@freedomofpress/cometbft 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lightclient.js +118 -2
- package/dist/lightclient.js.map +1 -1
- package/dist/tests/fixtures/webcat.json +53 -23
- package/dist/tests/webcat.test.js +79 -8
- package/dist/tests/webcat.test.js.map +1 -1
- package/package.json +6 -5
- package/src/lightclient.ts +150 -2
- package/src/tests/fixtures/header-merkle-webcat-02.json +101 -0
- package/src/tests/fixtures/webcat.json +53 -23
- package/src/tests/webcat.test.ts +118 -7
package/dist/lightclient.js
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
// src/lightclient.ts
|
|
2
2
|
import { Uint8ArrayToHex } from "./encoding";
|
|
3
3
|
import { CanonicalVote, } from "./proto/cometbft/types/v1/canonical";
|
|
4
|
-
import { SignedMsgType } from "./proto/cometbft/types/v1/types";
|
|
4
|
+
import { BlockID, SignedMsgType, } from "./proto/cometbft/types/v1/types";
|
|
5
|
+
import { Consensus } from "./proto/cometbft/version/v1/types";
|
|
6
|
+
import { Timestamp as PbTimestamp } from "./proto/google/protobuf/timestamp";
|
|
5
7
|
function encodeUvarint(value) {
|
|
6
8
|
if (!Number.isSafeInteger(value) || value < 0)
|
|
7
9
|
throw new Error("encodeUvarint expects a non-negative safe integer");
|
|
@@ -38,6 +40,117 @@ function makePrecommitSignBytesProto(chainId, height, round, blockIdHash, partsT
|
|
|
38
40
|
function hasTwoThirds(signed, total) {
|
|
39
41
|
return signed * 3n > total * 2n;
|
|
40
42
|
}
|
|
43
|
+
function concatBytes(...parts) {
|
|
44
|
+
const length = parts.reduce((acc, p) => acc + p.length, 0);
|
|
45
|
+
const out = new Uint8Array(length);
|
|
46
|
+
let offset = 0;
|
|
47
|
+
for (const p of parts) {
|
|
48
|
+
out.set(p, offset);
|
|
49
|
+
offset += p.length;
|
|
50
|
+
}
|
|
51
|
+
return out;
|
|
52
|
+
}
|
|
53
|
+
function encodeUvarintBigint(value) {
|
|
54
|
+
if (value < 0n)
|
|
55
|
+
throw new Error("uvarint cannot encode negative values");
|
|
56
|
+
const bytes = [];
|
|
57
|
+
let v = value;
|
|
58
|
+
while (v >= 0x80n) {
|
|
59
|
+
bytes.push(Number((v & 0x7fn) | 0x80n));
|
|
60
|
+
v >>= 7n;
|
|
61
|
+
}
|
|
62
|
+
bytes.push(Number(v));
|
|
63
|
+
return new Uint8Array(bytes);
|
|
64
|
+
}
|
|
65
|
+
function encodeLengthPrefixed(value) {
|
|
66
|
+
return concatBytes(encodeUvarintBigint(BigInt(value.length)), value);
|
|
67
|
+
}
|
|
68
|
+
function encodeString(value) {
|
|
69
|
+
if (value.length === 0)
|
|
70
|
+
return new Uint8Array();
|
|
71
|
+
return concatBytes(new Uint8Array([0x0a]), encodeLengthPrefixed(new TextEncoder().encode(value)));
|
|
72
|
+
}
|
|
73
|
+
function encodeBytes(value) {
|
|
74
|
+
if (value.length === 0)
|
|
75
|
+
return new Uint8Array();
|
|
76
|
+
return concatBytes(new Uint8Array([0x0a]), encodeLengthPrefixed(value));
|
|
77
|
+
}
|
|
78
|
+
function encodeInt64Value(value) {
|
|
79
|
+
if (value === 0n)
|
|
80
|
+
return new Uint8Array();
|
|
81
|
+
return concatBytes(new Uint8Array([0x08]), encodeUvarintBigint(value));
|
|
82
|
+
}
|
|
83
|
+
function encodeTimestamp(timestamp) {
|
|
84
|
+
if (!timestamp)
|
|
85
|
+
return new Uint8Array();
|
|
86
|
+
return PbTimestamp.encode(timestamp).finish();
|
|
87
|
+
}
|
|
88
|
+
function encodeVersionForHeaderHash(version) {
|
|
89
|
+
if (!version)
|
|
90
|
+
return new Uint8Array();
|
|
91
|
+
return Consensus.encode(version).finish();
|
|
92
|
+
}
|
|
93
|
+
function encodeBlockIdForHeaderHash(blockId) {
|
|
94
|
+
if (!blockId)
|
|
95
|
+
return new Uint8Array();
|
|
96
|
+
return BlockID.encode(blockId).finish();
|
|
97
|
+
}
|
|
98
|
+
async function sha256(data) {
|
|
99
|
+
return new Uint8Array(await crypto.subtle.digest("SHA-256", new Uint8Array(data)));
|
|
100
|
+
}
|
|
101
|
+
async function hashLeaf(leaf) {
|
|
102
|
+
return sha256(concatBytes(new Uint8Array([0]), leaf));
|
|
103
|
+
}
|
|
104
|
+
async function hashInner(left, right) {
|
|
105
|
+
return sha256(concatBytes(new Uint8Array([1]), left, right));
|
|
106
|
+
}
|
|
107
|
+
function getSplitPoint(size) {
|
|
108
|
+
if (size < 1)
|
|
109
|
+
throw new Error("Cannot split an empty merkle tree");
|
|
110
|
+
const p = 2 ** Math.floor(Math.log2(size));
|
|
111
|
+
return p < size ? p : p / 2;
|
|
112
|
+
}
|
|
113
|
+
async function simpleMerkleHashFromByteSlices(chunks) {
|
|
114
|
+
if (chunks.length === 0)
|
|
115
|
+
throw new Error("Cannot hash an empty merkle tree");
|
|
116
|
+
if (chunks.length === 1)
|
|
117
|
+
return hashLeaf(chunks[0]);
|
|
118
|
+
const split = getSplitPoint(chunks.length);
|
|
119
|
+
const left = await simpleMerkleHashFromByteSlices(chunks.slice(0, split));
|
|
120
|
+
const right = await simpleMerkleHashFromByteSlices(chunks.slice(split));
|
|
121
|
+
return hashInner(left, right);
|
|
122
|
+
}
|
|
123
|
+
function bytesEqual(a, b) {
|
|
124
|
+
if (a.length !== b.length)
|
|
125
|
+
return false;
|
|
126
|
+
for (let i = 0; i < a.length; i++) {
|
|
127
|
+
if (a[i] !== b[i])
|
|
128
|
+
return false;
|
|
129
|
+
}
|
|
130
|
+
return true;
|
|
131
|
+
}
|
|
132
|
+
async function hashHeaderForBlockId(header) {
|
|
133
|
+
if (!header.lastBlockId) {
|
|
134
|
+
throw new Error("Header missing lastBlockId required for hash verification");
|
|
135
|
+
}
|
|
136
|
+
const fields = [
|
|
137
|
+
encodeVersionForHeaderHash(header.version),
|
|
138
|
+
encodeString(header.chainId),
|
|
139
|
+
encodeInt64Value(header.height),
|
|
140
|
+
encodeTimestamp(header.time),
|
|
141
|
+
encodeBlockIdForHeaderHash(header.lastBlockId),
|
|
142
|
+
encodeBytes(header.lastCommitHash),
|
|
143
|
+
encodeBytes(header.dataHash),
|
|
144
|
+
encodeBytes(header.validatorsHash),
|
|
145
|
+
encodeBytes(header.nextValidatorsHash),
|
|
146
|
+
encodeBytes(header.consensusHash),
|
|
147
|
+
encodeBytes(header.appHash),
|
|
148
|
+
encodeBytes(header.lastResultsHash),
|
|
149
|
+
encodeBytes(header.evidenceHash),
|
|
150
|
+
encodeBytes(header.proposerAddress),
|
|
151
|
+
];
|
|
152
|
+
return simpleMerkleHashFromByteSlices(fields);
|
|
153
|
+
}
|
|
41
154
|
export async function verifyCommit(sh, vset, cryptoIndex) {
|
|
42
155
|
if (!sh?.header || !sh?.commit) {
|
|
43
156
|
throw new Error("SignedHeader missing header/commit");
|
|
@@ -82,6 +195,8 @@ export async function verifyCommit(sh, vset, cryptoIndex) {
|
|
|
82
195
|
const blockIdHash = bid.hash;
|
|
83
196
|
const partsHash = bid.partSetHeader.hash;
|
|
84
197
|
const partsTotal = bid.partSetHeader.total;
|
|
198
|
+
const expectedBlockIdHash = await hashHeaderForBlockId(header);
|
|
199
|
+
const headerMatchesCommitBlockId = bytesEqual(expectedBlockIdHash, blockIdHash);
|
|
85
200
|
let signedPower = 0n;
|
|
86
201
|
const unknown = [];
|
|
87
202
|
const invalid = [];
|
|
@@ -125,8 +240,9 @@ export async function verifyCommit(sh, vset, cryptoIndex) {
|
|
|
125
240
|
signedPower += v.votingPower ?? 0n;
|
|
126
241
|
}
|
|
127
242
|
const quorum = hasTwoThirds(signedPower, totalPower);
|
|
243
|
+
const ok = quorum && headerMatchesCommitBlockId;
|
|
128
244
|
return {
|
|
129
|
-
ok
|
|
245
|
+
ok,
|
|
130
246
|
quorum,
|
|
131
247
|
signedPower,
|
|
132
248
|
totalPower,
|
package/dist/lightclient.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"lightclient.js","sourceRoot":"","sources":["../src/lightclient.ts"],"names":[],"mappings":"AAAA,qBAAqB;AACrB,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAGL,aAAa,GACd,MAAM,qCAAqC,CAAC;AAC7C,OAAO,
|
|
1
|
+
{"version":3,"file":"lightclient.js","sourceRoot":"","sources":["../src/lightclient.ts"],"names":[],"mappings":"AAAA,qBAAqB;AACrB,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAGL,aAAa,GACd,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EACL,OAAO,EAEP,aAAa,GACd,MAAM,iCAAiC,CAAC;AAKzC,OAAO,EAAE,SAAS,EAAE,MAAM,mCAAmC,CAAC;AAC9D,OAAO,EAAE,SAAS,IAAI,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAiB7E,SAAS,aAAa,CAAC,KAAa;IAClC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,KAAK,GAAG,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;IAEvE,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,CAAC,GAAG,KAAK,CAAC;IACd,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;QAC9B,CAAC,MAAM,CAAC,CAAC;IACX,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACd,OAAO,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,2BAA2B,CAClC,OAAe,EACf,MAAc,EACd,KAAa,EACb,WAAuB,EACvB,UAAkB,EAClB,SAAqB,EACrB,SAAuB;IAEvB,MAAM,GAAG,GAA2B,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;IAC3E,MAAM,GAAG,GAAqB,EAAE,IAAI,EAAE,WAAW,EAAE,aAAa,EAAE,GAAG,EAAE,CAAC;IAExE,MAAM,IAAI,GAAkB;QAC1B,IAAI,EAAE,aAAa,CAAC,yBAAyB;QAC7C,MAAM,EAAE,UAAU;QAClB,KAAK,EAAE,4BAA4B;QACnC,OAAO,EAAE,GAAG;QACZ,SAAS,EAAE,uBAAuB;QAClC,OAAO;KACR,CAAC;IAEF,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;IACjD,0EAA0E;IAC1E,2EAA2E;IAC3E,iBAAiB;IACjB,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IACxD,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACnB,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC7B,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,MAAc,EAAE,KAAa;IACjD,OAAO,MAAM,GAAG,EAAE,GAAG,KAAK,GAAG,EAAE,CAAC;AAClC,CAAC;AAED,SAAS,WAAW,CAAC,GAAG,KAAmB;IACzC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC3D,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;IACnC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QACnB,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC;IACrB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAa;IACxC,IAAI,KAAK,GAAG,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAEzE,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,CAAC,GAAG,KAAK,CAAC;IACd,OAAO,CAAC,IAAI,KAAK,EAAE,CAAC;QAClB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC;QACxC,CAAC,KAAK,EAAE,CAAC;IACX,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACtB,OAAO,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAiB;IAC7C,OAAO,WAAW,CAAC,mBAAmB,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AACvE,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,UAAU,EAAE,CAAC;IAChD,OAAO,WAAW,CAChB,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EACtB,oBAAoB,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CACtD,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,KAAiB;IACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,UAAU,EAAE,CAAC;IAChD,OAAO,WAAW,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,oBAAoB,CAAC,KAAK,CAAC,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa;IACrC,IAAI,KAAK,KAAK,EAAE;QAAE,OAAO,IAAI,UAAU,EAAE,CAAC;IAC1C,OAAO,WAAW,CAAC,IAAI,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,EAAE,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,eAAe,CAAC,SAAuB;IAC9C,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,UAAU,EAAE,CAAC;IACxC,OAAO,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,EAAE,CAAC;AAChD,CAAC;AAED,SAAS,0BAA0B,CACjC,OAAuD;IAEvD,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,UAAU,EAAE,CAAC;IACtC,OAAO,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,0BAA0B,CACjC,OAA2D;IAE3D,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,UAAU,EAAE,CAAC;IACtC,OAAO,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;AAC1C,CAAC;AAED,KAAK,UAAU,MAAM,CAAC,IAAgB;IACpC,OAAO,IAAI,UAAU,CACnB,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAC5D,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,IAAgB;IACtC,OAAO,MAAM,CAAC,WAAW,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,KAAK,UAAU,SAAS,CACtB,IAAgB,EAChB,KAAiB;IAEjB,OAAO,MAAM,CAAC,WAAW,CAAC,IAAI,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED,SAAS,aAAa,CAAC,IAAY;IACjC,IAAI,IAAI,GAAG,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACnE,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3C,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC;AAED,KAAK,UAAU,8BAA8B,CAC3C,MAAoB;IAEpB,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IAC7E,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAEpD,MAAM,KAAK,GAAG,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,IAAI,GAAG,MAAM,8BAA8B,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;IAC1E,MAAM,KAAK,GAAG,MAAM,8BAA8B,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IACxE,OAAO,SAAS,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,UAAU,CAAC,CAAa,EAAE,CAAa;IAC9C,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAAE,OAAO,KAAK,CAAC;IAClC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,KAAK,UAAU,oBAAoB,CACjC,MAA2C;IAE3C,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,2DAA2D,CAC5D,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAiB;QAC3B,0BAA0B,CAAC,MAAM,CAAC,OAAO,CAAC;QAC1C,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC;QAC5B,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC;QAC/B,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC;QAC5B,0BAA0B,CAAC,MAAM,CAAC,WAAW,CAAC;QAC9C,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC;QAClC,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;QAC5B,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC;QAClC,WAAW,CAAC,MAAM,CAAC,kBAAkB,CAAC;QACtC,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC;QACjC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC;QAC3B,WAAW,CAAC,MAAM,CAAC,eAAe,CAAC;QACnC,WAAW,CAAC,MAAM,CAAC,YAAY,CAAC;QAChC,WAAW,CAAC,MAAM,CAAC,eAAe,CAAC;KACpC,CAAC;IAEF,OAAO,8BAA8B,CAAC,MAAM,CAAC,CAAC;AAChD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,EAAgB,EAChB,IAAuB,EACvB,WAAwB;IAExB,IAAI,CAAC,EAAE,EAAE,MAAM,IAAI,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC;QAC/B,MAAM,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACxD,CAAC;IACD,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,CAAC;IACzB,MAAM,MAAM,GAAG,EAAE,CAAC,MAAM,CAAC;IAEzB,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CACb,kCAAkC,MAAM,CAAC,MAAM,OAAO,MAAM,CAAC,MAAM,EAAE,CACtE,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,EAAE,gBAAgB,IAAI,EAAE,CAAC;IAChD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrE,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACpD,CAAC;IACD,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;IAED,iCAAiC;IACjC,MAAM,YAAY,GAAG,IAAI,GAAG,EAA0B,CAAC;IACvD,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrD,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;YACvB,MAAM,IAAI,KAAK,CAAC,uCAAuC,GAAG,EAAE,CAAC,CAAC;QAChE,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC,MAAM,CAAC,OAAO;QAAE,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC/D,MAAM,GAAG,GAAG,MAAM,CAAC,OAAO,CAAC;IAC3B,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACpD,IAAI,CAAC,GAAG,CAAC,aAAa;QAAE,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAC3E,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,IAAI,GAAG,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnE,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC1D,CAAC;IACD,IACE,CAAC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC;QAC1C,GAAG,CAAC,aAAa,CAAC,KAAK,GAAG,CAAC,EAC3B,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,OAAO,GAAW,MAAM,CAAC,OAAO,CAAC;IACvC,MAAM,SAAS,GAAW,MAAM,CAAC,MAAM,CAAC;IACxC,MAAM,QAAQ,GAAW,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9C,MAAM,WAAW,GAAe,GAAG,CAAC,IAAI,CAAC;IACzC,MAAM,SAAS,GAAe,GAAG,CAAC,aAAa,CAAC,IAAI,CAAC;IACrD,MAAM,UAAU,GAAW,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC;IACnD,MAAM,mBAAmB,GAAG,MAAM,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC/D,MAAM,0BAA0B,GAAG,UAAU,CAC3C,mBAAmB,EACnB,WAAW,CACZ,CAAC;IAEF,IAAI,WAAW,GAAG,EAAE,CAAC;IACrB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,CAAC;QACxD,MAAM,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAEjC,gDAAgD;QAChD,IAAI,CAAC,CAAC,WAAW,KAAK,CAAC;YAAE,SAAS;QAElC,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAC;QAClE,MAAM,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACpC,IAAI,CAAC,CAAC,EAAE,CAAC;YACP,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACtB,SAAS;QACX,CAAC;QAED,IAAI,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACtB,SAAS;QACX,CAAC;QAED,iEAAiE;QACjE,OAAO,EAAE,CAAC;QAEV,uBAAuB;QACvB,MAAM,SAAS,GAAG,2BAA2B,CAC3C,OAAO,EACP,SAAS,EACT,QAAQ,EACR,WAAW,EACX,UAAU,EACV,SAAS,EACT,CAAC,CAAC,SAAS,CACZ,CAAC;QAEF,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACtB,SAAS;QACX,CAAC;QAED,mBAAmB;QACnB,IAAI,EAAE,GAAG,KAAK,CAAC;QACf,IAAI,CAAC;YACH,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAC7B,EAAE,IAAI,EAAE,SAAS,EAAE,EACnB,GAAG,EACH,IAAI,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,EAC3B,IAAI,UAAU,CAAC,SAAS,CAAC,CAC1B,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,EAAE,GAAG,KAAK,CAAC;QACb,CAAC;QAED,IAAI,CAAC,EAAE,EAAE,CAAC;YACR,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACtB,SAAS;QACX,CAAC;QAED,WAAW,IAAI,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IACrD,MAAM,EAAE,GAAG,MAAM,IAAI,0BAA0B,CAAC;IAEhD,OAAO;QACL,EAAE;QACF,MAAM;QACN,WAAW;QACX,UAAU;QACV,UAAU,EAAE,MAAM,CAAC,IAAI;QACvB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,WAAW;QACX,iBAAiB,EAAE,OAAO;QAC1B,iBAAiB,EAAE,OAAO;QAC1B,iBAAiB,EAAE,OAAO;KAC3B,CAAC;AACJ,CAAC"}
|
|
@@ -5,42 +5,54 @@
|
|
|
5
5
|
"block": "11",
|
|
6
6
|
"app": "0"
|
|
7
7
|
},
|
|
8
|
-
"chain_id": "test-
|
|
9
|
-
"height": "
|
|
10
|
-
"time": "
|
|
8
|
+
"chain_id": "webcat-test-02",
|
|
9
|
+
"height": "18720",
|
|
10
|
+
"time": "2026-03-08T03:00:52.980342151Z",
|
|
11
11
|
"last_block_id": {
|
|
12
|
-
"hash": "
|
|
12
|
+
"hash": "8271A9B3A0689FF0CB095E39175403A74BC374ABBE23184B20D902199FDC0BA7",
|
|
13
13
|
"parts": {
|
|
14
14
|
"total": 1,
|
|
15
|
-
"hash": "
|
|
15
|
+
"hash": "AEB84D5BAB13692BCBD9603B9A94AA310203648DF16A755EA2BA9A2A1D667BCB"
|
|
16
16
|
}
|
|
17
17
|
},
|
|
18
|
-
"last_commit_hash": "
|
|
18
|
+
"last_commit_hash": "9E3394940C1C94504E0465CCED1CE7047639BDF5506E34EA07FE729C5E4EA5FC",
|
|
19
19
|
"data_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
20
|
-
"validators_hash": "
|
|
21
|
-
"next_validators_hash": "
|
|
20
|
+
"validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
|
|
21
|
+
"next_validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
|
|
22
22
|
"consensus_hash": "048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F",
|
|
23
|
-
"app_hash": "
|
|
23
|
+
"app_hash": "6068FFC66BC857FE76B4E8A779176ABBA6CBFC3F119F961915AF01C293EDC9D3",
|
|
24
24
|
"last_results_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
25
25
|
"evidence_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
26
|
-
"proposer_address": "
|
|
26
|
+
"proposer_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72"
|
|
27
27
|
},
|
|
28
28
|
"commit": {
|
|
29
|
-
"height": "
|
|
29
|
+
"height": "18720",
|
|
30
30
|
"round": 0,
|
|
31
31
|
"block_id": {
|
|
32
|
-
"hash": "
|
|
32
|
+
"hash": "1E1B52E922F1E20D8113D38A70675BFB0CF83609C00CD6CE637FC79B0C73A890",
|
|
33
33
|
"parts": {
|
|
34
34
|
"total": 1,
|
|
35
|
-
"hash": "
|
|
35
|
+
"hash": "CC7EAC61FA5FB28ADC4F26BEB76CD54CDB66C2A952E81CBEE33B55D0ED1B0A78"
|
|
36
36
|
}
|
|
37
37
|
},
|
|
38
38
|
"signatures": [
|
|
39
39
|
{
|
|
40
40
|
"block_id_flag": 2,
|
|
41
|
-
"validator_address": "
|
|
42
|
-
"timestamp": "
|
|
43
|
-
"signature": "
|
|
41
|
+
"validator_address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
|
|
42
|
+
"timestamp": "2026-03-08T03:01:53.984641899Z",
|
|
43
|
+
"signature": "V1swep5n+4AX155lTrNXSyS7k0L5Wnx2E8zrBGqWEDHf8pW5tFO1ron1xHqfMmJh9BSK3FaOWnIVToqcrvCiBg=="
|
|
44
|
+
},
|
|
45
|
+
{
|
|
46
|
+
"block_id_flag": 2,
|
|
47
|
+
"validator_address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
|
|
48
|
+
"timestamp": "2026-03-08T03:01:54.033082245Z",
|
|
49
|
+
"signature": "VLIvwTw5aC15Oq8AkmiXudyIFKIo3VBOgU1eIQN+JxgsNtJwr8tuZsaGf6ds7BY6kQ8E93pxDm1CUk2pYrrZDQ=="
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
"block_id_flag": 2,
|
|
53
|
+
"validator_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
54
|
+
"timestamp": "2026-03-08T03:01:54.025260639Z",
|
|
55
|
+
"signature": "ODjl80UkQB7uBQmf0TUCbgg+p8Mvv9ihvmbyYou3YWB7nqcwp5tzz8MiFkoPo8zfiLL+83AqKeYm7S3y3kPxDQ=="
|
|
44
56
|
}
|
|
45
57
|
]
|
|
46
58
|
}
|
|
@@ -48,24 +60,42 @@
|
|
|
48
60
|
"validator_set": {
|
|
49
61
|
"validators": [
|
|
50
62
|
{
|
|
51
|
-
"address": "
|
|
63
|
+
"address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
|
|
64
|
+
"pub_key": {
|
|
65
|
+
"type": "tendermint/PubKeyEd25519",
|
|
66
|
+
"value": "zEK+pyAEhhCaoHYhhT+rrorJoc9kZbfY+JkbMtF8u5Y="
|
|
67
|
+
},
|
|
68
|
+
"power": "1",
|
|
69
|
+
"name": null
|
|
70
|
+
},
|
|
71
|
+
{
|
|
72
|
+
"address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
|
|
73
|
+
"pub_key": {
|
|
74
|
+
"type": "tendermint/PubKeyEd25519",
|
|
75
|
+
"value": "8dZUej72UriKCPIDvk01c6yLaAB2ssYIli3fT3jKwSM="
|
|
76
|
+
},
|
|
77
|
+
"power": "1",
|
|
78
|
+
"name": null
|
|
79
|
+
},
|
|
80
|
+
{
|
|
81
|
+
"address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
52
82
|
"pub_key": {
|
|
53
83
|
"type": "tendermint/PubKeyEd25519",
|
|
54
|
-
"value": "
|
|
84
|
+
"value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
|
|
55
85
|
},
|
|
56
|
-
"power": "
|
|
86
|
+
"power": "1",
|
|
57
87
|
"name": null
|
|
58
88
|
}
|
|
59
89
|
],
|
|
60
90
|
"proposer": {
|
|
61
|
-
"address": "
|
|
91
|
+
"address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
62
92
|
"pub_key": {
|
|
63
93
|
"type": "tendermint/PubKeyEd25519",
|
|
64
|
-
"value": "
|
|
94
|
+
"value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
|
|
65
95
|
},
|
|
66
|
-
"power": "
|
|
96
|
+
"power": "1",
|
|
67
97
|
"name": null
|
|
68
98
|
},
|
|
69
|
-
"total_voting_power": "
|
|
99
|
+
"total_voting_power": "3"
|
|
70
100
|
}
|
|
71
101
|
}
|
|
@@ -7,6 +7,13 @@ import blockFixture from "./fixtures/webcat.json";
|
|
|
7
7
|
function clone(x) {
|
|
8
8
|
return JSON.parse(JSON.stringify(x));
|
|
9
9
|
}
|
|
10
|
+
function flipLastHexNibble(hex) {
|
|
11
|
+
const last = hex.at(-1);
|
|
12
|
+
if (!last)
|
|
13
|
+
throw new Error("Cannot mutate an empty hex string");
|
|
14
|
+
const replacement = last.toLowerCase() === "0" ? "1" : "0";
|
|
15
|
+
return `${hex.slice(0, -1)}${replacement}`;
|
|
16
|
+
}
|
|
10
17
|
describe("lightclient.verifyCommit", () => {
|
|
11
18
|
it("verifies a valid commit against the validator set", async () => {
|
|
12
19
|
const validators = blockFixture.validator_set;
|
|
@@ -38,10 +45,9 @@ describe("lightclient.verifyCommit", () => {
|
|
|
38
45
|
expect(out.quorum).toBe(false);
|
|
39
46
|
expect(out.ok).toBe(false);
|
|
40
47
|
expect(out.signedPower).toBe(0n);
|
|
41
|
-
expect(out.invalidSignatures).
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
expect(out.countedSignatures).toBe(1);
|
|
48
|
+
expect(out.invalidSignatures).toHaveLength(vset.validators.length);
|
|
49
|
+
expect(out.invalidSignatures).toContain(Uint8ArrayToHex(vset.validators[0].address).toUpperCase());
|
|
50
|
+
expect(out.countedSignatures).toBe(vset.validators.length);
|
|
45
51
|
});
|
|
46
52
|
it("flags invalid signatures", async () => {
|
|
47
53
|
const validators = blockFixture.validator_set;
|
|
@@ -52,11 +58,11 @@ describe("lightclient.verifyCommit", () => {
|
|
|
52
58
|
const out = await verifyCommit(sh, vset, cryptoIndex);
|
|
53
59
|
expect(out.quorum).toBe(false);
|
|
54
60
|
expect(out.ok).toBe(false);
|
|
55
|
-
expect(out.signedPower).toBe(
|
|
61
|
+
expect(out.signedPower).toBe(2n);
|
|
56
62
|
expect(out.invalidSignatures).toEqual([
|
|
57
63
|
Uint8ArrayToHex(vset.validators[0].address).toUpperCase(),
|
|
58
64
|
]);
|
|
59
|
-
expect(out.countedSignatures).toBe(
|
|
65
|
+
expect(out.countedSignatures).toBe(vset.validators.length);
|
|
60
66
|
});
|
|
61
67
|
it("rejects malformed signature bytes", async () => {
|
|
62
68
|
const validators = blockFixture.validator_set;
|
|
@@ -75,12 +81,77 @@ describe("lightclient.verifyCommit", () => {
|
|
|
75
81
|
const out = await verifyCommit(sh, vset, cryptoIndex);
|
|
76
82
|
expect(out.quorum).toBe(false);
|
|
77
83
|
expect(out.ok).toBe(false);
|
|
78
|
-
expect(out.signedPower).toBe(
|
|
84
|
+
expect(out.signedPower).toBe(2n);
|
|
79
85
|
expect(out.invalidSignatures).toEqual([]);
|
|
80
86
|
expect(out.unknownValidators).toEqual([
|
|
81
87
|
"0000000000000000000000000000000000000000",
|
|
82
88
|
]);
|
|
83
|
-
expect(out.countedSignatures).toBe(
|
|
89
|
+
expect(out.countedSignatures).toBe(vset.validators.length - 1);
|
|
90
|
+
});
|
|
91
|
+
it("detects tampering of every header field by checking the header merkle root against commit.block_id.hash", async () => {
|
|
92
|
+
const validators = blockFixture.validator_set;
|
|
93
|
+
const { proto: vset, cryptoIndex } = await importValidators(validators);
|
|
94
|
+
const mutators = {
|
|
95
|
+
"header.version.block": (commit) => {
|
|
96
|
+
commit.signed_header.header.version.block = String(BigInt(commit.signed_header.header.version.block) + 1n);
|
|
97
|
+
},
|
|
98
|
+
"header.version.app": (commit) => {
|
|
99
|
+
commit.signed_header.header.version.app = String(BigInt(commit.signed_header.header.version.app) + 1n);
|
|
100
|
+
},
|
|
101
|
+
"header.chain_id": (commit) => {
|
|
102
|
+
commit.signed_header.header.chain_id = `${commit.signed_header.header.chain_id}-tampered`;
|
|
103
|
+
},
|
|
104
|
+
"header.height": (commit) => {
|
|
105
|
+
commit.signed_header.header.height = String(BigInt(commit.signed_header.header.height) + 1n);
|
|
106
|
+
commit.signed_header.commit.height = commit.signed_header.header.height;
|
|
107
|
+
},
|
|
108
|
+
"header.time": (commit) => {
|
|
109
|
+
commit.signed_header.header.time = "2026-03-08T03:00:52.980342152Z";
|
|
110
|
+
},
|
|
111
|
+
"header.last_block_id.hash": (commit) => {
|
|
112
|
+
commit.signed_header.header.last_block_id.hash = flipLastHexNibble(commit.signed_header.header.last_block_id.hash);
|
|
113
|
+
},
|
|
114
|
+
"header.last_block_id.parts.total": (commit) => {
|
|
115
|
+
commit.signed_header.header.last_block_id.parts.total += 1;
|
|
116
|
+
},
|
|
117
|
+
"header.last_block_id.parts.hash": (commit) => {
|
|
118
|
+
commit.signed_header.header.last_block_id.parts.hash =
|
|
119
|
+
flipLastHexNibble(commit.signed_header.header.last_block_id.parts.hash);
|
|
120
|
+
},
|
|
121
|
+
"header.last_commit_hash": (commit) => {
|
|
122
|
+
commit.signed_header.header.last_commit_hash = flipLastHexNibble(commit.signed_header.header.last_commit_hash);
|
|
123
|
+
},
|
|
124
|
+
"header.data_hash": (commit) => {
|
|
125
|
+
commit.signed_header.header.data_hash = flipLastHexNibble(commit.signed_header.header.data_hash);
|
|
126
|
+
},
|
|
127
|
+
"header.validators_hash": (commit) => {
|
|
128
|
+
commit.signed_header.header.validators_hash = flipLastHexNibble(commit.signed_header.header.validators_hash);
|
|
129
|
+
},
|
|
130
|
+
"header.next_validators_hash": (commit) => {
|
|
131
|
+
commit.signed_header.header.next_validators_hash = flipLastHexNibble(commit.signed_header.header.next_validators_hash);
|
|
132
|
+
},
|
|
133
|
+
"header.consensus_hash": (commit) => {
|
|
134
|
+
commit.signed_header.header.consensus_hash = flipLastHexNibble(commit.signed_header.header.consensus_hash);
|
|
135
|
+
},
|
|
136
|
+
"header.app_hash": (commit) => {
|
|
137
|
+
commit.signed_header.header.app_hash = flipLastHexNibble(commit.signed_header.header.app_hash);
|
|
138
|
+
},
|
|
139
|
+
"header.last_results_hash": (commit) => {
|
|
140
|
+
commit.signed_header.header.last_results_hash = flipLastHexNibble(commit.signed_header.header.last_results_hash);
|
|
141
|
+
},
|
|
142
|
+
"header.evidence_hash": (commit) => {
|
|
143
|
+
commit.signed_header.header.evidence_hash = flipLastHexNibble(commit.signed_header.header.evidence_hash);
|
|
144
|
+
},
|
|
145
|
+
"header.proposer_address": (commit) => {
|
|
146
|
+
commit.signed_header.header.proposer_address = flipLastHexNibble(commit.signed_header.header.proposer_address);
|
|
147
|
+
},
|
|
148
|
+
};
|
|
149
|
+
for (const [field, mutate] of Object.entries(mutators)) {
|
|
150
|
+
const tampered = clone(blockFixture);
|
|
151
|
+
mutate(tampered);
|
|
152
|
+
const out = await verifyCommit(importCommit(tampered), vset, cryptoIndex);
|
|
153
|
+
expect(out.ok, `${field} tampering should be detected`).toBe(false);
|
|
154
|
+
}
|
|
84
155
|
});
|
|
85
156
|
});
|
|
86
157
|
//# sourceMappingURL=webcat.test.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webcat.test.js","sourceRoot":"","sources":["../../src/tests/webcat.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,YAAY,MAAM,wBAAwB,CAAC;AAElD,SAAS,KAAK,CAAI,CAAI;IACpB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,YAAqC,CAAC;QAErD,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,YAAY,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,CAAC,WAAW,YAAY,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,0EAA0E;QAC1E,wDAAwD;QACxD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;YACvC,kEAAkE,CAAC;QAErE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"webcat.test.js","sourceRoot":"","sources":["../../src/tests/webcat.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAE9C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AACjD,OAAO,YAAY,MAAM,wBAAwB,CAAC;AAElD,SAAS,KAAK,CAAI,CAAI;IACpB,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,CAAC,IAAI;QAAE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IAEhE,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;IAC3D,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,WAAW,EAAE,CAAC;AAC7C,CAAC;AAED,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;QACjE,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,YAAqC,CAAC;QAErD,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,CAAC,GAAG,CAAC,WAAW,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,YAAY,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,CAAC,WAAW,YAAY,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,0EAA0E;QAC1E,wDAAwD;QACxD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;YACvC,kEAAkE,CAAC;QAErE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QACnE,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,SAAS,CACrC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAC1D,CAAC;QACF,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,kBAAkB,CACtE,IAAI,UAAU,CAAC,EAAE,CAAC,CACnB,CAAC;QAEF,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC;YACpC,eAAe,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE;SAC1D,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;QACjD,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,wDAAwD;QACxD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC;QAE7D,MAAM,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC5D,4BAA4B,CAC7B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QAC1C,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,CAA0B,CAAC;QAE5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,iBAAiB;YACzD,0CAA0C,CAAC;QAE7C,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QACxE,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhC,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC;QAEtD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,OAAO,CAAC;YACpC,0CAA0C;SAC3C,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yGAAyG,EAAE,KAAK,IAAI,EAAE;QACvH,MAAM,UAAU,GAAG,YAAY,CAAC,aAAyC,CAAC;QAC1E,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,WAAW,EAAE,GAAG,MAAM,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAExE,MAAM,QAAQ,GAA0C;YACtD,sBAAsB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACjC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,GAAG,MAAM,CAChD,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CACvD,CAAC;YACJ,CAAC;YACD,oBAAoB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC/B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,GAAG,MAAM,CAC9C,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,CACrD,CAAC;YACJ,CAAC;YACD,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC5B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,GAAG,GAAG,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,WAAW,CAAC;YAC5F,CAAC;YACD,eAAe,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC1B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,GAAG,MAAM,CACzC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,CAChD,CAAC;gBACF,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC;YAC1E,CAAC;YACD,aAAa,EAAE,CAAC,MAAM,EAAE,EAAE;gBACxB,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,GAAG,gCAAgC,CAAC;YACtE,CAAC;YACD,2BAA2B,EAAE,CAAC,MAAM,EAAE,EAAE;gBACtC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,GAAG,iBAAiB,CAChE,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAC/C,CAAC;YACJ,CAAC;YACD,kCAAkC,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC7C,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC;YAC7D,CAAC;YACD,iCAAiC,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC5C,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI;oBAClD,iBAAiB,CACf,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,IAAI,CACrD,CAAC;YACN,CAAC;YACD,yBAAyB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACpC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,GAAG,iBAAiB,CAC9D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,CAC7C,CAAC;YACJ,CAAC;YACD,kBAAkB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC7B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,GAAG,iBAAiB,CACvD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,CACtC,CAAC;YACJ,CAAC;YACD,wBAAwB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACnC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,eAAe,GAAG,iBAAiB,CAC7D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,eAAe,CAC5C,CAAC;YACJ,CAAC;YACD,6BAA6B,EAAE,CAAC,MAAM,EAAE,EAAE;gBACxC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,oBAAoB,GAAG,iBAAiB,CAClE,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,oBAAoB,CACjD,CAAC;YACJ,CAAC;YACD,uBAAuB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAClC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,cAAc,GAAG,iBAAiB,CAC5D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,cAAc,CAC3C,CAAC;YACJ,CAAC;YACD,iBAAiB,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC5B,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,GAAG,iBAAiB,CACtD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CACrC,CAAC;YACJ,CAAC;YACD,0BAA0B,EAAE,CAAC,MAAM,EAAE,EAAE;gBACrC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,iBAAiB,GAAG,iBAAiB,CAC/D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,iBAAiB,CAC9C,CAAC;YACJ,CAAC;YACD,sBAAsB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACjC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,GAAG,iBAAiB,CAC3D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,CAC1C,CAAC;YACJ,CAAC;YACD,yBAAyB,EAAE,CAAC,MAAM,EAAE,EAAE;gBACpC,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,GAAG,iBAAiB,CAC9D,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,gBAAgB,CAC7C,CAAC;YACJ,CAAC;SACF,CAAC;QAEF,KAAK,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvD,MAAM,QAAQ,GAAG,KAAK,CAAC,YAAY,CAAC,CAAC;YACrC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAEjB,MAAM,GAAG,GAAG,MAAM,YAAY,CAC5B,YAAY,CAAC,QAAiC,CAAC,EAC/C,IAAI,EACJ,WAAW,CACZ,CAAC;YAEF,MAAM,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,KAAK,+BAA+B,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@freedomofpress/cometbft",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.3",
|
|
4
4
|
"description": "A CometBFT light client for the browser.",
|
|
5
|
+
"type": "module",
|
|
5
6
|
"repository": {
|
|
6
7
|
"type": "git",
|
|
7
8
|
"url": "https://github.com/freedomofpress/cometbft-ts"
|
|
@@ -27,13 +28,13 @@
|
|
|
27
28
|
"homepage": "https://github.com/freedomofpress/cometbft-ts#readme",
|
|
28
29
|
"bugs": "https://github.com/freedomofpress/cometbft-ts/issues",
|
|
29
30
|
"devDependencies": {
|
|
30
|
-
"@vitest/coverage-v8": "^4.0.
|
|
31
|
+
"@vitest/coverage-v8": "^4.0.18",
|
|
31
32
|
"eslint-plugin-simple-import-sort": "^12.1.1",
|
|
32
33
|
"typescript": "^5.9.3",
|
|
33
|
-
"typescript-eslint": "^8.
|
|
34
|
-
"vitest": "^4.0.
|
|
34
|
+
"typescript-eslint": "^8.56.1",
|
|
35
|
+
"vitest": "^4.0.18"
|
|
35
36
|
},
|
|
36
37
|
"dependencies": {
|
|
37
|
-
"@bufbuild/protobuf": "^2.
|
|
38
|
+
"@bufbuild/protobuf": "^2.11.0"
|
|
38
39
|
}
|
|
39
40
|
}
|
package/src/lightclient.ts
CHANGED
|
@@ -5,11 +5,16 @@ import {
|
|
|
5
5
|
CanonicalPartSetHeader,
|
|
6
6
|
CanonicalVote,
|
|
7
7
|
} from "./proto/cometbft/types/v1/canonical";
|
|
8
|
-
import {
|
|
8
|
+
import {
|
|
9
|
+
BlockID,
|
|
10
|
+
SignedHeader,
|
|
11
|
+
SignedMsgType,
|
|
12
|
+
} from "./proto/cometbft/types/v1/types";
|
|
9
13
|
import {
|
|
10
14
|
Validator as ProtoValidator,
|
|
11
15
|
ValidatorSet as ProtoValidatorSet,
|
|
12
16
|
} from "./proto/cometbft/types/v1/validator";
|
|
17
|
+
import { Consensus } from "./proto/cometbft/version/v1/types";
|
|
13
18
|
import { Timestamp as PbTimestamp } from "./proto/google/protobuf/timestamp";
|
|
14
19
|
|
|
15
20
|
export type CryptoIndex = Map<string, CryptoKey>;
|
|
@@ -77,6 +82,143 @@ function hasTwoThirds(signed: bigint, total: bigint): boolean {
|
|
|
77
82
|
return signed * 3n > total * 2n;
|
|
78
83
|
}
|
|
79
84
|
|
|
85
|
+
function concatBytes(...parts: Uint8Array[]): Uint8Array {
|
|
86
|
+
const length = parts.reduce((acc, p) => acc + p.length, 0);
|
|
87
|
+
const out = new Uint8Array(length);
|
|
88
|
+
let offset = 0;
|
|
89
|
+
for (const p of parts) {
|
|
90
|
+
out.set(p, offset);
|
|
91
|
+
offset += p.length;
|
|
92
|
+
}
|
|
93
|
+
return out;
|
|
94
|
+
}
|
|
95
|
+
|
|
96
|
+
function encodeUvarintBigint(value: bigint): Uint8Array {
|
|
97
|
+
if (value < 0n) throw new Error("uvarint cannot encode negative values");
|
|
98
|
+
|
|
99
|
+
const bytes: number[] = [];
|
|
100
|
+
let v = value;
|
|
101
|
+
while (v >= 0x80n) {
|
|
102
|
+
bytes.push(Number((v & 0x7fn) | 0x80n));
|
|
103
|
+
v >>= 7n;
|
|
104
|
+
}
|
|
105
|
+
bytes.push(Number(v));
|
|
106
|
+
return new Uint8Array(bytes);
|
|
107
|
+
}
|
|
108
|
+
|
|
109
|
+
function encodeLengthPrefixed(value: Uint8Array): Uint8Array {
|
|
110
|
+
return concatBytes(encodeUvarintBigint(BigInt(value.length)), value);
|
|
111
|
+
}
|
|
112
|
+
|
|
113
|
+
function encodeString(value: string): Uint8Array {
|
|
114
|
+
if (value.length === 0) return new Uint8Array();
|
|
115
|
+
return concatBytes(
|
|
116
|
+
new Uint8Array([0x0a]),
|
|
117
|
+
encodeLengthPrefixed(new TextEncoder().encode(value)),
|
|
118
|
+
);
|
|
119
|
+
}
|
|
120
|
+
|
|
121
|
+
function encodeBytes(value: Uint8Array): Uint8Array {
|
|
122
|
+
if (value.length === 0) return new Uint8Array();
|
|
123
|
+
return concatBytes(new Uint8Array([0x0a]), encodeLengthPrefixed(value));
|
|
124
|
+
}
|
|
125
|
+
|
|
126
|
+
function encodeInt64Value(value: bigint): Uint8Array {
|
|
127
|
+
if (value === 0n) return new Uint8Array();
|
|
128
|
+
return concatBytes(new Uint8Array([0x08]), encodeUvarintBigint(value));
|
|
129
|
+
}
|
|
130
|
+
|
|
131
|
+
function encodeTimestamp(timestamp?: PbTimestamp): Uint8Array {
|
|
132
|
+
if (!timestamp) return new Uint8Array();
|
|
133
|
+
return PbTimestamp.encode(timestamp).finish();
|
|
134
|
+
}
|
|
135
|
+
|
|
136
|
+
function encodeVersionForHeaderHash(
|
|
137
|
+
version: NonNullable<SignedHeader["header"]>["version"],
|
|
138
|
+
): Uint8Array {
|
|
139
|
+
if (!version) return new Uint8Array();
|
|
140
|
+
return Consensus.encode(version).finish();
|
|
141
|
+
}
|
|
142
|
+
|
|
143
|
+
function encodeBlockIdForHeaderHash(
|
|
144
|
+
blockId: NonNullable<SignedHeader["header"]>["lastBlockId"],
|
|
145
|
+
): Uint8Array {
|
|
146
|
+
if (!blockId) return new Uint8Array();
|
|
147
|
+
return BlockID.encode(blockId).finish();
|
|
148
|
+
}
|
|
149
|
+
|
|
150
|
+
async function sha256(data: Uint8Array): Promise<Uint8Array> {
|
|
151
|
+
return new Uint8Array(
|
|
152
|
+
await crypto.subtle.digest("SHA-256", new Uint8Array(data)),
|
|
153
|
+
);
|
|
154
|
+
}
|
|
155
|
+
|
|
156
|
+
async function hashLeaf(leaf: Uint8Array): Promise<Uint8Array> {
|
|
157
|
+
return sha256(concatBytes(new Uint8Array([0]), leaf));
|
|
158
|
+
}
|
|
159
|
+
|
|
160
|
+
async function hashInner(
|
|
161
|
+
left: Uint8Array,
|
|
162
|
+
right: Uint8Array,
|
|
163
|
+
): Promise<Uint8Array> {
|
|
164
|
+
return sha256(concatBytes(new Uint8Array([1]), left, right));
|
|
165
|
+
}
|
|
166
|
+
|
|
167
|
+
function getSplitPoint(size: number): number {
|
|
168
|
+
if (size < 1) throw new Error("Cannot split an empty merkle tree");
|
|
169
|
+
const p = 2 ** Math.floor(Math.log2(size));
|
|
170
|
+
return p < size ? p : p / 2;
|
|
171
|
+
}
|
|
172
|
+
|
|
173
|
+
async function simpleMerkleHashFromByteSlices(
|
|
174
|
+
chunks: Uint8Array[],
|
|
175
|
+
): Promise<Uint8Array> {
|
|
176
|
+
if (chunks.length === 0) throw new Error("Cannot hash an empty merkle tree");
|
|
177
|
+
if (chunks.length === 1) return hashLeaf(chunks[0]);
|
|
178
|
+
|
|
179
|
+
const split = getSplitPoint(chunks.length);
|
|
180
|
+
const left = await simpleMerkleHashFromByteSlices(chunks.slice(0, split));
|
|
181
|
+
const right = await simpleMerkleHashFromByteSlices(chunks.slice(split));
|
|
182
|
+
return hashInner(left, right);
|
|
183
|
+
}
|
|
184
|
+
|
|
185
|
+
function bytesEqual(a: Uint8Array, b: Uint8Array): boolean {
|
|
186
|
+
if (a.length !== b.length) return false;
|
|
187
|
+
for (let i = 0; i < a.length; i++) {
|
|
188
|
+
if (a[i] !== b[i]) return false;
|
|
189
|
+
}
|
|
190
|
+
return true;
|
|
191
|
+
}
|
|
192
|
+
|
|
193
|
+
async function hashHeaderForBlockId(
|
|
194
|
+
header: NonNullable<SignedHeader["header"]>,
|
|
195
|
+
): Promise<Uint8Array> {
|
|
196
|
+
if (!header.lastBlockId) {
|
|
197
|
+
throw new Error(
|
|
198
|
+
"Header missing lastBlockId required for hash verification",
|
|
199
|
+
);
|
|
200
|
+
}
|
|
201
|
+
|
|
202
|
+
const fields: Uint8Array[] = [
|
|
203
|
+
encodeVersionForHeaderHash(header.version),
|
|
204
|
+
encodeString(header.chainId),
|
|
205
|
+
encodeInt64Value(header.height),
|
|
206
|
+
encodeTimestamp(header.time),
|
|
207
|
+
encodeBlockIdForHeaderHash(header.lastBlockId),
|
|
208
|
+
encodeBytes(header.lastCommitHash),
|
|
209
|
+
encodeBytes(header.dataHash),
|
|
210
|
+
encodeBytes(header.validatorsHash),
|
|
211
|
+
encodeBytes(header.nextValidatorsHash),
|
|
212
|
+
encodeBytes(header.consensusHash),
|
|
213
|
+
encodeBytes(header.appHash),
|
|
214
|
+
encodeBytes(header.lastResultsHash),
|
|
215
|
+
encodeBytes(header.evidenceHash),
|
|
216
|
+
encodeBytes(header.proposerAddress),
|
|
217
|
+
];
|
|
218
|
+
|
|
219
|
+
return simpleMerkleHashFromByteSlices(fields);
|
|
220
|
+
}
|
|
221
|
+
|
|
80
222
|
export async function verifyCommit(
|
|
81
223
|
sh: SignedHeader,
|
|
82
224
|
vset: ProtoValidatorSet,
|
|
@@ -132,6 +274,11 @@ export async function verifyCommit(
|
|
|
132
274
|
const blockIdHash: Uint8Array = bid.hash;
|
|
133
275
|
const partsHash: Uint8Array = bid.partSetHeader.hash;
|
|
134
276
|
const partsTotal: number = bid.partSetHeader.total;
|
|
277
|
+
const expectedBlockIdHash = await hashHeaderForBlockId(header);
|
|
278
|
+
const headerMatchesCommitBlockId = bytesEqual(
|
|
279
|
+
expectedBlockIdHash,
|
|
280
|
+
blockIdHash,
|
|
281
|
+
);
|
|
135
282
|
|
|
136
283
|
let signedPower = 0n;
|
|
137
284
|
const unknown: string[] = [];
|
|
@@ -198,9 +345,10 @@ export async function verifyCommit(
|
|
|
198
345
|
}
|
|
199
346
|
|
|
200
347
|
const quorum = hasTwoThirds(signedPower, totalPower);
|
|
348
|
+
const ok = quorum && headerMatchesCommitBlockId;
|
|
201
349
|
|
|
202
350
|
return {
|
|
203
|
-
ok
|
|
351
|
+
ok,
|
|
204
352
|
quorum,
|
|
205
353
|
signedPower,
|
|
206
354
|
totalPower,
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
{
|
|
2
|
+
"signed_header": {
|
|
3
|
+
"header": {
|
|
4
|
+
"version": {
|
|
5
|
+
"block": "11",
|
|
6
|
+
"app": "0"
|
|
7
|
+
},
|
|
8
|
+
"chain_id": "webcat-test-02",
|
|
9
|
+
"height": "18720",
|
|
10
|
+
"time": "2026-03-08T03:00:52.980342151Z",
|
|
11
|
+
"last_block_id": {
|
|
12
|
+
"hash": "8271A9B3A0689FF0CB095E39175403A74BC374ABBE23184B20D902199FDC0BA7",
|
|
13
|
+
"parts": {
|
|
14
|
+
"total": 1,
|
|
15
|
+
"hash": "AEB84D5BAB13692BCBD9603B9A94AA310203648DF16A755EA2BA9A2A1D667BCB"
|
|
16
|
+
}
|
|
17
|
+
},
|
|
18
|
+
"last_commit_hash": "9E3394940C1C94504E0465CCED1CE7047639BDF5506E34EA07FE729C5E4EA5FC",
|
|
19
|
+
"data_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
20
|
+
"validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
|
|
21
|
+
"next_validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
|
|
22
|
+
"consensus_hash": "048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F",
|
|
23
|
+
"app_hash": "6068FFC66BC857FE76B4E8A779176ABBA6CBFC3F119F961915AF01C293EDC9D3",
|
|
24
|
+
"last_results_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
25
|
+
"evidence_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
26
|
+
"proposer_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72"
|
|
27
|
+
},
|
|
28
|
+
"commit": {
|
|
29
|
+
"height": "18720",
|
|
30
|
+
"round": 0,
|
|
31
|
+
"block_id": {
|
|
32
|
+
"hash": "1E1B52E922F1E20D8113D38A70675BFB0CF83609C00CD6CE637FC79B0C73A890",
|
|
33
|
+
"parts": {
|
|
34
|
+
"total": 1,
|
|
35
|
+
"hash": "CC7EAC61FA5FB28ADC4F26BEB76CD54CDB66C2A952E81CBEE33B55D0ED1B0A78"
|
|
36
|
+
}
|
|
37
|
+
},
|
|
38
|
+
"signatures": [
|
|
39
|
+
{
|
|
40
|
+
"block_id_flag": 2,
|
|
41
|
+
"validator_address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
|
|
42
|
+
"timestamp": "2026-03-08T03:01:53.984641899Z",
|
|
43
|
+
"signature": "V1swep5n+4AX155lTrNXSyS7k0L5Wnx2E8zrBGqWEDHf8pW5tFO1ron1xHqfMmJh9BSK3FaOWnIVToqcrvCiBg=="
|
|
44
|
+
},
|
|
45
|
+
{
|
|
46
|
+
"block_id_flag": 2,
|
|
47
|
+
"validator_address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
|
|
48
|
+
"timestamp": "2026-03-08T03:01:54.033082245Z",
|
|
49
|
+
"signature": "VLIvwTw5aC15Oq8AkmiXudyIFKIo3VBOgU1eIQN+JxgsNtJwr8tuZsaGf6ds7BY6kQ8E93pxDm1CUk2pYrrZDQ=="
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
"block_id_flag": 2,
|
|
53
|
+
"validator_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
54
|
+
"timestamp": "2026-03-08T03:01:54.025260639Z",
|
|
55
|
+
"signature": "ODjl80UkQB7uBQmf0TUCbgg+p8Mvv9ihvmbyYou3YWB7nqcwp5tzz8MiFkoPo8zfiLL+83AqKeYm7S3y3kPxDQ=="
|
|
56
|
+
}
|
|
57
|
+
]
|
|
58
|
+
}
|
|
59
|
+
},
|
|
60
|
+
"validator_set": {
|
|
61
|
+
"validators": [
|
|
62
|
+
{
|
|
63
|
+
"address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
|
|
64
|
+
"pub_key": {
|
|
65
|
+
"type": "tendermint/PubKeyEd25519",
|
|
66
|
+
"value": "zEK+pyAEhhCaoHYhhT+rrorJoc9kZbfY+JkbMtF8u5Y="
|
|
67
|
+
},
|
|
68
|
+
"power": "1",
|
|
69
|
+
"name": null
|
|
70
|
+
},
|
|
71
|
+
{
|
|
72
|
+
"address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
|
|
73
|
+
"pub_key": {
|
|
74
|
+
"type": "tendermint/PubKeyEd25519",
|
|
75
|
+
"value": "8dZUej72UriKCPIDvk01c6yLaAB2ssYIli3fT3jKwSM="
|
|
76
|
+
},
|
|
77
|
+
"power": "1",
|
|
78
|
+
"name": null
|
|
79
|
+
},
|
|
80
|
+
{
|
|
81
|
+
"address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
82
|
+
"pub_key": {
|
|
83
|
+
"type": "tendermint/PubKeyEd25519",
|
|
84
|
+
"value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
|
|
85
|
+
},
|
|
86
|
+
"power": "1",
|
|
87
|
+
"name": null
|
|
88
|
+
}
|
|
89
|
+
],
|
|
90
|
+
"proposer": {
|
|
91
|
+
"address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
92
|
+
"pub_key": {
|
|
93
|
+
"type": "tendermint/PubKeyEd25519",
|
|
94
|
+
"value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
|
|
95
|
+
},
|
|
96
|
+
"power": "1",
|
|
97
|
+
"name": null
|
|
98
|
+
},
|
|
99
|
+
"total_voting_power": "3"
|
|
100
|
+
}
|
|
101
|
+
}
|
|
@@ -5,42 +5,54 @@
|
|
|
5
5
|
"block": "11",
|
|
6
6
|
"app": "0"
|
|
7
7
|
},
|
|
8
|
-
"chain_id": "test-
|
|
9
|
-
"height": "
|
|
10
|
-
"time": "
|
|
8
|
+
"chain_id": "webcat-test-02",
|
|
9
|
+
"height": "18720",
|
|
10
|
+
"time": "2026-03-08T03:00:52.980342151Z",
|
|
11
11
|
"last_block_id": {
|
|
12
|
-
"hash": "
|
|
12
|
+
"hash": "8271A9B3A0689FF0CB095E39175403A74BC374ABBE23184B20D902199FDC0BA7",
|
|
13
13
|
"parts": {
|
|
14
14
|
"total": 1,
|
|
15
|
-
"hash": "
|
|
15
|
+
"hash": "AEB84D5BAB13692BCBD9603B9A94AA310203648DF16A755EA2BA9A2A1D667BCB"
|
|
16
16
|
}
|
|
17
17
|
},
|
|
18
|
-
"last_commit_hash": "
|
|
18
|
+
"last_commit_hash": "9E3394940C1C94504E0465CCED1CE7047639BDF5506E34EA07FE729C5E4EA5FC",
|
|
19
19
|
"data_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
20
|
-
"validators_hash": "
|
|
21
|
-
"next_validators_hash": "
|
|
20
|
+
"validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
|
|
21
|
+
"next_validators_hash": "166D75D14EE1555615C57D2F013454152214BDB143D458C00A02B2AC0F2AC128",
|
|
22
22
|
"consensus_hash": "048091BC7DDC283F77BFBF91D73C44DA58C3DF8A9CBC867405D8B7F3DAADA22F",
|
|
23
|
-
"app_hash": "
|
|
23
|
+
"app_hash": "6068FFC66BC857FE76B4E8A779176ABBA6CBFC3F119F961915AF01C293EDC9D3",
|
|
24
24
|
"last_results_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
25
25
|
"evidence_hash": "E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855",
|
|
26
|
-
"proposer_address": "
|
|
26
|
+
"proposer_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72"
|
|
27
27
|
},
|
|
28
28
|
"commit": {
|
|
29
|
-
"height": "
|
|
29
|
+
"height": "18720",
|
|
30
30
|
"round": 0,
|
|
31
31
|
"block_id": {
|
|
32
|
-
"hash": "
|
|
32
|
+
"hash": "1E1B52E922F1E20D8113D38A70675BFB0CF83609C00CD6CE637FC79B0C73A890",
|
|
33
33
|
"parts": {
|
|
34
34
|
"total": 1,
|
|
35
|
-
"hash": "
|
|
35
|
+
"hash": "CC7EAC61FA5FB28ADC4F26BEB76CD54CDB66C2A952E81CBEE33B55D0ED1B0A78"
|
|
36
36
|
}
|
|
37
37
|
},
|
|
38
38
|
"signatures": [
|
|
39
39
|
{
|
|
40
40
|
"block_id_flag": 2,
|
|
41
|
-
"validator_address": "
|
|
42
|
-
"timestamp": "
|
|
43
|
-
"signature": "
|
|
41
|
+
"validator_address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
|
|
42
|
+
"timestamp": "2026-03-08T03:01:53.984641899Z",
|
|
43
|
+
"signature": "V1swep5n+4AX155lTrNXSyS7k0L5Wnx2E8zrBGqWEDHf8pW5tFO1ron1xHqfMmJh9BSK3FaOWnIVToqcrvCiBg=="
|
|
44
|
+
},
|
|
45
|
+
{
|
|
46
|
+
"block_id_flag": 2,
|
|
47
|
+
"validator_address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
|
|
48
|
+
"timestamp": "2026-03-08T03:01:54.033082245Z",
|
|
49
|
+
"signature": "VLIvwTw5aC15Oq8AkmiXudyIFKIo3VBOgU1eIQN+JxgsNtJwr8tuZsaGf6ds7BY6kQ8E93pxDm1CUk2pYrrZDQ=="
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
"block_id_flag": 2,
|
|
53
|
+
"validator_address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
54
|
+
"timestamp": "2026-03-08T03:01:54.025260639Z",
|
|
55
|
+
"signature": "ODjl80UkQB7uBQmf0TUCbgg+p8Mvv9ihvmbyYou3YWB7nqcwp5tzz8MiFkoPo8zfiLL+83AqKeYm7S3y3kPxDQ=="
|
|
44
56
|
}
|
|
45
57
|
]
|
|
46
58
|
}
|
|
@@ -48,24 +60,42 @@
|
|
|
48
60
|
"validator_set": {
|
|
49
61
|
"validators": [
|
|
50
62
|
{
|
|
51
|
-
"address": "
|
|
63
|
+
"address": "48926DF1CC10DBBFAA78953F9BE38E59020DE01D",
|
|
64
|
+
"pub_key": {
|
|
65
|
+
"type": "tendermint/PubKeyEd25519",
|
|
66
|
+
"value": "zEK+pyAEhhCaoHYhhT+rrorJoc9kZbfY+JkbMtF8u5Y="
|
|
67
|
+
},
|
|
68
|
+
"power": "1",
|
|
69
|
+
"name": null
|
|
70
|
+
},
|
|
71
|
+
{
|
|
72
|
+
"address": "A39CFEBE6E8CA10B6101C46884A6EB8E62D04417",
|
|
73
|
+
"pub_key": {
|
|
74
|
+
"type": "tendermint/PubKeyEd25519",
|
|
75
|
+
"value": "8dZUej72UriKCPIDvk01c6yLaAB2ssYIli3fT3jKwSM="
|
|
76
|
+
},
|
|
77
|
+
"power": "1",
|
|
78
|
+
"name": null
|
|
79
|
+
},
|
|
80
|
+
{
|
|
81
|
+
"address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
52
82
|
"pub_key": {
|
|
53
83
|
"type": "tendermint/PubKeyEd25519",
|
|
54
|
-
"value": "
|
|
84
|
+
"value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
|
|
55
85
|
},
|
|
56
|
-
"power": "
|
|
86
|
+
"power": "1",
|
|
57
87
|
"name": null
|
|
58
88
|
}
|
|
59
89
|
],
|
|
60
90
|
"proposer": {
|
|
61
|
-
"address": "
|
|
91
|
+
"address": "B734AC6CC1F14AAC8315FE8DBB07402ED4E45D72",
|
|
62
92
|
"pub_key": {
|
|
63
93
|
"type": "tendermint/PubKeyEd25519",
|
|
64
|
-
"value": "
|
|
94
|
+
"value": "WBK6Af3uKtC+VTv8x48f2TPoNnsebSXSBTIsJku/nQw="
|
|
65
95
|
},
|
|
66
|
-
"power": "
|
|
96
|
+
"power": "1",
|
|
67
97
|
"name": null
|
|
68
98
|
},
|
|
69
|
-
"total_voting_power": "
|
|
99
|
+
"total_voting_power": "3"
|
|
70
100
|
}
|
|
71
101
|
}
|
package/src/tests/webcat.test.ts
CHANGED
|
@@ -11,6 +11,14 @@ function clone<T>(x: T): T {
|
|
|
11
11
|
return JSON.parse(JSON.stringify(x));
|
|
12
12
|
}
|
|
13
13
|
|
|
14
|
+
function flipLastHexNibble(hex: string): string {
|
|
15
|
+
const last = hex.at(-1);
|
|
16
|
+
if (!last) throw new Error("Cannot mutate an empty hex string");
|
|
17
|
+
|
|
18
|
+
const replacement = last.toLowerCase() === "0" ? "1" : "0";
|
|
19
|
+
return `${hex.slice(0, -1)}${replacement}`;
|
|
20
|
+
}
|
|
21
|
+
|
|
14
22
|
describe("lightclient.verifyCommit", () => {
|
|
15
23
|
it("verifies a valid commit against the validator set", async () => {
|
|
16
24
|
const validators = blockFixture.validator_set as unknown as ValidatorJson;
|
|
@@ -50,10 +58,11 @@ describe("lightclient.verifyCommit", () => {
|
|
|
50
58
|
expect(out.quorum).toBe(false);
|
|
51
59
|
expect(out.ok).toBe(false);
|
|
52
60
|
expect(out.signedPower).toBe(0n);
|
|
53
|
-
expect(out.invalidSignatures).
|
|
61
|
+
expect(out.invalidSignatures).toHaveLength(vset.validators.length);
|
|
62
|
+
expect(out.invalidSignatures).toContain(
|
|
54
63
|
Uint8ArrayToHex(vset.validators[0].address).toUpperCase(),
|
|
55
|
-
|
|
56
|
-
expect(out.countedSignatures).toBe(
|
|
64
|
+
);
|
|
65
|
+
expect(out.countedSignatures).toBe(vset.validators.length);
|
|
57
66
|
});
|
|
58
67
|
|
|
59
68
|
it("flags invalid signatures", async () => {
|
|
@@ -71,11 +80,11 @@ describe("lightclient.verifyCommit", () => {
|
|
|
71
80
|
|
|
72
81
|
expect(out.quorum).toBe(false);
|
|
73
82
|
expect(out.ok).toBe(false);
|
|
74
|
-
expect(out.signedPower).toBe(
|
|
83
|
+
expect(out.signedPower).toBe(2n);
|
|
75
84
|
expect(out.invalidSignatures).toEqual([
|
|
76
85
|
Uint8ArrayToHex(vset.validators[0].address).toUpperCase(),
|
|
77
86
|
]);
|
|
78
|
-
expect(out.countedSignatures).toBe(
|
|
87
|
+
expect(out.countedSignatures).toBe(vset.validators.length);
|
|
79
88
|
});
|
|
80
89
|
|
|
81
90
|
it("rejects malformed signature bytes", async () => {
|
|
@@ -104,11 +113,113 @@ describe("lightclient.verifyCommit", () => {
|
|
|
104
113
|
|
|
105
114
|
expect(out.quorum).toBe(false);
|
|
106
115
|
expect(out.ok).toBe(false);
|
|
107
|
-
expect(out.signedPower).toBe(
|
|
116
|
+
expect(out.signedPower).toBe(2n);
|
|
108
117
|
expect(out.invalidSignatures).toEqual([]);
|
|
109
118
|
expect(out.unknownValidators).toEqual([
|
|
110
119
|
"0000000000000000000000000000000000000000",
|
|
111
120
|
]);
|
|
112
|
-
expect(out.countedSignatures).toBe(
|
|
121
|
+
expect(out.countedSignatures).toBe(vset.validators.length - 1);
|
|
122
|
+
});
|
|
123
|
+
|
|
124
|
+
it("detects tampering of every header field by checking the header merkle root against commit.block_id.hash", async () => {
|
|
125
|
+
const validators = blockFixture.validator_set as unknown as ValidatorJson;
|
|
126
|
+
const { proto: vset, cryptoIndex } = await importValidators(validators);
|
|
127
|
+
|
|
128
|
+
const mutators: Record<string, (commit: any) => void> = {
|
|
129
|
+
"header.version.block": (commit) => {
|
|
130
|
+
commit.signed_header.header.version.block = String(
|
|
131
|
+
BigInt(commit.signed_header.header.version.block) + 1n,
|
|
132
|
+
);
|
|
133
|
+
},
|
|
134
|
+
"header.version.app": (commit) => {
|
|
135
|
+
commit.signed_header.header.version.app = String(
|
|
136
|
+
BigInt(commit.signed_header.header.version.app) + 1n,
|
|
137
|
+
);
|
|
138
|
+
},
|
|
139
|
+
"header.chain_id": (commit) => {
|
|
140
|
+
commit.signed_header.header.chain_id = `${commit.signed_header.header.chain_id}-tampered`;
|
|
141
|
+
},
|
|
142
|
+
"header.height": (commit) => {
|
|
143
|
+
commit.signed_header.header.height = String(
|
|
144
|
+
BigInt(commit.signed_header.header.height) + 1n,
|
|
145
|
+
);
|
|
146
|
+
commit.signed_header.commit.height = commit.signed_header.header.height;
|
|
147
|
+
},
|
|
148
|
+
"header.time": (commit) => {
|
|
149
|
+
commit.signed_header.header.time = "2026-03-08T03:00:52.980342152Z";
|
|
150
|
+
},
|
|
151
|
+
"header.last_block_id.hash": (commit) => {
|
|
152
|
+
commit.signed_header.header.last_block_id.hash = flipLastHexNibble(
|
|
153
|
+
commit.signed_header.header.last_block_id.hash,
|
|
154
|
+
);
|
|
155
|
+
},
|
|
156
|
+
"header.last_block_id.parts.total": (commit) => {
|
|
157
|
+
commit.signed_header.header.last_block_id.parts.total += 1;
|
|
158
|
+
},
|
|
159
|
+
"header.last_block_id.parts.hash": (commit) => {
|
|
160
|
+
commit.signed_header.header.last_block_id.parts.hash =
|
|
161
|
+
flipLastHexNibble(
|
|
162
|
+
commit.signed_header.header.last_block_id.parts.hash,
|
|
163
|
+
);
|
|
164
|
+
},
|
|
165
|
+
"header.last_commit_hash": (commit) => {
|
|
166
|
+
commit.signed_header.header.last_commit_hash = flipLastHexNibble(
|
|
167
|
+
commit.signed_header.header.last_commit_hash,
|
|
168
|
+
);
|
|
169
|
+
},
|
|
170
|
+
"header.data_hash": (commit) => {
|
|
171
|
+
commit.signed_header.header.data_hash = flipLastHexNibble(
|
|
172
|
+
commit.signed_header.header.data_hash,
|
|
173
|
+
);
|
|
174
|
+
},
|
|
175
|
+
"header.validators_hash": (commit) => {
|
|
176
|
+
commit.signed_header.header.validators_hash = flipLastHexNibble(
|
|
177
|
+
commit.signed_header.header.validators_hash,
|
|
178
|
+
);
|
|
179
|
+
},
|
|
180
|
+
"header.next_validators_hash": (commit) => {
|
|
181
|
+
commit.signed_header.header.next_validators_hash = flipLastHexNibble(
|
|
182
|
+
commit.signed_header.header.next_validators_hash,
|
|
183
|
+
);
|
|
184
|
+
},
|
|
185
|
+
"header.consensus_hash": (commit) => {
|
|
186
|
+
commit.signed_header.header.consensus_hash = flipLastHexNibble(
|
|
187
|
+
commit.signed_header.header.consensus_hash,
|
|
188
|
+
);
|
|
189
|
+
},
|
|
190
|
+
"header.app_hash": (commit) => {
|
|
191
|
+
commit.signed_header.header.app_hash = flipLastHexNibble(
|
|
192
|
+
commit.signed_header.header.app_hash,
|
|
193
|
+
);
|
|
194
|
+
},
|
|
195
|
+
"header.last_results_hash": (commit) => {
|
|
196
|
+
commit.signed_header.header.last_results_hash = flipLastHexNibble(
|
|
197
|
+
commit.signed_header.header.last_results_hash,
|
|
198
|
+
);
|
|
199
|
+
},
|
|
200
|
+
"header.evidence_hash": (commit) => {
|
|
201
|
+
commit.signed_header.header.evidence_hash = flipLastHexNibble(
|
|
202
|
+
commit.signed_header.header.evidence_hash,
|
|
203
|
+
);
|
|
204
|
+
},
|
|
205
|
+
"header.proposer_address": (commit) => {
|
|
206
|
+
commit.signed_header.header.proposer_address = flipLastHexNibble(
|
|
207
|
+
commit.signed_header.header.proposer_address,
|
|
208
|
+
);
|
|
209
|
+
},
|
|
210
|
+
};
|
|
211
|
+
|
|
212
|
+
for (const [field, mutate] of Object.entries(mutators)) {
|
|
213
|
+
const tampered = clone(blockFixture);
|
|
214
|
+
mutate(tampered);
|
|
215
|
+
|
|
216
|
+
const out = await verifyCommit(
|
|
217
|
+
importCommit(tampered as unknown as CommitJson),
|
|
218
|
+
vset,
|
|
219
|
+
cryptoIndex,
|
|
220
|
+
);
|
|
221
|
+
|
|
222
|
+
expect(out.ok, `${field} tampering should be detected`).toBe(false);
|
|
223
|
+
}
|
|
113
224
|
});
|
|
114
225
|
});
|