include signer equivalence check

Author: setzeus

stackslib/src/chainstate/stacks/boot/pox-4.clar

@@ -904,7 +904,8 @@
           (existing-entry (unwrap! (map-get? reward-cycle-pox-address-list { reward-cycle: reward-cycle, index: reward-cycle-index })
                           (err ERR_DELEGATION_NO_REWARD_SLOT)))
           (increased-entry-total (+ (get total-ustx existing-entry) partial-amount-ustx))
-          (increased-cycle-total (+ (get total-ustx existing-cycle) partial-amount-ustx)))
+          (increased-cycle-total (+ (get total-ustx existing-cycle) partial-amount-ustx))
+          (existing-signer-key (get signer existing-entry)))
 
           ;; must be stackable
           (try! (minimal-can-stack-stx pox-addr increased-entry-total reward-cycle u1))
@@ -924,6 +925,9 @@
           ;; Validate that amount is less than or equal to `max-amount`
           (asserts! (>= max-amount increased-entry-total) (err ERR_SIGNER_AUTH_AMOUNT_TOO_HIGH))
 
+          ;; Validate that signer-key matches the existing signer-key
+          (asserts! (is-eq existing-signer-key signer-key) (err ERR_INVALID_SIGNER_KEY))
+
           ;; Verify signature from delegate that allows this sender for this cycle
           ;; 'lock-period' param set to one period, same as aggregation-commit-indexed
           (try! (consume-signer-key-authorization pox-addr reward-cycle "agg-increase" u1 signer-sig signer-key increased-entry-total max-amount auth-id))

stackslib/src/chainstate/stacks/boot/pox_4_tests.rs

@@ -3410,6 +3410,7 @@ fn stack_agg_increase() {
         observer.get_blocks();
     }
     let latest_block = latest_block.expect("Failed to get tip");
+    //let latest_block = peer.tenure_with_txs(&[], &mut peer_nonce);
     // Current reward cycle: 5 (starts at burn block 101)
     let reward_cycle = get_current_reward_cycle(&peer, &peer.config.burnchain);
     let next_reward_cycle = reward_cycle.wrapping_add(1);
@@ -3430,6 +3431,17 @@ fn stack_agg_increase() {
         u128::MAX,
         1,
     );
+    // Increase Error Bob Signature For Bob
+    let lock_period = 1;
+    let bob_err_signature_increase = make_signer_key_signature(
+        &bob.pox_address,
+        &bob.private_key,
+        next_reward_cycle,
+        &Pox4SignatureTopic::AggregationCommit,
+        lock_period,
+        u128::MAX,
+        1,
+    );
     // Increase Alice Signature For Bob
     let alice_signature_increase = make_signer_key_signature(
         &bob.pox_address,
@@ -3556,6 +3568,22 @@ fn stack_agg_increase() {
         lock_period,
     );
     bob.nonce += 1;
+    // Bob's Error Aggregate Increase
+    let bobs_err_aggregate_increase = make_pox_4_aggregation_increase(
+        &bob.private_key,
+        bob.nonce,
+        &bob.pox_address,
+        next_reward_cycle,
+        bob_aggregate_commit_reward_index_actual
+            .clone()
+            .expect_u128()
+            .unwrap(),
+        Some(bob_err_signature_increase),
+        &bob.public_key,
+        u128::MAX,
+        1,
+    );
+    bob.nonce += 1;
     // Bob's Aggregate Increase
     let bobs_aggregate_increase = make_pox_4_aggregation_increase(
         &bob.private_key,
@@ -3575,6 +3603,7 @@ fn stack_agg_increase() {
     let txs = vec![
         eve_delegate_stx_to_bob_tx.clone(),
         bob_delegate_stack_stx_for_eve_tx.clone(),
+        bobs_err_aggregate_increase.clone(),
         bobs_aggregate_increase.clone(),
     ];
 
@@ -3588,10 +3617,25 @@ fn stack_agg_increase() {
         target_height.into(),
     );
 
+    // Fetch the error aggregate increase result & check that the err is ERR_INVALID_SIGNER_KEY
+    let bob_err_increase_result_actual = &tx_block
+        .receipts
+        .get(3)
+        .unwrap()
+        .result
+        .clone()
+        .expect_result_err()
+        .unwrap();
+    let bob_err_increase_result_expected = Value::Int(32);
+    assert_eq!(
+        bob_err_increase_result_actual,
+        &bob_err_increase_result_expected
+    );
+
     // Fetch the aggregate increase result & check that value is true
     let bob_aggregate_increase_result = &tx_block
         .receipts
-        .get(3)
+        .get(4)
         .unwrap()
         .result
         .clone()