Make ECDSA signature verification customizable #2019
Conversation
|
cc @xlc @ermalkaleci |
|
@xlc I am not if we can utilize this since when you do the mocking we have only the address and not the public key |
|
@tomaka is this public key passed on |
lib/src/executor/host.rs
Outdated
| let sig = expect_pointer_constant_size!(0, 65); | ||
| let msg = expect_pointer_constant_size!(1, 32); | ||
| let is_v2 = matches!( | ||
| let (message_ptr, message_size) = expect_pointer_size_raw!(1); |
There was a problem hiding this comment.
@tomaka I tried but got unreachable at this line
message_ptr: expect_pointer_constant_size_raw!(1, 32),
message_size: 32,
seems to fix the panic
There was a problem hiding this comment.
although I still don't know how we can create a mocked signature with valid public
The public key needs to be a valid ECDSA public key, but it is not checked against the signature. |
|
@ermalkaleci the idea is to embed a valid public key in the signature and we can just read and return it |
Yes but we have only the address, not public key. |
|
it is possible to get public key from a valid signature so for most of the use cases, we can find signature from old tx and use it to get public key. so mocking wouldn’t work for address never signed a tx but that’s fine. it also means automatic mock would be a bit complicated. maybe we require user to supply a valid signature |
|
Yes that's my point. |
Close #2016
This adds a new variant to the runtime-call-enums, which this time concerns ECDSA signatures verification.
It works exactly the same way as
SignatureVerification, except that you have to provide a public key on success. The possible errors are also more details than just "success" or "failure".I went with panicking if the public key provided by the API user is invalid. This only concerns the case when
resumeinstead ofverify_and_resumeis called. I don't want to expose the private types oflibsecp256k1, and adding yet another type for parsing the public key seems cumbersome.I haven't tested this code because I don't think that this is used in any of the relay chains, and I also don't know which parachain uses it and how to easily test this.
However, assuming that the code worked before (which isn't 100% sure for the same reasons), it should still work as the changes were pretty straight forward.
Work time: 1h