Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Murisi/replay protection #12

Closed
wants to merge 4 commits into from

Conversation

murisi
Copy link
Contributor

@murisi murisi commented Oct 24, 2023

A replay protection bug was discovered in Namada (see anoma/namada#1867 ) and its resolution (to be included in v0.24.0) involves a conceptually minor change to the transaction signing process. Essentially the inner transaction signature now signs over the raw header hash where it formerly used to sign over the data section hash and the code section hash. The transaction format does not change at all.

This PR is one possible way to implement these changes on the hardware wallet. The actual changes are all in the last commit (117f548). Specifically, the changes are as follows:

  • Made a function to compute the raw header hash, which is essentially a slice of the full header hash
  • Move the code and data section hash targets for the inner signature section to the outer signature section
  • Compute and add the raw header hash as a target for the inner signature
  • Update the section indices correspondingly, with the index 0xFF referring to the raw header
  • Updated the transactions.test.ts tests to supply the raw header hash (in addition to the header hash)

@murisi murisi mentioned this pull request Oct 25, 2023
@ftheirs ftheirs closed this Nov 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants