search

Grinnode-live / 2020-grin-bug-bash-challenge

Finding bugs in Grin-Wallet & Grin-nodes for a bounty prior to Grin fork v5.
3 stars 1 forks source link

[GRIN-Wallet] Slatepack payment proof export and verification [invalid-proof] #19

Closed phyro closed 3 years ago

phyro commented 3 years ago

Description: By default, whenever a transaction is sent to a destination Slatepack Address, a payment proof is created automatically. Test that export and verification of a payment proof does not work for invalid proofs.

Note that as of right now, the payment proofs only work for the sender-initiated flow. They can't be done with the receiver-initiated flow (invoice).

Prerequisites: Setup two GRIN-Wallets (1) + (2) and send funds from wallet (1) to wallet (2) via Slatepacks through either Tor or Text method. This should create a payment proof for the sender.

There are 2 ways to make the proof invalid:

  1. The transaction is not broadcasted which means that the kernel commitment isn't on the chain. To test this, we should not broadcast the tx.
  2. The transactions is broadcasted which means the kernel commitment is on the chain, but the signatures are not valid. We can make the proof invalid by exporting the payment proof and slightly changing the amount or sender_address value (or possibly alter the signature of the receiver or sender to make only one of them invalid)

Example: The sender (wallet who finalized tx) can export the payment proof by specifying the tx-id (-i) or tx-log-id (-t) of a transaction, and choosing the path for the proof file, e.g:

grin-wallet export_proof -i 4 "~/Documents/proof.txt"

He can then provide this proof to any wallet for verification. To verify:

grin-wallet verify_proof /path/proof.txt

This will ensure that:

Expected result: Payment proof verification should result in an invalid payment proof.

Proof not valid: ...

Note: More about these flows can be read on:

  1. https://docs.grin.mw/wiki/services/slatepack-integration/#payment-proofs
  2. https://docs.grin.mw/wiki/transactions/payment-proofs/
  3. https://docs.grin.mw/getting-started/quickstart/send/ Include the output of command
grin-wallet -V

and your environment

uname -a
mojitoo commented 3 years ago

Prerequisites:

Step 1 (altering a valid proof of payment)

We can make the proof invalid by exporting the payment proof and slightly changing the amount or sender_address value (or possibly alter the signature of the receiver or sender to make only one of them invalid)

{
  "amount": "100000000",
  "excess": "0921b43153863b028ee2e46a52d915233b1e2a897dbc3d31e36a20015c85d846df",
  "recipient_address": "grin1vm68yyu6f5gyz7tk7zwjf2ws5vu44wkyurd84as0tnums2fsahks8x3zjc",
  "recipient_sig": "01b6c6d48ab46997c3e8fb0993390cfde7aa4de42a52622fb74cd0a8906d30ead017253caa20f9850f48434b501f7a23aae169b27064fc4a2745edbb6724da01",
  "sender_address": "grin12wktxlyfx62wx48ldn55katd8zm5d6qfa6mupt9r4uul8eqxagsqct3je5",
  "sender_sig": "0f3883b5413bb0e98136e5a84e112d5ffa5ab1db82f0997809692d09d3677610b168b26b76389deb18027b7fa0a3dd77d96729b5ee96b80e6682dd65259ce703"
}

let's try to slightly change the amount and use verify_proof command to check the integrity of the transaction.

Step 2 (verifying an invalid proof of payment)

grin-wallet verify_proof "/Users/workstation/Downloads/proof_invalid.txt"
Password: 
20201219 11:28:07.469 ERROR grin_wallet_controller::command - Proof not valid: Payment Proof generation error: Invalid recipient signature
Wallet command failed: LibWallet Error: Payment Proof generation error: Invalid recipient signature

Proof of payment was not valid in our case

marekyggdrasil commented 3 years ago

@mojitoo please include the output of command

grin-wallet -V

and your environment

uname -a
mojitoo commented 3 years ago