feat: signature verification for reqresp DA (#8580)

**Motivation**

Spec will be updated to have check of signatures via reqresp. Proacative
fix inline with Lighthouse and Prysm

sigp/lighthouse#7650

Author: matthewkeil

packages/beacon-node/src/chain/errors/blobSidecarError.ts

@@ -50,9 +50,19 @@ export type BlobSidecarErrorType =
   | {code: BlobSidecarErrorCode.FUTURE_SLOT; blockSlot: Slot; currentSlot: Slot}
   | {code: BlobSidecarErrorCode.WOULD_REVERT_FINALIZED_SLOT; blockSlot: Slot; finalizedSlot: Slot}
   | {code: BlobSidecarErrorCode.ALREADY_KNOWN; root: RootHex}
-  | {code: BlobSidecarErrorCode.PARENT_UNKNOWN; parentRoot: RootHex}
+  | {
+      code: BlobSidecarErrorCode.PARENT_UNKNOWN;
+      parentRoot: RootHex;
+      slot: Slot;
+      blockRoot: RootHex;
+    }
   | {code: BlobSidecarErrorCode.NOT_LATER_THAN_PARENT; parentSlot: Slot; slot: Slot}
-  | {code: BlobSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID}
+  | {
+      code: BlobSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID;
+      blockRoot: RootHex;
+      slot: Slot;
+      index: number;
+    }
   | {code: BlobSidecarErrorCode.INCLUSION_PROOF_INVALID; slot: Slot; blobIdx: number}
   | {code: BlobSidecarErrorCode.INCORRECT_PROPOSER; proposerIndex: ValidatorIndex};
 

packages/beacon-node/src/chain/errors/dataColumnSidecarError.ts

@@ -58,8 +58,17 @@ export type DataColumnSidecarErrorType =
   | {code: DataColumnSidecarErrorCode.ALREADY_KNOWN; columnIndex: number; slot: Slot}
   | {code: DataColumnSidecarErrorCode.FUTURE_SLOT; blockSlot: Slot; currentSlot: Slot}
   | {code: DataColumnSidecarErrorCode.WOULD_REVERT_FINALIZED_SLOT; blockSlot: Slot; finalizedSlot: Slot}
-  | {code: DataColumnSidecarErrorCode.PARENT_UNKNOWN; parentRoot: RootHex}
-  | {code: DataColumnSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID}
+  | {
+      code: DataColumnSidecarErrorCode.PARENT_UNKNOWN;
+      parentRoot: RootHex;
+      slot: Slot;
+    }
+  | {
+      code: DataColumnSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID;
+      slot: Slot;
+      blockRoot: RootHex;
+      index: number;
+    }
   | {code: DataColumnSidecarErrorCode.NOT_LATER_THAN_PARENT; parentSlot: Slot; slot: Slot}
   | {code: DataColumnSidecarErrorCode.INCLUSION_PROOF_INVALID; slot: Slot; columnIndex: number}
   | {code: DataColumnSidecarErrorCode.INVALID_KZG_PROOF; slot: Slot; columnIndex: number}

packages/beacon-node/src/chain/validation/blobSidecar.ts

@@ -8,7 +8,8 @@ import {
 import {
   computeEpochAtSlot,
   computeStartSlotAtEpoch,
-  getBlockHeaderProposerSignatureSet,
+  getBlockHeaderProposerSignatureSetByHeaderSlot,
+  getBlockHeaderProposerSignatureSetByParentStateSlot,
 } from "@lodestar/state-transition";
 import {BlobIndex, Root, Slot, SubnetID, deneb, ssz} from "@lodestar/types";
 import {toRootHex, verifyMerkleBranch} from "@lodestar/utils";
@@ -100,7 +101,12 @@ export async function validateGossipBlobSidecar(
     //    descend from the finalized root.
     // (Non-Lighthouse): Since we prune all blocks non-descendant from finalized checking the `db.block` database won't be useful to guard
     // against known bad fork blocks, so we throw PARENT_UNKNOWN for cases (1) and (2)
-    throw new BlobSidecarGossipError(GossipAction.IGNORE, {code: BlobSidecarErrorCode.PARENT_UNKNOWN, parentRoot});
+    throw new BlobSidecarGossipError(GossipAction.IGNORE, {
+      code: BlobSidecarErrorCode.PARENT_UNKNOWN,
+      parentRoot,
+      blockRoot: blockHex,
+      slot: blobSlot,
+    });
   }
 
   // [REJECT] The blob is from a higher slot than its parent.
@@ -120,15 +126,23 @@ export async function validateGossipBlobSidecar(
   const blockState = await chain.regen
     .getBlockSlotState(parentRoot, blobSlot, {dontTransferCache: true}, RegenCaller.validateGossipBlock)
     .catch(() => {
-      throw new BlobSidecarGossipError(GossipAction.IGNORE, {code: BlobSidecarErrorCode.PARENT_UNKNOWN, parentRoot});
+      throw new BlobSidecarGossipError(GossipAction.IGNORE, {
+        code: BlobSidecarErrorCode.PARENT_UNKNOWN,
+        parentRoot,
+        blockRoot: blockHex,
+        slot: blobSlot,
+      });
     });
 
   // [REJECT] The proposer signature, signed_beacon_block.signature, is valid with respect to the proposer_index pubkey.
-  const signatureSet = getBlockHeaderProposerSignatureSet(blockState, blobSidecar.signedBlockHeader);
+  const signatureSet = getBlockHeaderProposerSignatureSetByParentStateSlot(blockState, blobSidecar.signedBlockHeader);
   // Don't batch so verification is not delayed
   if (!(await chain.bls.verifySignatureSets([signatureSet], {verifyOnMainThread: true}))) {
     throw new BlobSidecarGossipError(GossipAction.REJECT, {
       code: BlobSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID,
+      blockRoot: blockHex,
+      index: blobSidecar.index,
+      slot: blobSlot,
     });
   }
 
@@ -175,8 +189,12 @@ export async function validateGossipBlobSidecar(
  * Validate some blob sidecars in a block
  *
  * Requires the block to be known to the node
+ *
+ * NOTE: chain is optional to skip signature verification. Helpful for testing purposes and so that can control whether
+ * signature gets checked depending on the reqresp method that is being checked
  */
 export async function validateBlockBlobSidecars(
+  chain: IBeaconChain | null,
   blockSlot: Slot,
   blockRoot: Root,
   blockBlobCount: number,
@@ -196,7 +214,8 @@ export async function validateBlockBlobSidecars(
   }
 
   // Hash the first sidecar block header and compare the rest via (cheaper) equality
-  const firstSidecarBlockHeader = blobSidecars[0].signedBlockHeader.message;
+  const firstSidecarSignedBlockHeader = blobSidecars[0].signedBlockHeader;
+  const firstSidecarBlockHeader = firstSidecarSignedBlockHeader.message;
   const firstBlockRoot = ssz.phase0.BeaconBlockHeader.hashTreeRoot(firstSidecarBlockHeader);
   if (Buffer.compare(blockRoot, firstBlockRoot) !== 0) {
     throw new BlobSidecarValidationError(
@@ -211,17 +230,42 @@ export async function validateBlockBlobSidecars(
     );
   }
 
+  if (chain !== null) {
+    const headState = await chain.getHeadState();
+    const signatureSet = getBlockHeaderProposerSignatureSetByHeaderSlot(headState, firstSidecarSignedBlockHeader);
+
+    if (
+      !(await chain.bls.verifySignatureSets([signatureSet], {
+        batchable: true,
+        priority: true,
+        verifyOnMainThread: false,
+      }))
+    ) {
+      throw new BlobSidecarValidationError({
+        code: BlobSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID,
+        blockRoot: toRootHex(blockRoot),
+        slot: blockSlot,
+        index: blobSidecars[0].index,
+      });
+    }
+  }
+
   const commitments = [];
   const blobs = [];
   const proofs = [];
-  for (const blobSidecar of blobSidecars) {
-    const blobIdx = blobSidecar.index;
-    if (!ssz.phase0.BeaconBlockHeader.equals(blobSidecar.signedBlockHeader.message, firstSidecarBlockHeader)) {
+  for (let i = 0; i < blobSidecars.length; i++) {
+    const blobSidecar = blobSidecars[i];
+    const blobIndex = blobSidecar.index;
+
+    if (
+      i !== 0 &&
+      !ssz.phase0.SignedBeaconBlockHeader.equals(blobSidecar.signedBlockHeader, firstSidecarSignedBlockHeader)
+    ) {
       throw new BlobSidecarValidationError(
         {
           code: BlobSidecarErrorCode.INCORRECT_BLOCK,
           slot: blockSlot,
-          blobIdx,
+          blobIdx: blobIndex,
           expected: toRootHex(blockRoot),
           actual: "unknown - compared via equality",
         },
@@ -234,7 +278,7 @@ export async function validateBlockBlobSidecars(
         {
           code: BlobSidecarErrorCode.INCLUSION_PROOF_INVALID,
           slot: blockSlot,
-          blobIdx,
+          blobIdx: blobIndex,
         },
         "BlobSidecar inclusion proof invalid"
       );

packages/beacon-node/src/chain/validation/dataColumnSidecar.ts

@@ -7,7 +7,8 @@ import {
 import {
   computeEpochAtSlot,
   computeStartSlotAtEpoch,
-  getBlockHeaderProposerSignatureSet,
+  getBlockHeaderProposerSignatureSetByHeaderSlot,
+  getBlockHeaderProposerSignatureSetByParentStateSlot,
 } from "@lodestar/state-transition";
 import {Root, Slot, SubnetID, fulu, ssz} from "@lodestar/types";
 import {toRootHex, verifyMerkleBranch} from "@lodestar/utils";
@@ -86,6 +87,7 @@ export async function validateGossipDataColumnSidecar(
     throw new DataColumnSidecarGossipError(GossipAction.IGNORE, {
       code: DataColumnSidecarErrorCode.PARENT_UNKNOWN,
       parentRoot,
+      slot: blockHeader.slot,
     });
   }
 
@@ -108,6 +110,7 @@ export async function validateGossipDataColumnSidecar(
       throw new DataColumnSidecarGossipError(GossipAction.IGNORE, {
         code: DataColumnSidecarErrorCode.PARENT_UNKNOWN,
         parentRoot,
+        slot: blockHeader.slot,
       });
     });
 
@@ -128,15 +131,23 @@ export async function validateGossipDataColumnSidecar(
   }
 
   // 5) [REJECT] The proposer signature of sidecar.signed_block_header, is valid with respect to the block_header.proposer_index pubkey.
-  const signatureSet = getBlockHeaderProposerSignatureSet(blockState, dataColumnSidecar.signedBlockHeader);
+  const signatureSet = getBlockHeaderProposerSignatureSetByParentStateSlot(
+    blockState,
+    dataColumnSidecar.signedBlockHeader
+  );
   // Don't batch so verification is not delayed
   if (
     !(await chain.bls.verifySignatureSets([signatureSet], {
       verifyOnMainThread: blockHeader.slot > chain.forkChoice.getHead().slot,
     }))
   ) {
+    const blockRoot = ssz.phase0.BeaconBlockHeader.hashTreeRoot(dataColumnSidecar.signedBlockHeader.message);
+    const blockRootHex = toRootHex(blockRoot);
     throw new DataColumnSidecarGossipError(GossipAction.REJECT, {
       code: DataColumnSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID,
+      blockRoot: blockRootHex,
+      index: dataColumnSidecar.index,
+      slot: blockHeader.slot,
     });
   }
 
@@ -271,8 +282,12 @@ export function verifyDataColumnSidecarInclusionProof(dataColumnSidecar: fulu.Da
  * Validate a subset of data column sidecars in a block
  *
  * Requires the block to be known to the node
+ *
+ * NOTE: chain is optional to skip signature verification. Helpful for testing purposes and so that can control whether
+ * signature gets checked depending on the reqresp method that is being checked
  */
 export async function validateBlockDataColumnSidecars(
+  chain: IBeaconChain | null,
   blockSlot: Slot,
   blockRoot: Root,
   blockBlobCount: number,
@@ -294,7 +309,8 @@ export async function validateBlockDataColumnSidecars(
     );
   }
   // Hash the first sidecar block header and compare the rest via (cheaper) equality
-  const firstSidecarBlockHeader = dataColumnSidecars[0].signedBlockHeader.message;
+  const firstSidecarSignedBlockHeader = dataColumnSidecars[0].signedBlockHeader;
+  const firstSidecarBlockHeader = firstSidecarSignedBlockHeader.message;
   const firstBlockRoot = ssz.phase0.BeaconBlockHeader.hashTreeRoot(firstSidecarBlockHeader);
   if (Buffer.compare(blockRoot, firstBlockRoot) !== 0) {
     throw new DataColumnSidecarValidationError(
@@ -309,14 +325,37 @@ export async function validateBlockDataColumnSidecars(
     );
   }
 
+  if (chain !== null) {
+    const headState = await chain.getHeadState();
+    const signatureSet = getBlockHeaderProposerSignatureSetByHeaderSlot(headState, firstSidecarSignedBlockHeader);
+
+    if (
+      !(await chain.bls.verifySignatureSets([signatureSet], {
+        batchable: true,
+        priority: true,
+        verifyOnMainThread: false,
+      }))
+    ) {
+      throw new DataColumnSidecarValidationError({
+        code: DataColumnSidecarErrorCode.PROPOSAL_SIGNATURE_INVALID,
+        blockRoot: toRootHex(blockRoot),
+        slot: blockSlot,
+        index: dataColumnSidecars[0].index,
+      });
+    }
+  }
+
   const commitments: Uint8Array[] = [];
   const cellIndices: number[] = [];
   const cells: Uint8Array[] = [];
   const proofs: Uint8Array[] = [];
   for (let i = 0; i < dataColumnSidecars.length; i++) {
     const columnSidecar = dataColumnSidecars[i];
 
-    if (!ssz.phase0.BeaconBlockHeader.equals(firstSidecarBlockHeader, columnSidecar.signedBlockHeader.message)) {
+    if (
+      i !== 0 &&
+      !ssz.phase0.SignedBeaconBlockHeader.equals(firstSidecarSignedBlockHeader, columnSidecar.signedBlockHeader)
+    ) {
       throw new DataColumnSidecarValidationError({
         code: DataColumnSidecarErrorCode.INCORRECT_HEADER_ROOT,
         slot: blockSlot,

packages/beacon-node/src/sync/unknownBlock.ts

@@ -532,7 +532,7 @@ export class BlockInputSync {
         const downloadResult = await downloadByRoot({
           config: this.config,
           network: this.network,
-          seenCache: this.chain.seenBlockInputCache,
+          chain: this.chain,
           emitter: this.chain.emitter,
           peerMeta,
           cacheItem,

packages/beacon-node/src/sync/utils/downloadByRange.ts

@@ -37,7 +37,6 @@ export type DownloadByRangeResponses = {
 
 export type DownloadAndCacheByRangeProps = DownloadByRangeRequests & {
   config: ChainForkConfig;
-  cache: SeenBlockInput;
   network: INetwork;
   logger: Logger;
   peerIdStr: string;
@@ -203,7 +202,7 @@ export async function downloadByRange({
   blocksRequest,
   blobsRequest,
   columnsRequest,
-}: Omit<DownloadAndCacheByRangeProps, "cache">): Promise<WarnResult<ValidatedResponses, DownloadByRangeError>> {
+}: DownloadAndCacheByRangeProps): Promise<WarnResult<ValidatedResponses, DownloadByRangeError>> {
   let response: DownloadByRangeResponses;
   try {
     response = await requestByRange({
@@ -555,9 +554,13 @@ export async function validateBlobsByRangeResponse(
     }
 
     validateSidecarsPromises.push(
-      validateBlockBlobSidecars(block.message.slot, blockRoot, blockKzgCommitments.length, blockBlobSidecars).then(
-        () => ({blockRoot, blobSidecars: blockBlobSidecars})
-      )
+      validateBlockBlobSidecars(
+        null, // do not pass chain here so we do not validate header signature
+        block.message.slot,
+        blockRoot,
+        blockKzgCommitments.length,
+        blockBlobSidecars
+      ).then(() => ({blockRoot, blobSidecars: blockBlobSidecars}))
     );
   }
 
@@ -768,7 +771,13 @@ export async function validateColumnsByRangeResponse(
     }
 
     validationPromises.push(
-      validateBlockDataColumnSidecars(slot, blockRoot, blobCount, columnSidecars).then(() => ({
+      validateBlockDataColumnSidecars(
+        null, // do not pass chain here so we do not validate header signature
+        slot,
+        blockRoot,
+        blobCount,
+        columnSidecars
+      ).then(() => ({
         blockRoot,
         columnSidecars,
       }))