wormhole/bridge/pkg/processor/injection.go

package processor

import (
	"context"
	"encoding/hex"

	"github.com/ethereum/go-ethereum/crypto"
	"go.uber.org/zap"

	"github.com/certusone/wormhole/bridge/pkg/supervisor"
	"github.com/certusone/wormhole/bridge/pkg/vaa"
)

// handleInjection processes a pre-populated VAA injected locally.
func (p *Processor) handleInjection(ctx context.Context, v *vaa.VAA) {
	// Check if we're in the guardian set.
	us, ok := p.gs.KeyIndex(p.ourAddr)
	if !ok {
		p.logger.Error("we're not in the guardian set - refusing to sign",
			zap.Uint32("index", p.gs.Index),
			zap.Stringer("our_addr", p.ourAddr),
			zap.Any("set", p.gs.KeysAsHexStrings()))
		return
	}

	// Generate digest of the unsigned VAA.
	digest, err := v.SigningMsg()
	if err != nil {
		panic(err)
	}

	// The internal originator is responsible for logging the full VAA, just log the digest here.
	supervisor.Logger(ctx).Info("signing injected VAA",
		zap.Stringer("digest", digest))

	// Sign the digest using our node's guardian key.
	s, err := crypto.Sign(digest.Bytes(), p.gk)
	if err != nil {
		panic(err)
	}

	p.logger.Info("observed and signed injected VAA",
		zap.String("digest", hex.EncodeToString(digest.Bytes())),
		zap.String("signature", hex.EncodeToString(s)),
		zap.Int("our_index", us))

	p.broadcastSignature(v, s)
}
bridge: implement guardian set update submission node admin service Tested on a live devnet via `scripts/test-injection.sh 0`. ghstack-source-id: 92489c2455e677433414dfa66c6917a577e4c4a5 Pull Request resolved: https://github.com/certusone/wormhole/pull/104 2020-11-19 03:53:19 -08:00			`package processor`

			`import (`
			`"context"`
			`"encoding/hex"`

			`"github.com/ethereum/go-ethereum/crypto"`
			`"go.uber.org/zap"`

			`"github.com/certusone/wormhole/bridge/pkg/supervisor"`
			`"github.com/certusone/wormhole/bridge/pkg/vaa"`
			`)`

			`// handleInjection processes a pre-populated VAA injected locally.`
			`func (p Processor) handleInjection(ctx context.Context, v vaa.VAA) {`
			`// Check if we're in the guardian set.`
			`us, ok := p.gs.KeyIndex(p.ourAddr)`
			`if !ok {`
			`p.logger.Error("we're not in the guardian set - refusing to sign",`
			`zap.Uint32("index", p.gs.Index),`
			`zap.Stringer("our_addr", p.ourAddr),`
			`zap.Any("set", p.gs.KeysAsHexStrings()))`
			`return`
			`}`

			`// Generate digest of the unsigned VAA.`
			`digest, err := v.SigningMsg()`
			`if err != nil {`
			`panic(err)`
			`}`

			`// The internal originator is responsible for logging the full VAA, just log the digest here.`
			`supervisor.Logger(ctx).Info("signing injected VAA",`
			`zap.Stringer("digest", digest))`

			`// Sign the digest using our node's guardian key.`
			`s, err := crypto.Sign(digest.Bytes(), p.gk)`
			`if err != nil {`
			`panic(err)`
			`}`

			`p.logger.Info("observed and signed injected VAA",`
			`zap.String("digest", hex.EncodeToString(digest.Bytes())),`
			`zap.String("signature", hex.EncodeToString(s)),`
			`zap.Int("our_index", us))`

			`p.broadcastSignature(v, s)`
			`}`