diff --git a/beacon-chain/core/altair/deposit.go b/beacon-chain/core/altair/deposit.go index 0f6403c793f0..084643324e40 100644 --- a/beacon-chain/core/altair/deposit.go +++ b/beacon-chain/core/altair/deposit.go @@ -37,7 +37,7 @@ func ProcessDeposits( beaconState state.BeaconState, deposits []*ethpb.Deposit, ) (state.BeaconState, error) { - batchVerified, err := blocks.BatchVerifyDepositsSignatures(ctx, deposits) + allSignaturesVerified, err := blocks.BatchVerifyDepositsSignatures(ctx, deposits) if err != nil { return nil, err } @@ -46,7 +46,7 @@ func ProcessDeposits( if deposit == nil || deposit.Data == nil { return nil, errors.New("got a nil deposit in block") } - beaconState, err = ProcessDeposit(beaconState, deposit, batchVerified) + beaconState, err = ProcessDeposit(beaconState, deposit, allSignaturesVerified) if err != nil { return nil, errors.Wrapf(err, "could not process deposit from %#x", bytesutil.Trunc(deposit.Data.PublicKey)) } @@ -81,7 +81,7 @@ func ProcessDeposits( // amount=deposit.data.amount, // signature=deposit.data.signature, // ) -func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, verified bool) (state.BeaconState, error) { +func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, allSignaturesVerified bool) (state.BeaconState, error) { if err := blocks.VerifyDeposit(beaconState, deposit); err != nil { if deposit == nil || deposit.Data == nil { return nil, err @@ -92,7 +92,7 @@ func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, verif return nil, err } - return ApplyDeposit(beaconState, deposit.Data, verified) + return ApplyDeposit(beaconState, deposit.Data, allSignaturesVerified) } // ApplyDeposit @@ -115,13 +115,13 @@ func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, verif // # Increase balance by deposit amount // index = ValidatorIndex(validator_pubkeys.index(pubkey)) // increase_balance(state, index, amount) -func ApplyDeposit(beaconState state.BeaconState, data *ethpb.Deposit_Data, verified bool) (state.BeaconState, error) { +func ApplyDeposit(beaconState state.BeaconState, data *ethpb.Deposit_Data, allSignaturesVerified bool) (state.BeaconState, error) { pubKey := data.PublicKey amount := data.Amount withdrawalCredentials := data.WithdrawalCredentials index, ok := beaconState.ValidatorIndexByPubkey(bytesutil.ToBytes48(pubKey)) if !ok { - if !verified { + if !allSignaturesVerified { valid, err := blocks.IsValidDepositSignature(data) if err != nil { return nil, err diff --git a/beacon-chain/core/blocks/deposit_test.go b/beacon-chain/core/blocks/deposit_test.go index 4414d849abab..480b4f5c1890 100644 --- a/beacon-chain/core/blocks/deposit_test.go +++ b/beacon-chain/core/blocks/deposit_test.go @@ -128,3 +128,54 @@ func TestIsValidDepositSignature_Ok(t *testing.T) { require.NoError(t, err) require.Equal(t, true, valid) } + +func TestBatchVerifyPendingDepositsSignatures_Ok(t *testing.T) { + sk, err := bls.RandKey() + require.NoError(t, err) + domain, err := signing.ComputeDomain(params.BeaconConfig().DomainDeposit, nil, nil) + require.NoError(t, err) + pendingDeposit := ðpb.PendingDeposit{ + PublicKey: sk.PublicKey().Marshal(), + WithdrawalCredentials: make([]byte, 32), + Amount: 3000, + } + sr, err := signing.ComputeSigningRoot(ðpb.DepositMessage{ + PublicKey: pendingDeposit.PublicKey, + WithdrawalCredentials: pendingDeposit.WithdrawalCredentials, + Amount: 3000, + }, domain) + require.NoError(t, err) + sig := sk.Sign(sr[:]) + pendingDeposit.Signature = sig.Marshal() + + sk2, err := bls.RandKey() + require.NoError(t, err) + pendingDeposit2 := ðpb.PendingDeposit{ + PublicKey: sk2.PublicKey().Marshal(), + WithdrawalCredentials: make([]byte, 32), + Amount: 4000, + } + sr2, err := signing.ComputeSigningRoot(ðpb.DepositMessage{ + PublicKey: pendingDeposit2.PublicKey, + WithdrawalCredentials: pendingDeposit2.WithdrawalCredentials, + Amount: 4000, + }, domain) + require.NoError(t, err) + sig2 := sk2.Sign(sr2[:]) + pendingDeposit2.Signature = sig2.Marshal() + + verified, err := blocks.BatchVerifyPendingDepositsSignatures(context.Background(), []*ethpb.PendingDeposit{pendingDeposit, pendingDeposit2}) + require.NoError(t, err) + require.Equal(t, true, verified) +} + +func TestBatchVerifyPendingDepositsSignatures_InvalidSignature(t *testing.T) { + pendingDeposit := ðpb.PendingDeposit{ + PublicKey: bytesutil.PadTo([]byte{1, 2, 3}, 48), + WithdrawalCredentials: make([]byte, 32), + Signature: make([]byte, 96), + } + verified, err := blocks.BatchVerifyPendingDepositsSignatures(context.Background(), []*ethpb.PendingDeposit{pendingDeposit}) + require.NoError(t, err) + require.Equal(t, false, verified) +} diff --git a/beacon-chain/core/electra/deposits.go b/beacon-chain/core/electra/deposits.go index e2b8e3155734..431ab79fe60b 100644 --- a/beacon-chain/core/electra/deposits.go +++ b/beacon-chain/core/electra/deposits.go @@ -38,7 +38,7 @@ func ProcessDeposits( defer span.End() // Attempt to verify all deposit signatures at once, if this fails then fall back to processing // individual deposits with signature verification enabled. - batchVerified, err := blocks.BatchVerifyDepositsSignatures(ctx, deposits) + allSignaturesVerified, err := blocks.BatchVerifyDepositsSignatures(ctx, deposits) if err != nil { return nil, errors.Wrap(err, "could not verify deposit signatures in batch") } @@ -47,7 +47,7 @@ func ProcessDeposits( if d == nil || d.Data == nil { return nil, errors.New("got a nil deposit in block") } - beaconState, err = ProcessDeposit(beaconState, d, batchVerified) + beaconState, err = ProcessDeposit(beaconState, d, allSignaturesVerified) if err != nil { return nil, errors.Wrapf(err, "could not process deposit from %#x", bytesutil.Trunc(d.Data.PublicKey)) } @@ -82,7 +82,7 @@ func ProcessDeposits( // amount=deposit.data.amount, // signature=deposit.data.signature, // ) -func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, verified bool) (state.BeaconState, error) { +func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, allSignaturesVerified bool) (state.BeaconState, error) { if err := blocks.VerifyDeposit(beaconState, deposit); err != nil { if deposit == nil || deposit.Data == nil { return nil, err @@ -92,7 +92,7 @@ func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, verif if err := beaconState.SetEth1DepositIndex(beaconState.Eth1DepositIndex() + 1); err != nil { return nil, err } - return ApplyDeposit(beaconState, deposit.Data, verified) + return ApplyDeposit(beaconState, deposit.Data, allSignaturesVerified) } // ApplyDeposit adds the incoming deposit as a pending deposit on the state @@ -127,14 +127,14 @@ func ProcessDeposit(beaconState state.BeaconState, deposit *ethpb.Deposit, verif // signature=signature, // slot=GENESIS_SLOT # Use GENESIS_SLOT to distinguish from a pending deposit request // )) -func ApplyDeposit(beaconState state.BeaconState, data *ethpb.Deposit_Data, verified bool) (state.BeaconState, error) { +func ApplyDeposit(beaconState state.BeaconState, data *ethpb.Deposit_Data, allSignaturesVerified bool) (state.BeaconState, error) { pubKey := data.PublicKey amount := data.Amount withdrawalCredentials := data.WithdrawalCredentials signature := data.Signature _, ok := beaconState.ValidatorIndexByPubkey(bytesutil.ToBytes48(pubKey)) if !ok { - if !verified { + if !allSignaturesVerified { valid, err := IsValidDepositSignature(data) if err != nil { return nil, errors.Wrap(err, "could not verify deposit signature") @@ -295,7 +295,6 @@ func ProcessPendingDeposits(ctx context.Context, st state.BeaconState, activeBal return err } for _, pendingDeposit := range pendingDeposits { - // Do not process pendingDeposit requests if Eth1 bridge deposits are not yet applied. if pendingDeposit.Slot > params.BeaconConfig().GenesisSlot && st.Eth1DepositIndex() < startIndex { break