Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove signatures from svp spend tx before searching it while running HSM #390

Open
wants to merge 6 commits into
base: LOVELL-7.0.0-rc
Choose a base branch
from
Open

Remove signatures from svp spend tx before searching it while running HSM #390

wants to merge 6 commits into from
+171 −7

Conversation

apancorb
Copy link
Contributor

@apancorb apancorb commented Feb 5, 2025
edited
Loading

Description

When running with an HSM, the node is unable to find the related event since it is taking account the hash of the transaction with the singnatures on it. It must remove the signatures from the bitcoin transaction before comparing with the tx hash of the event.

Motivation and Context

How Has This Been Tested?

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • Tests for the changes have been added (for bug fixes / features)
  • Requires Activation Code (Hard Fork)
  • Other information:

rskj:fix/remove-sigs-svp-spend
fed:fix/remove-sigs-svp-spend

@apancorb apancorb changed the base branch from master to lovell-700-rc-alphanet February 5, 2025 15:44
@apancorb apancorb changed the base branch from lovell-700-rc-alphanet to LOVELL-7.0.0-rc February 5, 2025 16:08
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 5, 2025
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails

Scanned Manifest Files

@apancorb apancorb force-pushed the fix/remove-sigs-svp-spend branch from 731329b to a368f73 Compare February 5, 2025 16:14
marcos-iov
marcos-iov reviewed Feb 5, 2025
View reviewed changes
src/main/java/co/rsk/federate/btcreleaseclient/BtcReleaseClient.java Outdated
* @return {@code true} if the transaction has the required number of confirmations and is ready to be signed;
* {@code false} otherwise
*/
private boolean isSVPSpendTxReadyToSign(long currentBlockNumber, Map.Entry<Keccak256, BtcTransaction> svpSpendTx) {
try {

BtcTransaction svpSpendTxWithoutSignatures = svpSpendTx.getValue();
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wouldn't call it that way here, it still has the signatures

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I renamed it back to btcTx.

src/main/java/co/rsk/federate/btcreleaseclient/BtcReleaseClient.java Outdated
Comment on lines 297 to 300
Federation spendingFed = getSpendingFederation(svpSpendTxWithoutSignatures);

logger.debug("[isSvpSpendTxReadyToSign] SVP spend tx before removing signatures [{}]", svpSpendTxWithoutSignatures);
removeSignaturesFromTransaction(svpSpendTxWithoutSignatures, spendingFed);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could make use of BitcoinUtils:: removeSignaturesFromTransactionWithP2shMultiSigInputs

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agree. Maybe we should deprecate co.rsk.federate.btcreleaseclient.BtcReleaseClient#removeSignaturesFromTransaction and suggest use removeSignaturesFromTransactionWithP2shMultiSigInputs in the comment.

Btw, removeSignaturesFromTransactionWithP2shMultiSigInputs throws RuntimeExceptions. Should we catch them if so? I think we should, if not, it could result in pegouts not being able to be signed.

@marcos-iov @julia-zack

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's not change more than we need right now, just fix the problem and move on with Lovell. Future refactors can come later.

By the way, instead of removeSignaturesFromTransactionWithP2shMultiSigInputs we should actually use getMultiSigTransactionHashWithoutSignatures that makes a copy of the transaction and returns it without signatures. That makes it a lot clearer

src/main/java/co/rsk/federate/btcreleaseclient/BtcReleaseClient.java Outdated
BtcTransaction svpSpendTxWithoutSignatures = svpSpendTx.getValue();
Federation spendingFed = getSpendingFederation(svpSpendTxWithoutSignatures);

logger.debug("[isSvpSpendTxReadyToSign] SVP spend tx before removing signatures [{}]", svpSpendTxWithoutSignatures);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably want to log just the hash of the transaction

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Check:

powpeg-node/src/main/java/co/rsk/federate/btcreleaseclient/BtcReleaseClient.java

Line 390 in a368f73

logger.trace("[tryGetReleaseInformation] Removing possible signatures from pegout btcTxHash {}", pegoutBtcTx.getHash());

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated

src/main/java/co/rsk/federate/btcreleaseclient/BtcReleaseClient.java Outdated

logger.debug("[isSvpSpendTxReadyToSign] SVP spend tx before removing signatures [{}]", svpSpendTxWithoutSignatures);
removeSignaturesFromTransaction(svpSpendTxWithoutSignatures, spendingFed);
logger.debug("[isSvpSpendTxReadyToSign] SVP spend tx after removing signatures [{}]", svpSpendTxWithoutSignatures);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated

@apancorb apancorb marked this pull request as ready for review February 6, 2025 14:42
@apancorb apancorb requested a review from a team as a code owner February 6, 2025 14:42
nathanieliov
nathanieliov previously approved these changes Feb 6, 2025
View reviewed changes
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Feb 7, 2025

Quality Gate Passed Quality Gate passed

Issues
12 New issues
0 Accepted issues

Measures
0 Security Hotspots
87.1% Coverage on New Code
1.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcos-iov marcos-iov marcos-iov left review comments

@julia-zack julia-zack julia-zack left review comments

@nathanieliov nathanieliov nathanieliov left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@apancorb @marcos-iov @julia-zack @nathanieliov