Skip to content

Commit

Permalink
add helper func to get signature without prefix, and handle signature…
Browse files Browse the repository at this point in the history 
… index errors
  • Loading branch information
@yan-soon
yan-soon committed Jul 22, 2024
1 parent eb3b33c commit 29628c8
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 10 deletions.
12 changes: 10 additions & 2 deletions oracle/reactor.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,11 @@ func (oracleR *Reactor) Receive(e p2p.Envelope) {
switch msg := e.Message.(type) {
case *oracleproto.GossipedVotes:
// get account and sign type of oracle votes
accountType, signType := utils.GetAccountSignTypeFromSignature(msg.Signature)
accountType, signType, err := utils.GetAccountSignTypeFromSignature(msg.Signature)
if err != nil {
logrus.Errorf("unable to get account and sign type from signature: %v", msg.Signature)
return
}
var pubKey crypto.PubKey

// get pubkey based on sign type
Expand Down Expand Up @@ -183,7 +187,11 @@ func (oracleR *Reactor) Receive(e p2p.Envelope) {

// verify sig of incoming gossip vote, throw if verification fails
// signature starts from index 2 onwards due to the account and sign type prefix bytes
if success := pubKey.VerifySignature(types.OracleVoteSignBytes(oracleR.ConsensusState.GetState().ChainID, msg), msg.Signature[2:]); !success {
signatureWithoutPrefix, err := utils.GetSignatureWithoutPrefix(msg.Signature)
if err != nil {
logrus.Errorf("unable to get signature without prefix, invalid signature: %v", msg.Signature)
}
if success := pubKey.VerifySignature(types.OracleVoteSignBytes(oracleR.ConsensusState.GetState().ChainID, msg), signatureWithoutPrefix); !success {
logrus.Errorf("failed signature verification for validator: %v, skipping gossip", pubKey.Address().String())
return
}
Expand Down
15 changes: 13 additions & 2 deletions oracle/service/utils/utils.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,11 @@ import (
// index 0: accountType (if votes are signed by main val or oracle delegate)
// index 1: signType (type of key used: ed25519/sr25519/secp256k1)

func GetAccountSignTypeFromSignature(signature []byte) (accountType []byte, signType []byte) {
return []byte{signature[0]}, []byte{signature[1]}
func GetAccountSignTypeFromSignature(signature []byte) (accountType []byte, signType []byte, err error) {
if len(signature) < 2 {
return nil, nil, fmt.Errorf("GetAccountSignTypeFromSignature: invalid signature: %v", signature)
}
return []byte{signature[0]}, []byte{signature[1]}, nil
}

func FormSignaturePrefix(isSubAccount bool, signType string) ([]byte, error) {
Expand All @@ -36,3 +39,11 @@ func FormSignaturePrefix(isSubAccount bool, signType string) ([]byte, error) {

return sigPrefix, nil
}

func GetSignatureWithoutPrefix(prefixedSig []byte) ([]byte, error) {
if len(prefixedSig) < 2 {
return nil, fmt.Errorf("GetSignature: invalid signature: %v", prefixedSig)
}

return prefixedSig[2:], nil
}
14 changes: 8 additions & 6 deletions privval/signer_client_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import (
"github.com/cometbft/cometbft/crypto"
"github.com/cometbft/cometbft/crypto/tmhash"
cmtrand "github.com/cometbft/cometbft/libs/rand"
oracletypes "github.com/cometbft/cometbft/oracle/service/types"
"github.com/cometbft/cometbft/oracle/service/utils"
cryptoproto "github.com/cometbft/cometbft/proto/tendermint/crypto"
oracleproto "github.com/cometbft/cometbft/proto/tendermint/oracle"
privvalproto "github.com/cometbft/cometbft/proto/tendermint/privval"
Expand Down Expand Up @@ -247,18 +247,20 @@ func TestSignerOracleVote(t *testing.T) {
}
})

sigPrefix := []byte{}
sigPrefix = append(sigPrefix, oracletypes.MainAccountSigPrefix...)
sigPrefix = append(sigPrefix, oracletypes.Ed25519SignType...)
sigPrefix, err := utils.FormSignaturePrefix(false, "ed25519")
assert.Equal(t, err, nil)

require.NoError(t, tc.mockPV.SignOracleVote(tc.chainID, want, sigPrefix))
require.NoError(t, tc.signerClient.SignOracleVote(tc.chainID, have, sigPrefix))

assert.Equal(t, want.Signature, have.Signature)

signatureWithoutPrefix, err := utils.GetSignatureWithoutPrefix(have.Signature)
assert.Equal(t, err, nil)

// test verify sig with pv and signing client signatures
require.True(t, pvPubKey.VerifySignature(types.OracleVoteSignBytes(tc.chainID, want), want.Signature[2:]))
require.True(t, scPubKey.VerifySignature(types.OracleVoteSignBytes(tc.chainID, have), have.Signature[2:]))
require.True(t, pvPubKey.VerifySignature(types.OracleVoteSignBytes(tc.chainID, want), signatureWithoutPrefix))
require.True(t, scPubKey.VerifySignature(types.OracleVoteSignBytes(tc.chainID, have), signatureWithoutPrefix))
}
}

Expand Down

0 comments on commit 29628c8

Please sign in to comment.