Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Smart contract based signature support in cluster definitions/locks #3458

Open
3 tasks
OisinKyne opened this issue Jan 14, 2025 · 1 comment
Open
3 tasks

Smart contract based signature support in cluster definitions/locks #3458

OisinKyne opened this issue Jan 14, 2025 · 1 comment
Assignees
@DiogoSantoss
Labels
protocol Protocol Team tickets
Milestone
v1.3.0

Comments

@OisinKyne
Copy link
Contributor

OisinKyne commented Jan 14, 2025
edited
Loading

🎯 Problem to be solved

Cluster locks with EIP1271 smart contract signatures fail normal signature checks. This means you need to run charon run --no-verify which is a reduction of the security model.

🛠️ Proposed solution

If operator_enr_signature and operator_config_hash fail validation, and we have been provided an --execution-rpc-api flag (doesn't exist yet), we fallback and try smart contract based signature check.

If the signatures fail to verify, and no JSON RPC is provided, we throw the normal verification error log, but suggest that if the cluster has smart contract wallet operators they need to provide a json rpc uri or to use --no-verify.

🧪 Tests

  • Tested by new automated unit/integration/smoke tests
  • Manually tested on core team/canary/test clusters
  • Manually tested on local compose simnet
@OisinKyne OisinKyne added this to the v1.3.0 milestone Jan 14, 2025
@github-actions github-actions bot added the protocol Protocol Team tickets label Jan 14, 2025
@DiogoSantoss
Copy link
Contributor

Possible execution layer clients:

The standard is usually geth.

This can be installed by doing:

go get -d github.com/ethereum/go-ethereum/...

It provides a simple way to create a JSON-RPC client by doing:

client, err := ethclient.Dial("YOUR_RPC_URL")

which can then be used to handle requests to a EL client:

blockNumber, err := client.BlockNumber(context.Background())

Furthermore, to solve the issue at hand we can use ABI (Application Binary Interface) to interact with contracts.

For example, one way of verifying contract signatures would be to create a contract interface:

parsedABI, err := abi.JSON(strings.NewReader(isValidSignatureABI))
contract := bind.NewBoundContract(address, parsedABI, client, client, client)
err = contract.Call(nil, &result, "isValidSignature", signedMessage, signature)

or alternatively, without creating a contract instance by manually enconding the signedMessage and signature into the ABI format:

parsedABI, err := abi.JSON(strings.NewReader(isValidSignatureABI))
encodedData, err := parsedABI.Pack("isValidSignature", signedMessage, signature)
msg := ethereum.CallMsg{
	To:   &address,
	Data: encodedData,
}

result, err := client.CallContract(context.Background(), msg, nil)
if string(result[:4]) == "0x1626ba7e" {
	fmt.Println("Valid signature")
} else {
	fmt.Println("Invalid signature")
}

Regarding its integration in Charon there some questions:

  • Should it follow the same structure of eth2wrap ? By structure we mean, having lazy/multi clients, cache, wrapper, etc...
  • Interesting metrics/features
    • eth_estimateGas - estimates how much gas is necessary for a transaction to complete
    • eth_gasPrice - current price per gas in wei
    • eth_getBalance - balance of given address

@DiogoSantoss DiogoSantoss self-assigned this Feb 6, 2025
@DiogoSantoss DiogoSantoss mentioned this issue Feb 6, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DiogoSantoss DiogoSantoss

Labels
protocol Protocol Team tickets
Projects
None yet
Milestone
v1.3.0
Development

No branches or pull requests
2 participants
@OisinKyne @DiogoSantoss