From 04e0ea2c0f4c7ba07e61de9008c3f8a0c09df1f8 Mon Sep 17 00:00:00 2001 From: Roman Khimov Date: Thu, 25 Mar 2021 11:55:06 +0300 Subject: [PATCH] stateroot: sign extensible payloads being sent! Unsigned payloads are considered to be invalid for some reason. --- pkg/services/stateroot/network.go | 19 ++++++++++++++++--- pkg/services/stateroot/validators.go | 13 +++++++++++-- 2 files changed, 27 insertions(+), 5 deletions(-) diff --git a/pkg/services/stateroot/network.go b/pkg/services/stateroot/network.go index a98e1af82..9f72b7758 100644 --- a/pkg/services/stateroot/network.go +++ b/pkg/services/stateroot/network.go @@ -7,8 +7,10 @@ import ( "github.com/nspcc-dev/neo-go/pkg/config" "github.com/nspcc-dev/neo-go/pkg/core/state" "github.com/nspcc-dev/neo-go/pkg/core/transaction" + "github.com/nspcc-dev/neo-go/pkg/crypto/keys" "github.com/nspcc-dev/neo-go/pkg/io" "github.com/nspcc-dev/neo-go/pkg/network/payload" + "github.com/nspcc-dev/neo-go/pkg/vm/emit" "go.uber.org/zap" ) @@ -20,6 +22,10 @@ func (s *service) AddSignature(height uint32, validatorIndex int32, sig []byte) if !s.MainCfg.Enabled { return nil } + acc := s.getAccount() + if acc == nil { + return nil + } pubs := s.GetStateValidators(height) if validatorIndex < 0 || int(validatorIndex) >= len(pubs) { @@ -49,7 +55,7 @@ func (s *service) AddSignature(height uint32, validatorIndex int32, sig []byte) if err != nil { s.log.Error("can't add validated state root", zap.Error(err)) } - s.sendValidatedRoot(sr) + s.sendValidatedRoot(sr, acc.PrivateKey()) } return nil } @@ -70,7 +76,7 @@ func (s *service) getIncompleteRoot(height uint32) *incompleteRoot { return incRoot } -func (s *service) sendValidatedRoot(r *state.MPTRoot) { +func (s *service) sendValidatedRoot(r *state.MPTRoot, priv *keys.PrivateKey) { w := io.NewBufBinWriter() m := NewMessage(s.Network, RootT, r) m.EncodeBinary(w.BinWriter) @@ -78,9 +84,16 @@ func (s *service) sendValidatedRoot(r *state.MPTRoot) { Network: s.Network, ValidBlockStart: r.Index, ValidBlockEnd: r.Index + transaction.MaxValidUntilBlockIncrement, - Sender: s.getAccount().PrivateKey().GetScriptHash(), + Sender: priv.GetScriptHash(), Data: w.Bytes(), + Witness: transaction.Witness{ + VerificationScript: s.getAccount().GetVerificationScript(), + }, } + sig := priv.SignHash(ep.GetSignedHash()) + buf := io.NewBufBinWriter() + emit.Bytes(buf.BinWriter, sig) + ep.Witness.InvocationScript = buf.Bytes() s.getRelayCallback()(ep) } diff --git a/pkg/services/stateroot/validators.go b/pkg/services/stateroot/validators.go index 359d2b779..298afc1ca 100644 --- a/pkg/services/stateroot/validators.go +++ b/pkg/services/stateroot/validators.go @@ -5,6 +5,7 @@ import ( "github.com/nspcc-dev/neo-go/pkg/core/transaction" "github.com/nspcc-dev/neo-go/pkg/io" "github.com/nspcc-dev/neo-go/pkg/network/payload" + "github.com/nspcc-dev/neo-go/pkg/vm/emit" "github.com/nspcc-dev/neo-go/pkg/wallet" "go.uber.org/zap" ) @@ -66,13 +67,21 @@ func (s *service) signAndSend(r *state.MPTRoot) error { if w.Err != nil { return w.Err } - s.getRelayCallback()(&payload.Extensible{ + e := &payload.Extensible{ Network: s.Network, ValidBlockStart: r.Index, ValidBlockEnd: r.Index + transaction.MaxValidUntilBlockIncrement, Sender: s.getAccount().PrivateKey().GetScriptHash(), Data: w.Bytes(), - }) + Witness: transaction.Witness{ + VerificationScript: s.getAccount().GetVerificationScript(), + }, + } + sig = acc.PrivateKey().SignHash(e.GetSignedHash()) + buf := io.NewBufBinWriter() + emit.Bytes(buf.BinWriter, sig) + e.Witness.InvocationScript = buf.Bytes() + s.getRelayCallback()(e) return nil }