Fix signature payload determination for partial messages (#1017)

masih · web-flow · commit 263e66ad98cc · 2025-06-13T14:13:12.000Z
Use the provided value key for signature payload when message is
partial.
diff --git a/gpbft/validator.go b/gpbft/validator.go
@@ -257,7 +257,12 @@ func (v *cachingValidator) validateMessageWithVoteValueKey(ctx context.Context,
 	}
 
 	// Check vote signature.
-	sigPayload := msg.Vote.MarshalForSigning(v.networkName)
+	var sigPayload []byte
+	if partial {
+		sigPayload = msg.Vote.MarshalForSigningWithValueKey(v.networkName, *valueKey)
+	} else {
+		sigPayload = msg.Vote.MarshalForSigning(v.networkName)
+	}
 	if err := v.verifier.Verify(senderPubKey, sigPayload, msg.Signature); err != nil {
 		return fmt.Errorf("invalid signature on %v, %v: %w", msg, err, ErrValidationInvalid)
 	}

Original file line number	Diff line number	Diff line change
`@@ -257,7 +257,12 @@ func (v *cachingValidator) validateMessageWithVoteValueKey(ctx context.Context,`
`257`	`257`	`}`
`258`	`258`
`259`	`259`	`// Check vote signature.`
`260`		`- sigPayload := msg.Vote.MarshalForSigning(v.networkName)`
	`260`	`+ var sigPayload []byte`
	`261`	`+ if partial {`
	`262`	`+ sigPayload = msg.Vote.MarshalForSigningWithValueKey(v.networkName, *valueKey)`
	`263`	`+ } else {`
	`264`	`+ sigPayload = msg.Vote.MarshalForSigning(v.networkName)`
	`265`	`+ }`
`261`	`266`	`if err := v.verifier.Verify(senderPubKey, sigPayload, msg.Signature); err != nil {`
`262`	`267`	`return fmt.Errorf("invalid signature on %v, %v: %w", msg, err, ErrValidationInvalid)`
`263`	`268`	`}`