refactor: Remove obsolete secp256k1 script in CKB

nervosnetwork · Dec 21, 2018 · abf6b5b · abf6b5b
1 parent 1e7187b
commit abf6b5b
Show file tree

Hide file tree

Showing 10 changed files with 146 additions and 221 deletions.
diff --git a/devtools/playground/random_transaction.rb b/devtools/playground/random_transaction.rb
diff --git a/nodes_template/default.json b/nodes_template/default.json
@@ -34,7 +34,7 @@
     },
     "miner": {
         "new_transactions_threshold": 8,
-        "type_hash": "0x321c1ca2887fb8eddaaa7e917399f71e63e03a1c83ff75ed12099a01115ea2ff",
+        "type_hash": "0x0da2fe99fe549e082d4ed483c2e968a89ea8d11aabf5d79e5cbf06522de6e674",
         "rpc_url": "http://127.0.0.1:8114/",
         "poll_interval": 5,
         "max_transactions": 10000,

diff --git a/nodes_template/spec/dev.json b/nodes_template/spec/dev.json
@@ -35,7 +35,6 @@
         "initial_block_reward": 50000
     },
     "system_cells": [
-        {"path": "cells/verify"},
         {"path": "cells/always_success"}
     ],
     "pow": {

diff --git a/script/src/verify.rs b/script/src/verify.rs
@@ -204,7 +204,7 @@ mod tests {
 
     fn open_cell_verify() -> File {
         File::open(
-            Path::new(env!("CARGO_MANIFEST_DIR")).join("../nodes_template/spec/cells/verify"),
+            Path::new(env!("CARGO_MANIFEST_DIR")).join("../script/testdata/verify"),
         )
         .unwrap()
     }

diff --git a/nodes_template/spec/cells/verify → script/testdata/verify b/nodes_template/spec/cells/verify → script/testdata/verify
diff --git a/script/testdata/verify.c b/script/testdata/verify.c
@@ -0,0 +1,135 @@
+#include <stdlib.h>
+#include "sha3.h"
+
+#define SHA3_BLOCK_SIZE 32
+
+#define CUSTOM_ABORT 1
+#define CUSTOM_PRINT_ERR 1
+
+#include "syscall.h"
+void custom_abort()
+{
+  syscall_errno(93, 10, 0, 0, 0, 0, 0);
+}
+
+int custom_print_err(const char * arg, ...)
+{
+  (void) arg;
+  return 0;
+}
+
+#include <secp256k1_static.h>
+/*
+ * We are including secp256k1 implementation directly so gcc can strip
+ * unused functions. For some unknown reasons, if we link in libsecp256k1.a
+ * directly, the final binary will include all functions rather than those used.
+ */
+#include <secp256k1.c>
+
+int char_to_int(char ch)
+{
+  if (ch >= '0' && ch <= '9') {
+    return ch - '0';
+  }
+  if (ch >= 'a' && ch <= 'f') {
+    return ch - 'a' + 10;
+  }
+  return -1;
+}
+
+int hex_to_bin(char* buf, size_t buf_len, const char* hex)
+{
+  int i = 0;
+
+  for (; i < buf_len && hex[i * 2] != '\0' && hex[i * 2 + 1] != '\0'; i++) {
+    int a = char_to_int(hex[i * 2]);
+    int b = char_to_int(hex[i * 2 + 1]);
+
+    if (a < 0 || b < 0) {
+      return -1;
+    }
+
+    buf[i] = ((a & 0xF) << 4) | (b & 0xF);
+  }
+
+  if (i == buf_len && hex[i * 2] != '\0') {
+    return -1;
+  }
+  return i;
+}
+
+#define CHECK_LEN(x) if ((x) <= 0) { return x; }
+
+/*
+ * Arguments are listed in the following order:
+ * 0. Program name, ignored here, only preserved for compatibility reason
+ * 1. Pubkey in hex format, a maximum of 130 bytes will be processed
+ * 2. Signature in hex format, a maximum of 512 bytes will be processed
+ * 3. Current script hash in hex format, which is 128 bytes. While this program
+ * cannot verify the hash directly, this ensures the script is include in
+ * signature calculation
+ * 4. Other additional parameters that might be included. Notice only ASCII
+ * characters are included, so binary should be passed as binary format.
+ *
+ * This program will run double sha256 on all arguments excluding pubkey and
+ * signature(also for simplicity, we are running sha256 on ASCII chars directly,
+ * not deserialized raw bytes), then it will use sha256 result calculated as the
+ * message to verify the signature. It returns 0 if the signature works, and
+ * a non-zero value otherwise.
+ *
+ * Note all hex values passed in as arguments must have lower case letters for
+ * deterministic behavior.
+ */
+int main(int argc, char* argv[])
+{
+  char buf[256];
+  int len;
+
+  if (argc < 4) {
+    return -1;
+  }
+
+  secp256k1_context context;
+  int ret = secp256k1_context_initialize(&context, SECP256K1_CONTEXT_VERIFY);
+  if (ret == 0) {
+    return 4;
+  }
+
+  len = hex_to_bin(buf, 65, argv[1]);
+  CHECK_LEN(len);
+  secp256k1_pubkey pubkey;
+
+  ret = secp256k1_ec_pubkey_parse(&context, &pubkey, buf, len);
+  if (ret == 0) {
+    return 1;
+  }
+
+  len = hex_to_bin(buf, 256, argv[2]);
+  CHECK_LEN(len);
+  secp256k1_ecdsa_signature signature;
+  secp256k1_ecdsa_signature_parse_der(&context, &signature, buf, len);
+  if (ret == 0) {
+    return 3;
+  }
+
+  sha3_ctx_t sha3_ctx;
+  unsigned char hash[SHA3_BLOCK_SIZE];
+  sha3_init(&sha3_ctx, SHA3_BLOCK_SIZE);
+  for (int i = 3; i < argc; i++) {
+    sha3_update(&sha3_ctx, argv[i], strlen(argv[i]));
+  }
+  sha3_final(hash, &sha3_ctx);
+
+  sha3_init(&sha3_ctx, SHA3_BLOCK_SIZE);
+  sha3_update(&sha3_ctx, hash, SHA3_BLOCK_SIZE);
+  sha3_final(hash, &sha3_ctx);
+
+  ret = secp256k1_ecdsa_verify(&context, &signature, hash, &pubkey);
+  if (ret == 1) {
+    ret = 0;
+  } else {
+    ret = 2;
+  }
+
+  return ret;
+}
diff --git a/src/cli/args.rs b/src/cli/args.rs
@@ -75,38 +75,13 @@ fn import() -> App<'static, 'static> {
         )
 }
 
-fn arg_private_key() -> Arg<'static, 'static> {
-    Arg::with_name("private-key")
-        .short("p")
-        .long("private-key")
-        .value_name("H256")
-        .help("Specify the private key")
-        .takes_value(true)
-        .required(true)
-}
-
 fn cli() -> App<'static, 'static> {
     SubCommand::with_name("cli")
         .about("Running ckb cli")
         .setting(AppSettings::ArgRequiredElseHelp)
-        .subcommand(
-            SubCommand::with_name("sign")
-                .about("Sign transaction using sha3-secp256k1 defined in system cell")
-                .arg(arg_private_key())
-                .arg(
-                    Arg::with_name("unsigned-transaction")
-                        .short("u")
-                        .long("unsigned-transaction")
-                        .value_name("JSON")
-                        .help("Specify the unsigned transaction json string")
-                        .takes_value(true)
-                        .required(true),
-                ),
-        )
         .subcommand(
             SubCommand::with_name("type_hash")
-                .about("Generate script type hash using sha3-secp256k1 defined in system cell")
-                .arg(arg_private_key()),
+                .about("Generate lock script type hash using the first system cell, which by default is always_success"),
         )
         .subcommand(SubCommand::with_name("keygen").about("Generate new key"))
 }
diff --git a/src/cli/mod.rs b/src/cli/mod.rs
@@ -8,4 +8,4 @@ pub use self::args::get_matches;
 pub use self::export::export;
 pub use self::import::import;
 pub use self::miner::miner;
-pub use self::run_impl::{keygen, run, sign, type_hash};
+pub use self::run_impl::{keygen, run, type_hash};