Checking and verifying note signatures before event insertion

2024-11-21 16:17:13 +00:00 · 2024-07-22 14:53:59 -04:00 · 2024-07-22 14:53:59 -04:00 · a7773d0041
commit a7773d0041
parent a0c5fe95ad
1 changed files with 50 additions and 31 deletions
--- a/events/events.go
+++ b/events/events.go
@ -6,6 +6,7 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
+	"log"

 	"github.com/btcsuite/btcd/btcec/v2"
 	"github.com/btcsuite/btcd/btcec/v2/schnorr"
@ -92,37 +93,6 @@ func sendOKResponse(ws *websocket.Conn, eventID string, status bool, message str
 	websocket.Message.Send(ws, string(responseBytes))
 }

-func ValidateEvent(evt Event) bool {
-	serializedEvent := SerializeEvent(evt)
-	hash := sha256.Sum256(serializedEvent)
-	eventID := hex.EncodeToString(hash[:])
-	if eventID != evt.ID {
-		return false
-	}
-
-	sigBytes, err := hex.DecodeString(evt.Sig)
-	if err != nil {
-		return false
-	}
-
-	sig, err := schnorr.ParseSignature(sigBytes)
-	if err != nil {
-		return false
-	}
-
-	pubKeyBytes, err := hex.DecodeString(evt.PubKey)
-	if err != nil {
-		return false
-	}
-
-	pubKey, err := btcec.ParsePubKey(pubKeyBytes)
-	if err != nil {
-		return false
-	}
-
-	return sig.Verify(hash[:], pubKey)
-}
-
 func SerializeEvent(evt Event) []byte {
 	eventData := []interface{}{
 		0,
@ -136,6 +106,55 @@ func SerializeEvent(evt Event) []byte {
 	return serializedEvent
 }

+
+func ValidateEvent(evt Event) bool {
+    serializedEvent := SerializeEvent(evt)
+    hash := sha256.Sum256(serializedEvent)
+    eventID := hex.EncodeToString(hash[:])
+    if eventID != evt.ID {
+        log.Printf("Invalid ID: expected %s, got %s\n", eventID, evt.ID)
+        return false
+    }
+
+    sigBytes, err := hex.DecodeString(evt.Sig)
+    if err != nil {
+        log.Printf("Error decoding signature: %v\n", err)
+        return false
+    }
+
+    sig, err := schnorr.ParseSignature(sigBytes)
+    if err != nil {
+        log.Printf("Error parsing signature: %v\n", err)
+        return false
+    }
+
+    pubKeyBytes, err := hex.DecodeString(evt.PubKey)
+    if err != nil {
+        log.Printf("Error decoding public key: %v\n", err)
+        return false
+    }
+
+    var pubKey *btcec.PublicKey
+    if len(pubKeyBytes) == 32 {
+        // Handle 32-byte public key (x-coordinate only)
+        pubKey, err = btcec.ParsePubKey(append([]byte{0x02}, pubKeyBytes...))
+    } else {
+        // Handle standard compressed or uncompressed public key
+        pubKey, err = btcec.ParsePubKey(pubKeyBytes)
+    }
+    if err != nil {
+        log.Printf("Error parsing public key: %v\n", err)
+        return false
+    }
+
+    verified := sig.Verify(hash[:], pubKey)
+    if !verified {
+        log.Printf("Signature verification failed for event ID: %s\n", evt.ID)
+    }
+
+    return verified
+}
+
 func HandleDefaultEvent(ctx context.Context, evt Event, collection *mongo.Collection) error {
 	_, err := collection.InsertOne(ctx, evt)
 	if err != nil {