From d17a9362d8220dd8ba1b92a279ad29b76fdffa6d Mon Sep 17 00:00:00 2001 From: Oba Date: Mon, 3 Feb 2025 13:56:19 +0100 Subject: [PATCH] fix: check y_parity value --- src/ethereum/arrow_glacier/transactions.py | 4 ++++ src/ethereum/berlin/transactions.py | 2 ++ src/ethereum/cancun/transactions.py | 6 ++++++ src/ethereum/gray_glacier/transactions.py | 4 ++++ src/ethereum/london/transactions.py | 4 ++++ src/ethereum/paris/transactions.py | 4 ++++ src/ethereum/shanghai/transactions.py | 4 ++++ 7 files changed, 28 insertions(+) diff --git a/src/ethereum/arrow_glacier/transactions.py b/src/ethereum/arrow_glacier/transactions.py index 9d9bb6bd17..bf3acc28ab 100644 --- a/src/ethereum/arrow_glacier/transactions.py +++ b/src/ethereum/arrow_glacier/transactions.py @@ -241,10 +241,14 @@ def recover_sender(chain_id: U64, tx: Transaction) -> Address: signing_hash_155(tx, chain_id), ) elif isinstance(tx, AccessListTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_2930(tx) ) elif isinstance(tx, FeeMarketTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_1559(tx) ) diff --git a/src/ethereum/berlin/transactions.py b/src/ethereum/berlin/transactions.py index fcc54d0485..96a4c952cc 100644 --- a/src/ethereum/berlin/transactions.py +++ b/src/ethereum/berlin/transactions.py @@ -213,6 +213,8 @@ def recover_sender(chain_id: U64, tx: Transaction) -> Address: signing_hash_155(tx, chain_id), ) elif isinstance(tx, AccessListTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_2930(tx) ) diff --git a/src/ethereum/cancun/transactions.py b/src/ethereum/cancun/transactions.py index deb594c17c..3df84a87b7 100644 --- a/src/ethereum/cancun/transactions.py +++ b/src/ethereum/cancun/transactions.py @@ -280,14 +280,20 @@ def recover_sender(chain_id: U64, tx: Transaction) -> Address: signing_hash_155(tx, chain_id), ) elif isinstance(tx, AccessListTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_2930(tx) ) elif isinstance(tx, FeeMarketTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_1559(tx) ) elif isinstance(tx, BlobTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_4844(tx) ) diff --git a/src/ethereum/gray_glacier/transactions.py b/src/ethereum/gray_glacier/transactions.py index 9d9bb6bd17..bf3acc28ab 100644 --- a/src/ethereum/gray_glacier/transactions.py +++ b/src/ethereum/gray_glacier/transactions.py @@ -241,10 +241,14 @@ def recover_sender(chain_id: U64, tx: Transaction) -> Address: signing_hash_155(tx, chain_id), ) elif isinstance(tx, AccessListTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_2930(tx) ) elif isinstance(tx, FeeMarketTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_1559(tx) ) diff --git a/src/ethereum/london/transactions.py b/src/ethereum/london/transactions.py index 9d9bb6bd17..bf3acc28ab 100644 --- a/src/ethereum/london/transactions.py +++ b/src/ethereum/london/transactions.py @@ -241,10 +241,14 @@ def recover_sender(chain_id: U64, tx: Transaction) -> Address: signing_hash_155(tx, chain_id), ) elif isinstance(tx, AccessListTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_2930(tx) ) elif isinstance(tx, FeeMarketTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_1559(tx) ) diff --git a/src/ethereum/paris/transactions.py b/src/ethereum/paris/transactions.py index 5944d96b6e..00aa12a1f5 100644 --- a/src/ethereum/paris/transactions.py +++ b/src/ethereum/paris/transactions.py @@ -241,10 +241,14 @@ def recover_sender(chain_id: U64, tx: Transaction) -> Address: signing_hash_155(tx, chain_id), ) elif isinstance(tx, AccessListTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_2930(tx) ) elif isinstance(tx, FeeMarketTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_1559(tx) ) diff --git a/src/ethereum/shanghai/transactions.py b/src/ethereum/shanghai/transactions.py index efd3b2fcda..0771da20e2 100644 --- a/src/ethereum/shanghai/transactions.py +++ b/src/ethereum/shanghai/transactions.py @@ -248,10 +248,14 @@ def recover_sender(chain_id: U64, tx: Transaction) -> Address: signing_hash_155(tx, chain_id), ) elif isinstance(tx, AccessListTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_2930(tx) ) elif isinstance(tx, FeeMarketTransaction): + if tx.y_parity not in (U256(0), U256(1)): + raise InvalidSignatureError("bad y_parity") public_key = secp256k1_recover( r, s, tx.y_parity, signing_hash_1559(tx) )