From 052a8686e3b5b510cbbd174f42565c73586c5b7f Mon Sep 17 00:00:00 2001
From: terence tsao <terence@prysmaticlabs.com>
Date: Mon, 7 Sep 2020 10:42:00 -0700
Subject: [PATCH] Prevent zero hashes sigs get submitted

---
 beacon-chain/rpc/validator/aggregator.go      |  6 ++++
 beacon-chain/rpc/validator/aggregator_test.go | 30 +++++++++++++++++++
 2 files changed, 36 insertions(+)

diff --git a/beacon-chain/rpc/validator/aggregator.go b/beacon-chain/rpc/validator/aggregator.go
index 8857df9ca387..8d89922b2e72 100644
--- a/beacon-chain/rpc/validator/aggregator.go
+++ b/beacon-chain/rpc/validator/aggregator.go
@@ -1,6 +1,7 @@
 package validator
 
 import (
+	"bytes"
 	"context"
 
 	ethpb "github.com/prysmaticlabs/ethereumapis/eth/v1alpha1"
@@ -112,6 +113,11 @@ func (as *Server) SubmitSignedAggregateSelectionProof(ctx context.Context, req *
 		req.SignedAggregateAndProof.Message.Aggregate == nil || req.SignedAggregateAndProof.Message.Aggregate.Data == nil {
 		return nil, status.Error(codes.InvalidArgument, "Signed aggregate request can't be nil")
 	}
+	emptySig := make([]byte, params.BeaconConfig().BLSSignatureLength)
+	if bytes.Equal(req.SignedAggregateAndProof.Signature, emptySig) ||
+		bytes.Equal(req.SignedAggregateAndProof.Message.SelectionProof, emptySig) {
+		return nil, status.Error(codes.InvalidArgument, "Signed signatures can't be zero hashes")
+	}
 
 	if err := as.P2P.Broadcast(ctx, req.SignedAggregateAndProof); err != nil {
 		return nil, status.Errorf(codes.Internal, "Could not broadcast signed aggregated attestation: %v", err)
diff --git a/beacon-chain/rpc/validator/aggregator_test.go b/beacon-chain/rpc/validator/aggregator_test.go
index a45d0e58ad5d..58e2894d0c15 100644
--- a/beacon-chain/rpc/validator/aggregator_test.go
+++ b/beacon-chain/rpc/validator/aggregator_test.go
@@ -399,3 +399,33 @@ func TestSubmitAggregateAndProof_SelectsMostBitsWhenOwnAttestationNotPresent(t *
 	require.NoError(t, err)
 	assert.DeepEqual(t, att1, res.AggregateAndProof.Aggregate, "Did not receive wanted attestation")
 }
+
+func TestSubmitSignedAggregateSelectionProof_ZeroHashesSignatures(t *testing.T) {
+	aggregatorServer := &Server{}
+	req := &ethpb.SignedAggregateSubmitRequest{
+		SignedAggregateAndProof: &ethpb.SignedAggregateAttestationAndProof{
+			Signature: make([]byte, params.BeaconConfig().BLSSignatureLength),
+			Message: &ethpb.AggregateAttestationAndProof{
+				Aggregate: &ethpb.Attestation{
+					Data: &ethpb.AttestationData{},
+				},
+			},
+		},
+	}
+	_, err := aggregatorServer.SubmitSignedAggregateSelectionProof(context.Background(), req)
+	require.ErrorContains(t, "Signed signatures can't be zero hashes", err)
+
+	req = &ethpb.SignedAggregateSubmitRequest{
+		SignedAggregateAndProof: &ethpb.SignedAggregateAttestationAndProof{
+			Signature: []byte{'a'},
+			Message: &ethpb.AggregateAttestationAndProof{
+				Aggregate: &ethpb.Attestation{
+					Data: &ethpb.AttestationData{},
+				},
+				SelectionProof: make([]byte, params.BeaconConfig().BLSSignatureLength),
+			},
+		},
+	}
+	_, err = aggregatorServer.SubmitSignedAggregateSelectionProof(context.Background(), req)
+	require.ErrorContains(t, "Signed signatures can't be zero hashes", err)
+}