certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Hardening against governance message spoofing (#938)

This commit is contained in:
Hendrik Hofstadt 2022-03-03 17:55:02 +01:00 committed by GitHub
parent ea67521d11
commit 4bc5daa8d1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
node/pkg/processor/message.go
View File

@ -3,6 +3,7 @@ package processor
import ( import (
"context" "context"
"encoding/hex" "encoding/hex"
"github.com/certusone/wormhole/node/pkg/db" "github.com/certusone/wormhole/node/pkg/db"
"github.com/mr-tron/base58" "github.com/mr-tron/base58"
@ -79,6 +80,18 @@ func (p *Processor) handleMessage(ctx context.Context, k *common.MessagePublicat
ConsistencyLevel: k.ConsistencyLevel, ConsistencyLevel: k.ConsistencyLevel,
} }
// A governance message should never be emitted on-chain
if v.EmitterAddress == vaa.GovernanceEmitter && v.EmitterChain == vaa.GovernanceChain {
supervisor.Logger(ctx).Error(
"EMERGENCY: PLEASE REPORT THIS IMMEDIATELY! A Solana message was emitted from the governance emitter. This should never be possible.",
zap.Stringer("emitter_chain", k.EmitterChain),
zap.Stringer("emitter_address", k.EmitterAddress),
zap.Uint32("nonce", k.Nonce),
zap.Stringer("txhash", k.TxHash),
zap.Time("timestamp", k.Timestamp))
return
}
// Ignore incoming observations when our database already has a quorum VAA for it. // Ignore incoming observations when our database already has a quorum VAA for it.
// This can occur when we're receiving late observations due to node catchup, and // This can occur when we're receiving late observations due to node catchup, and
// processing those won't do us any good. // processing those won't do us any good.

8
node/pkg/vaa/governance.go
View File

@ -4,8 +4,8 @@ import (
"time" "time"
) )
var governanceEmitter = Address{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4} var GovernanceEmitter = Address{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4}
var governanceChain = ChainIDSolana var GovernanceChain = ChainIDSolana
func CreateGovernanceVAA(nonce uint32, sequence uint64, guardianSetIndex uint32, payload []byte) *VAA { func CreateGovernanceVAA(nonce uint32, sequence uint64, guardianSetIndex uint32, payload []byte) *VAA {
vaa := &VAA{ vaa := &VAA{
@ -16,8 +16,8 @@ func CreateGovernanceVAA(nonce uint32, sequence uint64, guardianSetIndex uint32,
Nonce: nonce, Nonce: nonce,
Sequence: sequence, Sequence: sequence,
ConsistencyLevel: 32, ConsistencyLevel: 32,
EmitterChain: governanceChain, EmitterChain: GovernanceChain,
EmitterAddress: governanceEmitter, EmitterAddress: GovernanceEmitter,
Payload: payload, Payload: payload,
} }