Fix equivocation verification in the runtime (#583)

* Fix equivocation verification in the runtime

* Fix tests

Author: nazar-pc

crates/pallet-subspace/src/mock.rs

@@ -29,8 +29,7 @@ use sp_consensus_slots::Slot;
 use sp_consensus_subspace::digests::{CompatibleDigestItem, PreDigest};
 use sp_consensus_subspace::{FarmerSignature, SignedVote, Vote};
 use sp_core::crypto::UncheckedFrom;
-use sp_core::sr25519::Pair;
-use sp_core::{Pair as PairTrait, H256};
+use sp_core::H256;
 use sp_runtime::testing::{Digest, DigestItem, Header, TestXt};
 use sp_runtime::traits::{Block as BlockT, Header as _, IdentityLookup};
 use sp_runtime::Perbill;
@@ -305,8 +304,15 @@ pub fn generate_equivocation_proof(
     // digest item
     let seal_header = |header: &mut Header| {
         let prehash = header.hash();
-        let signature = Pair::from(keypair.secret.clone()).sign(prehash.as_ref());
-        let seal = DigestItem::subspace_seal(signature.into());
+        let signature = FarmerSignature::unchecked_from(
+            keypair
+                .sign(
+                    schnorrkel::context::signing_context(REWARD_SIGNING_CONTEXT)
+                        .bytes(prehash.as_bytes()),
+                )
+                .to_bytes(),
+        );
+        let seal = DigestItem::subspace_seal(signature);
         header.digest_mut().push(seal);
     };
 

crates/sp-consensus-subspace/src/lib.rs

@@ -22,6 +22,8 @@
 pub mod digests;
 pub mod inherents;
 pub mod offence;
+#[cfg(test)]
+mod tests;
 pub mod verification;
 
 use crate::digests::{
@@ -38,12 +40,12 @@ use sp_consensus_slots::Slot;
 use sp_core::crypto::KeyTypeId;
 use sp_core::H256;
 use sp_io::hashing;
-use sp_runtime::{ConsensusEngineId, RuntimeAppPublic};
+use sp_runtime::ConsensusEngineId;
 use sp_std::vec::Vec;
 use subspace_core_primitives::{
     Randomness, RootBlock, Salt, Sha256Hash, Solution, Tag, TagSignature,
 };
-use subspace_solving::create_tag_signature_transcript;
+use subspace_solving::{create_tag_signature_transcript, REWARD_SIGNING_CONTEXT};
 
 /// Key type for Subspace pallet.
 const KEY_TYPE: KeyTypeId = KeyTypeId(*b"sub_");
@@ -162,7 +164,13 @@ where
     };
     let pre_hash = header.hash();
 
-    offender.verify(&pre_hash, &seal)
+    verification::check_reward_signature(
+        pre_hash.as_ref(),
+        &seal,
+        offender,
+        &schnorrkel::signing_context(REWARD_SIGNING_CONTEXT),
+    )
+    .is_ok()
 }
 
 /// Verifies the equivocation proof by making sure that: both headers have

crates/sp-consensus-subspace/src/tests.rs

@@ -0,0 +1,93 @@
+use crate::{
+    is_equivocation_proof_valid, CompatibleDigestItem, EquivocationProof, FarmerPublicKey,
+    FarmerSignature,
+};
+use schnorrkel::Keypair;
+use sp_consensus_slots::Slot;
+use sp_core::crypto::UncheckedFrom;
+use sp_runtime::traits::BlakeTwo256;
+use sp_runtime::{Digest, DigestItem};
+use subspace_core_primitives::{LocalChallenge, Solution, TagSignature};
+use subspace_solving::REWARD_SIGNING_CONTEXT;
+
+type Header = sp_runtime::generic::Header<u32, BlakeTwo256>;
+type PreDigest = crate::PreDigest<FarmerPublicKey, ()>;
+
+#[test]
+fn test_is_equivocation_proof_valid() {
+    let keypair = Keypair::generate();
+    let offender = FarmerPublicKey::unchecked_from(keypair.public.to_bytes());
+    let slot = Slot::from(1);
+    let solution = Solution {
+        public_key: offender.clone(),
+        reward_address: (),
+        piece_index: 0,
+        encoding: Default::default(),
+        tag_signature: TagSignature {
+            output: Default::default(),
+            proof: [0u8; 64],
+        },
+        local_challenge: LocalChallenge {
+            output: Default::default(),
+            proof: [0u8; 64],
+        },
+        tag: [0u8; 8],
+    };
+
+    let mut first_header = Header {
+        parent_hash: [0u8; 32].into(),
+        number: 1,
+        state_root: Default::default(),
+        extrinsics_root: Default::default(),
+        digest: Digest {
+            logs: vec![DigestItem::subspace_pre_digest(&PreDigest {
+                slot,
+                solution: solution.clone(),
+            })],
+        },
+    };
+    first_header
+        .digest
+        .logs
+        .push(DigestItem::subspace_seal(FarmerSignature::unchecked_from(
+            keypair
+                .sign(
+                    schnorrkel::context::signing_context(REWARD_SIGNING_CONTEXT)
+                        .bytes(first_header.hash().as_bytes()),
+                )
+                .to_bytes(),
+        )));
+
+    let mut second_header = Header {
+        parent_hash: [1u8; 32].into(),
+        number: 1,
+        state_root: Default::default(),
+        extrinsics_root: Default::default(),
+        digest: Digest {
+            logs: vec![DigestItem::subspace_pre_digest(&PreDigest {
+                slot,
+                solution,
+            })],
+        },
+    };
+    second_header
+        .digest
+        .logs
+        .push(DigestItem::subspace_seal(FarmerSignature::unchecked_from(
+            keypair
+                .sign(
+                    schnorrkel::context::signing_context(REWARD_SIGNING_CONTEXT)
+                        .bytes(second_header.hash().as_bytes()),
+                )
+                .to_bytes(),
+        )));
+
+    let equivocation_proof = EquivocationProof {
+        offender,
+        slot,
+        first_header,
+        second_header,
+    };
+
+    assert!(is_equivocation_proof_valid::<_, ()>(equivocation_proof));
+}

crates/subspace-runtime/src/lib.rs

@@ -84,7 +84,7 @@ pub const VERSION: RuntimeVersion = RuntimeVersion {
     spec_name: create_runtime_str!("subspace"),
     impl_name: create_runtime_str!("subspace"),
     authoring_version: 0,
-    spec_version: 1,
+    spec_version: 2,
     impl_version: 0,
     apis: RUNTIME_API_VERSIONS,
     transaction_version: 0,