feat(x/auth/ante): allow custom verifyIsOnCurve when validate tx for public key (backport: #23128) (#23285)

2025-01-10 16:33:47 +08:00 · 2025-01-10 16:33:47 +08:00 · 3ca6544b9b
commit 3ca6544b9b
parent 2a745c7961
3 changed files with 27 additions and 13 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -43,6 +43,7 @@ Every module contains its own CHANGELOG.md. Please refer to the module you are i
 ### Features

 * (sims) [#23013](https://github.com/cosmos/cosmos-sdk/pull/23013) Integration with app v2
+* (x/auth/ante) [#23128](https://github.com/cosmos/cosmos-sdk/pull/23128) Allow custom verifyIsOnCurve when validate tx for public key like ethsecp256k1.

 ### Improvements

--- a/tests/systemtests/fraud_test.go
+++ b/tests/systemtests/fraud_test.go
@ -7,6 +7,7 @@ import (
 	"os"
 	"path/filepath"
 	"testing"
+	"time"

 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@ -43,8 +44,8 @@ func TestValidatorDoubleSign(t *testing.T) {

 	// let's wait some blocks to have evidence and update persisted
 	var nodePowerAfter int64 = -1
-	for i := 0; i < 30; i++ {
-		systest.Sut.AwaitNextBlock(t)
+	for i := 0; i < 100; i++ {
+		systest.Sut.AwaitNextBlock(t, 6*time.Second)
 		if nodePowerAfter = systest.QueryCometValidatorPower(rpc, pkBz); nodePowerAfter == 0 {
 			break
 		}
--- a/x/auth/ante/sigverify.go
+++ b/x/auth/ante/sigverify.go
@ -69,18 +69,24 @@ type AccountAbstractionKeeper interface {
 //
 // CONTRACT: Tx must implement SigVerifiableTx interface
 type SigVerificationDecorator struct {
-	ak              AccountKeeper
-	aaKeeper        AccountAbstractionKeeper
-	signModeHandler *txsigning.HandlerMap
-	sigGasConsumer  SignatureVerificationGasConsumer
+	ak                   AccountKeeper
+	aaKeeper             AccountAbstractionKeeper
+	signModeHandler      *txsigning.HandlerMap
+	sigGasConsumer       SignatureVerificationGasConsumer
+	extraVerifyIsOnCurve func(pubKey cryptotypes.PubKey) (bool, error)
 }

 func NewSigVerificationDecorator(ak AccountKeeper, signModeHandler *txsigning.HandlerMap, sigGasConsumer SignatureVerificationGasConsumer, aaKeeper AccountAbstractionKeeper) SigVerificationDecorator {
+	return NewSigVerificationDecoratorWithVerifyOnCurve(ak, signModeHandler, sigGasConsumer, aaKeeper, nil)
+}
+
+func NewSigVerificationDecoratorWithVerifyOnCurve(ak AccountKeeper, signModeHandler *txsigning.HandlerMap, sigGasConsumer SignatureVerificationGasConsumer, aaKeeper AccountAbstractionKeeper, verifyFn func(pubKey cryptotypes.PubKey) (bool, error)) SigVerificationDecorator {
 	return SigVerificationDecorator{
-		aaKeeper:        aaKeeper,
-		ak:              ak,
-		signModeHandler: signModeHandler,
-		sigGasConsumer:  sigGasConsumer,
+		aaKeeper:             aaKeeper,
+		ak:                   ak,
+		signModeHandler:      signModeHandler,
+		sigGasConsumer:       sigGasConsumer,
+		extraVerifyIsOnCurve: verifyFn,
 	}
 }

@ -105,7 +111,13 @@ func OnlyLegacyAminoSigners(sigData signing.SignatureData) bool {
 	}
 }

-func verifyIsOnCurve(pubKey cryptotypes.PubKey) (err error) {
+func (svd SigVerificationDecorator) VerifyIsOnCurve(pubKey cryptotypes.PubKey) error {
+	if svd.extraVerifyIsOnCurve != nil {
+		handled, err := svd.extraVerifyIsOnCurve(pubKey)
+		if handled {
+			return err
+		}
+	}
 	// when simulating pubKey.Key will always be nil
 	if pubKey.Bytes() == nil {
 		return nil
@ -134,7 +146,7 @@ func verifyIsOnCurve(pubKey cryptotypes.PubKey) (err error) {
 		pubKeysObjects := typedPubKey.GetPubKeys()
 		ok := true
 		for _, pubKeyObject := range pubKeysObjects {
-			if err := verifyIsOnCurve(pubKeyObject); err != nil {
+			if err := svd.VerifyIsOnCurve(pubKeyObject); err != nil {
 				ok = false
 				break
 			}
@ -417,7 +429,7 @@ func (svd SigVerificationDecorator) setPubKey(ctx context.Context, acc sdk.Accou
 		return sdkerrors.ErrInvalidPubKey.Wrapf("the account %s cannot be claimed by public key with address %x", acc.GetAddress(), txPubKey.Address())
 	}

-	err := verifyIsOnCurve(txPubKey)
+	err := svd.VerifyIsOnCurve(txPubKey)
 	if err != nil {
 		return err
 	}