From e4eb4460c6a6aceb6fc46612726f7b64737c9c39 Mon Sep 17 00:00:00 2001 From: Bob Liu Date: Wed, 16 Oct 2024 11:52:48 +0800 Subject: [PATCH 1/2] fix: fix signature verify --- Cargo.lock | 2 ++ crates/common/src/api/constraints_api.rs | 10 +++--- crates/utils/Cargo.toml | 6 +++- crates/utils/src/signing.rs | 45 ++++++++++++++++++++++-- 4 files changed, 54 insertions(+), 9 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 24572389..5ded32cd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2607,6 +2607,8 @@ version = "0.0.1" dependencies = [ "axum 0.7.7", "ethereum-consensus 0.1.1 (git+https://github.com/ralexstokes/ethereum-consensus?rev=cf3c404043230559660810bc0c9d6d5a8498d819)", + "helix-common", + "hex", "http 1.1.0", "reqwest", "reth-primitives 1.0.7", diff --git a/crates/common/src/api/constraints_api.rs b/crates/common/src/api/constraints_api.rs index df7b585a..53a6a416 100644 --- a/crates/common/src/api/constraints_api.rs +++ b/crates/common/src/api/constraints_api.rs @@ -44,13 +44,13 @@ impl SignedPreconferElection { #[derive(Debug, Default, Clone, SimpleSerialize, serde::Serialize, serde::Deserialize)] pub struct PreconferElection { /// Public key of the preconfer proposing for `slot`. - preconfer_pubkey: BlsPublicKey, + pub preconfer_pubkey: BlsPublicKey, /// Slot this delegation is valid for. - slot_number: u64, + pub slot_number: u64, /// Chain ID of the chain this election is for. - chain_id: u64, - // The gas limit specified by the proposer that the preconfer must adhere to. - gas_limit: u64, + pub chain_id: u64, + /// The gas limit specified by the proposer that the preconfer must adhere to. + pub gas_limit: u64, } impl PreconferElection { diff --git a/crates/utils/Cargo.toml b/crates/utils/Cargo.toml index 172a410b..4e3f0f3b 100644 --- a/crates/utils/Cargo.toml +++ b/crates/utils/Cargo.toml @@ -18,4 +18,8 @@ reth-primitives.workspace = true # Networking http.workspace = true reqwest.workspace = true -axum.workspace = true \ No newline at end of file +axum.workspace = true + +[dev-dependencies] +helix-common = { workspace = true } +hex = { workspace = true } diff --git a/crates/utils/src/signing.rs b/crates/utils/src/signing.rs index fe2c0410..12427319 100644 --- a/crates/utils/src/signing.rs +++ b/crates/utils/src/signing.rs @@ -46,12 +46,13 @@ pub fn verify_signed_commit_boost_message( message: &mut T, signature: &BlsSignature, public_key: &BlsPublicKey, - slot_hint: Option, + _slot_hint: Option, root_hint: Option, context: &Context, ) -> Result<(), Error> { - let fork_version = slot_hint.map(|slot| context.fork_version_for(context.fork_for(slot))); - let domain = compute_commit_boost_domain(fork_version, root_hint, context)?; + // let fork_version = slot_hint.map(|slot| context.fork_version_for(context.fork_for(slot))); + let fork_version = context.genesis_fork_version; + let domain = compute_commit_boost_domain(Some(fork_version), root_hint, context)?; verify_signed_data(message, signature, public_key, domain)?; Ok(()) } @@ -103,3 +104,41 @@ pub fn compute_custom_domain( domain[4..].copy_from_slice(&fork_data_root[..28]); Ok(domain) } + +#[cfg(test)] +mod tests { + use helix_common::api::constraints_api::PreconferElection; + + use super::*; + // DENEB_FORK_VERSION: 0x50132736 + // GENESIS_FORK_VERSION: 0x10000000 + // domain mask: [109, 109, 111, 67] + // signing domain: [109, 109, 111, 67, 148, 196, 26, 244, 132, 255, 247, 150, 73, 105, 224, 189, 217, 34, 248, 45, 255, 15, 75, 232, 122, 96, 208, + // 102, 76, 201, 209, 255] + const PRECONFER_PUBKEY: &str = "0xa7c828460fc5c8d24c60f9f30c8836659b60a610fe8b87b26a71e9b765a9d0cae16b1a963f65b3b7abe264cda187c113"; + const SLOT_NUMBER: u64 = 836343; + const CHAIN_ID: u64 = 7014190335; + const GAS_LIMIT: u64 = 0; + const DOMAIN: [u8; 32] = [ + 109, 109, 111, 67, 148, 196, 26, 244, 132, 255, 247, 150, 73, 105, 224, 189, 217, 34, 248, 45, 255, 15, 75, 232, 122, 96, 208, 102, 76, 201, + 209, 255, + ]; + const SIGNATURE: &str = "0xa40574565c4c6e0fa79595f62e459b515c8dece2bf9f55e8bc26fd4a7052d1983a3f665112e1a7ccf70aba84d19bf1f21355f5c7bb784f51d3600469aebf9010ee8292e2dd9224410dd437102283dc90e681ba5799ab8eed07283bbb9ac1193e"; + const VALIDATOR_PUBKEY: &str = "0xb07a8c8c3b4d265a909ceaed1e9c25e0799c5c65c9639c3edd81f9421982aa25088f0fe9453ec36ddf1ba6d024bef004"; + #[test] + fn test_verify_cb_signature() { + // use the following inputs: + let message = PreconferElection { + preconfer_pubkey: BlsPublicKey::try_from(hex::decode(PRECONFER_PUBKEY.trim_start_matches("0x")).unwrap().as_slice()).unwrap(), + slot_number: SLOT_NUMBER, + chain_id: CHAIN_ID, + gas_limit: GAS_LIMIT, + }; + let signature = BlsSignature::try_from(hex::decode(SIGNATURE.trim_start_matches("0x")).unwrap().as_slice()).unwrap(); + let public_key = BlsPublicKey::try_from(hex::decode(VALIDATOR_PUBKEY.trim_start_matches("0x")).unwrap().as_slice()).unwrap(); + let domain: Domain = DOMAIN; + let result = verify_signed_data(&message, &signature, &BlsPublicKey::from(public_key), domain); + // assert the result + assert!(result.is_ok()); + } +} From 2a32c22515db6128cffae326d0a10e876f080ecb Mon Sep 17 00:00:00 2001 From: Bob Liu Date: Thu, 17 Oct 2024 10:22:37 +0800 Subject: [PATCH 2/2] chore: remove slot param --- crates/api/src/proposer/api.rs | 1 - crates/utils/src/signing.rs | 2 -- 2 files changed, 3 deletions(-) diff --git a/crates/api/src/proposer/api.rs b/crates/api/src/proposer/api.rs index dcbe6617..e8aeebb3 100644 --- a/crates/api/src/proposer/api.rs +++ b/crates/api/src/proposer/api.rs @@ -904,7 +904,6 @@ where &mut election_req.message, &election_req.signature, &proposer_pub_key, - Some(head_slot), Some(self.chain_info.genesis_validators_root), &self.chain_info.context, ) { diff --git a/crates/utils/src/signing.rs b/crates/utils/src/signing.rs index 12427319..d4bc2ffa 100644 --- a/crates/utils/src/signing.rs +++ b/crates/utils/src/signing.rs @@ -46,11 +46,9 @@ pub fn verify_signed_commit_boost_message( message: &mut T, signature: &BlsSignature, public_key: &BlsPublicKey, - _slot_hint: Option, root_hint: Option, context: &Context, ) -> Result<(), Error> { - // let fork_version = slot_hint.map(|slot| context.fork_version_for(context.fork_for(slot))); let fork_version = context.genesis_fork_version; let domain = compute_commit_boost_domain(Some(fork_version), root_hint, context)?; verify_signed_data(message, signature, public_key, domain)?;