From 692f37bd4c304e85a17408f77af6ce488894c412 Mon Sep 17 00:00:00 2001 From: fred Date: Fri, 8 Mar 2024 14:29:58 +0100 Subject: [PATCH] Hardening GeoKeys ZEN memory system --- RUNTIME/PLAYER.refresh.sh | 39 +++++++++++++++++++----------------- RUNTIME/SECTOR.refresh.sh | 4 ++-- RUNTIME/UPLANET.refresh.sh | 7 +++++-- RUNTIME/ZEN.SECTOR.memory.sh | 22 +++++++++++--------- RUNTIME/ZEN.UMAP.memory.sh | 21 +++++++++++-------- 5 files changed, 54 insertions(+), 39 deletions(-) diff --git a/RUNTIME/PLAYER.refresh.sh b/RUNTIME/PLAYER.refresh.sh index 31b03cb2..c8806423 100755 --- a/RUNTIME/PLAYER.refresh.sh +++ b/RUNTIME/PLAYER.refresh.sh @@ -377,24 +377,27 @@ for PLAYER in ${PLAYERONE[@]}; do days=$((DIFF_SECONDS / 60 / 60 / 24)) echo "PLAYER TW was created $days days ago" - ################################## - #### PLAYER ACCOUNT CLEANING ######### - ## IF ZEN < 11 - ## && EMPTY RSS + 30 DAYS BIRTHDATE - ## only for less 90 days TW ? && ${DIFF_SECONDS} -lt $(( 90 * 24 * 60 * 60 )) ???? - ## ==> UNPLUG - [[ $(cat ~/.zen/game/players/${PLAYER}/ipfs/${PLAYER}.rss.json) == "[]" ]] \ - && echo "RSS IS EMPTY -- COINS=$COINS / ZEN=$ZEN --" \ - && [[ $(echo "$COINS < 2.1" | bc -l) -eq 1 ]] \ - && [[ ${DIFF_SECONDS} -gt $(( 27 * 24 * 60 * 60 )) ]] \ - && echo "

WARNING.

Your TW will be UNPLUGGED and stop being published..." > ~/.zen/tmp/alert \ - && echo "

TW : ${PLAYER}

ZEN=$ZEN " >> ~/.zen/tmp/alert \ - && ${MY_PATH}/../tools/mailjet.sh "${PLAYER}" ~/.zen/tmp/alert "TW ALERT" \ - && echo "<<<< PLAYER TW WARNING <<<< ${DIFF_SECONDS} > ${days} days" \ - && [[ ${DIFF_SECONDS} -gt $(( 30 * 24 * 60 * 60 )) ]] \ - && echo ">>>> PLAYER TW UNPLUG >>>>> ${days} days => BYE BYE ${PLAYER} ZEN=$ZEN" \ - && ${MY_PATH}/PLAYER.unplug.sh ~/.zen/game/players/${PLAYER}/ipfs/moa/index.html ${PLAYER} \ - && continue + ######################################## + #### PLAYER ACCOUNT IS ACTIVE ? ######### + if [[ $(cat ~/.zen/game/players/${PLAYER}/ipfs/${PLAYER}.rss.json) == "[]" ]]; then + echo "RSS IS EMPTY -- COINS=$COINS / ZEN=$ZEN --" + + if [[ $(echo "$COINS < 2.1" | bc -l) -eq 1 ]]; then + if [[ ${DIFF_SECONDS} -eq $(( 27 * 24 * 60 * 60 )) ]]; then + echo "

WARNING.

Your TW will be UNPLUGGED and stop being published..." > ~/.zen/tmp/alert + echo "

TW : ${PLAYER}

ADD MORE ZEN ($ZEN) " >> ~/.zen/tmp/alert + + ${MY_PATH}/../tools/mailjet.sh "${PLAYER}" ~/.zen/tmp/alert "TW ALERT" + echo "<<<< PLAYER TW WARNING <<<< ${DIFF_SECONDS} > ${days} days" + fi + if [[ ${DIFF_SECONDS} -gt $(( 29 * 24 * 60 * 60 )) ]]; then + echo ">>>> PLAYER TW UNPLUG >>>>> ${days} days => BYE BYE ${PLAYER} ZEN=$ZEN" + ${MY_PATH}/PLAYER.unplug.sh ~/.zen/game/players/${PLAYER}/ipfs/moa/index.html ${PLAYER} + continue + fi + fi + fi + #################################### UNPLUG ACCOUNT IRSS=$(ipfs add -q ~/.zen/game/players/${PLAYER}/ipfs/${PLAYER}.rss.json | tail -n 1) \ diff --git a/RUNTIME/SECTOR.refresh.sh b/RUNTIME/SECTOR.refresh.sh index 4f548f4f..e351c260 100755 --- a/RUNTIME/SECTOR.refresh.sh +++ b/RUNTIME/SECTOR.refresh.sh @@ -99,13 +99,13 @@ for SECTOR in ${SECTORS[@]}; do start=`date +%s` # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> #~ ## IPFS GET ONLINE YESTERDATE SECTORNS - ipfs --timeout 240s get -o ~/.zen/tmp/${MOATS}/${SECTOR}/ /ipns/${YESTERDATENS}/ + ipfs --timeout 300s get -o ~/.zen/tmp/${MOATS}/${SECTOR}/ /ipns/${YESTERDATENS}/ if [[ $? != 0 ]]; then echo "(╥☁╥ ) swarm memory empty (╥☁╥ )" # Try retieve memory from UPlanet Zen Memory [[ ${ZEN} -gt 0 ]] \ && echo "INTERCOM Refreshing from ZEN MEMORY" \ - && ${MY_PATH}/../RUNTIME/ZEN.SECTOR.memory.sh "${SECTOR}" "${MOATS}" + && ${MY_PATH}/../RUNTIME/ZEN.SECTOR.memory.sh "${SECTOR}" "${MOATS}" "${G1PUB}" fi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> end=`date +%s` diff --git a/RUNTIME/UPLANET.refresh.sh b/RUNTIME/UPLANET.refresh.sh index 80ab4cec..4617ad40 100755 --- a/RUNTIME/UPLANET.refresh.sh +++ b/RUNTIME/UPLANET.refresh.sh @@ -96,18 +96,21 @@ for UMAP in ${unique_combined[@]}; do echo "YESTERDAY : ${myIPFS}/ipns/${YESTERDATENS}" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + start=`date +%s` # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> echo "## IPFS GET YESTERDATENS" mkdir ~/.zen/tmp/${MOATS}/${UMAP} - ipfs --timeout 240s get -o ~/.zen/tmp/${MOATS}/${UMAP}/ /ipns/${YESTERDATENS}/ + ipfs --timeout 300s get -o ~/.zen/tmp/${MOATS}/${UMAP}/ /ipns/${YESTERDATENS}/ if [[ $? != 0 ]]; then echo "(╥☁╥ ) swarm memory empty (╥☁╥ )" # Try retieve memory from UPlanet Zen Memory [[ ${ZEN} -gt 0 ]] \ && echo "INTERCOM Refreshing from ZEN MEMORY" \ - && ${MY_PATH}/../RUNTIME/ZEN.UMAP.memory.sh "${UMAP}" "${MOATS}" + && ${MY_PATH}/../RUNTIME/ZEN.UMAP.memory.sh "${UMAP}" "${MOATS}" "${G1PUB}" fi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + end=`date +%s` + echo "_____UMAP${UMAP} GET time was "`expr $end - $start` seconds. # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ## FORMAT CONTROL WARNING diff --git a/RUNTIME/ZEN.SECTOR.memory.sh b/RUNTIME/ZEN.SECTOR.memory.sh index 1d72b9f6..5475d34d 100755 --- a/RUNTIME/ZEN.SECTOR.memory.sh +++ b/RUNTIME/ZEN.SECTOR.memory.sh @@ -17,6 +17,7 @@ MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized SECTOR="$1" [[ $SECTOR == "" ]] && echo "MISSING SECTOR ADRESS" && exit 1 MOATS="$2" +G1PUB="$3" ## CHECK FOR BAD PARAM [[ ! -d ~/.zen/tmp/${MOATS-empty}/${SECTOR-empty}/ ]] \ @@ -40,23 +41,26 @@ COINS=$($MY_PATH/../tools/COINScheck.sh ${REGIONG1PUB} | tail -n 1) echo "REGION : ${REGION} (${COINS} G1) WALLET : ${REGIONG1PUB}" ## RETRIEVE FROM REGION UKEY -${MY_PATH}/../tools/timeout.sh -t 20 ${MY_PATH}/../tools/jaklis/jaklis.py history -n 300 -p ${REGIONG1PUB} -j \ +${MY_PATH}/../tools/timeout.sh -t 20 ${MY_PATH}/../tools/jaklis/jaklis.py history -n 100 -p ${REGIONG1PUB} -j \ > ~/.zen/tmp/${MOATS}/${REGION}.g1history.json ## SCAN FOR UPLANET:${SECTOR} in TX if [[ -s ~/.zen/tmp/${MOATS}/${REGION}.g1history.json ]]; then - intercom=$(jq -r '.[] | select(.comment | test("UPLANET:'"${SECTOR}"'")) | .comment' ~/.zen/tmp/${MOATS}/${REGION}.g1history.json) - ipfs_pop=$(echo "$intercom" | grep -oP 'UPLANET:'"${SECTOR}"':/ipfs/\K[^"]+') - todate=$(echo "$intercom" | grep -oP 'UPLANET:'"${SECTOR}"':\K[^:]*') - echo "SYNC ~/.zen/tmp/${MOATS}/${SECTOR} <=> /ipfs/$ipfs_pop" + intercom=$(jq -r '.[] | select(.comment | test("UPLANET:'"${SECTOR}"'")) | .comment' ~/.zen/tmp/${MOATS}/${REGION}.g1history.json | tail -n 1) + ipfs_pop=$(echo "$intercom" | rev | cut -d ':' -f 1 | rev) + todate=$(echo "$intercom" | rev | cut -d ':' -f 2 | rev) + echo "SYNC ~/.zen/tmp/${MOATS}/${SECTOR} <=> $ipfs_pop" - ## TODO: SECURITY PATCH : check payment emitter is SECTORG1PUB if [[ $ipfs_pop ]]; then - echo "from $todate memory slot" - ipfs --timeout 90s get -o ~/.zen/tmp/${MOATS}/${SECTOR} /ipfs/$ipfs_pop + echo "FOUND $todate MEMORY SLOT" + g1pub=$(jq -r '.[] | select(.comment | test("UPLANET:'"${SECTOR}"'")) | .g1pub' ~/.zen/tmp/${MOATS}/${REGION}.g1history.json | tail -n 1) + [[ "$g1pub" != "$G1PUB" ]] && echo "ALERT :: $g1pub Memory HIJACK" && YESTERDATE="$G1PUB" ## SECURITY BREACH + [[ "$todate" == "$YESTERDATE" ]] \ + && ipfs --timeout 90s get -o ~/.zen/tmp/${MOATS}/${SECTOR} $ipfs_pop \ + || echo "$ipfs_pop ERROR ... not from $YESTERDATE ... " else - echo "WARNING cannot remember... scan for more TX ??!" + echo "WARNING cannot revover any memory !!" fi else diff --git a/RUNTIME/ZEN.UMAP.memory.sh b/RUNTIME/ZEN.UMAP.memory.sh index 4627786e..64efed99 100755 --- a/RUNTIME/ZEN.UMAP.memory.sh +++ b/RUNTIME/ZEN.UMAP.memory.sh @@ -17,6 +17,7 @@ MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized UMAP="$1" [[ $UMAP == "" ]] && echo "MISSING UMAP ADRESS" && exit 1 MOATS="$2" +G1PUB="$3" ## CHECK FOR BAD PARAM [[ ! -d ~/.zen/tmp/${MOATS-empty}/${UMAP-empty}/ ]] \ @@ -43,23 +44,27 @@ COINS=$($MY_PATH/../tools/COINScheck.sh ${SECTORG1PUB} | tail -n 1) echo "SECTOR : ${SECTOR} (${COINS} G1) WALLET : ${SECTORG1PUB}" ## RETRIEVE FROM SECTOR UKEY -${MY_PATH}/../tools/timeout.sh -t 20 ${MY_PATH}/../tools/jaklis/jaklis.py history -n 300 -p ${SECTORG1PUB} -j \ +${MY_PATH}/../tools/timeout.sh -t 20 ${MY_PATH}/../tools/jaklis/jaklis.py history -n 100 -p ${SECTORG1PUB} -j \ > ~/.zen/tmp/${MOATS}/${SECTOR}.g1history.json ## SCAN FOR UPLANET:${UMAP} in TX if [[ -s ~/.zen/tmp/${MOATS}/${SECTOR}.g1history.json ]]; then - intercom=$(jq -r '.[] | select(.comment | test("UPLANET:'"${UMAP}"'")) | .comment' ~/.zen/tmp/${MOATS}/${SECTOR}.g1history.json) - ipfs_pop=$(echo "$intercom" | grep -oP 'UPLANET:'"${UMAP}"':/ipfs/\K[^"]+') - todate=$(echo "$intercom" | grep -oP 'UPLANET:'"${UMAP}"':\K[^:]*') - echo "SYNC ~/.zen/tmp/${MOATS}/${UMAP} <=> /ipfs/$ipfs_pop" + intercom=$(jq -r '.[] | select(.comment | test("UPLANET:'"${UMAP}"'")) | .comment' ~/.zen/tmp/${MOATS}/${SECTOR}.g1history.json | tail -n 1) + ipfs_pop=$(echo "$intercom" | rev | cut -d ':' -f 1 | rev) + todate=$(echo "$intercom" | rev | cut -d ':' -f 2 | rev) + echo "SYNC ~/.zen/tmp/${MOATS}/${UMAP} <=> $ipfs_pop" ## TODO: SECURITY PATCH : check payment emitter is UMAPG1PUB if [[ $ipfs_pop ]]; then - echo "from $todate memory slot" - ipfs --timeout 90s get -o ~/.zen/tmp/${MOATS}/${UMAP} /ipfs/$ipfs_pop + echo "FOUND $todate MEMORY SLOT" + g1pub=$(jq -r '.[] | select(.comment | test("UPLANET:'"${UMAP}"'")) | .g1pub' ~/.zen/tmp/${MOATS}/${SECTOR}.g1history.json | tail -n 1) + [[ "$g1pub" != "$G1PUB" ]] && echo "ALERT :: $g1pub Memory HIJACK" && YESTERDATE="$G1PUB" ## SECURITY BREACH + [[ "$todate" == "$YESTERDATE" ]] \ + && ipfs --timeout 90s get -o ~/.zen/tmp/${MOATS}/${UMAP} $ipfs_pop \ + || echo "$ipfs_pop ERROR ... not from $YESTERDATE ... " else - echo "WARNING cannot remember... scan for more TX ??!" + echo "WARNING cannot revover any memory !!" fi else