set limit to num multikey to 32 (aptos-labs#17006)

heliuchuan · JoshLind · commit f6a056d59a17 · 2025-07-06T17:35:32.000-04:00
(cherry picked from commit d4aa16d)
diff --git a/api/types/src/transaction.rs b/api/types/src/transaction.rs
@@ -1815,6 +1815,27 @@ pub struct MultiKeySignature {
 
 impl VerifyInput for MultiKeySignature {
     fn verify(&self) -> anyhow::Result<()> {
+        if self.public_keys.is_empty() {
+            bail!("MultiKey signature has no public keys")
+        } else if self.signatures.is_empty() {
+            bail!("MultiKey signature has no signatures")
+        } else if self.public_keys.len() > MAX_NUM_OF_KEYS {
+            bail!(
+                "MultiKey signature has over the maximum number of public keys {}",
+                MAX_NUM_OF_KEYS
+            )
+        } else if self.signatures.len() > MAX_NUM_OF_SIGS {
+            bail!(
+                "MultiKey signature has over the maximum number of signatures {}",
+                MAX_NUM_OF_SIGS
+            )
+        } else if self.signatures.len() != self.signatures_required as usize {
+            bail!("MultiKey signature does not the number of signatures required")
+        } else if self.signatures_required == 0 {
+            bail!("MultiKey signature threshold must be greater than 0")
+        } else if self.signatures_required > MAX_NUM_OF_SIGS as u8 {
+            bail!("MultiKey signature threshold is greater than the maximum number of signatures")
+        }
         let _: AccountAuthenticator = self.try_into()?;
         Ok(())
     }
diff --git a/types/src/transaction/authenticator.rs b/types/src/transaction/authenticator.rs
@@ -1047,6 +1047,12 @@ impl MultiKey {
             "The number of required signatures is 0."
         );
 
+        ensure!(
+            public_keys.len() <= MAX_NUM_OF_SIGS, // This max number of signatures is also the max number of public keys.
+            "The number of public keys is greater than {}.",
+            MAX_NUM_OF_SIGS
+        );
+
         ensure!(
             public_keys.len() >= signatures_required as usize,
             "The number of public keys is smaller than the number of required signatures, {} < {}",
@@ -2089,4 +2095,21 @@ mod tests {
 
         assert!(signed_txn.verify_signature().is_err());
     }
+
+    #[test]
+    fn test_multi_key_with_33_keys_fails() {
+        let mut keys = Vec::new();
+        for _ in 0..33 {
+            let private_key = Ed25519PrivateKey::generate(&mut rand::thread_rng());
+            let public_key = private_key.public_key();
+            keys.push(AnyPublicKey::ed25519(public_key));
+        }
+
+        let result = MultiKey::new(keys, 3);
+        assert!(result.is_err());
+        assert_eq!(
+            result.unwrap_err().to_string(),
+            "The number of public keys is greater than 32."
+        );
+    }
 }
