refactor(lazer): change verify_message to a contract call, add test

Author: Riateche

lazer/Cargo.lock

@@ -3,7 +3,6 @@ resolver = "2"
 members = [
   "sdk/rust/protocol",
   "contracts/solana/programs/pyth-lazer-solana-contract",
-  "sdk/solana",
 ]
 
 # TODO: only for solana programs

lazer/Cargo.toml

@@ -2,7 +2,7 @@
 name = "pyth-lazer-solana-contract"
 version = "0.1.0"
 edition = "2021"
-description = "Pyth Lazer Solana contract."
+description = "Pyth Lazer Solana contract and SDK."
 license = "Apache-2.0"
 repository = "https://github.com/pyth-network/pyth-crosschain"
 
@@ -19,4 +19,15 @@ no-log-ix-name = []
 idl-build = ["anchor-lang/idl-build"]
 
 [dependencies]
+pyth-lazer-protocol = { version = "0.1.0", path = "../../../../sdk/rust/protocol" }
+
 anchor-lang = "0.30.1"
+bytemuck = "1.20.0"
+byteorder = "1.5.0"
+thiserror = "2.0.3"
+
+[dev-dependencies]
+hex = "0.4.3"
+solana-program-test = "1.18.26"
+solana-sdk = "1.18.26"
+tokio = { version = "1.40.0", features = ["full"] }

lazer/contracts/solana/programs/pyth-lazer-solana-contract/Cargo.toml

@@ -1,9 +1,4 @@
-use {
-    anchor_lang::{prelude::*, solana_program::pubkey::PUBKEY_BYTES},
-    std::mem::size_of,
-};
-
-declare_id!("pytd2yyk641x7ak7mkaasSJVXh6YYZnC7wTmtgAyxPt");
+mod signature;
 
 pub mod storage {
     use anchor_lang::prelude::{pubkey, Pubkey};
@@ -21,6 +16,18 @@ pub mod storage {
     }
 }
 
+use {
+    anchor_lang::{prelude::*, solana_program::pubkey::PUBKEY_BYTES},
+    std::mem::size_of,
+};
+
+pub use {
+    crate::signature::{ed25519_program_args, Ed25519SignatureOffsets},
+    pyth_lazer_protocol as protocol,
+};
+
+declare_id!("pytd2yyk641x7ak7mkaasSJVXh6YYZnC7wTmtgAyxPt");
+
 pub const MAX_NUM_TRUSTED_SIGNERS: usize = 2;
 
 #[derive(Debug, Clone, Copy, PartialEq, Eq, Default, AnchorSerialize, AnchorDeserialize)]
@@ -54,6 +61,8 @@ pub const STORAGE_SEED: &[u8] = b"storage";
 
 #[program]
 pub mod pyth_lazer_solana_contract {
+    use signature::VerifiedMessage;
+
     use super::*;
 
     pub fn initialize(ctx: Context<Initialize>, top_authority: Pubkey) -> Result<()> {
@@ -102,6 +111,36 @@ pub mod pyth_lazer_solana_contract {
             .expect("num signers overflow");
         Ok(())
     }
+
+    /// Verifies a ed25519 signature on Solana by checking that the transaction contains
+    /// a correct call to the built-in `ed25519_program`.
+    ///
+    /// - `message_data` is the signed message that is being verified.
+    /// - `ed25519_instruction_index` is the index of the `ed25519_program` instruction
+    ///   within the transaction. This instruction must precede the current instruction.
+    /// - `signature_index` is the index of the signature within the inputs to the `ed25519_program`.
+    /// - `message_offset` is the offset of the signed message within the
+    ///   input data for the current instruction.
+    pub fn verify_message(
+        ctx: Context<VerifyMessage>,
+        message_data: Vec<u8>,
+        ed25519_instruction_index: u16,
+        signature_index: u8,
+        message_offset: u16,
+    ) -> Result<VerifiedMessage> {
+        signature::verify_message(
+            &ctx.accounts.storage,
+            &ctx.accounts.sysvar,
+            &message_data,
+            ed25519_instruction_index,
+            signature_index,
+            message_offset,
+        )
+        .map_err(|err| {
+            msg!("signature verification error: {:?}", err);
+            err.into()
+        })
+    }
 }
 
 #[derive(Accounts)]
@@ -130,3 +169,13 @@ pub struct Update<'info> {
     )]
     pub storage: Account<'info, Storage>,
 }
+
+#[derive(Accounts)]
+pub struct VerifyMessage<'info> {
+    #[account(
+        seeds = [STORAGE_SEED],
+        bump,
+    )]
+    pub storage: Account<'info, Storage>,
+    pub sysvar: AccountInfo<'info>,
+}

lazer/contracts/solana/programs/pyth-lazer-solana-contract/src/lib.rs

@@ -1,14 +1,12 @@
 use {
-    anchor_lang::{prelude::Clock, AccountDeserialize},
+    crate::Storage,
+    anchor_lang::{
+        prelude::{borsh, AccountInfo, Clock, ProgramError, Pubkey, SolanaSysvar},
+        solana_program::{ed25519_program, pubkey::PUBKEY_BYTES, sysvar},
+        AnchorDeserialize, AnchorSerialize,
+    },
     bytemuck::{cast_slice, checked::try_cast_slice, Pod, Zeroable},
     byteorder::{ByteOrder, LE},
-    solana_program::{
-        account_info::AccountInfo,
-        ed25519_program,
-        program_error::ProgramError,
-        pubkey::PUBKEY_BYTES,
-        sysvar::{self, Sysvar},
-    },
     thiserror::Error,
 };
 
@@ -44,33 +42,32 @@ pub struct Ed25519SignatureOffsets {
     pub message_instruction_index: u16,
 }
 
-/// Sets up `Ed25519SignatureOffsets` for verifying the Pyth Lazer message signature.
-/// - `instruction_data` must be the *full* input data for your contract's instruction.
-/// - `instruction_index` is the index of that instruction within the transaction.
-/// - `starting_offset` is the offset of the Pyth Lazer message within the instruction data.
-///
-/// Panics if `starting_offset` is invalid or the `instruction_data` is not long enough to
-/// contain the message.
-pub fn signature_offsets(
-    instruction_data: &[u8],
-    instruction_index: u16,
-    starting_offset: u16,
-) -> Ed25519SignatureOffsets {
-    let signature_offset = starting_offset + MAGIC_LEN;
-    let public_key_offset = signature_offset + SIGNATURE_LEN;
-    let message_data_size_offset = public_key_offset + PUBKEY_LEN;
-    let message_data_offset = message_data_size_offset + MESSAGE_SIZE_LEN;
-    let message_data_size = LE::read_u16(
-        &instruction_data[message_data_size_offset.into()..message_data_offset.into()],
-    );
-    Ed25519SignatureOffsets {
-        signature_offset,
-        signature_instruction_index: instruction_index,
-        public_key_offset,
-        public_key_instruction_index: instruction_index,
-        message_data_offset,
-        message_data_size,
-        message_instruction_index: instruction_index,
+impl Ed25519SignatureOffsets {
+    /// Sets up `Ed25519SignatureOffsets` for verifying the Pyth Lazer message signature.
+    /// - `message` is the Pyth Lazer message being sent.
+    /// - `instruction_index` is the index of that instruction within the transaction.
+    /// - `starting_offset` is the offset of the Pyth Lazer message within the instruction data.
+    ///
+    /// Panics if `starting_offset` is invalid or the `instruction_data` is not long enough to
+    /// contain the message.
+    pub fn new(message: &[u8], instruction_index: u16, starting_offset: u16) -> Self {
+        let signature_offset = starting_offset + MAGIC_LEN;
+        let public_key_offset = signature_offset + SIGNATURE_LEN;
+        let message_data_size_offset = public_key_offset + PUBKEY_LEN;
+        let message_data_offset = message_data_size_offset + MESSAGE_SIZE_LEN;
+        let message_data_size = LE::read_u16(
+            &message[(message_data_size_offset - starting_offset).into()
+                ..(message_data_offset - starting_offset).into()],
+        );
+        Ed25519SignatureOffsets {
+            signature_offset,
+            signature_instruction_index: instruction_index,
+            public_key_offset,
+            public_key_instruction_index: instruction_index,
+            message_data_offset,
+            message_data_size,
+            message_instruction_index: instruction_index,
+        }
     }
 }
 
@@ -86,12 +83,12 @@ pub fn ed25519_program_args(signatures: &[Ed25519SignatureOffsets]) -> Vec<u8> {
 }
 
 /// A message with a verified ed25519 signature.
-#[derive(Debug, Clone, Copy)]
-pub struct VerifiedMessage<'a> {
+#[derive(Debug, Clone, AnchorSerialize, AnchorDeserialize)]
+pub struct VerifiedMessage {
     /// Public key that signed the message.
-    pub public_key: &'a [u8],
+    pub public_key: Pubkey,
     /// Signed message payload.
-    pub payload: &'a [u8],
+    pub payload: Vec<u8>,
 }
 
 #[derive(Debug, Error)]
@@ -145,6 +142,12 @@ impl From<SignatureVerificationError> for ProgramError {
     }
 }
 
+impl From<SignatureVerificationError> for anchor_lang::error::Error {
+    fn from(value: SignatureVerificationError) -> Self {
+        ProgramError::from(value).into()
+    }
+}
+
 /// Verifies a ed25519 signature on Solana by checking that the transaction contains
 /// a correct call to the built-in `ed25519_program`.
 ///
@@ -154,24 +157,14 @@ impl From<SignatureVerificationError> for ProgramError {
 /// - `signature_index` is the index of the signature within the inputs to the `ed25519_program`.
 /// - `message_offset` is the offset of the signed message within the
 ///   input data for the current instruction.
-pub fn verify_message<'a>(
-    pyth_storage_account: &AccountInfo,
+pub fn verify_message(
+    storage: &Storage,
     instruction_sysvar: &AccountInfo,
-    message_data: &'a [u8],
+    message_data: &[u8],
     ed25519_instruction_index: u16,
     signature_index: u8,
     message_offset: u16,
-) -> Result<VerifiedMessage<'a>, SignatureVerificationError> {
-    if pyth_storage_account.key != &pyth_lazer_solana_contract::storage::ID {
-        return Err(SignatureVerificationError::InvalidStorageAccountId);
-    }
-    let storage = {
-        let storage_data = pyth_storage_account.data.borrow();
-        let mut storage_data: &[u8] = *storage_data;
-        pyth_lazer_solana_contract::Storage::try_deserialize(&mut storage_data)
-            .map_err(|_| SignatureVerificationError::InvalidStorageData)?
-    };
-
+) -> Result<VerifiedMessage, SignatureVerificationError> {
     const SOLANA_FORMAT_MAGIC_LE: u32 = 2182742457;
 
     let self_instruction_index =
@@ -300,7 +293,7 @@ pub fn verify_message<'a>(
     };
 
     Ok(VerifiedMessage {
-        public_key,
-        payload,
+        public_key: Pubkey::new_from_array(public_key.try_into().unwrap()),
+        payload: payload.to_vec(),
     })
 }

lazer/sdk/solana/src/signature.rs renamed to lazer/contracts/solana/programs/pyth-lazer-solana-contract/src/signature.rs

@@ -0,0 +1,123 @@
+use {
+    anchor_lang::{prelude::AccountMeta, InstructionData},
+    pyth_lazer_solana_contract::ed25519_program_args,
+    solana_program_test::ProgramTest,
+    solana_sdk::{
+        ed25519_program, instruction::Instruction, signer::Signer, system_program, sysvar,
+        transaction::Transaction,
+    },
+    std::env,
+};
+
+#[tokio::test]
+async fn test1() {
+    if env::var("SBF_OUT_DIR").is_err() {
+        env::set_var(
+            "SBF_OUT_DIR",
+            format!(
+                "{}/../../../../target/sbf-solana-solana/release",
+                env::var("CARGO_MANIFEST_DIR").unwrap()
+            ),
+        );
+    }
+    println!("if add_program fails, run `cargo build-sbf` first.");
+    let program_test = ProgramTest::new(
+        "pyth_lazer_solana_contract",
+        pyth_lazer_solana_contract::ID,
+        None,
+    );
+    let (mut banks_client, payer, recent_blockhash) = program_test.start().await;
+
+    let mut transaction_init_contract = Transaction::new_with_payer(
+        &[Instruction::new_with_bytes(
+            pyth_lazer_solana_contract::ID,
+            &pyth_lazer_solana_contract::instruction::Initialize {
+                top_authority: payer.pubkey(),
+            }
+            .data(),
+            vec![
+                AccountMeta::new(payer.pubkey(), true),
+                AccountMeta::new(pyth_lazer_solana_contract::storage::ID, false),
+                AccountMeta::new_readonly(system_program::ID, false),
+            ],
+        )],
+        Some(&payer.pubkey()),
+    );
+    transaction_init_contract.sign(&[&payer], recent_blockhash);
+    banks_client
+        .process_transaction(transaction_init_contract)
+        .await
+        .unwrap();
+
+    let verifying_key =
+        hex::decode("74313a6525edf99936aa1477e94c72bc5cc617b21745f5f03296f3154461f214").unwrap();
+    let message = hex::decode(
+        "b9011a82e5cddee2c1bd364c8c57e1c98a6a28d194afcad410ff412226c8b2ae931ff59a57147cb47c7307\
+        afc2a0a1abec4dd7e835a5b7113cf5aeac13a745c6bed6c60074313a6525edf99936aa1477e94c72bc5cc61\
+        7b21745f5f03296f3154461f2141c0075d3c7931c9773f30a240600010102000000010000e1f50500000000",
+    )
+    .unwrap();
+
+    let mut transaction_set_trusted = Transaction::new_with_payer(
+        &[Instruction::new_with_bytes(
+            pyth_lazer_solana_contract::ID,
+            &pyth_lazer_solana_contract::instruction::Update {
+                trusted_signer: verifying_key.try_into().unwrap(),
+                expires_at: i64::MAX,
+            }
+            .data(),
+            vec![
+                AccountMeta::new(payer.pubkey(), true),
+                AccountMeta::new(pyth_lazer_solana_contract::storage::ID, false),
+            ],
+        )],
+        Some(&payer.pubkey()),
+    );
+    transaction_set_trusted.sign(&[&payer], recent_blockhash);
+    banks_client
+        .process_transaction(transaction_set_trusted)
+        .await
+        .unwrap();
+
+    // Instruction #0 will be ed25519 instruction;
+    // Instruction #1 will be our contract instruction.
+    let instruction_index = 1;
+    // 8 bytes for Anchor header, 4 bytes for Vec length.
+    let message_offset = 12;
+    let ed25519_args = dbg!(pyth_lazer_solana_contract::Ed25519SignatureOffsets::new(
+        &message,
+        instruction_index,
+        message_offset,
+    ));
+
+    println!("ok1");
+    let mut transaction_verify = Transaction::new_with_payer(
+        &[
+            Instruction::new_with_bytes(
+                ed25519_program::ID,
+                &ed25519_program_args(&[ed25519_args]),
+                vec![],
+            ),
+            Instruction::new_with_bytes(
+                pyth_lazer_solana_contract::ID,
+                &pyth_lazer_solana_contract::instruction::VerifyMessage {
+                    message_data: message,
+                    ed25519_instruction_index: 0,
+                    signature_index: 0,
+                    message_offset,
+                }
+                .data(),
+                vec![
+                    AccountMeta::new_readonly(pyth_lazer_solana_contract::storage::ID, false),
+                    AccountMeta::new_readonly(sysvar::instructions::ID, false),
+                ],
+            ),
+        ],
+        Some(&payer.pubkey()),
+    );
+    transaction_verify.sign(&[&payer], recent_blockhash);
+    banks_client
+        .process_transaction(transaction_verify)
+        .await
+        .unwrap();
+}