fix btc sign info prefix len > 255 (#1713)

rooch-network · May 21, 2024 · 2beccc6 · 2beccc6
1 parent 84d589a
commit 2beccc6
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 13 deletions.
diff --git a/frameworks/rooch-framework/doc/ethereum_validator.md b/frameworks/rooch-framework/doc/ethereum_validator.md
@@ -13,7 +13,8 @@ This module implements Ethereum validator with the ECDSA recoverable signature o
 -  [Function `validate`](#0x3_ethereum_validator_validate)
 
 
-<pre><code><b>use</b> <a href="">0x1::vector</a>;
+<pre><code><b>use</b> <a href="">0x1::debug</a>;
+<b>use</b> <a href="">0x1::vector</a>;
 <b>use</b> <a href="">0x2::features</a>;
 <b>use</b> <a href="">0x2::hex</a>;
 <b>use</b> <a href="">0x2::tx_context</a>;

diff --git a/frameworks/rooch-framework/sources/auth_validator/bitcoin_validator.move b/frameworks/rooch-framework/sources/auth_validator/bitcoin_validator.move
@@ -31,32 +31,38 @@ module rooch_framework::bitcoin_validator {
 
         // tx hash in use wallet signature is hex
         let tx_hex = hex::encode(tx_hash);
-        let tx_hex_len = (vector::length(&tx_hex) as u8);
+        let tx_hex_len = (vector::length(&tx_hex));
 
         let sign_info_prefix = auth_payload::sign_info_prefix(payload);
+        let sign_info_prefix_len = (vector::length(&sign_info_prefix));
+
         let sign_info = auth_payload::sign_info(payload);
+        let sign_info_len = (vector::length(&sign_info));
+
+        assert!(
+            sign_info_len + tx_hex_len <= 255,
+            auth_validator::error_invalid_authenticator()
+        );
 
         // append tx hash
         let full_tx = vector<u8>[];
 
-        let sign_info_prefix_len = (vector::length(&sign_info_prefix) as u8);
         if (sign_info_prefix_len > 0) {
-            vector::insert(&mut sign_info_prefix, 0, sign_info_prefix_len);
+            vector::insert(&mut sign_info_prefix, 0, (sign_info_prefix_len as u8));
             vector::append(&mut full_tx, sign_info_prefix);
         };
 
-        let sign_info_len = (vector::length(&sign_info) as u8);
         let sign_info_insert_index = 0u64;
         if (sign_info_prefix_len > 0) {
-            sign_info_insert_index = (sign_info_prefix_len as u64) + 1;
+            sign_info_insert_index = sign_info_prefix_len + 1;
         };
 
         if (vector::length(&sign_info) > 0) {
-            vector::insert(&mut full_tx, sign_info_insert_index,sign_info_len + tx_hex_len);
+            vector::insert(&mut full_tx, sign_info_insert_index, ((sign_info_len + tx_hex_len) as u8));
             vector::append(&mut full_tx, sign_info);
             vector::append(&mut full_tx, tx_hex);
         } else {
-            vector::insert(&mut full_tx, sign_info_insert_index, tx_hex_len);
+            vector::insert(&mut full_tx, sign_info_insert_index, (tx_hex_len as u8));
             vector::append(&mut full_tx, tx_hex);
         };
         // append tx hash end

diff --git a/frameworks/rooch-framework/sources/auth_validator/ethereum_validator.move b/frameworks/rooch-framework/sources/auth_validator/ethereum_validator.move
@@ -32,12 +32,13 @@ module rooch_framework::ethereum_validator {
         let tx_hex_len = (vector::length(&tx_hex) as u8);
 
         let sign_info_prefix = auth_payload::sign_info_prefix(payload);
+        let sign_info_prefix_len = (vector::length(&sign_info_prefix) as u8);
+
         let sign_info = auth_payload::sign_info(payload);
 
         // append tx hash
         let full_tx = vector<u8>[];
 
-        let sign_info_prefix_len = (vector::length(&sign_info_prefix) as u8);
         if (sign_info_prefix_len > 0) {
             vector::append(&mut full_tx, sign_info_prefix);
         };

diff --git a/sdk/typescript/rooch-sdk-kit/src/types/WalletRoochSessionAccount.ts b/sdk/typescript/rooch-sdk-kit/src/types/WalletRoochSessionAccount.ts
@@ -33,7 +33,7 @@ export class WalletRoochSessionAccount extends RoochSessionAccount {
       maxInactiveInterval,
       account,
       authInfo ??
-        `Welcome to ${window.location.hostname}\nYou will authorize session:\n${
+        `Welcome to ${appName}\nYou will authorize session:\n${
           'Scope:\n' +
           scopes
             .filter((v) => !v.startsWith('0x1') && !v.startsWith('0x3'))

diff --git a/sdk/typescript/rooch-sdk-kit/src/types/wellet/baseWallet.ts b/sdk/typescript/rooch-sdk-kit/src/types/wellet/baseWallet.ts
@@ -140,16 +140,24 @@ export abstract class BaseWallet implements IAuthorizer {
    * @param msgInfo - Additional information about the message.
    * @returns A promise that resolves to the serialized signature object.
    */
-  async signMessageWithHashed(msgHash: Uint8Array, msgInfo: any): Promise<SerializedSignature> {
+  async signMessageWithHashed(msgHash: Uint8Array, msgInfo?: any): Promise<SerializedSignature> {
     let msgHex = Buffer.from(msgHash).toString('hex')
 
-    if (msgInfo.charAt(msgInfo.length - 1) !== '\n') {
+    if (msgInfo && msgInfo.charAt(msgInfo.length - 1) !== '\n') {
       msgInfo += '\n'
+      msgInfo = msgInfo + RoochSignPrefix
+    } else {
+      msgInfo = RoochSignPrefix
     }
 
-    msgInfo = msgInfo + RoochSignPrefix
     let fullMsg = msgInfo + msgHex
 
+    // TODO: remove this, btc contracts can be implemented with reference to eth，The stitching is done by the front end。
+    // Avoid the 255 length limit
+    if (fullMsg.length > 255) {
+      throw Error(`authInfo length cannot be greater than > ${fullMsg.length - msgHex.length}`)
+    }
+
     const sign = await this.sign(fullMsg)
 
     return this.toSerializedSignature(msgHex, sign, msgInfo)