Failed to sign a reveal

trilitech / ledger-app-tezos-baking

Ledgacy ledger app for Tezos

Apache License 2.0

0 stars 1 forks source link

Failed to sign a reveal #11

Closed spalmer25 closed 7 months ago

spalmer25 commented 7 months ago

The signature of a reveal operation seems authorised but fails.

spalmer25 commented 7 months ago

Investigation: In apdu_sign, there is a condition that checks that the destination is the same as the authorised key. This makes sense for delegation, but reveal has no destination (but a public key).

A comment in operations.c indicates that reveal isn't that dangerous. Do we want to check the public_key of reveal instead of the destination?

spalmer25 commented 7 months ago

However, it is possible to sign a reveal if it's part of the same batch of operations as a delegation.

emturner commented 7 months ago

I think it would be good to assert that pk of reveal == authorized key, and fail otherwise