mithril_common/certificate_chain/
certificate_verifier.rs

1//! A module used to validate the Certificate Chain created by an aggregator
2//!
3use anyhow::{Context, anyhow};
4use async_trait::async_trait;
5use hex::ToHex;
6use slog::{Logger, debug};
7use std::sync::Arc;
8use thiserror::Error;
9
10use super::CertificateRetriever;
11use crate::StdResult;
12use crate::crypto_helper::{
13    ProtocolAggregateVerificationKey, ProtocolGenesisError, ProtocolGenesisVerificationKey,
14    ProtocolMultiSignature,
15};
16use crate::entities::{
17    Certificate, CertificateSignature, ProtocolMessagePartKey, ProtocolParameters,
18};
19use crate::logging::LoggerExtensions;
20
21#[cfg(test)]
22use mockall::automock;
23
24/// [CertificateVerifier] related errors.
25#[derive(Error, Debug)]
26pub enum CertificateVerifierError {
27    /// Error raised when the multi signatures verification fails.
28    #[error("multi signature verification failed: '{0}'")]
29    VerifyMultiSignature(String),
30
31    /// Error raised when the Genesis Signature stored in a [Certificate] is invalid.
32    #[error("certificate genesis error")]
33    CertificateGenesis(#[from] ProtocolGenesisError),
34
35    /// Error raised when the hash stored in a [Certificate] doesn't match a recomputed hash.
36    #[error("certificate hash unmatch error")]
37    CertificateHashUnmatch,
38
39    /// Error raised when validating the certificate chain if a previous [Certificate] hash isn't
40    /// equal to the current certificate `previous_hash`.
41    #[error("certificate chain previous hash unmatch error")]
42    CertificateChainPreviousHashUnmatch,
43
44    /// Error raised when validating the certificate chain if the current [Certificate]
45    /// `signed_message` doesn't match the hash of the `protocol_message` of the current certificate
46    #[error("certificate protocol message unmatch error")]
47    CertificateProtocolMessageUnmatch,
48
49    /// Error raised when validating the certificate chain if the current [Certificate]
50    /// `aggregate_verification_key` doesn't match the signed `next_aggregate_verification_key` of the previous certificate
51    /// (if the certificates are on different epoch) or the `aggregate_verification_key` of the previous certificate
52    /// (if the certificates are on the same epoch).
53    #[error("certificate chain AVK unmatch error")]
54    CertificateChainAVKUnmatch,
55
56    /// Error raised when validating the certificate chain if the current [Certificate]
57    /// `protocol_parameters` don't match the signed `next_protocol_parameters` of the previous certificate
58    /// (if the certificates are on different epoch) or the `protocol_parameters` of the previous certificate
59    /// (if the certificates are on the same epoch).
60    #[error("certificate chain protocol parameters unmatch error")]
61    CertificateChainProtocolParametersUnmatch,
62
63    /// Error raised when validating the certificate chain if the current [Certificate]
64    /// `epoch` doesn't match the signed `current_epoch` of the current certificate
65    #[error("certificate epoch unmatch error")]
66    CertificateEpochUnmatch,
67
68    /// Error raised when validating the certificate chain if the current [Certificate]
69    /// `epoch` is neither equal to the previous certificate `epoch` nor to the previous certificate `epoch - 1`
70    #[error("certificate chain missing epoch error")]
71    CertificateChainMissingEpoch,
72
73    /// Error raised when validating the certificate chain if the chain loops.
74    #[error("certificate chain infinite loop error")]
75    CertificateChainInfiniteLoop,
76
77    /// Error raised when [CertificateVerifier::verify_genesis_certificate] was called with a
78    /// certificate that's not a genesis certificate.
79    #[error("can't validate genesis certificate: given certificate isn't a genesis certificate")]
80    InvalidGenesisCertificateProvided,
81
82    /// Error raised when [CertificateVerifier::verify_standard_certificate] was called with a
83    /// certificate that's not a standard certificate.
84    #[error("can't validate standard certificate: given certificate isn't a standard certificate")]
85    InvalidStandardCertificateProvided,
86}
87
88/// CertificateVerifier is the cryptographic engine in charge of verifying multi signatures and
89/// [certificates](Certificate)
90#[cfg_attr(test, automock)]
91#[cfg_attr(target_family = "wasm", async_trait(?Send))]
92#[cfg_attr(not(target_family = "wasm"), async_trait)]
93pub trait CertificateVerifier: Send + Sync {
94    /// Verify Genesis certificate
95    async fn verify_genesis_certificate(
96        &self,
97        genesis_certificate: &Certificate,
98        genesis_verification_key: &ProtocolGenesisVerificationKey,
99    ) -> StdResult<()>;
100
101    /// Verify Standard certificate
102    async fn verify_standard_certificate(
103        &self,
104        certificate: &Certificate,
105        previous_certificate: &Certificate,
106    ) -> StdResult<()>;
107
108    /// Verify if a Certificate is valid and returns the previous Certificate in the chain if exists
109    async fn verify_certificate(
110        &self,
111        certificate: &Certificate,
112        genesis_verification_key: &ProtocolGenesisVerificationKey,
113    ) -> StdResult<Option<Certificate>>;
114
115    /// Verify that the Certificate Chain associated to a Certificate is valid
116    async fn verify_certificate_chain(
117        &self,
118        certificate: Certificate,
119        genesis_verification_key: &ProtocolGenesisVerificationKey,
120    ) -> StdResult<()> {
121        let mut certificate = certificate;
122        while let Some(previous_certificate) = self
123            .verify_certificate(&certificate, genesis_verification_key)
124            .await?
125        {
126            certificate = previous_certificate;
127        }
128
129        Ok(())
130    }
131}
132
133/// MithrilCertificateVerifier is an implementation of the CertificateVerifier
134pub struct MithrilCertificateVerifier {
135    logger: Logger,
136    certificate_retriever: Arc<dyn CertificateRetriever>,
137}
138
139impl MithrilCertificateVerifier {
140    /// MithrilCertificateVerifier factory
141    pub fn new(logger: Logger, certificate_retriever: Arc<dyn CertificateRetriever>) -> Self {
142        debug!(logger, "New MithrilCertificateVerifier created");
143        Self {
144            logger: logger.new_with_component_name::<Self>(),
145            certificate_retriever,
146        }
147    }
148
149    async fn fetch_previous_certificate(
150        &self,
151        certificate: &Certificate,
152    ) -> StdResult<Certificate> {
153        self.certificate_retriever
154            .get_certificate_details(&certificate.previous_hash)
155            .await
156            .map_err(|e| anyhow!(e))
157            .with_context(|| "Can not retrieve previous certificate during verification")
158    }
159
160    fn verify_multi_signature(
161        &self,
162        message: &[u8],
163        multi_signature: &ProtocolMultiSignature,
164        aggregate_verification_key: &ProtocolAggregateVerificationKey,
165        protocol_parameters: &ProtocolParameters,
166    ) -> Result<(), CertificateVerifierError> {
167        debug!(
168            self.logger,
169            "Verify multi signature for {:?}",
170            message.encode_hex::<String>()
171        );
172
173        multi_signature
174            .verify(
175                message,
176                aggregate_verification_key,
177                &protocol_parameters.to_owned().into(),
178            )
179            .map_err(|e| CertificateVerifierError::VerifyMultiSignature(e.to_string()))
180    }
181
182    fn verify_is_not_in_infinite_loop(&self, certificate: &Certificate) -> StdResult<()> {
183        if certificate.is_chaining_to_itself() {
184            return Err(anyhow!(
185                CertificateVerifierError::CertificateChainInfiniteLoop
186            ));
187        }
188
189        Ok(())
190    }
191
192    fn verify_hash_matches_content(&self, certificate: &Certificate) -> StdResult<()> {
193        if certificate.compute_hash() != certificate.hash {
194            return Err(anyhow!(CertificateVerifierError::CertificateHashUnmatch));
195        }
196
197        Ok(())
198    }
199
200    fn verify_previous_hash_matches_previous_certificate_hash(
201        &self,
202        certificate: &Certificate,
203        previous_certificate: &Certificate,
204    ) -> StdResult<()> {
205        if previous_certificate.hash != certificate.previous_hash {
206            return Err(anyhow!(
207                CertificateVerifierError::CertificateChainPreviousHashUnmatch
208            ));
209        }
210
211        Ok(())
212    }
213
214    fn verify_signed_message_matches_hashed_protocol_message(
215        &self,
216        certificate: &Certificate,
217    ) -> StdResult<()> {
218        if certificate.protocol_message.compute_hash() != certificate.signed_message {
219            return Err(anyhow!(
220                CertificateVerifierError::CertificateProtocolMessageUnmatch
221            ));
222        }
223
224        Ok(())
225    }
226
227    fn verify_epoch_matches_protocol_message(&self, certificate: &Certificate) -> StdResult<()> {
228        if let Some(signed_epoch) = &certificate
229            .protocol_message
230            .get_message_part(&ProtocolMessagePartKey::CurrentEpoch)
231        {
232            if **signed_epoch == certificate.epoch.to_string() {
233                return Ok(());
234            }
235        }
236
237        Err(anyhow!(CertificateVerifierError::CertificateEpochUnmatch))
238    }
239
240    fn verify_epoch_chaining(
241        &self,
242        certificate: &Certificate,
243        previous_certificate: &Certificate,
244    ) -> StdResult<()> {
245        if certificate.epoch.has_gap_with(&previous_certificate.epoch) {
246            return Err(anyhow!(
247                CertificateVerifierError::CertificateChainMissingEpoch
248            ));
249        }
250
251        Ok(())
252    }
253
254    fn verify_aggregate_verification_key_chaining(
255        &self,
256        certificate: &Certificate,
257        previous_certificate: &Certificate,
258    ) -> StdResult<()> {
259        let previous_certificate_has_same_epoch = previous_certificate.epoch == certificate.epoch;
260        let certificate_has_valid_aggregate_verification_key =
261            if previous_certificate_has_same_epoch {
262                previous_certificate.aggregate_verification_key
263                    == certificate.aggregate_verification_key
264            } else {
265                match &previous_certificate
266                    .protocol_message
267                    .get_message_part(&ProtocolMessagePartKey::NextAggregateVerificationKey)
268                {
269                    Some(previous_certificate_next_aggregate_verification_key) => {
270                        **previous_certificate_next_aggregate_verification_key
271                            == certificate
272                                .aggregate_verification_key
273                                .to_json_hex()
274                                .with_context(|| {
275                                    format!(
276                                    "aggregate verification key to string conversion error for certificate: `{}`",
277                                    certificate.hash
278                                )
279                                })?
280                    }
281                    None => false,
282                }
283            };
284        if !certificate_has_valid_aggregate_verification_key {
285            debug!(
286                self.logger,
287                "Previous certificate {:#?}", previous_certificate
288            );
289            return Err(anyhow!(
290                CertificateVerifierError::CertificateChainAVKUnmatch
291            ));
292        }
293
294        Ok(())
295    }
296
297    fn verify_protocol_parameters_chaining(
298        &self,
299        certificate: &Certificate,
300        previous_certificate: &Certificate,
301    ) -> StdResult<()> {
302        let previous_certificate_has_same_epoch = previous_certificate.epoch == certificate.epoch;
303        let certificate_has_valid_protocol_parameters = if previous_certificate_has_same_epoch {
304            previous_certificate.metadata.protocol_parameters
305                == certificate.metadata.protocol_parameters
306        } else {
307            match &previous_certificate
308                .protocol_message
309                .get_message_part(&ProtocolMessagePartKey::NextProtocolParameters)
310            {
311                Some(previous_certificate_next_protocol_parameters) => {
312                    **previous_certificate_next_protocol_parameters
313                        == certificate.metadata.protocol_parameters.compute_hash()
314                }
315                None => false,
316            }
317        };
318        if !certificate_has_valid_protocol_parameters {
319            debug!(
320                self.logger,
321                "Previous certificate {:#?}", previous_certificate
322            );
323            return Err(anyhow!(
324                CertificateVerifierError::CertificateChainProtocolParametersUnmatch
325            ));
326        }
327
328        Ok(())
329    }
330}
331
332#[cfg_attr(target_family = "wasm", async_trait(?Send))]
333#[cfg_attr(not(target_family = "wasm"), async_trait)]
334impl CertificateVerifier for MithrilCertificateVerifier {
335    async fn verify_genesis_certificate(
336        &self,
337        genesis_certificate: &Certificate,
338        genesis_verification_key: &ProtocolGenesisVerificationKey,
339    ) -> StdResult<()> {
340        let genesis_signature = match &genesis_certificate.signature {
341            CertificateSignature::GenesisSignature(signature) => Ok(signature),
342            _ => Err(CertificateVerifierError::InvalidGenesisCertificateProvided),
343        }?;
344        self.verify_hash_matches_content(genesis_certificate)?;
345        self.verify_signed_message_matches_hashed_protocol_message(genesis_certificate)?;
346        genesis_verification_key
347            .verify(
348                genesis_certificate.signed_message.as_bytes(),
349                genesis_signature,
350            )
351            .with_context(|| "Certificate verifier failed verifying a genesis certificate")?;
352        self.verify_epoch_matches_protocol_message(genesis_certificate)?;
353
354        Ok(())
355    }
356
357    async fn verify_standard_certificate(
358        &self,
359        certificate: &Certificate,
360        previous_certificate: &Certificate,
361    ) -> StdResult<()> {
362        let multi_signature = match &certificate.signature {
363            CertificateSignature::MultiSignature(_, signature) => Ok(signature),
364            _ => Err(CertificateVerifierError::InvalidStandardCertificateProvided),
365        }?;
366        self.verify_is_not_in_infinite_loop(certificate)?;
367        self.verify_hash_matches_content(certificate)?;
368        self.verify_signed_message_matches_hashed_protocol_message(certificate)?;
369        self.verify_multi_signature(
370            certificate.signed_message.as_bytes(),
371            multi_signature,
372            &certificate.aggregate_verification_key,
373            &certificate.metadata.protocol_parameters,
374        )?;
375        self.verify_epoch_matches_protocol_message(certificate)?;
376        self.verify_epoch_chaining(certificate, previous_certificate)?;
377        self.verify_previous_hash_matches_previous_certificate_hash(
378            certificate,
379            previous_certificate,
380        )?;
381        self.verify_aggregate_verification_key_chaining(certificate, previous_certificate)?;
382        self.verify_protocol_parameters_chaining(certificate, previous_certificate)?;
383
384        Ok(())
385    }
386
387    /// Verify a certificate
388    async fn verify_certificate(
389        &self,
390        certificate: &Certificate,
391        genesis_verification_key: &ProtocolGenesisVerificationKey,
392    ) -> StdResult<Option<Certificate>> {
393        debug!(
394            self.logger, "Verifying certificate";
395            "certificate_hash" => &certificate.hash,
396            "certificate_previous_hash" => &certificate.previous_hash,
397            "certificate_epoch" => ?certificate.epoch,
398            "certificate_signed_entity_type" => ?certificate.signed_entity_type(),
399        );
400
401        match &certificate.signature {
402            CertificateSignature::GenesisSignature(_) => {
403                self.verify_genesis_certificate(certificate, genesis_verification_key)
404                    .await?;
405
406                Ok(None)
407            }
408            CertificateSignature::MultiSignature(_, _) => {
409                let previous_certificate = self.fetch_previous_certificate(certificate).await?;
410                self.verify_standard_certificate(certificate, &previous_certificate)
411                    .await?;
412
413                Ok(Some(previous_certificate))
414            }
415        }
416    }
417}
418
419#[cfg(test)]
420mod tests {
421    use std::collections::HashMap;
422
423    use async_trait::async_trait;
424    use mockall::mock;
425    use tokio::sync::Mutex;
426
427    use super::CertificateRetriever;
428    use super::*;
429
430    use crate::certificate_chain::{CertificateRetrieverError, FakeCertificaterRetriever};
431    use crate::crypto_helper::{ProtocolClerk, tests_setup::*};
432    use crate::test_utils::{
433        CertificateChainBuilder, CertificateChainBuilderContext, MithrilFixtureBuilder, TestLogger,
434    };
435
436    macro_rules! assert_error_matches {
437        ( $expected_error:path, $error:expr ) => {{
438            let error = $error
439                .downcast_ref::<CertificateVerifierError>()
440                .expect("Can not downcast to `CertificateVerifierError`.");
441            let expected_error = $expected_error;
442
443            assert!(
444                matches!(error, $expected_error),
445                "unexpected error type: got {error:?}, want {expected_error:?}"
446            );
447        }};
448    }
449
450    mock! {
451        pub CertificateRetrieverImpl { }
452
453        #[async_trait]
454        impl CertificateRetriever for CertificateRetrieverImpl {
455
456            async fn get_certificate_details(
457                &self,
458                certificate_hash: &str,
459            ) -> Result<Certificate, CertificateRetrieverError>;
460        }
461    }
462
463    struct MockDependencyInjector {
464        mock_certificate_retriever: MockCertificateRetrieverImpl,
465    }
466
467    impl MockDependencyInjector {
468        fn new() -> MockDependencyInjector {
469            MockDependencyInjector {
470                mock_certificate_retriever: MockCertificateRetrieverImpl::new(),
471            }
472        }
473
474        fn build_certificate_verifier(self) -> MithrilCertificateVerifier {
475            MithrilCertificateVerifier::new(
476                TestLogger::stdout(),
477                Arc::new(self.mock_certificate_retriever),
478            )
479        }
480    }
481
482    #[test]
483    fn verify_multi_signature_success() {
484        let protocol_parameters = setup_protocol_parameters();
485        let fixture = MithrilFixtureBuilder::default()
486            .with_signers(5)
487            .with_protocol_parameters(protocol_parameters.into())
488            .build();
489        let signers = fixture.signers_fixture();
490        let message_hash = setup_message().compute_hash().as_bytes().to_vec();
491
492        let single_signatures = signers
493            .iter()
494            .filter_map(|s| s.protocol_signer.sign(&message_hash))
495            .collect::<Vec<_>>();
496
497        let first_signer = &signers[0].protocol_signer;
498        let clerk = ProtocolClerk::from_signer(first_signer);
499        let aggregate_verification_key = clerk.compute_avk().into();
500        let multi_signature = clerk.aggregate(&single_signatures, &message_hash).unwrap().into();
501
502        let verifier = MithrilCertificateVerifier::new(
503            TestLogger::stdout(),
504            Arc::new(MockCertificateRetrieverImpl::new()),
505        );
506        let message_tampered = message_hash[1..].to_vec();
507        assert!(
508            verifier
509                .verify_multi_signature(
510                    &message_tampered,
511                    &multi_signature,
512                    &aggregate_verification_key,
513                    &fixture.protocol_parameters(),
514                )
515                .is_err(),
516            "multi signature verification should have failed"
517        );
518        verifier
519            .verify_multi_signature(
520                &message_hash,
521                &multi_signature,
522                &aggregate_verification_key,
523                &fixture.protocol_parameters(),
524            )
525            .expect("multi signature verification should have succeeded");
526    }
527
528    #[tokio::test]
529    async fn verify_genesis_certificate_success() {
530        let (total_certificates, certificates_per_epoch) = (5, 1);
531        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
532        let verifier = MockDependencyInjector::new().build_certificate_verifier();
533        let genesis_certificate = fake_certificates.genesis_certificate();
534
535        let verify = verifier
536            .verify_genesis_certificate(
537                genesis_certificate,
538                &fake_certificates.genesis_verifier.to_verification_key(),
539            )
540            .await;
541
542        verify.expect("verify_genesis_certificate should not fail");
543    }
544
545    #[tokio::test]
546    async fn verify_genesis_certificate_fails_if_is_not_genesis() {
547        let (total_certificates, certificates_per_epoch) = (5, 1);
548        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
549        let verifier = MockDependencyInjector::new().build_certificate_verifier();
550        let standard_certificate = fake_certificates[0].clone();
551        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
552        genesis_certificate.signature = standard_certificate.signature.clone();
553        genesis_certificate.hash = genesis_certificate.compute_hash();
554
555        let error = verifier
556            .verify_genesis_certificate(
557                &genesis_certificate,
558                &fake_certificates.genesis_verifier.to_verification_key(),
559            )
560            .await
561            .expect_err("verify_genesis_certificate should fail");
562
563        assert_error_matches!(
564            CertificateVerifierError::InvalidGenesisCertificateProvided,
565            error
566        )
567    }
568
569    #[tokio::test]
570    async fn verify_genesis_certificate_fails_if_hash_unmatch() {
571        let (total_certificates, certificates_per_epoch) = (5, 1);
572        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
573        let verifier = MockDependencyInjector::new().build_certificate_verifier();
574        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
575        genesis_certificate.hash = "another-hash".to_string();
576
577        let error = verifier
578            .verify_genesis_certificate(
579                &genesis_certificate,
580                &fake_certificates.genesis_verifier.to_verification_key(),
581            )
582            .await
583            .expect_err("verify_genesis_certificate should fail");
584
585        assert_error_matches!(CertificateVerifierError::CertificateHashUnmatch, error)
586    }
587
588    #[tokio::test]
589    async fn verify_genesis_certificate_fails_if_protocol_message_unmatch() {
590        let (total_certificates, certificates_per_epoch) = (5, 1);
591        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
592        let verifier = MockDependencyInjector::new().build_certificate_verifier();
593        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
594        genesis_certificate.protocol_message.set_message_part(
595            ProtocolMessagePartKey::CurrentEpoch,
596            "another-value".to_string(),
597        );
598        genesis_certificate.hash = genesis_certificate.compute_hash();
599
600        let error = verifier
601            .verify_genesis_certificate(
602                &genesis_certificate,
603                &fake_certificates.genesis_verifier.to_verification_key(),
604            )
605            .await
606            .expect_err("verify_genesis_certificate should fail");
607
608        assert_error_matches!(
609            CertificateVerifierError::CertificateProtocolMessageUnmatch,
610            error
611        )
612    }
613
614    #[tokio::test]
615    async fn verify_genesis_certificate_fails_if_epoch_unmatch() {
616        let (total_certificates, certificates_per_epoch) = (5, 1);
617        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
618        let verifier = MockDependencyInjector::new().build_certificate_verifier();
619        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
620        genesis_certificate.epoch -= 1;
621        genesis_certificate.hash = genesis_certificate.compute_hash();
622
623        let error = verifier
624            .verify_genesis_certificate(
625                &genesis_certificate,
626                &fake_certificates.genesis_verifier.to_verification_key(),
627            )
628            .await
629            .expect_err("verify_genesis_certificate should fail");
630
631        assert_error_matches!(CertificateVerifierError::CertificateEpochUnmatch, error)
632    }
633
634    #[tokio::test]
635    async fn verify_standard_certificate_success_with_different_epochs_as_previous() {
636        let (total_certificates, certificates_per_epoch) = (5, 1);
637        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
638        let verifier = MockDependencyInjector::new().build_certificate_verifier();
639        let certificate = fake_certificates[0].clone();
640        let previous_certificate = fake_certificates[1].clone();
641
642        let verify = verifier
643            .verify_standard_certificate(&certificate, &previous_certificate)
644            .await;
645
646        verify.expect("verify_standard_certificate should not fail");
647    }
648
649    #[tokio::test]
650    async fn verify_standard_certificate_success_with_same_epoch_as_previous() {
651        let (total_certificates, certificates_per_epoch) = (5, 2);
652        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
653        let verifier = MockDependencyInjector::new().build_certificate_verifier();
654        let certificate = fake_certificates[0].clone();
655        let previous_certificate = fake_certificates[1].clone();
656
657        let verify = verifier
658            .verify_standard_certificate(&certificate, &previous_certificate)
659            .await;
660
661        verify.expect("verify_standard_certificate should not fail");
662    }
663
664    #[tokio::test]
665    async fn verify_standard_certificate_fails_if_is_not_genesis() {
666        let (total_certificates, certificates_per_epoch) = (5, 1);
667        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
668        let verifier = MockDependencyInjector::new().build_certificate_verifier();
669        let genesis_certificate = fake_certificates.genesis_certificate();
670        let mut standard_certificate = fake_certificates[0].clone();
671        standard_certificate.signature = genesis_certificate.signature.clone();
672        standard_certificate.hash = standard_certificate.compute_hash();
673        let standard_previous_certificate = fake_certificates[1].clone();
674
675        let error = verifier
676            .verify_standard_certificate(&standard_certificate, &standard_previous_certificate)
677            .await
678            .expect_err("verify_standard_certificate should fail");
679
680        assert_error_matches!(
681            CertificateVerifierError::InvalidStandardCertificateProvided,
682            error
683        )
684    }
685
686    #[tokio::test]
687    async fn verify_standard_certificate_fails_if_infinite_loop() {
688        let (total_certificates, certificates_per_epoch) = (5, 1);
689        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
690        let verifier = MockDependencyInjector::new().build_certificate_verifier();
691        let mut certificate = fake_certificates[0].clone();
692        certificate.previous_hash = certificate.hash.clone();
693        let previous_certificate = fake_certificates[1].clone();
694
695        let error = verifier
696            .verify_standard_certificate(&certificate, &previous_certificate)
697            .await
698            .expect_err("verify_standard_certificate should fail");
699
700        assert_error_matches!(
701            CertificateVerifierError::CertificateChainInfiniteLoop,
702            error
703        )
704    }
705
706    #[tokio::test]
707    async fn verify_standard_certificate_fails_if_hash_unmatch() {
708        let (total_certificates, certificates_per_epoch) = (5, 1);
709        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
710        let verifier = MockDependencyInjector::new().build_certificate_verifier();
711        let mut certificate = fake_certificates[0].clone();
712        certificate.hash = "another-hash".to_string();
713        let previous_certificate = fake_certificates[1].clone();
714
715        let error = verifier
716            .verify_standard_certificate(&certificate, &previous_certificate)
717            .await
718            .expect_err("verify_standard_certificate should fail");
719
720        assert_error_matches!(CertificateVerifierError::CertificateHashUnmatch, error)
721    }
722
723    #[tokio::test]
724    async fn verify_standard_certificate_fails_if_protocol_message_unmatch() {
725        let (total_certificates, certificates_per_epoch) = (5, 1);
726        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
727        let verifier = MockDependencyInjector::new().build_certificate_verifier();
728        let mut certificate = fake_certificates[0].clone();
729        certificate.protocol_message.set_message_part(
730            ProtocolMessagePartKey::CurrentEpoch,
731            "another-value".to_string(),
732        );
733        certificate.hash = certificate.compute_hash();
734        let previous_certificate = fake_certificates[1].clone();
735
736        let error = verifier
737            .verify_standard_certificate(&certificate, &previous_certificate)
738            .await
739            .expect_err("verify_standard_certificate should fail");
740
741        assert_error_matches!(
742            CertificateVerifierError::CertificateProtocolMessageUnmatch,
743            error
744        )
745    }
746
747    #[tokio::test]
748    async fn verify_standard_certificate_fails_if_epoch_unmatch() {
749        let (total_certificates, certificates_per_epoch) = (5, 1);
750        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
751        let verifier = MockDependencyInjector::new().build_certificate_verifier();
752        let mut certificate = fake_certificates[0].clone();
753        certificate.epoch -= 1;
754        certificate.hash = certificate.compute_hash();
755        let previous_certificate = fake_certificates[1].clone();
756
757        let error = verifier
758            .verify_standard_certificate(&certificate, &previous_certificate)
759            .await
760            .expect_err("verify_standard_certificate should fail");
761
762        assert_error_matches!(CertificateVerifierError::CertificateEpochUnmatch, error)
763    }
764
765    #[tokio::test]
766    async fn verify_standard_certificate_fails_if_has_missing_epoch() {
767        fn create_epoch_gap_certificate(
768            certificate: Certificate,
769            context: &CertificateChainBuilderContext,
770        ) -> Certificate {
771            let fixture = context.fixture;
772            let modified_epoch = certificate.epoch + 1;
773            let mut protocol_message = certificate.protocol_message.to_owned();
774            protocol_message.set_message_part(
775                ProtocolMessagePartKey::CurrentEpoch,
776                modified_epoch.to_string(),
777            );
778            let signed_message = protocol_message.compute_hash();
779            let mut modified_certificate = certificate;
780            modified_certificate.epoch = modified_epoch;
781            modified_certificate.protocol_message = protocol_message;
782            modified_certificate.signed_message = signed_message.clone();
783            let single_signatures = fixture
784                .signers_fixture()
785                .iter()
786                .filter_map(|s| s.protocol_signer.sign(signed_message.as_bytes()))
787                .collect::<Vec<_>>();
788            let clerk = ProtocolClerk::from_signer(&fixture.signers_fixture()[0].protocol_signer);
789            let modified_multi_signature = clerk
790                .aggregate(&single_signatures, signed_message.as_bytes())
791                .unwrap();
792            modified_certificate.signature = CertificateSignature::MultiSignature(
793                modified_certificate.signed_entity_type(),
794                modified_multi_signature.into(),
795            );
796
797            modified_certificate
798        }
799
800        let (total_certificates, certificates_per_epoch) = (5, 1);
801        let fake_certificates = CertificateChainBuilder::new()
802            .with_total_certificates(total_certificates)
803            .with_certificates_per_epoch(certificates_per_epoch)
804            .with_standard_certificate_processor(&|certificate, context| {
805                if context.is_last_certificate() {
806                    create_epoch_gap_certificate(certificate, context)
807                } else {
808                    certificate
809                }
810            })
811            .build();
812        let verifier = MockDependencyInjector::new().build_certificate_verifier();
813        let certificate = fake_certificates[0].clone();
814        let previous_certificate = fake_certificates[1].clone();
815
816        let error = verifier
817            .verify_standard_certificate(&certificate, &previous_certificate)
818            .await
819            .expect_err("verify_standard_certificate should fail");
820
821        assert_error_matches!(
822            CertificateVerifierError::CertificateChainMissingEpoch,
823            error
824        )
825    }
826
827    #[tokio::test]
828    async fn verify_standard_certificate_fails_if_certificate_previous_hash_unmatch() {
829        let (total_certificates, certificates_per_epoch) = (5, 1);
830        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
831        let verifier = MockDependencyInjector::new().build_certificate_verifier();
832        let certificate = fake_certificates[0].clone();
833        let mut previous_certificate = fake_certificates[1].clone();
834        previous_certificate.previous_hash = "another-hash".to_string();
835        previous_certificate.hash = previous_certificate.compute_hash();
836
837        let error = verifier
838            .verify_standard_certificate(&certificate, &previous_certificate)
839            .await
840            .expect_err("verify_standard_certificate should fail");
841
842        assert_error_matches!(
843            CertificateVerifierError::CertificateChainPreviousHashUnmatch,
844            error
845        )
846    }
847
848    #[tokio::test]
849    async fn verify_standard_certificate_fails_if_certificate_chain_avk_unmatch() {
850        let (total_certificates, certificates_per_epoch) = (5, 1);
851        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
852        let verifier = MockDependencyInjector::new().build_certificate_verifier();
853        let mut certificate = fake_certificates[0].clone();
854        let mut previous_certificate = fake_certificates[1].clone();
855        previous_certificate.protocol_message.set_message_part(
856            ProtocolMessagePartKey::NextAggregateVerificationKey,
857            "another-avk".to_string(),
858        );
859        previous_certificate.hash = previous_certificate.compute_hash();
860        certificate.previous_hash.clone_from(&previous_certificate.hash);
861        certificate.hash = certificate.compute_hash();
862
863        let error = verifier
864            .verify_standard_certificate(&certificate, &previous_certificate)
865            .await
866            .expect_err("verify_standard_certificate should fail");
867
868        assert_error_matches!(CertificateVerifierError::CertificateChainAVKUnmatch, error)
869    }
870
871    #[tokio::test]
872    async fn verify_standard_certificate_fails_if_certificate_chain_protocol_parameters_unmatch() {
873        let (total_certificates, certificates_per_epoch) = (5, 1);
874        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
875        let verifier = MockDependencyInjector::new().build_certificate_verifier();
876        let mut certificate = fake_certificates[0].clone();
877        let mut previous_certificate = fake_certificates[1].clone();
878        previous_certificate.protocol_message.set_message_part(
879            ProtocolMessagePartKey::NextProtocolParameters,
880            "protocol-params-hash-123".to_string(),
881        );
882        previous_certificate.hash = previous_certificate.compute_hash();
883        certificate.previous_hash.clone_from(&previous_certificate.hash);
884        certificate.hash = certificate.compute_hash();
885
886        let error = verifier
887            .verify_standard_certificate(&certificate, &previous_certificate)
888            .await
889            .expect_err("verify_standard_certificate should fail");
890
891        assert_error_matches!(
892            CertificateVerifierError::CertificateChainProtocolParametersUnmatch,
893            error
894        )
895    }
896
897    #[tokio::test]
898    async fn verify_certificate_success_when_certificate_is_genesis_and_valid() {
899        let (total_certificates, certificates_per_epoch) = (5, 1);
900        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
901        let genesis_certificate = fake_certificates.genesis_certificate();
902        let mock_container = MockDependencyInjector::new();
903        let verifier = mock_container.build_certificate_verifier();
904
905        let verify = verifier
906            .verify_certificate(
907                genesis_certificate,
908                &fake_certificates.genesis_verifier.to_verification_key(),
909            )
910            .await;
911
912        verify.expect("verify_certificate should not fail");
913    }
914
915    #[tokio::test]
916    async fn verify_certificate_success_when_certificate_is_standard_and_valid() {
917        let (total_certificates, certificates_per_epoch) = (5, 1);
918        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
919        let certificate = fake_certificates[0].clone();
920        let previous_certificate = fake_certificates[1].clone();
921        let mut mock_container = MockDependencyInjector::new();
922        mock_container
923            .mock_certificate_retriever
924            .expect_get_certificate_details()
925            .returning(move |_| Ok(previous_certificate.clone()))
926            .times(1);
927        let verifier = mock_container.build_certificate_verifier();
928
929        let verify = verifier
930            .verify_certificate(
931                &certificate,
932                &fake_certificates.genesis_verifier.to_verification_key(),
933            )
934            .await;
935
936        verify.expect("verify_certificate should not fail");
937    }
938
939    #[tokio::test]
940    async fn verify_certificate_chain_verifies_all_chained_certificates() {
941        struct CertificateVerifierTest {
942            certificates_unverified: Mutex<HashMap<String, Certificate>>,
943        }
944
945        impl CertificateVerifierTest {
946            fn from_certificates(certificates: &[Certificate]) -> Self {
947                Self {
948                    certificates_unverified: Mutex::new(HashMap::from_iter(
949                        certificates.iter().map(|c| (c.hash.to_owned(), c.to_owned())),
950                    )),
951                }
952            }
953
954            async fn has_unverified_certificates(&self) -> bool {
955                !self.certificates_unverified.lock().await.is_empty()
956            }
957        }
958
959        #[async_trait]
960        impl CertificateVerifier for CertificateVerifierTest {
961            async fn verify_genesis_certificate(
962                &self,
963                _genesis_certificate: &Certificate,
964                _genesis_verification_key: &ProtocolGenesisVerificationKey,
965            ) -> StdResult<()> {
966                unimplemented!()
967            }
968
969            async fn verify_standard_certificate(
970                &self,
971                _certificate: &Certificate,
972                _previous_certificate: &Certificate,
973            ) -> StdResult<()> {
974                unimplemented!()
975            }
976
977            async fn verify_certificate(
978                &self,
979                certificate: &Certificate,
980                _genesis_verification_key: &ProtocolGenesisVerificationKey,
981            ) -> StdResult<Option<Certificate>> {
982                let mut certificates_unverified = self.certificates_unverified.lock().await;
983                let _verified_certificate = (*certificates_unverified).remove(&certificate.hash);
984                let previous_certificate =
985                    (*certificates_unverified).get(&certificate.previous_hash).cloned();
986
987                Ok(previous_certificate)
988            }
989        }
990
991        let (total_certificates, certificates_per_epoch) = (10, 1);
992        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
993        let fake_certificate_to_verify = fake_certificates[0].clone();
994        let verifier = CertificateVerifierTest::from_certificates(&fake_certificates);
995        assert!(verifier.has_unverified_certificates().await);
996
997        let verify = verifier
998            .verify_certificate_chain(
999                fake_certificate_to_verify,
1000                &fake_certificates.genesis_verifier.to_verification_key(),
1001            )
1002            .await;
1003
1004        verify.expect("verify_certificate_chain should not fail");
1005        assert!(!verifier.has_unverified_certificates().await);
1006    }
1007
1008    #[tokio::test]
1009    async fn verify_certificate_chain_success_when_chain_is_valid() {
1010        let (total_certificates, certificates_per_epoch) = (7, 2);
1011        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
1012        let certificate_retriever =
1013            FakeCertificaterRetriever::from_certificates(&fake_certificates);
1014        let verifier =
1015            MithrilCertificateVerifier::new(TestLogger::stdout(), Arc::new(certificate_retriever));
1016        let certificate_to_verify = fake_certificates[0].clone();
1017
1018        let verify = verifier
1019            .verify_certificate_chain(
1020                certificate_to_verify,
1021                &fake_certificates.genesis_verifier.to_verification_key(),
1022            )
1023            .await;
1024        verify.expect("verify_certificate_chain should not fail");
1025    }
1026
1027    #[tokio::test]
1028    async fn verify_certificate_chain_fails_when_chain_is_tampered() {
1029        let (total_certificates, certificates_per_epoch) = (7, 2);
1030        let mut fake_certificates =
1031            setup_certificate_chain(total_certificates, certificates_per_epoch);
1032        let index_certificate_fail = (total_certificates / 2) as usize;
1033        fake_certificates[index_certificate_fail].signed_message = "tampered-message".to_string();
1034        let certificate_retriever =
1035            FakeCertificaterRetriever::from_certificates(&fake_certificates);
1036        let verifier =
1037            MithrilCertificateVerifier::new(TestLogger::stdout(), Arc::new(certificate_retriever));
1038        let certificate_to_verify = fake_certificates[0].clone();
1039
1040        let error = verifier
1041            .verify_certificate_chain(
1042                certificate_to_verify,
1043                &fake_certificates.genesis_verifier.to_verification_key(),
1044            )
1045            .await
1046            .expect_err("verify_certificate_chain should fail");
1047
1048        assert_error_matches!(CertificateVerifierError::CertificateHashUnmatch, error)
1049    }
1050
1051    #[tokio::test]
1052    async fn verify_certificate_chain_fails_when_adversarial_with_registered_signer_forgery_through_protocol_parameters()
1053     {
1054        // Create an adversarial certificate with a forged multi signature:
1055        // - with the valid signed message
1056        // - with the valid aggregate verification key (valid stake distribution)
1057        // - by a legit adversarial registered signer in the signing stake distribution
1058        // - with adversarial protocol parameters (phi_f = 1.0, i.e. all lotteries are won by the adversarial signer and quorum is reached)
1059        fn forge_certificate(
1060            certificate: Certificate,
1061            context: &CertificateChainBuilderContext,
1062        ) -> Certificate {
1063            assert_ne!(
1064                1.0, certificate.metadata.protocol_parameters.phi_f,
1065                "Adversarial protocol parameters phi_f should be different from 1.0"
1066            );
1067            let fixture = context.fixture;
1068            let signed_message = certificate.signed_message.to_owned();
1069            let mut forged_certificate = certificate;
1070            let mut forged_protocol_parameters = fixture.protocol_parameters();
1071            forged_protocol_parameters.phi_f = 1.0;
1072            let forged_single_signatures = fixture
1073                .signers_fixture()
1074                .iter()
1075                .take(1)
1076                .filter_map(|s| {
1077                    let s_adversary = s
1078                        .to_owned()
1079                        .try_new_with_protocol_parameters(forged_protocol_parameters.clone())
1080                        .unwrap();
1081
1082                    s_adversary.protocol_signer.sign(signed_message.as_bytes())
1083                })
1084                .collect::<Vec<_>>();
1085            let forged_clerk = ProtocolClerk::from_registration(
1086                &forged_protocol_parameters.clone().into(),
1087                &fixture.signers_fixture()[0].protocol_closed_key_registration,
1088            );
1089            let forged_multi_signature = forged_clerk
1090                .aggregate(&forged_single_signatures, signed_message.as_bytes())
1091                .unwrap();
1092            forged_certificate.signature = CertificateSignature::MultiSignature(
1093                forged_certificate.signed_entity_type(),
1094                forged_multi_signature.into(),
1095            );
1096            forged_certificate.metadata.protocol_parameters = forged_protocol_parameters;
1097
1098            forged_certificate
1099        }
1100
1101        let (total_certificates, certificates_per_epoch) = (7, 2);
1102        let fake_certificates = CertificateChainBuilder::new()
1103            .with_total_certificates(total_certificates)
1104            .with_certificates_per_epoch(certificates_per_epoch)
1105            .with_standard_certificate_processor(&|certificate, context| {
1106                if context.is_last_certificate() {
1107                    forge_certificate(certificate, context)
1108                } else {
1109                    certificate
1110                }
1111            })
1112            .build();
1113        let certificate_to_verify = fake_certificates[0].clone();
1114        let mock_container = MockDependencyInjector::new();
1115        let mut verifier = mock_container.build_certificate_verifier();
1116        verifier.certificate_retriever = Arc::new(FakeCertificaterRetriever::from_certificates(
1117            &fake_certificates,
1118        ));
1119
1120        let error = verifier
1121            .verify_certificate(
1122                &certificate_to_verify,
1123                &fake_certificates.genesis_verifier.to_verification_key(),
1124            )
1125            .await
1126            .expect_err("verify_certificate_chain should fail");
1127
1128        assert_error_matches!(
1129            CertificateVerifierError::CertificateChainProtocolParametersUnmatch,
1130            error
1131        )
1132    }
1133}