From a9a6e963f91fd758bd60d723ff51775dc79feed3 Mon Sep 17 00:00:00 2001
From: Aaron Lu <50029043+aalu1418@users.noreply.github.com>
Date: Fri, 4 Mar 2022 14:02:50 -0500
Subject: [PATCH] include chain_id length in config digest (#173)

* include chain_id length in config digest

* validate length below uint8 max, test case assert error
---
 contracts/ocr2/src/state.rs       | 31 +++++++++++++++++-
 pkg/terra/config_digester.go      | 10 ++++++
 pkg/terra/config_digester_test.go | 54 +++++++++++++++++++------------
 3 files changed, 73 insertions(+), 22 deletions(-)

diff --git a/contracts/ocr2/src/state.rs b/contracts/ocr2/src/state.rs
index 21e397aa..9feccacc 100644
--- a/contracts/ocr2/src/state.rs
+++ b/contracts/ocr2/src/state.rs
@@ -6,7 +6,9 @@ use cosmwasm_std::{Addr, Binary, Uint128};
 use cw20::Cw20Contract;
 use cw_storage_plus::{Item, Map, U128Key, U32Key};
 use owned::Auth;
+use std::convert::TryFrom;
 
+use crate::error::ContractError;
 use crate::Decimal;
 
 /// Maximum number of oracles the offchain reporting protocol is designed for
@@ -156,9 +158,14 @@ pub fn config_digest_from_data(
     offchain_config_version: u64,
     offchain_config: &[u8],
 ) -> [u8; 32] {
+    // validate chain_id length fits into u8
+    let chain_id_length = u8::try_from(chain_id.len())
+        .map_err(|_| ContractError::InvalidInput)
+        .unwrap();
     use blake2::{Blake2s, Digest};
     let mut hasher = Blake2s::default();
-    hasher.update(chain_id.as_bytes());
+    hasher.update(chain_id_length.to_be_bytes());
+    hasher.update(&chain_id.as_bytes());
     hasher.update(contract_address.as_bytes());
     hasher.update(&config_count.to_be_bytes());
     hasher.update([(oracles.len() as u8)]);
@@ -231,3 +238,25 @@ pub const TRANSMISSIONS: Map<U32Key, Transmission> = Map::new("transmissions");
 // transmitter -> payment address
 pub const PAYEES: Map<&Addr, Addr> = Map::new("payees");
 pub const PROPOSED_PAYEES: Map<&Addr, Addr> = Map::new("proposed_payees");
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    #[should_panic]
+    fn invalid_chain_id_length() {
+        let empty: [u8; 0] = [];
+        let empty_oracle: [(&Binary, &Addr); 0] = [];
+        config_digest_from_data(
+            &"a".repeat(256),
+            &Addr::unchecked("test"),
+            1,
+            &empty_oracle,
+            1,
+            &empty,
+            1,
+            &empty,
+        );
+    }
+}
diff --git a/pkg/terra/config_digester.go b/pkg/terra/config_digester.go
index 5cb3dbcf..4f12b950 100644
--- a/pkg/terra/config_digester.go
+++ b/pkg/terra/config_digester.go
@@ -3,7 +3,9 @@ package terra
 import (
 	"bytes"
 	"encoding/binary"
+	"errors"
 	"fmt"
+	"math"
 
 	cosmosSDK "github.com/cosmos/cosmos-sdk/types"
 
@@ -31,6 +33,14 @@ func (cd OffchainConfigDigester) ConfigDigest(cfg types.ContractConfig) (types.C
 	digest := types.ConfigDigest{}
 	buf := bytes.NewBuffer([]byte{})
 
+	if len(cd.chainID) > math.MaxUint8 {
+		return digest, errors.New("chainID exceeds max uint8 length")
+	}
+
+	if err := binary.Write(buf, binary.BigEndian, uint8(len(cd.chainID))); err != nil {
+		return digest, err
+	}
+
 	if _, err := buf.Write([]byte(cd.chainID)); err != nil {
 		return digest, err
 	}
diff --git a/pkg/terra/config_digester_test.go b/pkg/terra/config_digester_test.go
index 48b0119f..7c961db9 100644
--- a/pkg/terra/config_digester_test.go
+++ b/pkg/terra/config_digester_test.go
@@ -1,38 +1,50 @@
 package terra
 
 import (
+	"strings"
 	"testing"
 
 	"github.com/smartcontractkit/libocr/offchainreporting2/types"
 	"github.com/stretchr/testify/assert"
 )
 
+var testConfig = types.ContractConfig{
+	ConfigCount: 1,
+	Signers: []types.OnchainPublicKey{
+		[]byte{28, 69, 220, 255, 145, 161, 41, 242, 208, 125, 181, 65, 174, 4, 255, 77, 61, 37, 134, 54, 130, 230, 11, 172, 175, 166, 100, 99, 69, 122, 138, 128},
+		[]byte{245, 123, 138, 66, 133, 4, 54, 37, 129, 106, 119, 250, 131, 43, 174, 81, 139, 147, 232, 202, 3, 177, 159, 111, 170, 76, 143, 137, 250, 67, 69, 125},
+		[]byte{146, 9, 73, 38, 35, 203, 190, 72, 88, 255, 219, 63, 192, 95, 118, 108, 236, 15, 144, 179, 62, 29, 223, 222, 245, 61, 164, 73, 208, 76, 72, 59},
+		[]byte{243, 96, 118, 131, 178, 167, 101, 157, 94, 246, 73, 127, 240, 101, 36, 36, 102, 191, 168, 19, 47, 217, 47, 45, 245, 233, 119, 230, 53, 102, 153, 74},
+	},
+	Transmitters: []types.Account{
+		"terra1tghjf8lcrf7ad9hjw9ap0ptxn0q5nkang9m3p4",
+		"terra1wk3s8vpkxj8c08rswt8m2ur0ufe2lkxcwh7l3d",
+		"terra1ddkw35crxpeddenmcjewh5dqraxsv7vwm48xak",
+		"terra1gcu7jcnyh6k74f0cp95gp4lzg4k0w26shkw22l",
+	},
+	F:                     1,
+	OnchainConfig:         []byte{},
+	OffchainConfigVersion: 2,
+	OffchainConfig:        []byte{8, 128, 168, 214, 185, 7, 16, 128, 148, 235, 220, 3, 24, 128, 148, 235, 220, 3, 32, 128, 202, 181, 238, 1, 40, 128, 168, 214, 185, 7, 48, 3, 58, 4, 1, 1, 1, 1, 66, 32, 136, 99, 127, 179, 112, 251, 210, 5, 179, 14, 165, 40, 178, 72, 177, 95, 153, 70, 125, 163, 116, 227, 213, 217, 77, 208, 194, 7, 151, 116, 212, 160, 66, 32, 88, 247, 149, 158, 51, 177, 58, 136, 11, 0, 206, 196, 97, 202, 194, 189, 249, 27, 54, 211, 54, 208, 184, 216, 15, 61, 233, 177, 39, 97, 213, 69, 66, 32, 56, 122, 236, 208, 44, 127, 77, 118, 178, 31, 172, 160, 227, 177, 171, 61, 137, 247, 136, 89, 211, 54, 157, 119, 235, 17, 213, 190, 36, 80, 68, 233, 66, 32, 89, 136, 237, 203, 198, 53, 101, 102, 194, 23, 36, 136, 10, 131, 164, 242, 82, 56, 135, 70, 71, 252, 228, 74, 22, 145, 234, 199, 176, 124, 240, 110, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 69, 105, 57, 68, 107, 85, 68, 56, 66, 122, 110, 109, 89, 70, 119, 109, 70, 110, 107, 115, 52, 69, 111, 65, 53, 70, 74, 110, 102, 114, 67, 77, 88, 57, 54, 121, 112, 53, 74, 120, 104, 71, 99, 89, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 81, 107, 52, 54, 68, 113, 52, 103, 122, 104, 70, 65, 78, 68, 77, 100, 85, 51, 88, 102, 113, 90, 57, 69, 117, 97, 78, 110, 109, 53, 85, 120, 122, 116, 75, 72, 100, 118, 107, 75, 55, 102, 86, 117, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 67, 90, 113, 106, 121, 115, 87, 57, 81, 104, 118, 49, 68, 72, 82, 76, 69, 117, 83, 81, 85, 88, 98, 109, 49, 80, 113, 88, 88, 65, 74, 102, 80, 57, 71, 97, 112, 99, 99, 107, 74, 105, 119, 109, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 66, 97, 106, 119, 111, 106, 72, 121, 109, 102, 86, 66, 68, 82, 56, 120, 67, 104, 118, 84, 55, 76, 52, 56, 50, 50, 74, 53, 107, 89, 70, 107, 65, 113, 115, 80, 104, 112, 81, 78, 121, 81, 74, 114, 82, 16, 0, 0, 0, 0, 0, 45, 198, 192, 0, 0, 0, 0, 0, 0, 0, 0, 88, 128, 225, 235, 23, 96, 128, 225, 235, 23, 104, 128, 225, 235, 23, 112, 128, 225, 235, 23, 120, 128, 225, 235, 23, 130, 1, 140, 1, 10, 32, 181, 88, 224, 203, 224, 168, 227, 94, 172, 196, 63, 164, 146, 136, 91, 186, 91, 111, 129, 189, 44, 156, 168, 196, 184, 11, 66, 188, 195, 115, 137, 20, 18, 32, 26, 27, 247, 83, 194, 80, 93, 171, 82, 4, 178, 132, 241, 254, 253, 125, 196, 235, 131, 246, 48, 70, 100, 201, 194, 244, 60, 191, 66, 86, 102, 96, 26, 16, 198, 216, 18, 243, 142, 77, 172, 75, 15, 162, 86, 225, 152, 154, 30, 61, 26, 16, 178, 15, 108, 85, 146, 35, 250, 89, 217, 237, 111, 20, 87, 215, 173, 142, 26, 16, 43, 40, 56, 124, 16, 177, 93, 71, 182, 227, 75, 241, 146, 174, 93, 244, 26, 16, 92, 222, 61, 101, 97, 47, 37, 21, 39, 37, 172, 18, 140, 109, 236, 20},
+}
+
 func TestConfigDigester(t *testing.T) {
 	d := NewOffchainConfigDigester(
 		"localterra",
 		MustAccAddress("terra16huq7fzc95eyy89xsghzchde2tvucn9ahqja3j"),
 	)
-	config := types.ContractConfig{
-		ConfigCount: 1,
-		Signers: []types.OnchainPublicKey{
-			[]byte{28, 69, 220, 255, 145, 161, 41, 242, 208, 125, 181, 65, 174, 4, 255, 77, 61, 37, 134, 54, 130, 230, 11, 172, 175, 166, 100, 99, 69, 122, 138, 128},
-			[]byte{245, 123, 138, 66, 133, 4, 54, 37, 129, 106, 119, 250, 131, 43, 174, 81, 139, 147, 232, 202, 3, 177, 159, 111, 170, 76, 143, 137, 250, 67, 69, 125},
-			[]byte{146, 9, 73, 38, 35, 203, 190, 72, 88, 255, 219, 63, 192, 95, 118, 108, 236, 15, 144, 179, 62, 29, 223, 222, 245, 61, 164, 73, 208, 76, 72, 59},
-			[]byte{243, 96, 118, 131, 178, 167, 101, 157, 94, 246, 73, 127, 240, 101, 36, 36, 102, 191, 168, 19, 47, 217, 47, 45, 245, 233, 119, 230, 53, 102, 153, 74},
-		},
-		Transmitters: []types.Account{
-			"terra1tghjf8lcrf7ad9hjw9ap0ptxn0q5nkang9m3p4",
-			"terra1wk3s8vpkxj8c08rswt8m2ur0ufe2lkxcwh7l3d",
-			"terra1ddkw35crxpeddenmcjewh5dqraxsv7vwm48xak",
-			"terra1gcu7jcnyh6k74f0cp95gp4lzg4k0w26shkw22l",
-		},
-		F:                     1,
-		OnchainConfig:         []byte{},
-		OffchainConfigVersion: 2,
-		OffchainConfig:        []byte{8, 128, 168, 214, 185, 7, 16, 128, 148, 235, 220, 3, 24, 128, 148, 235, 220, 3, 32, 128, 202, 181, 238, 1, 40, 128, 168, 214, 185, 7, 48, 3, 58, 4, 1, 1, 1, 1, 66, 32, 136, 99, 127, 179, 112, 251, 210, 5, 179, 14, 165, 40, 178, 72, 177, 95, 153, 70, 125, 163, 116, 227, 213, 217, 77, 208, 194, 7, 151, 116, 212, 160, 66, 32, 88, 247, 149, 158, 51, 177, 58, 136, 11, 0, 206, 196, 97, 202, 194, 189, 249, 27, 54, 211, 54, 208, 184, 216, 15, 61, 233, 177, 39, 97, 213, 69, 66, 32, 56, 122, 236, 208, 44, 127, 77, 118, 178, 31, 172, 160, 227, 177, 171, 61, 137, 247, 136, 89, 211, 54, 157, 119, 235, 17, 213, 190, 36, 80, 68, 233, 66, 32, 89, 136, 237, 203, 198, 53, 101, 102, 194, 23, 36, 136, 10, 131, 164, 242, 82, 56, 135, 70, 71, 252, 228, 74, 22, 145, 234, 199, 176, 124, 240, 110, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 69, 105, 57, 68, 107, 85, 68, 56, 66, 122, 110, 109, 89, 70, 119, 109, 70, 110, 107, 115, 52, 69, 111, 65, 53, 70, 74, 110, 102, 114, 67, 77, 88, 57, 54, 121, 112, 53, 74, 120, 104, 71, 99, 89, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 81, 107, 52, 54, 68, 113, 52, 103, 122, 104, 70, 65, 78, 68, 77, 100, 85, 51, 88, 102, 113, 90, 57, 69, 117, 97, 78, 110, 109, 53, 85, 120, 122, 116, 75, 72, 100, 118, 107, 75, 55, 102, 86, 117, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 67, 90, 113, 106, 121, 115, 87, 57, 81, 104, 118, 49, 68, 72, 82, 76, 69, 117, 83, 81, 85, 88, 98, 109, 49, 80, 113, 88, 88, 65, 74, 102, 80, 57, 71, 97, 112, 99, 99, 107, 74, 105, 119, 109, 74, 52, 49, 50, 68, 51, 75, 111, 111, 87, 66, 97, 106, 119, 111, 106, 72, 121, 109, 102, 86, 66, 68, 82, 56, 120, 67, 104, 118, 84, 55, 76, 52, 56, 50, 50, 74, 53, 107, 89, 70, 107, 65, 113, 115, 80, 104, 112, 81, 78, 121, 81, 74, 114, 82, 16, 0, 0, 0, 0, 0, 45, 198, 192, 0, 0, 0, 0, 0, 0, 0, 0, 88, 128, 225, 235, 23, 96, 128, 225, 235, 23, 104, 128, 225, 235, 23, 112, 128, 225, 235, 23, 120, 128, 225, 235, 23, 130, 1, 140, 1, 10, 32, 181, 88, 224, 203, 224, 168, 227, 94, 172, 196, 63, 164, 146, 136, 91, 186, 91, 111, 129, 189, 44, 156, 168, 196, 184, 11, 66, 188, 195, 115, 137, 20, 18, 32, 26, 27, 247, 83, 194, 80, 93, 171, 82, 4, 178, 132, 241, 254, 253, 125, 196, 235, 131, 246, 48, 70, 100, 201, 194, 244, 60, 191, 66, 86, 102, 96, 26, 16, 198, 216, 18, 243, 142, 77, 172, 75, 15, 162, 86, 225, 152, 154, 30, 61, 26, 16, 178, 15, 108, 85, 146, 35, 250, 89, 217, 237, 111, 20, 87, 215, 173, 142, 26, 16, 43, 40, 56, 124, 16, 177, 93, 71, 182, 227, 75, 241, 146, 174, 93, 244, 26, 16, 92, 222, 61, 101, 97, 47, 37, 21, 39, 37, 172, 18, 140, 109, 236, 20},
-	}
 
-	digest, err := d.ConfigDigest(config)
+	digest, err := d.ConfigDigest(testConfig)
 	assert.NoError(t, err)
-	assert.Equal(t, "0002d5b58e9164cba342550204a08494d008ae8e68899911665553604d90d988", digest.Hex())
+	assert.Equal(t, "0002c337db7a24692b6dc0a0da59c4ee80a3afbd4c782e40e4d8267454f3cf61", digest.Hex())
+}
+
+func TestConfigDigester_InvalidChainID(t *testing.T) {
+	d := NewOffchainConfigDigester(
+		strings.Repeat("a", 256), // chain ID is too long
+		MustAccAddress("terra16huq7fzc95eyy89xsghzchde2tvucn9ahqja3j"),
+	)
+
+	_, err := d.ConfigDigest(testConfig)
+	assert.Error(t, err)
 }