Skip to content

Commit

Permalink
fix(builder): re-add constraint pubkey validation
Browse files Browse the repository at this point in the history
  • Loading branch information
merklefruit committed Oct 11, 2024
1 parent 345c109 commit bc77dee
Showing 1 changed file with 8 additions and 20 deletions.
28 changes: 8 additions & 20 deletions builder/builder/builder.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"math/big"
"net/http"
_ "os"
"slices"
"strings"
"sync"
"time"
Expand Down Expand Up @@ -362,32 +363,19 @@ func (b *Builder) subscribeToRelayForConstraints(relayBaseEndpoint string) error
}

for _, constraint := range constraintsSigned {
// TODO: re-enable this once testing the devnet has ended
// oneValidSignature := false
// Check if the signature is valid against any of the authorized pubkeys
// for _, pubkey := range b.slotConstraintsPubkeys {
// valid, err := constraint.VerifySignature(pubkey, b.GetConstraintsDomain())
// if err != nil || !valid {
// log.Error("Failed to verify constraint signature", "err", err)
// continue
// }
//
// oneValidSignature = true
// }

// TODO: remove this once testing the devnet has ended, we should check for authorized keys
// Check that the constraints pubkey is authorized to sign constraints
if !slices.Contains(b.slotConstraintsPubkeys, constraint.Message.Pubkey) {
log.Warn("Received constraint from unauthorized pubkey", "pubkey", constraint.Message.Pubkey)
continue
}

// Verify the signature of the constraints message
valid, err := constraint.VerifySignature(constraint.Message.Pubkey, b.GetConstraintsDomain())
if err != nil || !valid {
log.Error("Failed to verify constraint signature", "err", err)
continue
}

// TODO: re-enable this once testing the devnet has ended
// If there is no valid signature, continue with the next constraint
// if !oneValidSignature {
// continue
// }

decodedConstraints, err := DecodeConstraints(constraint)
if err != nil {
log.Error("Failed to decode constraint: ", err)
Expand Down

0 comments on commit bc77dee

Please sign in to comment.