Example 6 with ScriptChunk
use of co.rsk.bitcoinj.script.ScriptChunk in project rskj by rsksmart.
the class BridgeSupportTest method addSignatureMultipleInputsPartiallyValid.
@Test
public void addSignatureMultipleInputsPartiallyValid() throws Exception {
// Federation is the genesis federation ATM
Federation federation = bridgeConstants.getGenesisFederation();
Repository repository = new RepositoryImpl(config);
final Keccak256 keccak256 = PegTestUtils.createHash3();
Repository track = repository.startTracking();
BridgeStorageProvider provider = new BridgeStorageProvider(track, PrecompiledContracts.BRIDGE_ADDR, bridgeConstants);
BtcTransaction prevTx1 = new BtcTransaction(btcParams);
TransactionOutput prevOut1 = new TransactionOutput(btcParams, prevTx1, Coin.FIFTY_COINS, federation.getAddress());
prevTx1.addOutput(prevOut1);
BtcTransaction prevTx2 = new BtcTransaction(btcParams);
TransactionOutput prevOut2 = new TransactionOutput(btcParams, prevTx1, Coin.FIFTY_COINS, federation.getAddress());
prevTx2.addOutput(prevOut2);
BtcTransaction prevTx3 = new BtcTransaction(btcParams);
TransactionOutput prevOut3 = new TransactionOutput(btcParams, prevTx1, Coin.FIFTY_COINS, federation.getAddress());
prevTx3.addOutput(prevOut3);
BtcTransaction t = new BtcTransaction(btcParams);
TransactionOutput output = new TransactionOutput(btcParams, t, Coin.COIN, new BtcECKey().toAddress(btcParams));
t.addOutput(output);
t.addInput(prevOut1).setScriptSig(PegTestUtils.createBaseInputScriptThatSpendsFromTheFederation(federation));
t.addInput(prevOut2).setScriptSig(PegTestUtils.createBaseInputScriptThatSpendsFromTheFederation(federation));
t.addInput(prevOut3).setScriptSig(PegTestUtils.createBaseInputScriptThatSpendsFromTheFederation(federation));
provider.getRskTxsWaitingForSignatures().put(keccak256, t);
provider.save();
track.commit();
track = repository.startTracking();
List<LogInfo> logs = new ArrayList<>();
BridgeEventLogger eventLogger = new BridgeEventLoggerImpl(bridgeConstants, logs);
BridgeSupport bridgeSupport = new BridgeSupport(config, track, eventLogger, contractAddress, (Block) null);
// Generate valid signatures for inputs
List<byte[]> derEncodedSigsFirstFed = new ArrayList<>();
List<byte[]> derEncodedSigsSecondFed = new ArrayList<>();
BtcECKey privateKeyOfFirstFed = ((BridgeRegTestConstants) bridgeConstants).getFederatorPrivateKeys().get(0);
BtcECKey privateKeyOfSecondFed = ((BridgeRegTestConstants) bridgeConstants).getFederatorPrivateKeys().get(1);
BtcECKey.ECDSASignature lastSig = null;
for (int i = 0; i < 3; i++) {
Script inputScript = t.getInput(i).getScriptSig();
List<ScriptChunk> chunks = inputScript.getChunks();
byte[] program = chunks.get(chunks.size() - 1).data;
Script redeemScript = new Script(program);
Sha256Hash sighash = t.hashForSignature(i, redeemScript, BtcTransaction.SigHash.ALL, false);
// Sign the last input with a random key
// but keep the good signature for a subsequent call
BtcECKey.ECDSASignature sig = privateKeyOfFirstFed.sign(sighash);
if (i == 2) {
lastSig = sig;
sig = new BtcECKey().sign(sighash);
}
derEncodedSigsFirstFed.add(sig.encodeToDER());
derEncodedSigsSecondFed.add(privateKeyOfSecondFed.sign(sighash).encodeToDER());
}
// Sign with two valid signatuers and one invalid signature
bridgeSupport.addSignature(1, findPublicKeySignedBy(federation.getPublicKeys(), privateKeyOfFirstFed), derEncodedSigsFirstFed, keccak256.getBytes());
bridgeSupport.save();
track.commit();
// Sign with two valid signatuers and one malformed signature
byte[] malformedSignature = new byte[lastSig.encodeToDER().length];
for (int i = 0; i < malformedSignature.length; i++) {
malformedSignature[i] = (byte) i;
}
derEncodedSigsFirstFed.set(2, malformedSignature);
bridgeSupport.addSignature(1, findPublicKeySignedBy(federation.getPublicKeys(), privateKeyOfFirstFed), derEncodedSigsFirstFed, keccak256.getBytes());
bridgeSupport.save();
track.commit();
// Sign with fully valid signatures for same federator
derEncodedSigsFirstFed.set(2, lastSig.encodeToDER());
bridgeSupport.addSignature(1, findPublicKeySignedBy(federation.getPublicKeys(), privateKeyOfFirstFed), derEncodedSigsFirstFed, keccak256.getBytes());
bridgeSupport.save();
track.commit();
// Sign with second federation
bridgeSupport.addSignature(1, findPublicKeySignedBy(federation.getPublicKeys(), privateKeyOfSecondFed), derEncodedSigsSecondFed, keccak256.getBytes());
bridgeSupport.save();
track.commit();
provider = new BridgeStorageProvider(repository, PrecompiledContracts.BRIDGE_ADDR, bridgeConstants);
Assert.assertTrue(provider.getRskTxsWaitingForSignatures().isEmpty());
Assert.assertThat(logs, is(not(empty())));
Assert.assertThat(logs, hasSize(5));
LogInfo releaseTxEvent = logs.get(4);
Assert.assertThat(releaseTxEvent.getTopics(), hasSize(1));
Assert.assertThat(releaseTxEvent.getTopics(), hasItem(Bridge.RELEASE_BTC_TOPIC));
BtcTransaction releaseTx = new BtcTransaction(bridgeConstants.getBtcParams(), ((RLPList) RLP.decode2(releaseTxEvent.getData()).get(0)).get(1).getRLPData());
// Verify all inputs fully signed
for (int i = 0; i < releaseTx.getInputs().size(); i++) {
Script retrievedScriptSig = releaseTx.getInput(i).getScriptSig();
Assert.assertEquals(4, retrievedScriptSig.getChunks().size());
Assert.assertEquals(true, retrievedScriptSig.getChunks().get(1).data.length > 0);
Assert.assertEquals(true, retrievedScriptSig.getChunks().get(2).data.length > 0);
}
}
Also used :
BridgeEventLoggerImpl(co.rsk.peg.utils.BridgeEventLoggerImpl)
Script(co.rsk.bitcoinj.script.Script)
LogInfo(org.ethereum.vm.LogInfo)
Keccak256(co.rsk.crypto.Keccak256)
ScriptChunk(co.rsk.bitcoinj.script.ScriptChunk)
RLPList(org.ethereum.util.RLPList)
RepositoryImpl(co.rsk.db.RepositoryImpl)
BridgeEventLogger(co.rsk.peg.utils.BridgeEventLogger)
PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)
Test(org.junit.Test)
Example 7 with ScriptChunk
use of co.rsk.bitcoinj.script.ScriptChunk in project rskj by rsksmart.
the class BridgeSupport method isInputSignedByThisFederator.
/**
* Check if the p2sh multisig scriptsig of the given input was already signed by federatorPublicKey.
* @param federatorPublicKey The key that may have been used to sign
* @param sighash the sighash that corresponds to the input
* @param input The input
* @return true if the input was already signed by the specified key, false otherwise.
*/
private boolean isInputSignedByThisFederator(BtcECKey federatorPublicKey, Sha256Hash sighash, TransactionInput input) {
List<ScriptChunk> chunks = input.getScriptSig().getChunks();
for (int j = 1; j < chunks.size() - 1; j++) {
ScriptChunk chunk = chunks.get(j);
if (chunk.data.length == 0) {
continue;
}
TransactionSignature sig2 = TransactionSignature.decodeFromBitcoin(chunk.data, false, false);
if (federatorPublicKey.verify(sighash, sig2)) {
return true;
}
}
return false;
}
Also used :
TransactionSignature(co.rsk.bitcoinj.crypto.TransactionSignature)
ScriptChunk(co.rsk.bitcoinj.script.ScriptChunk)
Example 8 with ScriptChunk
use of co.rsk.bitcoinj.script.ScriptChunk in project rskj by rsksmart.
the class BridgeSupport method processSigning.
private void processSigning(long executionBlockNumber, BtcECKey federatorPublicKey, List<byte[]> signatures, byte[] rskTxHash, BtcTransaction btcTx) throws IOException {
// Build input hashes for signatures
int numInputs = btcTx.getInputs().size();
List<Sha256Hash> sighashes = new ArrayList<>();
List<TransactionSignature> txSigs = new ArrayList<>();
for (int i = 0; i < numInputs; i++) {
TransactionInput txIn = btcTx.getInput(i);
Script inputScript = txIn.getScriptSig();
List<ScriptChunk> chunks = inputScript.getChunks();
byte[] program = chunks.get(chunks.size() - 1).data;
Script redeemScript = new Script(program);
sighashes.add(btcTx.hashForSignature(i, redeemScript, BtcTransaction.SigHash.ALL, false));
}
// Verify given signatures are correct before proceeding
for (int i = 0; i < numInputs; i++) {
BtcECKey.ECDSASignature sig;
try {
sig = BtcECKey.ECDSASignature.decodeFromDER(signatures.get(i));
} catch (RuntimeException e) {
logger.warn("Malformed signature for input {} of tx {}: {}", i, new Keccak256(rskTxHash), Hex.toHexString(signatures.get(i)));
return;
}
Sha256Hash sighash = sighashes.get(i);
if (!federatorPublicKey.verify(sighash, sig)) {
logger.warn("Signature {} {} is not valid for hash {} and public key {}", i, Hex.toHexString(sig.encodeToDER()), sighash, federatorPublicKey);
return;
}
TransactionSignature txSig = new TransactionSignature(sig, BtcTransaction.SigHash.ALL, false);
txSigs.add(txSig);
if (!txSig.isCanonical()) {
logger.warn("Signature {} {} is not canonical.", i, Hex.toHexString(signatures.get(i)));
return;
}
}
// All signatures are correct. Proceed to signing
for (int i = 0; i < numInputs; i++) {
Sha256Hash sighash = sighashes.get(i);
TransactionInput input = btcTx.getInput(i);
Script inputScript = input.getScriptSig();
boolean alreadySignedByThisFederator = isInputSignedByThisFederator(federatorPublicKey, sighash, input);
// Sign the input if it wasn't already
if (!alreadySignedByThisFederator) {
try {
int sigIndex = inputScript.getSigInsertionIndex(sighash, federatorPublicKey);
inputScript = ScriptBuilder.updateScriptWithSignature(inputScript, txSigs.get(i).encodeToBitcoin(), sigIndex, 1, 1);
input.setScriptSig(inputScript);
logger.debug("Tx input {} for tx {} signed.", i, new Keccak256(rskTxHash));
} catch (IllegalStateException e) {
Federation retiringFederation = getRetiringFederation();
if (getActiveFederation().hasPublicKey(federatorPublicKey)) {
logger.debug("A member of the active federation is trying to sign a tx of the retiring one");
return;
} else if (retiringFederation != null && retiringFederation.hasPublicKey(federatorPublicKey)) {
logger.debug("A member of the retiring federation is trying to sign a tx of the active one");
return;
}
throw e;
}
} else {
logger.warn("Input {} of tx {} already signed by this federator.", i, new Keccak256(rskTxHash));
break;
}
}
// If tx fully signed
if (hasEnoughSignatures(btcTx)) {
logger.info("Tx fully signed {}. Hex: {}", btcTx, Hex.toHexString(btcTx.bitcoinSerialize()));
provider.getRskTxsWaitingForSignatures().remove(new Keccak256(rskTxHash));
eventLogger.logReleaseBtc(btcTx);
} else {
logger.debug("Tx not yet fully signed {}.", new Keccak256(rskTxHash));
}
}
Also used :
Script(co.rsk.bitcoinj.script.Script)
TransactionSignature(co.rsk.bitcoinj.crypto.TransactionSignature)
Keccak256(co.rsk.crypto.Keccak256)
ScriptChunk(co.rsk.bitcoinj.script.ScriptChunk)
Aggregations
ScriptChunk (co.rsk.bitcoinj.script.ScriptChunk)8
Script (co.rsk.bitcoinj.script.Script)7
Keccak256 (co.rsk.crypto.Keccak256)4
TransactionSignature (co.rsk.bitcoinj.crypto.TransactionSignature)3
RepositoryImpl (co.rsk.db.RepositoryImpl)3
BridgeEventLogger (co.rsk.peg.utils.BridgeEventLogger)3
BridgeEventLoggerImpl (co.rsk.peg.utils.BridgeEventLoggerImpl)3
RLPList (org.ethereum.util.RLPList)3
LogInfo (org.ethereum.vm.LogInfo)3
Test (org.junit.Test)2
PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)2
BigInteger (java.math.BigInteger)1
RLPElement (org.ethereum.util.RLPElement)1
ECPrivateKeyParameters (org.spongycastle.crypto.params.ECPrivateKeyParameters)1
ECDSASigner (org.spongycastle.crypto.signers.ECDSASigner)1
