From f29f6d2f6dd5e5477b092112bbd34f024c04bdaf Mon Sep 17 00:00:00 2001 From: Clara van Staden Date: Thu, 25 Jul 2024 19:39:44 +0200 Subject: [PATCH] audit fixes (#161) --- .../pallets/ethereum-client/src/impls.rs | 43 ++++++++++--------- 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/bridges/snowbridge/pallets/ethereum-client/src/impls.rs b/bridges/snowbridge/pallets/ethereum-client/src/impls.rs index f600b1f67e29..e79e2eb5499e 100644 --- a/bridges/snowbridge/pallets/ethereum-client/src/impls.rs +++ b/bridges/snowbridge/pallets/ethereum-client/src/impls.rs @@ -13,8 +13,9 @@ use snowbridge_ethereum::Receipt; impl Verifier for Pallet { /// Verify a message by verifying the existence of the corresponding /// Ethereum log in a block. Returns the log if successful. The execution header containing - /// the log should be in the beacon client storage, meaning it has been verified and is an - /// ancestor of a finalized beacon block. + /// the log is sent with the message. The beacon header containing the execution header + /// is also sent with the message, to check if the header is an ancestor of a finalized + /// header. fn verify(event_log: &Log, proof: &Proof) -> Result<(), VerificationError> { Self::verify_execution_proof(&proof.execution_proof) .map_err(|e| InvalidExecutionProof(e.into()))?; @@ -80,25 +81,6 @@ impl Pallet { Error::::HeaderNotFinalized ); - // Gets the hash tree root of the execution header, in preparation for the execution - // header proof (used to check that the execution header is rooted in the beacon - // header body. - let execution_header_root: H256 = execution_proof - .execution_header - .hash_tree_root() - .map_err(|_| Error::::BlockBodyHashTreeRootFailed)?; - - ensure!( - verify_merkle_branch( - execution_header_root, - &execution_proof.execution_branch, - config::EXECUTION_HEADER_SUBTREE_INDEX, - config::EXECUTION_HEADER_DEPTH, - execution_proof.header.body_root - ), - Error::::InvalidExecutionHeaderProof - ); - let beacon_block_root: H256 = execution_proof .header .hash_tree_root() @@ -125,6 +107,25 @@ impl Pallet { }, } + // Gets the hash tree root of the execution header, in preparation for the execution + // header proof (used to check that the execution header is rooted in the beacon + // header body. + let execution_header_root: H256 = execution_proof + .execution_header + .hash_tree_root() + .map_err(|_| Error::::BlockBodyHashTreeRootFailed)?; + + ensure!( + verify_merkle_branch( + execution_header_root, + &execution_proof.execution_branch, + config::EXECUTION_HEADER_SUBTREE_INDEX, + config::EXECUTION_HEADER_DEPTH, + execution_proof.header.body_root + ), + Error::::InvalidExecutionHeaderProof + ); + Ok(()) }