Merge pull request #165 from vsbogd/use-signer-to-check-signature

Use signer to check signature

blockchain/escrow.go

@@ -78,6 +78,7 @@ type MultiPartyEscrowChannel struct {
 	Value      *big.Int
 	Nonce      *big.Int
 	Expiration *big.Int
+	Signer     common.Address
 }
 
 var zeroAddress = common.Address{}
@@ -102,6 +103,7 @@ func (processor *Processor) MultiPartyEscrowChannel(channelID *big.Int) (channel
 		Value:      ch.Value,
 		Nonce:      ch.Nonce,
 		Expiration: ch.Expiration,
+		Signer:     ch.Signer,
 	}
 
 	log = log.WithField("channel", channel)

escrow/escrow.go

@@ -216,6 +216,7 @@ func (payment *paymentTransaction) Commit() error {
 			Recipient:        payment.channel.Recipient,
 			FullAmount:       payment.channel.FullAmount,
 			Expiration:       payment.channel.Expiration,
+			Signer:           payment.channel.Signer,
 			AuthorizedAmount: payment.payment.Amount,
 			Signature:        payment.payment.Signature,
 			GroupID:          payment.channel.GroupID,

escrow/escrow_test.go

@@ -78,8 +78,9 @@ func (transaction *paymentTransactionMock) Rollback() error {
 type PaymentChannelServiceSuite struct {
 	suite.Suite
 
-	senderPrivateKey   *ecdsa.PrivateKey
 	senderAddress      common.Address
+	signerPrivateKey   *ecdsa.PrivateKey
+	signerAddress      common.Address
 	recipientAddress   common.Address
 	mpeContractAddress common.Address
 	memoryStorage      *memoryStorage
@@ -90,8 +91,9 @@ type PaymentChannelServiceSuite struct {
 }
 
 func (suite *PaymentChannelServiceSuite) SetupSuite() {
-	suite.senderPrivateKey = GenerateTestPrivateKey()
-	suite.senderAddress = crypto.PubkeyToAddress(suite.senderPrivateKey.PublicKey)
+	suite.senderAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
+	suite.signerPrivateKey = GenerateTestPrivateKey()
+	suite.signerAddress = crypto.PubkeyToAddress(suite.signerPrivateKey.PublicKey)
 	suite.recipientAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
 	suite.mpeContractAddress = blockchain.HexToAddress("0xf25186b5081ff5ce73482ad761db0eb0d25abfbf")
 	suite.memoryStorage = NewMemStorage()
@@ -141,6 +143,7 @@ func (suite *PaymentChannelServiceSuite) mpeChannel() *blockchain.MultiPartyEscr
 		Value:      big.NewInt(12345),
 		Nonce:      big.NewInt(3),
 		Expiration: big.NewInt(100),
+		Signer:     suite.signerAddress,
 	}
 }
 
@@ -151,7 +154,7 @@ func (suite *PaymentChannelServiceSuite) payment() *Payment {
 		ChannelNonce: big.NewInt(3),
 		//MpeContractAddress: suite.mpeContractAddress,
 	}
-	SignTestPayment(payment, suite.senderPrivateKey)
+	SignTestPayment(payment, suite.signerPrivateKey)
 	return payment
 }
 
@@ -170,6 +173,7 @@ func (suite *PaymentChannelServiceSuite) channel() *PaymentChannelData {
 		GroupID:          [32]byte{123},
 		FullAmount:       big.NewInt(12345),
 		Expiration:       big.NewInt(100),
+		Signer:           suite.signerAddress,
 		AuthorizedAmount: big.NewInt(0),
 		Signature:        nil,
 	}
@@ -199,10 +203,10 @@ func (suite *PaymentChannelServiceSuite) TestPaymentTransaction() {
 func (suite *PaymentChannelServiceSuite) TestPaymentParallelTransaction() {
 	paymentA := suite.payment()
 	paymentA.Amount = big.NewInt(13)
-	SignTestPayment(paymentA, suite.senderPrivateKey)
+	SignTestPayment(paymentA, suite.signerPrivateKey)
 	paymentB := suite.payment()
 	paymentB.Amount = big.NewInt(17)
-	SignTestPayment(paymentB, suite.senderPrivateKey)
+	SignTestPayment(paymentB, suite.signerPrivateKey)
 
 	transactionA, errA := suite.service.StartPaymentTransaction(paymentA)
 	transactionB, errB := suite.service.StartPaymentTransaction(paymentB)
@@ -221,10 +225,10 @@ func (suite *PaymentChannelServiceSuite) TestPaymentParallelTransaction() {
 func (suite *PaymentChannelServiceSuite) TestPaymentSequentialTransaction() {
 	paymentA := suite.payment()
 	paymentA.Amount = big.NewInt(13)
-	SignTestPayment(paymentA, suite.senderPrivateKey)
+	SignTestPayment(paymentA, suite.signerPrivateKey)
 	paymentB := suite.payment()
 	paymentB.Amount = big.NewInt(17)
-	SignTestPayment(paymentB, suite.senderPrivateKey)
+	SignTestPayment(paymentB, suite.signerPrivateKey)
 
 	transactionA, errA := suite.service.StartPaymentTransaction(paymentA)
 	errAC := transactionA.Commit()
@@ -244,10 +248,10 @@ func (suite *PaymentChannelServiceSuite) TestPaymentSequentialTransaction() {
 func (suite *PaymentChannelServiceSuite) TestPaymentSequentialTransactionAfterRollback() {
 	paymentA := suite.payment()
 	paymentA.Amount = big.NewInt(13)
-	SignTestPayment(paymentA, suite.senderPrivateKey)
+	SignTestPayment(paymentA, suite.signerPrivateKey)
 	paymentB := suite.payment()
 	paymentB.Amount = big.NewInt(13)
-	SignTestPayment(paymentB, suite.senderPrivateKey)
+	SignTestPayment(paymentB, suite.signerPrivateKey)
 
 	transactionA, errA := suite.service.StartPaymentTransaction(paymentA)
 	errAC := transactionA.Rollback()

escrow/payment_channel_api.go

@@ -86,6 +86,9 @@ type PaymentChannelData struct {
 	// expressed in Ethereum block number. Since this block is added to
 	// blockchain Sender can withdraw tokens from channel.
 	Expiration *big.Int
+	// Signer is and address to be used to sign the payments. Usually it is
+	// equal to channel sender.
+	Signer common.Address
 
 	// service provider. This amount increments on price after each successful
 	// RPC call.
@@ -96,8 +99,8 @@ type PaymentChannelData struct {
 }
 
 func (data *PaymentChannelData) String() string {
-	return fmt.Sprintf("{ChannelID: %v, Nonce: %v, State: %v, Sender: %v, Recipient: %v, GroupId: %v, FullAmount: %v, Expiration: %v, AuthorizedAmount: %v, Signature: %v",
-		data.ChannelID, data.Nonce, data.State, blockchain.AddressToHex(&data.Sender), blockchain.AddressToHex(&data.Recipient), data.GroupID, data.FullAmount, data.Expiration, data.AuthorizedAmount, blockchain.BytesToBase64(data.Signature))
+	return fmt.Sprintf("{ChannelID: %v, Nonce: %v, State: %v, Sender: %v, Recipient: %v, GroupId: %v, FullAmount: %v, Expiration: %v, Signer: %v, AuthorizedAmount: %v, Signature: %v",
+		data.ChannelID, data.Nonce, data.State, blockchain.AddressToHex(&data.Sender), blockchain.AddressToHex(&data.Recipient), data.GroupID, data.FullAmount, data.Expiration, data.Signer, data.AuthorizedAmount, blockchain.BytesToBase64(data.Signature))
 }
 
 // PaymentChannelService interface is API for payment channel functionality.

escrow/payment_channel_storage.go

@@ -147,6 +147,7 @@ func (reader *BlockchainChannelReader) GetChannelStateFromBlockchain(key *Paymen
 		GroupID:          ch.GroupId,
 		FullAmount:       ch.Value,
 		Expiration:       ch.Expiration,
+		Signer:           ch.Signer,
 		AuthorizedAmount: big.NewInt(0),
 		Signature:        nil,
 	}, true, nil

escrow/payment_channel_storage_test.go

@@ -26,6 +26,7 @@ type PaymentChannelStorageSuite struct {
 	suite.Suite
 
 	senderAddress    common.Address
+	signerAddress    common.Address
 	recipientAddress common.Address
 	memoryStorage    *memoryStorage
 
@@ -34,6 +35,7 @@ type PaymentChannelStorageSuite struct {
 
 func (suite *PaymentChannelStorageSuite) SetupSuite() {
 	suite.senderAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
+	suite.signerAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
 	suite.recipientAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
 	suite.memoryStorage = NewMemStorage()
 
@@ -61,6 +63,7 @@ func (suite *PaymentChannelStorageSuite) channel() *PaymentChannelData {
 		GroupID:          [32]byte{123},
 		FullAmount:       big.NewInt(12345),
 		Expiration:       big.NewInt(100),
+		Signer:           suite.signerAddress,
 		AuthorizedAmount: big.NewInt(0),
 		Signature:        nil,
 	}
@@ -83,12 +86,14 @@ type BlockchainChannelReaderSuite struct {
 
 	senderAddress    common.Address
 	recipientAddress common.Address
+	signerAddress    common.Address
 
 	reader BlockchainChannelReader
 }
 
 func (suite *BlockchainChannelReaderSuite) SetupSuite() {
 	suite.senderAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
+	suite.signerAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
 	suite.recipientAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
 
 	suite.reader = BlockchainChannelReader{
@@ -115,6 +120,7 @@ func (suite *BlockchainChannelReaderSuite) mpeChannel() *blockchain.MultiPartyEs
 		Value:      big.NewInt(12345),
 		Nonce:      big.NewInt(3),
 		Expiration: big.NewInt(100),
+		Signer:     suite.signerAddress,
 	}
 }
 
@@ -127,6 +133,7 @@ func (suite *BlockchainChannelReaderSuite) channel() *PaymentChannelData {
 		GroupID:          [32]byte{123},
 		FullAmount:       big.NewInt(12345),
 		Expiration:       big.NewInt(100),
+		Signer:           suite.signerAddress,
 		AuthorizedAmount: big.NewInt(0),
 		Signature:        nil,
 	}

escrow/state_service.go

@@ -47,8 +47,8 @@ func (service *PaymentChannelStateService) GetChannelState(context context.Conte
 		return nil, fmt.Errorf("channel is not found, channelId: %v", channelID)
 	}
 
-	if channel.Sender != *sender {
-		return nil, errors.New("only channel sender can get latest channel state")
+	if channel.Signer != *sender {
+		return nil, errors.New("only channel signer can get latest channel state")
 	}
 
 	if channel.Signature == nil {

escrow/state_service_test.go

@@ -13,8 +13,9 @@ import (
 
 type stateServiceTestType struct {
 	service            PaymentChannelStateService
-	senderPrivateKey   *ecdsa.PrivateKey
 	senderAddress      common.Address
+	signerPrivateKey   *ecdsa.PrivateKey
+	signerAddress      common.Address
 	channelServiceMock *paymentChannelServiceMock
 
 	defaultChannelId   *big.Int
@@ -26,8 +27,9 @@ type stateServiceTestType struct {
 
 var stateServiceTest = func() stateServiceTestType {
 	channelServiceMock := &paymentChannelServiceMock{}
-	senderPrivateKey := GenerateTestPrivateKey()
-	senderAddress := crypto.PubkeyToAddress(senderPrivateKey.PublicKey)
+	senderAddress := crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
+	signerPrivateKey := GenerateTestPrivateKey()
+	signerAddress := crypto.PubkeyToAddress(signerPrivateKey.PublicKey)
 
 	defaultChannelId := big.NewInt(42)
 	defaultSignature, err := hex.DecodeString("0504030201")
@@ -39,22 +41,24 @@ var stateServiceTest = func() stateServiceTestType {
 		service: PaymentChannelStateService{
 			channelService: channelServiceMock,
 		},
-		senderPrivateKey:   senderPrivateKey,
 		senderAddress:      senderAddress,
+		signerPrivateKey:   signerPrivateKey,
+		signerAddress:      signerAddress,
 		channelServiceMock: channelServiceMock,
 
 		defaultChannelId:  defaultChannelId,
 		defaultChannelKey: &PaymentChannelKey{ID: defaultChannelId},
 		defaultChannelData: &PaymentChannelData{
 			ChannelID:        defaultChannelId,
 			Sender:           senderAddress,
+			Signer:           signerAddress,
 			Signature:        defaultSignature,
 			Nonce:            big.NewInt(3),
 			AuthorizedAmount: big.NewInt(12345),
 		},
 		defaultRequest: &ChannelStateRequest{
 			ChannelId: bigIntToBytes(defaultChannelId),
-			Signature: getSignature(bigIntToBytes(defaultChannelId), senderPrivateKey),
+			Signature: getSignature(bigIntToBytes(defaultChannelId), signerPrivateKey),
 		},
 		defaultReply: &ChannelStateReply{
 			CurrentNonce:        bigIntToBytes(big.NewInt(3)),
@@ -89,7 +93,7 @@ func TestGetChannelStateChannelIdIsNotPaddedByZero(t *testing.T) {
 		nil,
 		&ChannelStateRequest{
 			ChannelId: []byte{0xFF},
-			Signature: getSignature(bigIntToBytes(channelId), stateServiceTest.senderPrivateKey),
+			Signature: getSignature(bigIntToBytes(channelId), stateServiceTest.signerPrivateKey),
 		},
 	)
 
@@ -128,7 +132,7 @@ func TestGetChannelStateChannelNotFound(t *testing.T) {
 		nil,
 		&ChannelStateRequest{
 			ChannelId: bigIntToBytes(channelId),
-			Signature: getSignature(bigIntToBytes(channelId), stateServiceTest.senderPrivateKey),
+			Signature: getSignature(bigIntToBytes(channelId), stateServiceTest.signerPrivateKey),
 		},
 	)
 
@@ -153,7 +157,7 @@ func TestGetChannelStateIncorrectSender(t *testing.T) {
 		},
 	)
 
-	assert.Equal(t, errors.New("only channel sender can get latest channel state"), err)
+	assert.Equal(t, errors.New("only channel signer can get latest channel state"), err)
 	assert.Nil(t, reply)
 }
 

escrow/validation.go

@@ -45,9 +45,9 @@ func (validator *ChannelPaymentValidator) Validate(payment *Payment, channel *Pa
 	}
 
 	log = log.WithField("signerAddress", blockchain.AddressToHex(signerAddress))
-	if *signerAddress != channel.Sender {
-		log.WithField("signerAddress", blockchain.AddressToHex(signerAddress)).Warn("Channel sender is not equal to payment signer")
-		return NewPaymentError(Unauthenticated, "payment is not signed by channel sender")
+	if *signerAddress != channel.Signer {
+		log.WithField("signerAddress", blockchain.AddressToHex(signerAddress)).Warn("Channel signer is not equal to payment signer")
+		return NewPaymentError(Unauthenticated, "payment is not signed by channel signer")
 	}
 	currentBlock, e := validator.currentBlock()
 	if e != nil {

escrow/validation_test.go

@@ -59,8 +59,9 @@ func GenerateTestPrivateKey() (privateKey *ecdsa.PrivateKey) {
 type ValidationTestSuite struct {
 	suite.Suite
 
-	senderPrivateKey   *ecdsa.PrivateKey
 	senderAddress      common.Address
+	signerPrivateKey   *ecdsa.PrivateKey
+	signerAddress      common.Address
 	recipientAddress   common.Address
 	mpeContractAddress common.Address
 
@@ -72,8 +73,9 @@ func TestValidationTestSuite(t *testing.T) {
 }
 
 func (suite *ValidationTestSuite) SetupSuite() {
-	suite.senderPrivateKey = GenerateTestPrivateKey()
-	suite.senderAddress = crypto.PubkeyToAddress(suite.senderPrivateKey.PublicKey)
+	suite.senderAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
+	suite.signerPrivateKey = GenerateTestPrivateKey()
+	suite.signerAddress = crypto.PubkeyToAddress(suite.signerPrivateKey.PublicKey)
 	suite.recipientAddress = crypto.PubkeyToAddress(GenerateTestPrivateKey().PublicKey)
 	suite.mpeContractAddress = blockchain.HexToAddress("0xf25186b5081ff5ce73482ad761db0eb0d25abfbf")
 
@@ -90,7 +92,7 @@ func (suite *ValidationTestSuite) payment() *Payment {
 		ChannelNonce:       big.NewInt(3),
 		MpeContractAddress: suite.mpeContractAddress,
 	}
-	SignTestPayment(payment, suite.senderPrivateKey)
+	SignTestPayment(payment, suite.signerPrivateKey)
 	return payment
 }
 
@@ -103,6 +105,7 @@ func (suite *ValidationTestSuite) channel() *PaymentChannelData {
 		GroupID:          [32]byte{123},
 		FullAmount:       big.NewInt(12345),
 		Expiration:       big.NewInt(100),
+		Signer:           suite.signerAddress,
 		AuthorizedAmount: big.NewInt(12300),
 		Signature:        nil,
 	}
@@ -120,7 +123,7 @@ func (suite *ValidationTestSuite) TestPaymentIsValid() {
 func (suite *ValidationTestSuite) TestValidatePaymentChannelNonce() {
 	payment := suite.payment()
 	payment.ChannelNonce = big.NewInt(2)
-	SignTestPayment(payment, suite.senderPrivateKey)
+	SignTestPayment(payment, suite.signerPrivateKey)
 	channel := suite.channel()
 	channel.Nonce = big.NewInt(3)
 
@@ -153,7 +156,7 @@ func (suite *ValidationTestSuite) TestValidatePaymentIncorrectSigner() {
 
 	err := suite.validator.Validate(payment, suite.channel())
 
-	assert.Equal(suite.T(), NewPaymentError(Unauthenticated, "payment is not signed by channel sender"), err)
+	assert.Equal(suite.T(), NewPaymentError(Unauthenticated, "payment is not signed by channel signer"), err)
 }
 
 func (suite *ValidationTestSuite) TestValidatePaymentChannelCannotGetCurrentBlock() {
@@ -195,7 +198,7 @@ func (suite *ValidationTestSuite) TestValidatePaymentChannelExpirationThreshold(
 func (suite *ValidationTestSuite) TestValidatePaymentAmountIsTooBig() {
 	payment := suite.payment()
 	payment.Amount = big.NewInt(12346)
-	SignTestPayment(payment, suite.senderPrivateKey)
+	SignTestPayment(payment, suite.signerPrivateKey)
 	channel := suite.channel()
 	channel.FullAmount = big.NewInt(12345)