mithril_common/certificate_chain/
certificate_verifier.rs

1//! A module used to validate the Certificate Chain created by an aggregator
2//!
3use anyhow::{Context, anyhow};
4use async_trait::async_trait;
5use hex::ToHex;
6use slog::{Logger, debug};
7use std::sync::Arc;
8use thiserror::Error;
9
10use super::CertificateRetriever;
11use crate::StdResult;
12use crate::crypto_helper::{
13    ProtocolAggregateVerificationKey, ProtocolGenesisError, ProtocolGenesisVerificationKey,
14    ProtocolMultiSignature,
15};
16use crate::entities::{
17    Certificate, CertificateSignature, ProtocolMessagePartKey, ProtocolParameters,
18};
19use crate::logging::LoggerExtensions;
20
21#[cfg(test)]
22use mockall::automock;
23
24/// [CertificateVerifier] related errors.
25#[derive(Error, Debug)]
26pub enum CertificateVerifierError {
27    /// Error raised when the multi signatures verification fails.
28    #[error("multi signature verification failed: '{0}'")]
29    VerifyMultiSignature(String),
30
31    /// Error raised when the Genesis Signature stored in a [Certificate] is invalid.
32    #[error("certificate genesis error")]
33    CertificateGenesis(#[from] ProtocolGenesisError),
34
35    /// Error raised when the hash stored in a [Certificate] doesn't match a recomputed hash.
36    #[error("certificate hash unmatch error")]
37    CertificateHashUnmatch,
38
39    /// Error raised when validating the certificate chain if a previous [Certificate] hash isn't
40    /// equal to the current certificate `previous_hash`.
41    #[error("certificate chain previous hash unmatch error")]
42    CertificateChainPreviousHashUnmatch,
43
44    /// Error raised when validating the certificate chain if the current [Certificate]
45    /// `signed_message` doesn't match the hash of the `protocol_message` of the current certificate
46    #[error("certificate protocol message unmatch error")]
47    CertificateProtocolMessageUnmatch,
48
49    /// Error raised when validating the certificate chain if the current [Certificate]
50    /// `aggregate_verification_key` doesn't match the signed `next_aggregate_verification_key` of the previous certificate
51    /// (if the certificates are on different epoch) or the `aggregate_verification_key` of the previous certificate
52    /// (if the certificates are on the same epoch).
53    #[error("certificate chain AVK unmatch error")]
54    CertificateChainAVKUnmatch,
55
56    /// Error raised when validating the certificate chain if the current [Certificate]
57    /// `protocol_parameters` don't match the signed `next_protocol_parameters` of the previous certificate
58    /// (if the certificates are on different epoch) or the `protocol_parameters` of the previous certificate
59    /// (if the certificates are on the same epoch).
60    #[error("certificate chain protocol parameters unmatch error")]
61    CertificateChainProtocolParametersUnmatch,
62
63    /// Error raised when validating the certificate chain if the current [Certificate]
64    /// `epoch` doesn't match the signed `current_epoch` of the current certificate
65    #[error("certificate epoch unmatch error")]
66    CertificateEpochUnmatch,
67
68    /// Error raised when validating the certificate chain if the current [Certificate]
69    /// `epoch` is neither equal to the previous certificate `epoch` nor to the previous certificate `epoch - 1`
70    #[error("certificate chain missing epoch error")]
71    CertificateChainMissingEpoch,
72
73    /// Error raised when validating the certificate chain if the chain loops.
74    #[error("certificate chain infinite loop error")]
75    CertificateChainInfiniteLoop,
76
77    /// Error raised when [CertificateVerifier::verify_genesis_certificate] was called with a
78    /// certificate that's not a genesis certificate.
79    #[error("can't validate genesis certificate: given certificate isn't a genesis certificate")]
80    InvalidGenesisCertificateProvided,
81
82    /// Error raised when [CertificateVerifier::verify_standard_certificate] was called with a
83    /// certificate that's not a standard certificate.
84    #[error("can't validate standard certificate: given certificate isn't a standard certificate")]
85    InvalidStandardCertificateProvided,
86}
87
88/// CertificateVerifier is the cryptographic engine in charge of verifying multi signatures and
89/// [certificates](Certificate)
90#[cfg_attr(test, automock)]
91#[cfg_attr(target_family = "wasm", async_trait(?Send))]
92#[cfg_attr(not(target_family = "wasm"), async_trait)]
93pub trait CertificateVerifier: Send + Sync {
94    /// Verify Genesis certificate
95    async fn verify_genesis_certificate(
96        &self,
97        genesis_certificate: &Certificate,
98        genesis_verification_key: &ProtocolGenesisVerificationKey,
99    ) -> StdResult<()>;
100
101    /// Verify Standard certificate
102    async fn verify_standard_certificate(
103        &self,
104        certificate: &Certificate,
105        previous_certificate: &Certificate,
106    ) -> StdResult<()>;
107
108    /// Verify if a Certificate is valid and returns the previous Certificate in the chain if exists
109    async fn verify_certificate(
110        &self,
111        certificate: &Certificate,
112        genesis_verification_key: &ProtocolGenesisVerificationKey,
113    ) -> StdResult<Option<Certificate>>;
114
115    /// Verify that the Certificate Chain associated to a Certificate is valid
116    async fn verify_certificate_chain(
117        &self,
118        certificate: Certificate,
119        genesis_verification_key: &ProtocolGenesisVerificationKey,
120    ) -> StdResult<()> {
121        let mut certificate = certificate;
122        while let Some(previous_certificate) = self
123            .verify_certificate(&certificate, genesis_verification_key)
124            .await?
125        {
126            certificate = previous_certificate;
127        }
128
129        Ok(())
130    }
131}
132
133/// MithrilCertificateVerifier is an implementation of the CertificateVerifier
134pub struct MithrilCertificateVerifier {
135    logger: Logger,
136    certificate_retriever: Arc<dyn CertificateRetriever>,
137}
138
139impl MithrilCertificateVerifier {
140    /// MithrilCertificateVerifier factory
141    pub fn new(logger: Logger, certificate_retriever: Arc<dyn CertificateRetriever>) -> Self {
142        debug!(logger, "New MithrilCertificateVerifier created");
143        Self {
144            logger: logger.new_with_component_name::<Self>(),
145            certificate_retriever,
146        }
147    }
148
149    async fn fetch_previous_certificate(
150        &self,
151        certificate: &Certificate,
152    ) -> StdResult<Certificate> {
153        self.certificate_retriever
154            .get_certificate_details(&certificate.previous_hash)
155            .await
156            .map_err(|e| anyhow!(e))
157            .with_context(|| "Can not retrieve previous certificate during verification")
158    }
159
160    fn verify_multi_signature(
161        &self,
162        message: &[u8],
163        multi_signature: &ProtocolMultiSignature,
164        aggregate_verification_key: &ProtocolAggregateVerificationKey,
165        protocol_parameters: &ProtocolParameters,
166    ) -> Result<(), CertificateVerifierError> {
167        debug!(
168            self.logger,
169            "Verify multi signature for {:?}",
170            message.encode_hex::<String>()
171        );
172
173        multi_signature
174            .verify(
175                message,
176                aggregate_verification_key,
177                &protocol_parameters.to_owned().into(),
178            )
179            .map_err(|e| CertificateVerifierError::VerifyMultiSignature(e.to_string()))
180    }
181
182    fn verify_is_not_in_infinite_loop(&self, certificate: &Certificate) -> StdResult<()> {
183        if certificate.is_chaining_to_itself() {
184            return Err(anyhow!(
185                CertificateVerifierError::CertificateChainInfiniteLoop
186            ));
187        }
188
189        Ok(())
190    }
191
192    fn verify_hash_matches_content(&self, certificate: &Certificate) -> StdResult<()> {
193        if certificate.compute_hash() != certificate.hash {
194            return Err(anyhow!(CertificateVerifierError::CertificateHashUnmatch));
195        }
196
197        Ok(())
198    }
199
200    fn verify_previous_hash_matches_previous_certificate_hash(
201        &self,
202        certificate: &Certificate,
203        previous_certificate: &Certificate,
204    ) -> StdResult<()> {
205        if previous_certificate.hash != certificate.previous_hash {
206            return Err(anyhow!(
207                CertificateVerifierError::CertificateChainPreviousHashUnmatch
208            ));
209        }
210
211        Ok(())
212    }
213
214    fn verify_signed_message_matches_hashed_protocol_message(
215        &self,
216        certificate: &Certificate,
217    ) -> StdResult<()> {
218        if certificate.protocol_message.compute_hash() != certificate.signed_message {
219            return Err(anyhow!(
220                CertificateVerifierError::CertificateProtocolMessageUnmatch
221            ));
222        }
223
224        Ok(())
225    }
226
227    fn verify_epoch_matches_protocol_message(&self, certificate: &Certificate) -> StdResult<()> {
228        if let Some(signed_epoch) = &certificate
229            .protocol_message
230            .get_message_part(&ProtocolMessagePartKey::CurrentEpoch)
231        {
232            if **signed_epoch == certificate.epoch.to_string() {
233                return Ok(());
234            }
235        }
236
237        Err(anyhow!(CertificateVerifierError::CertificateEpochUnmatch))
238    }
239
240    fn verify_epoch_chaining(
241        &self,
242        certificate: &Certificate,
243        previous_certificate: &Certificate,
244    ) -> StdResult<()> {
245        if certificate.epoch.has_gap_with(&previous_certificate.epoch) {
246            return Err(anyhow!(
247                CertificateVerifierError::CertificateChainMissingEpoch
248            ));
249        }
250
251        Ok(())
252    }
253
254    fn verify_aggregate_verification_key_chaining(
255        &self,
256        certificate: &Certificate,
257        previous_certificate: &Certificate,
258    ) -> StdResult<()> {
259        let previous_certificate_has_same_epoch = previous_certificate.epoch == certificate.epoch;
260        let certificate_has_valid_aggregate_verification_key =
261            if previous_certificate_has_same_epoch {
262                previous_certificate.aggregate_verification_key
263                    == certificate.aggregate_verification_key
264            } else {
265                match &previous_certificate
266                    .protocol_message
267                    .get_message_part(&ProtocolMessagePartKey::NextAggregateVerificationKey)
268                {
269                    Some(previous_certificate_next_aggregate_verification_key) => {
270                        **previous_certificate_next_aggregate_verification_key
271                            == certificate
272                                .aggregate_verification_key
273                                .to_json_hex()
274                                .with_context(|| {
275                                    format!(
276                                    "aggregate verification key to string conversion error for certificate: `{}`",
277                                    certificate.hash
278                                )
279                                })?
280                    }
281                    None => false,
282                }
283            };
284        if !certificate_has_valid_aggregate_verification_key {
285            debug!(
286                self.logger,
287                "Previous certificate {:#?}", previous_certificate
288            );
289            return Err(anyhow!(
290                CertificateVerifierError::CertificateChainAVKUnmatch
291            ));
292        }
293
294        Ok(())
295    }
296
297    fn verify_protocol_parameters_chaining(
298        &self,
299        certificate: &Certificate,
300        previous_certificate: &Certificate,
301    ) -> StdResult<()> {
302        let previous_certificate_has_same_epoch = previous_certificate.epoch == certificate.epoch;
303        let certificate_has_valid_protocol_parameters = if previous_certificate_has_same_epoch {
304            previous_certificate.metadata.protocol_parameters
305                == certificate.metadata.protocol_parameters
306        } else {
307            match &previous_certificate
308                .protocol_message
309                .get_message_part(&ProtocolMessagePartKey::NextProtocolParameters)
310            {
311                Some(previous_certificate_next_protocol_parameters) => {
312                    **previous_certificate_next_protocol_parameters
313                        == certificate.metadata.protocol_parameters.compute_hash()
314                }
315                None => false,
316            }
317        };
318        if !certificate_has_valid_protocol_parameters {
319            debug!(
320                self.logger,
321                "Previous certificate {:#?}", previous_certificate
322            );
323            return Err(anyhow!(
324                CertificateVerifierError::CertificateChainProtocolParametersUnmatch
325            ));
326        }
327
328        Ok(())
329    }
330}
331
332#[cfg_attr(target_family = "wasm", async_trait(?Send))]
333#[cfg_attr(not(target_family = "wasm"), async_trait)]
334impl CertificateVerifier for MithrilCertificateVerifier {
335    async fn verify_genesis_certificate(
336        &self,
337        genesis_certificate: &Certificate,
338        genesis_verification_key: &ProtocolGenesisVerificationKey,
339    ) -> StdResult<()> {
340        let genesis_signature = match &genesis_certificate.signature {
341            CertificateSignature::GenesisSignature(signature) => Ok(signature),
342            _ => Err(CertificateVerifierError::InvalidGenesisCertificateProvided),
343        }?;
344        self.verify_hash_matches_content(genesis_certificate)?;
345        self.verify_signed_message_matches_hashed_protocol_message(genesis_certificate)?;
346        genesis_verification_key
347            .verify(
348                genesis_certificate.signed_message.as_bytes(),
349                genesis_signature,
350            )
351            .with_context(|| "Certificate verifier failed verifying a genesis certificate")?;
352        self.verify_epoch_matches_protocol_message(genesis_certificate)?;
353
354        Ok(())
355    }
356
357    async fn verify_standard_certificate(
358        &self,
359        certificate: &Certificate,
360        previous_certificate: &Certificate,
361    ) -> StdResult<()> {
362        let multi_signature = match &certificate.signature {
363            CertificateSignature::MultiSignature(_, signature) => Ok(signature),
364            _ => Err(CertificateVerifierError::InvalidStandardCertificateProvided),
365        }?;
366        self.verify_is_not_in_infinite_loop(certificate)?;
367        self.verify_hash_matches_content(certificate)?;
368        self.verify_signed_message_matches_hashed_protocol_message(certificate)?;
369        self.verify_multi_signature(
370            certificate.signed_message.as_bytes(),
371            multi_signature,
372            &certificate.aggregate_verification_key,
373            &certificate.metadata.protocol_parameters,
374        )?;
375        self.verify_epoch_matches_protocol_message(certificate)?;
376        self.verify_epoch_chaining(certificate, previous_certificate)?;
377        self.verify_previous_hash_matches_previous_certificate_hash(
378            certificate,
379            previous_certificate,
380        )?;
381        self.verify_aggregate_verification_key_chaining(certificate, previous_certificate)?;
382        self.verify_protocol_parameters_chaining(certificate, previous_certificate)?;
383
384        Ok(())
385    }
386
387    /// Verify a certificate
388    async fn verify_certificate(
389        &self,
390        certificate: &Certificate,
391        genesis_verification_key: &ProtocolGenesisVerificationKey,
392    ) -> StdResult<Option<Certificate>> {
393        debug!(
394            self.logger, "Verifying certificate";
395            "certificate_hash" => &certificate.hash,
396            "certificate_previous_hash" => &certificate.previous_hash,
397            "certificate_epoch" => ?certificate.epoch,
398            "certificate_signed_entity_type" => ?certificate.signed_entity_type(),
399        );
400
401        match &certificate.signature {
402            CertificateSignature::GenesisSignature(_) => {
403                self.verify_genesis_certificate(certificate, genesis_verification_key)
404                    .await?;
405
406                Ok(None)
407            }
408            CertificateSignature::MultiSignature(_, _) => {
409                let previous_certificate = self.fetch_previous_certificate(certificate).await?;
410                self.verify_standard_certificate(certificate, &previous_certificate)
411                    .await?;
412
413                Ok(Some(previous_certificate))
414            }
415        }
416    }
417}
418
419#[cfg(test)]
420mod tests {
421    use std::collections::HashMap;
422
423    use async_trait::async_trait;
424    use mockall::mock;
425    use tokio::sync::Mutex;
426
427    use super::CertificateRetriever;
428    use super::*;
429
430    use crate::certificate_chain::{CertificateRetrieverError, FakeCertificaterRetriever};
431    use crate::crypto_helper::{ProtocolClerk, tests_setup::*};
432    use crate::test_utils::{
433        CertificateChainBuilder, CertificateChainBuilderContext, MithrilFixtureBuilder, TestLogger,
434    };
435
436    macro_rules! assert_error_matches {
437        ( $expected_error:path, $error:expr ) => {{
438            let error = $error
439                .downcast_ref::<CertificateVerifierError>()
440                .expect("Can not downcast to `CertificateVerifierError`.");
441            let expected_error = $expected_error;
442
443            assert!(
444                matches!(error, $expected_error),
445                "unexpected error type: got {error:?}, want {expected_error:?}"
446            );
447        }};
448    }
449
450    mock! {
451        pub CertificateRetrieverImpl { }
452
453        #[async_trait]
454        impl CertificateRetriever for CertificateRetrieverImpl {
455
456            async fn get_certificate_details(
457                &self,
458                certificate_hash: &str,
459            ) -> Result<Certificate, CertificateRetrieverError>;
460        }
461    }
462
463    struct MockDependencyInjector {
464        mock_certificate_retriever: MockCertificateRetrieverImpl,
465    }
466
467    impl MockDependencyInjector {
468        fn new() -> MockDependencyInjector {
469            MockDependencyInjector {
470                mock_certificate_retriever: MockCertificateRetrieverImpl::new(),
471            }
472        }
473
474        fn build_certificate_verifier(self) -> MithrilCertificateVerifier {
475            MithrilCertificateVerifier::new(
476                TestLogger::stdout(),
477                Arc::new(self.mock_certificate_retriever),
478            )
479        }
480    }
481
482    #[test]
483    fn verify_multi_signature_success() {
484        let protocol_parameters = setup_protocol_parameters();
485        let fixture = MithrilFixtureBuilder::default()
486            .with_signers(5)
487            .with_protocol_parameters(protocol_parameters.into())
488            .build();
489        let signers = fixture.signers_fixture();
490        let message_hash = setup_message().compute_hash().as_bytes().to_vec();
491
492        let single_signatures = signers
493            .iter()
494            .filter_map(|s| s.protocol_signer.sign(&message_hash))
495            .collect::<Vec<_>>();
496
497        let first_signer = &signers[0].protocol_signer;
498        let clerk = ProtocolClerk::new_clerk_from_signer(first_signer);
499        let aggregate_verification_key = clerk.compute_aggregate_verification_key().into();
500        let multi_signature = clerk
501            .aggregate_signatures(&single_signatures, &message_hash)
502            .unwrap()
503            .into();
504
505        let verifier = MithrilCertificateVerifier::new(
506            TestLogger::stdout(),
507            Arc::new(MockCertificateRetrieverImpl::new()),
508        );
509        let message_tampered = message_hash[1..].to_vec();
510        assert!(
511            verifier
512                .verify_multi_signature(
513                    &message_tampered,
514                    &multi_signature,
515                    &aggregate_verification_key,
516                    &fixture.protocol_parameters(),
517                )
518                .is_err(),
519            "multi signature verification should have failed"
520        );
521        verifier
522            .verify_multi_signature(
523                &message_hash,
524                &multi_signature,
525                &aggregate_verification_key,
526                &fixture.protocol_parameters(),
527            )
528            .expect("multi signature verification should have succeeded");
529    }
530
531    #[tokio::test]
532    async fn verify_genesis_certificate_success() {
533        let (total_certificates, certificates_per_epoch) = (5, 1);
534        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
535        let verifier = MockDependencyInjector::new().build_certificate_verifier();
536        let genesis_certificate = fake_certificates.genesis_certificate();
537
538        let verify = verifier
539            .verify_genesis_certificate(
540                genesis_certificate,
541                &fake_certificates.genesis_verifier.to_verification_key(),
542            )
543            .await;
544
545        verify.expect("verify_genesis_certificate should not fail");
546    }
547
548    #[tokio::test]
549    async fn verify_genesis_certificate_fails_if_is_not_genesis() {
550        let (total_certificates, certificates_per_epoch) = (5, 1);
551        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
552        let verifier = MockDependencyInjector::new().build_certificate_verifier();
553        let standard_certificate = fake_certificates[0].clone();
554        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
555        genesis_certificate.signature = standard_certificate.signature.clone();
556        genesis_certificate.hash = genesis_certificate.compute_hash();
557
558        let error = verifier
559            .verify_genesis_certificate(
560                &genesis_certificate,
561                &fake_certificates.genesis_verifier.to_verification_key(),
562            )
563            .await
564            .expect_err("verify_genesis_certificate should fail");
565
566        assert_error_matches!(
567            CertificateVerifierError::InvalidGenesisCertificateProvided,
568            error
569        )
570    }
571
572    #[tokio::test]
573    async fn verify_genesis_certificate_fails_if_hash_unmatch() {
574        let (total_certificates, certificates_per_epoch) = (5, 1);
575        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
576        let verifier = MockDependencyInjector::new().build_certificate_verifier();
577        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
578        genesis_certificate.hash = "another-hash".to_string();
579
580        let error = verifier
581            .verify_genesis_certificate(
582                &genesis_certificate,
583                &fake_certificates.genesis_verifier.to_verification_key(),
584            )
585            .await
586            .expect_err("verify_genesis_certificate should fail");
587
588        assert_error_matches!(CertificateVerifierError::CertificateHashUnmatch, error)
589    }
590
591    #[tokio::test]
592    async fn verify_genesis_certificate_fails_if_protocol_message_unmatch() {
593        let (total_certificates, certificates_per_epoch) = (5, 1);
594        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
595        let verifier = MockDependencyInjector::new().build_certificate_verifier();
596        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
597        genesis_certificate.protocol_message.set_message_part(
598            ProtocolMessagePartKey::CurrentEpoch,
599            "another-value".to_string(),
600        );
601        genesis_certificate.hash = genesis_certificate.compute_hash();
602
603        let error = verifier
604            .verify_genesis_certificate(
605                &genesis_certificate,
606                &fake_certificates.genesis_verifier.to_verification_key(),
607            )
608            .await
609            .expect_err("verify_genesis_certificate should fail");
610
611        assert_error_matches!(
612            CertificateVerifierError::CertificateProtocolMessageUnmatch,
613            error
614        )
615    }
616
617    #[tokio::test]
618    async fn verify_genesis_certificate_fails_if_epoch_unmatch() {
619        let (total_certificates, certificates_per_epoch) = (5, 1);
620        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
621        let verifier = MockDependencyInjector::new().build_certificate_verifier();
622        let mut genesis_certificate = fake_certificates.genesis_certificate().clone();
623        genesis_certificate.epoch -= 1;
624        genesis_certificate.hash = genesis_certificate.compute_hash();
625
626        let error = verifier
627            .verify_genesis_certificate(
628                &genesis_certificate,
629                &fake_certificates.genesis_verifier.to_verification_key(),
630            )
631            .await
632            .expect_err("verify_genesis_certificate should fail");
633
634        assert_error_matches!(CertificateVerifierError::CertificateEpochUnmatch, error)
635    }
636
637    #[tokio::test]
638    async fn verify_standard_certificate_success_with_different_epochs_as_previous() {
639        let (total_certificates, certificates_per_epoch) = (5, 1);
640        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
641        let verifier = MockDependencyInjector::new().build_certificate_verifier();
642        let certificate = fake_certificates[0].clone();
643        let previous_certificate = fake_certificates[1].clone();
644
645        let verify = verifier
646            .verify_standard_certificate(&certificate, &previous_certificate)
647            .await;
648
649        verify.expect("verify_standard_certificate should not fail");
650    }
651
652    #[tokio::test]
653    async fn verify_standard_certificate_success_with_same_epoch_as_previous() {
654        let (total_certificates, certificates_per_epoch) = (5, 2);
655        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
656        let verifier = MockDependencyInjector::new().build_certificate_verifier();
657        let certificate = fake_certificates[0].clone();
658        let previous_certificate = fake_certificates[1].clone();
659
660        let verify = verifier
661            .verify_standard_certificate(&certificate, &previous_certificate)
662            .await;
663
664        verify.expect("verify_standard_certificate should not fail");
665    }
666
667    #[tokio::test]
668    async fn verify_standard_certificate_fails_if_is_not_genesis() {
669        let (total_certificates, certificates_per_epoch) = (5, 1);
670        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
671        let verifier = MockDependencyInjector::new().build_certificate_verifier();
672        let genesis_certificate = fake_certificates.genesis_certificate();
673        let mut standard_certificate = fake_certificates[0].clone();
674        standard_certificate.signature = genesis_certificate.signature.clone();
675        standard_certificate.hash = standard_certificate.compute_hash();
676        let standard_previous_certificate = fake_certificates[1].clone();
677
678        let error = verifier
679            .verify_standard_certificate(&standard_certificate, &standard_previous_certificate)
680            .await
681            .expect_err("verify_standard_certificate should fail");
682
683        assert_error_matches!(
684            CertificateVerifierError::InvalidStandardCertificateProvided,
685            error
686        )
687    }
688
689    #[tokio::test]
690    async fn verify_standard_certificate_fails_if_infinite_loop() {
691        let (total_certificates, certificates_per_epoch) = (5, 1);
692        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
693        let verifier = MockDependencyInjector::new().build_certificate_verifier();
694        let mut certificate = fake_certificates[0].clone();
695        certificate.previous_hash = certificate.hash.clone();
696        let previous_certificate = fake_certificates[1].clone();
697
698        let error = verifier
699            .verify_standard_certificate(&certificate, &previous_certificate)
700            .await
701            .expect_err("verify_standard_certificate should fail");
702
703        assert_error_matches!(
704            CertificateVerifierError::CertificateChainInfiniteLoop,
705            error
706        )
707    }
708
709    #[tokio::test]
710    async fn verify_standard_certificate_fails_if_hash_unmatch() {
711        let (total_certificates, certificates_per_epoch) = (5, 1);
712        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
713        let verifier = MockDependencyInjector::new().build_certificate_verifier();
714        let mut certificate = fake_certificates[0].clone();
715        certificate.hash = "another-hash".to_string();
716        let previous_certificate = fake_certificates[1].clone();
717
718        let error = verifier
719            .verify_standard_certificate(&certificate, &previous_certificate)
720            .await
721            .expect_err("verify_standard_certificate should fail");
722
723        assert_error_matches!(CertificateVerifierError::CertificateHashUnmatch, error)
724    }
725
726    #[tokio::test]
727    async fn verify_standard_certificate_fails_if_protocol_message_unmatch() {
728        let (total_certificates, certificates_per_epoch) = (5, 1);
729        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
730        let verifier = MockDependencyInjector::new().build_certificate_verifier();
731        let mut certificate = fake_certificates[0].clone();
732        certificate.protocol_message.set_message_part(
733            ProtocolMessagePartKey::CurrentEpoch,
734            "another-value".to_string(),
735        );
736        certificate.hash = certificate.compute_hash();
737        let previous_certificate = fake_certificates[1].clone();
738
739        let error = verifier
740            .verify_standard_certificate(&certificate, &previous_certificate)
741            .await
742            .expect_err("verify_standard_certificate should fail");
743
744        assert_error_matches!(
745            CertificateVerifierError::CertificateProtocolMessageUnmatch,
746            error
747        )
748    }
749
750    #[tokio::test]
751    async fn verify_standard_certificate_fails_if_epoch_unmatch() {
752        let (total_certificates, certificates_per_epoch) = (5, 1);
753        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
754        let verifier = MockDependencyInjector::new().build_certificate_verifier();
755        let mut certificate = fake_certificates[0].clone();
756        certificate.epoch -= 1;
757        certificate.hash = certificate.compute_hash();
758        let previous_certificate = fake_certificates[1].clone();
759
760        let error = verifier
761            .verify_standard_certificate(&certificate, &previous_certificate)
762            .await
763            .expect_err("verify_standard_certificate should fail");
764
765        assert_error_matches!(CertificateVerifierError::CertificateEpochUnmatch, error)
766    }
767
768    #[tokio::test]
769    async fn verify_standard_certificate_fails_if_has_missing_epoch() {
770        fn create_epoch_gap_certificate(
771            certificate: Certificate,
772            context: &CertificateChainBuilderContext,
773        ) -> Certificate {
774            let fixture = context.fixture;
775            let modified_epoch = certificate.epoch + 1;
776            let mut protocol_message = certificate.protocol_message.to_owned();
777            protocol_message.set_message_part(
778                ProtocolMessagePartKey::CurrentEpoch,
779                modified_epoch.to_string(),
780            );
781            let signed_message = protocol_message.compute_hash();
782            let mut modified_certificate = certificate;
783            modified_certificate.epoch = modified_epoch;
784            modified_certificate.protocol_message = protocol_message;
785            modified_certificate.signed_message = signed_message.clone();
786            let single_signatures = fixture
787                .signers_fixture()
788                .iter()
789                .filter_map(|s| s.protocol_signer.sign(signed_message.as_bytes()))
790                .collect::<Vec<_>>();
791            let clerk =
792                ProtocolClerk::new_clerk_from_signer(&fixture.signers_fixture()[0].protocol_signer);
793            let modified_multi_signature = clerk
794                .aggregate_signatures(&single_signatures, signed_message.as_bytes())
795                .unwrap();
796            modified_certificate.signature = CertificateSignature::MultiSignature(
797                modified_certificate.signed_entity_type(),
798                modified_multi_signature.into(),
799            );
800
801            modified_certificate
802        }
803
804        let (total_certificates, certificates_per_epoch) = (5, 1);
805        let fake_certificates = CertificateChainBuilder::new()
806            .with_total_certificates(total_certificates)
807            .with_certificates_per_epoch(certificates_per_epoch)
808            .with_standard_certificate_processor(&|certificate, context| {
809                if context.is_last_certificate() {
810                    create_epoch_gap_certificate(certificate, context)
811                } else {
812                    certificate
813                }
814            })
815            .build();
816        let verifier = MockDependencyInjector::new().build_certificate_verifier();
817        let certificate = fake_certificates[0].clone();
818        let previous_certificate = fake_certificates[1].clone();
819
820        let error = verifier
821            .verify_standard_certificate(&certificate, &previous_certificate)
822            .await
823            .expect_err("verify_standard_certificate should fail");
824
825        assert_error_matches!(
826            CertificateVerifierError::CertificateChainMissingEpoch,
827            error
828        )
829    }
830
831    #[tokio::test]
832    async fn verify_standard_certificate_fails_if_certificate_previous_hash_unmatch() {
833        let (total_certificates, certificates_per_epoch) = (5, 1);
834        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
835        let verifier = MockDependencyInjector::new().build_certificate_verifier();
836        let certificate = fake_certificates[0].clone();
837        let mut previous_certificate = fake_certificates[1].clone();
838        previous_certificate.previous_hash = "another-hash".to_string();
839        previous_certificate.hash = previous_certificate.compute_hash();
840
841        let error = verifier
842            .verify_standard_certificate(&certificate, &previous_certificate)
843            .await
844            .expect_err("verify_standard_certificate should fail");
845
846        assert_error_matches!(
847            CertificateVerifierError::CertificateChainPreviousHashUnmatch,
848            error
849        )
850    }
851
852    #[tokio::test]
853    async fn verify_standard_certificate_fails_if_certificate_chain_avk_unmatch() {
854        let (total_certificates, certificates_per_epoch) = (5, 1);
855        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
856        let verifier = MockDependencyInjector::new().build_certificate_verifier();
857        let mut certificate = fake_certificates[0].clone();
858        let mut previous_certificate = fake_certificates[1].clone();
859        previous_certificate.protocol_message.set_message_part(
860            ProtocolMessagePartKey::NextAggregateVerificationKey,
861            "another-avk".to_string(),
862        );
863        previous_certificate.hash = previous_certificate.compute_hash();
864        certificate.previous_hash.clone_from(&previous_certificate.hash);
865        certificate.hash = certificate.compute_hash();
866
867        let error = verifier
868            .verify_standard_certificate(&certificate, &previous_certificate)
869            .await
870            .expect_err("verify_standard_certificate should fail");
871
872        assert_error_matches!(CertificateVerifierError::CertificateChainAVKUnmatch, error)
873    }
874
875    #[tokio::test]
876    async fn verify_standard_certificate_fails_if_certificate_chain_protocol_parameters_unmatch() {
877        let (total_certificates, certificates_per_epoch) = (5, 1);
878        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
879        let verifier = MockDependencyInjector::new().build_certificate_verifier();
880        let mut certificate = fake_certificates[0].clone();
881        let mut previous_certificate = fake_certificates[1].clone();
882        previous_certificate.protocol_message.set_message_part(
883            ProtocolMessagePartKey::NextProtocolParameters,
884            "protocol-params-hash-123".to_string(),
885        );
886        previous_certificate.hash = previous_certificate.compute_hash();
887        certificate.previous_hash.clone_from(&previous_certificate.hash);
888        certificate.hash = certificate.compute_hash();
889
890        let error = verifier
891            .verify_standard_certificate(&certificate, &previous_certificate)
892            .await
893            .expect_err("verify_standard_certificate should fail");
894
895        assert_error_matches!(
896            CertificateVerifierError::CertificateChainProtocolParametersUnmatch,
897            error
898        )
899    }
900
901    #[tokio::test]
902    async fn verify_certificate_success_when_certificate_is_genesis_and_valid() {
903        let (total_certificates, certificates_per_epoch) = (5, 1);
904        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
905        let genesis_certificate = fake_certificates.genesis_certificate();
906        let mock_container = MockDependencyInjector::new();
907        let verifier = mock_container.build_certificate_verifier();
908
909        let verify = verifier
910            .verify_certificate(
911                genesis_certificate,
912                &fake_certificates.genesis_verifier.to_verification_key(),
913            )
914            .await;
915
916        verify.expect("verify_certificate should not fail");
917    }
918
919    #[tokio::test]
920    async fn verify_certificate_success_when_certificate_is_standard_and_valid() {
921        let (total_certificates, certificates_per_epoch) = (5, 1);
922        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
923        let certificate = fake_certificates[0].clone();
924        let previous_certificate = fake_certificates[1].clone();
925        let mut mock_container = MockDependencyInjector::new();
926        mock_container
927            .mock_certificate_retriever
928            .expect_get_certificate_details()
929            .returning(move |_| Ok(previous_certificate.clone()))
930            .times(1);
931        let verifier = mock_container.build_certificate_verifier();
932
933        let verify = verifier
934            .verify_certificate(
935                &certificate,
936                &fake_certificates.genesis_verifier.to_verification_key(),
937            )
938            .await;
939
940        verify.expect("verify_certificate should not fail");
941    }
942
943    #[tokio::test]
944    async fn verify_certificate_chain_verifies_all_chained_certificates() {
945        struct CertificateVerifierTest {
946            certificates_unverified: Mutex<HashMap<String, Certificate>>,
947        }
948
949        impl CertificateVerifierTest {
950            fn from_certificates(certificates: &[Certificate]) -> Self {
951                Self {
952                    certificates_unverified: Mutex::new(HashMap::from_iter(
953                        certificates.iter().map(|c| (c.hash.to_owned(), c.to_owned())),
954                    )),
955                }
956            }
957
958            async fn has_unverified_certificates(&self) -> bool {
959                !self.certificates_unverified.lock().await.is_empty()
960            }
961        }
962
963        #[async_trait]
964        impl CertificateVerifier for CertificateVerifierTest {
965            async fn verify_genesis_certificate(
966                &self,
967                _genesis_certificate: &Certificate,
968                _genesis_verification_key: &ProtocolGenesisVerificationKey,
969            ) -> StdResult<()> {
970                unimplemented!()
971            }
972
973            async fn verify_standard_certificate(
974                &self,
975                _certificate: &Certificate,
976                _previous_certificate: &Certificate,
977            ) -> StdResult<()> {
978                unimplemented!()
979            }
980
981            async fn verify_certificate(
982                &self,
983                certificate: &Certificate,
984                _genesis_verification_key: &ProtocolGenesisVerificationKey,
985            ) -> StdResult<Option<Certificate>> {
986                let mut certificates_unverified = self.certificates_unverified.lock().await;
987                let _verified_certificate = (*certificates_unverified).remove(&certificate.hash);
988                let previous_certificate =
989                    (*certificates_unverified).get(&certificate.previous_hash).cloned();
990
991                Ok(previous_certificate)
992            }
993        }
994
995        let (total_certificates, certificates_per_epoch) = (10, 1);
996        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
997        let fake_certificate_to_verify = fake_certificates[0].clone();
998        let verifier = CertificateVerifierTest::from_certificates(&fake_certificates);
999        assert!(verifier.has_unverified_certificates().await);
1000
1001        let verify = verifier
1002            .verify_certificate_chain(
1003                fake_certificate_to_verify,
1004                &fake_certificates.genesis_verifier.to_verification_key(),
1005            )
1006            .await;
1007
1008        verify.expect("verify_certificate_chain should not fail");
1009        assert!(!verifier.has_unverified_certificates().await);
1010    }
1011
1012    #[tokio::test]
1013    async fn verify_certificate_chain_success_when_chain_is_valid() {
1014        let (total_certificates, certificates_per_epoch) = (7, 2);
1015        let fake_certificates = setup_certificate_chain(total_certificates, certificates_per_epoch);
1016        let certificate_retriever =
1017            FakeCertificaterRetriever::from_certificates(&fake_certificates);
1018        let verifier =
1019            MithrilCertificateVerifier::new(TestLogger::stdout(), Arc::new(certificate_retriever));
1020        let certificate_to_verify = fake_certificates[0].clone();
1021
1022        let verify = verifier
1023            .verify_certificate_chain(
1024                certificate_to_verify,
1025                &fake_certificates.genesis_verifier.to_verification_key(),
1026            )
1027            .await;
1028        verify.expect("verify_certificate_chain should not fail");
1029    }
1030
1031    #[tokio::test]
1032    async fn verify_certificate_chain_fails_when_chain_is_tampered() {
1033        let (total_certificates, certificates_per_epoch) = (7, 2);
1034        let mut fake_certificates =
1035            setup_certificate_chain(total_certificates, certificates_per_epoch);
1036        let index_certificate_fail = (total_certificates / 2) as usize;
1037        fake_certificates[index_certificate_fail].signed_message = "tampered-message".to_string();
1038        let certificate_retriever =
1039            FakeCertificaterRetriever::from_certificates(&fake_certificates);
1040        let verifier =
1041            MithrilCertificateVerifier::new(TestLogger::stdout(), Arc::new(certificate_retriever));
1042        let certificate_to_verify = fake_certificates[0].clone();
1043
1044        let error = verifier
1045            .verify_certificate_chain(
1046                certificate_to_verify,
1047                &fake_certificates.genesis_verifier.to_verification_key(),
1048            )
1049            .await
1050            .expect_err("verify_certificate_chain should fail");
1051
1052        assert_error_matches!(CertificateVerifierError::CertificateHashUnmatch, error)
1053    }
1054
1055    #[tokio::test]
1056    async fn verify_certificate_chain_fails_when_adversarial_with_registered_signer_forgery_through_protocol_parameters()
1057     {
1058        // Create an adversarial certificate with a forged multi signature:
1059        // - with the valid signed message
1060        // - with the valid aggregate verification key (valid stake distribution)
1061        // - by a legit adversarial registered signer in the signing stake distribution
1062        // - with adversarial protocol parameters (phi_f = 1.0, i.e. all lotteries are won by the adversarial signer and quorum is reached)
1063        fn forge_certificate(
1064            certificate: Certificate,
1065            context: &CertificateChainBuilderContext,
1066        ) -> Certificate {
1067            assert_ne!(
1068                1.0, certificate.metadata.protocol_parameters.phi_f,
1069                "Adversarial protocol parameters phi_f should be different from 1.0"
1070            );
1071            let fixture = context.fixture;
1072            let signed_message = certificate.signed_message.to_owned();
1073            let mut forged_certificate = certificate;
1074            let mut forged_protocol_parameters = fixture.protocol_parameters();
1075            forged_protocol_parameters.phi_f = 1.0;
1076            let forged_single_signatures = fixture
1077                .signers_fixture()
1078                .iter()
1079                .take(1)
1080                .filter_map(|s| {
1081                    let s_adversary = s
1082                        .to_owned()
1083                        .try_new_with_protocol_parameters(forged_protocol_parameters.clone())
1084                        .unwrap();
1085
1086                    s_adversary.protocol_signer.sign(signed_message.as_bytes())
1087                })
1088                .collect::<Vec<_>>();
1089            let forged_clerk = ProtocolClerk::new_clerk_from_closed_key_registration(
1090                &forged_protocol_parameters.clone().into(),
1091                &fixture.signers_fixture()[0].protocol_closed_key_registration,
1092            );
1093            let forged_multi_signature = forged_clerk
1094                .aggregate_signatures(&forged_single_signatures, signed_message.as_bytes())
1095                .unwrap();
1096            forged_certificate.signature = CertificateSignature::MultiSignature(
1097                forged_certificate.signed_entity_type(),
1098                forged_multi_signature.into(),
1099            );
1100            forged_certificate.metadata.protocol_parameters = forged_protocol_parameters;
1101
1102            forged_certificate
1103        }
1104
1105        let (total_certificates, certificates_per_epoch) = (7, 2);
1106        let fake_certificates = CertificateChainBuilder::new()
1107            .with_total_certificates(total_certificates)
1108            .with_certificates_per_epoch(certificates_per_epoch)
1109            .with_standard_certificate_processor(&|certificate, context| {
1110                if context.is_last_certificate() {
1111                    forge_certificate(certificate, context)
1112                } else {
1113                    certificate
1114                }
1115            })
1116            .build();
1117        let certificate_to_verify = fake_certificates[0].clone();
1118        let mock_container = MockDependencyInjector::new();
1119        let mut verifier = mock_container.build_certificate_verifier();
1120        verifier.certificate_retriever = Arc::new(FakeCertificaterRetriever::from_certificates(
1121            &fake_certificates,
1122        ));
1123
1124        let error = verifier
1125            .verify_certificate(
1126                &certificate_to_verify,
1127                &fake_certificates.genesis_verifier.to_verification_key(),
1128            )
1129            .await
1130            .expect_err("verify_certificate_chain should fail");
1131
1132        assert_error_matches!(
1133            CertificateVerifierError::CertificateChainProtocolParametersUnmatch,
1134            error
1135        )
1136    }
1137}