Add signature verifications #138

0xpanoramix · 2022-06-07T14:45:57Z

Description:

This PR adds support for signature verifications in the following handlers :

registerValidator
getHeader
getPayload

Problem(s) & goal(s):

See #95 for more context.

I have run these commands:

make lint
make test
make run-mergemock-integration
go mod tidy

Additional comments:

For now, mergemock integration tests do not pass because the relay generates a random private key for each run and mev-boost does not have a way to know which one it is.
I've created a PR which allows to provide a private key to mergemock's relay.

Signed-off-by: Luca Georges Francois <[email protected]>

metachris · 2022-06-07T18:28:00Z

server/service.go

+
+		ok, err := types.VerifySignature(registration.Message, types.DomainBuilder, registration.Message.Pubkey[:], registration.Signature[:])
+		if err != nil {
+			http.Error(w, err.Error(), http.StatusBadRequest)


we should probably log the error (with log.Error), for visibility for the operator

metachris · 2022-06-07T18:28:20Z

server/service.go

+			return
+		}
+		if !ok {
+			http.Error(w, errInvalidSignature.Error(), http.StatusBadRequest)


same as above. maybe even wrap the error and add a bit of context 🤔

Totally agree, added in a1c0a4d

metachris · 2022-06-07T18:28:46Z

server/service.go

@@ -218,7 +228,7 @@ func (m *BoostService) handleGetHeader(w http.ResponseWriter, req *http.Request)
 	var wg sync.WaitGroup
 	for _, relay := range m.relays {
 		wg.Add(1)
-		go func(relayAddr string) {
+		go func(relayAddr string, relayPubKey types.PublicKey) {


do we want to pass in the relay alltogether instead of the individual fields?

This way, we can only read the data. It slows down a little bit the process due to copies but honestly not that much.

metachris · 2022-06-07T18:29:04Z

very nice! 🙏

Signed-off-by: Luca Georges Francois <[email protected]>

codecov-commenter · 2022-06-07T20:49:53Z

Codecov Report

Merging #138 (a1c0a4d) into main (ff25f53) will decrease coverage by 2.79%.
The diff coverage is 18.18%.

@@            Coverage Diff             @@
##             main     #138      +/-   ##
==========================================
- Coverage   71.56%   68.77%   -2.80%     
==========================================
  Files           6        6              
  Lines         517      538      +21     
==========================================
  Hits          370      370              
- Misses        121      137      +16     
- Partials       26       31       +5

Flag	Coverage Δ
unittests	`68.77% <18.18%> (-2.80%)`	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
server/service.go	`69.40% <18.18%> (-5.91%)`	⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ff25f53...a1c0a4d. Read the comment docs.

Signed-off-by: Luca Georges Francois <[email protected]>

metachris · 2022-06-09T17:53:04Z

merging into the develop branch

* Add signature verification for getHeader response Signed-off-by: Luca Georges Francois <[email protected]> * Remove typo Signed-off-by: Luca Georges Francois <[email protected]> * Add signature verification for registerValidator request Signed-off-by: Luca Georges Francois <[email protected]> * Update mergemock integration tests Signed-off-by: Luca Georges Francois <[email protected]> * Fix typo in flag Signed-off-by: Luca Georges Francois <[email protected]> * Add error logging Signed-off-by: Luca Georges Francois <[email protected]> * Add signature verification tests Signed-off-by: Luca Georges Francois <[email protected]>

* Add signature verifications (#138) * Add signature verification for getHeader response Signed-off-by: Luca Georges Francois <[email protected]> * Remove typo Signed-off-by: Luca Georges Francois <[email protected]> * Add signature verification for registerValidator request Signed-off-by: Luca Georges Francois <[email protected]> * Update mergemock integration tests Signed-off-by: Luca Georges Francois <[email protected]> * Fix typo in flag Signed-off-by: Luca Georges Francois <[email protected]> * Add error logging Signed-off-by: Luca Georges Francois <[email protected]> * Add signature verification tests Signed-off-by: Luca Georges Francois <[email protected]> * Require the relay pubkey (#143) * mev-boost cli flags for setting genesis fork version, computing correct domain (#148) * better errors on failed signature validation (#151) Co-authored-by: Luca G.F <[email protected]>

* Add signature verifications (flashbots#138) * Add signature verification for getHeader response Signed-off-by: Luca Georges Francois <[email protected]> * Remove typo Signed-off-by: Luca Georges Francois <[email protected]> * Add signature verification for registerValidator request Signed-off-by: Luca Georges Francois <[email protected]> * Update mergemock integration tests Signed-off-by: Luca Georges Francois <[email protected]> * Fix typo in flag Signed-off-by: Luca Georges Francois <[email protected]> * Add error logging Signed-off-by: Luca Georges Francois <[email protected]> * Add signature verification tests Signed-off-by: Luca Georges Francois <[email protected]> * Require the relay pubkey (flashbots#143) * mev-boost cli flags for setting genesis fork version, computing correct domain (flashbots#148) * better errors on failed signature validation (flashbots#151) Co-authored-by: Luca G.F <[email protected]>

0xpanoramix added 3 commits June 6, 2022 13:13

Add signature verification for getHeader response

a105610

Signed-off-by: Luca Georges Francois <[email protected]>

Remove typo

32bd0e2

Signed-off-by: Luca Georges Francois <[email protected]>

Add signature verification for registerValidator request

8f017e4

Signed-off-by: Luca Georges Francois <[email protected]>

0xpanoramix mentioned this pull request Jun 7, 2022

Add flag to provide custom relay's secret key protolambda/mergemock#51

Merged

0xpanoramix added 2 commits June 7, 2022 18:47

Update mergemock integration tests

f57f679

Signed-off-by: Luca Georges Francois <[email protected]>

Fix typo in flag

d7b44eb

Signed-off-by: Luca Georges Francois <[email protected]>

metachris reviewed Jun 7, 2022

View reviewed changes

Add error logging

a1c0a4d

Signed-off-by: Luca Georges Francois <[email protected]>

0xpanoramix requested a review from metachris June 8, 2022 08:04

0xpanoramix marked this pull request as ready for review June 8, 2022 08:38

Add signature verification tests

5c3a780

Signed-off-by: Luca Georges Francois <[email protected]>

This was referenced Jun 9, 2022

require relay pubkey #143

Merged

Use BLSPublicKeys for the list of relays #62

Closed

metachris changed the base branch from main to develop June 9, 2022 17:52

metachris approved these changes Jun 9, 2022

View reviewed changes

metachris merged commit b9394bc into flashbots:develop Jun 9, 2022

metachris mentioned this pull request Jun 9, 2022

v1 implementation tasks #95

Closed

7 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add signature verifications #138

Add signature verifications #138

0xpanoramix commented Jun 7, 2022 •

edited

Loading

metachris Jun 7, 2022

metachris Jun 7, 2022

0xpanoramix Jun 7, 2022

metachris Jun 7, 2022

0xpanoramix Jun 7, 2022

metachris commented Jun 7, 2022

codecov-commenter commented Jun 7, 2022

metachris commented Jun 9, 2022

Add signature verifications #138

Add signature verifications #138

Conversation

0xpanoramix commented Jun 7, 2022 • edited Loading

metachris Jun 7, 2022

Choose a reason for hiding this comment

metachris Jun 7, 2022

Choose a reason for hiding this comment

0xpanoramix Jun 7, 2022

Choose a reason for hiding this comment

metachris Jun 7, 2022

Choose a reason for hiding this comment

0xpanoramix Jun 7, 2022

Choose a reason for hiding this comment

metachris commented Jun 7, 2022

codecov-commenter commented Jun 7, 2022

Codecov Report

metachris commented Jun 9, 2022

0xpanoramix commented Jun 7, 2022 •

edited

Loading