diff --git a/changelog.md b/changelog.md index 9af4cbca39..1da948f8a4 100644 --- a/changelog.md +++ b/changelog.md @@ -28,6 +28,7 @@ * [2979](https://github.com/zeta-chain/node/pull/2979) - add fungible keeper ability to lock/unlock ZRC20 tokens * [3012](https://github.com/zeta-chain/node/pull/3012) - integrate authenticated calls erc20 smart contract functionality into protocol * [3025](https://github.com/zeta-chain/node/pull/3025) - standard memo for Bitcoin inbound +* [3028](https://github.com/zeta-chain/node/pull/3028) - whitelist connection gater ### Refactor diff --git a/cmd/zetaclientd/start.go b/cmd/zetaclientd/start.go index f00abdcde1..67bd9830ee 100644 --- a/cmd/zetaclientd/start.go +++ b/cmd/zetaclientd/start.go @@ -13,10 +13,12 @@ import ( "time" "github.com/cometbft/cometbft/crypto/secp256k1" + "github.com/libp2p/go-libp2p/core/peer" maddr "github.com/multiformats/go-multiaddr" "github.com/pkg/errors" "github.com/rs/zerolog/log" "github.com/spf13/cobra" + "gitlab.com/thorchain/tss/go-tss/conversion" "github.com/zeta-chain/node/pkg/authz" "github.com/zeta-chain/node/pkg/chains" @@ -204,8 +206,19 @@ func start(_ *cobra.Command, _ []string) error { } telemetryServer.SetIPAddress(cfg.PublicIP) + + keygen := appContext.GetKeygen() + whitelistedPeers := []peer.ID{} + for _, pk := range keygen.GranteePubkeys { + pid, err := conversion.Bech32PubkeyToPeerID(pk) + if err != nil { + return err + } + whitelistedPeers = append(whitelistedPeers, pid) + } + // Create TSS server - server, err := mc.SetupTSSServer(peers, priKey, preParams, appContext.Config(), tssKeyPass, true) + server, err := mc.SetupTSSServer(peers, priKey, preParams, appContext.Config(), tssKeyPass, true, whitelistedPeers) if err != nil { return fmt.Errorf("SetupTSSServer error: %w", err) } diff --git a/go.mod b/go.mod index c554fdd384..8eb8e795e4 100644 --- a/go.mod +++ b/go.mod @@ -367,5 +367,5 @@ replace ( github.com/bnb-chain/tss-lib => github.com/zeta-chain/tss-lib v0.0.0-20240916163010-2e6b438bd901 github.com/ethereum/go-ethereum => github.com/zeta-chain/go-ethereum v1.10.26-spc github.com/libp2p/go-libp2p => github.com/zeta-chain/go-libp2p v0.0.0-20240710192637-567fbaacc2b4 - gitlab.com/thorchain/tss/go-tss => github.com/zeta-chain/go-tss v0.0.0-20241028192852-b5233fc8c2b3 + gitlab.com/thorchain/tss/go-tss => github.com/zeta-chain/go-tss v0.0.0-20241028203048-62ae2bb54949 ) diff --git a/go.sum b/go.sum index b2e97005c3..5231477a6c 100644 --- a/go.sum +++ b/go.sum @@ -4204,8 +4204,8 @@ github.com/zeta-chain/go-ethereum v1.10.26-spc h1:NvY4rR9yw52wfxWt7YoFsWbaIwVMyO github.com/zeta-chain/go-ethereum v1.10.26-spc/go.mod h1:/6CsT5Ceen2WPLI/oCA3xMcZ5sWMF/D46SjM/ayY0Oo= github.com/zeta-chain/go-libp2p v0.0.0-20240710192637-567fbaacc2b4 h1:FmO3HfVdZ7LzxBUfg6sVzV7ilKElQU2DZm8PxJ7KcYI= github.com/zeta-chain/go-libp2p v0.0.0-20240710192637-567fbaacc2b4/go.mod h1:TBv5NY/CqWYIfUstXO1fDWrt4bDoqgCw79yihqBspg8= -github.com/zeta-chain/go-tss v0.0.0-20241028192852-b5233fc8c2b3 h1:IecdEwyguY3dtI7xRT+yW6ml/Z9cfIVHiB4q6huBhc4= -github.com/zeta-chain/go-tss v0.0.0-20241028192852-b5233fc8c2b3/go.mod h1:B1FDE6kHs8hozKSX1/iXgCdvlFbS6+FeAupoBHDK0Cc= +github.com/zeta-chain/go-tss v0.0.0-20241028203048-62ae2bb54949 h1:dBwx99+oymiyecnRGu1dnkJmYn2SAgBexBJ6nsdJt+E= +github.com/zeta-chain/go-tss v0.0.0-20241028203048-62ae2bb54949/go.mod h1:B1FDE6kHs8hozKSX1/iXgCdvlFbS6+FeAupoBHDK0Cc= github.com/zeta-chain/keystone/keys v0.0.0-20240826165841-3874f358c138 h1:vck/FcIIpFOvpBUm0NO17jbEtmSz/W/a5Y4jRuSJl6I= github.com/zeta-chain/keystone/keys v0.0.0-20240826165841-3874f358c138/go.mod h1:U494OsZTWsU75hqoriZgMdSsgSGP1mUL1jX+wN/Aez8= github.com/zeta-chain/protocol-contracts v1.0.2-athens3.0.20241028082130-577403818960 h1:uLcbGIyQzhFkbxcnRyc4RUjRHMfR/rrztFG7jvR3EUs= diff --git a/zetaclient/tss/tss_signer.go b/zetaclient/tss/tss_signer.go index 0c7daa98e7..594784797c 100644 --- a/zetaclient/tss/tss_signer.go +++ b/zetaclient/tss/tss_signer.go @@ -148,6 +148,7 @@ func SetupTSSServer( cfg config.Config, tssPassword string, enableMonitor bool, + whitelistedPeers []gopeer.ID, ) (*tss.TssServer, error) { bootstrapPeers := peer log.Info().Msgf("Peers AddrList %v", bootstrapPeers) @@ -185,6 +186,7 @@ func SetupTSSServer( preParams, // use pre-generated pre-params if non-nil IP, // for docker test tssPassword, + whitelistedPeers, ) if err != nil { log.Error().Err(err).Msg("NewTSS error")