From 3e8c035043f333d68775cdc51a75aad559be61bc Mon Sep 17 00:00:00 2001
From: pleasew8t <jason@asymmetric.re>
Date: Thu, 19 Sep 2024 13:21:02 +0200
Subject: [PATCH] node: replace use of vaa.AddSigner with guardian signer

---
 node/pkg/adminrpc/adminserver.go      | 18 ++++++--
 node/pkg/adminrpc/adminserver_test.go | 66 ++++++++++++++++-----------
 2 files changed, 52 insertions(+), 32 deletions(-)

diff --git a/node/pkg/adminrpc/adminserver.go b/node/pkg/adminrpc/adminserver.go
index 76426a556d..d45a0dbc1d 100644
--- a/node/pkg/adminrpc/adminserver.go
+++ b/node/pkg/adminrpc/adminserver.go
@@ -3,7 +3,6 @@ package adminrpc
 import (
 	"bytes"
 	"context"
-	"crypto/ecdsa"
 	"encoding/base64"
 	"encoding/hex"
 	"encoding/json"
@@ -19,6 +18,7 @@ import (
 	"sync"
 	"time"
 
+	"github.com/certusone/wormhole/node/pkg/guardiansigner"
 	"github.com/certusone/wormhole/node/pkg/watchers/evm/connectors"
 	"github.com/holiman/uint256"
 	"github.com/prometheus/client_golang/prometheus"
@@ -61,7 +61,7 @@ type nodePrivilegedService struct {
 	governor        *governor.ChainGovernor
 	evmConnector    connectors.Connector
 	gsCache         sync.Map
-	gk              *ecdsa.PrivateKey
+	guardianSigner  guardiansigner.GuardianSigner
 	guardianAddress ethcommon.Address
 	rpcMap          map[string]string
 }
@@ -74,7 +74,7 @@ func NewPrivService(
 	signedInC chan<- *gossipv1.SignedVAAWithQuorum,
 	governor *governor.ChainGovernor,
 	evmConnector connectors.Connector,
-	gk *ecdsa.PrivateKey,
+	guardianSigner guardiansigner.GuardianSigner,
 	guardianAddress ethcommon.Address,
 	rpcMap map[string]string,
 
@@ -87,7 +87,7 @@ func NewPrivService(
 		signedInC:       signedInC,
 		governor:        governor,
 		evmConnector:    evmConnector,
-		gk:              gk,
+		guardianSigner:  guardianSigner,
 		guardianAddress: guardianAddress,
 		rpcMap:          rpcMap,
 	}
@@ -1162,7 +1162,15 @@ func (s *nodePrivilegedService) SignExistingVAA(ctx context.Context, req *nodev1
 	}
 
 	// Add local signature
-	newVAA.AddSignature(s.gk, uint8(localGuardianIndex))
+	sig, err := s.guardianSigner.Sign(v.SigningDigest().Bytes())
+
+	sigData := [65]byte{}
+	copy(sigData[:], sig)
+
+	newVAA.Signatures = append(v.Signatures, &vaa.Signature{
+		Index:     uint8(localGuardianIndex),
+		Signature: sigData,
+	})
 
 	// Sort VAA signatures by guardian ID
 	slices.SortFunc(newVAA.Signatures, func(a, b *vaa.Signature) int {
diff --git a/node/pkg/adminrpc/adminserver_test.go b/node/pkg/adminrpc/adminserver_test.go
index f1167f71c1..7d14140984 100644
--- a/node/pkg/adminrpc/adminserver_test.go
+++ b/node/pkg/adminrpc/adminserver_test.go
@@ -4,13 +4,13 @@ package adminrpc
 import (
 	"bytes"
 	"context"
-	"crypto/ecdsa"
 	"testing"
 	"time"
 
 	wh_common "github.com/certusone/wormhole/node/pkg/common"
 	"github.com/certusone/wormhole/node/pkg/db"
 	"github.com/certusone/wormhole/node/pkg/governor"
+	"github.com/certusone/wormhole/node/pkg/guardiansigner"
 	nodev1 "github.com/certusone/wormhole/node/pkg/proto/node/v1"
 	"github.com/certusone/wormhole/node/pkg/watchers/evm/connectors"
 	"github.com/certusone/wormhole/node/pkg/watchers/evm/connectors/ethabi"
@@ -88,14 +88,14 @@ func (c mockEVMConnector) SubscribeNewHead(ctx context.Context, ch chan<- *types
 	panic("unimplemented")
 }
 
-func generateGS(num int) (keys []*ecdsa.PrivateKey, addrs []common.Address) {
+func generateGuardianSigners(num int) (signers []guardiansigner.GuardianSigner, addrs []common.Address) {
 	for i := 0; i < num; i++ {
-		key, err := ethcrypto.GenerateKey()
+		signer, err := guardiansigner.GenerateSignerWithPrivatekey(nil)
 		if err != nil {
 			panic(err)
 		}
-		keys = append(keys, key)
-		addrs = append(addrs, ethcrypto.PubkeyToAddress(key.PublicKey))
+		signers = append(signers, signer)
+		addrs = append(addrs, ethcrypto.PubkeyToAddress(signer.PublicKey()))
 	}
 	return
 }
@@ -107,7 +107,7 @@ func addrsToHexStrings(addrs []common.Address) (out []string) {
 	return
 }
 
-func generateMockVAA(gsIndex uint32, gsKeys []*ecdsa.PrivateKey) []byte {
+func generateMockVAA(gsIndex uint32, signers []guardiansigner.GuardianSigner) []byte {
 	v := &vaa.VAA{
 		Version:          1,
 		GuardianSetIndex: gsIndex,
@@ -120,8 +120,20 @@ func generateMockVAA(gsIndex uint32, gsKeys []*ecdsa.PrivateKey) []byte {
 		EmitterAddress:   vaa.Address{},
 		Payload:          []byte("test"),
 	}
-	for i, key := range gsKeys {
-		v.AddSignature(key, uint8(i))
+	for i, signer := range signers {
+		sig, err := signer.Sign(v.SigningDigest().Bytes())
+		if err != nil {
+			panic(err)
+		}
+
+		sigData := [65]byte{}
+		copy(sigData[:], sig)
+
+		v.Signatures = append(v.Signatures, &vaa.Signature{
+			Index:     uint8(i),
+			Signature: sigData,
+		})
+
 	}
 
 	vBytes, err := v.Marshal()
@@ -132,7 +144,7 @@ func generateMockVAA(gsIndex uint32, gsKeys []*ecdsa.PrivateKey) []byte {
 }
 
 func setupAdminServerForVAASigning(gsIndex uint32, gsAddrs []common.Address) *nodePrivilegedService {
-	gk, err := ethcrypto.GenerateKey()
+	guardianSigner, err := guardiansigner.GenerateSignerWithPrivatekey(nil)
 	if err != nil {
 		panic(err)
 	}
@@ -150,8 +162,8 @@ func setupAdminServerForVAASigning(gsIndex uint32, gsAddrs []common.Address) *no
 		signedInC:       nil,
 		governor:        nil,
 		evmConnector:    connector,
-		gk:              gk,
-		guardianAddress: ethcrypto.PubkeyToAddress(gk.PublicKey),
+		guardianSigner:  guardianSigner,
+		guardianAddress: ethcrypto.PubkeyToAddress(guardianSigner.PublicKey()),
 	}
 }
 
@@ -167,10 +179,10 @@ func TestSignExistingVAA_NoVAA(t *testing.T) {
 }
 
 func TestSignExistingVAA_NotGuardian(t *testing.T) {
-	gsKeys, gsAddrs := generateGS(5)
+	signers, gsAddrs := generateGuardianSigners(5)
 	s := setupAdminServerForVAASigning(0, gsAddrs)
 
-	v := generateMockVAA(0, gsKeys)
+	v := generateMockVAA(0, signers)
 
 	_, err := s.SignExistingVAA(context.Background(), &nodev1.SignExistingVAARequest{
 		Vaa:                 v,
@@ -181,10 +193,10 @@ func TestSignExistingVAA_NotGuardian(t *testing.T) {
 }
 
 func TestSignExistingVAA_InvalidVAA(t *testing.T) {
-	gsKeys, gsAddrs := generateGS(5)
+	signers, gsAddrs := generateGuardianSigners(5)
 	s := setupAdminServerForVAASigning(0, gsAddrs)
 
-	v := generateMockVAA(0, gsKeys[:2])
+	v := generateMockVAA(0, signers[:2])
 
 	gsAddrs = append(gsAddrs, s.guardianAddress)
 	_, err := s.SignExistingVAA(context.Background(), &nodev1.SignExistingVAARequest{
@@ -196,10 +208,10 @@ func TestSignExistingVAA_InvalidVAA(t *testing.T) {
 }
 
 func TestSignExistingVAA_DuplicateGuardian(t *testing.T) {
-	gsKeys, gsAddrs := generateGS(5)
+	signers, gsAddrs := generateGuardianSigners(5)
 	s := setupAdminServerForVAASigning(0, gsAddrs)
 
-	v := generateMockVAA(0, gsKeys)
+	v := generateMockVAA(0, signers)
 
 	gsAddrs = append(gsAddrs, s.guardianAddress)
 	gsAddrs = append(gsAddrs, s.guardianAddress)
@@ -212,14 +224,14 @@ func TestSignExistingVAA_DuplicateGuardian(t *testing.T) {
 }
 
 func TestSignExistingVAA_AlreadyGuardian(t *testing.T) {
-	gsKeys, gsAddrs := generateGS(5)
+	signers, gsAddrs := generateGuardianSigners(5)
 	s := setupAdminServerForVAASigning(0, gsAddrs)
 	s.evmConnector = mockEVMConnector{
 		guardianAddrs:    append(gsAddrs, s.guardianAddress),
 		guardianSetIndex: 0,
 	}
 
-	v := generateMockVAA(0, append(gsKeys, s.gk))
+	v := generateMockVAA(0, append(signers, s.guardianSigner))
 
 	gsAddrs = append(gsAddrs, s.guardianAddress)
 	_, err := s.SignExistingVAA(context.Background(), &nodev1.SignExistingVAARequest{
@@ -231,10 +243,10 @@ func TestSignExistingVAA_AlreadyGuardian(t *testing.T) {
 }
 
 func TestSignExistingVAA_NotAFutureGuardian(t *testing.T) {
-	gsKeys, gsAddrs := generateGS(5)
+	signers, gsAddrs := generateGuardianSigners(5)
 	s := setupAdminServerForVAASigning(0, gsAddrs)
 
-	v := generateMockVAA(0, gsKeys)
+	v := generateMockVAA(0, signers)
 
 	_, err := s.SignExistingVAA(context.Background(), &nodev1.SignExistingVAARequest{
 		Vaa:                 v,
@@ -245,10 +257,10 @@ func TestSignExistingVAA_NotAFutureGuardian(t *testing.T) {
 }
 
 func TestSignExistingVAA_CantReachQuorum(t *testing.T) {
-	gsKeys, gsAddrs := generateGS(5)
+	signers, gsAddrs := generateGuardianSigners(5)
 	s := setupAdminServerForVAASigning(0, gsAddrs)
 
-	v := generateMockVAA(0, gsKeys)
+	v := generateMockVAA(0, signers)
 
 	gsAddrs = append(gsAddrs, s.guardianAddress)
 	_, err := s.SignExistingVAA(context.Background(), &nodev1.SignExistingVAARequest{
@@ -260,10 +272,10 @@ func TestSignExistingVAA_CantReachQuorum(t *testing.T) {
 }
 
 func TestSignExistingVAA_Valid(t *testing.T) {
-	gsKeys, gsAddrs := generateGS(5)
+	signers, gsAddrs := generateGuardianSigners(5)
 	s := setupAdminServerForVAASigning(0, gsAddrs)
 
-	v := generateMockVAA(0, gsKeys)
+	v := generateMockVAA(0, signers)
 
 	gsAddrs = append(gsAddrs, s.guardianAddress)
 	res, err := s.SignExistingVAA(context.Background(), &nodev1.SignExistingVAARequest{
@@ -273,7 +285,7 @@ func TestSignExistingVAA_Valid(t *testing.T) {
 	})
 
 	require.NoError(t, err)
-	v2 := generateMockVAA(1, append(gsKeys, s.gk))
+	v2 := generateMockVAA(1, append(signers, s.guardianSigner))
 	require.Equal(t, v2, res.Vaa)
 }
 
@@ -332,7 +344,7 @@ func newNodePrivilegedServiceForGovernorTests() *nodePrivilegedService {
 		signedInC:       nil,
 		governor:        gov,
 		evmConnector:    nil,
-		gk:              nil,
+		guardianSigner:  nil,
 		guardianAddress: common.Address{},
 	}
 }