search

maxonrow / maxonrow-go

Maxonrow Blockchain
https://www.maxonrow.com/
5 stars 6 forks source link

verifying multisig transaction uses signature slice and pubkey slice. #93

Closed yenkhoon closed 4 years ago

yenkhoon commented 4 years ago 
for _, stdSig := range stdSigs {
        // signerAcc is groupAccount
        signBytes := GetSignBytes(ctx, tx, signerAcc)
        matched := false
        for i, pubKey := range pubKeys {

            if pubKey == nil {
                continue
            }
            abc, _ := sdkTypes.AccAddressFromHex(pubKey.Address().String())
            fmt.Println(abc.String())
            if pubKey.VerifyBytes(signBytes, stdSig.Signature) {
                signedBy, err := sdkTypes.AccAddressFromHex(pubKey.Address().String())
                if err != nil {
                    return nil, err
                }
                if !signerAcc.IsSigner(signedBy) {
                    return nil, sdkTypes.ErrUnauthorized("Unauthorized signer: %v")
                }

                if !kycKeeper.IsWhitelisted(ctx, signedBy) {
                    return nil, sdkTypes.ErrInternal(fmt.Sprintf("Transaction signer is not whitelisted: %v", signer))
                }

                //
                pubKeys[i] = nil

                matched = true
                break
            } else {
                fmt.Println(string(stdSig.Signature))
            }
        }

        if !matched {
            return nil, sdkTypes.ErrUnauthorized("signature verification failed; verify correct account sequence and chain-id" + string(signBytes))
        }
    }

We cant certain the pubkey and signature are matching, slice is random the sequence is random. Once the signbytes failed to get verify, we will get signature verification error.

yenkhoon commented 4 years ago

@b00f @jeansoonsik

b00f commented 4 years ago

Can you explain ore how the signature verification can fail?

For any signature we iterate all the public keys to match them with the signature. Sequence should not be random here: In multi_sig sequence is same as tx_id which is not random and it is sequential. In non multi_sig there is always one public key and one signature.

githubckgoh1439 commented 4 years ago

YK & Mostafa,

I get this same error message while I testing for multiSig-NFTs by running this '/maxonrow-go/tests/multisigNFTs_test.go'.

You can refer this test-case :

  1. 'Create MultiSig Tx for NFTs [Approve-token] - Happy path - commit.'

Also under the issue been prompted out before this : -- https://github.com/maxonrow/maxonrow-go/pull/89

b00f commented 4 years ago

I get this same error message while I testing for multiSig-NFTs

@githubckgoh1439 Which message?

githubckgoh1439 commented 4 years ago

Hi, Mostafa

I run this test-case under file of 'tests/multisigNFTs_test.go' : [ Create MultiSig Tx for NFTs [Approve-token] - Happy path - commit.' ]

and get this error : [ return nil, sdkTypes.ErrUnauthorized("signature verification failed; verify correct account sequence and chain-id" + string(signBytes)) ]

Please help to check, since last Wednesday.

b00f commented 4 years ago

@githubckgoh1439 This is because it has wrong tx_id. is should be 3, not 0.