Hardening, change to dynamic hashPrevNotarization

src/komodo_utils.h

@@ -1778,7 +1778,7 @@ void komodo_args(char *argv0)
 
     std::string lowerName = boost::to_lower_copy(name);
 
-    // TODO: HARDENING - right now, all PBaaS chains assume testmode. change before mainnet
+    // TODO: POST HARDENING - right now, all PBaaS chains assume testmode. change before mainnet
     if (lowerName != "vrsc")
     {
         PBAAS_TESTMODE = true;

src/pbaas/crosschainrpc.h

@@ -1474,7 +1474,7 @@ private:
         CKeccack256Writer *hw_keccack;
     };
     nativeHashWriter state;
-    
+
 public:
     CNativeHashWriter(CCurrencyDefinition::EProofProtocol proofProtocol=CCurrencyDefinition::EProofProtocol::PROOF_PBAASMMR,
                       const unsigned char *personal=nullptr)

src/pbaas/notarization.cpp

@@ -2838,6 +2838,24 @@ bool CPBaaSNotarization::CreateEarnedNotarization(const CRPCChainData &externalS
         return state.Error(errorPrefix + "invalid or missing currency state data from notary");
     }
 
+    params = UniValue(UniValue::VARR);
+    params.push_back(EncodeDestination(CIdentityID(ASSETCHAINS_CHAINID)));
+    try
+    {
+        result = find_value(RPCCallRoot("getnotarizationdata", params), "result");
+    } catch (exception e)
+    {
+        result = NullUniValue;
+    }
+    CChainNotarizationData crosschainCND;
+    if (result.isNull() ||
+        !(crosschainCND = CChainNotarizationData(result)).IsValid() ||
+        (!externalSystem.chainDefinition.IsGateway() && !crosschainCND.IsConfirmed()))
+    {
+        LogPrint("notarization", "Unable to get notarization data from %s\n", EncodeDestination(CIdentityID(externalSystem.GetID())).c_str());
+        return state.Error("invalid crosschain notarization data");
+    }
+
     // take the lock again, now that we're back from calling out
     LOCK2(cs_main, mempool.cs);
 
@@ -2847,6 +2865,42 @@ bool CPBaaSNotarization::CreateEarnedNotarization(const CRPCChainData &externalS
         return state.Error("stale-block");
     }
 
+    if (crosschainCND.vtx.size())
+    {
+        int prevNotarizationIdx;
+        CPBaaSNotarization lastPBN;
+        for (prevNotarizationIdx = crosschainCND.vtx.size() - 1; prevNotarizationIdx >= 0; prevNotarizationIdx--)
+        {
+            lastPBN = crosschainCND.vtx[prevNotarizationIdx].second;
+            // TODO: HARDENING check all currency states on this chain in last valid as well
+            std::map<uint160, CProofRoot>::iterator pIT = lastPBN.proofRoots.find(ASSETCHAINS_CHAINID);
+            if (pIT != lastPBN.proofRoots.end() &&
+                CProofRoot::GetProofRoot(pIT->second.rootHeight) == pIT->second)
+            {
+                break;
+            }
+            else if (pIT == crosschainCND.vtx[prevNotarizationIdx].second.proofRoots.end() &&
+                     !prevNotarizationIdx &&
+                     (crosschainCND.vtx[prevNotarizationIdx].second.IsDefinitionNotarization() || crosschainCND.vtx[prevNotarizationIdx].second.IsLaunchCleared()))
+            {
+                // use the 0th element if no proof root and it is definition or start, since it has no proof root to be wrong
+                break;
+            }
+        }
+        if (prevNotarizationIdx >= 0 &&
+            lastPBN.SetMirror(false) &&
+            !lastPBN.IsMirror())
+        {
+            CNativeHashWriter hw;
+            hw << lastPBN;
+            notarization.hashPrevNotarization = hw.GetHash();
+        }
+        else
+        {
+            notarization.hashPrevNotarization.SetNull();
+        }
+    }
+
     notarization.currencyStates.clear();
     for (int i = 0; i < currencyStatesUni.size(); i++)
     {
@@ -2913,10 +2967,6 @@ bool CPBaaSNotarization::CreateEarnedNotarization(const CRPCChainData &externalS
     notarization.nodes = GetGoodNodes(CPBaaSNotarization::MAX_NODES);
 
     notarization.prevNotarization = cnd.vtx[notaryIdx].first;
-
-    CNativeHashWriter hw;
-    hw << cnd.vtx[notaryIdx].second;
-    notarization.hashPrevNotarization = hw.GetHash();
     notarization.prevHeight = cnd.vtx[notaryIdx].second.notarizationHeight;
 
     CCcontract_info CC;

src/rpc/rawtransaction.cpp

@@ -178,16 +178,30 @@ void TxToJSONExpanded(const CTransaction& tx, const uint256 hashBlock, UniValue&
                 uint256 hash; CTransaction txFrom;
                 if (GetTransaction(txin.prevout.hash,txFrom,hash,false))
                 {
-                    if (LogAcceptCategory("signaturehash"))
+                    COptCCParams p;
+                    BlockMap::iterator blockIdxIt = mapBlockIndex.find(hash);
+                    if (!hash.IsNull() &&
+                        blockIdxIt != mapBlockIndex.end() &&
+                        LogAcceptCategory("signaturehash") &&
+                        chainActive.Contains(blockIdxIt->second) &&
+                        txFrom.vout[txin.prevout.n].scriptPubKey.IsPayToCryptoCondition(p) &&
+                        p.IsValid())
                     {
-                        // TODO: HARDENING - it would be good to add the signature hash for every input, but we need
-                        // to reliably retrieve the hashtype (ie. SIGHASH_ALL, SIGHASH_SINGLE, etc.) from all transaction input types
-                        // for now, this is temporary for debugging
+                        // TODO: POST HARDENING - it would be good to add the signature hash for every input and improve
+                        // description of signing and eval conditions, decoding the COptCCParams
+
+                        // get signature hash and verify signature
+                        auto consensusBranchID = CurrentEpochBranchId(blockIdxIt->second->GetHeight(), Params().GetConsensus());
+                        CSmartTransactionSignatures smartSigs;
+                        bool signedByDefaultKey = false;
+                        std::vector<unsigned char> ffVec = GetFulfillmentVector(tx.vin[i].scriptSig);
+                        smartSigs = CSmartTransactionSignatures(std::vector<unsigned char>(ffVec.begin(), ffVec.end()));
+
                         UniValue signatureHashInfo(UniValue::VOBJ);
                         SignatureHash(txFrom.vout[txin.prevout.n].scriptPubKey, 
                                       tx, 
                                       i, 
-                                      SIGHASH_ALL, 
+                                      smartSigs.sigHashType, 
                                       txFrom.vout[txin.prevout.n].nValue,
                                       CurrentEpochBranchId(nHeight, Params().GetConsensus()),
                                       nullptr,

src/script/script.cpp

@@ -1146,7 +1146,7 @@ std::set<CIndexID> COptCCParams::GetIndexKeys() const
                     }
                     if (!checkNotarization.IsMirror())
                     {
-                        // TODO: POST-HARDENING consider whether this can use the native hash writer with an alternate hash
+                        // TODO: POST HARDENING consider whether this can use the native hash writer with an alternate hash
                         CNativeHashWriter hw;
                         hw << checkNotarization;
                         uint256 objHash = hw.GetHash();

src/script/serverchecker.cpp

@@ -135,7 +135,7 @@ std::map<uint160, std::pair<int, std::vector<std::vector<unsigned char>>>> Serve
                         }
                         if (id.IsValidUnrevoked() && (isStake || sourceIsSelf || !id.IsLocked(spendHeight)))
                         {
-                            // TODO: HARDENING - in next upgrade, consider adding limits on what can be modified in an ID
+                            // TODO: POST HARDENING - in next upgrade, consider adding limits on what can be modified in an ID
 
                             std::vector<std::vector<unsigned char>> idAddrBytes;
                             for (auto &oneAddr : id.primaryAddresses)