@inco/lightning 0.6.7 → 0.6.9

package/src/lightning-parts/primitives/test/SignatureVerifier.t.sol

@@ -0,0 +1,838 @@
+// SPDX-License-Identifier: No License
+pragma solidity ^0.8;
+
+import {TestUtils} from "../../../shared/TestUtils.sol";
+import {SignatureVerifier} from "../SignatureVerifier.sol";
+import {ECDSA} from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
+
+contract TestSignatureVerifier is TestUtils, SignatureVerifier {
+
+    using ECDSA for bytes32;
+
+    function setUp() public initializer {
+        // Initialize the contract
+        __Ownable_init(address(this));
+    }
+
+    // Helper function to create sorted signatures
+    // Takes a digest and an array of private keys, generates signatures,
+    // and returns them sorted by signer address in ascending order
+    function getSortedSignatures(bytes32 digest, uint256[] memory privKeys) internal returns (bytes[] memory) {
+        bytes[] memory signatures = new bytes[](privKeys.length);
+        address[] memory signers = new address[](privKeys.length);
+
+        // Generate signatures and recover signer addresses
+        for (uint256 i = 0; i < privKeys.length; i++) {
+            signatures[i] = getSignatureForDigest(digest, privKeys[i]);
+            signers[i] = digest.recover(signatures[i]);
+        }
+
+        // Bubble sort signatures by signer address (ascending)
+        for (uint256 i = 0; i < signatures.length; i++) {
+            for (uint256 j = i + 1; j < signatures.length; j++) {
+                if (signers[i] > signers[j]) {
+                    // Swap signers
+                    address tempSigner = signers[i];
+                    signers[i] = signers[j];
+                    signers[j] = tempSigner;
+
+                    // Swap signatures
+                    bytes memory tempSig = signatures[i];
+                    signatures[i] = signatures[j];
+                    signatures[j] = tempSig;
+                }
+            }
+        }
+
+        return signatures;
+    }
+
+    // Helper functions to expose internal/external functions for testing
+    function exposedAddSigner(address signerAddress) public {
+        addSigner(signerAddress);
+    }
+
+    function exposedRemoveSigner(address signerAddress) public {
+        this.removeSigner(signerAddress);
+    }
+
+    function exposedSetThreshold(uint256 newThreshold) public {
+        this.setThreshold(newThreshold);
+    }
+
+    // ============ Tests for Adding Signers ============
+
+    function testAddSingleSigner() public {
+        exposedAddSigner(alice);
+        assertTrue(isSigner(alice));
+    }
+
+    function testAddMultipleSigners() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+
+        assertTrue(isSigner(alice));
+        assertTrue(isSigner(bob));
+        assertTrue(isSigner(carol));
+    }
+
+    function testRevertWhenAddingDuplicateSigner() public {
+        exposedAddSigner(alice);
+
+        // Test that adding the same signer again reverts
+        // Using try-catch since the revert happens in an internal function
+        try this.exposedAddSigner(alice) {
+            fail("Expected revert when adding duplicate signer");
+        } catch (bytes memory reason) {
+            // Verify it's the correct error
+            bytes4 expectedSelector = SignatureVerifier.SignerAlreadyAdded.selector;
+            bytes4 receivedSelector = bytes4(reason);
+            assertEq(receivedSelector, expectedSelector, "Wrong error selector");
+        }
+    }
+
+    // ============ Tests for Setting Threshold ============
+
+    function testSetThreshold() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+
+        exposedSetThreshold(2);
+        assertEq(getThreshold(), 2);
+    }
+
+    function testRevertWhenThresholdExceedsSigners() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+
+        vm.expectRevert(abi.encodeWithSelector(SignatureVerifier.InvalidThreshold.selector, 3, 2));
+        exposedSetThreshold(3);
+    }
+
+    function testRevertWhenThresholdIsZero() public {
+        exposedAddSigner(alice);
+
+        vm.expectRevert(abi.encodeWithSelector(SignatureVerifier.InvalidThreshold.selector, 0, 1));
+        exposedSetThreshold(0);
+    }
+
+    function testThresholdChangedEvent() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedSetThreshold(1);
+
+        vm.expectEmit(true, true, true, true);
+        emit ThresholdChanged(1, 2);
+        exposedSetThreshold(2);
+    }
+
+    // ============ Tests for Signature Validation ============
+
+    function testValidSignatureSingleSignerThresholdOne() public {
+        exposedAddSigner(alice);
+        exposedSetThreshold(1);
+
+        bytes32 digest = keccak256("test message");
+        bytes[] memory signatures = new bytes[](1);
+        signatures[0] = getSignatureForDigest(digest, alicePrivKey);
+
+        assertTrue(isValidSignature(digest, signatures));
+    }
+
+    function testValidSignatureMultipleSignersThresholdMet() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+        uint256[] memory privKeys = new uint256[](2);
+        privKeys[0] = alicePrivKey;
+        privKeys[1] = bobPrivKey;
+        bytes[] memory signatures = getSortedSignatures(digest, privKeys);
+
+        assertTrue(isValidSignature(digest, signatures));
+    }
+
+    function testValidSignatureMoreSignaturesThanThreshold() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+        uint256[] memory privKeys = new uint256[](3);
+        privKeys[0] = alicePrivKey;
+        privKeys[1] = bobPrivKey;
+        privKeys[2] = carolPrivKey;
+        bytes[] memory signatures = getSortedSignatures(digest, privKeys);
+
+        assertTrue(isValidSignature(digest, signatures));
+    }
+
+    function testInvalidSignatureThresholdNotMet() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(3);
+
+        bytes32 digest = keccak256("test message");
+        uint256[] memory privKeys = new uint256[](2);
+        privKeys[0] = alicePrivKey;
+        privKeys[1] = bobPrivKey;
+        bytes[] memory signatures = getSortedSignatures(digest, privKeys);
+
+        assertFalse(isValidSignature(digest, signatures));
+    }
+
+    function testInvalidSignatureThresholdZero() public {
+        exposedAddSigner(alice);
+        // Don't set threshold, it defaults to 0
+
+        bytes32 digest = keccak256("test message");
+        bytes[] memory signatures = new bytes[](1);
+        signatures[0] = getSignatureForDigest(digest, alicePrivKey);
+
+        assertFalse(isValidSignature(digest, signatures));
+    }
+
+    function testInvalidSignatureNonSigner() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+        uint256[] memory privKeys = new uint256[](2);
+        privKeys[0] = alicePrivKey;
+        privKeys[1] = davePrivKey; // Dave is not a signer
+        bytes[] memory signatures = getSortedSignatures(digest, privKeys);
+
+        assertFalse(isValidSignature(digest, signatures));
+    }
+
+    function testInvalidSignatureDuplicateSigner() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+        uint256[] memory privKeys = new uint256[](2);
+        privKeys[0] = alicePrivKey;
+        privKeys[1] = alicePrivKey; // Duplicate
+        bytes[] memory signatures = getSortedSignatures(digest, privKeys);
+
+        // Should revert because duplicate signers violate the ascending order requirement
+        // Using try-catch to handle the revert from a view function
+        try this.isValidSignature(digest, signatures) returns (bool result) {
+            assertFalse(result, "Expected signature validation to fail with duplicates");
+        } catch (bytes memory reason) {
+            // Verify it's the correct error
+            bytes4 expectedSelector = SignatureVerifier.SignersNotInAscendingOrder.selector;
+            bytes4 receivedSelector = bytes4(reason);
+            assertEq(receivedSelector, expectedSelector, "Wrong error selector");
+        }
+    }
+
+    function testRevertWhenSignaturesNotInAscendingOrder() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Create signatures in wrong order (descending instead of ascending)
+        bytes[] memory signatures = new bytes[](2);
+        address aliceAddr = vm.addr(alicePrivKey);
+        address bobAddr = vm.addr(bobPrivKey);
+
+        // Intentionally put them in wrong order based on addresses
+        if (aliceAddr < bobAddr) {
+            // Bob's signature first (wrong order)
+            signatures[0] = getSignatureForDigest(digest, bobPrivKey);
+            signatures[1] = getSignatureForDigest(digest, alicePrivKey);
+        } else {
+            // Alice's signature first (wrong order)
+            signatures[0] = getSignatureForDigest(digest, alicePrivKey);
+            signatures[1] = getSignatureForDigest(digest, bobPrivKey);
+        }
+
+        // Should revert with SignersNotInAscendingOrder
+        try this.isValidSignature(digest, signatures) returns (bool result) {
+            fail("Expected revert for signatures not in ascending order");
+        } catch (bytes memory reason) {
+            bytes4 expectedSelector = SignatureVerifier.SignersNotInAscendingOrder.selector;
+            bytes4 receivedSelector = bytes4(reason);
+            assertEq(receivedSelector, expectedSelector, "Wrong error selector");
+        }
+    }
+
+    function testRevertWhenThreeSignaturesOutOfOrder() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(3);
+
+        bytes32 digest = keccak256("test message");
+
+        // Get all three signatures
+        bytes memory aliceSig = getSignatureForDigest(digest, alicePrivKey);
+        bytes memory bobSig = getSignatureForDigest(digest, bobPrivKey);
+        bytes memory carolSig = getSignatureForDigest(digest, carolPrivKey);
+
+        // Recover addresses to determine correct order
+        address aliceAddr = digest.recover(aliceSig);
+        address bobAddr = digest.recover(bobSig);
+        address carolAddr = digest.recover(carolSig);
+
+        // Create an array with middle and last swapped (intentionally wrong order)
+        bytes[] memory signatures = new bytes[](3);
+
+        // Sort addresses to find middle one
+        address[] memory addrs = new address[](3);
+        addrs[0] = aliceAddr;
+        addrs[1] = bobAddr;
+        addrs[2] = carolAddr;
+
+        // Simple sort
+        for (uint256 i = 0; i < 3; i++) {
+            for (uint256 j = i + 1; j < 3; j++) {
+                if (addrs[i] > addrs[j]) {
+                    address temp = addrs[i];
+                    addrs[i] = addrs[j];
+                    addrs[j] = temp;
+                }
+            }
+        }
+
+        // Put in wrong order: smallest, largest, middle
+        if (addrs[0] == aliceAddr) {
+            signatures[0] = aliceSig;
+            if (addrs[1] == bobAddr) {
+                signatures[1] = carolSig; // Wrong: should be bob
+                signatures[2] = bobSig;
+            } else {
+                signatures[1] = bobSig; // Wrong: should be carol
+                signatures[2] = carolSig;
+            }
+        } else if (addrs[0] == bobAddr) {
+            signatures[0] = bobSig;
+            if (addrs[1] == aliceAddr) {
+                signatures[1] = carolSig; // Wrong: should be alice
+                signatures[2] = aliceSig;
+            } else {
+                signatures[1] = aliceSig; // Wrong: should be carol
+                signatures[2] = carolSig;
+            }
+        } else {
+            signatures[0] = carolSig;
+            if (addrs[1] == aliceAddr) {
+                signatures[1] = bobSig; // Wrong: should be alice
+                signatures[2] = aliceSig;
+            } else {
+                signatures[1] = aliceSig; // Wrong: should be bob
+                signatures[2] = bobSig;
+            }
+        }
+
+        // Should revert with SignersNotInAscendingOrder
+        try this.isValidSignature(digest, signatures) returns (bool result) {
+            fail("Expected revert for signatures not in ascending order");
+        } catch (bytes memory reason) {
+            bytes4 expectedSelector = SignatureVerifier.SignersNotInAscendingOrder.selector;
+            bytes4 receivedSelector = bytes4(reason);
+            assertEq(receivedSelector, expectedSelector, "Wrong error selector");
+        }
+    }
+
+    function testSignaturesInCorrectAscendingOrderPasses() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(3);
+
+        bytes32 digest = keccak256("test message");
+
+        // Use the helper that sorts signatures correctly
+        uint256[] memory privKeys = new uint256[](3);
+        privKeys[0] = alicePrivKey;
+        privKeys[1] = bobPrivKey;
+        privKeys[2] = carolPrivKey;
+        bytes[] memory signatures = getSortedSignatures(digest, privKeys);
+
+        // Should pass because signatures are in ascending order
+        assertTrue(isValidSignature(digest, signatures));
+    }
+
+    function testInvalidSignaturesIgnoredBeyondThreshold() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Create 3 signatures: Alice, Bob (both valid), and Dave (invalid)
+        // After sorting, Dave's signature will be placed according to his address
+        // As long as the first 2 signatures checked are from valid signers, it should pass
+        bytes[] memory signatures = new bytes[](3);
+        bytes memory aliceSig = getSignatureForDigest(digest, alicePrivKey);
+        bytes memory bobSig = getSignatureForDigest(digest, bobPrivKey);
+        bytes memory daveSig = getSignatureForDigest(digest, davePrivKey);
+
+        address aliceAddr = digest.recover(aliceSig);
+        address bobAddr = digest.recover(bobSig);
+        address daveAddr = digest.recover(daveSig);
+
+        // Sort them manually so Dave's signature is at the end (position 2, beyond threshold)
+        address[] memory addrs = new address[](3);
+        bytes[] memory sigs = new bytes[](3);
+        addrs[0] = aliceAddr;
+        addrs[1] = bobAddr;
+        addrs[2] = daveAddr;
+        sigs[0] = aliceSig;
+        sigs[1] = bobSig;
+        sigs[2] = daveSig;
+
+        // Bubble sort
+        for (uint256 i = 0; i < 3; i++) {
+            for (uint256 j = i + 1; j < 3; j++) {
+                if (addrs[i] > addrs[j]) {
+                    address tempAddr = addrs[i];
+                    addrs[i] = addrs[j];
+                    addrs[j] = tempAddr;
+
+                    bytes memory tempSig = sigs[i];
+                    sigs[i] = sigs[j];
+                    sigs[j] = tempSig;
+                }
+            }
+        }
+
+        // If Dave's address is in the first 2 positions, this test won't work as intended
+        // So we skip the test if Dave ends up in the first 2 positions
+        bool daveInFirstTwo = (addrs[0] == daveAddr || addrs[1] == daveAddr);
+
+        if (!daveInFirstTwo) {
+            // Dave is in position 2 (beyond threshold), so validation should pass
+            assertTrue(isValidSignature(digest, sigs));
+        } else {
+            // Dave is in first 2 positions, so validation should fail
+            assertFalse(isValidSignature(digest, sigs));
+        }
+    }
+
+    function testInvalidSignatureWithInvalidSignerInFirstThreshold() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Create signatures where an invalid signer (Dave) will be in the first threshold
+        bytes[] memory signatures = new bytes[](3);
+        bytes memory aliceSig = getSignatureForDigest(digest, alicePrivKey);
+        bytes memory bobSig = getSignatureForDigest(digest, bobPrivKey);
+        bytes memory daveSig = getSignatureForDigest(digest, davePrivKey);
+
+        address aliceAddr = digest.recover(aliceSig);
+        address bobAddr = digest.recover(bobSig);
+        address daveAddr = digest.recover(daveSig);
+
+        // Sort them
+        address[] memory addrs = new address[](3);
+        bytes[] memory sigs = new bytes[](3);
+        addrs[0] = aliceAddr;
+        addrs[1] = bobAddr;
+        addrs[2] = daveAddr;
+        sigs[0] = aliceSig;
+        sigs[1] = bobSig;
+        sigs[2] = daveSig;
+
+        for (uint256 i = 0; i < 3; i++) {
+            for (uint256 j = i + 1; j < 3; j++) {
+                if (addrs[i] > addrs[j]) {
+                    address tempAddr = addrs[i];
+                    addrs[i] = addrs[j];
+                    addrs[j] = tempAddr;
+
+                    bytes memory tempSig = sigs[i];
+                    sigs[i] = sigs[j];
+                    sigs[j] = tempSig;
+                }
+            }
+        }
+
+        // If Dave is in the first 2 positions, validation should fail
+        bool daveInFirstTwo = (addrs[0] == daveAddr || addrs[1] == daveAddr);
+
+        if (daveInFirstTwo) {
+            assertFalse(isValidSignature(digest, sigs));
+        } else {
+            // If Dave is beyond threshold, it should pass
+            assertTrue(isValidSignature(digest, sigs));
+        }
+    }
+
+    // ============ Tests for Removing Signers ============
+
+    function testRemoveSigner() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        exposedRemoveSigner(alice);
+        assertFalse(isSigner(alice));
+        assertTrue(isSigner(bob));
+        assertTrue(isSigner(carol));
+    }
+
+    function testRevertWhenRemovingNonExistentSigner() public {
+        exposedAddSigner(alice);
+
+        vm.expectRevert(abi.encodeWithSelector(SignatureVerifier.SignerNotFound.selector, bob));
+        exposedRemoveSigner(bob);
+    }
+
+    function testRevertWhenRemovingSignerBelowThreshold() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedSetThreshold(2);
+
+        vm.expectRevert(abi.encodeWithSelector(SignatureVerifier.InvalidThreshold.selector, 2, 1));
+        exposedRemoveSigner(alice);
+    }
+
+    function testRemoveSignerThenValidateSignatures() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Before removal - Alice's signature should work
+        uint256[] memory privKeysBefore = new uint256[](2);
+        privKeysBefore[0] = alicePrivKey;
+        privKeysBefore[1] = bobPrivKey;
+        bytes[] memory sigsBefore = getSortedSignatures(digest, privKeysBefore);
+        assertTrue(isValidSignature(digest, sigsBefore));
+
+        // Remove Alice
+        exposedRemoveSigner(alice);
+
+        // After removal - Alice's signature should not work
+        uint256[] memory privKeysAfter = new uint256[](2);
+        privKeysAfter[0] = alicePrivKey;
+        privKeysAfter[1] = bobPrivKey;
+        bytes[] memory sigsAfter = getSortedSignatures(digest, privKeysAfter);
+        assertFalse(isValidSignature(digest, sigsAfter));
+
+        // But Bob and Carol should still work
+        uint256[] memory privKeysValid = new uint256[](2);
+        privKeysValid[0] = bobPrivKey;
+        privKeysValid[1] = carolPrivKey;
+        bytes[] memory sigsValid = getSortedSignatures(digest, privKeysValid);
+        assertTrue(isValidSignature(digest, sigsValid));
+    }
+
+    // ============ Tests for Complex Scenarios ============
+
+    function testFullWorkflowFiveSigners() public {
+        // Add all five signers
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedAddSigner(dave);
+        exposedAddSigner(eve);
+
+        // Set threshold to 3
+        exposedSetThreshold(3);
+
+        bytes32 digest = keccak256("important message");
+
+        // Test with exactly 3 signatures
+        uint256[] memory privKeys3 = new uint256[](3);
+        privKeys3[0] = alicePrivKey;
+        privKeys3[1] = bobPrivKey;
+        privKeys3[2] = carolPrivKey;
+        bytes[] memory sigs3 = getSortedSignatures(digest, privKeys3);
+        assertTrue(isValidSignature(digest, sigs3));
+
+        // Test with 2 signatures (should fail)
+        uint256[] memory privKeys2 = new uint256[](2);
+        privKeys2[0] = alicePrivKey;
+        privKeys2[1] = bobPrivKey;
+        bytes[] memory sigs2 = getSortedSignatures(digest, privKeys2);
+        assertFalse(isValidSignature(digest, sigs2));
+
+        // Test with all 5 signatures
+        uint256[] memory privKeys5 = new uint256[](5);
+        privKeys5[0] = alicePrivKey;
+        privKeys5[1] = bobPrivKey;
+        privKeys5[2] = carolPrivKey;
+        privKeys5[3] = davePrivKey;
+        privKeys5[4] = evePrivKey;
+        bytes[] memory sigs5 = getSortedSignatures(digest, privKeys5);
+        assertTrue(isValidSignature(digest, sigs5));
+
+        // Update threshold to 4
+        exposedSetThreshold(4);
+
+        // Now 3 signatures should fail
+        assertFalse(isValidSignature(digest, sigs3));
+
+        // But 5 should still work
+        assertTrue(isValidSignature(digest, sigs5));
+    }
+
+    function testOnlyOwnerCanRemoveSigner() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedSetThreshold(1);
+
+        vm.prank(alice);
+        vm.expectRevert();
+        exposedRemoveSigner(bob);
+    }
+
+    function testOnlyOwnerCanSetThreshold() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+
+        vm.prank(alice);
+        vm.expectRevert();
+        exposedSetThreshold(1);
+    }
+
+    // ============ Tests for Mixed Valid/Invalid Signatures ============
+
+    function testIncorrectSignaturesAllowedWithEnoughCorrectOnes() public {
+        // Add 3 valid signers
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Create a mix: Alice (valid), Dave (invalid), Bob (valid)
+        // We need to sort them by signer address
+        bytes memory aliceSig = getSignatureForDigest(digest, alicePrivKey);
+        bytes memory daveSig = getSignatureForDigest(digest, davePrivKey); // Dave is not a signer
+        bytes memory bobSig = getSignatureForDigest(digest, bobPrivKey);
+
+        address aliceAddr = digest.recover(aliceSig);
+        address daveAddr = digest.recover(daveSig);
+        address bobAddr = digest.recover(bobSig);
+
+        // Sort the signatures by address
+        address[] memory addrs = new address[](3);
+        bytes[] memory sigs = new bytes[](3);
+        addrs[0] = aliceAddr;
+        addrs[1] = daveAddr;
+        addrs[2] = bobAddr;
+        sigs[0] = aliceSig;
+        sigs[1] = daveSig;
+        sigs[2] = bobSig;
+
+        // Bubble sort
+        for (uint256 i = 0; i < 3; i++) {
+            for (uint256 j = i + 1; j < 3; j++) {
+                if (addrs[i] > addrs[j]) {
+                    address tempAddr = addrs[i];
+                    addrs[i] = addrs[j];
+                    addrs[j] = tempAddr;
+
+                    bytes memory tempSig = sigs[i];
+                    sigs[i] = sigs[j];
+                    sigs[j] = tempSig;
+                }
+            }
+        }
+
+        // Should pass because we have Alice and Bob (2 valid signatures >= threshold of 2)
+        // Dave's invalid signature is simply ignored in the count
+        assertTrue(isValidSignature(digest, sigs));
+    }
+
+    function testMultipleIncorrectSignaturesWithEnoughCorrectOnes() public {
+        // Add 3 valid signers
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Create a mix: Alice (valid), Dave (invalid), Bob (valid), Eve (invalid)
+        bytes memory aliceSig = getSignatureForDigest(digest, alicePrivKey);
+        bytes memory daveSig = getSignatureForDigest(digest, davePrivKey); // Invalid
+        bytes memory bobSig = getSignatureForDigest(digest, bobPrivKey);
+        bytes memory eveSig = getSignatureForDigest(digest, evePrivKey); // Invalid
+
+        address aliceAddr = digest.recover(aliceSig);
+        address daveAddr = digest.recover(daveSig);
+        address bobAddr = digest.recover(bobSig);
+        address eveAddr = digest.recover(eveSig);
+
+        // Sort all signatures
+        address[] memory addrs = new address[](4);
+        bytes[] memory sigs = new bytes[](4);
+        addrs[0] = aliceAddr;
+        addrs[1] = daveAddr;
+        addrs[2] = bobAddr;
+        addrs[3] = eveAddr;
+        sigs[0] = aliceSig;
+        sigs[1] = daveSig;
+        sigs[2] = bobSig;
+        sigs[3] = eveSig;
+
+        // Bubble sort
+        for (uint256 i = 0; i < 4; i++) {
+            for (uint256 j = i + 1; j < 4; j++) {
+                if (addrs[i] > addrs[j]) {
+                    address tempAddr = addrs[i];
+                    addrs[i] = addrs[j];
+                    addrs[j] = tempAddr;
+
+                    bytes memory tempSig = sigs[i];
+                    sigs[i] = sigs[j];
+                    sigs[j] = tempSig;
+                }
+            }
+        }
+
+        // Should pass: we have Alice and Bob (2 valid) even with Dave and Eve (2 invalid)
+        assertTrue(isValidSignature(digest, sigs));
+    }
+
+    function testMoreSignaturesThanThresholdIsAllowed() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedAddSigner(carol);
+        exposedSetThreshold(1);
+
+        bytes32 digest = keccak256("test message");
+
+        // Provide all 3 signatures even though threshold is only 1
+        uint256[] memory privKeys = new uint256[](3);
+        privKeys[0] = alicePrivKey;
+        privKeys[1] = bobPrivKey;
+        privKeys[2] = carolPrivKey;
+        bytes[] memory signatures = getSortedSignatures(digest, privKeys);
+
+        // Should pass because we have way more than threshold
+        assertTrue(isValidSignature(digest, signatures));
+    }
+
+    function testExcessSignaturesWithMixedValidityPassesWithEnoughValid() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Provide 5 signatures: Alice (valid), Bob (valid), Carol (invalid), Dave (invalid), Eve (invalid)
+        // Threshold is 2, so Alice + Bob should be enough
+        bytes memory aliceSig = getSignatureForDigest(digest, alicePrivKey);
+        bytes memory bobSig = getSignatureForDigest(digest, bobPrivKey);
+        bytes memory carolSig = getSignatureForDigest(digest, carolPrivKey); // Invalid - not a signer
+        bytes memory daveSig = getSignatureForDigest(digest, davePrivKey); // Invalid
+        bytes memory eveSig = getSignatureForDigest(digest, evePrivKey); // Invalid
+
+        address aliceAddr = digest.recover(aliceSig);
+        address bobAddr = digest.recover(bobSig);
+        address carolAddr = digest.recover(carolSig);
+        address daveAddr = digest.recover(daveSig);
+        address eveAddr = digest.recover(eveSig);
+
+        // Sort all signatures
+        address[] memory addrs = new address[](5);
+        bytes[] memory sigs = new bytes[](5);
+        addrs[0] = aliceAddr;
+        addrs[1] = bobAddr;
+        addrs[2] = carolAddr;
+        addrs[3] = daveAddr;
+        addrs[4] = eveAddr;
+        sigs[0] = aliceSig;
+        sigs[1] = bobSig;
+        sigs[2] = carolSig;
+        sigs[3] = daveSig;
+        sigs[4] = eveSig;
+
+        // Bubble sort
+        for (uint256 i = 0; i < 5; i++) {
+            for (uint256 j = i + 1; j < 5; j++) {
+                if (addrs[i] > addrs[j]) {
+                    address tempAddr = addrs[i];
+                    addrs[i] = addrs[j];
+                    addrs[j] = tempAddr;
+
+                    bytes memory tempSig = sigs[i];
+                    sigs[i] = sigs[j];
+                    sigs[j] = tempSig;
+                }
+            }
+        }
+
+        // Should pass: Alice and Bob are valid (meets threshold of 2)
+        // Extra signatures (3 invalid ones) don't cause failure
+        assertTrue(isValidSignature(digest, sigs));
+    }
+
+    function testInsufficientValidSignaturesFailsDespiteExtraInvalidOnes() public {
+        exposedAddSigner(alice);
+        exposedAddSigner(bob);
+        exposedSetThreshold(2);
+
+        bytes32 digest = keccak256("test message");
+
+        // Provide 5 signatures but only 1 valid: Alice (valid), Carol (invalid), Dave (invalid), Eve (invalid)
+        bytes memory aliceSig = getSignatureForDigest(digest, alicePrivKey);
+        bytes memory carolSig = getSignatureForDigest(digest, carolPrivKey); // Invalid
+        bytes memory daveSig = getSignatureForDigest(digest, davePrivKey); // Invalid
+        bytes memory eveSig = getSignatureForDigest(digest, evePrivKey); // Invalid
+
+        address aliceAddr = digest.recover(aliceSig);
+        address carolAddr = digest.recover(carolSig);
+        address daveAddr = digest.recover(daveSig);
+        address eveAddr = digest.recover(eveSig);
+
+        // Sort signatures
+        address[] memory addrs = new address[](4);
+        bytes[] memory sigs = new bytes[](4);
+        addrs[0] = aliceAddr;
+        addrs[1] = carolAddr;
+        addrs[2] = daveAddr;
+        addrs[3] = eveAddr;
+        sigs[0] = aliceSig;
+        sigs[1] = carolSig;
+        sigs[2] = daveSig;
+        sigs[3] = eveSig;
+
+        // Bubble sort
+        for (uint256 i = 0; i < 4; i++) {
+            for (uint256 j = i + 1; j < 4; j++) {
+                if (addrs[i] > addrs[j]) {
+                    address tempAddr = addrs[i];
+                    addrs[i] = addrs[j];
+                    addrs[j] = tempAddr;
+
+                    bytes memory tempSig = sigs[i];
+                    sigs[i] = sigs[j];
+                    sigs[j] = tempSig;
+                }
+            }
+        }
+
+        // Should fail: only 1 valid signature (Alice), but threshold is 2
+        // Having 4 total signatures doesn't help if only 1 is valid
+        assertFalse(isValidSignature(digest, sigs));
+    }
+
+}