From 19026ecd6d4401af535ee87204bd8f20f6ceb730 Mon Sep 17 00:00:00 2001 From: dylanhuang Date: Fri, 10 Nov 2023 15:37:53 +0800 Subject: [PATCH] refactor: reuse the tendermint code to verify signature (#2) --- core/vm/contracts_lightclient.go | 49 ++++---------------------------- go.mod | 3 +- go.sum | 4 +-- 3 files changed, 10 insertions(+), 46 deletions(-) diff --git a/core/vm/contracts_lightclient.go b/core/vm/contracts_lightclient.go index 89bab73fcc..79e17ca08d 100644 --- a/core/vm/contracts_lightclient.go +++ b/core/vm/contracts_lightclient.go @@ -1,19 +1,17 @@ package vm import ( - "crypto/sha256" "encoding/binary" "fmt" "net/url" "strings" - "github.com/btcsuite/btcd/btcec/v2" - ecdsa "github.com/btcsuite/btcd/btcec/v2/ecdsa" "github.com/tendermint/iavl" "github.com/tendermint/tendermint/crypto/merkle" + "github.com/tendermint/tendermint/crypto/secp256k1" cmn "github.com/tendermint/tendermint/libs/common" - "golang.org/x/crypto/ripemd160" //nolint:staticcheck + //nolint:staticcheck v1 "github.com/ethereum/go-ethereum/core/vm/lightclient/v1" v2 "github.com/ethereum/go-ethereum/core/vm/lightclient/v2" "github.com/ethereum/go-ethereum/params" @@ -428,45 +426,10 @@ func (c *tmSignatureRecover) Run(input []byte) (result []byte, err error) { } func (c *tmSignatureRecover) runTMSecp256k1Signature(pubkey, signatureStr, msgHash []byte) (result []byte, err error) { - pubKey, err := btcec.ParsePubKey(pubkey) - if err != nil { - return nil, err - } - - r, s, err := c.signatureFromBytes(signatureStr) - if err != nil { - return nil, err - } - signature := ecdsa.NewSignature(r, s) - - // Reject malleable signatures. libsecp256k1 does this check but btcec doesn't. - if s.IsOverHalfOrder() { + tmPubKey := secp256k1.PubKeySecp256k1(pubkey) + ok := tmPubKey.VerifyBytesWithMsgHash(msgHash, signatureStr) + if !ok { return nil, fmt.Errorf("invalid signature") } - - // Verify the signature. - if !signature.Verify(msgHash, pubKey) { - return nil, fmt.Errorf("invalid signature") - } - - hasherSHA256 := sha256.New() - _, _ = hasherSHA256.Write(pubKey.SerializeCompressed()) // does not error - sha := hasherSHA256.Sum(nil) - - hasherRIPEMD160 := ripemd160.New() - _, _ = hasherRIPEMD160.Write(sha) // does not error - return hasherRIPEMD160.Sum(nil), nil -} - -// Read Signature struct from R || S. Caller needs to ensure -// that len(sigStr) == 64. -func (c *tmSignatureRecover) signatureFromBytes(sigStr []byte) (*btcec.ModNScalar, *btcec.ModNScalar, error) { - var r, s btcec.ModNScalar - if r.SetByteSlice(sigStr[:32]) { - return nil, nil, fmt.Errorf("invalid R field") - } - if s.SetByteSlice(sigStr[32:]) { - return nil, nil, fmt.Errorf("invalid S field") - } - return &r, &s, nil + return tmPubKey.Address().Bytes(), nil } diff --git a/go.mod b/go.mod index 47dd742faa..8eca14c8d6 100644 --- a/go.mod +++ b/go.mod @@ -295,5 +295,6 @@ replace ( github.com/cometbft/cometbft => github.com/bnb-chain/greenfield-tendermint v0.0.0-20230417032003-4cda1f296fb2 github.com/grpc-ecosystem/grpc-gateway/v2 => github.com/prysmaticlabs/grpc-gateway/v2 v2.3.1-0.20210702154020-550e1cd83ec1 github.com/syndtr/goleveldb v1.0.1 => github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7 - github.com/tendermint/tendermint => github.com/bnb-chain/tendermint v0.31.15 + // TODO: bump to official version + github.com/tendermint/tendermint => github.com/j75689/tendermint v0.0.0-20231110072701-fb5a4b37d9d8 ) diff --git a/go.sum b/go.sum index bb8b586cfc..93881cbf17 100644 --- a/go.sum +++ b/go.sum @@ -171,8 +171,6 @@ github.com/bnb-chain/greenfield-tendermint v0.0.0-20230417032003-4cda1f296fb2 h1 github.com/bnb-chain/greenfield-tendermint v0.0.0-20230417032003-4cda1f296fb2/go.mod h1:9q11eHNRY9FDwFH+4pompzPNGv//Z3VcfvkELaHJPMs= github.com/bnb-chain/ics23 v0.1.0 h1:DvjGOts2FBfbxB48384CYD1LbcrfjThFz8kowY/7KxU= github.com/bnb-chain/ics23 v0.1.0/go.mod h1:cU6lTGolbbLFsGCgceNB2AzplH1xecLp6+KXvxM32nI= -github.com/bnb-chain/tendermint v0.31.15 h1:Xyn/Hifb/7X4E1zSuMdnZdMSoM2Fx6cZuKCNnqIxbNU= -github.com/bnb-chain/tendermint v0.31.15/go.mod h1:cmt8HHmQUSVaWQ/hoTefRxsh5X3ERaM1zCUIR0DPbFU= github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g= github.com/bradfitz/gomemcache v0.0.0-20170208213004-1952afaa557d/go.mod h1:PmM6Mmwb0LSuEubjR8N7PtNe1KxZLtOUHtbeikc5h60= @@ -759,6 +757,8 @@ github.com/iris-contrib/go.uuid v2.0.0+incompatible/go.mod h1:iz2lgM/1UnEf1kP0L/ github.com/iris-contrib/jade v1.1.3/go.mod h1:H/geBymxJhShH5kecoiOCSssPX7QWYH7UaeZTSWddIk= github.com/iris-contrib/pongo2 v0.0.1/go.mod h1:Ssh+00+3GAZqSQb30AvBRNxBx7rf0GqwkjqxNd0u65g= github.com/iris-contrib/schema v0.0.1/go.mod h1:urYA3uvUNG1TIIjOSCzHr9/LmbQo8LrOcOqfqxa4hXw= +github.com/j75689/tendermint v0.0.0-20231110072701-fb5a4b37d9d8 h1:+SAW4SBz3bmmmRTDnIlHr8PWuEaZIfudpeIJtn6G12k= +github.com/j75689/tendermint v0.0.0-20231110072701-fb5a4b37d9d8/go.mod h1:cmt8HHmQUSVaWQ/hoTefRxsh5X3ERaM1zCUIR0DPbFU= github.com/jackpal/go-nat-pmp v1.0.2-0.20160603034137-1fa385a6f458/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc= github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus= github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc=