refactor: commit to 8 byte obfuscation keys

Since 31 byte xor-keys are not used in the codebase, using the common size (8 bytes) makes the benchmarks more realistic. Co-authored-by: maflcko <6399679+maflcko@users.noreply.github.com>
2026-03-29 18:05:58 +02:00 · 2025-07-15 14:54:58 -07:00
parent 7aa557a37b
commit 54ab0bd64c
9 changed files with 36 additions and 16 deletions
--- a/src/bench/xor.cpp
+++ b/src/bench/xor.cpp
@@ -6,6 +6,7 @@
 #include <random.h>
 #include <span.h>
 #include <streams.h>
+#include <util/obfuscation.h>

 #include <cstddef>
 #include <vector>
@@ -14,7 +15,7 @@ static void Xor(benchmark::Bench& bench)
 {
    FastRandomContext frc{/*fDeterministic=*/true};
    auto data{frc.randbytes<std::byte>(1024)};
-    auto key{frc.randbytes<std::byte>(31)};
+    auto key{frc.randbytes<std::byte>(Obfuscation::KEY_SIZE)};

    bench.batch(data.size()).unit("byte").run([&] {
        util::Xor(data, key);
--- a/src/dbwrapper.cpp
+++ b/src/dbwrapper.cpp
@@ -11,6 +11,7 @@
 #include <streams.h>
 #include <util/fs.h>
 #include <util/fs_helpers.h>
+#include <util/obfuscation.h>
 #include <util/strencodings.h>

 #include <algorithm>
@@ -249,7 +250,7 @@ CDBWrapper::CDBWrapper(const DBParams& params)
    }

    // The base-case obfuscation key, which is a noop.
-    obfuscate_key = std::vector<unsigned char>(OBFUSCATE_KEY_NUM_BYTES, '\000');
+    obfuscate_key = std::vector<unsigned char>(Obfuscation::KEY_SIZE, '\000');

    bool key_exists = Read(OBFUSCATE_KEY_KEY, obfuscate_key);

@@ -316,15 +317,13 @@ size_t CDBWrapper::DynamicMemoryUsage() const
 // past the null-terminator.
 const std::string CDBWrapper::OBFUSCATE_KEY_KEY("\000obfuscate_key", 14);

-const unsigned int CDBWrapper::OBFUSCATE_KEY_NUM_BYTES = 8;
-
 /**
 * Returns a string (consisting of 8 random bytes) suitable for use as an
 * obfuscating XOR key.
 */
 std::vector<unsigned char> CDBWrapper::CreateObfuscateKey() const
 {
-    std::vector<uint8_t> ret(OBFUSCATE_KEY_NUM_BYTES);
+    std::vector<uint8_t> ret(Obfuscation::KEY_SIZE);
    GetRandBytes(ret);
    return ret;
 }
--- a/src/dbwrapper.h
+++ b/src/dbwrapper.h
@@ -193,9 +193,6 @@ private:
    //! the key under which the obfuscation key is stored
    static const std::string OBFUSCATE_KEY_KEY;

-    //! the length of the obfuscate key in number of bytes
-    static const unsigned int OBFUSCATE_KEY_NUM_BYTES;
-
    std::vector<unsigned char> CreateObfuscateKey() const;

    //! path to filesystem storage
--- a/src/node/blockstorage.cpp
+++ b/src/node/blockstorage.cpp
@@ -31,6 +31,7 @@
 #include <util/batchpriority.h>
 #include <util/check.h>
 #include <util/fs.h>
+#include <util/obfuscation.h>
 #include <util/signalinterrupt.h>
 #include <util/strencodings.h>
 #include <util/syserror.h>
@@ -1123,7 +1124,7 @@ static auto InitBlocksdirXorKey(const BlockManager::Options& opts)
 {
    // Bytes are serialized without length indicator, so this is also the exact
    // size of the XOR-key file.
-    std::array<std::byte, 8> xor_key{};
+    std::array<std::byte, Obfuscation::KEY_SIZE> xor_key{};

    // Consider this to be the first run if the blocksdir contains only hidden
    // files (those which start with a .). Checking for a fully-empty dir would
--- a/src/node/mempool_persist.cpp
+++ b/src/node/mempool_persist.cpp
@@ -16,6 +16,7 @@
 #include <uint256.h>
 #include <util/fs.h>
 #include <util/fs_helpers.h>
+#include <util/obfuscation.h>
 #include <util/signalinterrupt.h>
 #include <util/syserror.h>
 #include <util/time.h>
@@ -179,7 +180,7 @@ bool DumpMempool(const CTxMemPool& pool, const fs::path& dump_path, FopenFn mock
        const uint64_t version{pool.m_opts.persist_v1_dat ? MEMPOOL_DUMP_VERSION_NO_XOR_KEY : MEMPOOL_DUMP_VERSION};
        file << version;

-        std::vector<std::byte> xor_key(8);
+        std::vector<std::byte> xor_key(Obfuscation::KEY_SIZE);
        if (!pool.m_opts.persist_v1_dat) {
            FastRandomContext{}.fillrand(xor_key);
            file << xor_key;
--- a/src/test/fuzz/autofile.cpp
+++ b/src/test/fuzz/autofile.cpp
@@ -4,9 +4,10 @@

 #include <span.h>
 #include <streams.h>
-#include <test/fuzz/FuzzedDataProvider.h>
 #include <test/fuzz/fuzz.h>
+#include <test/fuzz/FuzzedDataProvider.h>
 #include <test/fuzz/util.h>
+#include <util/obfuscation.h>

 #include <array>
 #include <cstddef>
@@ -18,9 +19,10 @@ FUZZ_TARGET(autofile)
 {
    FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
    FuzzedFileProvider fuzzed_file_provider{fuzzed_data_provider};
+    const auto key_bytes{ConsumeFixedLengthByteVector<std::byte>(fuzzed_data_provider, Obfuscation::KEY_SIZE)};
    AutoFile auto_file{
        fuzzed_file_provider.open(),
-        ConsumeRandomLengthByteVector<std::byte>(fuzzed_data_provider),
+        key_bytes,
    };
    LIMITED_WHILE(fuzzed_data_provider.ConsumeBool(), 100)
    {
--- a/src/test/fuzz/buffered_file.cpp
+++ b/src/test/fuzz/buffered_file.cpp
@@ -4,9 +4,10 @@

 #include <span.h>
 #include <streams.h>
-#include <test/fuzz/FuzzedDataProvider.h>
 #include <test/fuzz/fuzz.h>
+#include <test/fuzz/FuzzedDataProvider.h>
 #include <test/fuzz/util.h>
+#include <util/obfuscation.h>

 #include <array>
 #include <cstddef>
@@ -20,9 +21,10 @@ FUZZ_TARGET(buffered_file)
    FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
    FuzzedFileProvider fuzzed_file_provider{fuzzed_data_provider};
    std::optional<BufferedFile> opt_buffered_file;
+    const auto key_bytes{ConsumeFixedLengthByteVector<std::byte>(fuzzed_data_provider, Obfuscation::KEY_SIZE)};
    AutoFile fuzzed_file{
        fuzzed_file_provider.open(),
-        ConsumeRandomLengthByteVector<std::byte>(fuzzed_data_provider),
+        key_bytes,
    };
    try {
        auto n_buf_size = fuzzed_data_provider.ConsumeIntegralInRange<uint64_t>(0, 4096);
--- a/src/test/streams_tests.cpp
+++ b/src/test/streams_tests.cpp
@@ -8,6 +8,7 @@
 #include <test/util/random.h>
 #include <test/util/setup_common.h>
 #include <util/fs.h>
+#include <util/obfuscation.h>
 #include <util/strencodings.h>

 #include <boost/test/unit_test.hpp>
@@ -563,7 +564,7 @@ BOOST_AUTO_TEST_CASE(buffered_reader_matches_autofile_random_content)
    const FlatFilePos pos{0, 0};

    const FlatFileSeq test_file{m_args.GetDataDirBase(), "buffered_file_test_random", node::BLOCKFILE_CHUNK_SIZE};
-    const std::vector obfuscation{m_rng.randbytes<std::byte>(8)};
+    const std::vector obfuscation{m_rng.randbytes<std::byte>(Obfuscation::KEY_SIZE)};

    // Write out the file with random content
    {
@@ -618,7 +619,7 @@ BOOST_AUTO_TEST_CASE(buffered_writer_matches_autofile_random_content)

    const FlatFileSeq test_buffered{m_args.GetDataDirBase(), "buffered_write_test", node::BLOCKFILE_CHUNK_SIZE};
    const FlatFileSeq test_direct{m_args.GetDataDirBase(), "direct_write_test", node::BLOCKFILE_CHUNK_SIZE};
-    const std::vector obfuscation{m_rng.randbytes<std::byte>(8)};
+    const std::vector obfuscation{m_rng.randbytes<std::byte>(Obfuscation::KEY_SIZE)};

    {
        DataBuffer test_data{m_rng.randbytes<std::byte>(file_size)};
--- a/src/util/obfuscation.h
+++ b/src/util/obfuscation.h
@@ -0,0 +1,16 @@
+// Copyright (c) 2025-present The Bitcoin Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef BITCOIN_UTIL_OBFUSCATION_H
+#define BITCOIN_UTIL_OBFUSCATION_H
+
+#include <cstdint>
+
+class Obfuscation
+{
+public:
+    static constexpr size_t KEY_SIZE{sizeof(uint64_t)};
+};
+
+#endif // BITCOIN_UTIL_OBFUSCATION_H