-
Notifications
You must be signed in to change notification settings - Fork 313
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update challenge transaction helpers sep 10 #497
Update challenge transaction helpers sep 10 #497
Conversation
…i-signature logic
…the readChallengeTx method
… a few unit tests
…' and 'Utils.verifyTxChallengeTxThreshold
… replaced most of the 'verifyChallengeTx' implementation with a call to 'readChallengeTx'
…transaction-helpers-sep-10 * upstream/master: Fix broken link to Stellar logo+wordmark (stellar#496) Junk the _link omition for AccountResponse class (stellar#495) v4.0.0 - Horizon 1.0 support (stellar#488) Add is_authorized to BalanceLineAsset. (stellar#491) Update yarn.lock. (stellar#490) Typescript fixes (stellar#489)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@marcelosalloum looking good! I left some comments
…TxMultiSignedBy' function
…hings clearer in case it ever happens.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks making this change @marcelosalloum! There are a couple small things I think we need to tweak, and I have a couple questions that I suspect might be me misunderstanding something about Typescript. They are noted in line below. Otherwise this looks great. Great job on the tests too!
…hold' function) from a 'Map<string, number>' to a 'ServerApi.AccountRecordSigners[]'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! @leighmcculloch can you have a final view before we merged it.
…ts that were lacking them
…r starts with G... and the other verifies if it is a valid 'Ed25519'.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 🎉 🚀
…hen calling `Keypair.fromPublicKey`
…ansaction-helpers-sep-10 * origin/master: Extend offer call builder to return a single offer. (stellar#499)
Summary
This PR updates the challenge transaction verifiers to accept multiple signatures, according to the issue #483
What
Add new challenge transactions helpers to
utils
to support verifying a challenge transaction that has multiple signatures. Three new functions were added and an existent function was deprecated:readChallengeTx
: reads the challenge details to parse the transaction and the client account ID out of the transaction.verifyChallengeTxSigners
: verify that the signers of the transaction are a subset of a list of public keys passes as arguments.verifyChallengeTxThreshold
: verify that the signers of the transaction are a subset of a list of signers that meet a required threshold..verifyChallengeTx
Why
The SEP-10 change that was merged in stellar/stellar-protocol#489 clarifies how an implementer should verify that signers of the transaction are signers on the account and that accounts may have multiple signers.
An implementer needs to read out of the transaction the client account before verifying the transaction and then its threshold. For that reason we need three steps:
readChallengeTx
)verifyChallengeTxSigners
)verifyChallengeTxThreshold
)The read call also validates the server signature because no challenge transaction would ever be valid to read if it wasn't signed by the server.
For further info, please refer to the SEP-10 protocol.