eth2util/signing: add signature verification for SignedAggregateAndPr…

…oof (#1120) Adds signature verification to eth2util/signing for SignedAggregateAndProof. category: feature ticket: #1094
ObolNetwork · Sep 13, 2022 · db2b555 · db2b555
1 parent 3519545
commit db2b555
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 1 deletion.
diff --git a/eth2util/signing/signing.go b/eth2util/signing/signing.go
@@ -43,8 +43,8 @@ const (
 	DomainExit               DomainName = "DOMAIN_VOLUNTARY_EXIT"
 	DomainApplicationBuilder DomainName = "DOMAIN_APPLICATION_BUILDER"
 	DomainSelectionProof     DomainName = "DOMAIN_SELECTION_PROOF"
+	DomainAggregateAndProof  DomainName = "DOMAIN_AGGREGATE_AND_PROOF"
 	// DomainDeposit        	         DomainName = "DOMAIN_DEPOSIT"
-	// DomainAggregateAndProof           DomainName = "DOMAIN_AGGREGATE_AND_PROOF"
 	// DomainSyncCommittee               DomainName = "DOMAIN_SYNC_COMMITTEE"
 	// DomainSyncCommitteeSelectionProof DomainName = "DOMAIN_SYNC_COMMITTEE_SELECTION_PROOF"
 	// DomainContributionAndProof        DomainName = "DOMAIN_CONTRIBUTION_AND_PROOF".
@@ -202,6 +202,20 @@ func VerifyBeaconCommitteeSubscription(ctx context.Context, eth2Cl eth2wrap.Clie
 	return verify(ctx, eth2Cl, DomainSelectionProof, epoch, sigRoot, sub.SlotSignature, pubkey)
 }
 
+func VerifyAggregateAndProof(ctx context.Context, eth2Cl eth2wrap.Client, pubkey *bls_sig.PublicKey, agg *eth2p0.SignedAggregateAndProof) error {
+	epoch, err := epochFromSlot(ctx, eth2Cl, agg.Message.Aggregate.Data.Slot)
+	if err != nil {
+		return err
+	}
+
+	sigRoot, err := agg.Message.HashTreeRoot()
+	if err != nil {
+		return err
+	}
+
+	return verify(ctx, eth2Cl, DomainAggregateAndProof, epoch, sigRoot, agg.Signature, pubkey)
+}
+
 // verify returns an error if the signature doesn't match the eth2 domain signed root.
 func verify(ctx context.Context, eth2Cl eth2wrap.Client, domain DomainName, epoch eth2p0.Epoch,
 	sigRoot [32]byte, sig eth2p0.BLSSignature, pubshare *bls_sig.PublicKey,

diff --git a/eth2util/signing/signing_test.go b/eth2util/signing/signing_test.go
@@ -240,6 +240,34 @@ func TestVerifyBeaconCommitteeSubscription(t *testing.T) {
 	require.NoError(t, signing.VerifyBeaconCommitteeSubscription(context.Background(), bmock, pubkey, sub))
 }
 
+func TestVerifyAggregateAndProof(t *testing.T) {
+	bmock, err := beaconmock.New()
+	require.NoError(t, err)
+
+	agg := &eth2p0.SignedAggregateAndProof{
+		Message: &eth2p0.AggregateAndProof{
+			AggregatorIndex: testutil.RandomVIdx(),
+			Aggregate:       testutil.RandomAttestation(),
+			SelectionProof:  testutil.RandomEth2Signature(),
+		},
+	}
+
+	sigRoot, err := agg.Message.HashTreeRoot()
+	require.NoError(t, err)
+
+	slotsPerEpoch, err := bmock.SlotsPerEpoch(context.Background())
+	require.NoError(t, err)
+	epoch := eth2p0.Epoch(uint64(agg.Message.Aggregate.Data.Slot) / slotsPerEpoch)
+
+	sigData, err := signing.GetDataRoot(context.Background(), bmock, signing.DomainAggregateAndProof, epoch, sigRoot)
+	require.NoError(t, err)
+
+	sig, pubkey := sign(t, sigData[:])
+	agg.Signature = tblsconv.SigToETH2(sig)
+
+	require.NoError(t, signing.VerifyAggregateAndProof(context.Background(), bmock, pubkey, agg))
+}
+
 func sign(t *testing.T, data []byte) (*bls_sig.Signature, *bls_sig.PublicKey) {
 	t.Helper()