near: verify signatures through HostFunctionProvider (#8)

* near: verify signatures through HostFunctionProvider

* rename signature recovery to verification

* rm verify method on signature

Use host functions directly instead

modules/src/clients/host_functions.rs

@@ -16,7 +16,7 @@ pub trait HostFunctionsProvider: Clone {
     ) -> Option<Vec<u8>>;
 
     /// Recover the ED25519 pubkey that produced this signature
-    fn ed25519_recover(signature: &[u8; 64], value: &[u8; 32]) -> Option<Vec<u8>>;
+    fn ed25519_verify(signature: &[u8; 64], value: &[u8; 32], pubkey: &[u8]) -> bool;
 
     /// This function should verify membership in a trie proof using parity's sp-trie package
     /// with a BlakeTwo256 Hasher

modules/src/clients/ics13_near/client_def.rs

@@ -239,7 +239,8 @@ impl<T: HostFunctionsProvider> ClientDef for NearClient<T> {
     }
 }
 
-// TODO: refactor to use [`HostFunctions`]
+/// validates a light block that's contained on the `NearHeader` based on the current
+/// state of the light client.
 pub fn validate_light_block<H: HostFunctionsProvider>(
     header: &NearHeader,
     client_state: NearClientState,
@@ -259,7 +260,7 @@ pub fn validate_light_block<H: HostFunctionsProvider>(
 
     let new_block_view = header.get_light_client_block_view();
     let current_block_view = client_state.get_head();
-    let (_current_block_hash, _next_block_hash, _approval_message) =
+    let (_current_block_hash, _next_block_hash, approval_message) =
         reconstruct_light_client_block_view_fields::<H>(new_block_view)?;
 
     // (1)
@@ -307,14 +308,16 @@ pub fn validate_light_block<H: HostFunctionsProvider>(
 
         approved_stake += bp_stake;
 
-        let _validator_public_key = bp_stake_view.public_key.clone();
-        // if !maybe_signature
-        //     .as_ref()
-        //     .unwrap()
-        //     .verify::<H>(&H::sha256_digest(&approval_message), validator_public_key.clone())
-        // {
-        //     return Err(NearError::invalid_signature().into());
-        // }
+        let validator_public_key = &bp_stake_view.public_key;
+        let data = H::sha256_digest(&approval_message);
+        let signature = maybe_signature.as_ref().unwrap();
+        if H::ed25519_verify(
+            signature.get_inner(),
+            &data,
+            validator_public_key.get_inner(),
+        ) {
+            return Err(NearError::invalid_signature().into());
+        }
     }
 
     let threshold = total_stake * 2 / 3;

modules/src/clients/ics13_near/types.rs

@@ -41,33 +41,23 @@ impl Signature {
         Self::Ed25519(Ed25519Signature::from_raw(raw.try_into().unwrap()))
     }
 
-    pub fn as_bytes(&self) -> &[u8] {
+    pub fn get_inner(&self) -> &[u8; Self::LEN] {
         match self {
             Self::Ed25519(inner) => &inner.0,
         }
     }
-
-    // TODO: we might want to create a trait for signature verification
-    // or integrate this into HostFunctions
-    pub fn verify<T: HostFunctionsProvider>(
-        &self,
-        data: impl AsRef<[u8; 32]>,
-        public_key: PublicKey,
-    ) -> bool {
-        match self {
-            Self::Ed25519(signature) => T::ed25519_recover(signature.as_ref(), data.as_ref())
-                .map(|key| key == public_key.0.as_ref())
-                .unwrap_or(false),
-        }
-    }
 }
 
 impl PublicKey {
-    const _LEN: usize = 32;
+    const LEN: usize = 32;
 
     pub fn from_raw(raw: &[u8]) -> Self {
         Self(raw.try_into().unwrap())
     }
+
+    pub fn get_inner(&self) -> &[u8; Self::LEN] {
+        &self.0
+    }
 }
 
 impl TryFrom<&[u8]> for CryptoHash {

modules/src/test_utils.rs

@@ -84,8 +84,8 @@ impl HostFunctionsProvider for Crypto {
             .map(|val| val.to_vec())
     }
 
-    fn ed25519_recover(_signature: &[u8; 64], _value: &[u8; 32]) -> Option<Vec<u8>> {
-        todo!()
+    fn ed25519_verify(_signature: &[u8; 64], _value: &[u8; 32], public_key: &[u8; 32]) -> bool {
+        true
     }
 
     fn verify_membership_trie_proof(