p2p/enr: initial implementation (#15585)

Initial implementation of ENR according to ethereum/EIPs#778

3 files changed, 768 insertions, 0 deletions

diff --git a/p2p/enr/enr.go b/p2p/enr/enr.go
new file mode 100644
index 000000000..2c3afb43e
--- /dev/null
+++ b/p2p/enr/enr.go
@@ -0,0 +1,290 @@
+// Copyright 2017 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+// Package enr implements Ethereum Node Records as defined in EIP-778. A node record holds
+// arbitrary information about a node on the peer-to-peer network.
+//
+// Records contain named keys. To store and retrieve key/values in a record, use the Entry
+// interface.
+//
+// Records must be signed before transmitting them to another node. Decoding a record verifies
+// its signature. When creating a record, set the entries you want, then call Sign to add the
+// signature. Modifying a record invalidates the signature.
+//
+// Package enr supports the "secp256k1-keccak" identity scheme.
+package enr
+
+import (
+	"bytes"
+	"crypto/ecdsa"
+	"errors"
+	"fmt"
+	"io"
+	"sort"
+
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/ethereum/go-ethereum/crypto/sha3"
+	"github.com/ethereum/go-ethereum/rlp"
+)
+
+const SizeLimit = 300 // maximum encoded size of a node record in bytes
+
+const ID_SECP256k1_KECCAK = ID("secp256k1-keccak") // the default identity scheme
+
+var (
+	errNoID           = errors.New("unknown or unspecified identity scheme")
+	errInvalidSigsize = errors.New("invalid signature size")
+	errInvalidSig     = errors.New("invalid signature")
+	errNotSorted      = errors.New("record key/value pairs are not sorted by key")
+	errDuplicateKey   = errors.New("record contains duplicate key")
+	errIncompletePair = errors.New("record contains incomplete k/v pair")
+	errTooBig         = fmt.Errorf("record bigger than %d bytes", SizeLimit)
+	errEncodeUnsigned = errors.New("can't encode unsigned record")
+	errNotFound       = errors.New("no such key in record")
+)
+
+// Record represents a node record. The zero value is an empty record.
+type Record struct {
+	seq       uint64 // sequence number
+	signature []byte // the signature
+	raw       []byte // RLP encoded record
+	pairs     []pair // sorted list of all key/value pairs
+}
+
+// pair is a key/value pair in a record.
+type pair struct {
+	k string
+	v rlp.RawValue
+}
+
+// Signed reports whether the record has a valid signature.
+func (r *Record) Signed() bool {
+	return r.signature != nil
+}
+
+// Seq returns the sequence number.
+func (r *Record) Seq() uint64 {
+	return r.seq
+}
+
+// SetSeq updates the record sequence number. This invalidates any signature on the record.
+// Calling SetSeq is usually not required because signing the redord increments the
+// sequence number.
+func (r *Record) SetSeq(s uint64) {
+	r.signature = nil
+	r.raw = nil
+	r.seq = s
+}
+
+// Load retrieves the value of a key/value pair. The given Entry must be a pointer and will
+// be set to the value of the entry in the record.
+//
+// Errors returned by Load are wrapped in KeyError. You can distinguish decoding errors
+// from missing keys using the IsNotFound function.
+func (r *Record) Load(e Entry) error {
+	i := sort.Search(len(r.pairs), func(i int) bool { return r.pairs[i].k >= e.ENRKey() })
+	if i < len(r.pairs) && r.pairs[i].k == e.ENRKey() {
+		if err := rlp.DecodeBytes(r.pairs[i].v, e); err != nil {
+			return &KeyError{Key: e.ENRKey(), Err: err}
+		}
+		return nil
+	}
+	return &KeyError{Key: e.ENRKey(), Err: errNotFound}
+}
+
+// Set adds or updates the given entry in the record.
+// It panics if the value can't be encoded.
+func (r *Record) Set(e Entry) {
+	r.signature = nil
+	r.raw = nil
+	blob, err := rlp.EncodeToBytes(e)
+	if err != nil {
+		panic(fmt.Errorf("enr: can't encode %s: %v", e.ENRKey(), err))
+	}
+
+	i := sort.Search(len(r.pairs), func(i int) bool { return r.pairs[i].k >= e.ENRKey() })
+
+	if i < len(r.pairs) && r.pairs[i].k == e.ENRKey() {
+		// element is present at r.pairs[i]
+		r.pairs[i].v = blob
+		return
+	} else if i < len(r.pairs) {
+		// insert pair before i-th elem
+		el := pair{e.ENRKey(), blob}
+		r.pairs = append(r.pairs, pair{})
+		copy(r.pairs[i+1:], r.pairs[i:])
+		r.pairs[i] = el
+		return
+	}
+
+	// element should be placed at the end of r.pairs
+	r.pairs = append(r.pairs, pair{e.ENRKey(), blob})
+}
+
+// EncodeRLP implements rlp.Encoder. Encoding fails if
+// the record is unsigned.
+func (r Record) EncodeRLP(w io.Writer) error {
+	if !r.Signed() {
+		return errEncodeUnsigned
+	}
+	_, err := w.Write(r.raw)
+	return err
+}
+
+// DecodeRLP implements rlp.Decoder. Decoding verifies the signature.
+func (r *Record) DecodeRLP(s *rlp.Stream) error {
+	raw, err := s.Raw()
+	if err != nil {
+		return err
+	}
+	if len(raw) > SizeLimit {
+		return errTooBig
+	}
+
+	// Decode the RLP container.
+	dec := Record{raw: raw}
+	s = rlp.NewStream(bytes.NewReader(raw), 0)
+	if _, err := s.List(); err != nil {
+		return err
+	}
+	if err = s.Decode(&dec.signature); err != nil {
+		return err
+	}
+	if err = s.Decode(&dec.seq); err != nil {
+		return err
+	}
+	// The rest of the record contains sorted k/v pairs.
+	var prevkey string
+	for i := 0; ; i++ {
+		var kv pair
+		if err := s.Decode(&kv.k); err != nil {
+			if err == rlp.EOL {
+				break
+			}
+			return err
+		}
+		if err := s.Decode(&kv.v); err != nil {
+			if err == rlp.EOL {
+				return errIncompletePair
+			}
+			return err
+		}
+		if i > 0 {
+			if kv.k == prevkey {
+				return errDuplicateKey
+			}
+			if kv.k < prevkey {
+				return errNotSorted
+			}
+		}
+		dec.pairs = append(dec.pairs, kv)
+		prevkey = kv.k
+	}
+	if err := s.ListEnd(); err != nil {
+		return err
+	}
+
+	// Verify signature.
+	if err = dec.verifySignature(); err != nil {
+		return err
+	}
+	*r = dec
+	return nil
+}
+
+type s256raw []byte
+
+func (s256raw) ENRKey() string { return "secp256k1" }
+
+// NodeAddr returns the node address. The return value will be nil if the record is
+// unsigned.
+func (r *Record) NodeAddr() []byte {
+	var entry s256raw
+	if r.Load(&entry) != nil {
+		return nil
+	}
+	return crypto.Keccak256(entry)
+}
+
+// Sign signs the record with the given private key. It updates the record's identity
+// scheme, public key and increments the sequence number. Sign returns an error if the
+// encoded record is larger than the size limit.
+func (r *Record) Sign(privkey *ecdsa.PrivateKey) error {
+	r.seq = r.seq + 1
+	r.Set(ID_SECP256k1_KECCAK)
+	r.Set(Secp256k1(privkey.PublicKey))
+	return r.signAndEncode(privkey)
+}
+
+func (r *Record) appendPairs(list []interface{}) []interface{} {
+	list = append(list, r.seq)
+	for _, p := range r.pairs {
+		list = append(list, p.k, p.v)
+	}
+	return list
+}
+
+func (r *Record) signAndEncode(privkey *ecdsa.PrivateKey) error {
+	// Put record elements into a flat list. Leave room for the signature.
+	list := make([]interface{}, 1, len(r.pairs)*2+2)
+	list = r.appendPairs(list)
+
+	// Sign the tail of the list.
+	h := sha3.NewKeccak256()
+	rlp.Encode(h, list[1:])
+	sig, err := crypto.Sign(h.Sum(nil), privkey)
+	if err != nil {
+		return err
+	}
+	sig = sig[:len(sig)-1] // remove v
+
+	// Put signature in front.
+	r.signature, list[0] = sig, sig
+	r.raw, err = rlp.EncodeToBytes(list)
+	if err != nil {
+		return err
+	}
+	if len(r.raw) > SizeLimit {
+		return errTooBig
+	}
+	return nil
+}
+
+func (r *Record) verifySignature() error {
+	// Get identity scheme, public key, signature.
+	var id ID
+	var entry s256raw
+	if err := r.Load(&id); err != nil {
+		return err
+	} else if id != ID_SECP256k1_KECCAK {
+		return errNoID
+	}
+	if err := r.Load(&entry); err != nil {
+		return err
+	} else if len(entry) != 33 {
+		return fmt.Errorf("invalid public key")
+	}
+
+	// Verify the signature.
+	list := make([]interface{}, 0, len(r.pairs)*2+1)
+	list = r.appendPairs(list)
+	h := sha3.NewKeccak256()
+	rlp.Encode(h, list)
+	if !crypto.VerifySignature(entry, h.Sum(nil), r.signature) {
+		return errInvalidSig
+	}
+	return nil
+}
diff --git a/p2p/enr/enr_test.go b/p2p/enr/enr_test.go
new file mode 100644
index 000000000..ce7767d10
--- /dev/null
+++ b/p2p/enr/enr_test.go
@@ -0,0 +1,318 @@
+// Copyright 2017 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package enr
+
+import (
+	"bytes"
+	"encoding/hex"
+	"fmt"
+	"math/rand"
+	"testing"
+	"time"
+
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/ethereum/go-ethereum/rlp"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+)
+
+var (
+	privkey, _ = crypto.HexToECDSA("b71c71a67e1177ad4e901695e1b4b9ee17ae16c6668d313eac2f96dbcda3f291")
+	pubkey     = &privkey.PublicKey
+)
+
+var rnd = rand.New(rand.NewSource(time.Now().UnixNano()))
+
+func randomString(strlen int) string {
+	b := make([]byte, strlen)
+	rnd.Read(b)
+	return string(b)
+}
+
+// TestGetSetID tests encoding/decoding and setting/getting of the ID key.
+func TestGetSetID(t *testing.T) {
+	id := ID("someid")
+	var r Record
+	r.Set(id)
+
+	var id2 ID
+	require.NoError(t, r.Load(&id2))
+	assert.Equal(t, id, id2)
+}
+
+// TestGetSetIP4 tests encoding/decoding and setting/getting of the IP4 key.
+func TestGetSetIP4(t *testing.T) {
+	ip := IP4{192, 168, 0, 3}
+	var r Record
+	r.Set(ip)
+
+	var ip2 IP4
+	require.NoError(t, r.Load(&ip2))
+	assert.Equal(t, ip, ip2)
+}
+
+// TestGetSetIP6 tests encoding/decoding and setting/getting of the IP6 key.
+func TestGetSetIP6(t *testing.T) {
+	ip := IP6{0x20, 0x01, 0x48, 0x60, 0, 0, 0x20, 0x01, 0, 0, 0, 0, 0, 0, 0x00, 0x68}
+	var r Record
+	r.Set(ip)
+
+	var ip2 IP6
+	require.NoError(t, r.Load(&ip2))
+	assert.Equal(t, ip, ip2)
+}
+
+// TestGetSetDiscPort tests encoding/decoding and setting/getting of the DiscPort key.
+func TestGetSetDiscPort(t *testing.T) {
+	port := DiscPort(30309)
+	var r Record
+	r.Set(port)
+
+	var port2 DiscPort
+	require.NoError(t, r.Load(&port2))
+	assert.Equal(t, port, port2)
+}
+
+// TestGetSetSecp256k1 tests encoding/decoding and setting/getting of the Secp256k1 key.
+func TestGetSetSecp256k1(t *testing.T) {
+	var r Record
+	if err := r.Sign(privkey); err != nil {
+		t.Fatal(err)
+	}
+
+	var pk Secp256k1
+	require.NoError(t, r.Load(&pk))
+	assert.EqualValues(t, pubkey, &pk)
+}
+
+func TestLoadErrors(t *testing.T) {
+	var r Record
+	ip4 := IP4{127, 0, 0, 1}
+	r.Set(ip4)
+
+	// Check error for missing keys.
+	var ip6 IP6
+	err := r.Load(&ip6)
+	if !IsNotFound(err) {
+		t.Error("IsNotFound should return true for missing key")
+	}
+	assert.Equal(t, &KeyError{Key: ip6.ENRKey(), Err: errNotFound}, err)
+
+	// Check error for invalid keys.
+	var list []uint
+	err = r.Load(WithEntry(ip4.ENRKey(), &list))
+	kerr, ok := err.(*KeyError)
+	if !ok {
+		t.Fatalf("expected KeyError, got %T", err)
+	}
+	assert.Equal(t, kerr.Key, ip4.ENRKey())
+	assert.Error(t, kerr.Err)
+	if IsNotFound(err) {
+		t.Error("IsNotFound should return false for decoding errors")
+	}
+}
+
+// TestSortedGetAndSet tests that Set produced a sorted pairs slice.
+func TestSortedGetAndSet(t *testing.T) {
+	type pair struct {
+		k string
+		v uint32
+	}
+
+	for _, tt := range []struct {
+		input []pair
+		want  []pair
+	}{
+		{
+			input: []pair{{"a", 1}, {"c", 2}, {"b", 3}},
+			want:  []pair{{"a", 1}, {"b", 3}, {"c", 2}},
+		},
+		{
+			input: []pair{{"a", 1}, {"c", 2}, {"b", 3}, {"d", 4}, {"a", 5}, {"bb", 6}},
+			want:  []pair{{"a", 5}, {"b", 3}, {"bb", 6}, {"c", 2}, {"d", 4}},
+		},
+		{
+			input: []pair{{"c", 2}, {"b", 3}, {"d", 4}, {"a", 5}, {"bb", 6}},
+			want:  []pair{{"a", 5}, {"b", 3}, {"bb", 6}, {"c", 2}, {"d", 4}},
+		},
+	} {
+		var r Record
+		for _, i := range tt.input {
+			r.Set(WithEntry(i.k, &i.v))
+		}
+		for i, w := range tt.want {
+			// set got's key from r.pair[i], so that we preserve order of pairs
+			got := pair{k: r.pairs[i].k}
+			assert.NoError(t, r.Load(WithEntry(w.k, &got.v)))
+			assert.Equal(t, w, got)
+		}
+	}
+}
+
+// TestDirty tests record signature removal on setting of new key/value pair in record.
+func TestDirty(t *testing.T) {
+	var r Record
+
+	if r.Signed() {
+		t.Error("Signed returned true for zero record")
+	}
+	if _, err := rlp.EncodeToBytes(r); err != errEncodeUnsigned {
+		t.Errorf("expected errEncodeUnsigned, got %#v", err)
+	}
+
+	require.NoError(t, r.Sign(privkey))
+	if !r.Signed() {
+		t.Error("Signed return false for signed record")
+	}
+	_, err := rlp.EncodeToBytes(r)
+	assert.NoError(t, err)
+
+	r.SetSeq(3)
+	if r.Signed() {
+		t.Error("Signed returned true for modified record")
+	}
+	if _, err := rlp.EncodeToBytes(r); err != errEncodeUnsigned {
+		t.Errorf("expected errEncodeUnsigned, got %#v", err)
+	}
+}
+
+// TestGetSetOverwrite tests value overwrite when setting a new value with an existing key in record.
+func TestGetSetOverwrite(t *testing.T) {
+	var r Record
+
+	ip := IP4{192, 168, 0, 3}
+	r.Set(ip)
+
+	ip2 := IP4{192, 168, 0, 4}
+	r.Set(ip2)
+
+	var ip3 IP4
+	require.NoError(t, r.Load(&ip3))
+	assert.Equal(t, ip2, ip3)
+}
+
+// TestSignEncodeAndDecode tests signing, RLP encoding and RLP decoding of a record.
+func TestSignEncodeAndDecode(t *testing.T) {
+	var r Record
+	r.Set(DiscPort(30303))
+	r.Set(IP4{127, 0, 0, 1})
+	require.NoError(t, r.Sign(privkey))
+
+	blob, err := rlp.EncodeToBytes(r)
+	require.NoError(t, err)
+
+	var r2 Record
+	require.NoError(t, rlp.DecodeBytes(blob, &r2))
+	assert.Equal(t, r, r2)
+
+	blob2, err := rlp.EncodeToBytes(r2)
+	require.NoError(t, err)
+	assert.Equal(t, blob, blob2)
+}
+
+func TestNodeAddr(t *testing.T) {
+	var r Record
+	if addr := r.NodeAddr(); addr != nil {
+		t.Errorf("wrong address on empty record: got %v, want %v", addr, nil)
+	}
+
+	require.NoError(t, r.Sign(privkey))
+	expected := "caaa1485d83b18b32ed9ad666026151bf0cae8a0a88c857ae2d4c5be2daa6726"
+	assert.Equal(t, expected, hex.EncodeToString(r.NodeAddr()))
+}
+
+var pyRecord, _ = hex.DecodeString("f896b840954dc36583c1f4b69ab59b1375f362f06ee99f3723cd77e64b6de6d211c27d7870642a79d4516997f94091325d2a7ca6215376971455fb221d34f35b277149a1018664697363763582765f82696490736563703235366b312d6b656363616b83697034847f00000189736563703235366b31a103ca634cae0d49acb401d8a4c6b6fe8c55b70d115bf400769cc1400f3258cd3138")
+
+// TestPythonInterop checks that we can decode and verify a record produced by the Python
+// implementation.
+func TestPythonInterop(t *testing.T) {
+	var r Record
+	if err := rlp.DecodeBytes(pyRecord, &r); err != nil {
+		t.Fatalf("can't decode: %v", err)
+	}
+
+	var (
+		wantAddr, _  = hex.DecodeString("caaa1485d83b18b32ed9ad666026151bf0cae8a0a88c857ae2d4c5be2daa6726")
+		wantSeq      = uint64(1)
+		wantIP       = IP4{127, 0, 0, 1}
+		wantDiscport = DiscPort(30303)
+	)
+	if r.Seq() != wantSeq {
+		t.Errorf("wrong seq: got %d, want %d", r.Seq(), wantSeq)
+	}
+	if addr := r.NodeAddr(); !bytes.Equal(addr, wantAddr) {
+		t.Errorf("wrong addr: got %x, want %x", addr, wantAddr)
+	}
+	want := map[Entry]interface{}{new(IP4): &wantIP, new(DiscPort): &wantDiscport}
+	for k, v := range want {
+		desc := fmt.Sprintf("loading key %q", k.ENRKey())
+		if assert.NoError(t, r.Load(k), desc) {
+			assert.Equal(t, k, v, desc)
+		}
+	}
+}
+
+// TestRecordTooBig tests that records bigger than SizeLimit bytes cannot be signed.
+func TestRecordTooBig(t *testing.T) {
+	var r Record
+	key := randomString(10)
+
+	// set a big value for random key, expect error
+	r.Set(WithEntry(key, randomString(300)))
+	if err := r.Sign(privkey); err != errTooBig {
+		t.Fatalf("expected to get errTooBig, got %#v", err)
+	}
+
+	// set an acceptable value for random key, expect no error
+	r.Set(WithEntry(key, randomString(100)))
+	require.NoError(t, r.Sign(privkey))
+}
+
+// TestSignEncodeAndDecodeRandom tests encoding/decoding of records containing random key/value pairs.
+func TestSignEncodeAndDecodeRandom(t *testing.T) {
+	var r Record
+
+	// random key/value pairs for testing
+	pairs := map[string]uint32{}
+	for i := 0; i < 10; i++ {
+		key := randomString(7)
+		value := rnd.Uint32()
+		pairs[key] = value
+		r.Set(WithEntry(key, &value))
+	}
+
+	require.NoError(t, r.Sign(privkey))
+	_, err := rlp.EncodeToBytes(r)
+	require.NoError(t, err)
+
+	for k, v := range pairs {
+		desc := fmt.Sprintf("key %q", k)
+		var got uint32
+		buf := WithEntry(k, &got)
+		require.NoError(t, r.Load(buf), desc)
+		require.Equal(t, v, got, desc)
+	}
+}
+
+func BenchmarkDecode(b *testing.B) {
+	var r Record
+	for i := 0; i < b.N; i++ {
+		rlp.DecodeBytes(pyRecord, &r)
+	}
+	b.StopTimer()
+	r.NodeAddr()
+}
diff --git a/p2p/enr/entries.go b/p2p/enr/entries.go
new file mode 100644
index 000000000..7591e6eff
--- /dev/null
+++ b/p2p/enr/entries.go
@@ -0,0 +1,160 @@
+// Copyright 2017 The go-ethereum Authors
+// This file is part of the go-ethereum library.
+//
+// The go-ethereum library is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Lesser General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// The go-ethereum library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU Lesser General Public License for more details.
+//
+// You should have received a copy of the GNU Lesser General Public License
+// along with the go-ethereum library. If not, see <http://www.gnu.org/licenses/>.
+
+package enr
+
+import (
+	"crypto/ecdsa"
+	"fmt"
+	"io"
+	"net"
+
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/ethereum/go-ethereum/rlp"
+)
+
+// Entry is implemented by known node record entry types.
+//
+// To define a new entry that is to be included in a node record,
+// create a Go type that satisfies this interface. The type should
+// also implement rlp.Decoder if additional checks are needed on the value.
+type Entry interface {
+	ENRKey() string
+}
+
+type generic struct {
+	key   string
+	value interface{}
+}
+
+func (g generic) ENRKey() string { return g.key }
+
+func (g generic) EncodeRLP(w io.Writer) error {
+	return rlp.Encode(w, g.value)
+}
+
+func (g *generic) DecodeRLP(s *rlp.Stream) error {
+	return s.Decode(g.value)
+}
+
+// WithEntry wraps any value with a key name. It can be used to set and load arbitrary values
+// in a record. The value v must be supported by rlp. To use WithEntry with Load, the value
+// must be a pointer.
+func WithEntry(k string, v interface{}) Entry {
+	return &generic{key: k, value: v}
+}
+
+// DiscPort is the "discv5" key, which holds the UDP port for discovery v5.
+type DiscPort uint16
+
+func (v DiscPort) ENRKey() string { return "discv5" }
+
+// ID is the "id" key, which holds the name of the identity scheme.
+type ID string
+
+func (v ID) ENRKey() string { return "id" }
+
+// IP4 is the "ip4" key, which holds a 4-byte IPv4 address.
+type IP4 net.IP
+
+func (v IP4) ENRKey() string { return "ip4" }
+
+// EncodeRLP implements rlp.Encoder.
+func (v IP4) EncodeRLP(w io.Writer) error {
+	ip4 := net.IP(v).To4()
+	if ip4 == nil {
+		return fmt.Errorf("invalid IPv4 address: %v", v)
+	}
+	return rlp.Encode(w, ip4)
+}
+
+// DecodeRLP implements rlp.Decoder.
+func (v *IP4) DecodeRLP(s *rlp.Stream) error {
+	if err := s.Decode((*net.IP)(v)); err != nil {
+		return err
+	}
+	if len(*v) != 4 {
+		return fmt.Errorf("invalid IPv4 address, want 4 bytes: %v", *v)
+	}
+	return nil
+}
+
+// IP6 is the "ip6" key, which holds a 16-byte IPv6 address.
+type IP6 net.IP
+
+func (v IP6) ENRKey() string { return "ip6" }
+
+// EncodeRLP implements rlp.Encoder.
+func (v IP6) EncodeRLP(w io.Writer) error {
+	ip6 := net.IP(v)
+	return rlp.Encode(w, ip6)
+}
+
+// DecodeRLP implements rlp.Decoder.
+func (v *IP6) DecodeRLP(s *rlp.Stream) error {
+	if err := s.Decode((*net.IP)(v)); err != nil {
+		return err
+	}
+	if len(*v) != 16 {
+		return fmt.Errorf("invalid IPv6 address, want 16 bytes: %v", *v)
+	}
+	return nil
+}
+
+// Secp256k1 is the "secp256k1" key, which holds a public key.
+type Secp256k1 ecdsa.PublicKey
+
+func (v Secp256k1) ENRKey() string { return "secp256k1" }
+
+// EncodeRLP implements rlp.Encoder.
+func (v Secp256k1) EncodeRLP(w io.Writer) error {
+	return rlp.Encode(w, crypto.CompressPubkey((*ecdsa.PublicKey)(&v)))
+}
+
+// DecodeRLP implements rlp.Decoder.
+func (v *Secp256k1) DecodeRLP(s *rlp.Stream) error {
+	buf, err := s.Bytes()
+	if err != nil {
+		return err
+	}
+	pk, err := crypto.DecompressPubkey(buf)
+	if err != nil {
+		return err
+	}
+	*v = (Secp256k1)(*pk)
+	return nil
+}
+
+// KeyError is an error related to a key.
+type KeyError struct {
+	Key string
+	Err error
+}
+
+// Error implements error.
+func (err *KeyError) Error() string {
+	if err.Err == errNotFound {
+		return fmt.Sprintf("missing ENR key %q", err.Key)
+	}
+	return fmt.Sprintf("ENR key %q: %v", err.Key, err.Err)
+}
+
+// IsNotFound reports whether the given error means that a key/value pair is
+// missing from a record.
+func IsNotFound(err error) bool {
+	kerr, ok := err.(*KeyError)
+	return ok && kerr.Err == errNotFound
+}