certusone
/
wormhole
mirror of https://github.com/certusone/wormhole.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Reorder quorum and verifysignatures (#1166)

This commit is contained in:
Jonathan Claudius 2022-05-25 08:35:08 -04:00 committed by GitHub
parent 9e893bf5d4
commit f32e6c4aa8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
node/pkg/processor/observation.go
View File

@ -289,18 +289,8 @@ func (p *Processor) handleInboundSignedVAAWithQuorum(ctx context.Context, m *gos
return
}
// Verify VAA signature to prevent a DoS attack on our local store.
if !v.VerifySignatures(p.gs.Keys) {
p.logger.Warn("received SignedVAAWithQuorum message with invalid VAA signatures",
zap.String("digest", hash),
zap.Any("message", m),
zap.Any("vaa", v),
)
return
}
// Verify VAA has enough signatures for quorum
quorum := CalculateQuorum(len(p.gs.Keys))
if len(v.Signatures) < quorum {
p.logger.Warn("received SignedVAAWithQuorum message without quorum",
zap.String("digest", hash),
@ -312,6 +302,16 @@ func (p *Processor) handleInboundSignedVAAWithQuorum(ctx context.Context, m *gos
return
}
// Verify VAA signatures to prevent a DoS attack on our local store.
if !v.VerifySignatures(p.gs.Keys) {
p.logger.Warn("received SignedVAAWithQuorum message with invalid VAA signatures",
zap.String("digest", hash),
zap.Any("message", m),
zap.Any("vaa", v),
)
return
}
// We now established that:
// - all signatures on the VAA are valid
// - the signature's addresses match the node's current guardian set