Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Solomachine PubKey fixes #7823

Closed
AdityaSripal opened this issue Nov 5, 2020 · 4 comments · Fixed by #7883
Closed

Solomachine PubKey fixes #7823

AdityaSripal opened this issue Nov 5, 2020 · 4 comments · Fixed by #7883
Assignees
@colin-axner
Milestone
IBC 1.0 Implement...

Comments

@AdityaSripal
Copy link
Member

  • Change GetPubKey() to not panic if the cached value is nil
  • Determine what happens if we send multisignature to a single pubkey solomachine. Document or check pubkey is single pubkey
@cwgoes
Copy link
Contributor

cwgoes commented Nov 6, 2020

cc @colin-axner do you have any opinions here?

@colin-axner
Copy link
Contributor

  1. sounds reasonable to me.
  2. An error is returned which is correct.
multiPK, ok := pubKey.(multisig.PubKey)
        if !ok {
            return sdkerrors.Wrapf(ErrSignatureVerificationFailed, "invalid pubkey type: expected %T, got %T", (multisig.PubKey)(nil), pubKey)
        }

Multsigs cause the public key to be casted to a multsig pk, this will fail and the error above will be returned.

@colin-axner colin-axner self-assigned this Nov 9, 2020
@AdityaSripal
Copy link
Member Author

  1. You are talking about if we send a multisignature to a single pubkey. The issue is if we send a single signature to a multi pubkey (the inverse situation). In that case, VerifySignature will panic.

I suggest that we switch on pubkey type instead.

switch on multipubkey and then check inside that case that the signature is a multisignature before calling VerifyMultiSignature

Since I don't believe there is a separate interface for single pubkeys this can be the default case,
But inside the default case we should check signature is single-signature before calling VerifySignature.

@colin-axner
Copy link
Contributor

colin-axner commented Nov 10, 2020
edited
Loading

Determine what happens if we send multisignature to a single pubkey solomachine

Sorry, I was going off of this.

Proposed solution sounds fine.

This was referenced Nov 10, 2020
Merged
Merged
@mergify mergify bot closed this as completed in #7883 Nov 11, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@colin-axner colin-axner

Labels
None yet
Projects
None yet
Milestone
IBC 1.0 Implementation Audit
Development

Successfully merging a pull request may close this issue.

solo machine GetPubKey returns an error instead of panicing cosmos/cosmos-sdk
3 participants
@AdityaSripal @cwgoes @colin-axner