fix(lazer): extract message data from instructions sysvar when verifying signature

Author: Riateche

lazer/contracts/solana/programs/pyth-lazer-solana-contract/src/lib.rs

@@ -186,18 +186,13 @@ pub mod pyth_lazer_solana_contract {
     /// Verifies a ed25519 signature on Solana by checking that the transaction contains
     /// a correct call to the built-in `ed25519_program`.
     ///
-    /// - `message_data` is the signed message that is being verified.
     /// - `ed25519_instruction_index` is the index of the `ed25519_program` instruction
     ///   within the transaction. This instruction must precede the current instruction.
     /// - `signature_index` is the index of the signature within the inputs to the `ed25519_program`.
-    /// - `message_offset` is the offset of the signed message within the
-    ///   input data for the current instruction.
     pub fn verify_message(
         ctx: Context<VerifyMessage>,
-        message_data: Vec<u8>,
         ed25519_instruction_index: u16,
         signature_index: u8,
-        message_offset: u16,
     ) -> Result<VerifiedMessage> {
         system_program::transfer(
             CpiContext::new(
@@ -213,10 +208,8 @@ pub mod pyth_lazer_solana_contract {
         signature::verify_message(
             &ctx.accounts.storage,
             &ctx.accounts.instructions_sysvar,
-            &message_data,
             ed25519_instruction_index,
             signature_index,
-            message_offset,
         )
         .map_err(|err| {
             msg!("signature verification error: {:?}", err);

lazer/contracts/solana/programs/pyth-lazer-solana-contract/src/signature.rs

@@ -151,19 +151,14 @@ impl From<SignatureVerificationError> for anchor_lang::error::Error {
 /// Verifies a ed25519 signature on Solana by checking that the transaction contains
 /// a correct call to the built-in `ed25519_program`.
 ///
-/// - `message_data` is the signed message that is being verified.
 /// - `ed25519_instruction_index` is the index of the `ed25519_program` instruction
 ///   within the transaction. This instruction must precede the current instruction.
 /// - `signature_index` is the index of the signature within the inputs to the `ed25519_program`.
-/// - `message_offset` is the offset of the signed message within the
-///   input data for the current instruction.
 pub fn verify_message(
     storage: &Storage,
     instructions_sysvar: &AccountInfo,
-    message_data: &[u8],
     ed25519_instruction_index: u16,
     signature_index: u8,
-    message_offset: u16,
 ) -> Result<VerifiedMessage, SignatureVerificationError> {
     const SOLANA_FORMAT_MAGIC_LE: u32 = 2182742457;
 
@@ -175,25 +170,25 @@ pub fn verify_message(
         return Err(SignatureVerificationError::Ed25519InstructionMustPrecedeCurrentInstruction);
     }
 
-    let instruction = sysvar::instructions::load_instruction_at_checked(
+    let ed25519_instruction = sysvar::instructions::load_instruction_at_checked(
         ed25519_instruction_index.into(),
         instructions_sysvar,
     )
     .map_err(SignatureVerificationError::LoadInstructionAtFailed)?;
 
-    if instruction.program_id != ed25519_program::ID {
+    if ed25519_instruction.program_id != ed25519_program::ID {
         return Err(SignatureVerificationError::InvalidEd25519InstructionProgramId);
     }
-    if instruction.data.len() < ED25519_PROGRAM_INPUT_HEADER_LEN {
+    if ed25519_instruction.data.len() < ED25519_PROGRAM_INPUT_HEADER_LEN {
         return Err(SignatureVerificationError::InvalidEd25519InstructionDataLength);
     }
 
-    let num_signatures = instruction.data[0];
+    let num_signatures = ed25519_instruction.data[0];
     if signature_index >= num_signatures {
         return Err(SignatureVerificationError::InvalidSignatureIndex);
     }
     let args: &[Ed25519SignatureOffsets] =
-        try_cast_slice(&instruction.data[ED25519_PROGRAM_INPUT_HEADER_LEN..])
+        try_cast_slice(&ed25519_instruction.data[ED25519_PROGRAM_INPUT_HEADER_LEN..])
             .map_err(|_| SignatureVerificationError::InvalidEd25519InstructionDataLength)?;
 
     let args_len = args
@@ -205,19 +200,41 @@ pub fn verify_message(
     }
     let offsets = &args[usize::from(signature_index)];
 
-    let expected_signature_offset = message_offset
-        .checked_add(MAGIC_LEN)
-        .ok_or(SignatureVerificationError::MessageOffsetOverflow)?;
-    if offsets.signature_offset != expected_signature_offset {
-        return Err(SignatureVerificationError::InvalidSignatureOffset);
+    if offsets.signature_instruction_index != offsets.message_instruction_index
+        || offsets.public_key_instruction_index != offsets.message_instruction_index
+    {
+        return Err(SignatureVerificationError::InvalidInstructionIndex);
     }
 
+    if ed25519_instruction_index >= offsets.message_instruction_index {
+        return Err(SignatureVerificationError::Ed25519InstructionMustPrecedeCurrentInstruction);
+    }
+    let message_instruction = sysvar::instructions::load_instruction_at_checked(
+        offsets.message_instruction_index.into(),
+        instructions_sysvar,
+    )
+    .map_err(SignatureVerificationError::LoadInstructionAtFailed)?;
+
+    let message_offset = offsets
+        .signature_offset
+        .checked_sub(MAGIC_LEN)
+        .ok_or(SignatureVerificationError::MessageOffsetOverflow)?;
+    let message_end_offset = offsets
+        .message_data_offset
+        .checked_add(offsets.message_data_size)
+        .ok_or(SignatureVerificationError::MessageOffsetOverflow)?;
+    let message_data = message_instruction
+        .data
+        .get(usize::from(message_offset)..usize::from(message_end_offset))
+        .ok_or(SignatureVerificationError::InvalidMessageOffset)?;
+
     let magic = LE::read_u32(&message_data[..MAGIC_LEN.into()]);
     if magic != SOLANA_FORMAT_MAGIC_LE {
         return Err(SignatureVerificationError::FormatMagicMismatch);
     }
 
-    let expected_public_key_offset = expected_signature_offset
+    let expected_public_key_offset = offsets
+        .signature_offset
         .checked_add(SIGNATURE_LEN)
         .ok_or(SignatureVerificationError::MessageOffsetOverflow)?;
     if offsets.public_key_offset != expected_public_key_offset {
@@ -251,12 +268,6 @@ pub fn verify_message(
     if offsets.message_data_size != expected_message_size {
         return Err(SignatureVerificationError::InvalidMessageDataSize);
     }
-    if offsets.signature_instruction_index != self_instruction_index
-        || offsets.public_key_instruction_index != self_instruction_index
-        || offsets.message_instruction_index != self_instruction_index
-    {
-        return Err(SignatureVerificationError::InvalidInstructionIndex);
-    }
 
     let public_key = {
         let start = usize::from(

lazer/contracts/solana/programs/pyth-lazer-solana-contract/tests/solana_noop_program.so

@@ -7,15 +7,18 @@ use {
         ed25519_program,
         hash::Hash,
         instruction::{Instruction, InstructionError},
+        pubkey,
         pubkey::{Pubkey, PUBKEY_BYTES},
         signature::Keypair,
         signer::Signer,
         system_instruction, system_program, system_transaction, sysvar,
         transaction::{Transaction, TransactionError},
     },
-    std::env,
+    std::{env, path::Path},
 };
 
+const NOOP_PROGRAM_ID: Pubkey = pubkey!("HssDLpcBSwJQLJG7unwGCuJpBEdhdvHitoqqn2nLoN6");
+
 fn program_test() -> ProgramTest {
     if env::var("SBF_OUT_DIR").is_err() {
         env::set_var(
@@ -26,12 +29,23 @@ fn program_test() -> ProgramTest {
             ),
         );
     }
+    std::fs::copy(
+        dbg!(Path::new(&env::var("CARGO_MANIFEST_DIR").unwrap())
+            .join("tests/solana_noop_program.so")),
+        dbg!(format!(
+            "{}/../../../../target/sbf-solana-solana/release/solana_noop_program.so",
+            env::var("CARGO_MANIFEST_DIR").unwrap()
+        )),
+    )
+    .unwrap();
     println!("if add_program fails, run `cargo build-sbf` first.");
-    ProgramTest::new(
+    let mut program_test = ProgramTest::new(
         "pyth_lazer_solana_contract",
         pyth_lazer_solana_contract::ID,
         None,
-    )
+    );
+    program_test.add_program("solana_noop_program", NOOP_PROGRAM_ID, None);
+    program_test
 }
 
 struct Setup {
@@ -104,10 +118,10 @@ impl Setup {
 
     async fn verify_message(&mut self, message: &[u8], treasury: Pubkey) {
         // Instruction #0 will be ed25519 instruction;
-        // Instruction #1 will be our contract instruction.
+        // Instruction #1 will be the message receiver's instruction.
         let instruction_index = 1;
-        // 8 bytes for Anchor header, 4 bytes for Vec length.
-        let message_offset = 12;
+        // The whole instruction data is the lazer message.
+        let message_offset = 0;
         let ed25519_args = dbg!(pyth_lazer_solana_contract::Ed25519SignatureOffsets::new(
             message,
             instruction_index,
@@ -128,13 +142,12 @@ impl Setup {
                     &ed25519_program_args(&[ed25519_args]),
                     vec![],
                 ),
+                Instruction::new_with_bytes(NOOP_PROGRAM_ID, message, vec![]),
                 Instruction::new_with_bytes(
                     pyth_lazer_solana_contract::ID,
                     &pyth_lazer_solana_contract::instruction::VerifyMessage {
-                        message_data: message.to_vec(),
                         ed25519_instruction_index: 0,
                         signature_index: 0,
-                        message_offset,
                     }
                     .data(),
                     vec![