FIX: Signature verification WORKS.
This commit is contained in:
parent
1eacc57461
commit
f45ab2f25f
|
@ -31,6 +31,7 @@ SLOTID_RECOVERED_PK_Y = 241
|
||||||
def sig_check(signatures, digest, keys):
|
def sig_check(signatures, digest, keys):
|
||||||
si = ScratchVar(TealType.uint64)
|
si = ScratchVar(TealType.uint64)
|
||||||
ki = ScratchVar(TealType.uint64)
|
ki = ScratchVar(TealType.uint64)
|
||||||
|
i = ScratchVar(TealType.uint64)
|
||||||
rec_pk_x = ScratchVar(TealType.bytes, SLOTID_RECOVERED_PK_X)
|
rec_pk_x = ScratchVar(TealType.bytes, SLOTID_RECOVERED_PK_X)
|
||||||
rec_pk_y = ScratchVar(TealType.bytes, SLOTID_RECOVERED_PK_Y)
|
rec_pk_y = ScratchVar(TealType.bytes, SLOTID_RECOVERED_PK_Y)
|
||||||
|
|
||||||
|
@ -39,34 +40,41 @@ def sig_check(signatures, digest, keys):
|
||||||
rec_pk_x.store(Bytes("")),
|
rec_pk_x.store(Bytes("")),
|
||||||
rec_pk_y.store(Bytes("")),
|
rec_pk_y.store(Bytes("")),
|
||||||
For(Seq([
|
For(Seq([
|
||||||
|
i.store(Int(0)),
|
||||||
si.store(Int(0)),
|
si.store(Int(0)),
|
||||||
ki.store(Int(0))
|
ki.store(Int(0))
|
||||||
]),
|
]),
|
||||||
si.load() < Len(signatures),
|
si.load() < Len(signatures),
|
||||||
Seq([
|
Seq([
|
||||||
si.store(si.load() + Int(66)),
|
si.store(si.load() + Int(66)),
|
||||||
ki.store(ki.load() + Int(32)),
|
ki.store(ki.load() + Int(20)),
|
||||||
|
i.store(i.load() + Int(1)),
|
||||||
])).Do(
|
])).Do(
|
||||||
Seq([
|
Seq([
|
||||||
|
# Index must be sequential
|
||||||
|
|
||||||
|
Assert(Btoi(Extract(signatures, si.load(), Int(1))) ==
|
||||||
|
i.load() + (Txn.group_index() * Int(MAX_SIGNATURES_PER_VERIFICATION_STEP))),
|
||||||
|
|
||||||
InlineAssembly(
|
InlineAssembly(
|
||||||
"ecdsa_pk_recover Secp256k1",
|
"ecdsa_pk_recover Secp256k1",
|
||||||
digest,
|
Keccak256(digest),
|
||||||
Btoi(Extract(signatures, si.load() + Int(64), Int(1))),
|
Btoi(Extract(signatures, si.load() + Int(65), Int(1))),
|
||||||
Extract(signatures, si.load() + Int(32), Int(32)),
|
Extract(signatures, si.load() + Int(1), Int(32)), # R
|
||||||
Extract(signatures, si.load(), Int(32)),
|
Extract(signatures, si.load() + Int(33), Int(32)), # S
|
||||||
type=TealType.none),
|
type=TealType.none),
|
||||||
|
|
||||||
# returned values in stack, pass to scratch-vars
|
# returned values in stack, pass to scratch-vars
|
||||||
|
|
||||||
InlineAssembly("store " + str(SLOTID_RECOVERED_PK_X)),
|
|
||||||
InlineAssembly("store " + str(SLOTID_RECOVERED_PK_Y)),
|
InlineAssembly("store " + str(SLOTID_RECOVERED_PK_Y)),
|
||||||
|
InlineAssembly("store " + str(SLOTID_RECOVERED_PK_X)),
|
||||||
|
|
||||||
# Generate Ethereum-type public key, compare with guardian key.
|
# Generate Ethereum-type public key, compare with guardian key.
|
||||||
|
|
||||||
Assert(
|
Assert(
|
||||||
Extract(keys, ki.load(), Int(32)) ==
|
Extract(keys, ki.load(), Int(20)) ==
|
||||||
Extract(Keccak256(Concat(rec_pk_x.load(),
|
Substring(Keccak256(Concat(rec_pk_x.load(),
|
||||||
rec_pk_y.load())), Int(0), Int(20))
|
rec_pk_y.load())), Int(12), Int(32))
|
||||||
)
|
)
|
||||||
])
|
])
|
||||||
|
|
||||||
|
@ -79,7 +87,7 @@ def sig_check(signatures, digest, keys):
|
||||||
|
|
||||||
"""
|
"""
|
||||||
* Let N be the number of signatures per verification step, for the TX(i) in group, we verify signatures [j..k] where j = i*N, k = j+(N-1)
|
* Let N be the number of signatures per verification step, for the TX(i) in group, we verify signatures [j..k] where j = i*N, k = j+(N-1)
|
||||||
* Input 0 is signatures [j..k] to verify as LogicSigArgs.
|
* Input 0 is signatures [j..k] to verify as LogicSigArgs. (Format is GuardianIndex + signature)
|
||||||
* Input 1 is signed digest of payload, contained in the note field of the TX in current slot.
|
* Input 1 is signed digest of payload, contained in the note field of the TX in current slot.
|
||||||
* Input 2 is public keys for guardians [j..k] contained in the first Argument of the TX in current slot.
|
* Input 2 is public keys for guardians [j..k] contained in the first Argument of the TX in current slot.
|
||||||
* Input 3 is guardian set size contained in the second argument of the TX in current slot.
|
* Input 3 is guardian set size contained in the second argument of the TX in current slot.
|
||||||
|
@ -94,7 +102,7 @@ def vaa_verify_program(vaa_processor_app_id):
|
||||||
|
|
||||||
return Seq([
|
return Seq([
|
||||||
Assert(Txn.fee() <= Int(1000)),
|
Assert(Txn.fee() <= Int(1000)),
|
||||||
Assert(Txn.application_args.length() == Int(1)),
|
Assert(Txn.application_args.length() == Int(3)),
|
||||||
Assert(Len(signatures) == get_sig_count_in_step(
|
Assert(Len(signatures) == get_sig_count_in_step(
|
||||||
Txn.group_index(), Btoi(num_guardians)) * Int(66)),
|
Txn.group_index(), Btoi(num_guardians)) * Int(66)),
|
||||||
Assert(Txn.rekey_to() == Global.zero_address()),
|
Assert(Txn.rekey_to() == Global.zero_address()),
|
||||||
|
|
|
@ -43,7 +43,9 @@ class TestLib {
|
||||||
payload.substr(2)
|
payload.substr(2)
|
||||||
]
|
]
|
||||||
|
|
||||||
const hash = web3Utils.soliditySha3(web3Utils.soliditySha3('0x' + body.join('')))
|
const hash = web3Utils.keccak256('0x' + body.join(''))
|
||||||
|
|
||||||
|
console.log('VAA body Hash: ', hash)
|
||||||
|
|
||||||
let signatures = ''
|
let signatures = ''
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue