feat(cluster/lock): implement verify_signature (#265)

* feat(cluster/lock): implement verify_signature

* fix: address comments

Author: iamquang95

crates/cluster/src/definition.rs

@@ -311,13 +311,6 @@ pub enum DefinitionError {
     #[error("invalid creator config signature")]
     InvalidCreatorConfigSignature,
 
-    /// Missing ETH1 client for contract signature verification.
-    #[error("missing eth1 client for contract signature verification: {contract_address}")]
-    MissingEth1ClientForContractSignature {
-        /// Contract address used for signature verification.
-        contract_address: String,
-    },
-
     /// Invalid EIP-712 digest length
     #[error("invalid eip712 digest length: expected {expected}, actual {actual}")]
     InvalidEIP712DigestLength {
@@ -474,7 +467,7 @@ impl Definition {
 
     /// Returns `Ok(())` if all config signatures are fully
     /// populated and valid. A verified definition is ready for use in DKG.
-    pub async fn verify_signatures(&self, eth1: Option<&EthClient>) -> Result<(), DefinitionError> {
+    pub async fn verify_signatures(&self, eth1: &EthClient) -> Result<(), DefinitionError> {
         // Skip signature verification for definition versions earlier than v1.3 since
         // there are no EIP712 signatures before v1.3.0. For definition versions
         // earlier than v1.3.0, error if either config signature or enr signature for
@@ -718,17 +711,11 @@ impl Definition {
     }
 
     async fn verify_contract_signature(
-        eth1: Option<&EthClient>,
+        eth1: &EthClient,
         contract_address: &str,
         digest: &[u8],
         sig: &[u8],
     ) -> Result<bool, DefinitionError> {
-        let Some(eth1_client) = eth1 else {
-            return Err(DefinitionError::MissingEth1ClientForContractSignature {
-                contract_address: contract_address.to_string(),
-            });
-        };
-
         let digest_hash: [u8; 32] =
             digest
                 .try_into()
@@ -737,8 +724,7 @@ impl Definition {
                     actual: digest.len(),
                 })?;
 
-        eth1_client
-            .verify_smart_contract_based_signature(contract_address, digest_hash, sig)
+        eth1.verify_smart_contract_based_signature(contract_address, digest_hash, sig)
             .await
             .map_err(DefinitionError::FailedToVerifyContractSignature)
     }
@@ -1587,6 +1573,10 @@ mod tests {
         serde_json::from_value(value).unwrap()
     }
 
+    async fn test_eth1_client() -> EthClient {
+        EthClient::new("http://127.0.0.1:8545").await.unwrap()
+    }
+
     #[test]
     fn cluster_definition_v1_10_0_fields() {
         let definition = serde_json::from_str::<Definition>(include_str!(
@@ -1833,7 +1823,9 @@ mod tests {
     #[tokio::test]
     async fn verify_signatures_examples(definition_json: &str) {
         let definition = parse_example_definition(definition_json);
-        assert!(definition.verify_signatures(None).await.is_ok());
+        let eth1 = test_eth1_client().await;
+
+        assert!(definition.verify_signatures(&eth1).await.is_ok());
     }
 
     #[tokio::test]
@@ -1842,7 +1834,9 @@ mod tests {
             "testdata/cluster_definition_v1_2_0.json"
         ))
         .unwrap();
-        assert!(definition.verify_signatures(None).await.is_ok());
+        let eth1 = test_eth1_client().await;
+
+        assert!(definition.verify_signatures(&eth1).await.is_ok());
     }
 
     #[tokio::test]
@@ -1852,8 +1846,9 @@ mod tests {
         ))
         .unwrap();
         definition.operators[0].config_signature = vec![1];
+        let eth1 = test_eth1_client().await;
 
-        let result = definition.verify_signatures(None).await;
+        let result = definition.verify_signatures(&eth1).await;
         assert!(matches!(
             result,
             Err(DefinitionError::OlderVersionSignaturesNotSupported)
@@ -1865,8 +1860,9 @@ mod tests {
         let mut definition =
             parse_example_definition(include_str!("examples/cluster-definition-001.json"));
         definition.operators[0].enr_signature = Vec::new();
+        let eth1 = test_eth1_client().await;
 
-        let result = definition.verify_signatures(None).await;
+        let result = definition.verify_signatures(&eth1).await;
         assert!(matches!(
             result,
             Err(DefinitionError::EmptyOperatorENRSignature { .. })
@@ -1878,8 +1874,9 @@ mod tests {
         let mut definition =
             parse_example_definition(include_str!("examples/cluster-definition-001.json"));
         definition.operators[0].config_signature = Vec::new();
+        let eth1 = test_eth1_client().await;
 
-        let result = definition.verify_signatures(None).await;
+        let result = definition.verify_signatures(&eth1).await;
         assert!(matches!(
             result,
             Err(DefinitionError::EmptyOperatorConfigSignature { .. })
@@ -1891,8 +1888,9 @@ mod tests {
         let mut definition =
             parse_example_definition(include_str!("examples/cluster-definition-001.json"));
         definition.operators[0] = Operator::default();
+        let eth1 = test_eth1_client().await;
 
-        let result = definition.verify_signatures(None).await;
+        let result = definition.verify_signatures(&eth1).await;
         assert!(matches!(
             result,
             Err(DefinitionError::SomeOperatorsSignedWhileOthersDidNot)
@@ -1904,8 +1902,9 @@ mod tests {
         let mut definition =
             parse_example_definition(include_str!("examples/cluster-definition-001.json"));
         definition.creator.config_signature = Vec::new();
+        let eth1 = test_eth1_client().await;
 
-        let result = definition.verify_signatures(None).await;
+        let result = definition.verify_signatures(&eth1).await;
         assert!(matches!(
             result,
             Err(DefinitionError::EmptyCreatorConfigSignature)
@@ -1918,33 +1917,22 @@ mod tests {
             parse_example_definition(include_str!("examples/cluster-definition-001.json"));
         definition.creator = Creator::default();
         definition.operators = vec![Operator::default(), Operator::default()];
+        let eth1 = test_eth1_client().await;
 
-        assert!(definition.verify_signatures(None).await.is_ok());
+        assert!(definition.verify_signatures(&eth1).await.is_ok());
     }
 
     #[tokio::test]
     async fn verify_signatures_v1_3_rejects_creator_signature() {
         let mut definition =
             parse_example_definition(include_str!("examples/cluster-definition-000.json"));
         definition.creator.config_signature = vec![1];
+        let eth1 = test_eth1_client().await;
 
-        let result = definition.verify_signatures(None).await;
+        let result = definition.verify_signatures(&eth1).await;
         assert!(matches!(
             result,
             Err(DefinitionError::UnexpectedCreatorConfigSignatureInOldVersion)
         ));
     }
-
-    #[tokio::test]
-    async fn verify_signatures_missing_eth1_client_for_contract_fallback() {
-        let mut definition =
-            parse_example_definition(include_str!("examples/cluster-definition-001.json"));
-        definition.operators[0].config_signature = definition.operators[1].config_signature.clone();
-
-        let result = definition.verify_signatures(None).await;
-        assert!(matches!(
-            result,
-            Err(DefinitionError::MissingEth1ClientForContractSignature { .. })
-        ));
-    }
 }