extra safe RecoverSigner

celer-network · Sep 18, 2021 · e00d848 · e00d848
1 parent f5c905f
commit e00d848
Showing 1 changed file with 8 additions and 4 deletions.
diff --git a/eth/crypto.go b/eth/crypto.go
@@ -91,16 +91,20 @@ func IsSignatureValid(signer common.Address, data []byte, sig []byte) bool {
 }
 
 func RecoverSigner(data []byte, sig []byte) (common.Address, error) {
-	if len(sig) == 65 { // we could return zeroAddr if len not 65
-		if sig[64] == 27 || sig[64] == 28 {
+	// clone one to use, to make sure the original sig won't be changed by me
+	tmpSig := make([]byte, len(sig))
+	copy(tmpSig, sig)
+
+	if len(tmpSig) == 65 { // we could return zeroAddr if len not 65
+		if tmpSig[64] == 27 || tmpSig[64] == 28 {
 			// SigToPub only expect v to be 0 or 1,
 			// see https://github.com/ethereum/go-ethereum/blob/v1.8.23/internal/ethapi/api.go#L468.
 			// we've been ok as our own code only has v 0 or 1, but using external signer may cause issue
 			// we also fix v in celersdk.PublishSignedResult to be extra safe
-			sig[64] -= 27
+			tmpSig[64] -= 27
 		}
 	}
-	pubKey, err := crypto.SigToPub(GeneratePrefixedHash(data), sig)
+	pubKey, err := crypto.SigToPub(GeneratePrefixedHash(data), tmpSig)
 	if err != nil {
 		return common.Address{}, err
 	}