feat: check submited signature against finalization

Author: janezicmatej

README.md

@@ -29,18 +29,24 @@ todos:
         - [ ] check node uptime
     - ftso:
         - [ ] better ftso value analysis 
+            - if you are meeting minimal conditions
             - weird value (not just None but also 0.1 all the time, or just wildly different to median)
             - parse events to be able to tell feeds by names not by indices
-        - [ ] check submit signatures signature against finalization 
+        - [x] check submit signatures signature against finalization 
     - fdc:
+        - [ ] sample minimal conditions
         - [ ] correct bitvote length (submit2 fdc)
-        - [ ] check submit signatures signature against finalization 
+        - [x] check submit signatures signature against finalization 
     - fast updates:
         - [ ] recover signature from fast updates and check if updates are being made 
         - [ ] check if length of update is correct
+        - [ ] sample minimal conditions
 - push notification scheme:
     - we need a general-ish extnesible framework to add more notification plugins
     - notification plugins
         - [x] stdout logging
         - [x] discord
         - [ ] slack
+        - [ ] telegram
+        - [ ] pager duty
+        - [ ] generic post

observer/observer.py

@@ -1,9 +1,12 @@
 import enum
 import logging
 import time
+from typing import Self
 
 import requests
 from attrs import define
+from eth_account._utils.signing import to_standard_v
+from eth_keys.datatypes import Signature as EthSignature
 from py_flare_common.fsp.epoch.epoch import RewardEpoch
 from py_flare_common.fsp.messaging import (
     parse_generic_tx,
@@ -13,6 +16,7 @@
 )
 from py_flare_common.fsp.messaging.byte_parser import ByteParser
 from py_flare_common.fsp.messaging.types import ParsedPayload
+from py_flare_common.fsp.messaging.types import Signature as SSignature
 from py_flare_common.ftso.commit import commit_hash
 from web3 import AsyncWeb3
 from web3._utils.events import get_event_data
@@ -41,9 +45,22 @@
 LOGGER.info("initialized")
 
 
+class Signature(EthSignature):
+    @classmethod
+    def from_vrs(cls, s: SSignature) -> Self:
+        return cls(
+            vrs=(
+                to_standard_v(int(s.v, 16)),
+                int(s.r, 16),
+                int(s.s, 16),
+            )
+        )
+
+
 def notify_discord(config: Configuration, message: str) -> None:
     if config.discord_webhook is None:
         return
+
     requests.post(
         config.discord_webhook,
         headers={"Content-Type": "application/json"},
@@ -242,7 +259,7 @@ def validate_ftso(round: VotingRound, entity: Entity):
         issues.append(
             Issue(
                 IssueLevel.INFO,
-                f"no submit1 transaction for ftso in round {round.voting_epoch.id}",
+                f"no submit1 transaction for ftso in round {epoch.id}",
             )
         )
 
@@ -270,7 +287,7 @@ def validate_ftso(round: VotingRound, entity: Entity):
                     IssueLevel.INFO,
                     (
                         "submit 2 had 'None' value for feeds on indices "
-                        f"{', '.join(indices)} in round {round.voting_epoch.id}"
+                        f"{', '.join(indices)} in round {epoch.id}"
                     ),
                 ),
             )
@@ -290,7 +307,7 @@ def validate_ftso(round: VotingRound, entity: Entity):
                     IssueLevel.INFO,
                     (
                         "commit hash and reveal didn't match in round "
-                        f"{round.voting_epoch.id}, causing reveal offence"
+                        f"{epoch.id}, causing reveal offence"
                     ),
                 ),
             )
@@ -300,23 +317,34 @@ def validate_ftso(round: VotingRound, entity: Entity):
             Issue(
                 # TODO:(matej) change level to warning
                 IssueLevel.INFO,
-                (
-                    "no submit signatures transaction for ftso in round "
-                    f"{round.voting_epoch.id}"
-                ),
+                ("no submit signatures transaction for ftso in round " f"{epoch.id}"),
             ),
         )
 
     if finalization and ss:
-        # TODO:(matej) check for correct signature
-        ...
+        s = Signature.from_vrs(submit_sig[0].payload.signature)
+        addr = s.recover_public_key_from_msg_hash(
+            finalization.to_message()
+        ).to_checksum_address()
+
+        if addr != entity.signing_policy_address:
+            issues.append(
+                Issue(
+                    # TODO:(matej) change level to warning
+                    IssueLevel.INFO,
+                    (
+                        "submit signatures signature doesn't match finalization for "
+                        f"ftso in round {epoch.id}"
+                    ),
+                ),
+            )
 
     return issues
 
 
 def validate_fdc(round: VotingRound, entity: Entity):
     epoch = round.voting_epoch
-    fdc = round.ftso
+    fdc = round.fdc
     finalization = fdc.finalization
 
     _submit1 = fdc.submit_1.by_identity.get(entity.identity_address, [])
@@ -379,16 +407,27 @@ def validate_fdc(round: VotingRound, entity: Entity):
             Issue(
                 # TODO:(matej) change level to critical
                 IssueLevel.INFO,
-                (
-                    "no submit signatures transaction for fdc in round "
-                    f"{round.voting_epoch.id}"
-                ),
+                ("no submit signatures transaction for fdc in round " f"{epoch.id}"),
             ),
         )
 
     if finalization and ss:
-        # TODO:(matej) check for correct signature
-        ...
+        s = Signature.from_vrs(submit_sig[0].payload.signature)
+        addr = s.recover_public_key_from_msg_hash(
+            finalization.to_message()
+        ).to_checksum_address()
+
+        if addr != entity.signing_policy_address:
+            issues.append(
+                Issue(
+                    # TODO:(matej) change level to warning
+                    IssueLevel.INFO,
+                    (
+                        "submit signatures signature doesn't match finalization for "
+                        f"fdc in round {epoch.id}"
+                    ),
+                ),
+            )
 
     return issues
 

observer/types.py

@@ -1,11 +1,11 @@
 from typing import Any, Self
 
 from attrs import frozen
+from eth_account.messages import _hash_eip191_message, encode_defunct
 from eth_typing import ChecksumAddress
+from eth_utils.crypto import keccak
 from web3.types import BlockData
 
-from observer.utils import prefix_0x
-
 
 @frozen
 class ProtocolMessageRelayed:
@@ -15,6 +15,16 @@ class ProtocolMessageRelayed:
     merkle_root: str
     timestamp: int
 
+    def to_message(self) -> bytes:
+        message = (
+            self.protocol_id.to_bytes(1, "big")
+            + self.voting_round_id.to_bytes(4, "big")
+            + self.is_secure_random.to_bytes(1, "big")
+            + bytes.fromhex(self.merkle_root)
+        )
+
+        return _hash_eip191_message(encode_defunct(keccak(message)))
+
     @classmethod
     def from_dict(cls, d: dict[str, Any], block_data: BlockData) -> Self:
         assert "timestamp" in block_data
@@ -23,7 +33,7 @@ def from_dict(cls, d: dict[str, Any], block_data: BlockData) -> Self:
             protocol_id=int(d["protocolId"]),
             voting_round_id=int(d["votingRoundId"]),
             is_secure_random=d["isSecureRandom"],
-            merkle_root=prefix_0x(d["merkleRoot"].hex()),
+            merkle_root=d["merkleRoot"].hex(),
             timestamp=block_data["timestamp"],
         )
 

requirements.txt

@@ -2,4 +2,4 @@ requests==2.32.3
 py-flare-common==0.1.6
 attrs==24.2.0
 python-dotenv==1.0.1
-web3==7.6.0
+web3==7.11.1