sui daa security audit fixes (#18398)

Author: 0xmaayan

aptos-move/framework/aptos-framework/doc/auth_data.md

@@ -209,7 +209,7 @@
 
 
 <pre><code><b>public</b> <b>fun</b> <a href="auth_data.md#0x1_auth_data_derivable_abstract_signature">derivable_abstract_signature</a>(self: &<a href="auth_data.md#0x1_auth_data_AbstractionAuthData">AbstractionAuthData</a>): &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt; {
-    <b>assert</b>!(self is DerivableV1, <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_invalid_argument">error::invalid_argument</a>(<a href="auth_data.md#0x1_auth_data_ENOT_REGULAR_AUTH_DATA">ENOT_REGULAR_AUTH_DATA</a>));
+    <b>assert</b>!(self is DerivableV1, <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_invalid_argument">error::invalid_argument</a>(<a href="auth_data.md#0x1_auth_data_ENOT_DERIVABLE_AUTH_DATA">ENOT_DERIVABLE_AUTH_DATA</a>));
     &self.abstract_signature
 }
 </code></pre>

aptos-move/framework/aptos-framework/doc/sui_derivable_account.md

@@ -37,10 +37,12 @@ Nonce: <digest>
 -  [Function `split_signature_bytes`](#0x1_sui_derivable_account_split_signature_bytes)
 -  [Function `derive_account_address_from_public_key`](#0x1_sui_derivable_account_derive_account_address_from_public_key)
 -  [Function `authenticate_auth_data`](#0x1_sui_derivable_account_authenticate_auth_data)
+-  [Function `authenticate_auth_data_internal`](#0x1_sui_derivable_account_authenticate_auth_data_internal)
 -  [Function `authenticate`](#0x1_sui_derivable_account_authenticate)
 -  [Specification](#@Specification_1)
     -  [Function `derive_account_address_from_public_key`](#@Specification_1_derive_account_address_from_public_key)
     -  [Function `authenticate_auth_data`](#@Specification_1_authenticate_auth_data)
+    -  [Function `authenticate_auth_data_internal`](#@Specification_1_authenticate_auth_data_internal)
     -  [Function `authenticate`](#@Specification_1_authenticate)
 
 
@@ -398,6 +400,16 @@ https://github.com/MystenLabs/sui/blob/main/crates/shared-crypto/src/intent.rs#L
 ## Constants
 
 
+<a id="0x1_sui_derivable_account_EMALFORMED_DATA"></a>
+
+Malformed data with trailing bytes.
+
+
+<pre><code><b>const</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_EMALFORMED_DATA">EMALFORMED_DATA</a>: u64 = 8;
+</code></pre>
+
+
+
 <a id="0x1_sui_derivable_account_EINVALID_PUBLIC_KEY"></a>
 
 Invalid public key.
@@ -408,6 +420,16 @@ Invalid public key.
 
 
 
+<a id="0x1_sui_derivable_account_EDEPRECATED"></a>
+
+Function is deprecated and should not be called.
+
+
+<pre><code><b>const</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_EDEPRECATED">EDEPRECATED</a>: u64 = 9;
+</code></pre>
+
+
+
 <a id="0x1_sui_derivable_account_EMISSING_ENTRY_FUNCTION_PAYLOAD"></a>
 
 Entry function payload is missing.
@@ -515,6 +537,7 @@ serialized <code><a href="sui_derivable_account.md#0x1_sui_derivable_account_Sui
     <b>let</b> stream = <a href="../../aptos-stdlib/doc/bcs_stream.md#0x1_bcs_stream_new">bcs_stream::new</a>(*abstract_public_key);
     <b>let</b> sui_account_address = <a href="../../aptos-stdlib/doc/bcs_stream.md#0x1_bcs_stream_deserialize_vector">bcs_stream::deserialize_vector</a>&lt;u8&gt;(&<b>mut</b> stream, |x| deserialize_u8(x));
     <b>let</b> domain = <a href="../../aptos-stdlib/doc/bcs_stream.md#0x1_bcs_stream_deserialize_vector">bcs_stream::deserialize_vector</a>&lt;u8&gt;(&<b>mut</b> stream, |x| deserialize_u8(x));
+    <b>assert</b>!(!<a href="../../aptos-stdlib/doc/bcs_stream.md#0x1_bcs_stream_has_remaining">bcs_stream::has_remaining</a>(&<b>mut</b> stream), <a href="sui_derivable_account.md#0x1_sui_derivable_account_EMALFORMED_DATA">EMALFORMED_DATA</a>);
     <a href="sui_derivable_account.md#0x1_sui_derivable_account_SuiAbstractPublicKey">SuiAbstractPublicKey</a> { sui_account_address, domain }
 }
 </code></pre>
@@ -544,6 +567,7 @@ Returns a tuple of the signature.
     <b>let</b> signature_type = <a href="../../aptos-stdlib/doc/bcs_stream.md#0x1_bcs_stream_deserialize_u8">bcs_stream::deserialize_u8</a>(&<b>mut</b> stream);
     <b>if</b> (signature_type == 0x00) {
         <b>let</b> signature = <a href="../../aptos-stdlib/doc/bcs_stream.md#0x1_bcs_stream_deserialize_vector">bcs_stream::deserialize_vector</a>&lt;u8&gt;(&<b>mut</b> stream, |x| deserialize_u8(x));
+        <b>assert</b>!(!<a href="../../aptos-stdlib/doc/bcs_stream.md#0x1_bcs_stream_has_remaining">bcs_stream::has_remaining</a>(&<b>mut</b> stream), <a href="sui_derivable_account.md#0x1_sui_derivable_account_EMALFORMED_DATA">EMALFORMED_DATA</a>);
         SuiAbstractSignature::MessageV1 { signature }
     } <b>else</b> {
         <b>abort</b>(<a href="sui_derivable_account.md#0x1_sui_derivable_account_EINVALID_SIGNATURE_TYPE">EINVALID_SIGNATURE_TYPE</a>)
@@ -652,9 +676,10 @@ Derives the account address from the public key and returns it is a hex string w
 
 ## Function `authenticate_auth_data`
 
+@deprecated This function is deprecated and will always abort.
 
 
-<pre><code><b>public</b> <b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data">authenticate_auth_data</a>(aa_auth_data: <a href="auth_data.md#0x1_auth_data_AbstractionAuthData">auth_data::AbstractionAuthData</a>, entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;)
+<pre><code><b>public</b> <b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data">authenticate_auth_data</a>(_aa_auth_data: <a href="auth_data.md#0x1_auth_data_AbstractionAuthData">auth_data::AbstractionAuthData</a>, _entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;)
 </code></pre>
 
 
@@ -664,6 +689,33 @@ Derives the account address from the public key and returns it is a hex string w
 
 
 <pre><code><b>public</b> <b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data">authenticate_auth_data</a>(
+    _aa_auth_data: AbstractionAuthData,
+    _entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;
+) {
+    <b>abort</b>(<a href="sui_derivable_account.md#0x1_sui_derivable_account_EDEPRECATED">EDEPRECATED</a>)
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_sui_derivable_account_authenticate_auth_data_internal"></a>
+
+## Function `authenticate_auth_data_internal`
+
+
+
+<pre><code><b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data_internal">authenticate_auth_data_internal</a>(aa_auth_data: <a href="auth_data.md#0x1_auth_data_AbstractionAuthData">auth_data::AbstractionAuthData</a>, entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data_internal">authenticate_auth_data_internal</a>(
     aa_auth_data: AbstractionAuthData,
     entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;
 ) {
@@ -739,7 +791,7 @@ Authorization function for domain account abstraction.
 
 
 <pre><code><b>public</b> <b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate">authenticate</a>(<a href="account.md#0x1_account">account</a>: <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, aa_auth_data: AbstractionAuthData): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> {
-    daa_authenticate(<a href="account.md#0x1_account">account</a>, aa_auth_data, |<a href="auth_data.md#0x1_auth_data">auth_data</a>, entry_name| <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data">authenticate_auth_data</a>(<a href="auth_data.md#0x1_auth_data">auth_data</a>, entry_name))
+    daa_authenticate(<a href="account.md#0x1_account">account</a>, aa_auth_data, |<a href="auth_data.md#0x1_auth_data">auth_data</a>, entry_name| <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data_internal">authenticate_auth_data_internal</a>(<a href="auth_data.md#0x1_auth_data">auth_data</a>, entry_name))
 }
 </code></pre>
 
@@ -773,7 +825,23 @@ Authorization function for domain account abstraction.
 ### Function `authenticate_auth_data`
 
 
-<pre><code><b>public</b> <b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data">authenticate_auth_data</a>(aa_auth_data: <a href="auth_data.md#0x1_auth_data_AbstractionAuthData">auth_data::AbstractionAuthData</a>, entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;)
+<pre><code><b>public</b> <b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data">authenticate_auth_data</a>(_aa_auth_data: <a href="auth_data.md#0x1_auth_data_AbstractionAuthData">auth_data::AbstractionAuthData</a>, _entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;)
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> verify = <b>false</b>;
+</code></pre>
+
+
+
+<a id="@Specification_1_authenticate_auth_data_internal"></a>
+
+### Function `authenticate_auth_data_internal`
+
+
+<pre><code><b>fun</b> <a href="sui_derivable_account.md#0x1_sui_derivable_account_authenticate_auth_data_internal">authenticate_auth_data_internal</a>(aa_auth_data: <a href="auth_data.md#0x1_auth_data_AbstractionAuthData">auth_data::AbstractionAuthData</a>, entry_function_name: &<a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;u8&gt;)
 </code></pre>
 
 

aptos-move/framework/aptos-framework/sources/account/auth_data.move

@@ -47,7 +47,7 @@ module aptos_framework::auth_data {
     }
 
     public fun derivable_abstract_signature(self: &AbstractionAuthData): &vector<u8> {
-        assert!(self is DerivableV1, error::invalid_argument(ENOT_REGULAR_AUTH_DATA));
+        assert!(self is DerivableV1, error::invalid_argument(ENOT_DERIVABLE_AUTH_DATA));
         &self.abstract_signature
     }
 

aptos-move/framework/aptos-framework/sources/account/common_account_abstractions/sui_derivable_account.move

@@ -41,6 +41,10 @@ module aptos_framework::sui_derivable_account {
     const EINVALID_PUBLIC_KEY: u64 = 6;
     /// Account address mismatch.
     const EACCOUNT_ADDRESS_MISMATCH: u64 = 7;
+    /// Malformed data with trailing bytes.
+    const EMALFORMED_DATA: u64 = 8;
+    /// Function is deprecated and should not be called.
+    const EDEPRECATED: u64 = 9;
 
     enum SuiAbstractSignature has drop {
         MessageV1 {
@@ -110,6 +114,7 @@ module aptos_framework::sui_derivable_account {
         let stream = bcs_stream::new(*abstract_public_key);
         let sui_account_address = bcs_stream::deserialize_vector<u8>(&mut stream, |x| deserialize_u8(x));
         let domain = bcs_stream::deserialize_vector<u8>(&mut stream, |x| deserialize_u8(x));
+        assert!(!bcs_stream::has_remaining(&mut stream), EMALFORMED_DATA);
         SuiAbstractPublicKey { sui_account_address, domain }
     }
 
@@ -119,6 +124,7 @@ module aptos_framework::sui_derivable_account {
         let signature_type = bcs_stream::deserialize_u8(&mut stream);
         if (signature_type == 0x00) {
             let signature = bcs_stream::deserialize_vector<u8>(&mut stream, |x| deserialize_u8(x));
+            assert!(!bcs_stream::has_remaining(&mut stream), EMALFORMED_DATA);
             SuiAbstractSignature::MessageV1 { signature }
         } else {
             abort(EINVALID_SIGNATURE_TYPE)
@@ -189,7 +195,21 @@ module aptos_framework::sui_derivable_account {
         pragma verify = false;
     }
 
+    /// @deprecated This function is deprecated and will always abort.
     public fun authenticate_auth_data(
+        _aa_auth_data: AbstractionAuthData,
+        _entry_function_name: &vector<u8>
+    ) {
+        abort(EDEPRECATED)
+    }
+
+    spec authenticate_auth_data_internal {
+        // TODO: Issue with `cannot appear in both arithmetic and bitwise
+        // operation`
+        pragma verify = false;
+    }
+
+    fun authenticate_auth_data_internal(
         aa_auth_data: AbstractionAuthData,
         entry_function_name: &vector<u8>
     ) {
@@ -244,13 +264,13 @@ module aptos_framework::sui_derivable_account {
     }
 
     spec authenticate {
-        // TODO: Issue with spec for authenticate_auth_data
+        // TODO: Issue with spec for authenticate_auth_data_internal
         pragma verify = false;
     }
 
     /// Authorization function for domain account abstraction.
     public fun authenticate(account: signer, aa_auth_data: AbstractionAuthData): signer {
-        daa_authenticate(account, aa_auth_data, |auth_data, entry_name| authenticate_auth_data(auth_data, entry_name))
+        daa_authenticate(account, aa_auth_data, |auth_data, entry_name| authenticate_auth_data_internal(auth_data, entry_name))
     }
 
     #[test_only]
@@ -322,7 +342,7 @@ module aptos_framework::sui_derivable_account {
 
         let auth_data = create_derivable_auth_data(digest, abstract_signature, abstract_public_key);
 
-        authenticate_auth_data(auth_data, &entry_function_name);
+        authenticate_auth_data_internal(auth_data, &entry_function_name);
     }
 
     #[test(framework = @0x1)]
@@ -342,7 +362,7 @@ module aptos_framework::sui_derivable_account {
 
         let auth_data = create_derivable_auth_data(digest, abstract_signature, abstract_public_key);
 
-        authenticate_auth_data(auth_data, &entry_function_name);
+        authenticate_auth_data_internal(auth_data, &entry_function_name);
     }
 
     #[test(framework = @0x1)]
@@ -362,7 +382,7 @@ module aptos_framework::sui_derivable_account {
 
         let auth_data = create_derivable_auth_data(digest, abstract_signature, abstract_public_key);
 
-        authenticate_auth_data(auth_data, &entry_function_name);
+        authenticate_auth_data_internal(auth_data, &entry_function_name);
     }
 
 
@@ -383,7 +403,36 @@ module aptos_framework::sui_derivable_account {
 
         let auth_data = create_derivable_auth_data(digest, abstract_signature, abstract_public_key);
 
-        authenticate_auth_data(auth_data, &entry_function_name);
+        authenticate_auth_data_internal(auth_data, &entry_function_name);
+    }
+
+    #[test]
+    #[expected_failure(abort_code = EMALFORMED_DATA)]
+    fun test_deserialize_abstract_signature_with_trailing_bytes() {
+        let signature_bytes = vector[0, 151, 47, 171, 144, 115, 16, 129, 17, 202, 212, 180, 155, 213, 223, 249, 203, 195, 0, 84, 142, 121, 167, 29, 113, 159, 33, 177, 108, 137, 113, 160, 118, 41, 246, 199, 202, 79, 151, 27, 86, 235, 219, 123, 168, 152, 38, 124, 147, 146, 118, 101, 37, 187, 223, 206, 120, 101, 148, 33, 141, 80, 60, 155, 13, 25, 200, 235, 92, 139, 72, 175, 189, 40, 0, 65, 76, 215, 148, 94, 194, 78, 134, 60, 189, 212, 116, 40, 134, 179, 104, 31, 249, 222, 84, 104, 202];
+        let abstract_signature = create_raw_signature(signature_bytes);
+        // Append trailing bytes to simulate griefing attack
+        abstract_signature.push_back(0xDE);
+        abstract_signature.push_back(0xAD);
+        abstract_signature.push_back(0xBE);
+        abstract_signature.push_back(0xEF);
+        // This should fail with EMALFORMED_DATA due to trailing bytes
+        deserialize_abstract_signature(&abstract_signature);
+    }
+
+    #[test]
+    #[expected_failure(abort_code = EMALFORMED_DATA)]
+    fun test_deserialize_abstract_public_key_with_trailing_bytes() {
+        let sui_account_address = b"0x8d6ce7a3c13617b29aaf7ec58bee5a611606a89c62c5efbea32e06d8d167bd49";
+        let domain = b"localhost:3001";
+        let abstract_public_key = create_abstract_public_key(sui_account_address, domain);
+        // Append trailing bytes to simulate griefing attack
+        abstract_public_key.push_back(0xDE);
+        abstract_public_key.push_back(0xAD);
+        abstract_public_key.push_back(0xBE);
+        abstract_public_key.push_back(0xEF);
+        // This should fail with EMALFORMED_DATA due to trailing bytes
+        deserialize_abstract_public_key(&abstract_public_key);
     }
 
 }