Add ack signatures

Also modifies message signatures to be binding to from, not just from's key.

message-queue/src/main.rs

@@ -42,7 +42,9 @@ lazy_static::lazy_static! {
 fn queue_message(meta: Metadata, msg: Vec<u8>, sig: SchnorrSignature<Ristretto>) {
   {
     let from = (*KEYS).read().unwrap()[&meta.from];
-    assert!(sig.verify(from, message_challenge(from, meta.to, &meta.intent, &msg, sig.R)));
+    assert!(
+      sig.verify(from, message_challenge(meta.from, from, meta.to, &meta.intent, &msg, sig.R))
+    );
   }
 
   // Assert one, and only one of these, is the coordinator
@@ -85,8 +87,11 @@ fn get_next_message(service: Service, _expected: u64) -> Option<QueuedMessage> {
   Acknowledges a message as received and handled, meaning it'll no longer be returned as the next
   message.
 */
-fn ack_message(service: Service, id: u64, _signature: SchnorrSignature<Ristretto>) {
-  // TODO: Verify the signature
+fn ack_message(service: Service, id: u64, sig: SchnorrSignature<Ristretto>) {
+  {
+    let from = (*KEYS).read().unwrap()[&service];
+    assert!(sig.verify(from, ack_challenge(service, from, id, sig.R)));
+  }
 
   // Is it:
   // The acknowledged message should be > last acknowledged OR

message-queue/src/messages.rs

@@ -27,20 +27,39 @@ pub struct Metadata {
 }
 
 pub fn message_challenge(
-  from: <Ristretto as Ciphersuite>::G,
+  from: Service,
+  from_key: <Ristretto as Ciphersuite>::G,
   to: Service,
   intent: &[u8],
   msg: &[u8],
   nonce: <Ristretto as Ciphersuite>::G,
 ) -> <Ristretto as Ciphersuite>::F {
-  let mut transcript = RecommendedTranscript::new(b"Serai Message Queue v0.1");
+  let mut transcript = RecommendedTranscript::new(b"Serai Message Queue v0.1 Message");
   transcript.domain_separate(b"metadata");
-  transcript.append_message(b"from", from.to_bytes());
+  transcript.append_message(b"from", bincode::serialize(&from).unwrap());
+  transcript.append_message(b"from_key", from_key.to_bytes());
   transcript.append_message(b"to", bincode::serialize(&to).unwrap());
   transcript.append_message(b"intent", intent);
   transcript.domain_separate(b"message");
   transcript.append_message(b"msg", msg);
   transcript.domain_separate(b"signature");
   transcript.append_message(b"nonce", nonce.to_bytes());
-  <Ristretto as Ciphersuite>::hash_to_F(b"challenge", &transcript.challenge(b"challenge"))
+  <Ristretto as Ciphersuite>::hash_to_F(b"message_challenge", &transcript.challenge(b"challenge"))
+}
+
+pub fn ack_challenge(
+  from: Service,
+  from_key: <Ristretto as Ciphersuite>::G,
+  id: u64,
+  nonce: <Ristretto as Ciphersuite>::G,
+) -> <Ristretto as Ciphersuite>::F {
+  let mut transcript = RecommendedTranscript::new(b"Serai Message Queue v0.1 Ackowledgement");
+  transcript.domain_separate(b"metadata");
+  transcript.append_message(b"from", bincode::serialize(&from).unwrap());
+  transcript.append_message(b"from_key", from_key.to_bytes());
+  transcript.domain_separate(b"message");
+  transcript.append_message(b"id", id.to_le_bytes());
+  transcript.domain_separate(b"signature");
+  transcript.append_message(b"nonce", nonce.to_bytes());
+  <Ristretto as Ciphersuite>::hash_to_F(b"ack_challenge", &transcript.challenge(b"challenge"))
 }

message-queue/src/queue.rs

@@ -46,7 +46,8 @@ impl<D: Db> Queue<D> {
   }
 
   pub(crate) fn get_message(&self, id: u64) -> Option<QueuedMessage> {
-    let msg = self.0.get(self.message_key(id)).map(|bytes| serde_json::from_slice(&bytes).unwrap());
+    let msg: Option<QueuedMessage> =
+      self.0.get(self.message_key(id)).map(|bytes| serde_json::from_slice(&bytes).unwrap());
     if let Some(msg) = msg.as_ref() {
       assert_eq!(msg.id, id, "message stored at {id} has ID {}", msg.id);
     }