Skip to content

Commit 6f17b71

Browse files
querolitaquerolita
committed
Allow optional fee payer public key for zkapp command signature verification
1 parent fcbcc66 commit 6f17b71

File tree

1 file changed

+23
-3
lines changed

1 file changed

+23
-3
lines changed

src/mina-signer/src/sign-zkapp-command.ts

Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -77,19 +77,39 @@ function signZkappCommand(
7777
return ZkappCommand.toJSON(zkappCommand);
7878
}
7979

80+
/**
81+
* Verifies the signature of a zkApp command JSON object.
82+
*
83+
* This function verifies the signatures of the fee payer and any account
84+
* updates within the command that require signatures and are owned by the
85+
* same public key.
86+
*
87+
* @param zkappCommand_ - The zkApp command in JSON format, after signatures.
88+
* @param publicKeyBase58 - The Base58-encoded public key used for verification.
89+
* @param networkId - The network identifier that determines the signature domain.
90+
* @param feePayerPublicKeyBase58 - Optional Base58-encoded public key of the fee
91+
* payer, required if the provided public key does not
92+
* match the fee payer's public key.
93+
* @returns True if the signature is valid, false otherwise.
94+
*
95+
* @warning To verify the zkApp command signature, the public key must match the
96+
* fee payer's public key, or the parameter `feePayerPublicKey` must be provided.
97+
*/
8098
function verifyZkappCommandSignature(
8199
zkappCommand_: Json.ZkappCommand,
82100
publicKeyBase58: string,
83-
networkId: NetworkId
101+
networkId: NetworkId,
102+
feePayerPublicKeyBase58?: string
84103
) {
85104
let zkappCommand = ZkappCommand.fromJSON(zkappCommand_);
86105

87106
let { commitment, fullCommitment } = transactionCommitments(zkappCommand, networkId);
88107
let publicKey = PublicKey.fromBase58(publicKeyBase58);
89108

90-
// verify fee payer signature
109+
// verify fee payer signature when public keys match
110+
let feePayerPublicKey = feePayerPublicKeyBase58 ? PublicKey.fromBase58(feePayerPublicKeyBase58) : publicKey;
91111
let signature = Signature.fromBase58(zkappCommand.feePayer.authorization);
92-
let ok = verifyFieldElement(signature, fullCommitment, publicKey, networkId);
112+
let ok = verifyFieldElement(signature, fullCommitment, feePayerPublicKey, networkId) && PublicKey.equal(zkappCommand.feePayer.body.publicKey, feePayerPublicKey);
93113
if (!ok) return false;
94114

95115
// verify other signatures for the same public key

0 commit comments

Comments
 (0)