Merge pull request #4 from quake/quake/fix-empty-preimage

fix: resolve empty preimage bug and add more tests
nervosnetwork · Jun 14, 2024 · 969dce8 · 969dce8
2 parents ed176df + 9ce7a6b
commit 969dce8
Show file tree

Hide file tree

Showing 2 changed files with 95 additions and 28 deletions.
diff --git a/contracts/commitment-lock/src/main.rs b/contracts/commitment-lock/src/main.rs
@@ -199,7 +199,7 @@ fn auth() -> Result<(), Error> {
                         // when input since is 0, it means the unlock logic is for remote_htlc pubkey and preimage
                         if preimage
                             .map(|p| htlc.payment_hash() != &blake2b_256(p)[0..20])
-                            .unwrap_or(false)
+                            .unwrap_or(true)
                         {
                             return Err(Error::PreimageError);
                         }
@@ -222,11 +222,11 @@ fn auth() -> Result<(), Error> {
                         // when input since is 0, it means the unlock logic is for local_htlc pubkey and preimage
                         if preimage
                             .map(|p| htlc.payment_hash() != &blake2b_256(p)[0..20])
-                            .unwrap_or(false)
+                            .unwrap_or(true)
                         {
                             return Err(Error::PreimageError);
                         }
-                        pubkey_hash.copy_from_slice(&htlc.local_htlc_pubkey_hash());
+                        pubkey_hash.copy_from_slice(htlc.local_htlc_pubkey_hash());
                     } else {
                         // when input since is not 0, it means the unlock logic is for remote_htlc pubkey and htlc expiry
                         let since = Since::new(raw_since_value);

diff --git a/tests/src/tests.rs b/tests/src/tests.rs
@@ -490,20 +490,45 @@ fn test_commitment_lock_with_two_pending_htlcs() {
     let witness = [
         witness_script.clone(),
         vec![0x00],
-        signature,
+        signature.clone(),
         preimage1.to_vec(),
     ]
     .concat();
 
-    let tx = tx.as_advanced_builder().witness(witness.pack()).build();
-    println!("tx: {:?}", tx);
-
-    // run
+    let success_tx = tx.as_advanced_builder().witness(witness.pack()).build();
     let cycles = context
-        .verify_tx(&tx, MAX_CYCLES)
+        .verify_tx(&success_tx, MAX_CYCLES)
         .expect("pass verification");
     println!("consume cycles: {}", cycles);
 
+    // sign with remote_htlc_pubkey and wrong preimage should fail
+    let witness = [
+        witness_script.clone(),
+        vec![0x00],
+        signature.clone(),
+        preimage2.to_vec(),
+    ]
+    .concat();
+
+    let fail_tx = tx.as_advanced_builder().witness(witness.pack()).build();
+
+    // run
+    let error = context
+        .verify_tx(&fail_tx, MAX_CYCLES)
+        .expect_err("wrong preimage should fail");
+    println!("error: {}", error);
+
+    // sign with remote_htlc_pubkey and empty preimage should fail
+    let witness = [witness_script.clone(), vec![0x00], signature].concat();
+
+    let fail_tx = tx.as_advanced_builder().witness(witness.pack()).build();
+
+    // run
+    let error = context
+        .verify_tx(&fail_tx, MAX_CYCLES)
+        .expect_err("empty preimage should fail");
+    println!("error: {}", error);
+
     // build transaction with local_htlc_pubkey unlock offered pending htlc 1
     let since = Since::from_timestamp(1711976400 + 1000, true).unwrap();
 
@@ -519,7 +544,7 @@ fn test_commitment_lock_with_two_pending_htlcs() {
     let tx = TransactionBuilder::default()
         .cell_deps(cell_deps.clone())
         .input(input)
-        .outputs(outputs)
+        .outputs(outputs.clone())
         .outputs_data(outputs_data.pack())
         .build();
 
@@ -531,23 +556,44 @@ fn test_commitment_lock_with_two_pending_htlcs() {
         .sign_recoverable(&message.into())
         .unwrap()
         .serialize();
-    let witness = [
-        witness_script.clone(),
-        vec![0x00],
-        signature,
-        preimage1.to_vec(),
-    ]
-    .concat();
+    let witness = [witness_script.clone(), vec![0x00], signature.clone()].concat();
 
-    let tx = tx.as_advanced_builder().witness(witness.pack()).build();
-    println!("tx: {:?}", tx);
-
-    // run
+    let success_tx = tx.as_advanced_builder().witness(witness.pack()).build();
     let cycles = context
-        .verify_tx(&tx, MAX_CYCLES)
+        .verify_tx(&success_tx, MAX_CYCLES)
         .expect("pass verification");
     println!("consume cycles: {}", cycles);
 
+    // sign with local_htlc_pubkey and none-expired since should fail
+    let since = Since::from_timestamp(1711976400 - 1000, true).unwrap();
+
+    let input = CellInput::new_builder()
+        .previous_output(input_out_point.clone())
+        .since(since.as_u64().pack())
+        .build();
+    let tx = TransactionBuilder::default()
+        .cell_deps(cell_deps.clone())
+        .input(input)
+        .outputs(outputs)
+        .outputs_data(outputs_data.pack())
+        .build();
+
+    // sign with local_htlc_pubkey
+    let message: [u8; 32] = tx.hash().as_slice().try_into().unwrap();
+
+    let signature = local_htlc_key1
+        .0
+        .sign_recoverable(&message.into())
+        .unwrap()
+        .serialize();
+    let witness = [witness_script.clone(), vec![0x00], signature].concat();
+
+    let fail_tx = tx.as_advanced_builder().witness(witness.pack()).build();
+    let error = context
+        .verify_tx(&fail_tx, MAX_CYCLES)
+        .expect_err("none-expired since should fail");
+    println!("error: {}", error);
+
     // build transaction with remote_htlc_pubkey unlock received pending htlc 2
     let since = Since::from_timestamp(1712062800 + 1000, true).unwrap();
     let input = CellInput::new_builder()
@@ -629,19 +675,40 @@ fn test_commitment_lock_with_two_pending_htlcs() {
     let witness = [
         witness_script.clone(),
         vec![0x01],
-        signature,
+        signature.clone(),
         preimage2.to_vec(),
     ]
     .concat();
 
-    let tx = tx.as_advanced_builder().witness(witness.pack()).build();
-    println!("tx: {:?}", tx);
-
-    // run
+    let success_tx = tx.as_advanced_builder().witness(witness.pack()).build();
     let cycles = context
-        .verify_tx(&tx, MAX_CYCLES)
+        .verify_tx(&success_tx, MAX_CYCLES)
         .expect("pass verification");
     println!("consume cycles: {}", cycles);
+
+    // sign with local_htlc_pubkey and wrong preimage should fail
+    let witness = [
+        witness_script.clone(),
+        vec![0x01],
+        signature.clone(),
+        preimage1.to_vec(),
+    ]
+    .concat();
+
+    let fail_tx = tx.as_advanced_builder().witness(witness.pack()).build();
+    let error = context
+        .verify_tx(&fail_tx, MAX_CYCLES)
+        .expect_err("wrong preimage should fail");
+    println!("error: {}", error);
+
+    // sign with local_htlc_pubkey and empty preimage should fail
+    let witness = [witness_script.clone(), vec![0x01], signature].concat();
+
+    let fail_tx = tx.as_advanced_builder().witness(witness.pack()).build();
+    let error = context
+        .verify_tx(&fail_tx, MAX_CYCLES)
+        .expect_err("empty preimage should fail");
+    println!("error: {}", error);
 }
 
 #[test]