sequencer tests

Author: distractedm1nd

Cargo.lock

@@ -7,6 +7,7 @@ homepage.workspace = true
 repository.workspace = true
 
 [dependencies]
+prism-errors.workspace = true
 anyhow.workspace = true
 bls12_381.workspace = true
 borsh.workspace = true
@@ -17,4 +18,6 @@ sha2.workspace = true
 celestia-types.workspace = true
 bincode.workspace = true
 ed25519-dalek.workspace = true
+ed25519.workspace = true
+base64.workspace = true
 rand.workspace = true

crates/common/Cargo.toml

@@ -130,11 +130,13 @@ impl Hashchain {
     pub fn create_account(
         &mut self,
         value: PublicKey,
+        signature: Vec<u8>,
         service_id: String,
         challenge: ServiceChallengeInput,
     ) -> Result<Digest> {
         let operation = Operation::CreateAccount(CreateAccountArgs {
             id: self.id.clone(),
+            signature,
             value,
             service_id,
             challenge,

crates/common/src/hashchain.rs

@@ -1,5 +1,6 @@
 pub mod hashchain;
 pub mod operation;
+pub mod signed_content;
 pub mod tree;
 
 // todo: add testing feature for use across crates, so we dont have to expose it

crates/common/src/lib.rs

@@ -1,22 +1,24 @@
 use anyhow::{Context, Result};
+use bincode;
 use celestia_types::Blob;
+use prism_errors::GeneralError;
 use serde::{Deserialize, Serialize};
-use std::fmt::Display;
+use std::{self, fmt::Display, str::FromStr};
 
 #[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq, Hash)]
 /// Represents a public key supported by the system.
 pub enum PublicKey {
-    Secp256k1(Vec<u8>),  // Bitcoin, Ethereum
-    Ed25519(Vec<u8>),    // Cosmos, OpenSSH, GnuPG
-    Curve25519(Vec<u8>), // Signal, Tor
+    // Secp256k1(Vec<u8>),  // Bitcoin, Ethereum
+    Ed25519(Vec<u8>), // Cosmos, OpenSSH, GnuPG
+                      // Curve25519(Vec<u8>), // Signal, Tor
 }
 
 impl PublicKey {
     pub fn as_bytes(&self) -> &[u8] {
         match self {
-            PublicKey::Secp256k1(bytes) => bytes,
+            // PublicKey::Secp256k1(bytes) => bytes,
             PublicKey::Ed25519(bytes) => bytes,
-            PublicKey::Curve25519(bytes) => bytes,
+            // PublicKey::Curve25519(bytes) => bytes,
         }
     }
 }
@@ -50,8 +52,9 @@ pub enum Operation {
 #[derive(Clone, Serialize, Deserialize, Debug, PartialEq)]
 /// Arguments for creating an account with a service.
 pub struct CreateAccountArgs {
-    pub id: String,                       // Account ID
-    pub value: PublicKey,                 // Public Key
+    pub id: String,       // Account ID
+    pub value: PublicKey, // Public Key
+    pub signature: Vec<u8>,
     pub service_id: String,               // Associated service ID
     pub challenge: ServiceChallengeInput, // Challenge input for verification
 }
@@ -80,6 +83,65 @@ impl Operation {
             Operation::CreateAccount(args) => Some(args.value.clone()),
         }
     }
+
+    pub fn validate(&self) -> Result<()> {
+        match &self {
+            Operation::AddKey(KeyOperationArgs {
+                id,
+                value,
+                signature,
+            })
+            | Operation::RevokeKey(KeyOperationArgs {
+                id,
+                value,
+                signature,
+            }) => {
+                if id.is_empty() {
+                    return Err(
+                        GeneralError::MissingArgumentError("id is empty".to_string()).into(),
+                    );
+                }
+
+                if signature.signature.is_empty() {
+                    return Err(GeneralError::MissingArgumentError(
+                        "signature is empty".to_string(),
+                    )
+                    .into());
+                }
+
+                // verify_signature(self, None).context("Failed to verify signature")?;
+
+                Ok(())
+            }
+            Operation::CreateAccount(CreateAccountArgs {
+                id,
+                value,
+                signature,
+                service_id: _,
+                challenge,
+            }) => {
+                if id.is_empty() {
+                    return Err(
+                        GeneralError::MissingArgumentError("id is empty".to_string()).into(),
+                    );
+                }
+
+                match challenge {
+                    ServiceChallengeInput::Signed(signature) => {
+                        if signature.is_empty() {
+                            return Err(GeneralError::MissingArgumentError(
+                                "challenge data is empty".to_string(),
+                            )
+                            .into());
+                        }
+                        // verify_signature(self, None).context("Failed to verify signature")?;
+                    }
+                }
+
+                Ok(())
+            }
+        }
+    }
 }
 
 impl Display for Operation {

crates/common/src/operation.rs

@@ -0,0 +1,47 @@
+use anyhow::Result;
+use base64::{engine::general_purpose::STANDARD as engine, Engine as _};
+use ed25519::Signature;
+use ed25519_dalek::{Verifier, VerifyingKey as Ed25519VerifyingKey};
+use prism_errors::{GeneralError, PrismError};
+
+pub trait SignedContent {
+    fn get_signature(&self) -> Result<Signature>;
+    fn get_plaintext(&self) -> Result<Vec<u8>>;
+    fn get_public_key(&self) -> Result<String>;
+}
+
+pub fn decode_public_key(pub_key_str: &String) -> Result<Ed25519VerifyingKey> {
+    // decode the public key from base64 string to bytes
+    let public_key_bytes = engine
+        .decode(pub_key_str)
+        .map_err(|e| GeneralError::DecodingError(format!("base64 string: {}", e)))?;
+
+    let public_key_array: [u8; 32] = public_key_bytes
+        .try_into()
+        .map_err(|_| GeneralError::ParsingError("Vec<u8> to [u8; 32]".to_string()))?;
+
+    Ed25519VerifyingKey::from_bytes(&public_key_array)
+        .map_err(|_| GeneralError::DecodingError("ed25519 verifying key".to_string()).into())
+}
+
+// verifies the signature of a given signable item and returns the content of the item if the signature is valid
+pub fn verify_signature<T: SignedContent>(
+    item: &T,
+    optional_public_key: Option<String>,
+) -> Result<Vec<u8>> {
+    let public_key_str = match optional_public_key {
+        Some(key) => key,
+        None => item.get_public_key()?,
+    };
+
+    let public_key = decode_public_key(&public_key_str)
+        .map_err(|_| PrismError::General(GeneralError::InvalidPublicKey))?;
+
+    let content = item.get_plaintext()?;
+    let signature = item.get_signature()?;
+
+    match public_key.verify(content.as_slice(), &signature) {
+        Ok(_) => Ok(content),
+        Err(e) => Err(GeneralError::InvalidSignature(e).into()),
+    }
+}

crates/common/src/signed_content.rs

@@ -1,12 +1,13 @@
-use crate::hashchain::{Hashchain, HashchainEntry};
-use crate::operation::{KeyOperationArgs, Operation, PublicKey, SignatureBundle};
-use crate::tree::{hash, InsertProof, KeyDirectoryTree, SnarkableTree, UpdateProof};
+use crate::{
+    hashchain::{Hashchain, HashchainEntry},
+    operation::{KeyOperationArgs, Operation, PublicKey, SignatureBundle},
+    tree::{hash, InsertProof, KeyDirectoryTree, SnarkableTree, UpdateProof},
+};
 use anyhow::{anyhow, Result};
 use ed25519_dalek::{Signer, SigningKey};
 use jmt::{mock::MockTreeStore, KeyHash};
 use rand::{rngs::StdRng, Rng};
-use std::collections::HashSet;
-use std::sync::Arc;
+use std::{collections::HashSet, sync::Arc};
 
 pub struct TestTreeState {
     pub tree: KeyDirectoryTree<MockTreeStore>,
@@ -152,12 +153,3 @@ pub fn create_add_key_operation_with_test_value(id: &str, signing_key: &SigningK
         signature: create_mock_signature(signing_key, id.as_bytes()),
     })
 }
-
-pub fn random_create_account(id: &str) -> Operation::CreateAccount {
-    let signing_key = create_mock_signing_key();
-    Operation::CreateAccount(CreateAccountArgs {
-        id: id.to_string(),
-        value: PublicKey::Ed25519(signing_key.verifying_key().to_bytes().to_vec()),
-        signature: create_mock_signature(signing_key, id.as_bytes()),
-    })
-}