diff --git a/rpc/src/rpc.rs b/rpc/src/rpc.rs index 7efe81caca4560..941863416c3094 100644 --- a/rpc/src/rpc.rs +++ b/rpc/src/rpc.rs @@ -2037,10 +2037,6 @@ fn verify_transaction( return Err(RpcCustomError::TransactionPrecompileVerificationFailure(e).into()); } - if !transaction.verify_signatures_len() { - return Err(RpcCustomError::TransactionSignatureVerificationFailure.into()); - } - Ok(()) } diff --git a/runtime/src/bank.rs b/runtime/src/bank.rs index bd753caba73405..d3f7625e077a0a 100644 --- a/runtime/src/bank.rs +++ b/runtime/src/bank.rs @@ -5281,10 +5281,6 @@ impl Bank { }) }?; - if self.verify_tx_signatures_len_enabled() && !sanitized_tx.verify_signatures_len() { - return Err(TransactionError::SanitizeFailure); - } - if verification_mode == TransactionVerificationMode::HashAndVerifyPrecompiles || verification_mode == TransactionVerificationMode::FullVerification { @@ -5770,11 +5766,6 @@ impl Bank { .is_active(&feature_set::no_overflow_rent_distribution::id()) } - pub fn verify_tx_signatures_len_enabled(&self) -> bool { - self.feature_set - .is_active(&feature_set::verify_tx_signatures_len::id()) - } - pub fn versioned_tx_message_enabled(&self) -> bool { self.feature_set .is_active(&feature_set::versioned_tx_message_enabled::id()) @@ -15012,12 +15003,14 @@ pub(crate) mod tests { Some(TransactionError::SanitizeFailure), ); } - // Too many signatures: Success without feature switch + // Too many signatures: Sanitization failure { let tx = make_transaction(TestCase::AddSignature); - assert!(bank - .verify_transaction(tx.into(), TransactionVerificationMode::FullVerification) - .is_ok()); + assert_eq!( + bank.verify_transaction(tx.into(), TransactionVerificationMode::FullVerification) + .err(), + Some(TransactionError::SanitizeFailure), + ); } } diff --git a/sdk/src/transaction/mod.rs b/sdk/src/transaction/mod.rs index 300ebb1fc5f417..39887a6aa75da2 100644 --- a/sdk/src/transaction/mod.rs +++ b/sdk/src/transaction/mod.rs @@ -299,11 +299,6 @@ impl Transaction { Signature::default() } - /// Verify the length of signatures matches the value in the message header - pub fn verify_signatures_len(&self) -> bool { - self.signatures.len() == self.message.header.num_required_signatures as usize - } - /// Verify the transaction and hash its message pub fn verify_and_hash_message(&self) -> Result { let message_bytes = self.message_data(); diff --git a/sdk/src/transaction/sanitized.rs b/sdk/src/transaction/sanitized.rs index 2768e665da6238..f65d0384bc2d06 100644 --- a/sdk/src/transaction/sanitized.rs +++ b/sdk/src/transaction/sanitized.rs @@ -197,11 +197,6 @@ impl SanitizedTransaction { } } - /// Verify the length of signatures matches the value in the message header - pub fn verify_signatures_len(&self) -> bool { - self.signatures.len() == self.message.header().num_required_signatures as usize - } - /// Verify the transaction signatures pub fn verify(&self) -> Result<()> { let message_bytes = self.message_data(); diff --git a/sdk/src/transaction/versioned.rs b/sdk/src/transaction/versioned.rs index a3f284dcc3b943..c343dd5cc2344f 100644 --- a/sdk/src/transaction/versioned.rs +++ b/sdk/src/transaction/versioned.rs @@ -12,6 +12,7 @@ use { transaction::{Result, Transaction, TransactionError}, }, serde::Serialize, + std::cmp::Ordering, }; // NOTE: Serialization-related changes must be paired with the direct read at sigverify. @@ -29,11 +30,12 @@ impl Sanitize for VersionedTransaction { fn sanitize(&self) -> std::result::Result<(), SanitizeError> { self.message.sanitize()?; - // Once the "verify_tx_signatures_len" feature is enabled, this may be - // updated to an equality check. - if usize::from(self.message.header().num_required_signatures) > self.signatures.len() { - return Err(SanitizeError::IndexOutOfBounds); - } + let num_required_signatures = usize::from(self.message.header().num_required_signatures); + match num_required_signatures.cmp(&self.signatures.len()) { + Ordering::Greater => Err(SanitizeError::IndexOutOfBounds), + Ordering::Less => Err(SanitizeError::InvalidValue), + Ordering::Equal => Ok(()), + }?; // Signatures are verified before message keys are mapped so all signers // must correspond to unmapped keys.