Pass signature and signable to Verify

AccumulateNetwork · Jul 9, 2024 · 6186aa3 · 6186aa3
1 parent ba68bda
commit 6186aa3
Show file tree

Hide file tree

Showing 16 changed files with 215 additions and 180 deletions.
diff --git a/cmd/accumulated/cmd_init.go b/cmd/accumulated/cmd_init.go
@@ -267,8 +267,7 @@ func initNodeFromSeedProxy(cmd *cobra.Command, args []string) (int, *cfg.Config,
 		return 0, nil, nil, fmt.Errorf("invalid seed list, %v", err)
 	}
 
-	txHash := sha256.Sum256(b)
-	if !resp.Signature.Verify(nil, txHash[:], nil) {
+	if !resp.Signature.Verify(nil, protocol.SignableHash(sha256.Sum256(b))) {
 		return 0, nil, nil, fmt.Errorf("invalid signature from proxy")
 	}
 
@@ -358,8 +357,7 @@ func initNodeFromSeedProxy(cmd *cobra.Command, args []string) (int, *cfg.Config,
 		return 0, nil, nil, err
 	}
 
-	h := sha256.Sum256(d)
-	if !nc.Signature.Verify(nil, h[:], nil) {
+	if !nc.Signature.Verify(nil, protocol.SignableHash(sha256.Sum256(d))) {
 		return 0, nil, nil, fmt.Errorf("cannot verify network configuration from proxy")
 	}
 	_, _, found = kp.EntryByKeyHash(nc.Signature.GetPublicKeyHash())

diff --git a/internal/bsn/msg_anchor.go b/internal/bsn/msg_anchor.go
@@ -56,8 +56,7 @@ func (x BlockAnchor) check(batch *ChangeSet, ctx *MessageContext) (*messaging.Bl
 		return nil, nil, errors.BadRequest.WithFormat("invalid anchor: expected %v, got %v", messaging.MessageTypeBlockSummary, ctx.message.Type())
 	}
 
-	h := msg.Anchor.Hash()
-	if !msg.Signature.Verify(nil, h[:], nil) {
+	if !msg.Signature.Verify(nil, msg.Anchor) {
 		return nil, nil, errors.Unauthenticated.WithFormat("invalid signature")
 	}
 

diff --git a/internal/core/execute/v1/block/signature.go b/internal/core/execute/v1/block/signature.go
@@ -102,7 +102,7 @@ func (x *Executor) processSignature(batch *database.Batch, delivery *chain.Deliv
 		if err != nil {
 			return nil, errors.UnknownError.WithFormat("process delegated signature: %w", err)
 		}
-		if !md.Nested() && !signature.Verify(signature.Metadata().Hash(), delivery.Transaction.GetHash(), delivery.Transaction) {
+		if !md.Nested() && !signature.Verify(nil, delivery.Transaction) {
 			return nil, errors.BadRequest.WithFormat("invalid signature")
 		}
 
@@ -137,7 +137,7 @@ func (x *Executor) processSignature(batch *database.Batch, delivery *chain.Deliv
 			}
 
 			// Basic validation
-			if !md.Nested() && !signature.Verify(nil, delivery.Transaction.GetHash(), delivery.Transaction) {
+			if !md.Nested() && !signature.Verify(nil, delivery.Transaction) {
 				return nil, errors.BadRequest.WithFormat("invalid signature")
 			}
 
@@ -153,7 +153,7 @@ func (x *Executor) processSignature(batch *database.Batch, delivery *chain.Deliv
 			}
 
 			// Basic validation
-			if !md.Nested() && !signature.Verify(nil, delivery.Transaction.GetHash(), delivery.Transaction) {
+			if !md.Nested() && !signature.Verify(nil, delivery.Transaction) {
 				return nil, errors.BadRequest.WithFormat("invalid signature")
 			}
 		}

diff --git a/internal/core/execute/v1/block/validate.go b/internal/core/execute/v1/block/validate.go
@@ -239,7 +239,7 @@ func (x *Executor) validateSignature(batch *database.Batch, delivery *chain.Deli
 		if err != nil {
 			return nil, errors.UnknownError.WithFormat("validate delegated signature: %w", err)
 		}
-		if !md.Nested() && !signature.Verify(signature.Metadata().Hash(), delivery.Transaction.GetHash(), delivery.Transaction) {
+		if !md.Nested() && !signature.Verify(nil, delivery.Transaction) {
 			return nil, errors.BadRequest.WithFormat("invalid signature")
 		}
 		if !signature.Delegator.LocalTo(md.Location) {
@@ -273,7 +273,7 @@ func (x *Executor) validateSignature(batch *database.Batch, delivery *chain.Deli
 		}
 
 		// Basic validation
-		if !md.Nested() && !signature.Verify(nil, delivery.Transaction.GetHash(), delivery.Transaction) {
+		if !md.Nested() && !signature.Verify(nil, delivery.Transaction) {
 			return nil, errors.BadRequest.With("invalid")
 		}
 

diff --git a/internal/core/execute/v2/block/msg_block_anchor.go b/internal/core/execute/v2/block/msg_block_anchor.go
@@ -204,7 +204,7 @@ func (x BlockAnchor) checkSignature(ctx *blockAnchorContext) error {
 	txn := &messaging.TransactionMessage{Transaction: ctx.transaction}
 	seq := *ctx.sequenced
 	seq.Message = txn
-	if hash := seq.Hash(); ctx.blockAnchor.Signature.Verify(nil, hash[:], nil) {
+	if ctx.blockAnchor.Signature.Verify(nil, &seq) {
 		return nil
 	}
 
@@ -217,7 +217,7 @@ func (x BlockAnchor) checkSignature(ctx *blockAnchorContext) error {
 		seq.Destination = protocol.DnUrl()
 		txn.Transaction = txn.Transaction.Copy()
 		txn.Transaction.Header.Principal = protocol.DnUrl().JoinPath(ctx.transaction.Header.Principal.Path)
-		if hash := seq.Hash(); ctx.blockAnchor.Signature.Verify(nil, hash[:], nil) {
+		if ctx.blockAnchor.Signature.Verify(nil, &seq) {
 			return nil
 		}
 	}

diff --git a/internal/core/execute/v2/block/msg_synthetic.go b/internal/core/execute/v2/block/msg_synthetic.go
@@ -87,7 +87,7 @@ func (SyntheticMessage) check(batch *database.Batch, ctx *MessageContext) (*mess
 
 	// Verify the signature
 	h := syn.Message.Hash()
-	if !syn.Signature.Verify(nil, h[:], nil) {
+	if !syn.Signature.Verify(nil, syn.Message) {
 		return nil, errors.BadRequest.With("invalid signature")
 	}
 

diff --git a/internal/core/execute/v2/block/sig_user.go b/internal/core/execute/v2/block/sig_user.go
@@ -33,22 +33,11 @@ func init() {
 		protocol.SignatureTypeETH,
 	)
 
-	// Vandenberg: RSA and ECDSA signatures
+	// Vandenberg: RSA, ECDSA, and EIP-712 signatures
 	registerConditionalExec[UserSignature](&signatureExecutors,
 		func(ctx *SignatureContext) bool { return ctx.GetActiveGlobals().ExecutorVersion.V2VandenbergEnabled() },
 		protocol.SignatureTypeRsaSha256,
 		protocol.SignatureTypeEcdsaSha256,
-	)
-
-	// PKI signatures (enabled with Vandenberg)
-	registerConditionalExec[UserSignature](&signatureExecutors,
-		func(ctx *SignatureContext) bool { return ctx.GetActiveGlobals().ExecutorVersion.V2VandenbergEnabled() },
-		protocol.SignatureTypeEcdsaSha256,
-	)
-
-	// Eip712 signatures (enabled with Vandenberg)
-	registerConditionalExec[UserSignature](&signatureExecutors,
-		func(ctx *SignatureContext) bool { return ctx.GetActiveGlobals().ExecutorVersion.V2VandenbergEnabled() },
 		protocol.SignatureTypeEip712TypedData,
 	)
 }
@@ -123,7 +112,7 @@ func (x UserSignature) check(batch *database.Batch, ctx *userSigContext) error {
 	}
 
 	// Verify the signature signs the transaction
-	if !verifySignature(sig, ctx.transaction.GetHash(), ctx.transaction) {
+	if !verifySignature(sig, ctx.transaction) {
 		return errors.Unauthenticated.WithFormat("invalid signature")
 	}
 

diff --git a/internal/core/healing/anchors.go b/internal/core/healing/anchors.go
@@ -192,8 +192,7 @@ func HealAnchor(ctx context.Context, args HealAnchorArgs, si SequencedInfo) erro
 					}
 
 					// Filter out bad signatures
-					h := seq.Hash()
-					if !sig.Verify(nil, h[:], nil) {
+					if !sig.Verify(nil, seq) {
 						slog.ErrorContext(ctx, "Node gave us an invalid signature", "id", info)
 						continue
 					}
@@ -209,7 +208,7 @@ func HealAnchor(ctx context.Context, args HealAnchorArgs, si SequencedInfo) erro
 
 					case protocol.UserSignature:
 						// Filter out bad signatures
-						if !sig.Verify(nil, theAnchorTxn.GetHash(), nil) {
+						if !sig.Verify(nil, theAnchorTxn) {
 							slog.ErrorContext(ctx, "Node gave us an invalid signature", "id", info)
 							continue
 						}

diff --git a/internal/core/healing/synthetic.go b/internal/core/healing/synthetic.go
@@ -99,8 +99,7 @@ func (h *Healer) HealSynthetic(ctx context.Context, args HealSyntheticArgs, si S
 		return fmt.Errorf("synthetic message is not signed")
 	}
 
-	hash := msg.Message.Hash()
-	if !msg.Signature.Verify(nil, hash[:], nil) {
+	if !msg.Signature.Verify(nil, msg.Message) {
 		return fmt.Errorf("signature is not valid")
 	}