improve error handling for invalid operator signature in updateOperators

bluele · bluele · commit c44ef6d6c7e5 · 2024-06-17T17:18:27.000+09:00
Signed-off-by: Jun Kimura &lt;jun.kimura@datachain.jp&gt;
diff --git a/contracts/ILCPClientErrors.sol b/contracts/ILCPClientErrors.sol
@@ -52,7 +52,8 @@ interface ILCPClientErrors {
 
     error LCPClientInvalidSignaturesLength();
 
-    error LCPClientAVRUnexpectedOperator(address gotOperator, address actualOperator);
+    error LCPClientAVRUnexpectedOperator(address actual, address expected);
 
     error LCPClientUpdateOperatorsPermissionless();
+    error LCPClientUpdateOperatorsSignatureUnexpectedOperator(address actual, address expected);
 }
diff --git a/contracts/LCPClientBase.sol b/contracts/LCPClientBase.sol
@@ -564,10 +564,13 @@ abstract contract LCPClientBase is ILightClient, ILCPClientErrors {
         );
         uint256 success = 0;
         for (uint256 i = 0; i < sigNum; i++) {
-            if (
-                message.signatures[i].length > 0
-                    && verifyECDSASignature(commitment, message.signatures[i], address(bytes20(clientState.operators[i])))
-            ) {
+            if (message.signatures[i].length > 0) {
+                address operator = verifyECDSASignature(commitment, message.signatures[i]);
+                if (operator != address(bytes20(clientState.operators[i]))) {
+                    revert LCPClientUpdateOperatorsSignatureUnexpectedOperator(
+                        operator, address(bytes20(clientState.operators[i]))
+                    );
+                }
                 unchecked {
                     success++;
                 }
diff --git a/test/LCPClientOperator.t.sol b/test/LCPClientOperator.t.sol
@@ -249,7 +249,11 @@ contract LCPClientOperatorTest is BasicTest {
             (signatures[1], signatures[2], signatures[3]) = (signatures[0], signatures[0], signatures[0]);
             UpdateOperatorsMessage.Data memory message = createUpdateOperators(nextNonce, operators, signatures, 2, 3);
             vm.expectRevert(
-                abi.encodeWithSelector(ILCPClientErrors.LCPClientOperatorSignaturesInsufficient.selector, 1)
+                abi.encodeWithSelector(
+                    ILCPClientErrors.LCPClientUpdateOperatorsSignatureUnexpectedOperator.selector,
+                    wallets[0].addr,
+                    wallets[1].addr
+                )
             );
             lc.updateOperators(clientId, message);
         }

Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,8 @@ interface ILCPClientErrors {`
`52`	`52`
`53`	`53`	`error LCPClientInvalidSignaturesLength();`
`54`	`54`
`55`		`- error LCPClientAVRUnexpectedOperator(address gotOperator, address actualOperator);`
	`55`	`+ error LCPClientAVRUnexpectedOperator(address actual, address expected);`
`56`	`56`
`57`	`57`	`error LCPClientUpdateOperatorsPermissionless();`
	`58`	`+ error LCPClientUpdateOperatorsSignatureUnexpectedOperator(address actual, address expected);`
`58`	`59`	`}`