From 775119cdf62c332e76e192ac7b5422d7257fdebf Mon Sep 17 00:00:00 2001
From: NicolasCantu <nicolas.cantu@pm.me>
Date: Mon, 21 Oct 2024 13:01:17 +0200
Subject: [PATCH] Check a prd is not signed by ourselves when extracting from
 message

---
 src/prd.rs | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/src/prd.rs b/src/prd.rs
index edbea89..0cadfaf 100644
--- a/src/prd.rs
+++ b/src/prd.rs
@@ -128,7 +128,7 @@ impl Prd {
         }
     }
 
-    fn _extract_from_message(plain: &[u8], commitment: Option<&AnkPrdHash>) -> Result<Self> {
+    fn _extract_from_message(plain: &[u8], local_address: SilentPaymentAddress, commitment: Option<&AnkPrdHash>) -> Result<Self> {
         let prd: Prd = serde_json::from_slice(plain)?;
         if let Some(commitment) = commitment {
             // check that the hash of the prd is consistent with what's commited in the op_return
@@ -138,10 +138,17 @@ impl Prd {
                 ));
             }
         }
+
         // check that the proof is consistent
-        let sender: Member = serde_json::from_str(&prd.sender)?;
         if let Some(proof) = prd.proof {
+            let proof_key = proof.get_key();
+            let local_spend_key: XOnlyPublicKey = local_address.get_spend_key().x_only_public_key().0;
+            // If it's our own device key we abort
+            if proof_key == local_spend_key {
+                return Err(anyhow::Error::msg("Proof signed with an unknown key"));
+            }
             // take the spending keys in sender
+            let sender: Member = serde_json::from_str(&prd.sender)?;
             let addresses = sender.get_addresses();
             let mut spend_keys: Vec<XOnlyPublicKey> = vec![];
             for address in addresses {
@@ -153,7 +160,6 @@ impl Prd {
                 );
             }
             // The key in proof must be one of the sender keys
-            let proof_key = proof.get_key();
             let mut known_key = false;
             for key in spend_keys {
                 if key == proof_key {
@@ -165,21 +171,24 @@ impl Prd {
                 return Err(anyhow::Error::msg("Proof signed with an unknown key"));
             }
             proof.verify()?;
+        } else {
+            log::warn!("No proof for prd with root_commitment {}", prd.root_commitment);
         }
         // check that the commitment outpoint is valid, just in case
         OutPoint::from_str(&prd.root_commitment)?;
         Ok(prd)
     }
 
-    pub fn extract_from_message(plain: &[u8]) -> Result<Self> {
-        Self::_extract_from_message(plain, None)
+    pub fn extract_from_message(plain: &[u8], local_address: SilentPaymentAddress) -> Result<Self> {
+        Self::_extract_from_message(plain, local_address, None)
     }
 
     pub fn extract_from_message_with_commitment(
         plain: &[u8],
+        local_address: SilentPaymentAddress,
         commitment: &AnkPrdHash,
     ) -> Result<Self> {
-        Self::_extract_from_message(plain, Some(commitment))
+        Self::_extract_from_message(plain, local_address, Some(commitment))
     }
 
     pub fn filter_keys(&mut self, to_keep: HashSet<String>) {