Use multiple signatures in tests

Change-Id: Ibcd2cfbd59d3eb3e0d4486252ae93a5f38c3b457
touchbrick · Jul 1, 2021 · 889895b · 889895b
1 parent 4a08dbf
commit 889895b
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 46 deletions.
diff --git a/solana/bridge/Cargo.lock b/solana/bridge/Cargo.lock
diff --git a/solana/bridge/program/Cargo.toml b/solana/bridge/program/Cargo.toml
@@ -25,6 +25,7 @@ solitaire = { path = "../../solitaire/program"}
 
 [dev-dependencies]
 hex = "*"
+hex-literal = "0.3.1"
 libsecp256k1 = { version = "0.3.5", features = [] }
 solana-client = "1.7.0"
 solana-sdk = "=1.7.0"
diff --git a/solana/bridge/program/tests/common.rs b/solana/bridge/program/tests/common.rs
@@ -173,32 +173,30 @@ mod helpers {
         payer: &Keypair,
         body: Vec<u8>,
         body_hash: [u8; 32],
-        secret_key: SecretKey,
+        secret_keys: &[SecretKey],
     ) {
-        let mut signers = [-1; 19];
-        signers[0] = 0;
+        // Push Secp256k1 instructions for each signature we want to verify.
+        for (i, key) in secret_keys.iter().enumerate() {
+            // Set this signers signature position as present at 0.
+            let mut signers = [-1; 19];
+            signers[i] = 0;
 
-        execute(
-            client,
-            payer,
-            &[payer],
-            &[
-                new_secp256k1_instruction(&secret_key, &body),
+            execute(client, payer, &[payer], &vec![
+                new_secp256k1_instruction(&key, &body),
                 instructions::verify_signatures(*program, payer.pubkey(), 0, VerifySignaturesData {
                     hash: body_hash,
-                    signers,
                     initial_creation: true,
+                    signers,
                 }).unwrap(),
-            ],
-        );
+            ]);
+        }
     }
 
     pub fn post_vaa(
         client: &RpcClient,
         program: &Pubkey,
         payer: &Keypair,
         vaa: PostVAAData,
-        guardian_set_index: u32,
     ) {
         execute(
             client,
@@ -207,8 +205,6 @@ mod helpers {
             &[instructions::post_vaa(
                 *program,
                 payer.pubkey(),
-                *emitter,
-                guardian_set_index,
                 vaa,
             )],
         );

diff --git a/solana/bridge/program/tests/integration.rs b/solana/bridge/program/tests/integration.rs
@@ -48,6 +48,7 @@ use std::time::{
 };
 
 use sha3::Digest;
+use hex_literal::hex;
 
 use bridge::{
     accounts::GuardianSetDerivationData,
@@ -73,16 +74,16 @@ mod common;
 fn test_alien_chain_messages() {
 }
 
-/// Ethereum Address (Keccak hashed Public Key)
-const INITIAL_PUBLIC: [u8; 20] = [
-    0x1d, 0x72, 0x87, 0x7e, 0xb2, 0xd8, 0x98, 0x73, 0x8a, 0xfe, 0x94, 0xc6, 0x10, 0x11, 0x52, 0xed,
-    0xe0, 0x43, 0x5d, 0xe9,
+/// Ethereum Test Addresses (Keccak hashed Public Key)
+const INITIAL_PUBLIC: [[u8; 20]; 2] = [
+    hex!("1d72877eb2d898738afe94c6101152ede0435de9"),
+    hex!("7C6824A51bD586ecdc866ECCc9cd04b317570dDB"),
 ];
 
-/// Secp256k1 Secret Key, used as the single initial guardian for testing.
-const INITIAL_SECRET: [u8; 32] = [
-    0x99, 0x70, 0x1c, 0x80, 0x5e, 0xf9, 0x38, 0xe1, 0x3f, 0x0e, 0x48, 0xf0, 0x9e, 0x2c, 0x32, 0x78,
-    0x91, 0xc1, 0xd8, 0x47, 0x29, 0xd1, 0x52, 0xf3, 0x01, 0xe7, 0xe6, 0x2c, 0xbf, 0x1f, 0x91, 0xc9,
+/// Secp256k1 Secret Keys, used as the single initial guardian for testing.
+const INITIAL_SECRET: [[u8; 32]; 2] = [
+    hex!("99701c805ef938e13f0e48f09e2c327891c1d84729d152f301e7e62cbf1f91c9"),
+    hex!("0e76b44615dcabbcd1e5060c9b18e879cd0d4a5a7323e15f48ef13169c179743"),
 ];
 
 #[test]
@@ -98,19 +99,19 @@ fn test_bridge_messages() {
     let emitter = Keypair::new();
 
     // Initialize the Bridge.
-    common::initialize(client, program, payer, &[INITIAL_PUBLIC]);
+    common::initialize(client, program, payer, &INITIAL_PUBLIC);
 
     // Post the message, publishing the data for guardian consumption.
     common::post_message(client, program, payer, &emitter, nonce, data.clone());
 
     // Emulate Guardian behaviour, verifying the data and publishing signatures/VAA.
-    let (vaa, body, body_hash, secret_key) = guardian_sign_round(&emitter, data.clone(), nonce);
-    common::verify_signatures(client, program, payer, body, body_hash, secret_key);
-    common::post_vaa(client, program, payer, &emitter.pubkey(), vaa, 0);
+    let (vaa, body, body_hash, keys) = guardian_sign_round(&emitter, data.clone(), nonce);
+    common::verify_signatures(client, program, payer, body, body_hash, &keys);
+    common::post_vaa(client, program, payer, vaa);
 
     // Upgrade the guardian set with a new set of guardians.
     let nonce = 12398;
-    let data = update_guardian_set(1, &[INITIAL_PUBLIC]);
+    let data = update_guardian_set(1, &INITIAL_PUBLIC);
     let message_key = common::post_message(client, program, payer, &emitter, nonce, data.clone());
 
     common::upgrade_guardian_set(
@@ -141,7 +142,7 @@ fn guardian_sign_round(
     emitter: &Keypair,
     data: Vec<u8>,
     nonce: u32,
-) -> (PostVAAData, Vec<u8>, [u8; 32], secp256k1::SecretKey) {
+) -> (PostVAAData, Vec<u8>, [u8; 32], Vec<secp256k1::SecretKey>) {
     let mut vaa = PostVAAData {
         version: 0,
         guardian_set_index: 0,
@@ -170,11 +171,6 @@ fn guardian_sign_round(
         v.into_inner()
     };
 
-    // Public Key: 0x1d72877eb2d898738afe94c6101152ede0435de9
-    let secret_key = secp256k1::SecretKey::parse(&INITIAL_SECRET).unwrap();
-    let public_key = secp256k1::PublicKey::from_secret_key(&secret_key);
-    println!("{}", hex::encode(&public_key.serialize()));
-
     // Hash this body, which is expected to be the same as the hash currently stored in the
     // signature account, binding that set of signatures to this VAA.
     let body_hash: [u8; 32] = {
@@ -183,17 +179,12 @@ fn guardian_sign_round(
         h.finalize().into()
     };
 
-    // Sign the body hash of the VAA.
-    let sig = secp256k1::sign(&Message::parse(&body_hash), &secret_key);
-
-    // Insert signature into VAA.
-    let signature = sig.0.serialize();
-    vaa.signatures.push(Signature {
-        index: 0,
-        r: signature[0..32].try_into().unwrap(),
-        s: signature[32..64].try_into().unwrap(),
-        v: sig.1.serialize(),
-    });
+    // Sign with all available secret keys.
+    let mut keys = Vec::new();
+    for secret_key in INITIAL_SECRET.iter() {
+        let secret_key = secp256k1::SecretKey::parse(secret_key).unwrap();
+        keys.push(secret_key);
+    }
 
-    (vaa, body, body_hash, secret_key)
+    (vaa, body, body_hash, keys)
 }