Add merkle tree batch verification panic catch

Julian Ventura · Julian Ventura · commit 5dff8f74949e · 2024-10-08T14:52:39.000-03:00
diff --git a/operator/merkle_tree/lib/merkle_tree.h b/operator/merkle_tree/lib/merkle_tree.h
@@ -1,3 +1,4 @@
 #include <stdbool.h>
+#include <stdint.h>
 
-bool verify_merkle_tree_batch_ffi(unsigned char *batch_bytes, unsigned int batch_len, unsigned char *merkle_root);
+int32_t verify_merkle_tree_batch_ffi(unsigned char *batch_bytes, unsigned int batch_len, unsigned char *merkle_root);
diff --git a/operator/merkle_tree/lib/src/lib.rs b/operator/merkle_tree/lib/src/lib.rs
@@ -5,7 +5,7 @@ use lambdaworks_crypto::merkle_tree::merkle::MerkleTree;
 use log::error;
 
 #[no_mangle]
-pub extern "C" fn verify_merkle_tree_batch_ffi(
+pub extern "C" fn inner_verify_merkle_tree_batch_ffi(
     batch_ptr: *const u8,
     batch_len: usize,
     merkle_root: &[u8; 32],
@@ -53,6 +53,22 @@ pub extern "C" fn verify_merkle_tree_batch_ffi(
     computed_batch_merkle_tree.root == *merkle_root
 }
 
+#[no_mangle]
+pub extern "C" fn verify_merkle_tree_batch_ffi(
+    batch_ptr: *const u8,
+    batch_len: usize,
+    merkle_root: &[u8; 32],
+) -> i32 {
+    let result = std::panic::catch_unwind(|| {
+        inner_verify_merkle_tree_batch_ffi(batch_ptr, batch_len, merkle_root)
+    });
+
+    match result {
+        Ok(v) => v as i32,
+        Err(_) => -1,
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use super::*;
@@ -75,7 +91,7 @@ mod tests {
         let result =
             verify_merkle_tree_batch_ffi(bytes_vec.as_ptr(), bytes_vec.len(), &merkle_root);
 
-        assert_eq!(result, true);
+        assert_eq!(result, 1);
     }
 
     #[test]
@@ -92,7 +108,7 @@ mod tests {
         let result =
             verify_merkle_tree_batch_ffi(bytes_vec.as_ptr(), bytes_vec.len(), &merkle_root);
 
-        assert_eq!(result, false);
+        assert_eq!(result, 0);
     }
 
     #[test]
@@ -109,6 +125,6 @@ mod tests {
         let result =
             verify_merkle_tree_batch_ffi(bytes_vec.as_ptr(), bytes_vec.len(), &merkle_root);
 
-        assert_eq!(result, false);
+        assert_eq!(result, 0);
     }
 }
diff --git a/operator/merkle_tree/merkle_tree.go b/operator/merkle_tree/merkle_tree.go
@@ -8,13 +8,35 @@ package merkle_tree
 */
 import "C"
 import "unsafe"
+import "fmt"
 
-func VerifyMerkleTreeBatch(batchBuffer []byte, merkleRootBuffer [32]byte) bool {
+func VerifyMerkleTreeBatch(batchBuffer []byte, merkleRootBuffer [32]byte) (isVerified bool, err error) {
+	// Here we define the return value on failure
+	isVerified = false
+	err = nil
 	if len(batchBuffer) == 0 {
-		return false
+		return isVerified, err
 	}
 
+	// This will catch any go panic
+	defer func() {
+		rec := recover()
+		if rec != nil {
+			err = fmt.Errorf("Panic was caught while verifying merkle tree batch: %s", rec)
+		}
+	}()
+
 	batchPtr := (*C.uchar)(unsafe.Pointer(&batchBuffer[0]))
 	merkleRootPtr := (*C.uchar)(unsafe.Pointer(&merkleRootBuffer[0]))
-	return (bool)(C.verify_merkle_tree_batch_ffi(batchPtr, (C.uint)(len(batchBuffer)), merkleRootPtr))
+
+	r := (C.int32_t)(C.verify_merkle_tree_batch_ffi(batchPtr, (C.uint)(len(batchBuffer)), merkleRootPtr))
+
+	if r == -1 {
+		err = fmt.Errorf("Panic happened on FFI while verifying merkle tree batch")
+		return isVerified, err
+	}
+
+	isVerified = (r == 1)
+
+	return isVerified, err
 }
diff --git a/operator/merkle_tree/merkle_tree_test.go b/operator/merkle_tree/merkle_tree_test.go
@@ -32,7 +32,8 @@ func TestVerifyMerkleTreeBatch(t *testing.T) {
 	var merkleRoot [32]byte
 	copy(merkleRoot[:], merkle_root)
 
-	if !VerifyMerkleTreeBatch(batchByteValue, merkleRoot) {
+	verified, err := VerifyMerkleTreeBatch(batchByteValue, merkleRoot)
+	if err != nil || !verified {
 		t.Errorf("Batch did not verify Merkle Root")
 	}
 
diff --git a/operator/pkg/s3.go b/operator/pkg/s3.go
@@ -91,8 +91,11 @@ func (o *Operator) getBatchFromDataService(ctx context.Context, batchURL string,
 
 	// Checks if downloaded merkle root is the same as the expected one
 	o.Logger.Infof("Verifying batch merkle tree...")
-	merkle_root_check := merkle_tree.VerifyMerkleTreeBatch(batchBytes, expectedMerkleRoot)
-	if !merkle_root_check {
+	merkle_root_check, err := merkle_tree.VerifyMerkleTreeBatch(batchBytes, expectedMerkleRoot)
+	if err != nil {
+		o.Logger.Errorf("Error while verifying merkle tree batch")
+	}
+	if err != nil || !merkle_root_check {
 		// try old merkle tree
 		o.Logger.Infof("Batch merkle tree verification failed. Trying old merkle tree...")
 		merkle_root_check = merkle_tree_old.VerifyMerkleTreeBatchOld(batchBytes, expectedMerkleRoot)

Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,8 @@ func TestVerifyMerkleTreeBatch(t *testing.T) {`
`32`	`32`	`var merkleRoot [32]byte`
`33`	`33`	`copy(merkleRoot[:], merkle_root)`
`34`	`34`
`35`		`- if !VerifyMerkleTreeBatch(batchByteValue, merkleRoot) {`
	`35`	`+ verified, err := VerifyMerkleTreeBatch(batchByteValue, merkleRoot)`
	`36`	`+ if err != nil \|\| !verified {`
`36`	`37`	`t.Errorf("Batch did not verify Merkle Root")`
`37`	`38`	`}`
`38`	`39`