Merge pull request 'verify subscribe request signature' (#1) from aaron/epicpost:subscribe_request into master

Reviewed-on: marco/epicpost#1

funding/routes.py

@@ -10,6 +10,9 @@ import settings
 from funding.factory import app, db, cache
 from funding.orm import Address, Slate
 
+import secp256k1
+import base58
+
 
 @app.route('/')
 def index():
@@ -50,11 +53,24 @@ def postSlate(receivingAddress, slate):
 @app.route('/getSlates', methods=['POST'])
 @endpoint.api(
     parameter('receivingAddress', type=str, required=True),
+    parameter('signature', type=str, required=True)
 )
-def getSlates(receivingAddress):
+def getSlates(receivingAddress, signature):
     try:
         if receivingAddress is None:
             return make_response(jsonify({'status': 'failure', 'error': str("missing correct arguments")}))
+        
+        # Deserialize the base-58 address to hex, and then to an internal public key format
+        # NOTE: This assumes that the network version (which is not part of the key) is exactly 2 bytes
+        public_key = secp256k1.PublicKey(base58.b58decode_check(receivingAddress)[2:])
+        
+        # Prepare the message bound to the signature: a domain separator and the encoded address
+        # For some reason, the original client code calls this the "challenge"
+        message = 'SubscribeRequest_' + receivingAddress
+
+        # Deserialize and verify the provided signature against the message and address public key
+        if not public_key.ecdsa_verify(message, public_key.ecdsa_deserialize(signature)):
+            return make_response(jsonify({'status': 'failure', 'error': str("bad signature")}))
 
         slates = Slate.find_slates(address=receivingAddress)
         return make_response(jsonify({'status': 'success', 'slates': slates}))

requirements.txt

@@ -14,4 +14,6 @@ pypng
 pillow-simd
 Flask-Caching
 flask-sqlalchemy
-sqlalchemy_json
+sqlalchemy_json
+secp256k1
+base58