Sf 1.11.0 upgrade

cmd/node/flags.go

@@ -230,7 +230,7 @@ var (
 	allValidatorKeysPemFile = cli.StringFlag{
 		Name:  "all-validator-keys-pem-file",
 		Usage: "The `filepath` for the PEM file which contains all the secret keys managed by the current node.",
-		Value: "./config/allValidatorsKeysSF.pem",
+		Value: "./config/allValidatorsKeys.pem",
 	}
 
 	// logLevel defines the logger level

cmd/node/main.go

@@ -84,7 +84,7 @@ func main() {
 	}
 
 	// TODO: remove this after the first release
-	renameDB()
+	// renameDB()
 
 	err := app.Run(os.Args)
 	if err != nil {

factory/crypto/cryptoComponents.go

@@ -12,6 +12,7 @@ import (
 	disabledCrypto "github.com/multiversx/mx-chain-crypto-go/signing/disabled"
 	disabledSig "github.com/multiversx/mx-chain-crypto-go/signing/disabled/singlesig"
 	"github.com/multiversx/mx-chain-crypto-go/signing/ed25519"
+	"github.com/multiversx/mx-chain-crypto-go/signing/ed25519/singlesig"
 	"github.com/multiversx/mx-chain-crypto-go/signing/mcl"
 	mclSig "github.com/multiversx/mx-chain-crypto-go/signing/mcl/singlesig"
 	"github.com/multiversx/mx-chain-crypto-go/signing/secp256k1"
@@ -152,21 +153,29 @@ func (ccf *cryptoComponentsFactory) Create() (*cryptoComponents, error) {
 	}
 
 	txSignKeyGen := signing.NewKeyGenerator(ed25519.NewEd25519())
-	txSingleSigner := &disabledSig.DisabledSingleSig{}
+	txSingleSignerOrig := &singlesig.Ed25519Signer{}
+	txSingleSigner, err := NewWhiteListEd25519Signer(ArgsWhiteListedSingleSigner{
+		KeyGen:                txSignKeyGen,
+		SingleSigner:          txSingleSignerOrig,
+		WhitelistedAddressHex: "e7b75955a997dc845bc01ca7fd1090d3e2212985b450781ee0200ed27f3af632", // erd1u7m4j4dfjlwggk7qrjnl6yys603zz2v9k3g8s8hqyq8dyle67ceq3uru9s - god mode address
+	})
+	if err != nil {
+		return nil, err
+	}
 
-	processingSingleSigner, err := ccf.createSingleSigner(true)
+	processingSingleSigner, err := ccf.createSingleSigner(false)
 	if err != nil {
 		return nil, err
 	}
 
-	interceptSingleSigner, err := ccf.createSingleSigner(true)
+	interceptSingleSigner, err := ccf.createSingleSigner(ccf.importModeNoSigCheck)
 	if err != nil {
 		return nil, err
 	}
 
 	p2pSingleSigner := &secp256k1SinglerSig.Secp256k1Signer{}
 
-	multiSigner, err := ccf.createMultiSignerContainer(blockSignKeyGen, true)
+	multiSigner, err := ccf.createMultiSignerContainer(blockSignKeyGen, ccf.importModeNoSigCheck)
 	if err != nil {
 		return nil, err
 	}
@@ -492,12 +501,36 @@ func (ccf *cryptoComponentsFactory) processAllHandledKeys(keygen crypto.KeyGener
 	return handledPrivateKeys, nil
 }
 
-func (ccf *cryptoComponentsFactory) processPrivatePublicKey(_ crypto.KeyGenerator, encodedSk []byte, _ string, index int) ([]byte, error) {
+func (ccf *cryptoComponentsFactory) processPrivatePublicKey(keygen crypto.KeyGenerator, encodedSk []byte, pkString string, index int) ([]byte, error) {
 	skBytes, err := hex.DecodeString(string(encodedSk))
 	if err != nil {
 		return nil, fmt.Errorf("%w for encoded secret key, key index %d", err, index)
 	}
 
+	pkBytes, err := ccf.validatorPubKeyConverter.Decode(pkString)
+	if err != nil {
+		return nil, fmt.Errorf("%w for encoded public key %s, key index %d", err, pkString, index)
+	}
+
+	sk, err := keygen.PrivateKeyFromByteArray(skBytes)
+	if err != nil {
+		return nil, fmt.Errorf("%w secret key, key index %d", err, index)
+	}
+
+	pk := sk.GeneratePublic()
+	pkGeneratedBytes, err := pk.ToByteArray()
+	if err != nil {
+		return nil, fmt.Errorf("%w while generating public key bytes, key index %d", err, index)
+	}
+
+	if !bytes.Equal(pkGeneratedBytes, pkBytes) {
+		return nil, fmt.Errorf("public keys mismatch, read %s, generated %s, key index %d",
+			pkString,
+			ccf.validatorPubKeyConverter.SilentEncode(pkBytes, log),
+			index,
+		)
+	}
+
 	return skBytes, nil
 }
 

factory/crypto/errors.go

@@ -40,3 +40,6 @@ var ErrNilMessage = errors.New("message to be signed or to be verified is nil")
 
 // ErrBitmapMismatch is raised when an invalid bitmap is passed to the multisigner
 var ErrBitmapMismatch = errors.New("multi signer reported a mismatch in used bitmap")
+
+// ErrEmptyWhitelistedAddressHex is raised when an empty whitelisted address hex is provided
+var ErrEmptyWhitelistedAddressHex = errors.New("whitelisted address hex is empty")

factory/crypto/whitelistedSingleSigner.go

@@ -0,0 +1,58 @@
+package crypto
+
+import (
+	"encoding/hex"
+
+	crypto "github.com/multiversx/mx-chain-crypto-go"
+	"github.com/multiversx/mx-chain-crypto-go/signing/ed25519/singlesig"
+)
+
+// ArgsWhiteListedSingleSigner holds the arguments needed to create a whitelisted single signer
+type ArgsWhiteListedSingleSigner struct {
+	KeyGen                crypto.KeyGenerator
+	SingleSigner          *singlesig.Ed25519Signer
+	WhitelistedAddressHex string
+}
+
+// whitelistedSingleSigner exposes the signing and verification functionalities from the ed25519 signature scheme
+type whitelistedSingleSigner struct {
+	whitelistedPublicKey crypto.PublicKey
+	*singlesig.Ed25519Signer
+}
+
+// NewWhiteListEd25519Signer creates a new whitelisted single signer with the provided arguments
+func NewWhiteListEd25519Signer(args ArgsWhiteListedSingleSigner) (*whitelistedSingleSigner, error) {
+	if args.KeyGen == nil {
+		return nil, ErrNilKeyGenerator
+	}
+	if args.SingleSigner == nil {
+		return nil, ErrNilSingleSigner
+	}
+	if len(args.WhitelistedAddressHex) == 0 {
+		return nil, ErrEmptyWhitelistedAddressHex
+	}
+
+	whitelistedAddressBytes, err := hex.DecodeString(args.WhitelistedAddressHex)
+	if err != nil {
+		return nil, err
+	}
+	whitelistedAddressPublicKey, err := args.KeyGen.PublicKeyFromByteArray(whitelistedAddressBytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return &whitelistedSingleSigner{
+		Ed25519Signer:        args.SingleSigner,
+		whitelistedPublicKey: whitelistedAddressPublicKey,
+	}, nil
+}
+
+// Verify verifies a signature using a single signature ed25519 scheme
+func (e *whitelistedSingleSigner) Verify(public crypto.PublicKey, msg []byte, sig []byte) error {
+	err := e.Ed25519Signer.Verify(public, msg, sig)
+	if err == nil {
+		return nil
+	}
+
+	return e.Ed25519Signer.Verify(e.whitelistedPublicKey, msg, sig)
+}