Skip to content

feat(lazer/sui): verify signatures against trusted signers #2982

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 28 commits into from
Aug 25, 2025
Merged

feat(lazer/sui): verify signatures against trusted signers #2982

merged 28 commits into from
Aug 25, 2025

Conversation

tejasbadadare
Copy link
Contributor

Summary

Verify signature against trusted signers from state.
Next up i'll break up the parse function a bit so I can add better error handling.

How has this been tested?

  • Current tests cover my changes
  • Added new tests
  • Manually tested the code

tejasbadadare and others added 25 commits August 19, 2025 14:17
@tejasbadadare
feat(lazer/sui): specify version
2c4ae46
@devin-ai-integration @tejasbadadare
feat(lazer-sui): add state module with trusted signer storage and tests
69682bc 
Co-Authored-By: Tejas Badadare <[email protected]>
@tejasbadadare
Merge branch 'tb/lazer/sui-storage' of github.com:pyth-network/pyth-c…
21d8937 
…rosschain into tb/lazer/sui-storage
@devin-ai-integration @tejasbadadare
fix
7380293 
Co-Authored-By: Tejas Badadare <[email protected]>
@tejasbadadare
Merge branch 'tb/lazer/sui-storage' of github.com:pyth-network/pyth-c…
0e70796 
…rosschain into tb/lazer/sui-storage
@devin-ai-integration @tejasbadadare
fix(sui-lazer): finalize state module with trusted signer management …
f34b7fc 
…and tests; verified with Sui CLI 1.53.2

Co-Authored-By: Tejas Badadare <[email protected]>
@tejasbadadare
Merge branch 'tb/lazer/sui-storage' of github.com:pyth-network/pyth-c…
112cd39 
…rosschain into tb/lazer/sui-storage
@devin-ai-integration @tejasbadadare
chore(sui-lazer): remove warnings in state module; clean build on Sui…
d7bd862 
… CLI 1.53.2

Co-Authored-By: Tejas Badadare <[email protected]>
@tejasbadadare
feat(lazer/sui): add trusted signer state
48e070d
@devin-ai-integration @tejasbadadare
feat(lazer/sui): add package init and AdminCapability; share State an…
8ee64ba 
…d gate updates with admin cap

Co-Authored-By: Tejas Badadare <[email protected]>
@tejasbadadare
comments
a7436fa
@tejasbadadare
Merge branch 'tb/lazer/sui-storage' of github.com:pyth-network/pyth-c…
88ef465 
…rosschain into tb/lazer/sui-storage
@tejasbadadare
resolve warnings
e64eb21
@devin-ai-integration @tejasbadadare
feat(sui-lazer): add admin-gated entry to update trusted signer via A…
187f0e9 
…dminCapability

Co-Authored-By: Tejas Badadare <[email protected]>
@devin-ai-integration
Revert "feat(sui-lazer): add admin-gated entry to update trusted sign…
ddad6d6 
…er via AdminCapability"

This reverts commit 187f0e9.
@tejasbadadare
naming, make update_trusted_signer public
0fc417e
@devin-ai-integration @tejasbadadare
feat(sui-lazer): use OTW for AdminCap in admin::init; add OTW to pyth…
da1a2a1 
…_lazer::init; share State; add OTW doc comments

Co-Authored-By: Tejas Badadare <[email protected]>
@tejasbadadare
lint
389f5d7
@tejasbadadare
doc
f1b6fc4
@tejasbadadare
feat(lazer/sui): verify against trusted signers
96eaa10
@tejasbadadare
docs, clean up
f53e83f
@tejasbadadare
remove unneeded otw type check
b9a844d
@tejasbadadare
Merge branch 'tb/lazer/sui-storage' of github.com:pyth-network/pyth-c…
9c92f6e 
…rosschain into tb/lazer/sui-verify
@tejasbadadare
lint
41c66dc
@tejasbadadare
Merge branch 'tb/lazer/sui-storage' of github.com:pyth-network/pyth-c…
7f10b9d 
…rosschain into tb/lazer/sui-verify
@vercel Vercel
Copy link

vercel bot commented Aug 22, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
api-reference Ready Ready Preview Comment Aug 25, 2025 7:55pm
component-library Ready Ready Preview Comment Aug 25, 2025 7:55pm
developer-hub Ready Ready Preview Comment Aug 25, 2025 7:55pm
entropy-explorer Ready Ready Preview Comment Aug 25, 2025 7:55pm
insights Ready Ready Preview Comment Aug 25, 2025 7:55pm
proposals Ready Ready Preview Comment Aug 25, 2025 7:55pm
staking Ready Ready Preview Comment Aug 25, 2025 7:55pm

merolish
merolish reviewed Aug 22, 2025
View reviewed changes
lazer/contracts/sui/sources/state.move
use pyth_lazer::admin::{Self, AdminCap};

const ED25519_PUBKEY_LEN: u64 = 32;
const SECP256K1_COMPRESSED_PUBKEY_LEN: u64 = 33;
Copy link
Contributor

@merolish merolish Aug 22, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was this mislabeled?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gave a more accurate name

merolish
merolish reviewed Aug 22, 2025
View reviewed changes
lazer/contracts/sui/sources/pyth_lazer.move
// When we have an unknown property, we do not know its length, and therefore
// we cannot ignore it and parse the next properties.
abort 0 // FIXME: return more granular error messages
abort EInvalidUpdate // FIXME: return more granular error messages
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this no longer a fixme?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still a FIXME since there are several other places in the parsing where the code can revert. Will be tackling this next.

merolish
merolish approved these changes Aug 22, 2025
View reviewed changes
Copy link
Contributor

@merolish merolish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems reasonable as far as I can tell.

ali-behjati
ali-behjati reviewed Aug 25, 2025
View reviewed changes
lazer/contracts/sui/sources/pyth_lazer.move Outdated
/// # Errors
/// * `ESignerNotTrusted` - The recovered public key is not in the trusted signers list
/// * `ESignerExpired` - The signer's certificate has expired
public fun verify_le_ecdsa_message(
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we need to make it public :? maybe public in crate be enough (so we can test it, but users don't use it)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, figured it might be handy for users, but yeah i can't think of a scenario where they'd wanna validate without parsing.

Base automatically changed from tb/lazer/sui-storage to main August 25, 2025 19:23
@tejasbadadare tejasbadadare merged commit 005026c into main Aug 25, 2025
4 of 11 checks passed
@tejasbadadare tejasbadadare deleted the tb/lazer/sui-verify branch August 25, 2025 19:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ali-behjati ali-behjati ali-behjati approved these changes

@merolish merolish merolish approved these changes

@darunrs darunrs darunrs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@tejasbadadare @ali-behjati @merolish @darunrs