Reenable PublicKey initialisation and allow public keys to be unset

Signed-off-by: Silas Davis <[email protected]>

crypto/crypto.go

@@ -7,8 +7,9 @@ import (
 type CurveType uint32
 
 const (
-	CurveTypeSecp256k1 CurveType = iota
+	CurveTypeUnset CurveType = iota
 	CurveTypeEd25519
+	CurveTypeSecp256k1
 )
 
 func (k CurveType) String() string {
@@ -17,6 +18,8 @@ func (k CurveType) String() string {
 		return "secp256k1"
 	case CurveTypeEd25519:
 		return "ed25519"
+	case CurveTypeUnset:
+		return ""
 	default:
 		return "unknown"
 	}
@@ -27,6 +30,8 @@ func (k CurveType) ABCIType() string {
 		return "secp256k1"
 	case CurveTypeEd25519:
 		return "ed25519"
+	case CurveTypeUnset:
+		return ""
 	default:
 		return "unknown"
 	}
@@ -43,9 +48,10 @@ func CurveTypeFromString(s string) (CurveType, error) {
 		return CurveTypeSecp256k1, nil
 	case "ed25519":
 		return CurveTypeEd25519, nil
+	case "":
+		return CurveTypeUnset, nil
 	default:
-		var k CurveType
-		return k, ErrInvalidCurve(s)
+		return CurveTypeUnset, ErrInvalidCurve(s)
 	}
 }
 

crypto/private_key.go

@@ -25,6 +25,11 @@ func PublicKeyFromBytes(bs []byte, curveType CurveType) (PublicKey, error) {
 			return PublicKey{}, fmt.Errorf("bytes passed have length %v but secp256k1 public keys have %v bytes",
 				len(bs), btcec.PubKeyBytesLenCompressed)
 		}
+	case CurveTypeUnset:
+		if len(bs) > 0 {
+			return PublicKey{}, fmt.Errorf("attempting to create an 'unset' PublicKey but passed non-empty key bytes: %X", bs)
+		}
+		return PublicKey{}, nil
 	default:
 		return PublicKey{}, ErrInvalidCurve(curveType)
 	}

crypto/public_key.go

@@ -73,22 +73,30 @@ func (p PublicKey) IsValid() bool {
 	return publicKeyLength != 0 && publicKeyLength == len(p.Key)
 }
 
-func (p PublicKey) Verify(msg []byte, signature Signature) bool {
+func (p PublicKey) Verify(msg []byte, signature Signature) error {
 	switch p.CurveType {
+	case CurveTypeUnset:
+		return fmt.Errorf("public key is unset")
 	case CurveTypeEd25519:
-		return ed25519.Verify(p.Key, msg, signature)
+		if ed25519.Verify(p.Key, msg, signature) {
+			return nil
+		}
+		return fmt.Errorf("'%X' is not a valid ed25519 signature for message: %X", signature, msg)
 	case CurveTypeSecp256k1:
 		pub, err := btcec.ParsePubKey(p.Key, btcec.S256())
 		if err != nil {
-			return false
+			return fmt.Errorf("could not parse secp256k1 public key: %v", err)
 		}
 		sig, err := btcec.ParseDERSignature(signature, btcec.S256())
 		if err != nil {
-			return false
+			return fmt.Errorf("could not parse DER signature for secp256k1 key: %v", err)
+		}
+		if sig.Verify(msg, pub) {
+			return nil
 		}
-		return sig.Verify(msg, pub)
+		return fmt.Errorf("'%X' is not a valid secp256k1 signature for message: %X", signature, msg)
 	default:
-		panic(fmt.Sprintf("invalid curve type"))
+		return fmt.Errorf("invalid curve type")
 	}
 }
 

execution/exec/tx_execution.go

@@ -92,7 +92,7 @@ func (txe *TxExecution) Call(call *CallEvent, exception *errors.Exception) {
 
 func (txe *TxExecution) GovernAccount(governAccount *GovernAccountEvent, exception *errors.Exception) {
 	txe.Append(&Event{
-		Header:        txe.Header(TypeCall, EventStringGovernAccount(governAccount.AccountUpdate.Address), exception),
+		Header:        txe.Header(TypeGovernAccount, EventStringGovernAccount(governAccount.AccountUpdate.Address), exception),
 		GovernAccount: governAccount,
 	})
 }

execution/execution.go

@@ -189,6 +189,21 @@ func (exe *executor) Execute(txEnv *txs.Envelope) (txe *exec.TxExecution, err er
 		return nil, err
 	}
 
+	// Initialise public keys for accounts we have seen
+	for _, sig := range txEnv.Signatories {
+		// pointer dereferences are safe since txEnv.Validate() is run by txEnv.Verify() above which checks they are
+		// non-nil
+		acc, err := state.GetMutableAccount(exe.stateCache, *sig.Address)
+		if err != nil {
+			return nil, fmt.Errorf("error getting account on which to set public key: %v", *sig.Address)
+		}
+		acc.SetPublicKey(*sig.PublicKey)
+		err = exe.stateCache.UpdateAccount(acc)
+		if err != nil {
+			return nil, fmt.Errorf("error updating account after setting public key: %v", err)
+		}
+	}
+
 	if txExecutor, ok := exe.contexts[txEnv.Tx.Type()]; ok {
 		// Establish new TxExecution
 		txe := exe.blockExecution.Tx(txEnv)

integration/governance/governance_test.go

@@ -119,6 +119,8 @@ func TestAlterAmount(t *testing.T) {
 	ca, err := qcli.GetAccount(context.Background(), &rpcquery.GetAccountParam{Address: acc.Address()})
 	require.NoError(t, err)
 	assert.Equal(t, amount, ca.Balance)
+	// Check we haven't altered permissions
+	assert.Equal(t, genesisDoc.Accounts[5].Permissions, ca.Permissions)
 }
 
 func TestAlterPermissions(t *testing.T) {

integration/rpctransact/transact_server_test.go

@@ -24,6 +24,7 @@ import (
 
 	"time"
 
+	"github.com/hyperledger/burrow/crypto"
 	"github.com/hyperledger/burrow/execution/exec"
 	"github.com/hyperledger/burrow/integration/rpctest"
 	"github.com/hyperledger/burrow/rpc/rpcevents"
@@ -38,6 +39,25 @@ import (
 var inputAccount = rpctest.PrivateAccounts[0]
 var inputAddress = inputAccount.Address()
 
+func TestInputAccountPublicKeySet(t *testing.T) {
+	input := rpctest.PrivateAccounts[9]
+	tcli := rpctest.NewTransactClient(t, testConfig.RPC.GRPC.ListenAddress)
+	qcli := rpctest.NewQueryClient(t, testConfig.RPC.GRPC.ListenAddress)
+	acc, err := qcli.GetAccount(context.Background(), &rpcquery.GetAccountParam{Address: input.Address()})
+	require.NoError(t, err)
+
+	// Account PublicKey should be initially unset
+	assert.Equal(t, crypto.PublicKey{}, acc.PublicKey)
+
+	// Sign with this account - should set public key
+	rpctest.CreateContract(t, tcli, input.Address())
+	acc, err = qcli.GetAccount(context.Background(), &rpcquery.GetAccountParam{Address: input.Address()})
+
+	// Check public key set
+	require.NoError(t, err)
+	assert.Equal(t, input.PublicKey(), acc.PublicKey)
+}
+
 func TestBroadcastTxLocallySigned(t *testing.T) {
 	qcli := rpctest.NewQueryClient(t, testConfig.RPC.GRPC.ListenAddress)
 	acc, err := qcli.GetAccount(context.Background(), &rpcquery.GetAccountParam{

keys/server.go

@@ -144,9 +144,9 @@ func (k *KeyStore) Verify(ctx context.Context, in *VerifyRequest) (*VerifyRespon
 	if err != nil {
 		return nil, err
 	}
-	match := pubkey.Verify(in.GetMessage(), sig)
-	if !match {
-		return nil, fmt.Errorf("Signature does not match")
+	err = pubkey.Verify(in.GetMessage(), sig)
+	if err != nil {
+		return nil, err
 	}
 
 	return &VerifyResponse{}, nil

permission/account_permissions.go

@@ -58,10 +58,14 @@ func (ap *AccountPermissions) RmRole(role string) bool {
 func (ap *AccountPermissions) Clone() AccountPermissions {
 	// clone base permissions
 	basePermissionsClone := ap.Base
-	// clone roles []string
-	rolesClone := make([]string, len(ap.Roles))
-	// strings are immutable so copy suffices
-	copy(rolesClone, ap.Roles)
+	var rolesClone []string
+	// It helps if we normalise empty roles to []string(nil) rather than []string{}
+	if len(ap.Roles) > 0 {
+		// clone roles []string
+		rolesClone = make([]string, len(ap.Roles))
+		// strings are immutable so copy suffices
+		copy(rolesClone, ap.Roles)
+	}
 
 	return AccountPermissions{
 		Base:  basePermissionsClone,

txs/envelope.go

@@ -72,6 +72,22 @@ func (txEnv *Envelope) Validate() error {
 	if len(txEnv.Signatories) == 0 {
 		return fmt.Errorf("transaction envelope contains no (successfully unmarshalled) signatories")
 	}
+	for i, sig := range txEnv.Signatories {
+		err := sig.Validate()
+		if err != nil {
+			return fmt.Errorf("Signatory %v is invalid: %v", i, err)
+		}
+	}
+	return nil
+}
+
+func (sig *Signatory) Validate() error {
+	if sig.Address == nil {
+		return fmt.Errorf("has nil Address: %v", sig)
+	}
+	if sig.PublicKey == nil {
+		return fmt.Errorf("has nil PublicKey: %v", sig)
+	}
 	return nil
 }
 
@@ -102,8 +118,9 @@ func (txEnv *Envelope) Verify(getter state.AccountGetter, chainID string) error
 			return fmt.Errorf("signatory %v has address %v but input %v has address %v",
 				i, *s.Address, i, inputs[i].Address)
 		}
-		if !s.PublicKey.Verify(signBytes, s.Signature) {
-			return fmt.Errorf("invalid signature in signatory %v ", *s.Address)
+		err = s.PublicKey.Verify(signBytes, s.Signature)
+		if err != nil {
+			return fmt.Errorf("invalid signature in signatory %v: %v", *s.Address, err)
 		}
 	}
 	return nil