tendermint
Advanced tools
Comparing version 3.3.0 to 3.4.0
@@ -6,8 +6,6 @@ 'use strict'; | ||
// TODO: try to load native ed25519 implementation, fall back to supercop.js | ||
var secp256k1 = require('secp256k1'); | ||
var _require = require('./hash.js'), | ||
getBlockHash = _require.getBlockHash, | ||
getValidatorSetHash = _require.getValidatorSetHash, | ||
sha256 = _require.sha256; | ||
getValidatorSetHash = _require.getValidatorSetHash; | ||
@@ -158,3 +156,2 @@ var _require2 = require('./pubkey.js'), | ||
validatorsByAddress[validator.address] = validator; | ||
validator.voting_power = safeParseInt(validator.voting_power); | ||
} | ||
@@ -198,18 +195,5 @@ } catch (err) { | ||
var pubKey = Buffer.from(_validator.pub_key.value, 'base64'); | ||
var pubKeyType = _validator.pub_key.type; | ||
var validSignature = void 0; | ||
switch (pubKeyType) { | ||
case 'tendermint/PubKeyEd25519': | ||
validSignature = ed25519.verify(signature, signBytes, pubKey); | ||
break; | ||
case 'tendermint/PubKeySecp256k1': | ||
validSignature = secp256k1.verify(sha256(signBytes), signature, pubKey); | ||
break; | ||
default: | ||
throw Error('Unknown pubkey type "' + _validator.pub_key.type + '"'); | ||
} | ||
if (validSignature !== true) { | ||
// TODO: support secp256k1 sigs | ||
if (!ed25519.verify(signature, signBytes, pubKey)) { | ||
throw Error('Invalid precommit signature'); | ||
@@ -272,5 +256,5 @@ } | ||
var votingPower = safeParseInt(validator.voting_power); | ||
verifyPositiveInt(votingPower); | ||
if (votingPower === 0) { | ||
validator.voting_power = safeParseInt(validator.voting_power); | ||
verifyPositiveInt(validator.voting_power); | ||
if (validator.voting_power === 0) { | ||
throw Error('Validator voting power must be > 0'); | ||
@@ -277,0 +261,0 @@ } |
{ | ||
"name": "tendermint", | ||
"version": "3.3.0", | ||
"version": "3.4.0", | ||
"description": "A light client which talks to your Tendermint node over RPC", | ||
@@ -23,3 +23,2 @@ "main": "index.js", | ||
"pumpify": "^1.3.5", | ||
"secp256k1": "^3.5.2", | ||
"supercop.js": "^2.0.1", | ||
@@ -26,0 +25,0 @@ "varstruct": "^6.1.1", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
11
42724
976
- Removedsecp256k1@^3.5.2
- Removedbindings@1.5.0(transitive)
- Removedbip66@1.1.5(transitive)
- Removedbn.js@4.12.0(transitive)
- Removedbrorand@1.1.0(transitive)
- Removedbrowserify-aes@1.2.0(transitive)
- Removedbuffer-xor@1.0.3(transitive)
- Removedcreate-hmac@1.1.7(transitive)
- Removeddrbg.js@1.0.1(transitive)
- Removedelliptic@6.5.7(transitive)
- Removedevp_bytestokey@1.0.3(transitive)
- Removedfile-uri-to-path@1.0.0(transitive)
- Removedhash.js@1.1.7(transitive)
- Removedhmac-drbg@1.0.1(transitive)
- Removedminimalistic-assert@1.0.1(transitive)
- Removedminimalistic-crypto-utils@1.0.1(transitive)
- Removednan@2.20.0(transitive)
- Removedsecp256k1@3.8.0(transitive)