4nk/sdk_common
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check a prd is not signed by ourselves when extracting from message

Browse Source
This commit is contained in:
NicolasCantu 2024-10-21 13:01:17 +02:00 committed by Nicolas Cantu
parent 5e6c447942
commit 7608271c12
1 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/prd.rs
View File

@ -128,7 +128,7 @@ impl Prd {
} }
} }
fn _extract_from_message(plain: &[u8], commitment: Option<&AnkPrdHash>) -> Result<Self> { fn _extract_from_message(plain: &[u8], local_address: SilentPaymentAddress, commitment: Option<&AnkPrdHash>) -> Result<Self> {
let prd: Prd = serde_json::from_slice(plain)?; let prd: Prd = serde_json::from_slice(plain)?;
if let Some(commitment) = commitment { if let Some(commitment) = commitment {
// check that the hash of the prd is consistent with what's commited in the op_return // check that the hash of the prd is consistent with what's commited in the op_return
@ -138,10 +138,17 @@ impl Prd {
)); ));
} }
} }
// check that the proof is consistent // check that the proof is consistent
let sender: Member = serde_json::from_str(&prd.sender)?;
if let Some(proof) = prd.proof { if let Some(proof) = prd.proof {
let proof_key = proof.get_key();
let local_spend_key: XOnlyPublicKey = local_address.get_spend_key().x_only_public_key().0;
// If it's our own device key we abort
if proof_key == local_spend_key {
return Err(anyhow::Error::msg("Proof signed with an unknown key"));
}
// take the spending keys in sender // take the spending keys in sender
let sender: Member = serde_json::from_str(&prd.sender)?;
let addresses = sender.get_addresses(); let addresses = sender.get_addresses();
let mut spend_keys: Vec<XOnlyPublicKey> = vec![]; let mut spend_keys: Vec<XOnlyPublicKey> = vec![];
for address in addresses { for address in addresses {
@ -153,7 +160,6 @@ impl Prd {
); );
} }
// The key in proof must be one of the sender keys // The key in proof must be one of the sender keys
let proof_key = proof.get_key();
let mut known_key = false; let mut known_key = false;
for key in spend_keys { for key in spend_keys {
if key == proof_key { if key == proof_key {
@ -165,21 +171,24 @@ impl Prd {
return Err(anyhow::Error::msg("Proof signed with an unknown key")); return Err(anyhow::Error::msg("Proof signed with an unknown key"));
} }
proof.verify()?; proof.verify()?;
} else {
log::warn!("No proof for prd with root_commitment {}", prd.root_commitment);
} }
// check that the commitment outpoint is valid, just in case // check that the commitment outpoint is valid, just in case
OutPoint::from_str(&prd.root_commitment)?; OutPoint::from_str(&prd.root_commitment)?;
Ok(prd) Ok(prd)
} }
pub fn extract_from_message(plain: &[u8]) -> Result<Self> { pub fn extract_from_message(plain: &[u8], local_address: SilentPaymentAddress) -> Result<Self> {
Self::_extract_from_message(plain, None) Self::_extract_from_message(plain, local_address, None)
} }
pub fn extract_from_message_with_commitment( pub fn extract_from_message_with_commitment(
plain: &[u8], plain: &[u8],
local_address: SilentPaymentAddress,
commitment: &AnkPrdHash, commitment: &AnkPrdHash,
) -> Result<Self> { ) -> Result<Self> {
Self::_extract_from_message(plain, Some(commitment)) Self::_extract_from_message(plain, local_address, Some(commitment))
} }
pub fn filter_keys(&mut self, to_keep: HashSet<String>) { pub fn filter_keys(&mut self, to_keep: HashSet<String>) {