Skip to content

noise-sv2: add 10s clock skew tolerance to signature verification #2017

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
plebhash merged 2 commits into from
Dec 6, 2025
Merged

noise-sv2: add 10s clock skew tolerance to signature verification #2017

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b846fc4
feat(noise): add 10s clock skew tolerance to signature verification
lucasbalieiro Dec 3, 2025
33f14db
add Display impl for `SignatureNoiseMessage` and update related error…
lucasbalieiro Dec 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion sv2/codec-sv2/src/error.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,14 @@ impl fmt::Display for Error {
),
MissingBytes(u) => write!(f, "Missing `{u}` Noise bytes"),
#[cfg(feature = "noise_sv2")]
NoiseSv2Error(e) => write!(f, "Noise SV2 Error: `{e:?}`"),
NoiseSv2Error(e) => match e {
NoiseError::InvalidCertificate(msg) => {
write!(f, "Invalid Certificate: {}", msg)
}
other => {
write!(f, "Noise SV2 Error: {:?}", other)
}
},
#[cfg(feature = "noise_sv2")]
NotInHandShakeState => write!(
f,
Expand Down
2 changes: 1 addition & 1 deletion sv2/noise-sv2/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "noise_sv2"
version = "1.4.0"
version = "1.4.1"
authors = ["The Stratum V2 Developers"]
edition = "2021"
readme = "README.md"
Expand Down
4 changes: 3 additions & 1 deletion sv2/noise-sv2/src/error.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ use alloc::vec::Vec;

use aes_gcm::Error as AesGcm;

use crate::signature_message::SignatureNoiseMessage;

/// Noise protocol error handling.
#[derive(Debug, PartialEq, Eq)]
pub enum Error {
Expand All @@ -31,7 +33,7 @@ pub enum Error {
InvalidCipherState,

/// Provided certificate is invalid or cannot be verified.
InvalidCertificate([u8; 74]),
InvalidCertificate(SignatureNoiseMessage),

/// A raw public key is invalid or cannot be parsed.
InvalidRawPublicKey,
Expand Down
2 changes: 1 addition & 1 deletion sv2/noise-sv2/src/initiator.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -396,7 +396,7 @@ impl Initiator {
};
Ok(codec)
} else {
Err(Error::InvalidCertificate(plaintext))
Err(Error::InvalidCertificate(plaintext.into()))
}
}

Expand Down
32 changes: 30 additions & 2 deletions sv2/noise-sv2/src/signature_message.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
// validity period.

use core::convert::TryInto;
use core::fmt;

use secp256k1::{hashes::sha256, schnorr::Signature, Keypair, Message, Secp256k1, XOnlyPublicKey};

Expand All @@ -32,6 +33,7 @@ use secp256k1::{hashes::sha256, schnorr::Signature, Keypair, Message, Secp256k1,
///
/// This structure ensures that messages are authenticated and valid only within
/// a specified time window, using Schnorr signatures over the `secp256k1` elliptic curve.
#[derive(Debug, PartialEq, Eq)]
pub struct SignatureNoiseMessage {
// Version of the protocol being used.
pub version: u16,
Expand All @@ -43,6 +45,23 @@ pub struct SignatureNoiseMessage {
pub signature: [u8; 64],
}

impl fmt::Display for SignatureNoiseMessage {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
// write header
write!(
f,
"SignatureNoiseMessage {{ version: {}, valid_from: {}, not_valid_after: {}, signature: ",
self.version, self.valid_from, self.not_valid_after
)?;

// write signature as hex manually
for byte in &self.signature {
write!(f, "{:02x}", byte)?;
}

write!(f, " }}")
}
}
impl From<[u8; 74]> for SignatureNoiseMessage {
// Converts a 74-byte array into a [`SignatureNoiseMessage`].
//
Expand Down Expand Up @@ -81,7 +100,8 @@ impl SignatureNoiseMessage {
self.verify_with_now(pk, authority_pk, now)
}

/// Verifies the validity and authenticity of the `SignatureNoiseMessage` at a given timestamp.
/// Verifies the validity and authenticity of the `SignatureNoiseMessage` at a given timestamp
/// with 10 seconds of tolerance.
///
/// See [`Self::verify`] for more details.
///
Expand All @@ -94,8 +114,16 @@ impl SignatureNoiseMessage {
authority_pk: &Option<XOnlyPublicKey>,
now: u32,
) -> bool {
// Allow the local clock to drift up to 10 seconds ahead or behind.
// See https://github.com/stratum-mining/stratum/issues/2015
const TIME_LEEWAY: u32 = 10;

if let Some(authority_pk) = authority_pk {
if self.valid_from <= now && self.not_valid_after >= now {
// Use saturating ops to cap edges (valid_from ≥ 0, not_valid_after ≤ u32::MAX),
// preventing wrap-around and subtle validation bugs with untrusted timestamps.
if self.valid_from.saturating_sub(TIME_LEEWAY) <= now
&& self.not_valid_after.saturating_add(TIME_LEEWAY) >= now
{
let secp = Secp256k1::verification_only();
let (m, s) = self.split();
// m = SHA-256(version || valid_from || not_valid_after || server_static_key)
Expand Down
Loading