fix: no keccak double hashing when verifying batch signature

sedaprotocol · Oct 31, 2024 · 228b963 · 228b963
1 parent 5cc14cc
commit 228b963
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/app/abci/handlers.go b/app/abci/handlers.go
@@ -336,8 +336,7 @@ func (h *Handlers) verifyBatchSignatures(ctx sdk.Context, batchID, voteExtension
 		return err
 	}
 	pubKeyBytes := crypto.FromECDSAPub(pubKeyECDSA)
-	hash := crypto.Keccak256Hash(batchID)
-	sigPubKey, err := crypto.Ecrecover(hash.Bytes(), voteExtension[:65])
+	sigPubKey, err := crypto.Ecrecover(batchID, voteExtension[:65])
 	if err != nil {
 		return err
 	}

diff --git a/app/abci/vote_extension_test.go b/app/abci/vote_extension_test.go
@@ -9,6 +9,7 @@ import (
 	"github.com/rs/zerolog"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/mock/gomock"
+	"golang.org/x/crypto/sha3"
 
 	cometabci "github.com/cometbft/cometbft/abci/types"
 
@@ -64,8 +65,11 @@ func TestExtendVerifyVoteHandlers(t *testing.T) {
 	mockPubKeyKeeper := testutil.NewMockPubKeyKeeper(ctrl)
 	mockStakingKeeper := testutil.NewMockStakingKeeper(ctrl)
 
+	hasher := sha3.NewLegacyKeccak256()
+	hasher.Write([]byte("Message for ECDSA signing"))
+	batchID := hasher.Sum(nil)
 	mockBatch := batchingtypes.Batch{
-		BatchId:     []byte("Message for ECDSA signing"),
+		BatchId:     batchID,
 		BlockHeight: 100, // created from the previous block
 	}