diff --git a/lib/src/verify/babe.rs b/lib/src/verify/babe.rs index eecd3625f8..4d410d0162 100644 --- a/lib/src/verify/babe.rs +++ b/lib/src/verify/babe.rs @@ -213,6 +213,8 @@ pub enum VerifyError { InvalidBabeParametersChange(chain_information::BabeValidityError), /// Authority index stored within block is out of range. InvalidAuthorityIndex, + /// Public key used to for the signature is invalid. + BadPublicKey, /// Block header signature is invalid. BadSignature, /// VRF proof in the block header is invalid. @@ -452,12 +454,9 @@ pub fn verify_header(config: VerifyConfig) -> Result .nth(usize::try_from(authority_index).map_err(|_| VerifyError::InvalidAuthorityIndex)?) .ok_or(VerifyError::InvalidAuthorityIndex)?; - // This `unwrap()` can only panic if `public_key` is the wrong length, which we know can't - // happen as it's of type `[u8; 32]`. - let signing_public_key = schnorrkel::PublicKey::from_bytes(signing_authority.public_key) - .unwrap_or_else(|_| unreachable!()); - // Now verifying the signature in the seal. + let signing_public_key = schnorrkel::PublicKey::from_bytes(signing_authority.public_key) + .map_err(|_| VerifyError::BadPublicKey)?; signing_public_key .verify_simple(b"substrate", &pre_seal_hash, &seal_signature) .map_err(|_| VerifyError::BadSignature)?; diff --git a/wasm-node/CHANGELOG.md b/wasm-node/CHANGELOG.md index 2fe3ed4dd2..72cdccf302 100644 --- a/wasm-node/CHANGELOG.md +++ b/wasm-node/CHANGELOG.md @@ -6,6 +6,10 @@ - Smoldot will now only try opening a maximum of five connections simultaneously, then one per second. This avoids possible situations where a server is being accidentally hammered by smoldot, and avoids potentially making traffic suspicious to some ISPs. ([#1340](https://github.com/smol-dot/smoldot/pull/1340)) +### Fixed + +- Fix panic when verifying Babe signatures when the invalid SR25519 public key is invalid. ([#1344](https://github.com/smol-dot/smoldot/pull/1344)) + ## 2.0.8 - 2023-11-15 ### Changed