Check deposit signatures when submitting via CLI (#1414)

## Proposed Changes

Having been bitten by submitting deposits with invalid signatures (for the wrong testnet), I'm proposing we check the signatures of deposits when submitting them via `lighthouse account validator deposit`.

The impact on performance is likely to be minimal because waiting for an Eth1 transaction confirmation takes a lot longer than verifying a single signature.

It would be great to have the same protection in the deposit web UI in the Lighthouse Book, but I imagine that will be obsoleted by the validator web UI work.
This commit is contained in:
Michael Sproul 2020-07-31 05:47:11 +00:00
parent 4d77784bb8
commit d0f1a3e59f
2 changed files with 11 additions and 0 deletions

View File

@ -11,6 +11,7 @@ slog = "2.5.2"
slog-term = "2.5.0" slog-term = "2.5.0"
slog-async = "2.5.0" slog-async = "2.5.0"
types = { path = "../consensus/types" } types = { path = "../consensus/types" }
state_processing = { path = "../consensus/state_processing" }
dirs = "2.0.2" dirs = "2.0.2"
environment = { path = "../lighthouse/environment" } environment = { path = "../lighthouse/environment" }
deposit_contract = { path = "../common/deposit_contract" } deposit_contract = { path = "../common/deposit_contract" }

View File

@ -7,6 +7,7 @@ use futures::{
stream::{FuturesUnordered, StreamExt}, stream::{FuturesUnordered, StreamExt},
}; };
use slog::{info, Logger}; use slog::{info, Logger};
use state_processing::per_block_processing::verify_deposit_signature;
use std::path::PathBuf; use std::path::PathBuf;
use tokio::time::{delay_until, Duration, Instant}; use tokio::time::{delay_until, Duration, Instant};
use types::EthSpec; use types::EthSpec;
@ -135,6 +136,7 @@ where
<T2 as web3::Transport>::Out: std::marker::Send, <T2 as web3::Transport>::Out: std::marker::Send,
{ {
let web3 = Web3::new(transport); let web3 = Web3::new(transport);
let spec = env.eth2_config.spec.clone();
let deposits_fut = async { let deposits_fut = async {
poll_until_synced(web3.clone(), log.clone()).await?; poll_until_synced(web3.clone(), log.clone()).await?;
@ -143,6 +145,14 @@ where
let futures = FuturesUnordered::default(); let futures = FuturesUnordered::default();
for (ref mut validator_dir, eth1_deposit_data) in chunk.iter_mut() { for (ref mut validator_dir, eth1_deposit_data) in chunk.iter_mut() {
verify_deposit_signature(&eth1_deposit_data.deposit_data, &spec).map_err(|e| {
format!(
"Deposit for {:?} fails verification, \
are you using the correct testnet configuration?\nError: {:?}",
eth1_deposit_data.deposit_data.pubkey, e
)
})?;
let web3 = web3.clone(); let web3 = web3.clone();
let log = log.clone(); let log = log.clone();
futures.push(async move { futures.push(async move {