Broken serialization - prevents external signers from functioning.

[sidohin-felix]

The following bug has been discovered. Assume you have the following JSON deploy:

{ "hash": "a7d409994f9fea1bfe36029d5a455e6eb92cdbeb4340801e1f2a560f0470176e", "header": { "account": "0203e8b33ceddf7c2a4119da8b74e0ca99e0737681a9fa1b531d76ad13c6f3f5d7d8", "dependencies": [], "ttl": "30m", "body_hash": "1043966bcad0465785f5f582a0c4d2fac69ee3f0f760bed40c7d2ec94f681852", "chain_name": "casper", "gas_price": 1, "timestamp": "2023-09-18T13:18:45.464Z" }, "approvals": null, "payment": { "ModuleBytes": { "args": [ ["amount", { "bytes": "0400e1f505", "cl_type": "U512" }] ], "module_bytes": "" } }, "session": { "Transfer": { "args": [ ["amount", { "bytes": "0500e40b5402", "cl_type": "U512" }], ["target", { "bytes": "0203b74e9089e9ca3d4b2fdf4fc42b8e5325393fc0b4c04d88d15901615757ff1bd3", "cl_type": "PublicKey" }] ] } } }

If one decodes it with CasperObjectMapper - it does deserialize into a valid deploy object.

However assume that it was created from the following body:

`PublicKey toPublicKey = PublicKey.fromTaggedHexString("0203b74e9089e9ca3d4b2fdf4fc42b8e5325393fc0b4c04d88d15901615757ff1bd3");
PublicKey fromPublicKey = PublicKey.fromTaggedHexString("0203e8b33ceddf7c2a4119da8b74e0ca99e0737681a9fa1b531d76ad13c6f3f5d7d8");
List<NamedArg<?>> transferArguments = new LinkedList<>(){{
add(new NamedArg("amount", new CLValueU512(new BigInteger("10000000000"))));
add(new NamedArg("target",new CLValuePublicKey(toPublicKey)));
}};

    Transfer session = Transfer.builder().args(transferArguments).build();

    List<NamedArg<?>> paymentArguments = new LinkedList<>(){{
        add(new NamedArg<CLTypeU512>("amount",new CLValueU512(new BigInteger("100000000"))));
    }};

    ModuleBytes payment = ModuleBytes.builder().args(paymentArguments).bytes(new byte[]{}).build();`

When trying to get the Blake2 hash from these two java objects using the method:

SerializerBuffer ser = new SerializerBuffer(); payment.serialize(ser, Target.BYTE); session.serialize(ser, Target.BYTE); byte[] resOriginal = ser.toByteArray(); String bodyHash = Hex.toHexString(Blake2b.digest(ser.toByteArray(), 32));

and repeating the same for the ones in the deploy object parsed from the JSON-string, the hashes are different - however they should be the same! This prevents external signers from working correctly.

By further resting things, it turns out specifically the session.serialize() generates different results. The payment object is serialized and deserialized correctly.

[sidohin-felix]

Found the error in the serialization when ECDSA keys are used:

file: com/casper/sdk/model/clvalue/CLValuePublicKey.java:71
The hardcoded constant 33 needs to be set to 34 (because ECDSA compressed keys are 33 bytes long + 1 byte odd/even indicator). In the case of EDDSA we may need to patch this further.

[sidohin-felix]

Please see #220, this fixes all the defects that were found.