From 3ca6544b9be818ebb5313a0f90246e190dbd54c0 Mon Sep 17 00:00:00 2001 From: mmsqe Date: Fri, 10 Jan 2025 16:33:47 +0800 Subject: [PATCH] feat(x/auth/ante): allow custom verifyIsOnCurve when validate tx for public key (backport: #23128) (#23285) --- CHANGELOG.md | 1 + tests/systemtests/fraud_test.go | 5 +++-- x/auth/ante/sigverify.go | 34 ++++++++++++++++++++++----------- 3 files changed, 27 insertions(+), 13 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3eb222c297..37cb138cd5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -43,6 +43,7 @@ Every module contains its own CHANGELOG.md. Please refer to the module you are i ### Features * (sims) [#23013](https://github.com/cosmos/cosmos-sdk/pull/23013) Integration with app v2 +* (x/auth/ante) [#23128](https://github.com/cosmos/cosmos-sdk/pull/23128) Allow custom verifyIsOnCurve when validate tx for public key like ethsecp256k1. ### Improvements diff --git a/tests/systemtests/fraud_test.go b/tests/systemtests/fraud_test.go index a4c0b7875d..2d2b8ae38c 100644 --- a/tests/systemtests/fraud_test.go +++ b/tests/systemtests/fraud_test.go @@ -7,6 +7,7 @@ import ( "os" "path/filepath" "testing" + "time" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -43,8 +44,8 @@ func TestValidatorDoubleSign(t *testing.T) { // let's wait some blocks to have evidence and update persisted var nodePowerAfter int64 = -1 - for i := 0; i < 30; i++ { - systest.Sut.AwaitNextBlock(t) + for i := 0; i < 100; i++ { + systest.Sut.AwaitNextBlock(t, 6*time.Second) if nodePowerAfter = systest.QueryCometValidatorPower(rpc, pkBz); nodePowerAfter == 0 { break } diff --git a/x/auth/ante/sigverify.go b/x/auth/ante/sigverify.go index 3b83b17e33..fc93c3861a 100644 --- a/x/auth/ante/sigverify.go +++ b/x/auth/ante/sigverify.go @@ -69,18 +69,24 @@ type AccountAbstractionKeeper interface { // // CONTRACT: Tx must implement SigVerifiableTx interface type SigVerificationDecorator struct { - ak AccountKeeper - aaKeeper AccountAbstractionKeeper - signModeHandler *txsigning.HandlerMap - sigGasConsumer SignatureVerificationGasConsumer + ak AccountKeeper + aaKeeper AccountAbstractionKeeper + signModeHandler *txsigning.HandlerMap + sigGasConsumer SignatureVerificationGasConsumer + extraVerifyIsOnCurve func(pubKey cryptotypes.PubKey) (bool, error) } func NewSigVerificationDecorator(ak AccountKeeper, signModeHandler *txsigning.HandlerMap, sigGasConsumer SignatureVerificationGasConsumer, aaKeeper AccountAbstractionKeeper) SigVerificationDecorator { + return NewSigVerificationDecoratorWithVerifyOnCurve(ak, signModeHandler, sigGasConsumer, aaKeeper, nil) +} + +func NewSigVerificationDecoratorWithVerifyOnCurve(ak AccountKeeper, signModeHandler *txsigning.HandlerMap, sigGasConsumer SignatureVerificationGasConsumer, aaKeeper AccountAbstractionKeeper, verifyFn func(pubKey cryptotypes.PubKey) (bool, error)) SigVerificationDecorator { return SigVerificationDecorator{ - aaKeeper: aaKeeper, - ak: ak, - signModeHandler: signModeHandler, - sigGasConsumer: sigGasConsumer, + aaKeeper: aaKeeper, + ak: ak, + signModeHandler: signModeHandler, + sigGasConsumer: sigGasConsumer, + extraVerifyIsOnCurve: verifyFn, } } @@ -105,7 +111,13 @@ func OnlyLegacyAminoSigners(sigData signing.SignatureData) bool { } } -func verifyIsOnCurve(pubKey cryptotypes.PubKey) (err error) { +func (svd SigVerificationDecorator) VerifyIsOnCurve(pubKey cryptotypes.PubKey) error { + if svd.extraVerifyIsOnCurve != nil { + handled, err := svd.extraVerifyIsOnCurve(pubKey) + if handled { + return err + } + } // when simulating pubKey.Key will always be nil if pubKey.Bytes() == nil { return nil @@ -134,7 +146,7 @@ func verifyIsOnCurve(pubKey cryptotypes.PubKey) (err error) { pubKeysObjects := typedPubKey.GetPubKeys() ok := true for _, pubKeyObject := range pubKeysObjects { - if err := verifyIsOnCurve(pubKeyObject); err != nil { + if err := svd.VerifyIsOnCurve(pubKeyObject); err != nil { ok = false break } @@ -417,7 +429,7 @@ func (svd SigVerificationDecorator) setPubKey(ctx context.Context, acc sdk.Accou return sdkerrors.ErrInvalidPubKey.Wrapf("the account %s cannot be claimed by public key with address %x", acc.GetAddress(), txPubKey.Address()) } - err := verifyIsOnCurve(txPubKey) + err := svd.VerifyIsOnCurve(txPubKey) if err != nil { return err }