diff --git a/rpc/src/rpc.rs b/rpc/src/rpc.rs index 7efe81caca..941863416c 100644 --- a/rpc/src/rpc.rs +++ b/rpc/src/rpc.rs @@ -2037,10 +2037,6 @@ fn verify_transaction( return Err(RpcCustomError::TransactionPrecompileVerificationFailure(e).into()); } - if !transaction.verify_signatures_len() { - return Err(RpcCustomError::TransactionSignatureVerificationFailure.into()); - } - Ok(()) } diff --git a/runtime/src/bank.rs b/runtime/src/bank.rs index 5beef12b9a..b2306721f6 100644 --- a/runtime/src/bank.rs +++ b/runtime/src/bank.rs @@ -5264,10 +5264,6 @@ impl Bank { }) }?; - if self.verify_tx_signatures_len_enabled() && !sanitized_tx.verify_signatures_len() { - return Err(TransactionError::SanitizeFailure); - } - if verification_mode == TransactionVerificationMode::HashAndVerifyPrecompiles || verification_mode == TransactionVerificationMode::FullVerification { @@ -5752,11 +5748,6 @@ impl Bank { .is_active(&feature_set::no_overflow_rent_distribution::id()) } - pub fn verify_tx_signatures_len_enabled(&self) -> bool { - self.feature_set - .is_active(&feature_set::verify_tx_signatures_len::id()) - } - pub fn versioned_tx_message_enabled(&self) -> bool { self.feature_set .is_active(&feature_set::versioned_tx_message_enabled::id()) @@ -14994,12 +14985,14 @@ pub(crate) mod tests { Some(TransactionError::SanitizeFailure), ); } - // Too many signatures: Success without feature switch + // Too many signatures: Sanitization failure { let tx = make_transaction(TestCase::AddSignature); - assert!(bank - .verify_transaction(tx.into(), TransactionVerificationMode::FullVerification) - .is_ok()); + assert_eq!( + bank.verify_transaction(tx.into(), TransactionVerificationMode::FullVerification) + .err(), + Some(TransactionError::SanitizeFailure), + ); } } diff --git a/sdk/src/transaction/mod.rs b/sdk/src/transaction/mod.rs index e81bbfef77..8fdb7306eb 100644 --- a/sdk/src/transaction/mod.rs +++ b/sdk/src/transaction/mod.rs @@ -303,11 +303,6 @@ impl Transaction { Signature::default() } - /// Verify the length of signatures matches the value in the message header - pub fn verify_signatures_len(&self) -> bool { - self.signatures.len() == self.message.header.num_required_signatures as usize - } - /// Verify the transaction and hash its message pub fn verify_and_hash_message(&self) -> Result { let message_bytes = self.message_data(); diff --git a/sdk/src/transaction/sanitized.rs b/sdk/src/transaction/sanitized.rs index a6db1587b4..0adf97b4d8 100644 --- a/sdk/src/transaction/sanitized.rs +++ b/sdk/src/transaction/sanitized.rs @@ -200,11 +200,6 @@ impl SanitizedTransaction { } } - /// Verify the length of signatures matches the value in the message header - pub fn verify_signatures_len(&self) -> bool { - self.signatures.len() == self.message.header().num_required_signatures as usize - } - /// Verify the transaction signatures pub fn verify(&self) -> Result<()> { let message_bytes = self.message_data(); diff --git a/sdk/src/transaction/versioned.rs b/sdk/src/transaction/versioned.rs index a3f284dcc3..c343dd5cc2 100644 --- a/sdk/src/transaction/versioned.rs +++ b/sdk/src/transaction/versioned.rs @@ -12,6 +12,7 @@ use { transaction::{Result, Transaction, TransactionError}, }, serde::Serialize, + std::cmp::Ordering, }; // NOTE: Serialization-related changes must be paired with the direct read at sigverify. @@ -29,11 +30,12 @@ impl Sanitize for VersionedTransaction { fn sanitize(&self) -> std::result::Result<(), SanitizeError> { self.message.sanitize()?; - // Once the "verify_tx_signatures_len" feature is enabled, this may be - // updated to an equality check. - if usize::from(self.message.header().num_required_signatures) > self.signatures.len() { - return Err(SanitizeError::IndexOutOfBounds); - } + let num_required_signatures = usize::from(self.message.header().num_required_signatures); + match num_required_signatures.cmp(&self.signatures.len()) { + Ordering::Greater => Err(SanitizeError::IndexOutOfBounds), + Ordering::Less => Err(SanitizeError::InvalidValue), + Ordering::Equal => Ok(()), + }?; // Signatures are verified before message keys are mapped so all signers // must correspond to unmapped keys.