sui icon indicating copy to clipboard operation
sui copied to clipboard
verified publisher icon MystenLabs

crypto: Use AsBytes for all sigs

Open joyqvq opened this issue 2 years ago • 1 comments

joyqvq avatar Feb 15 '23 21:02 joyqvq

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated
explorer ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Feb 27, 2023 at 7:25PM (UTC)
explorer-storybook ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Feb 27, 2023 at 7:25PM (UTC)
frenemies ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Feb 27, 2023 at 7:25PM (UTC)
wallet-adapter ✅ Ready (Inspect) Visit Preview 💬 Add your feedback Feb 27, 2023 at 7:25PM (UTC)

vercel[bot] avatar Feb 15 '23 21:02 vercel[bot]

This is to make sure internals of the signature is not leaked in deserialized form. They are all represented by most compact bytes form.

Tested against multisig:

Transaction Signature: [MultiSig(MultiSig { sigs: [Ed25519(BytesRepresentation([137, 0, 3, 0, 83, 5, 203, 65, 148, 249, 180, 196, 154, 208, 118, 179, 20, 105, 110, 178, 125, 66, 208, 104, 101, 175, 248, 225, 21, 252, 3, 87, 207, 181, 34, 185, 225, 173, 211, 71, 18, 249, 67, 104, 88, 110, 223, 73, 70, 241, 160, 133, 196, 166, 55, 15, 214, 165, 245, 187, 202, 94, 163, 14])), Ed25519(BytesRepresentation([78, 15, 59, 212, 161, 192, 200, 61, 187, 236, 66, 249, 139, 38, 215, 68, 30, 77, 18, 21, 28, 43, 82, 245, 120, 56, 39, 154, 230, 124, 72, 83, 245, 4, 107, 247, 166, 145, 50, 168, 194, 19, 146, 112, 243, 166, 196, 183, 186, 237, 201, 48, 238, 166, 99, 157, 59, 121, 241, 208, 163, 72, 137, 6]))], bitmap: RoaringBitmap<[0, 1]>, multisig_pk: MultiSigPublicKey { pk_map: [("ALxuoRJ5GDSKXZlmv1mi4r3dRVgZMRvh34V5MloLPbj+", 1), ("AGqxM3he1LvdIz+Enfjq9e3PgPZGL4iaQhEAGxLdBR21", 1), ("ACJkf+7vNjBgvUIFoWcaFfEKEjZ2WRixtfY42C8zz8Rp", 1)], threshold: 2 }, bytes: OnceCell(Uninit) })]

Tested against single sig:

Transaction Signature: [Signature(Ed25519SuiSignature(Ed25519SuiSignature([0, 164, 255, 112, 232, 29, 43, 199, 143, 61, 41, 226, 51, 98, 127, 146, 49, 121, 180, 47, 118, 99, 22, 160, 223, 197, 167, 211, 115, 67, 254, 255, 71, 209, 124, 83, 222, 208, 2, 121, 212, 44, 230, 32, 138, 68, 74, 105, 101, 4, 96, 174, 158, 134, 100, 94, 160, 8, 240, 0, 50, 38, 127, 33, 7, 188, 110, 161, 18, 121, 24, 52, 138, 93, 153, 102, 191, 89, 162, 226, 189, 221, 69, 88, 25, 49, 27, 225, 223, 133, 121, 50, 90, 11, 61, 184, 254])))]
  1. Those outputs are from Debug? asking since in the json format they should look like like base64
  2. what is that OnceCell in the first output?

benr-ml avatar Feb 24 '23 07:02 benr-ml

This is to make sure internals of the signature is not leaked in deserialized form. They are all represented by most compact bytes form. Tested against multisig:

Transaction Signature: [MultiSig(MultiSig { sigs: [Ed25519(BytesRepresentation([137, 0, 3, 0, 83, 5, 203, 65, 148, 249, 180, 196, 154, 208, 118, 179, 20, 105, 110, 178, 125, 66, 208, 104, 101, 175, 248, 225, 21, 252, 3, 87, 207, 181, 34, 185, 225, 173, 211, 71, 18, 249, 67, 104, 88, 110, 223, 73, 70, 241, 160, 133, 196, 166, 55, 15, 214, 165, 245, 187, 202, 94, 163, 14])), Ed25519(BytesRepresentation([78, 15, 59, 212, 161, 192, 200, 61, 187, 236, 66, 249, 139, 38, 215, 68, 30, 77, 18, 21, 28, 43, 82, 245, 120, 56, 39, 154, 230, 124, 72, 83, 245, 4, 107, 247, 166, 145, 50, 168, 194, 19, 146, 112, 243, 166, 196, 183, 186, 237, 201, 48, 238, 166, 99, 157, 59, 121, 241, 208, 163, 72, 137, 6]))], bitmap: RoaringBitmap<[0, 1]>, multisig_pk: MultiSigPublicKey { pk_map: [("ALxuoRJ5GDSKXZlmv1mi4r3dRVgZMRvh34V5MloLPbj+", 1), ("AGqxM3he1LvdIz+Enfjq9e3PgPZGL4iaQhEAGxLdBR21", 1), ("ACJkf+7vNjBgvUIFoWcaFfEKEjZ2WRixtfY42C8zz8Rp", 1)], threshold: 2 }, bytes: OnceCell(Uninit) })]

Tested against single sig:

Transaction Signature: [Signature(Ed25519SuiSignature(Ed25519SuiSignature([0, 164, 255, 112, 232, 29, 43, 199, 143, 61, 41, 226, 51, 98, 127, 146, 49, 121, 180, 47, 118, 99, 22, 160, 223, 197, 167, 211, 115, 67, 254, 255, 71, 209, 124, 83, 222, 208, 2, 121, 212, 44, 230, 32, 138, 68, 74, 105, 101, 4, 96, 174, 158, 134, 100, 94, 160, 8, 240, 0, 50, 38, 127, 33, 7, 188, 110, 161, 18, 121, 24, 52, 138, 93, 153, 102, 191, 89, 162, 226, 189, 221, 69, 88, 25, 49, 27, 225, 223, 133, 121, 50, 90, 11, 61, 184, 254])))]
  1. Those outputs are from Debug? asking since in the json format they should look like like base64
  2. what is that OnceCell in the first output?
  1. The debug trait turns out to be different from serialize, it is derived from the byte array. Alternatively, we can impl the debug here but the derive itself does not use base64
  2. This is a bytes representation of multisig that is useful for AsRef impl. https://github.com/MystenLabs/sui/blob/f0508550695e8f68a7cb0807a131427705c1c310/crates/sui-types/src/multisig.rs#:43

joyqvq avatar Feb 27 '23 15:02 joyqvq