From 22b3313e836f833d7b754d89789994efefe8b4ef Mon Sep 17 00:00:00 2001 From: aeryz Date: Wed, 5 Mar 2025 17:29:50 +0300 Subject: [PATCH 1/4] chore: trusted verification that deserve applause from the clowns Signed-off-by: aeryz --- .../lightclient/movement/src/client.rs | 43 ++++++++++++++----- .../lightclient/movement/src/error.rs | 6 ++- .../src/client_state.rs | 6 ++- lib/unionlabs/src/aptos.rs | 1 + lib/unionlabs/src/aptos/signed_data.rs | 21 +++++++++ 5 files changed, 63 insertions(+), 14 deletions(-) create mode 100644 lib/unionlabs/src/aptos/signed_data.rs diff --git a/cosmwasm/ibc-union/lightclient/movement/src/client.rs b/cosmwasm/ibc-union/lightclient/movement/src/client.rs index 5d88d6c40b..70ed38730c 100644 --- a/cosmwasm/ibc-union/lightclient/movement/src/client.rs +++ b/cosmwasm/ibc-union/lightclient/movement/src/client.rs @@ -6,7 +6,8 @@ use movement_light_client_types::{ }; use unionlabs::{ aptos::{ - account::AccountAddress, storage_proof::StorageProof, transaction_info::TransactionInfo, + account::AccountAddress, signed_data::SignedData, storage_proof::StorageProof, + transaction_info::TransactionInfo, }, encoding::Bincode, primitives::{H256, U256}, @@ -28,7 +29,7 @@ impl IbcClient for MovementLightClient { type CustomQuery = Empty; - type Header = Header; + type Header = SignedData
; type Misbehaviour = Header; @@ -36,17 +37,30 @@ impl IbcClient for MovementLightClient { type ConsensusState = ConsensusState; - type StorageProof = StorageProof; + type StorageProof = SignedData; type Encoding = Bincode; fn verify_membership( - _ctx: IbcClientCtx, + ctx: IbcClientCtx, _height: u64, _key: Vec, - _storage_proof: Self::StorageProof, + storage_proof: Self::StorageProof, _value: Vec, ) -> Result<(), IbcClientError> { + let client_state = ctx.read_self_client_state()?; + if !ctx + .deps + .api + .ed25519_verify( + &storage_proof.hash(), + storage_proof.signature.as_ref(), + client_state.auth_pubkey.as_ref(), + ) + .map_err(Into::::into)? + { + return Err(Error::AuthenticationFailure.into()); + } // let client_state = ctx.read_self_client_state()?; // let consensus_state = ctx.read_self_consensus_state(height)?; // verify_membership( @@ -101,15 +115,22 @@ impl IbcClient for MovementLightClient { fn verify_header( ctx: IbcClientCtx, header: Self::Header, - caller: cosmwasm_std::Addr, + _caller: cosmwasm_std::Addr, ) -> Result<(u64, Self::ClientState, Self::ConsensusState), IbcClientError> { let client_state = ctx.read_self_client_state()?; // Check if caller is whitelisted - if !client_state - .whitelisted_relayers - .contains(&caller.to_string()) + + if !ctx + .deps + .api + .ed25519_verify( + &header.hash(), + header.signature.as_ref(), + client_state.auth_pubkey.as_ref(), + ) + .map_err(Into::::into)? { - return Err(IbcClientError::UnauthorizedCaller(caller.to_string())); + return Err(Error::AuthenticationFailure.into()); } // NOTE(aeryz): FOR AUDITORS and NERDS: @@ -167,7 +188,7 @@ impl IbcClient for MovementLightClient { ) .unwrap(); } - update_state(client_state, header).map_err(Into::into) + update_state(client_state, header.data).map_err(Into::into) } fn misbehaviour( diff --git a/cosmwasm/ibc-union/lightclient/movement/src/error.rs b/cosmwasm/ibc-union/lightclient/movement/src/error.rs index 45e82f7602..e8ccdd6eed 100644 --- a/cosmwasm/ibc-union/lightclient/movement/src/error.rs +++ b/cosmwasm/ibc-union/lightclient/movement/src/error.rs @@ -1,4 +1,4 @@ -use cosmwasm_std::StdError; +use cosmwasm_std::{StdError, VerificationError}; use ibc_union_light_client::IbcClientError; use unionlabs::ibc::core::client::height::Height; @@ -26,6 +26,10 @@ pub enum Error { InvalidIbcPath(String), #[error(transparent)] StdError(#[from] StdError), + #[error("authentication failure")] + AuthenticationFailure, + #[error(transparent)] + VerificationError(#[from] VerificationError), } impl From for StdError { diff --git a/lib/movement-light-client-types/src/client_state.rs b/lib/movement-light-client-types/src/client_state.rs index 39f2c18086..73eb2e1aa8 100644 --- a/lib/movement-light-client-types/src/client_state.rs +++ b/lib/movement-light-client-types/src/client_state.rs @@ -1,5 +1,7 @@ use unionlabs::{ - aptos::account::AccountAddress, ibc::core::client::height::Height, primitives::H160, + aptos::account::AccountAddress, + ibc::core::client::height::Height, + primitives::{H160, H256}, }; #[derive(Debug, Clone, PartialEq)] @@ -13,5 +15,5 @@ pub struct ClientState { pub table_handle: AccountAddress, pub frozen_height: Height, pub latest_block_num: u64, - pub whitelisted_relayers: Vec, + pub auth_pubkey: H256, } diff --git a/lib/unionlabs/src/aptos.rs b/lib/unionlabs/src/aptos.rs index f52c822f12..96b08acd79 100644 --- a/lib/unionlabs/src/aptos.rs +++ b/lib/unionlabs/src/aptos.rs @@ -6,6 +6,7 @@ pub mod ledger_info; pub mod object; pub mod public_key; pub mod signature; +pub mod signed_data; pub mod sparse_merkle_proof; pub mod state_proof; pub mod storage_proof; diff --git a/lib/unionlabs/src/aptos/signed_data.rs b/lib/unionlabs/src/aptos/signed_data.rs new file mode 100644 index 0000000000..8f3469e8c7 --- /dev/null +++ b/lib/unionlabs/src/aptos/signed_data.rs @@ -0,0 +1,21 @@ +use macros::model; +use sha2::Digest; +use unionlabs_primitives::H512; + +use crate::encoding::{Bincode, Encode}; + +#[model] +#[cfg_attr(feature = "bincode", derive(bincode::Encode, bincode::Decode))] +pub struct SignedData { + pub signature: H512, + pub data: T, +} + +impl + Clone> SignedData { + pub fn hash(&self) -> Vec { + sha2::Sha256::new() + .chain_update(self.data.clone().encode()) + .finalize() + .to_vec() + } +} From 684f70993076e1f30a183f33767bb76611409197 Mon Sep 17 00:00:00 2001 From: aeryz Date: Wed, 5 Mar 2025 17:57:58 +0300 Subject: [PATCH 2/4] chore: truly a shame Signed-off-by: aeryz --- Cargo.lock | 5 ++ lib/unionlabs/Cargo.toml | 2 + lib/unionlabs/src/aptos/signed_data.rs | 17 ++++++- .../client-bootstrap/movement/src/main.rs | 21 ++------ voyager/modules/proof/movement/Cargo.toml | 1 + voyager/modules/proof/movement/src/main.rs | 17 +++++-- .../plugins/client-update/movement/Cargo.toml | 1 + .../client-update/movement/src/main.rs | 49 +++++++++++-------- 8 files changed, 71 insertions(+), 42 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 98eedece5d..a3d0df30ca 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4711,6 +4711,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53" dependencies = [ "pkcs8", + "serde", "signature 2.2.0", ] @@ -4793,6 +4794,7 @@ dependencies = [ "hashbrown 0.14.3", "hex", "rand_core 0.6.4", + "serde", "sha2 0.10.8", "zeroize", ] @@ -13255,6 +13257,7 @@ dependencies = [ "chrono", "cosmwasm-std 2.1.4", "derive_more 0.99.17", + "ed25519-zebra 4.0.3", "either", "frame-support-procedural", "generic-array 0.14.7", @@ -13934,6 +13937,7 @@ version = "0.0.0" dependencies = [ "aptos-move-ibc", "aptos-rest-client", + "ed25519-zebra 4.0.3", "enumorph", "ethereum-light-client-types", "jsonrpsee", @@ -14344,6 +14348,7 @@ dependencies = [ "aptos-rest-client", "aptos-types", "clap 4.5.4", + "ed25519-zebra 4.0.3", "ibc-union-spec", "jsonrpsee", "reqwest 0.11.27", diff --git a/lib/unionlabs/Cargo.toml b/lib/unionlabs/Cargo.toml index 5127b70cb1..a329325fbc 100644 --- a/lib/unionlabs/Cargo.toml +++ b/lib/unionlabs/Cargo.toml @@ -48,12 +48,14 @@ bcs = { workspace = true } bincode = { workspace = true, features = ["alloc", "derive"], optional = true } borsh = { workspace = true, features = ["borsh-derive"], optional = true } bs58 = "0.4" +ed25519-zebra = { version = "4.0" } near-primitives-core = { version = "0.21", optional = true } near-sdk = { workspace = true, optional = true } schemars = { workspace = true, features = ["derive"], optional = true } serde_bytes = "0.11.6" unionlabs-primitives = { workspace = true, features = ["generic-array-compat", "serde", "base64"] } + [dev-dependencies] rand = "0.8.5" serde_json = { workspace = true } diff --git a/lib/unionlabs/src/aptos/signed_data.rs b/lib/unionlabs/src/aptos/signed_data.rs index 8f3469e8c7..79b7749fda 100644 --- a/lib/unionlabs/src/aptos/signed_data.rs +++ b/lib/unionlabs/src/aptos/signed_data.rs @@ -1,3 +1,4 @@ +use ed25519_zebra::SigningKey; use macros::model; use sha2::Digest; use unionlabs_primitives::H512; @@ -12,10 +13,22 @@ pub struct SignedData { } impl + Clone> SignedData { - pub fn hash(&self) -> Vec { + pub fn sign(signing_key: &SigningKey, data: T) -> Self { + let signature = signing_key.sign(&Self::internal_hash(&data)); + Self { + signature: H512::new(signature.to_bytes()), + data, + } + } + + fn internal_hash(data: &T) -> Vec { sha2::Sha256::new() - .chain_update(self.data.clone().encode()) + .chain_update(data.clone().encode()) .finalize() .to_vec() } + + pub fn hash(&self) -> Vec { + Self::internal_hash(&self.data) + } } diff --git a/voyager/modules/client-bootstrap/movement/src/main.rs b/voyager/modules/client-bootstrap/movement/src/main.rs index 1315f2bbf6..a90fa1b9fe 100644 --- a/voyager/modules/client-bootstrap/movement/src/main.rs +++ b/voyager/modules/client-bootstrap/movement/src/main.rs @@ -14,7 +14,7 @@ use unionlabs::{ transaction_proof::TransactionInfoWithProof, }, ibc::core::client::height::Height, - primitives::{FixedBytes, H160, U256}, + primitives::{FixedBytes, H160, H256, U256}, }; use voyager_message::{ core::{ChainId, ClientType}, @@ -52,7 +52,7 @@ pub struct Module { pub movement_rest_url: String, - pub whitelisted_relayers: Vec, + pub auth_pubkey: H256, } impl ClientBootstrapModule for Module { @@ -76,11 +76,7 @@ impl ClientBootstrapModule for Module { l1_settlement_address: config.l1_settlement_address, l1_client_id: config.l1_client_id, movement_rest_url: config.movement_rest_url, - whitelisted_relayers: config - .whitelisted_relayers - .into_iter() - .map(Into::into) - .collect(), + auth_pubkey: config.auth_pubkey, }) } } @@ -109,14 +105,7 @@ pub struct Config { /// The RPC endpoint for custom movement apis. pub movement_rest_url: String, - /// The relayers that are allowed to modify this light client - /// - /// Note that the light client had to be permissioned for now since - /// we are waiting for our [PR] to be merged so that we can fetch - /// the necessary proofs. - /// - /// [PR]: https://github.com/movementlabsxyz/movement/pull/645 - pub whitelisted_relayers: Vec, + pub auth_pubkey: H256, } impl Module { @@ -190,7 +179,7 @@ impl ClientBootstrapModuleServer for Module { )), frozen_height: Height::new(0), latest_block_num: height.height(), - whitelisted_relayers: self.whitelisted_relayers.clone(), + auth_pubkey: self.auth_pubkey, }) .expect("infallible")) } diff --git a/voyager/modules/proof/movement/Cargo.toml b/voyager/modules/proof/movement/Cargo.toml index 1e6e3df86e..273d3401f7 100644 --- a/voyager/modules/proof/movement/Cargo.toml +++ b/voyager/modules/proof/movement/Cargo.toml @@ -16,6 +16,7 @@ aptos-move-ibc = { workspace = true } aptos-rest-client = { workspace = true } aptos-types = { workspace = true } clap = { workspace = true, features = ["derive"] } +ed25519-zebra = { version = "4.0" } ibc-union-spec = { workspace = true } jsonrpsee = { workspace = true, features = ["macros", "server", "tracing"] } reqwest = { workspace = true, features = ["json"] } diff --git a/voyager/modules/proof/movement/src/main.rs b/voyager/modules/proof/movement/src/main.rs index 4fa301adcc..5756947ff1 100644 --- a/voyager/modules/proof/movement/src/main.rs +++ b/voyager/modules/proof/movement/src/main.rs @@ -3,6 +3,7 @@ use std::fmt::Debug; use aptos_move_ibc::ibc::ClientExt as _; use aptos_rest_client::{aptos_api_types::Address, error::RestError}; use aptos_types::state_store::state_value::PersistedStateValueMetadata; +use ed25519_zebra::SigningKey; use ibc_union_spec::{path::StorePath, IbcUnion}; use jsonrpsee::{ core::{async_trait, RpcResult}, @@ -14,6 +15,7 @@ use serde_json::Value; use tracing::{debug, instrument}; use unionlabs::{ aptos::{ + signed_data::SignedData, sparse_merkle_proof::{SparseMerkleLeafNode, SparseMerkleProof}, storage_proof::{StateValue, StateValueMetadata, StorageProof}, }, @@ -51,6 +53,8 @@ pub struct Module { pub movement_rpc_url: String, pub ibc_handler_address: Address, + + pub auth_signing_key: SigningKey, } impl ProofModule for Module { @@ -68,6 +72,7 @@ impl ProofModule for Module { aptos_client, movement_rpc_url: config.movement_rpc_url, ibc_handler_address: config.ibc_handler_address, + auth_signing_key: SigningKey::from(*config.auth_private_key.get()), }) } } @@ -78,6 +83,7 @@ pub struct Config { pub rpc_url: String, pub movement_rpc_url: String, pub ibc_handler_address: Address, + pub auth_private_key: H256, } impl aptos_move_ibc::ibc::ClientExt for Module { @@ -151,14 +157,19 @@ impl ProofModuleServer for Module { // at.revision_height, // ).await; - Ok(( - into_value(StorageProof { + let signed_data = SignedData::sign( + &self.auth_signing_key, + StorageProof { state_value: None, proof: SparseMerkleProof { leaf: None, siblings: Vec::new(), }, - }), + }, + ); + + Ok(( + into_value(signed_data), // TODO: Implement properly, see above ProofType::Membership, )) diff --git a/voyager/plugins/client-update/movement/Cargo.toml b/voyager/plugins/client-update/movement/Cargo.toml index 21475e1dd4..8cd21dda3c 100644 --- a/voyager/plugins/client-update/movement/Cargo.toml +++ b/voyager/plugins/client-update/movement/Cargo.toml @@ -14,6 +14,7 @@ workspace = true [dependencies] aptos-move-ibc = { workspace = true } aptos-rest-client = { workspace = true } +ed25519-zebra = { version = "4.0" } enumorph = { workspace = true } ethereum-light-client-types = { workspace = true } jsonrpsee = { workspace = true, features = ["macros", "server", "tracing"] } diff --git a/voyager/plugins/client-update/movement/src/main.rs b/voyager/plugins/client-update/movement/src/main.rs index d4bd7a5364..9aa0322ce2 100644 --- a/voyager/plugins/client-update/movement/src/main.rs +++ b/voyager/plugins/client-update/movement/src/main.rs @@ -2,6 +2,7 @@ use std::collections::VecDeque; use aptos_rest_client::error::RestError; use call::FetchUpdate; +use ed25519_zebra::SigningKey; use ethereum_light_client_types::{account_proof::AccountProof, storage_proof::StorageProof}; use jsonrpsee::{ core::{async_trait, RpcResult}, @@ -11,11 +12,11 @@ use serde::{Deserialize, Serialize}; use tracing::{debug, instrument}; use unionlabs::{ aptos::{ - account::AccountAddress, state_proof::StateProof, + account::AccountAddress, signed_data::SignedData, state_proof::StateProof, transaction_proof::TransactionInfoWithProof, }, ibc::core::client::height::Height, - primitives::H160, + primitives::{H160, H256}, }; use voyager_message::{ call::Call, @@ -60,6 +61,8 @@ pub struct Module { pub aptos_client: aptos_rest_client::Client, pub movement_rest_url: String, + + pub auth_signing_key: SigningKey, } impl Plugin for Module { @@ -89,6 +92,7 @@ impl Plugin for Module { l1_settlement_address: config.l1_settlement_address, l1_client_id: config.l1_client_id, movement_rest_url: config.movement_rest_url, + auth_signing_key: SigningKey::from(*config.auth_private_key.get()), }) } @@ -139,6 +143,8 @@ pub struct Config { /// The RPC endpoint for custom movement apis. pub movement_rest_url: String, + + pub auth_private_key: H256, } impl Module { @@ -212,30 +218,31 @@ impl PluginServer for Module { // NOTE(aeryz): This only works with Union's custom Movement node. When the following PR is merged, // we will uncomment this: https://github.com/movementlabsxyz/movement/pull/645 // let header = get_lc_header(&self.movement_rest_url, from, to).await; + let header = movement_light_client_types::Header { + // dummy value for now, until movement settles on a public L1 + l1_height: 0, + trusted_height: Height::new(from), + state_proof: StateProof::default(), + tx_index: 0, + tx_proof: TransactionInfoWithProof::default(), + state_proof_hash_proof: StorageProof { + key: Default::default(), + value: Default::default(), + proof: Default::default(), + }, + settlement_contract_proof: AccountProof { + storage_root: Default::default(), + proof: Default::default(), + }, + new_height: to, + }; + let signed_header = SignedData::sign(&self.auth_signing_key, header); Ok(data(OrderedHeaders { headers: vec![( DecodedHeaderMeta { height: Height::new(to), }, - serde_json::to_value(movement_light_client_types::Header { - // dummy value for now, until movement settles on a public L1 - l1_height: 0, - trusted_height: Height::new(from), - state_proof: StateProof::default(), - tx_index: 0, - tx_proof: TransactionInfoWithProof::default(), - state_proof_hash_proof: StorageProof { - key: Default::default(), - value: Default::default(), - proof: Default::default(), - }, - settlement_contract_proof: AccountProof { - storage_root: Default::default(), - proof: Default::default(), - }, - new_height: to, - }) - .unwrap(), + serde_json::to_value(signed_header).unwrap(), )], })) } From f48438923f339240552c5aaa8fdf6d8e3e6e463a Mon Sep 17 00:00:00 2001 From: aeryz Date: Wed, 5 Mar 2025 18:10:14 +0300 Subject: [PATCH 3/4] chore: dont depend on ed25519 on unionlabs Signed-off-by: aeryz --- Cargo.lock | 1 - lib/unionlabs/Cargo.toml | 1 - lib/unionlabs/src/aptos/signed_data.rs | 25 +++++----------- voyager/modules/proof/movement/src/main.rs | 29 ++++++++++--------- .../client-update/movement/src/main.rs | 14 +++++++-- 5 files changed, 35 insertions(+), 35 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a3d0df30ca..80235aa02b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -13257,7 +13257,6 @@ dependencies = [ "chrono", "cosmwasm-std 2.1.4", "derive_more 0.99.17", - "ed25519-zebra 4.0.3", "either", "frame-support-procedural", "generic-array 0.14.7", diff --git a/lib/unionlabs/Cargo.toml b/lib/unionlabs/Cargo.toml index a329325fbc..362e403f12 100644 --- a/lib/unionlabs/Cargo.toml +++ b/lib/unionlabs/Cargo.toml @@ -48,7 +48,6 @@ bcs = { workspace = true } bincode = { workspace = true, features = ["alloc", "derive"], optional = true } borsh = { workspace = true, features = ["borsh-derive"], optional = true } bs58 = "0.4" -ed25519-zebra = { version = "4.0" } near-primitives-core = { version = "0.21", optional = true } near-sdk = { workspace = true, optional = true } schemars = { workspace = true, features = ["derive"], optional = true } diff --git a/lib/unionlabs/src/aptos/signed_data.rs b/lib/unionlabs/src/aptos/signed_data.rs index 79b7749fda..369a50190b 100644 --- a/lib/unionlabs/src/aptos/signed_data.rs +++ b/lib/unionlabs/src/aptos/signed_data.rs @@ -1,4 +1,3 @@ -use ed25519_zebra::SigningKey; use macros::model; use sha2::Digest; use unionlabs_primitives::H512; @@ -13,22 +12,14 @@ pub struct SignedData { } impl + Clone> SignedData { - pub fn sign(signing_key: &SigningKey, data: T) -> Self { - let signature = signing_key.sign(&Self::internal_hash(&data)); - Self { - signature: H512::new(signature.to_bytes()), - data, - } - } - - fn internal_hash(data: &T) -> Vec { - sha2::Sha256::new() - .chain_update(data.clone().encode()) - .finalize() - .to_vec() - } - pub fn hash(&self) -> Vec { - Self::internal_hash(&self.data) + hash_signature_data(self.data.clone()) } } + +pub fn hash_signature_data + Clone>(data: T) -> Vec { + sha2::Sha256::new() + .chain_update(data.encode()) + .finalize() + .to_vec() +} diff --git a/voyager/modules/proof/movement/src/main.rs b/voyager/modules/proof/movement/src/main.rs index 5756947ff1..61a9344a69 100644 --- a/voyager/modules/proof/movement/src/main.rs +++ b/voyager/modules/proof/movement/src/main.rs @@ -15,12 +15,12 @@ use serde_json::Value; use tracing::{debug, instrument}; use unionlabs::{ aptos::{ - signed_data::SignedData, + signed_data::{hash_signature_data, SignedData}, sparse_merkle_proof::{SparseMerkleLeafNode, SparseMerkleProof}, storage_proof::{StateValue, StateValueMetadata, StorageProof}, }, ibc::core::client::height::Height, - primitives::{H256, U256}, + primitives::{H256, H512, U256}, ErrorReporter, }; use voyager_message::{ @@ -157,19 +157,22 @@ impl ProofModuleServer for Module { // at.revision_height, // ).await; - let signed_data = SignedData::sign( - &self.auth_signing_key, - StorageProof { - state_value: None, - proof: SparseMerkleProof { - leaf: None, - siblings: Vec::new(), - }, + let proof = StorageProof { + state_value: None, + proof: SparseMerkleProof { + leaf: None, + siblings: Vec::new(), }, - ); - + }; + let signed_data = self + .auth_signing_key + .sign(&hash_signature_data(proof.clone())); + let signed_proof = SignedData { + signature: H512::new(signed_data.to_bytes()), + data: proof, + }; Ok(( - into_value(signed_data), + into_value(signed_proof), // TODO: Implement properly, see above ProofType::Membership, )) diff --git a/voyager/plugins/client-update/movement/src/main.rs b/voyager/plugins/client-update/movement/src/main.rs index 9aa0322ce2..7d0ff94d15 100644 --- a/voyager/plugins/client-update/movement/src/main.rs +++ b/voyager/plugins/client-update/movement/src/main.rs @@ -12,11 +12,13 @@ use serde::{Deserialize, Serialize}; use tracing::{debug, instrument}; use unionlabs::{ aptos::{ - account::AccountAddress, signed_data::SignedData, state_proof::StateProof, + account::AccountAddress, + signed_data::{hash_signature_data, SignedData}, + state_proof::StateProof, transaction_proof::TransactionInfoWithProof, }, ibc::core::client::height::Height, - primitives::{H160, H256}, + primitives::{H160, H256, H512}, }; use voyager_message::{ call::Call, @@ -236,7 +238,13 @@ impl PluginServer for Module { }, new_height: to, }; - let signed_header = SignedData::sign(&self.auth_signing_key, header); + let signed_data = self + .auth_signing_key + .sign(&hash_signature_data(header.clone())); + let signed_header = SignedData { + signature: H512::new(signed_data.to_bytes()), + data: header, + }; Ok(data(OrderedHeaders { headers: vec![( DecodedHeaderMeta { From 2382311aa074121f9a1aa551eecafb88abd1a37e Mon Sep 17 00:00:00 2001 From: aeryz Date: Wed, 5 Mar 2025 18:18:52 +0300 Subject: [PATCH 4/4] chore: feature gate signed data Signed-off-by: aeryz --- lib/unionlabs/src/aptos.rs | 1 + lib/unionlabs/src/aptos/signed_data.rs | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/unionlabs/src/aptos.rs b/lib/unionlabs/src/aptos.rs index 96b08acd79..135528a1c1 100644 --- a/lib/unionlabs/src/aptos.rs +++ b/lib/unionlabs/src/aptos.rs @@ -6,6 +6,7 @@ pub mod ledger_info; pub mod object; pub mod public_key; pub mod signature; +#[cfg(feature = "bincode")] pub mod signed_data; pub mod sparse_merkle_proof; pub mod state_proof; diff --git a/lib/unionlabs/src/aptos/signed_data.rs b/lib/unionlabs/src/aptos/signed_data.rs index 369a50190b..a1f99d0d92 100644 --- a/lib/unionlabs/src/aptos/signed_data.rs +++ b/lib/unionlabs/src/aptos/signed_data.rs @@ -5,7 +5,7 @@ use unionlabs_primitives::H512; use crate::encoding::{Bincode, Encode}; #[model] -#[cfg_attr(feature = "bincode", derive(bincode::Encode, bincode::Decode))] +#[derive(bincode::Encode, bincode::Decode)] pub struct SignedData { pub signature: H512, pub data: T,