From 3a4d5ad1a1562cd7aa8d1a3fd79cd332069d49fa Mon Sep 17 00:00:00 2001 From: Kevin Heifner Date: Thu, 7 Sep 2023 07:17:51 -0500 Subject: [PATCH] GH-1523 Use raw Affine LE form --- libraries/chain/webassembly/privileged.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libraries/chain/webassembly/privileged.cpp b/libraries/chain/webassembly/privileged.cpp index a447154390..5c6c172b1a 100644 --- a/libraries/chain/webassembly/privileged.cpp +++ b/libraries/chain/webassembly/privileged.cpp @@ -183,7 +183,9 @@ namespace eosio { namespace chain { namespace webassembly { EOS_ASSERT( f.description.size() <= config::max_finalizer_description_size, wasm_execution_error, "Finalizer description greater than ${s}", ("s", config::max_finalizer_description_size) ); f_weight_sum += f.fweight; - std::optional pk = bls12_381::g1::fromAffineBytesLE(f.public_key_g1_affine_le); + constexpr bool check = false; // system contract does proof of possession check which is a stronger check + constexpr bool raw = true; + std::optional pk = bls12_381::g1::fromAffineBytesLE(f.public_key_g1_affine_le, check, raw); EOS_ASSERT( pk, wasm_execution_error, "Invalid public key for: ${d}", ("d", f.description) ); finset.finalizers.push_back(finalizer_authority{.description = std::move(f.description), .fweight = f.fweight, @@ -191,6 +193,7 @@ namespace eosio { namespace chain { namespace webassembly { unique_finalizer_keys.insert(*pk); } + // system contract should perform a duplicate check and fthreshold check before calling EOS_ASSERT( finalizers.size() == unique_finalizer_keys.size(), wasm_execution_error, "Duplicate finalizer bls key in finalizer set" ); EOS_ASSERT( finset.fthreshold > f_weight_sum / 2, wasm_execution_error, "Finalizer set threshold cannot be met by finalizer weights" );