feat!: wip: verify cose signatures

Author: errfrom

compiled/auction_escrow_validator.plutus

@@ -105,6 +105,9 @@ library
     HydraAuctionOnchain.Errors.AuctionEscrow
     HydraAuctionOnchain.Errors.StandingBid
     HydraAuctionOnchain.Helpers
+    HydraAuctionOnchain.Lib.Address
+    HydraAuctionOnchain.Lib.Cose
+    HydraAuctionOnchain.Lib.Serialization
     HydraAuctionOnchain.Scripts
     HydraAuctionOnchain.Types.AuctionEscrowState
     HydraAuctionOnchain.Types.AuctionInfo

compiled/standing_bid_validator.plutus

@@ -7,7 +7,8 @@ import HydraAuctionOnchain.Types.Error (ErrorCodePrefix (errorCodePrefix))
 
 data PAuctionEscrowError (s :: S)
   = -- Common errors
-    AuctionEscrow'Error'MissingAuctionEscrowInput
+    AuctionEscrow'Error'InvalidSellerAddress
+  | AuctionEscrow'Error'MissingAuctionEscrowInput
   | AuctionEscrow'Error'TooManyOwnScriptInputs
   | AuctionEscrow'Error'OwnInputMissingToken
   | -- StartBidding errors
@@ -33,6 +34,7 @@ data PAuctionEscrowError (s :: S)
   | AuctionEscrow'BidderBuys'Error'StandingBidInputMissingToken
   | AuctionEscrow'BidderBuys'Error'FailedToDecodeStandingBidState
   | AuctionEscrow'BidderBuys'Error'EmptyStandingBid
+  | AuctionEscrow'BidderBuys'Error'InvalidBidderAddress
   | AuctionEscrow'BidderBuys'Error'BidTermsInvalid
   | AuctionEscrow'BidderBuys'Error'AuctionLotNotPaidToBidder
   | AuctionEscrow'BidderBuys'Error'NoBidderConsent

hydra-auction-onchain.cabal

@@ -14,7 +14,7 @@ module HydraAuctionOnchain.Helpers
   , ponlyOneInputFromAddress
   , pserialise
   , putxoAddress
-  , pvaluePaidTo
+  , pvaluePaidToAddr
   , pvaluePaidToScript
   ) where
 
@@ -180,31 +180,29 @@ putxoAddress = phoistAcyclic $
   plam $ \utxo ->
     pfield @"address" #$ pfield @"resolved" # utxo
 
-pvaluePaidToGeneric
-  :: Term
-      s
-      ( PTxInfo
-          :--> a
-          :--> (PAddress :--> a :--> PBool)
-          :--> PValue 'Sorted 'Positive
-      )
-pvaluePaidToGeneric = phoistAcyclic $
-  plam $ \txInfo x p ->
+pvaluePaidToAddr :: Term s (PTxInfo :--> PAddress :--> PValue 'Sorted 'Positive)
+pvaluePaidToAddr =
+  plam $ \txInfo addr ->
     pfoldl
       # plam
         ( \accValue utxo -> P.do
             utxoFields <- pletFields @["address", "value"] utxo
-            pif (p # utxoFields.address # x) (accValue <> utxoFields.value) accValue
+            pif (utxoFields.address #== addr) (accValue <> utxoFields.value) accValue
         )
       # mempty
       # (pfromData $ pfield @"outputs" # txInfo)
 
-pvaluePaidTo :: Term s (PTxInfo :--> PPubKeyHash :--> PValue 'Sorted 'Positive)
-pvaluePaidTo = phoistAcyclic $
-  plam $ \txInfo pkh ->
-    pvaluePaidToGeneric # txInfo # pkh # paddressHasPubKeyHash
-
 pvaluePaidToScript :: Term s (PTxInfo :--> PScriptHash :--> PValue 'Sorted 'Positive)
-pvaluePaidToScript = phoistAcyclic $
+pvaluePaidToScript =
   plam $ \txInfo sh ->
-    pvaluePaidToGeneric # txInfo # sh # paddressHasScriptHash
+    pfoldl
+      # plam
+        ( \accValue utxo -> P.do
+            utxoFields <- pletFields @["address", "value"] utxo
+            pif
+              (paddressHasScriptHash # utxoFields.address # sh)
+              (accValue <> utxoFields.value)
+              accValue
+        )
+      # mempty
+      # (pfromData $ pfield @"outputs" # txInfo)

src/HydraAuctionOnchain/Errors/AuctionEscrow.hs

@@ -0,0 +1,23 @@
+module HydraAuctionOnchain.Lib.Address
+  ( paddrPaymentKeyHash
+  , paddrPaymentKeyHashUnsafe
+  ) where
+
+import Plutarch.Api.V1 (PCredential (PPubKeyCredential, PScriptCredential))
+import Plutarch.Api.V2 (PAddress, PPubKeyHash)
+import Plutarch.Extra.Maybe (pjust, pnothing)
+
+paddrPaymentKeyHash :: Term s (PAddress :--> PMaybe PPubKeyHash)
+paddrPaymentKeyHash = phoistAcyclic $
+  plam $ \addr ->
+    pmatch (pfield @"credential" # addr) $ \case
+      PPubKeyCredential rec -> pjust #$ pfield @"_0" # rec
+      PScriptCredential _ -> pnothing
+
+paddrPaymentKeyHashUnsafe :: Term s (PAddress :--> PPubKeyHash)
+paddrPaymentKeyHashUnsafe = phoistAcyclic $
+  plam $ \addr ->
+    pmatch (pfield @"credential" # addr) $ \case
+      PPubKeyCredential rec -> pfield @"_0" # rec
+      PScriptCredential _ ->
+        ptraceError "paddrPaymentKeyHashUnsafe: failed to get payment pkh"

src/HydraAuctionOnchain/Helpers.hs

@@ -0,0 +1,24 @@
+module HydraAuctionOnchain.Lib.Cose
+  ( pmkSigStructure
+  ) where
+
+import HydraAuctionOnchain.Lib.Serialization (pserializeAddress)
+import Plutarch.Api.V2 (PAddress)
+import Plutarch.Extra.Maybe (pjust, pnothing)
+
+pmkSigStructure :: Term s (PAddress :--> PByteString :--> PByteString :--> PMaybe PByteString)
+pmkSigStructure = phoistAcyclic $
+  plam $ \addr payload payloadLength -> P.do
+    pmatch (pserializeAddress # addr) $ \case
+      PNothing -> pnothing
+      PJust addrBytes ->
+        pjust
+          # mconcat
+            [ phexByteStr "846a5369676e61747572653158"
+            , phexByteStr "46" -- FIXME
+            , phexByteStr "A201276761646472657373"
+            , addrBytes
+            , phexByteStr "4058"
+            , payloadLength
+            , payload
+            ]

src/HydraAuctionOnchain/Lib/Address.hs

@@ -0,0 +1,83 @@
+module HydraAuctionOnchain.Lib.Serialization
+  ( pserializeAddress
+  ) where
+
+import Plutarch.Api.V1 (PCredential (PPubKeyCredential, PScriptCredential))
+import Plutarch.Api.V2
+  ( PAddress
+  , PMaybeData (PDJust, PDNothing)
+  , PPubKeyHash
+  , PStakingCredential (PStakingHash, PStakingPtr)
+  )
+import Plutarch.Extra.Maybe (pjust, pnothing)
+import Plutarch.Monadic qualified as P
+
+data PAddressConfiguration (s :: S)
+  = PAddressConfig'PaymentKeyHash'StakeKeyHash (Term s PPubKeyHash) (Term s PPubKeyHash)
+  | PAddressConfig'PaymentKeyHash (Term s PPubKeyHash)
+  deriving stock (Generic)
+  deriving anyclass (PlutusType, PShow, PEq)
+
+instance DerivePlutusType PAddressConfiguration where
+  type DPTStrat _ = PlutusTypeScott
+
+pserializeAddress :: Term s (PAddress :--> PMaybe PByteString)
+pserializeAddress = phoistAcyclic $
+  plam $ \addr ->
+    pmatch (pmkAddrConfig # addr) $ \case
+      PNothing -> pnothing
+      PJust addrConfig ->
+        pjust
+          # mconcat
+            [ phexByteStr "58" -- byte string (one-byte uint8_t for n, and then n bytes follow)
+            , paddrConfigAddrSize # addrConfig
+            , paddrConfigAddrHeaderForTestnet # addrConfig
+            , paddrConfigAddrBody # addrConfig
+            ]
+
+pmkAddrConfig :: Term s (PAddress :--> PMaybe PAddressConfiguration)
+pmkAddrConfig = phoistAcyclic $
+  plam $ \addr -> P.do
+    creds <- pletFields @["credential", "stakingCredential"] addr
+    pmatch creds.credential $ \case
+      PScriptCredential _ -> pnothing
+      PPubKeyCredential rec -> P.do
+        let pkh = pfield @"_0" # rec
+        pmatch creds.stakingCredential $ \case
+          PDNothing _ -> pjust # pcon (PAddressConfig'PaymentKeyHash pkh)
+          PDJust rec ->
+            pmatch (pfield @"_0" # rec) $ \case
+              PStakingHash rec ->
+                pmatch (pfield @"_0" # rec) $ \case
+                  PScriptCredential _ -> pnothing
+                  PPubKeyCredential rec -> P.do
+                    let skh = pfield @"_0" # rec
+                    pjust # pcon (PAddressConfig'PaymentKeyHash'StakeKeyHash pkh skh)
+              PStakingPtr _ -> pnothing
+
+paddrConfigAddrSize :: Term s (PAddressConfiguration :--> PByteString)
+paddrConfigAddrSize = phoistAcyclic $
+  plam $ \addrConfig ->
+    pmatch addrConfig $ \case
+      PAddressConfig'PaymentKeyHash'StakeKeyHash _ _ ->
+        phexByteStr "39" -- 57 = 1 (header) + 28 (pkh) + 28 (skh)
+      PAddressConfig'PaymentKeyHash _ ->
+        phexByteStr "1D" -- 29 = 1 (header) + 28 (pkh)
+
+paddrConfigAddrHeaderForTestnet :: Term s (PAddressConfiguration :--> PByteString)
+paddrConfigAddrHeaderForTestnet = phoistAcyclic $
+  plam $ \addrConfig ->
+    pmatch addrConfig $ \case
+      PAddressConfig'PaymentKeyHash'StakeKeyHash _ _ ->
+        phexByteStr "00" -- 0b0000_0000
+      PAddressConfig'PaymentKeyHash _ ->
+        phexByteStr "60" -- 0b0110_0000
+
+paddrConfigAddrBody :: Term s (PAddressConfiguration :--> PByteString)
+paddrConfigAddrBody = phoistAcyclic $
+  plam $ \addrConfig ->
+    pmatch addrConfig $ \case
+      PAddressConfig'PaymentKeyHash'StakeKeyHash pkh skh ->
+        pto pkh <> pto skh
+      PAddressConfig'PaymentKeyHash pkh ->
+        pto pkh

src/HydraAuctionOnchain/Lib/Cose.hs

@@ -11,6 +11,7 @@ import HydraAuctionOnchain.Helpers (pintervalFiniteClosedOpen)
 import Plutarch.Api.V2
   ( AmountGuarantees (Positive)
   , KeyGuarantees (Sorted)
+  , PAddress
   , PPOSIXTime
   , PPOSIXTimeRange
   , PPubKeyHash
@@ -27,7 +28,7 @@ newtype PAuctionTerms (s :: S)
           s
           ( PDataRecord
               '[ "auctionLot" ':= PValue 'Sorted 'Positive
-               , "sellerPkh" ':= PPubKeyHash
+               , "sellerAddress" ':= PAddress
                , "sellerVk" ':= PByteString
                , "delegates" ':= PBuiltinList (PAsData PPubKeyHash)
                , "biddingStart" ':= PPOSIXTime

src/HydraAuctionOnchain/Lib/Serialization.hs

@@ -1,16 +1,22 @@
+{-# LANGUAGE PackageImports #-}
+
 module HydraAuctionOnchain.Types.BidTerms
   ( PBidTerms (PBidTerms)
   , psellerPayout
   , pvalidateBidTerms
   ) where
 
 import HydraAuctionOnchain.Helpers (pserialise)
+import HydraAuctionOnchain.Lib.Address (paddrPaymentKeyHashUnsafe)
+import HydraAuctionOnchain.Lib.Cose (pmkSigStructure)
 import HydraAuctionOnchain.Types.AuctionTerms (PAuctionTerms, ptotalAuctionFees)
 import HydraAuctionOnchain.Types.BidderInfo (PBidderInfo)
 import Plutarch.Api.V2 (PCurrencySymbol, PPubKeyHash)
 import Plutarch.Crypto (pverifyEd25519Signature)
 import Plutarch.DataRepr (PDataFields)
+import Plutarch.Maybe (pfromJust)
 import Plutarch.Monadic qualified as P
+import "liqwid-plutarch-extra" Plutarch.Extra.List (preplicate)
 
 data PBidTerms (s :: S)
   = PBidTerms
@@ -46,34 +52,52 @@ psellerPayout = phoistAcyclic $
 pvalidateBidTerms :: Term s (PCurrencySymbol :--> PAuctionTerms :--> PBidTerms :--> PBool)
 pvalidateBidTerms = phoistAcyclic $
   plam $ \auctionCs auctionTerms bidTerms -> P.do
+    sellerAddr <- plet $ pfield @"sellerAddress" # auctionTerms
     bidTermsFields <-
       pletFields
         @["btBidder", "btPrice", "btBidderSignature", "btSellerSignature"]
         bidTerms
-    bidderInfo <- pletFields @["biBidderPkh", "biBidderVk"] bidTermsFields.btBidder
+    bidderInfo <- pletFields @["biBidderAddress", "biBidderVk"] bidTermsFields.btBidder
 
     let sellerSignature = bidTermsFields.btSellerSignature
     sellerVk <- plet $ pfield @"sellerVk" # auctionTerms
-    sellerSignatureMsg <-
+    sellerSigMsg <-
       plet $
         sellerSignatureMessage
           # auctionCs
           # bidderInfo.biBidderVk
 
+    sellerSigStruct <-
+      plet $ pfromJust #$ pmkSigStructure # sellerAddr # sellerSigMsg # sellerSigMsgLengthHex
+
     let
       bidderSignature = bidTermsFields.btBidderSignature
       bidderVk = bidderInfo.biBidderVk
-    bidderSignatureMsg <-
+      bidderAddr = bidderInfo.biBidderAddress
+    bidderSigMsg <-
       plet $
         bidderSignatureMessage
           # auctionCs
           # bidTermsFields.btPrice
-          # bidderInfo.biBidderPkh
+          # (paddrPaymentKeyHashUnsafe # bidderAddr)
+
+    bidderSigStruct <-
+      plet $ pfromJust #$ pmkSigStructure # bidderAddr # bidderSigMsg # bidderSigMsgLengthHex
 
     -- The seller authorized the bidder to participate in the auction.
-    (pverifyEd25519Signature # sellerVk # sellerSignatureMsg # sellerSignature)
+    (pverifyEd25519Signature # sellerVk # sellerSigStruct # sellerSignature)
       -- The bidder authorized the bid to be submitted in the auction.
-      #&& (pverifyEd25519Signature # bidderVk # bidderSignatureMsg # bidderSignature)
+      #&& (pverifyEd25519Signature # bidderVk # bidderSigStruct # bidderSignature)
+
+bidderSigMsgLengthHex :: Term s PByteString
+bidderSigMsgLengthHex =
+  -- 69 = 2 (cbor) + 28 (cs) + 2 (cbor) + 28 (pkh) + 9 (lovelace)
+  phoistAcyclic $ phexByteStr "45"
+
+sellerSigMsgLengthHex :: Term s PByteString
+sellerSigMsgLengthHex =
+  -- 64 = 2 (cbor) + 28 (cs) + 2 (cbor) + 32 (vk)
+  phoistAcyclic $ phexByteStr "40"
 
 bidderSignatureMessage
   :: Term
@@ -85,9 +109,19 @@ bidderSignatureMessage
       )
 bidderSignatureMessage = phoistAcyclic $
   plam $ \auctionCs bidPrice bidderPkh ->
-    (pserialise # auctionCs) <> (pserialise # bidderPkh) <> (pserialise # bidPrice)
+    padMessage # 69 #$ (pserialise # auctionCs)
+      <> (pserialise # bidderPkh)
+      <> (pserialise # bidPrice)
 
 sellerSignatureMessage :: Term s (PCurrencySymbol :--> PByteString :--> PByteString)
 sellerSignatureMessage = phoistAcyclic $
   plam $ \auctionCs bidderVk ->
     (pserialise # auctionCs) <> (pserialise # bidderVk)
+
+padMessage :: Term s (PInteger :--> PByteString :--> PByteString)
+padMessage = phoistAcyclic $
+  plam $ \targetSize message -> P.do
+    padSize <- plet $ targetSize - (plengthBS # message)
+    let nul = phexByteStr "00"
+    let padding = pfoldl # plam (<>) # mempty #$ preplicate @PBuiltinList # padSize # nul
+    pif (padSize #<= 0) message (padding <> message)