tari-project / tari / 25668659908 / 1
60%
development: 60%

DEFAULT BRANCH: development
Ran
Files 702
Run time 25s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 61.174% (+1.0%) from 60.199%
25668659908.1

push

github

web-flow 
fix(security): add payload integrity signature to harden offline signing (fixes #7796) (#7804)

## Summary

Fixes the MITM vulnerability disclosed in issue #7796 - the offline
signer accepted any prepared JSON payload without verifying it came from
the legitimate view wallet.

An attacker who intercepts the payload file (e.g. on the USB drive
passed between online and offline wallets) could swap the recipient
address, inflate amounts, or substitute inputs to redirect funds, and
the signer had no way to detect the tampering.

## Root cause

`sign_locked_transaction` (and the multisig variants) called the builder
directly on the deserialized request with no integrity check. The
`prepare_*` functions on the view-wallet side produced no authenticating
material for the signer to verify.

## Fix

The view wallet now signs the canonical payload bytes with a
domain-separated Schnorr signature over the view private key. The
offline signer performs two checks before using any spend-key material:

1. **Key identity** - the `view_public_key` embedded in the payload must
match the signer's own view public key (ensures payload was prepared by
this wallet instance, not a foreign one).
2. **Signature validity** - the Schnorr signature must verify over the
canonical payload bytes (all JSON fields except `payload_signature`
itself, which is stripped before hashing). Any modification to any field
— recipient address, amount, inputs, fee, tx_id, etc. — changes the
canonical bytes and causes the signature check to fail.

## Changes

- **`hashing/src/domains.rs`** - new `OfflineSigningPayloadHashDomain`
(`com.tari.base_layer.wallet.offline_signing.payload_integrity`, v1)
- **`offline_signing/models.rs`** - bump `SUPPORTED_VERSION` 4→5; add
`PayloadIntegritySignature` struct; `canonical_payload_bytes()` helper;
`payload_signature` field on all three `Prepare*` result types
- **`offline_signing/offline_signer.rs`** - `payload_challenge()`,
`sign_payload()`, `verify_payload_s... (continued)

71315 of 116578 relevant lines covered (61.17%)

222956.02 hits per line

Source Files on job 25668659908.1