParseNode(url) node2, err2 := discover.ParseNode(url)
if err2 == nil { if err2 == nil {
cfg.WhitePeers[node2.ID] = struct{}{} cfg.AllowPeers[node2.ID] = struct{}{}
log.Info("Add peer to whitelist", "enode", url, "id", node2.ID) log.Info("Add peer to allowlist", "enode", url, "id", node2.ID)
continue continue
} }
log.Crit("Invalid peer id for whitelist", "url", url, "err1", err1, "err2", err2) log.Crit("Invalid peer id for allowlist", "url", url, "err1", err1, "err2", err2)
} }
} }
} }
// setup blacklist for peers // setup denylist for peers
if ctx.IsSet(PeersBlacklistFlag.Name) { if ctx.IsSet(PeersDenylistFlag.Name) {
urls := SplitAndTrim(ctx.String(PeersBlacklistFlag.Name)) urls := SplitAndTrim(ctx.String(PeersDenylistFlag.Name))
cfg.BlackPeers = make(map[discover.NodeID]struct{}, len(urls)) cfg.DenyPeers = make(map[discover.NodeID]struct{}, len(urls))
for _, url := range urls { for _, url := range urls {
if url != "" { if url != "" {
node1, err1 := discover.HexID(url) node1, err1 := discover.HexID(url)
if err1 == nil { if err1 == nil {
cfg.BlackPeers[node1] = struct{}{} cfg.DenyPeers[node1] = struct{}{}
log.Info("Add peer to blacklist", "id", node1) log.Info("Add peer to denylist", "id", node1)
continue continue
} }
node2, err2 := discover.ParseNode(url) node2, err2 := discover.ParseNode(url)
if err2 == nil { if err2 == nil {
cfg.BlackPeers[node2.ID] = struct{}{} cfg.DenyPeers[node2.ID] = struct{}{}
log.Info("Add peer to blacklist", "enode", url, "id", node2.ID) log.Info("Add peer to denylist", "enode", url, "id", node2.ID)
continue continue
} }
log.Crit("Invalid peer id for blacklist", "url", url, "err1", err1, "err2", err2) log.Crit("Invalid peer id for denylist", "url", url, "err1", err1, "err2", err2)
} }
} }
} }
} }
// removeBlackPeers removes bootstrap nodes which is in peers blacklist // removeDenylistedPeers removes bootstrap nodes which is in peers denylist
func removeBlackPeers(cfg *p2p.Config) { func removeDenylistedPeers(cfg *p2p.Config) {
if len(cfg.BlackPeers) == 0 { if len(cfg.DenyPeers) == 0 {
return return
} }
filteredNodes := make([]*discover.Node, 0, len(cfg.BootstrapNodes)) filteredNodes := make([]*discover.Node, 0, len(cfg.BootstrapNodes))
for _, node := range cfg.BootstrapNodes { for _, node := range cfg.BootstrapNodes {
if _, ok := cfg.BlackPeers[node.ID]; ok { if _, ok := cfg.DenyPeers[node.ID]; ok {
log.Info("Remove black peer", "enode", node, "id", node.ID) log.Info("Remove denylisted peer", "enode", node, "id", node.ID)
continue continue
} }
filteredNodes = append(filteredNodes, node) filteredNodes = append(filteredNodes, node)
@ -1280,8 +1280,8 @@ func SetP2PConfig(ctx *cli.Context, cfg *p2p.Config) {
setNAT(ctx, cfg) setNAT(ctx, cfg)
setListenAddress(ctx, cfg) setListenAddress(ctx, cfg)
setBootstrapNodes(ctx, cfg) setBootstrapNodes(ctx, cfg)
setWhiteBlackListPeers(ctx, cfg) setAllowlistAndDenylistForPeers(ctx, cfg)
removeBlackPeers(cfg) removeDenylistedPeers(cfg)
// setBootstrapNodesV5(ctx, cfg) // setBootstrapNodesV5(ctx, cfg)
if ctx.IsSet(MaxPeersFlag.Name) { if ctx.IsSet(MaxPeersFlag.Name) {

View file

@ -38,9 +38,9 @@ var (
) )
type constant struct { type constant struct {
chainID uint64 chainID uint64
blackListHFNumber uint64 denylistHFNumber uint64
maxMasternodesV2 int // Last v1 masternodes maxMasternodesV2 int // Last v1 masternodes
tip2019Block *big.Int tip2019Block *big.Int
tipSigning *big.Int tipSigning *big.Int
@ -75,13 +75,13 @@ type constant struct {
ignoreSignerCheckBlockArray map[uint64]struct{} ignoreSignerCheckBlockArray map[uint64]struct{}
blacklist map[Address]struct{} denylist map[Address]struct{}
} }
// variables for specific networks, copy values from mainnet constant to pass tests // variables for specific networks, copy values from mainnet constant to pass tests
var ( var (
BlackListHFNumber = MainnetConstant.blackListHFNumber DenylistHFNumber = MainnetConstant.denylistHFNumber
MaxMasternodesV2 = MainnetConstant.maxMasternodesV2 // Last v1 masternodes MaxMasternodesV2 = MainnetConstant.maxMasternodesV2 // Last v1 masternodes
TIP2019Block = MainnetConstant.tip2019Block TIP2019Block = MainnetConstant.tip2019Block
TIPSigning = MainnetConstant.tipSigning TIPSigning = MainnetConstant.tipSigning
@ -114,7 +114,7 @@ var (
LendingRegistrationSMC = MainnetConstant.lendingRegistrationSMC LendingRegistrationSMC = MainnetConstant.lendingRegistrationSMC
ignoreSignerCheckBlockArray = MainnetConstant.ignoreSignerCheckBlockArray ignoreSignerCheckBlockArray = MainnetConstant.ignoreSignerCheckBlockArray
blacklist = MainnetConstant.blacklist denylist = MainnetConstant.denylist
) )
func IsIgnoreSignerCheckBlock(blockNumber uint64) bool { func IsIgnoreSignerCheckBlock(blockNumber uint64) bool {
@ -122,11 +122,11 @@ func IsIgnoreSignerCheckBlock(blockNumber uint64) bool {
return ok return ok
} }
func IsInBlacklist(address *Address) bool { func IsInDenylist(address *Address) bool {
if address == nil { if address == nil {
return false return false
} }
_, ok := blacklist[*address] _, ok := denylist[*address]
return ok return ok
} }
@ -147,7 +147,7 @@ func CopyConstants(chainID uint64) {
} }
MaxMasternodesV2 = c.maxMasternodesV2 MaxMasternodesV2 = c.maxMasternodesV2
BlackListHFNumber = c.blackListHFNumber DenylistHFNumber = c.denylistHFNumber
TIP2019Block = c.tip2019Block TIP2019Block = c.tip2019Block
TIPSigning = c.tipSigning TIPSigning = c.tipSigning
TIPRandomize = c.tipRandomize TIPRandomize = c.tipRandomize
@ -181,6 +181,6 @@ func CopyConstants(chainID uint64) {
clear(ignoreSignerCheckBlockArray) clear(ignoreSignerCheckBlockArray)
maps.Copy(ignoreSignerCheckBlockArray, c.ignoreSignerCheckBlockArray) maps.Copy(ignoreSignerCheckBlockArray, c.ignoreSignerCheckBlockArray)
clear(blacklist) clear(denylist)
maps.Copy(blacklist, c.blacklist) maps.Copy(denylist, c.denylist)
} }

View file

@ -6,9 +6,9 @@ import (
) )
var DevnetConstant = constant{ var DevnetConstant = constant{
chainID: 551, chainID: 551,
blackListHFNumber: 0, denylistHFNumber: 0,
maxMasternodesV2: 108, maxMasternodesV2: 108,
tip2019Block: big.NewInt(0), tip2019Block: big.NewInt(0),
tipSigning: big.NewInt(0), tipSigning: big.NewInt(0),
@ -48,7 +48,7 @@ var DevnetConstant = constant{
28270800: {}, 28270800: {},
}, },
blacklist: map[Address]struct{}{ denylist: map[Address]struct{}{
HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {}, HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {},
HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {}, HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {},
HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {}, HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {},

View file

@ -6,9 +6,9 @@ import (
) )
var localConstant = constant{ var localConstant = constant{
chainID: 5151, chainID: 5151,
maxMasternodesV2: 108, maxMasternodesV2: 108,
blackListHFNumber: 0, denylistHFNumber: 0,
tip2019Block: big.NewInt(0), tip2019Block: big.NewInt(0),
tipSigning: big.NewInt(0), tipSigning: big.NewInt(0),
@ -43,5 +43,5 @@ var localConstant = constant{
ignoreSignerCheckBlockArray: map[uint64]struct{}{}, ignoreSignerCheckBlockArray: map[uint64]struct{}{},
blacklist: map[Address]struct{}{}, denylist: map[Address]struct{}{},
} }

View file

@ -6,9 +6,9 @@ import (
) )
var MainnetConstant = constant{ var MainnetConstant = constant{
chainID: 50, chainID: 50,
blackListHFNumber: 38383838, denylistHFNumber: 38383838,
maxMasternodesV2: 108, maxMasternodesV2: 108,
tip2019Block: big.NewInt(1), tip2019Block: big.NewInt(1),
tipSigning: big.NewInt(3000000), tipSigning: big.NewInt(3000000),
@ -48,7 +48,7 @@ var MainnetConstant = constant{
28270800: {}, 28270800: {},
}, },
blacklist: map[Address]struct{}{ denylist: map[Address]struct{}{
HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {}, HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {},
HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {}, HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {},
HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {}, HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {},

View file

@ -6,9 +6,9 @@ import (
) )
var TestnetConstant = constant{ var TestnetConstant = constant{
chainID: 51, chainID: 51,
blackListHFNumber: 23779191, denylistHFNumber: 23779191,
maxMasternodesV2: 15, maxMasternodesV2: 15,
tip2019Block: big.NewInt(1), tip2019Block: big.NewInt(1),
tipSigning: big.NewInt(3000000), tipSigning: big.NewInt(3000000),
@ -48,7 +48,7 @@ var TestnetConstant = constant{
28270800: {}, 28270800: {},
}, },
blacklist: map[Address]struct{}{ denylist: map[Address]struct{}{
HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {}, HexToAddress("0x5248bfb72fd4f234e062d3e9bb76f08643004fcd"): {},
HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {}, HexToAddress("0x5ac26105b35ea8935be382863a70281ec7a985e9"): {},
HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {}, HexToAddress("0x09c4f991a41e7ca0645d7dfbfee160b55e562ea4"): {},

View file

@ -1581,8 +1581,8 @@ func (bc *BlockChain) insertChain(chain types.Blocks, verifySeals bool) (int, []
} }
// If the header is a banned one, straight out abort // If the header is a banned one, straight out abort
if BadHashes[block.Hash()] { if BadHashes[block.Hash()] {
bc.reportBlock(block, nil, ErrBlacklistedHash) bc.reportBlock(block, nil, ErrDenylistedHash)
return it.index, events, coalescedLogs, ErrBlacklistedHash return it.index, events, coalescedLogs, ErrDenylistedHash
} }
// Retrieve the parent block and it's state to execute on top // Retrieve the parent block and it's state to execute on top
start := time.Now() start := time.Now()
@ -1942,12 +1942,12 @@ func (bc *BlockChain) getResultBlock(block *types.Block, verifiedM2 bool) (*Resu
// If the chain is terminating, stop processing blocks // If the chain is terminating, stop processing blocks
if bc.insertStopped() { if bc.insertStopped() {
log.Debug("Premature abort during blocks processing") log.Debug("Premature abort during blocks processing")
return nil, ErrBlacklistedHash return nil, errInsertionInterrupted
} }
// If the header is a banned one, straight out abort // If the header is a banned one, straight out abort
if BadHashes[block.Hash()] { if BadHashes[block.Hash()] {
bc.reportBlock(block, nil, ErrBlacklistedHash) bc.reportBlock(block, nil, ErrDenylistedHash)
return nil, ErrBlacklistedHash return nil, ErrDenylistedHash
} }
// Wait for the block's verification to complete // Wait for the block's verification to complete
bstart := time.Now() bstart := time.Now()

View file

@ -475,8 +475,8 @@ func testBadHashes(t *testing.T, full bool) {
_, err = blockchain.InsertHeaderChain(headers, 1) _, err = blockchain.InsertHeaderChain(headers, 1)
} }
if !errors.Is(err, ErrBlacklistedHash) { if !errors.Is(err, ErrDenylistedHash) {
t.Errorf("error mismatch: have: %v, want: %v", err, ErrBlacklistedHash) t.Errorf("error mismatch: have: %v, want: %v", err, ErrDenylistedHash)
} }
} }

View file

@ -26,8 +26,8 @@ var (
// ErrKnownBlock is returned when a block to import is already known locally. // ErrKnownBlock is returned when a block to import is already known locally.
ErrKnownBlock = errors.New("block already known") ErrKnownBlock = errors.New("block already known")
// ErrBlacklistedHash is returned if a block to import is on the blacklist. // ErrDenylistedHash is returned if a block to import is on the denylist.
ErrBlacklistedHash = errors.New("blacklisted hash") ErrDenylistedHash = errors.New("denylisted hash")
// ErrNoGenesis is returned when there is no Genesis Block. // ErrNoGenesis is returned when there is no Genesis Block.
ErrNoGenesis = errors.New("genesis not found in chain") ErrNoGenesis = errors.New("genesis not found in chain")
@ -38,7 +38,7 @@ var (
// error should be returned which is defined here. // error should be returned which is defined here.
// //
// - If the pre-checking happens in the miner, then the transaction won't be packed. // - If the pre-checking happens in the miner, then the transaction won't be packed.
// - If the pre-checking happens in the block processing procedure, then a "BAD BLOCk" // - If the pre-checking happens in the block processing procedure, then a "BAD BLOCK"
// error should be emitted. // error should be emitted.
var ( var (
// ErrNonceTooLow is returned if the nonce of a transaction is lower than the // ErrNonceTooLow is returned if the nonce of a transaction is lower than the

View file

@ -258,7 +258,7 @@ func (hc *HeaderChain) ValidateHeaderChain(chain []*types.Header, checkFreq int)
} }
// If the header is a banned one, straight out abort // If the header is a banned one, straight out abort
if BadHashes[header.Hash()] { if BadHashes[header.Hash()] {
return i, ErrBlacklistedHash return i, ErrDenylistedHash
} }
// Otherwise wait for headers checks and ensure they pass // Otherwise wait for headers checks and ensure they pass
if err := <-results; err != nil { if err := <-results; err != nil {

View file

@ -102,15 +102,15 @@ func (p *StateProcessor) Process(block *types.Block, statedb *state.StateDB, tra
// Iterate over and process the individual transactions // Iterate over and process the individual transactions
for i, tx := range block.Transactions() { for i, tx := range block.Transactions() {
// check black-list txs after hf // check denylist txs after hf
if block.Number().Uint64() >= common.BlackListHFNumber { if block.Number().Uint64() >= common.DenylistHFNumber {
// check if sender is in black list // check if sender is in denylist
if common.IsInBlacklist(tx.From()) { if common.IsInDenylist(tx.From()) {
return nil, nil, 0, fmt.Errorf("block contains transaction with sender in black-list: %v", tx.From().Hex()) return nil, nil, 0, fmt.Errorf("block contains transaction with sender in denylist: %v", tx.From().Hex())
} }
// check if receiver is in black list // check if receiver is in denylist
if common.IsInBlacklist(tx.To()) { if common.IsInDenylist(tx.To()) {
return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in black-list: %v", tx.To().Hex()) return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in denylist: %v", tx.To().Hex())
} }
} }
// validate minFee slot for XDCZ // validate minFee slot for XDCZ
@ -206,15 +206,15 @@ func (p *StateProcessor) ProcessBlockNoValidator(cBlock *CalculatedBlock, stated
// Iterate over and process the individual transactions // Iterate over and process the individual transactions
receipts = make([]*types.Receipt, block.Transactions().Len()) receipts = make([]*types.Receipt, block.Transactions().Len())
for i, tx := range block.Transactions() { for i, tx := range block.Transactions() {
// check black-list txs after hf // check denylist txs after hf
if block.Number().Uint64() >= common.BlackListHFNumber { if block.Number().Uint64() >= common.DenylistHFNumber {
// check if sender is in black list // check if sender is in denylist
if common.IsInBlacklist(tx.From()) { if common.IsInDenylist(tx.From()) {
return nil, nil, 0, fmt.Errorf("block contains transaction with sender in black-list: %v", tx.From().Hex()) return nil, nil, 0, fmt.Errorf("block contains transaction with sender in denylist: %v", tx.From().Hex())
} }
// check if receiver is in black list // check if receiver is in denylist
if common.IsInBlacklist(tx.To()) { if common.IsInDenylist(tx.To()) {
return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in black-list: %v", tx.To().Hex()) return nil, nil, 0, fmt.Errorf("block contains transaction with receiver in denylist: %v", tx.To().Hex())
} }
} }
// validate minFee slot for XDCZ // validate minFee slot for XDCZ
@ -306,7 +306,7 @@ func ApplyTransactionWithEVM(msg *Message, config *params.ChainConfig, gp *GasPo
txContext := NewEVMTxContext(msg) txContext := NewEVMTxContext(msg)
evm.Reset(txContext, tracingStateDB) evm.Reset(txContext, tracingStateDB)
// Bypass blacklist address // Bypass denylist address
maxBlockNumber := new(big.Int).SetInt64(9147459) maxBlockNumber := new(big.Int).SetInt64(9147459)
if blockNumber.Cmp(maxBlockNumber) <= 0 { if blockNumber.Cmp(maxBlockNumber) <= 0 {
addrMap := make(map[string]string) addrMap := make(map[string]string)
@ -448,7 +448,7 @@ func ApplyTransactionWithEVM(msg *Message, config *params.ChainConfig, gp *GasPo
} }
} }
} }
// End Bypass blacklist address // End Bypass denylist address
// Apply the transaction to the current state (included in the env) // Apply the transaction to the current state (included in the env)
result, err := ApplyMessage(evm, msg, gp, coinbaseOwner) result, err := ApplyMessage(evm, msg, gp, coinbaseOwner)

View file

@ -622,9 +622,9 @@ func (pool *LendingPool) validateLending(tx *types.LendingTransaction) error {
// validateTx checks whether a transaction is valid according to the consensus // validateTx checks whether a transaction is valid according to the consensus
// rules and adheres to some heuristic limits of the local node (price and size). // rules and adheres to some heuristic limits of the local node (price and size).
func (pool *LendingPool) validateTx(tx *types.LendingTransaction, local bool) error { func (pool *LendingPool) validateTx(tx *types.LendingTransaction, local bool) error {
// check if sender is in black list // check if sender is in denylist
if common.IsInBlacklist(tx.From()) { if common.IsInDenylist(tx.From()) {
return fmt.Errorf("reject transaction with sender in black-list: %v", tx.From().Hex()) return fmt.Errorf("reject transaction with sender in denylist: %v", tx.From().Hex())
} }
// Heuristic limit, reject transactions over 32KB to prevent DOS attacks // Heuristic limit, reject transactions over 32KB to prevent DOS attacks
if tx.Size() > 32*1024 { if tx.Size() > 32*1024 {
@ -657,7 +657,7 @@ func (pool *LendingPool) validateTx(tx *types.LendingTransaction, local bool) er
// so outer code doesn't uselessly call promote. // so outer code doesn't uselessly call promote.
// //
// If a newly added transaction is marked as local, its sending account will be // If a newly added transaction is marked as local, its sending account will be
// whitelisted, preventing any associated transaction from being dropped out of // allowlisted, preventing any associated transaction from being dropped out of
// the pool due to pricing constraints. // the pool due to pricing constraints.
func (pool *LendingPool) add(tx *types.LendingTransaction, local bool) (bool, error) { func (pool *LendingPool) add(tx *types.LendingTransaction, local bool) (bool, error) {
// If the transaction is already known, discard it // If the transaction is already known, discard it

View file

@ -524,9 +524,9 @@ func (pool *OrderPool) validateOrder(tx *types.OrderTransaction) error {
// validateTx checks whether a transaction is valid according to the consensus // validateTx checks whether a transaction is valid according to the consensus
// rules and adheres to some heuristic limits of the local node (price and size). // rules and adheres to some heuristic limits of the local node (price and size).
func (pool *OrderPool) validateTx(tx *types.OrderTransaction, local bool) error { func (pool *OrderPool) validateTx(tx *types.OrderTransaction, local bool) error {
// check if sender is in black list // check if sender is in denylist
if common.IsInBlacklist(tx.From()) { if common.IsInDenylist(tx.From()) {
return fmt.Errorf("reject transaction with sender in black-list: %v", tx.From().Hex()) return fmt.Errorf("reject transaction with sender in denylist: %v", tx.From().Hex())
} }
// Heuristic limit, reject transactions over 32KB to prevent DOS attacks // Heuristic limit, reject transactions over 32KB to prevent DOS attacks
if tx.Size() > 32*1024 { if tx.Size() > 32*1024 {
@ -559,7 +559,7 @@ func (pool *OrderPool) validateTx(tx *types.OrderTransaction, local bool) error
// so outer code doesn't uselessly call promote. // so outer code doesn't uselessly call promote.
// //
// If a newly added transaction is marked as local, its sending account will be // If a newly added transaction is marked as local, its sending account will be
// whitelisted, preventing any associated transaction from being dropped out of // allowlisted, preventing any associated transaction from being dropped out of
// the pool due to pricing constraints. // the pool due to pricing constraints.
func (pool *OrderPool) add(tx *types.OrderTransaction, local bool) (bool, error) { func (pool *OrderPool) add(tx *types.OrderTransaction, local bool) (bool, error) {
// If the transaction is already known, discard it // If the transaction is already known, discard it

View file

@ -243,15 +243,15 @@ func ValidateTransactionWithState(tx *types.Transaction, signer types.Signer, op
} }
} }
// Ensure sender and receiver are not in black list // Ensure sender and receiver are not in denylist
if number == nil || number.Cmp(new(big.Int).SetUint64(common.BlackListHFNumber)) >= 0 { if number == nil || number.Cmp(new(big.Int).SetUint64(common.DenylistHFNumber)) >= 0 {
// check if sender is in black list // check if sender is in denylist
if common.IsInBlacklist(tx.From()) { if common.IsInDenylist(tx.From()) {
return fmt.Errorf("reject transaction with sender in black-list: %v", tx.From().Hex()) return fmt.Errorf("reject transaction with sender in denylist: %v", tx.From().Hex())
} }
// check if receiver is in black list // check if receiver is in denylist
if common.IsInBlacklist(to) { if common.IsInDenylist(to) {
return fmt.Errorf("reject transaction with receiver in black-list: %v", to.Hex()) return fmt.Errorf("reject transaction with receiver in denylist: %v", to.Hex())
} }
} }

View file

@ -978,16 +978,16 @@ func (w *Work) commitTransactions(mux *event.TypeMux, balanceFee map[common.Addr
// first priority for special Txs // first priority for special Txs
for _, tx := range specialTxs { for _, tx := range specialTxs {
to := tx.To() to := tx.To()
if w.header.Number.Uint64() >= common.BlackListHFNumber { if w.header.Number.Uint64() >= common.DenylistHFNumber {
from := tx.From() from := tx.From()
// check if sender is in black list // check if sender is in denylist
if common.IsInBlacklist(from) { if common.IsInDenylist(from) {
log.Debug("Skipping transaction with sender in black-list", "sender", from.Hex()) log.Debug("Skipping transaction with sender in denylist", "sender", from.Hex())
continue continue
} }
// check if receiver is in black list // check if receiver is in denylist
if common.IsInBlacklist(to) { if common.IsInDenylist(to) {
log.Debug("Skipping transaction with receiver in black-list", "receiver", to.Hex()) log.Debug("Skipping transaction with receiver in denylist", "receiver", to.Hex())
continue continue
} }
} }
@ -1091,17 +1091,17 @@ func (w *Work) commitTransactions(mux *event.TypeMux, balanceFee map[common.Addr
} }
tx := warped.Tx tx := warped.Tx
to := tx.To() to := tx.To()
if w.header.Number.Uint64() >= common.BlackListHFNumber { if w.header.Number.Uint64() >= common.DenylistHFNumber {
from := tx.From() from := tx.From()
// check if sender is in black list // check if sender is in denylist
if common.IsInBlacklist(from) { if common.IsInDenylist(from) {
log.Debug("Skipping transaction with sender in black-list", "sender", from.Hex()) log.Debug("Skipping transaction with sender in denylist", "sender", from.Hex())
txs.Pop() txs.Pop()
continue continue
} }
// check if receiver is in black list // check if receiver is in denylist
if common.IsInBlacklist(to) { if common.IsInDenylist(to) {
log.Debug("Skipping transaction with receiver in black-list", "receiver", to.Hex()) log.Debug("Skipping transaction with receiver in denylist", "receiver", to.Hex())
txs.Shift() txs.Shift()
continue continue
} }

View file

@ -65,14 +65,14 @@ func (api *adminAPI) AddPeer(url string) (bool, error) {
if err != nil { if err != nil {
return false, fmt.Errorf("invalid enode: %v", err) return false, fmt.Errorf("invalid enode: %v", err)
} }
// only accept the node which is in peer whitelist if the list is not empty // only accept the node which is in peer allowlist if the list is not empty
if len(server.WhitePeers) > 0 { if len(server.AllowPeers) > 0 {
if _, ok := server.WhitePeers[node.ID]; !ok { if _, ok := server.AllowPeers[node.ID]; !ok {
return false, fmt.Errorf("peer is not in whitelist: %v, ID: %s", url, node.ID) return false, fmt.Errorf("peer is not in allowlist: %v, ID: %s", url, node.ID)
} }
} }
// reject the node which is in peer blacklist // reject the node which is in peer blacklist
if _, ok := server.BlackPeers[node.ID]; ok { if _, ok := server.DenyPeers[node.ID]; ok {
return false, fmt.Errorf("peer is in blacklist: %v, ID: %s", url, node.ID) return false, fmt.Errorf("peer is in blacklist: %v, ID: %s", url, node.ID)
} }
server.AddPeer(node) server.AddPeer(node)
@ -106,14 +106,14 @@ func (api *adminAPI) AddTrustedPeer(url string) (bool, error) {
if err != nil { if err != nil {
return false, fmt.Errorf("invalid enode: %v", err) return false, fmt.Errorf("invalid enode: %v", err)
} }
// only accept the node which is in peer whitelist if the list is not empty // only accept the node which is in peer allowlist if the list is not empty
if len(server.WhitePeers) > 0 { if len(server.AllowPeers) > 0 {
if _, ok := server.WhitePeers[node.ID]; !ok { if _, ok := server.AllowPeers[node.ID]; !ok {
return false, fmt.Errorf("trusted peer is not in whitelist: %v, ID: %s", url, node.ID) return false, fmt.Errorf("trusted peer is not in allowlist: %v, ID: %s", url, node.ID)
} }
} }
// reject the node which is in peer blacklist // reject the node which is in peer blacklist
if _, ok := server.BlackPeers[node.ID]; ok { if _, ok := server.DenyPeers[node.ID]; ok {
return false, fmt.Errorf("trusted peer is in blacklist: %v, ID: %s", url, node.ID) return false, fmt.Errorf("trusted peer is in blacklist: %v, ID: %s", url, node.ID)
} }
server.AddTrustedPeer(node) server.AddTrustedPeer(node)

View file

@ -307,7 +307,7 @@ func (h *httpServer) enableRPC(apis []rpc.API, config httpConfig) error {
if config.httpBodyLimit > 0 { if config.httpBodyLimit > 0 {
srv.SetHTTPBodyLimit(config.httpBodyLimit) srv.SetHTTPBodyLimit(config.httpBodyLimit)
} }
if err := RegisterApisFromWhitelist(apis, config.Modules, srv); err != nil { if err := RegisterApis(apis, config.Modules, srv); err != nil {
return err return err
} }
h.httpConfig = config h.httpConfig = config
@ -344,7 +344,7 @@ func (h *httpServer) enableWS(apis []rpc.API, config wsConfig) error {
if config.httpBodyLimit > 0 { if config.httpBodyLimit > 0 {
srv.SetHTTPBodyLimit(config.httpBodyLimit) srv.SetHTTPBodyLimit(config.httpBodyLimit)
} }
if err := RegisterApisFromWhitelist(apis, config.Modules, srv); err != nil { if err := RegisterApis(apis, config.Modules, srv); err != nil {
return err return err
} }
h.wsConfig = config h.wsConfig = config
@ -630,20 +630,20 @@ func (is *ipcServer) stop() error {
return err return err
} }
// RegisterApisFromWhitelist checks the given modules' availability, generates a whitelist based on the allowed modules, // RegisterApis checks the given modules' availability, generates an allowlist based on the allowed modules,
// and then registers all of the APIs exposed by the services. // and then registers all of the APIs exposed by the services.
func RegisterApisFromWhitelist(apis []rpc.API, modules []string, srv *rpc.Server) error { func RegisterApis(apis []rpc.API, modules []string, srv *rpc.Server) error {
if bad, available := checkModuleAvailability(modules, apis); len(bad) > 0 { if bad, available := checkModuleAvailability(modules, apis); len(bad) > 0 {
log.Error("Unavailable modules in HTTP API list", "unavailable", bad, "available", available) log.Error("Unavailable modules in HTTP API list", "unavailable", bad, "available", available)
} }
// Generate the whitelist based on the allowed modules // Generate the allowlist based on the allowed modules
whitelist := make(map[string]bool) allowlist := make(map[string]bool)
for _, module := range modules { for _, module := range modules {
whitelist[module] = true allowlist[module] = true
} }
// Register all the APIs exposed by the services // Register all the APIs exposed by the services
for _, api := range apis { for _, api := range apis {
if whitelist[api.Namespace] || len(whitelist) == 0 { if allowlist[api.Namespace] || len(allowlist) == 0 {
if err := srv.RegisterName(api.Namespace, api.Service); err != nil { if err := srv.RegisterName(api.Namespace, api.Service); err != nil {
return err return err
} }

View file

@ -195,7 +195,7 @@ func (s *dialstate) newTasks(nRunning int, peers map[discover.NodeID]*Peer, now
for id, t := range s.static { for id, t := range s.static {
err := s.checkDial(t.dest, peers) err := s.checkDial(t.dest, peers)
switch err { switch err {
case errNotWhitelisted, errSelf: case errNotAllowlisted, errSelf:
log.Warn("Removing static dial candidate", "id", t.dest.ID, "addr", &net.TCPAddr{IP: t.dest.IP, Port: int(t.dest.TCP)}, "err", err) log.Warn("Removing static dial candidate", "id", t.dest.ID, "addr", &net.TCPAddr{IP: t.dest.IP, Port: int(t.dest.TCP)}, "err", err)
delete(s.static, t.dest.ID) delete(s.static, t.dest.ID)
case nil: case nil:
@ -257,7 +257,7 @@ var (
errAlreadyDialing = errors.New("already dialing") errAlreadyDialing = errors.New("already dialing")
errAlreadyConnected = errors.New("already connected") errAlreadyConnected = errors.New("already connected")
errRecentlyDialed = errors.New("recently dialed") errRecentlyDialed = errors.New("recently dialed")
errNotWhitelisted = errors.New("not contained in netrestrict whitelist") errNotAllowlisted = errors.New("not contained in netrestrict allowlist")
) )
func (s *dialstate) checkDial(n *discover.Node, peers map[discover.NodeID]*Peer) error { func (s *dialstate) checkDial(n *discover.Node, peers map[discover.NodeID]*Peer) error {
@ -273,7 +273,7 @@ func (s *dialstate) checkDial(n *discover.Node, peers map[discover.NodeID]*Peer)
case s.ntab != nil && n.ID == s.ntab.Self().ID: case s.ntab != nil && n.ID == s.ntab.Self().ID:
return errSelf return errSelf
case s.netrestrict != nil && !s.netrestrict.Contains(n.IP): case s.netrestrict != nil && !s.netrestrict.Contains(n.IP):
return errNotWhitelisted return errNotAllowlisted
case s.hist.contains(n.ID): case s.hist.contains(n.ID):
return errRecentlyDialed return errRecentlyDialed
} }

View file

@ -134,7 +134,7 @@ func (t *udp) nodeFromRPC(sender *net.UDPAddr, rn rpcNode) (*Node, error) {
return nil, err return nil, err
} }
if t.netrestrict != nil && !t.netrestrict.Contains(rn.IP) { if t.netrestrict != nil && !t.netrestrict.Contains(rn.IP) {
return nil, errors.New("not contained in netrestrict whitelist") return nil, errors.New("not contained in netrestrict allowlist")
} }
n := NewNode(rn.ID, rn.IP, rn.UDP, rn.TCP) n := NewNode(rn.ID, rn.IP, rn.UDP, rn.TCP)
err := n.validateComplete() err := n.validateComplete()
@ -224,7 +224,7 @@ type Config struct {
// These settings are optional: // These settings are optional:
AnnounceAddr *net.UDPAddr // local address announced in the DHT AnnounceAddr *net.UDPAddr // local address announced in the DHT
NodeDBPath string // if set, the node database is stored at this filesystem location NodeDBPath string // if set, the node database is stored at this filesystem location
NetRestrict *netutil.Netlist // network whitelist NetRestrict *netutil.Netlist // network allowlist
Bootnodes []*Node // list of bootstrap nodes Bootnodes []*Node // list of bootstrap nodes
Unhandled chan<- ReadPacket // unhandled packets are sent on this channel Unhandled chan<- ReadPacket // unhandled packets are sent on this channel

View file

@ -734,7 +734,7 @@ func (net *Network) internNodeFromNeighbours(sender *net.UDPAddr, rn rpcNode) (n
// We haven't seen this node before. // We haven't seen this node before.
n, err = nodeFromRPC(sender, rn) n, err = nodeFromRPC(sender, rn)
if net.netrestrict != nil && !net.netrestrict.Contains(n.IP) { if net.netrestrict != nil && !net.netrestrict.Contains(n.IP) {
return n, errors.New("not contained in netrestrict whitelist") return n, errors.New("not contained in netrestrict allowlist")
} }
if err == nil { if err == nil {
n.state = unknown n.state = unknown

View file

@ -72,8 +72,8 @@ const (
DiscSelf DiscSelf
DiscReadTimeout DiscReadTimeout
DiscPairPeerStop DiscPairPeerStop
DiscNonWhitelistedPeer DiscNonAllowlistedPeer
DiscBlacklistedPeer DiscDenylistedPeer
DiscSubprotocolError = DiscReason(0x10) DiscSubprotocolError = DiscReason(0x10)
) )
@ -91,8 +91,8 @@ var discReasonToString = [...]string{
DiscSelf: "connected to self", DiscSelf: "connected to self",
DiscReadTimeout: "read timeout", DiscReadTimeout: "read timeout",
DiscPairPeerStop: "pair peer connection stop", DiscPairPeerStop: "pair peer connection stop",
DiscNonWhitelistedPeer: "disconnect non-whitelisted peer", DiscNonAllowlistedPeer: "disconnect non-allowlisted peer",
DiscBlacklistedPeer: "disconnect blacklisted peer", DiscDenylistedPeer: "disconnect denylisted peer",
DiscSubprotocolError: "subprotocol error", DiscSubprotocolError: "subprotocol error",
} }

View file

@ -89,10 +89,11 @@ type Config struct {
// Name sets the node name of this server. // Name sets the node name of this server.
Name string `toml:"-"` Name string `toml:"-"`
// Whitelist for peers // Allowlist for peers
WhitePeers map[discover.NodeID]struct{} AllowPeers map[discover.NodeID]struct{}
// Blacklist for peers.
BlackPeers map[discover.NodeID]struct{} // Denylist for peers.
DenyPeers map[discover.NodeID]struct{}
// BootstrapNodes are used to establish connectivity // BootstrapNodes are used to establish connectivity
// with the rest of the network. // with the rest of the network.
@ -323,8 +324,8 @@ func (srv *Server) RemovePeer(node *discover.Node) {
} }
} }
// AddTrustedPeer adds the given node to a reserved whitelist which allows the // AddTrustedPeer adds the given node to a reserved allowlist which allows the
// node to always connect, even if the slot are full. // node to always connect, even if the slots are full.
func (srv *Server) AddTrustedPeer(node *discover.Node) { func (srv *Server) AddTrustedPeer(node *discover.Node) {
select { select {
case srv.addtrusted <- node: case srv.addtrusted <- node:
@ -847,7 +848,7 @@ func (srv *Server) listenLoop() {
// Reject connections that do not match NetRestrict. // Reject connections that do not match NetRestrict.
if srv.NetRestrict != nil { if srv.NetRestrict != nil {
if tcp, ok := fd.RemoteAddr().(*net.TCPAddr); ok && !srv.NetRestrict.Contains(tcp.IP) { if tcp, ok := fd.RemoteAddr().(*net.TCPAddr); ok && !srv.NetRestrict.Contains(tcp.IP) {
srv.log.Debug("Rejected conn (not whitelisted in NetRestrict)", "addr", fd.RemoteAddr()) srv.log.Debug("Rejected conn (not allowlisted in NetRestrict)", "addr", fd.RemoteAddr())
fd.Close() fd.Close()
slots <- struct{}{} slots <- struct{}{}
continue continue
@ -899,15 +900,15 @@ func (srv *Server) setupConn(c *conn, flags connFlag, dialDest *discover.Node) e
return err return err
} }
clog := srv.log.New("id", c.id.String(), "addr", c.fd.RemoteAddr(), "conn", c.flags) clog := srv.log.New("id", c.id.String(), "addr", c.fd.RemoteAddr(), "conn", c.flags)
if len(srv.WhitePeers) > 0 { if len(srv.AllowPeers) > 0 {
if _, ok := srv.WhitePeers[c.id]; !ok { if _, ok := srv.AllowPeers[c.id]; !ok {
clog.Debug("Reject non-whitelisted peer") clog.Debug("Reject non-allowlisted peer")
return DiscNonWhitelistedPeer return DiscNonAllowlistedPeer
} }
} }
if _, ok := srv.BlackPeers[c.id]; ok { if _, ok := srv.DenyPeers[c.id]; ok {
clog.Debug("Reject blacklisted peer") clog.Debug("Reject blacklisted peer")
return DiscBlacklistedPeer return DiscDenylistedPeer
} }
// For dialed connections, check that the remote public key matches. // For dialed connections, check that the remote public key matches.
if dialDest != nil && c.id != dialDest.ID { if dialDest != nil && c.id != dialDest.ID {

View file

@ -950,7 +950,7 @@ func (c *ChainConfig) Description() string {
banner += fmt.Sprintf(" - TIPSigning: %-8v\n", common.TIPSigning) banner += fmt.Sprintf(" - TIPSigning: %-8v\n", common.TIPSigning)
banner += fmt.Sprintf(" - TIPRandomize: %-8v\n", common.TIPRandomize) banner += fmt.Sprintf(" - TIPRandomize: %-8v\n", common.TIPRandomize)
banner += fmt.Sprintf(" - TIPIncreaseMasternodes: %-8v\n", common.TIPIncreaseMasternodes) banner += fmt.Sprintf(" - TIPIncreaseMasternodes: %-8v\n", common.TIPIncreaseMasternodes)
banner += fmt.Sprintf(" - BlackListHFNumber: %-8v\n", common.BlackListHFNumber) banner += fmt.Sprintf(" - DenylistHFNumber: %-8v\n", common.DenylistHFNumber)
banner += fmt.Sprintf(" - TIPNoHalvingMNReward: %-8v\n", common.TIPNoHalvingMNReward) banner += fmt.Sprintf(" - TIPNoHalvingMNReward: %-8v\n", common.TIPNoHalvingMNReward)
banner += fmt.Sprintf(" - TIPXDCX: %-8v\n", common.TIPXDCX) banner += fmt.Sprintf(" - TIPXDCX: %-8v\n", common.TIPXDCX)
banner += fmt.Sprintf(" - TIPXDCXLending: %-8v\n", common.TIPXDCXLending) banner += fmt.Sprintf(" - TIPXDCXLending: %-8v\n", common.TIPXDCXLending)

View file

@ -97,7 +97,7 @@ func wsHandshakeValidator(allowedOrigins []string) func(*http.Request) bool {
if _, ok := req.Header["Origin"]; !ok { if _, ok := req.Header["Origin"]; !ok {
return true return true
} }
// Verify origin against allow list. // Verify origin against allowlist.
origin := strings.ToLower(req.Header.Get("Origin")) origin := strings.ToLower(req.Header.Get("Origin"))
if allowAllOrigins || originIsAllowed(origins, origin) { if allowAllOrigins || originIsAllowed(origins, origin) {
return true return true