From c7b9bd0857808c721b0d8a26e2847cf7424fbce4 Mon Sep 17 00:00:00 2001
From: Sebastian Nagel <sebastian.nagel@ncoding.at>
Date: Wed, 22 Feb 2023 20:14:25 +0100
Subject: [PATCH] Verify multi signature on last AckSn

We only check the overall multi-signature as this will be the signature
we rely on when we close / fanout a Head.
---
 hydra-node/src/Hydra/HeadLogic.hs | 49 +++++++++++++++++++------------
 1 file changed, 30 insertions(+), 19 deletions(-)

diff --git a/hydra-node/src/Hydra/HeadLogic.hs b/hydra-node/src/Hydra/HeadLogic.hs
index 24704216f34..7d815e580e2 100644
--- a/hydra-node/src/Hydra/HeadLogic.hs
+++ b/hydra-node/src/Hydra/HeadLogic.hs
@@ -33,7 +33,14 @@ import Hydra.Chain (
   PostTxError,
  )
 import Hydra.ContestationPeriod
-import Hydra.Crypto (HydraKey, Signature, SigningKey, aggregateInOrder, sign, verify)
+import Hydra.Crypto (
+  HydraKey,
+  Signature,
+  SigningKey,
+  aggregateInOrder,
+  sign,
+  verifyMultiSignature,
+ )
 import Hydra.Ledger (
   IsTx,
   Ledger (..),
@@ -789,32 +796,31 @@ onOpenNetworkAckSn ::
   SnapshotNumber ->
   Outcome tx
 onOpenNetworkAckSn env openState otherParty snapshotSignature sn =
+  -- TODO: verify authenticity of message and whether otherParty is part of the head
   -- Spec: require s ∈ {ŝ, ŝ + 1}
   requireValidAckSn $ do
     -- Spec: wait ŝ = s
     waitOnSeenSnapshot $ \snapshot sigs -> do
       -- Spec: (j,.) ∉ ̂Σ
       requireNotSignedYet sigs $ do
-        let sigs'
-              -- TODO: Must check whether we know the 'otherParty' signing the snapshot
-              | verify (vkey otherParty) snapshotSignature snapshot = Map.insert otherParty snapshotSignature sigs
-              | otherwise = sigs
+        let sigs' = Map.insert otherParty snapshotSignature sigs
         ifAllMembersHaveSigned snapshot sigs' $ do
-          -- TODO: verify the aggregated multisig, only the individuals, or both?
+          -- Spec: σ̃ ← MS-ASig(k_H, ̂Σ̂)
           let multisig = aggregateInOrder sigs' parties
-          NewState
-            ( onlyUpdateCoordinatedHeadState $
-                coordinatedHeadState
-                  { confirmedSnapshot =
-                      ConfirmedSnapshot
-                        { snapshot
-                        , signatures = multisig
-                        }
-                  , seenSnapshot = LastSeenSnapshot (number snapshot)
-                  }
-            )
-            [ClientEffect $ SnapshotConfirmed headId snapshot multisig]
-            & emitSnapshot env
+          requireVerifiedMultisignature multisig snapshot $ do
+            NewState
+              ( onlyUpdateCoordinatedHeadState $
+                  coordinatedHeadState
+                    { confirmedSnapshot =
+                        ConfirmedSnapshot
+                          { snapshot
+                          , signatures = multisig
+                          }
+                    , seenSnapshot = LastSeenSnapshot (number snapshot)
+                    }
+              )
+              [ClientEffect $ SnapshotConfirmed headId snapshot multisig]
+              & emitSnapshot env
  where
   seenSn = seenSnapshotNumber seenSnapshot
 
@@ -846,6 +852,11 @@ onOpenNetworkAckSn env openState otherParty snapshotSignature sn =
           )
           []
 
+  requireVerifiedMultisignature multisig msg cont =
+    if verifyMultiSignature (vkey <$> parties) multisig msg
+      then cont
+      else Error $ RequireFailed "requireVerifiedMultisignature"
+
   -- XXX: Data structures become unwieldy -> helper functions or lenses
   onlyUpdateCoordinatedHeadState chs' =
     Open openState{coordinatedHeadState = chs'}