mirror of
https://gitlab.com/pulsechaincom/erigon-pulse.git
synced 2025-01-19 00:54:12 +00:00
514 lines
19 KiB
Go
514 lines
19 KiB
Go
/*
|
|
Copyright 2021 Erigon contributors
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package txpool
|
|
|
|
import (
|
|
"encoding/binary"
|
|
"fmt"
|
|
"hash"
|
|
"math/bits"
|
|
|
|
"github.com/holiman/uint256"
|
|
"github.com/ledgerwatch/secp256k1"
|
|
"golang.org/x/crypto/sha3"
|
|
)
|
|
|
|
// TxContext is object that is required to parse transactions and turn transaction payload into TxSlot objects
|
|
// usage of TxContext helps avoid extra memory allocations
|
|
type TxParseContext struct {
|
|
keccak1 hash.Hash
|
|
keccak2 hash.Hash
|
|
chainId, r, s uint256.Int // Signature values
|
|
n27, n28, n35 uint256.Int
|
|
buf [65]byte // buffer needs to be enough for hashes (32 bytes) and for public key (65 bytes)
|
|
sighash [32]byte
|
|
sig [65]byte
|
|
recCtx *secp256k1.Context // Context for sender recovery
|
|
}
|
|
|
|
func NewTxParseContext() *TxParseContext {
|
|
ctx := &TxParseContext{
|
|
keccak1: sha3.NewLegacyKeccak256(),
|
|
keccak2: sha3.NewLegacyKeccak256(),
|
|
recCtx: secp256k1.NewContext(),
|
|
}
|
|
ctx.n27.SetUint64(27)
|
|
ctx.n28.SetUint64(28)
|
|
ctx.n35.SetUint64(35)
|
|
return ctx
|
|
}
|
|
|
|
// TxSlot contains information extracted from an Ethereum transaction, which is enough to manage it inside the transaction.
|
|
// Also, it contains some auxillary information, like ephemeral fields, and indices within priority queues
|
|
type TxSlot struct {
|
|
//txId uint64 // Transaction id (distinct from transaction hash), used as a compact reference to a transaction accross data structures
|
|
//senderId uint64 // Sender id (distinct from sender address), used as a compact referecne to to a sender accross data structures
|
|
nonce uint64 // Nonce of the transaction
|
|
tip uint64 // Maximum tip that transaction is giving to miner/block proposer
|
|
feeCap uint64 // Maximum fee that transaction burns and gives to the miner/block proposer
|
|
gas uint64 // Gas limit of the transaction
|
|
value uint256.Int // Value transferred by the transaction
|
|
creation bool // Set to true if "To" field of the transation is not set
|
|
dataLen int // Length of transaction's data (for calculation of intrinsic gas)
|
|
alAddrCount int // Number of addresses in the access list
|
|
alStorCount int // Number of storage keys in the access list
|
|
//bestIdx int // Index of the transaction in the best priority queue (of whatever pool it currently belongs to)
|
|
//worstIdx int // Index of the transaction in the worst priority queue (of whatever pook it currently belongs to)
|
|
//local bool // Whether transaction has been injected locally (and hence needs priority when mining or proposing a block)
|
|
idHash [32]byte // Transaction hash for the purposes of using it as a transaction Id
|
|
sender [20]byte // Sender address for the transaction, recovered from the signature
|
|
}
|
|
|
|
// beInt parses Big Endian representation of an integer from given payload at given position
|
|
func beInt(payload []byte, pos, length int) (int, error) {
|
|
var r int
|
|
if length > 0 && payload[pos] == 0 {
|
|
return 0, fmt.Errorf("integer encoding for RLP must not have leading zeros: %x", payload[pos:pos+length])
|
|
}
|
|
for _, b := range payload[pos : pos+length] {
|
|
r = (r << 8) | int(b)
|
|
}
|
|
return r, nil
|
|
}
|
|
|
|
// prefix parses RLP prefix from given payload at given position. It returns the offset and length of the RLP element
|
|
// as well as the indication of whether it is a list of string
|
|
func prefix(payload []byte, pos int) (dataPos int, dataLen int, list bool, err error) {
|
|
switch first := payload[pos]; {
|
|
case first < 128:
|
|
dataPos = pos
|
|
dataLen = 1
|
|
list = false
|
|
case first < 184:
|
|
// string of len < 56, and it is non-legacy transaction
|
|
dataPos = pos + 1
|
|
dataLen = int(first) - 128
|
|
list = false
|
|
case first < 192:
|
|
// string of len >= 56, and it is non-legacy transaction
|
|
beLen := int(first) - 183
|
|
dataPos = pos + 1 + beLen
|
|
dataLen, err = beInt(payload, pos+1, beLen)
|
|
list = false
|
|
case first < 248:
|
|
// list of len < 56, and it is a legacy transaction
|
|
dataPos = pos + 1
|
|
dataLen = int(first) - 192
|
|
list = true
|
|
default:
|
|
// list of len >= 56, and it is a legacy transaction
|
|
beLen := int(first) - 247
|
|
dataPos = pos + 1 + beLen
|
|
dataLen, err = beInt(payload, pos+1, beLen)
|
|
list = true
|
|
}
|
|
return
|
|
}
|
|
|
|
// parseUint64 parses uint64 number from given payload at given position
|
|
func parseUint64(payload []byte, pos int) (int, uint64, error) {
|
|
dataPos, dataLen, list, err := prefix(payload, pos)
|
|
if err != nil {
|
|
return 0, 0, err
|
|
}
|
|
if list {
|
|
return 0, 0, fmt.Errorf("uint64 must be a string, not list")
|
|
}
|
|
if dataPos+dataLen >= len(payload) {
|
|
return 0, 0, fmt.Errorf("unexpected end of payload")
|
|
}
|
|
if dataLen > 8 {
|
|
return 0, 0, fmt.Errorf("uint64 must not be more than 8 bytes long, got %d", dataLen)
|
|
}
|
|
if dataLen > 0 && payload[dataPos] == 0 {
|
|
return 0, 0, fmt.Errorf("integer encoding for RLP must not have leading zeros: %x", payload[dataPos:dataPos+dataLen])
|
|
}
|
|
var r uint64
|
|
for _, b := range payload[dataPos : dataPos+dataLen] {
|
|
r = (r << 8) | uint64(b)
|
|
}
|
|
return dataPos + dataLen, r, nil
|
|
}
|
|
|
|
// parseUint256 parses uint256 number from given payload at given position
|
|
func parseUint256(payload []byte, pos int, x *uint256.Int) (int, error) {
|
|
dataPos, dataLen, list, err := prefix(payload, pos)
|
|
if err != nil {
|
|
return 0, err
|
|
}
|
|
if list {
|
|
return 0, fmt.Errorf("uint256 must be a string, not list")
|
|
}
|
|
if dataPos+dataLen > len(payload) {
|
|
return 0, fmt.Errorf("unexpected end of payload")
|
|
}
|
|
if dataLen > 32 {
|
|
return 0, fmt.Errorf("uint256 must not be more than 8 bytes long, got %d", dataLen)
|
|
}
|
|
if dataLen > 0 && payload[dataPos] == 0 {
|
|
return 0, fmt.Errorf("integer encoding for RLP must not have leading zeros: %x", payload[dataPos:dataPos+dataLen])
|
|
}
|
|
x.SetBytes(payload[dataPos : dataPos+dataLen])
|
|
return dataPos + dataLen, nil
|
|
}
|
|
|
|
const (
|
|
LegacyTxType int = 0
|
|
AccessListTxType int = 1
|
|
DynamicFeeTxType int = 2
|
|
)
|
|
|
|
// ParseTransaction extracts all the information from the transactions's payload (RLP) necessary to build TxSlot
|
|
// it also performs syntactic validation of the transactions
|
|
func (ctx *TxParseContext) ParseTransaction(payload []byte, pos int) (*TxSlot, int, error) {
|
|
errorPrefix := "parse transaction payload"
|
|
if len(payload) == 0 {
|
|
return nil, 0, fmt.Errorf("%s: empty rlp", errorPrefix)
|
|
}
|
|
// Compute transaction hash
|
|
ctx.keccak1.Reset()
|
|
ctx.keccak2.Reset()
|
|
var slot TxSlot
|
|
// Legacy transations have list prefix, whereas EIP-2718 transactions have string prefix
|
|
// therefore we assign the first returned value of prefix function (list) to legacy variable
|
|
dataPos, dataLen, legacy, err := prefix(payload, pos)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: size prefix: %v", errorPrefix, err)
|
|
}
|
|
payloadLen := len(payload)
|
|
if dataPos+dataLen != payloadLen {
|
|
return nil, 0, fmt.Errorf("%s: transaction must be either 1 list or 1 string", errorPrefix)
|
|
}
|
|
p := dataPos
|
|
|
|
var txType int
|
|
var list bool
|
|
// If it is non-legacy transaction, the transaction type follows, and then the the list
|
|
if !legacy {
|
|
txType = int(payload[p])
|
|
if _, err = ctx.keccak1.Write(payload[p : p+1]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing idHash (hashing type prefix): %w", errorPrefix, err)
|
|
}
|
|
if _, err = ctx.keccak2.Write(payload[p : p+1]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing signHash (hashing type prefix): %w", errorPrefix, err)
|
|
}
|
|
p++
|
|
if p >= payloadLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of payload after txType", errorPrefix)
|
|
}
|
|
dataPos, dataLen, list, err = prefix(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: envelope prefix: %v", errorPrefix, err)
|
|
}
|
|
if !list {
|
|
return nil, 0, fmt.Errorf("%s: envelope must be a list, not string", errorPrefix)
|
|
}
|
|
if dataPos+dataLen > payloadLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of payload after envelope", errorPrefix)
|
|
}
|
|
// Hash the envelope, not the full payload
|
|
if _, err = ctx.keccak1.Write(payload[p : dataPos+dataLen]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing idHash (hashing the envelope): %w", errorPrefix, err)
|
|
}
|
|
p = dataPos
|
|
}
|
|
// Remember where signing hash data begins (it will need to be wrapped in an RLP list)
|
|
sigHashPos := p
|
|
// If it is non-legacy tx, chainId follows, but we skip it
|
|
if !legacy {
|
|
dataPos, dataLen, list, err = prefix(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: chainId len: %w", errorPrefix, err)
|
|
}
|
|
if list {
|
|
return nil, 0, fmt.Errorf("%s: chainId must be a string, not list", errorPrefix)
|
|
}
|
|
if dataPos+dataLen >= payloadLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of payload after chainId", errorPrefix)
|
|
}
|
|
p = dataPos + dataLen
|
|
}
|
|
// Next follows the nonce, which we need to parse
|
|
p, slot.nonce, err = parseUint64(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: nonce: %w", errorPrefix, err)
|
|
}
|
|
// Next follows gas price or tip
|
|
// Although consensus rules specify that tip can be up to 256 bit long, we narrow it to 64 bit
|
|
p, slot.tip, err = parseUint64(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: tip: %w", errorPrefix, err)
|
|
}
|
|
// Next follows feeCap, but only for dynamic fee transactions, for legacy transaction, it is
|
|
// equal to tip
|
|
if txType < DynamicFeeTxType {
|
|
slot.feeCap = slot.tip
|
|
} else {
|
|
// Although consensus rules specify that feeCap can be up to 256 bit long, we narrow it to 64 bit
|
|
p, slot.feeCap, err = parseUint64(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: feeCap: %w", errorPrefix, err)
|
|
}
|
|
}
|
|
// Next follows gas
|
|
p, slot.gas, err = parseUint64(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: gas: %w", errorPrefix, err)
|
|
}
|
|
// Next follows the destrination address (if present)
|
|
dataPos, dataLen, list, err = prefix(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: to len: %w", errorPrefix, err)
|
|
}
|
|
if list {
|
|
return nil, 0, fmt.Errorf("%s: to must be a string, not list", errorPrefix)
|
|
}
|
|
if dataPos+dataLen >= payloadLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of payload after to", errorPrefix)
|
|
}
|
|
if dataLen != 0 && dataLen != 20 {
|
|
return nil, 0, fmt.Errorf("%s: unexpected length of to field: %d", errorPrefix, dataLen)
|
|
}
|
|
// Only note if To field is empty or not
|
|
slot.creation = dataLen == 0
|
|
p = dataPos + dataLen
|
|
// Next follows value
|
|
p, err = parseUint256(payload, p, &slot.value)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: value: %w", errorPrefix, err)
|
|
}
|
|
// Next goes data, but we are only interesting in its length
|
|
dataPos, dataLen, list, err = prefix(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: data len: %w", errorPrefix, err)
|
|
}
|
|
if list {
|
|
return nil, 0, fmt.Errorf("%s: data must be a string, not list", errorPrefix)
|
|
}
|
|
if dataPos+dataLen >= payloadLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of payload after data", errorPrefix)
|
|
}
|
|
slot.dataLen = dataLen
|
|
p = dataPos + dataLen
|
|
// Next follows access list for non-legacy transactions, we are only interesting in number of addresses and storage keys
|
|
if !legacy {
|
|
dataPos, dataLen, list, err = prefix(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: access list len: %w", errorPrefix, err)
|
|
}
|
|
if !list {
|
|
return nil, 0, fmt.Errorf("%s: access list must be a list, not string", errorPrefix)
|
|
}
|
|
if dataPos+dataLen >= payloadLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of payload after access list", errorPrefix)
|
|
}
|
|
tuplePos := dataPos
|
|
var tupleLen int
|
|
for tuplePos < dataPos+dataLen {
|
|
tuplePos, tupleLen, list, err = prefix(payload, tuplePos)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: tuple len: %w", errorPrefix, err)
|
|
}
|
|
if !list {
|
|
return nil, 0, fmt.Errorf("%s: tuple must be a list, not string", errorPrefix)
|
|
}
|
|
if tuplePos+tupleLen > dataPos+dataLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of access list after tuple", errorPrefix)
|
|
}
|
|
var addrPos, addrLen int
|
|
addrPos, addrLen, list, err = prefix(payload, tuplePos)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: tuple addr len: %w", errorPrefix, err)
|
|
}
|
|
if list {
|
|
return nil, 0, fmt.Errorf("%s: tuple addr must be a string, not list", errorPrefix)
|
|
}
|
|
if addrPos+addrLen > tuplePos+tupleLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of tuple after address ", errorPrefix)
|
|
}
|
|
if addrLen != 20 {
|
|
return nil, 0, fmt.Errorf("%s: unexpected length of tuple address: %d", errorPrefix, addrLen)
|
|
}
|
|
slot.alAddrCount++
|
|
var storagePos, storageLen int
|
|
storagePos, storageLen, list, err = prefix(payload, addrPos+addrLen)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: storage key list len: %w", errorPrefix, err)
|
|
}
|
|
if !list {
|
|
return nil, 0, fmt.Errorf("%s: storage key list must be a list, not string", errorPrefix)
|
|
}
|
|
if storagePos+storageLen > tuplePos+tupleLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of tuple after storage key list", errorPrefix)
|
|
}
|
|
skeyPos := storagePos
|
|
var skeyLen int
|
|
for skeyPos < storagePos+storageLen {
|
|
skeyPos, skeyLen, list, err = prefix(payload, skeyPos)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: tuple storage key len: %w", errorPrefix, err)
|
|
}
|
|
if list {
|
|
return nil, 0, fmt.Errorf("%s: tuple storage key must be a string, not list", errorPrefix)
|
|
}
|
|
if skeyPos+skeyLen > storagePos+storageLen {
|
|
return nil, 0, fmt.Errorf("%s: unexpected end of tuple after storage key", errorPrefix)
|
|
}
|
|
if skeyLen != 32 {
|
|
return nil, 0, fmt.Errorf("%s: unexpected length of tuple storage key: %d", errorPrefix, skeyLen)
|
|
}
|
|
slot.alStorCount++
|
|
skeyPos = skeyPos + skeyLen
|
|
}
|
|
if skeyPos != storagePos+storageLen {
|
|
return nil, 0, fmt.Errorf("%s: extraneous space in the tuple after storage key list", errorPrefix)
|
|
}
|
|
tuplePos = tuplePos + tupleLen
|
|
}
|
|
if tuplePos != dataPos+dataLen {
|
|
return nil, 0, fmt.Errorf("%s: extraneous space in the access list after all tuples", errorPrefix)
|
|
}
|
|
p = dataPos + dataLen
|
|
}
|
|
// This is where the data for sighash ends
|
|
// Next follows V of the signature
|
|
var vByte byte
|
|
sigHashEnd := p
|
|
sigHashLen := uint(sigHashEnd - sigHashPos)
|
|
var chainIdBits, chainIdLen int
|
|
if legacy {
|
|
p, err = parseUint256(payload, p, &ctx.chainId)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: V: %w", errorPrefix, err)
|
|
}
|
|
fmt.Printf("Legacy V: %d\n", ctx.chainId)
|
|
// Compute chainId from V
|
|
if ctx.chainId.Eq(&ctx.n27) || ctx.chainId.Eq(&ctx.n28) {
|
|
// Do not add chain id and two extra zeros
|
|
vByte = byte(ctx.chainId.Uint64() - 27)
|
|
} else {
|
|
ctx.chainId.Sub(&ctx.chainId, &ctx.n35)
|
|
vByte = byte(1 - (ctx.chainId.Uint64() & 1))
|
|
ctx.chainId.Rsh(&ctx.chainId, 1)
|
|
chainIdBits = ctx.chainId.BitLen()
|
|
if chainIdBits <= 7 {
|
|
chainIdLen = 1
|
|
} else {
|
|
chainIdLen = (chainIdBits + 7) / 8 // It is always < 56 bytes
|
|
sigHashLen++ // For chainId len prefix
|
|
}
|
|
sigHashLen += uint(chainIdLen) // For chainId
|
|
sigHashLen += 2 // For two extra zeros
|
|
}
|
|
} else {
|
|
var v uint64
|
|
p, v, err = parseUint64(payload, p)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: V: %w", errorPrefix, err)
|
|
}
|
|
if v > 1 {
|
|
return nil, 0, fmt.Errorf("%s: V is loo large: %d", errorPrefix, v)
|
|
}
|
|
vByte = byte(v)
|
|
}
|
|
// Next follows R of the signature
|
|
p, err = parseUint256(payload, p, &ctx.r)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: R: %w", errorPrefix, err)
|
|
}
|
|
// New follows S of the signature
|
|
p, err = parseUint256(payload, p, &ctx.s)
|
|
if err != nil {
|
|
return nil, 0, fmt.Errorf("%s: S: %w", errorPrefix, err)
|
|
}
|
|
// For legacy transactions, hash the full payload
|
|
if legacy {
|
|
if _, err = ctx.keccak1.Write(payload[pos:p]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing idHash: %w", errorPrefix, err)
|
|
}
|
|
}
|
|
ctx.keccak1.Sum(slot.idHash[:0])
|
|
// Computing sigHash (hash used to recover sender from the signature)
|
|
// Write len prefix to the sighash
|
|
if sigHashLen < 56 {
|
|
ctx.buf[0] = byte(sigHashLen) + 192
|
|
if _, err := ctx.keccak2.Write(ctx.buf[:1]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing signHash (hashing len prefix): %w", errorPrefix, err)
|
|
}
|
|
} else {
|
|
beLen := (bits.Len(uint(sigHashLen)) + 7) / 8
|
|
binary.BigEndian.PutUint64(ctx.buf[1:], uint64(sigHashLen))
|
|
ctx.buf[8-beLen] = byte(beLen) + 247
|
|
if _, err := ctx.keccak2.Write(ctx.buf[8-beLen : 9]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing signHash (hashing len prefix): %w", errorPrefix, err)
|
|
}
|
|
}
|
|
if _, err = ctx.keccak2.Write(payload[sigHashPos:sigHashEnd]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing signHash: %w", errorPrefix, err)
|
|
}
|
|
if legacy {
|
|
if chainIdLen > 0 {
|
|
if chainIdBits <= 7 {
|
|
ctx.buf[0] = byte(ctx.chainId.Uint64())
|
|
if _, err := ctx.keccak2.Write(ctx.buf[:1]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing signHash (hashing legacy chainId): %w", errorPrefix, err)
|
|
}
|
|
} else {
|
|
binary.BigEndian.PutUint64(ctx.buf[1:9], ctx.chainId[3])
|
|
binary.BigEndian.PutUint64(ctx.buf[9:17], ctx.chainId[2])
|
|
binary.BigEndian.PutUint64(ctx.buf[17:25], ctx.chainId[1])
|
|
binary.BigEndian.PutUint64(ctx.buf[25:33], ctx.chainId[0])
|
|
ctx.buf[32-chainIdLen] = 128 + byte(chainIdLen)
|
|
if _, err = ctx.keccak2.Write(ctx.buf[32-chainIdLen : 33]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing signHash (hashing legacy chainId): %w", errorPrefix, err)
|
|
}
|
|
}
|
|
// Encode two zeros
|
|
ctx.buf[0] = 128
|
|
ctx.buf[1] = 128
|
|
if _, err := ctx.keccak2.Write(ctx.buf[:2]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing signHash (hashing zeros after legacy chainId): %w", errorPrefix, err)
|
|
}
|
|
}
|
|
}
|
|
// Squeeze sighash
|
|
ctx.keccak2.Sum(ctx.sighash[:0])
|
|
binary.BigEndian.PutUint64(ctx.sig[0:8], ctx.r[3])
|
|
binary.BigEndian.PutUint64(ctx.sig[8:16], ctx.r[2])
|
|
binary.BigEndian.PutUint64(ctx.sig[16:24], ctx.r[1])
|
|
binary.BigEndian.PutUint64(ctx.sig[24:32], ctx.r[0])
|
|
binary.BigEndian.PutUint64(ctx.sig[32:40], ctx.s[3])
|
|
binary.BigEndian.PutUint64(ctx.sig[40:48], ctx.s[2])
|
|
binary.BigEndian.PutUint64(ctx.sig[48:56], ctx.s[1])
|
|
binary.BigEndian.PutUint64(ctx.sig[56:64], ctx.s[0])
|
|
ctx.sig[64] = vByte
|
|
// recover sender
|
|
if _, err = secp256k1.RecoverPubkeyWithContext(ctx.recCtx, ctx.sighash[:], ctx.sig[:], ctx.buf[:0]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: recovering sender from signature: %w", errorPrefix, err)
|
|
}
|
|
// apply keccak to the public key
|
|
ctx.keccak2.Reset()
|
|
if _, err = ctx.keccak2.Write(ctx.buf[1:65]); err != nil {
|
|
return nil, 0, fmt.Errorf("%s: computing sender from public key: %w", errorPrefix, err)
|
|
}
|
|
// squeeze the hash of the public key
|
|
ctx.keccak2.Sum(ctx.buf[:0])
|
|
// take last 20 bytes as address
|
|
copy(slot.sender[:], ctx.buf[12:32])
|
|
return &slot, p, nil
|
|
}
|