Merge pull request #1671 from golemfactory/mwu/enforce-pay-validate

Enforce payment signature validation
golemfactory · Nov 5, 2021 · fc68d79 · fc68d79
2 parents 4d32b1b + 8027165
commit fc68d79
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 13 deletions.
diff --git a/core/model/src/payment.rs b/core/model/src/payment.rs
@@ -677,14 +677,13 @@ pub mod public {
     // *************************** PAYMENT ****************************
     #[derive(Clone, Debug, PartialEq, Serialize, Deserialize)]
     pub struct SendPayment {
-        #[serde(flatten)] // Flatten is required for backwards compatability with 0.6.x
+        #[serde(flatten)]
         pub payment: Payment,
-        #[serde(default)] // Optional is required for backwards compatability with 0.6.x
-        pub signature: Option<Vec<u8>>,
+        pub signature: Vec<u8>,
     }
 
     impl SendPayment {
-        pub fn new(payment: Payment, signature: Option<Vec<u8>>) -> Self {
+        pub fn new(payment: Payment, signature: Vec<u8>) -> Self {
             Self { payment, signature }
         }
     }

diff --git a/core/payment/src/processor.rs b/core/payment/src/processor.rs
@@ -419,7 +419,7 @@ impl PaymentProcessor {
             .await??;
 
         counter!("payment.amount.sent", ya_metrics::utils::cryptocurrency_to_u64(&msg.amount), "platform" => payment_platform);
-        let msg = SendPayment::new(payment, Some(signature));
+        let msg = SendPayment::new(payment, signature);
 
         // Spawning to avoid deadlock in a case that payee is the same node as payer
         Arbiter::spawn(
@@ -467,7 +467,7 @@ impl PaymentProcessor {
     pub async fn verify_payment(
         &self,
         payment: Payment,
-        signature: Option<Vec<u8>>,
+        signature: Vec<u8>,
     ) -> Result<(), VerifyPaymentError> {
         // TODO: Split this into smaller functions
         let platform = payment.payment_platform.clone();
@@ -477,13 +477,11 @@ impl PaymentProcessor {
             AccountMode::RECV,
         )?;
 
-        if let Some(signature) = signature {
-            if !driver_endpoint(&driver)
-                .send(driver::VerifySignature::new(payment.clone(), signature))
-                .await??
-            {
-                return Err(VerifyPaymentError::InvalidSignature);
-            }
+        if !driver_endpoint(&driver)
+            .send(driver::VerifySignature::new(payment.clone(), signature))
+            .await??
+        {
+            return Err(VerifyPaymentError::InvalidSignature);
         }
 
         let confirmation = match base64::decode(&payment.details) {