Skip to content

fix: validate ML-DSA-65 signatures before on-chain RPC queries#61

Merged
mickvandijke merged 1 commit intomainfrom
fix/dos-signature-validation-reorder
Apr 3, 2026
Merged

fix: validate ML-DSA-65 signatures before on-chain RPC queries#61
mickvandijke merged 1 commit intomainfrom
fix/dos-signature-validation-reorder

Conversation

@mickvandijke
Copy link
Copy Markdown
Collaborator

@mickvandijke mickvandijke commented Apr 3, 2026

Summary

  • Move ML-DSA-65 signature validation BEFORE on-chain RPC calls to prevent DoS via garbage proofs triggering expensive chain queries
  • Splits the combined signature+timestamp loop into two: signatures are checked before the RPC round-trip, timestamps after (since they require on-chain data to compare against)

Context

Extracted from #58 — this is just the DoS prevention reorder, without the close group checker feature.

Test plan

  • cargo fmt / cargo clippy pass
  • All existing tests pass (no behavioral change for valid proofs)
  • Invalid signatures now rejected before any RPC call is made

🤖 Generated with Claude Code

@mickvandijke @claude
fix: validate ML-DSA-65 signatures before on-chain RPC queries
52e05d8 
Move signature validation ahead of the expensive on-chain payment lookup
to prevent DoS via garbage proofs that trigger RPC calls. Cheap local
crypto checks now gate the costly network round-trip.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings April 3, 2026 09:24
@mickvandijke mickvandijke merged commit a56d1b1 into main Apr 3, 2026
10 of 12 checks passed
@mickvandijke mickvandijke deleted the fix/dos-signature-validation-reorder branch April 3, 2026 09:25
Copilot AI reviewed Apr 3, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Reorders merkle payment verification so ML-DSA-65 candidate signatures are validated before any on-chain RPC query, preventing invalid/garbage proofs from triggering expensive chain lookups.

Changes:

  • Added an early loop to validate all candidate ML-DSA-65 signatures immediately after deriving the pool hash and before cache/RPC usage.
  • Split the prior combined loop so the post-RPC phase only checks timestamp consistency against on-chain (or cached) payment info.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@mickvandijke mickvandijke mentioned this pull request Apr 3, 2026
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mickvandijke