-
Notifications
You must be signed in to change notification settings - Fork 51
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make ECDSA signature verification customizable #2019
base: main
Are you sure you want to change the base?
Conversation
cc @xlc @ermalkaleci |
@xlc I am not if we can utilize this since when you do the mocking we have only the address and not the public key |
@tomaka is this public key passed on |
lib/src/executor/host.rs
Outdated
let sig = expect_pointer_constant_size!(0, 65); | ||
let msg = expect_pointer_constant_size!(1, 32); | ||
let is_v2 = matches!( | ||
let (message_ptr, message_size) = expect_pointer_size_raw!(1); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tomaka I tried but got unreachable at this line
message_ptr: expect_pointer_constant_size_raw!(1, 32),
message_size: 32,
seems to fix the panic
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
although I still don't know how we can create a mocked signature with valid public
The public key needs to be a valid ECDSA public key, but it is not checked against the signature. |
@ermalkaleci the idea is to embed a valid public key in the signature and we can just read and return it |
Yes but we have only the address, not public key. |
it is possible to get public key from a valid signature so for most of the use cases, we can find signature from old tx and use it to get public key. so mocking wouldn’t work for address never signed a tx but that’s fine. it also means automatic mock would be a bit complicated. maybe we require user to supply a valid signature |
Yes that's my point. |
Hey! My understanding is that this will end up fixing this other Issue right? AcalaNetwork/chopsticks#845 What is the status :) Thanks ! |
Close #2016
This adds a new variant to the runtime-call-enums, which this time concerns ECDSA signatures verification.
It works exactly the same way as
SignatureVerification
, except that you have to provide a public key on success. The possible errors are also more details than just "success" or "failure".I went with panicking if the public key provided by the API user is invalid. This only concerns the case when
resume
instead ofverify_and_resume
is called. I don't want to expose the private types oflibsecp256k1
, and adding yet another type for parsing the public key seems cumbersome.I haven't tested this code because I don't think that this is used in any of the relay chains, and I also don't know which parachain uses it and how to easily test this.
However, assuming that the code worked before (which isn't 100% sure for the same reasons), it should still work as the changes were pretty straight forward.
Work time: 1h