Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: require signatures to prove control of signer-key in pox #4277

Merged
merged 34 commits into from
Feb 8, 2024
+1,599 −151
Merged

feat: require signatures to prove control of signer-key in pox #4277

Show file tree
Hide file tree
Changes from 27 commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
44b8f56
feat: add sip18 structured data signing
hstove Jan 23, 2024
1bdc815
feat: verify signing-key in delegate-stack-stx
hstove Jan 23, 2024
bdd9c5f
feat: unit tests for `verify-signing-key-signature`
hstove Jan 24, 2024
ed61fce
feat: validate signer-key in stack-stx
hstove Jan 24, 2024
11b46ab
feat: add signer-sig to stack-extend
hstove Jan 24, 2024
ffa1946
feat: add signer-sig to `stack-aggregation-commit`
hstove Jan 29, 2024
353c154
feat: use `pox-addr` in signer sig message hash
hstove Jan 29, 2024
1baec49
feat: helper function to generate structured domain tuple
hstove Jan 29, 2024
020997c
feat: explicit sig validation tests for `stack-agg-commit`
hstove Jan 29, 2024
10246f6
fix: improve `expect` msg, remove duplicate code
hstove Jan 31, 2024
30decf8
fix: signer sig in nakamoto integrations
hstove Feb 2, 2024
db11669
fix: generating sha in signed_structured_data
hstove Feb 2, 2024
1d7caa7
fix: try fixing compiler error on serialization
hstove Feb 2, 2024
4bb930d
fix: proper stack-stx signature in mockamoto tests
hstove Feb 2, 2024
aa3fd46
fix: arguments used in synthetic pox events
hstove Feb 2, 2024
a5b3135
fix: typo in synthetic events
hstove Feb 2, 2024
53427cf
feat: test for correct lock event
hstove Feb 2, 2024
3c0bbb2
fix: fix stack-stx sig in new tests from merge
hstove Feb 2, 2024
7f71cbd
fix: compiler unhandled result error
hstove Feb 2, 2024
603ff72
feat: add explicit `reward-cycle` to verify-signer-signature functions
hstove Feb 5, 2024
99d1300
merge 'next' into 'feat/signer-delegate-control'
hstove Feb 5, 2024
581bd0b
fix: typo from merge
hstove Feb 5, 2024
660059f
wip: updated pox-4 signature data
hstove Feb 5, 2024
853494a
feat: updated stack-stx signatures in integration tests
hstove Feb 6, 2024
f862328
Merge remote-tracking branch 'origin/next' into feat/signer-delegate-…
hstove Feb 6, 2024
9504544
fix: use provided `reward-cycle` in sig for stack-agg-commit
hstove Feb 6, 2024
6d89e29
fix: typo in getting reward cycle
hstove Feb 6, 2024
2e7d682
fix: use `define_named_enum!` for pox-4 topic
hstove Feb 8, 2024
dbacfd0
feat: add unit test for generating pox-4 message hash
hstove Feb 8, 2024
2c742be
fix: cleaned up formatting/style in pox-4
hstove Feb 8, 2024
2e3de7d
Merge branch 'next' into feat/signer-delegate-control
jcnelson Feb 8, 2024
ef1c917
fix: remove unused enum
hstove Feb 8, 2024
ef0aaba
chore: changelog entry for signer-sig param
hstove Feb 8, 2024
e577816
Merge remote branch 'next' into 'feat/signer-delegate-control'
hstove Feb 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 16 additions & 7 deletions pox-locking/src/events.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,15 +129,18 @@ fn create_event_info_data_code(
;; equal to args[3]
lock-period: {lock_period},
;; equal to args[4]
signer-key: {signer_key}
signer-sig: {signer_sig},
;; equal to args[5]
signer-key: {signer_key},
}}
}}
"#,
lock_amount = &args[0],
lock_period = &args[3],
pox_addr = &args[1],
start_burn_height = &args[2],
signer_key = &args.get(4).unwrap_or(&Value::none()),
signer_sig = &args.get(4).unwrap_or(&Value::none()),
signer_key = &args.get(5).unwrap_or(&Value::none()),
)
}
"delegate-stack-stx" => {
Expand All @@ -164,7 +167,7 @@ fn create_event_info_data_code(
delegator: tx-sender,
;; stacker
;; equal to args[0]
stacker: '{stacker}
stacker: '{stacker},
}}
}}
"#,
Expand Down Expand Up @@ -249,13 +252,16 @@ fn create_event_info_data_code(
;; new unlock burnchain block height
unlock-burn-height: new-unlock-ht,
;; equal to args[2]
signer-key: {signer_key}
signer-sig: {signer_sig},
;; equal to args[3]
signer-key: {signer_key},
}}
}})
"#,
extend_count = &args[0],
pox_addr = &args[1],
signer_key = &args.get(2).map_or("none".to_string(), |v| v.to_string()),
signer_sig = &args.get(2).unwrap_or(&Value::none()),
signer_key = &args.get(3).map_or("none".to_string(), |v| v.to_string()),
)
}
"delegate-stack-extend" => {
Expand Down Expand Up @@ -313,13 +319,16 @@ fn create_event_info_data_code(
;; delegator (this is the caller)
delegator: tx-sender,
;; equal to args[2]
signer-key: {signer_key}
signer-sig: {signer_sig},
;; equal to args[3]
signer-key: {signer_key},
}}
}}
"#,
pox_addr = &args[0],
reward_cycle = &args[1],
signer_key = &args.get(2).unwrap_or(&Value::none()),
signer_sig = &args.get(2).unwrap_or(&Value::none()),
signer_key = &args.get(3).unwrap_or(&Value::none()),
)
}
"stack-aggregation-increase" => {
Expand Down
5 changes: 5 additions & 0 deletions stacks-common/src/util/secp256k1.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,11 @@ impl MessageSignature {
Err(_) => None,
}
}

/// Convert from VRS to RSV
pub fn to_rsv(&self) -> Vec<u8> {
[&self.0[1..], &self.0[0..1]].concat()
}
}

#[cfg(any(test, feature = "testing"))]
Expand Down
22 changes: 16 additions & 6 deletions stackslib/src/chainstate/nakamoto/coordinator/tests.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,13 +30,13 @@ use wsts::curve::point::Point;

use crate::chainstate::burn::db::sortdb::{SortitionDB, SortitionHandle};
use crate::chainstate::burn::operations::BlockstackOperationType;
use crate::chainstate::coordinator::tests::p2pkh_from;
use crate::chainstate::coordinator::tests::{p2pkh_from, pox_addr_from};
use crate::chainstate::nakamoto::tests::get_account;
use crate::chainstate::nakamoto::tests::node::{TestSigners, TestStacker};
use crate::chainstate::nakamoto::{NakamotoBlock, NakamotoChainState};
use crate::chainstate::stacks::address::PoxAddress;
use crate::chainstate::stacks::boot::test::{
key_to_stacks_addr, make_pox_4_aggregate_key, make_pox_4_lockup,
key_to_stacks_addr, make_pox_4_aggregate_key, make_pox_4_lockup, make_signer_key_signature,
};
use crate::chainstate::stacks::boot::MINERS_NAME;
use crate::chainstate::stacks::db::{MinerPaymentTxFees, StacksAccount, StacksChainState};
Expand All @@ -51,6 +51,7 @@ use crate::net::relay::Relayer;
use crate::net::stackerdb::StackerDBConfig;
use crate::net::test::{TestEventObserver, TestPeer, TestPeerConfig};
use crate::util_lib::boot::boot_code_id;
use crate::util_lib::signed_structured_data::pox4::Pox4SignatureTopic;

/// Bring a TestPeer into the Nakamoto Epoch
fn advance_to_nakamoto(
Expand All @@ -75,19 +76,28 @@ fn advance_to_nakamoto(
test_stackers
.iter()
.map(|test_stacker| {
let pox_addr = PoxAddress::from_legacy(
AddressHashMode::SerializeP2PKH,
addr.bytes.clone(),
);
let signature = make_signer_key_signature(
&pox_addr,
&test_stacker.signer_private_key,
6,
&Pox4SignatureTopic::StackStx,
12_u128,
);
let signing_key =
StacksPublicKey::from_private(&test_stacker.signer_private_key);
make_pox_4_lockup(
&test_stacker.stacker_private_key,
0,
test_stacker.amount,
PoxAddress::from_legacy(
AddressHashMode::SerializeP2PKH,
addr.bytes.clone(),
),
pox_addr.clone(),
12,
signing_key,
34,
signature,
)
})
.collect()
Expand Down
57 changes: 51 additions & 6 deletions stackslib/src/chainstate/stacks/boot/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1331,7 +1331,9 @@ pub mod test {
use clarity::vm::contracts::Contract;
use clarity::vm::tests::symbols_from_values;
use clarity::vm::types::*;
use stacks_common::util::hash::to_hex;
use stacks_common::types::PrivateKey;
use stacks_common::util::hash::Sha256Sum;
use stacks_common::util::secp256k1::{Secp256k1PrivateKey, Secp256k1PublicKey};
use stacks_common::util::*;

use super::*;
Expand All @@ -1350,6 +1352,12 @@ pub mod test {
use crate::core::{StacksEpochId, *};
use crate::net::test::*;
use crate::util_lib::boot::{boot_code_id, boot_code_test_addr};
use crate::util_lib::signed_structured_data::pox4::{
make_pox_4_signer_key_signature, Pox4SignatureTopic,
};
use crate::util_lib::signed_structured_data::{
make_structured_data_domain, sign_structured_data,
};

pub const TESTNET_STACKING_THRESHOLD_25: u128 = 8000;

Expand Down Expand Up @@ -1839,6 +1847,7 @@ pub mod test {
lock_period: u128,
signer_key: StacksPublicKey,
burn_ht: u64,
signature: Vec<u8>,
) -> StacksTransaction {
let addr_tuple = Value::Tuple(addr.as_clarity_tuple().unwrap());
let payload = TransactionPayload::new_contract_call(
Expand All @@ -1850,6 +1859,7 @@ pub mod test {
addr_tuple,
Value::UInt(burn_ht as u128),
Value::UInt(lock_period),
Value::buff_from(signature).unwrap(),
Value::buff_from(signer_key.to_bytes_compressed()).unwrap(),
],
)
Expand Down Expand Up @@ -1988,6 +1998,7 @@ pub mod test {
addr: PoxAddress,
lock_period: u128,
signer_key: StacksPublicKey,
signature: Vec<u8>,
) -> StacksTransaction {
let addr_tuple = Value::Tuple(addr.as_clarity_tuple().unwrap());
let payload = TransactionPayload::new_contract_call(
Expand All @@ -1997,6 +2008,7 @@ pub mod test {
vec![
Value::UInt(lock_period),
addr_tuple,
Value::buff_from(signature).unwrap(),
Value::buff_from(signer_key.to_bytes_compressed()).unwrap(),
],
)
Expand Down Expand Up @@ -2088,17 +2100,22 @@ pub mod test {
pub fn make_pox_4_aggregation_commit_indexed(
key: &StacksPrivateKey,
nonce: u64,
amount: u128,
delegate_to: PrincipalData,
until_burn_ht: Option<u128>,
pox_addr: PoxAddress,
pox_addr: &PoxAddress,
reward_cycle: u128,
signature: Vec<u8>,
signer_key: &Secp256k1PublicKey,
) -> StacksTransaction {
let addr_tuple = Value::Tuple(pox_addr.as_clarity_tuple().unwrap());
let payload = TransactionPayload::new_contract_call(
boot_code_test_addr(),
POX_4_NAME,
"stack-aggregation-commit-indexed",
vec![addr_tuple, Value::UInt(amount)],
vec![
addr_tuple,
Value::UInt(reward_cycle),
Value::buff_from(signature).unwrap(),
Value::buff_from(signer_key.to_bytes_compressed()).unwrap(),
],
)
.unwrap();

Expand Down Expand Up @@ -2155,6 +2172,26 @@ pub mod test {
make_tx(key, nonce, 0, payload)
}

pub fn make_signer_key_signature(
pox_addr: &PoxAddress,
signer_key: &StacksPrivateKey,
reward_cycle: u128,
topic: &Pox4SignatureTopic,
period: u128,
) -> Vec<u8> {
let signature = make_pox_4_signer_key_signature(
pox_addr,
signer_key,
reward_cycle,
topic,
CHAIN_ID_TESTNET,
period,
)
.unwrap();

signature.to_rsv()
}

fn make_tx(
key: &StacksPrivateKey,
nonce: u64,
Expand Down Expand Up @@ -2477,6 +2514,14 @@ pub mod test {
parent_tip
}

pub fn get_current_reward_cycle(peer: &TestPeer, burnchain: &Burnchain) -> u128 {
let tip = SortitionDB::get_canonical_burn_chain_tip(&peer.sortdb.as_ref().unwrap().conn())
.unwrap();
burnchain
.block_height_to_reward_cycle(tip.block_height)
.unwrap() as u128
}

#[test]
fn test_liquid_ustx() {
let mut burnchain = Burnchain::default_unittest(
Expand Down
Loading