Skip to content

Commit

Permalink
Add recommended fix to module
Browse files Browse the repository at this point in the history
  • Loading branch information
cbrit committed Nov 1, 2023
1 parent 4b98c90 commit 34bca62
Showing 1 changed file with 24 additions and 1 deletion.
25 changes: 24 additions & 1 deletion module/x/gravity/types/ethereum_signer.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,10 @@ package types

import (
"crypto/ecdsa"
"fmt"
"math/big"

"cosmossdk.io/errors"
sdkerrors "github.com/cosmos/cosmos-sdk/types/errors"
"github.com/ethereum/go-ethereum/common"
"github.com/ethereum/go-ethereum/crypto"
Expand All @@ -21,20 +24,40 @@ func NewEthereumSignature(hash []byte, privateKey *ecdsa.PrivateKey) ([]byte, er
return crypto.Sign(protectedHash.Bytes(), privateKey)
}

// decodeSignature was duplicated from go-ethereum with slight modifications
func decodeSignature(sig []byte) (r, s *big.Int, v byte) {
if len(sig) != crypto.SignatureLength {
panic(fmt.Sprintf("wrong size for signature: got %d, want %d", len(sig), crypto.SignatureLength))
}
r = new(big.Int).SetBytes(sig[:32])
s = new(big.Int).SetBytes(sig[32:64])
if sig[64] == 27 || sig[64] == 28 {
v = sig[64] - 27
} else {
v = sig[64]
}
return r, s, v
}

// ValidateEthereumSignature takes a message, an associated signature and public key and
// returns an error if the signature isn't valid
func ValidateEthereumSignature(hash []byte, signature []byte, ethAddress common.Address) error {

/// signature to public key: invalid signature length: invalid
/// signature not matching: invalid: invalid
if len(signature) < 65 {
return sdkerrors.Wrapf(ErrInvalid, "signature too short signature %x", signature)
return errors.Wrapf(ErrInvalid, "signature too short signature %x", signature)
}

// Copy to avoid mutating signature slice by accident
var sigCopy = make([]byte, len(signature))
copy(sigCopy, signature)

r, s, v := decodeSignature(sigCopy)
if !crypto.ValidateSignatureValues(v, r, s, true) {
return errors.Wrap(ErrInvalid, "Signature values failed validation")
}

// To verify signature
// - use crypto.SigToPub to get the public key
// - use crypto.PubkeyToAddress to get the address
Expand Down

0 comments on commit 34bca62

Please sign in to comment.