stateroot: sign extensible payloads being sent!

Unsigned payloads are considered to be invalid for some reason.
2021-03-25 11:55:06 +03:00 · 2021-03-25 11:55:06 +03:00 · 04e0ea2c0f
commit 04e0ea2c0f
parent 0248e2c0d2
2 changed files with 27 additions and 5 deletions
--- a/pkg/services/stateroot/network.go
+++ b/pkg/services/stateroot/network.go
@ -7,8 +7,10 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/config"
 	"github.com/nspcc-dev/neo-go/pkg/core/state"
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
+	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/network/payload"
+	"github.com/nspcc-dev/neo-go/pkg/vm/emit"
 	"go.uber.org/zap"
 )

@ -20,6 +22,10 @@ func (s *service) AddSignature(height uint32, validatorIndex int32, sig []byte)
 	if !s.MainCfg.Enabled {
 		return nil
 	}
+	acc := s.getAccount()
+	if acc == nil {
+		return nil
+	}

 	pubs := s.GetStateValidators(height)
 	if validatorIndex < 0 || int(validatorIndex) >= len(pubs) {
@ -49,7 +55,7 @@ func (s *service) AddSignature(height uint32, validatorIndex int32, sig []byte)
 		if err != nil {
 			s.log.Error("can't add validated state root", zap.Error(err))
 		}
-		s.sendValidatedRoot(sr)
+		s.sendValidatedRoot(sr, acc.PrivateKey())
 	}
 	return nil
 }
@ -70,7 +76,7 @@ func (s *service) getIncompleteRoot(height uint32) *incompleteRoot {
 	return incRoot
 }

-func (s *service) sendValidatedRoot(r *state.MPTRoot) {
+func (s *service) sendValidatedRoot(r *state.MPTRoot, priv *keys.PrivateKey) {
 	w := io.NewBufBinWriter()
 	m := NewMessage(s.Network, RootT, r)
 	m.EncodeBinary(w.BinWriter)
@ -78,9 +84,16 @@ func (s *service) sendValidatedRoot(r *state.MPTRoot) {
 		Network:         s.Network,
 		ValidBlockStart: r.Index,
 		ValidBlockEnd:   r.Index + transaction.MaxValidUntilBlockIncrement,
-		Sender:          s.getAccount().PrivateKey().GetScriptHash(),
+		Sender:          priv.GetScriptHash(),
 		Data:            w.Bytes(),
+		Witness: transaction.Witness{
+			VerificationScript: s.getAccount().GetVerificationScript(),
+		},
 	}
+	sig := priv.SignHash(ep.GetSignedHash())
+	buf := io.NewBufBinWriter()
+	emit.Bytes(buf.BinWriter, sig)
+	ep.Witness.InvocationScript = buf.Bytes()
 	s.getRelayCallback()(ep)
 }

--- a/pkg/services/stateroot/validators.go
+++ b/pkg/services/stateroot/validators.go
@ -5,6 +5,7 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/core/transaction"
 	"github.com/nspcc-dev/neo-go/pkg/io"
 	"github.com/nspcc-dev/neo-go/pkg/network/payload"
+	"github.com/nspcc-dev/neo-go/pkg/vm/emit"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"go.uber.org/zap"
 )
@ -66,13 +67,21 @@ func (s *service) signAndSend(r *state.MPTRoot) error {
 	if w.Err != nil {
 		return w.Err
 	}
-	s.getRelayCallback()(&payload.Extensible{
+	e := &payload.Extensible{
 		Network:         s.Network,
 		ValidBlockStart: r.Index,
 		ValidBlockEnd:   r.Index + transaction.MaxValidUntilBlockIncrement,
 		Sender:          s.getAccount().PrivateKey().GetScriptHash(),
 		Data:            w.Bytes(),
-	})
+		Witness: transaction.Witness{
+			VerificationScript: s.getAccount().GetVerificationScript(),
+		},
+	}
+	sig = acc.PrivateKey().SignHash(e.GetSignedHash())
+	buf := io.NewBufBinWriter()
+	emit.Bytes(buf.BinWriter, sig)
+	e.Witness.InvocationScript = buf.Bytes()
+	s.getRelayCallback()(e)
 	return nil
 }