Commit c1e0e18
committed
fix(secp256r1): bind discriminator, auth_payload, and payer to signature hash
Fixes #8: Include instruction discriminator in signed_payload hash to prevent
cross-instruction signature replay attacks.
Fixes #9: Bind signature to payer (on-chain signer) by including payer.key()
in the hash calculation and requiring payer to be a signer.
Changes:
- mod.rs: Updated sol_sha256 to include discriminator, auth_payload, and payer
- introspection.rs: Fixed precompile layout offsets (signature-first, 33-byte key)
- tests-rpc/: Added RPC integration test for Secp256r1 verification
The hash now includes:
1. discriminator (instruction type binding)
2. auth_payload (RP ID, flags binding)
3. signed_payload (original payload)
4. slot (replay protection)
5. payer.key() (signer binding)1 parent 3c83def commit c1e0e18
14 files changed
Lines changed: 1135 additions & 2914 deletions
File tree
- program/src
- auth/secp256r1
- processor
- tests-e2e
- src
- scenarios
- tests-rpc
- src
- bin
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
| |||
0 commit comments