Signatures: support lmsig logicsig signatures (#865)

Author: cce

src/main/java/com/algorand/algosdk/account/Account.java

@@ -478,7 +478,7 @@ public LogicsigSignature signLogicsig(LogicsigSignature lsig, MultisigAddress ma
         // now, create the multisignature
         Signature sig;
         try {
-            byte[] bytesToSign = lsig.bytesToSign();
+            byte[] bytesToSign = lsig.bytesToSignMultisig(ma.toAddress());
             sig = this.rawSignBytes(bytesToSign);
         } catch (NoSuchAlgorithmException ex) {
             throw new IOException("could not sign transaction", ex);
@@ -492,7 +492,7 @@ public LogicsigSignature signLogicsig(LogicsigSignature lsig, MultisigAddress ma
                 mSig.subsigs.add(new MultisigSubsig(ma.publicKeys.get(i)));
             }
         }
-        lsig.msig = mSig;
+        lsig.lmsig = mSig;
         return lsig;
     }
 
@@ -504,10 +504,13 @@ public LogicsigSignature signLogicsig(LogicsigSignature lsig, MultisigAddress ma
      * @throws NoSuchAlgorithmException
      */
     public LogicsigSignature appendToLogicsig(LogicsigSignature lsig) throws IllegalArgumentException, IOException {
+        if (lsig.lmsig == null) {
+            throw new IllegalArgumentException("LogicsigSignature.lmsig is null; cannot append to multisig logic signature.");
+        }
         Ed25519PublicKey myPK = this.getEd25519PublicKey();
         int myIndex = -1;
-        for (int i = 0; i < lsig.msig.subsigs.size(); i++ ) {
-            MultisigSubsig subsig = lsig.msig.subsigs.get(i);
+        for (int i = 0; i < lsig.lmsig.subsigs.size(); i++ ) {
+            MultisigSubsig subsig = lsig.lmsig.subsigs.get(i);
             if (subsig.key.equals(myPK)) {
                 myIndex = i;
             }
@@ -518,9 +521,10 @@ public LogicsigSignature appendToLogicsig(LogicsigSignature lsig) throws Illegal
 
         try {
             // now, create the multisignature
-            byte[] bytesToSign = lsig.bytesToSign();
+            Address multisigAddr = lsig.lmsig.convertToMultisigAddress().toAddress();
+            byte[] bytesToSign = lsig.bytesToSignMultisig(multisigAddr);
             Signature sig = this.rawSignBytes(bytesToSign);
-            lsig.msig.subsigs.set(myIndex, new MultisigSubsig(myPK, sig));
+            lsig.lmsig.subsigs.set(myIndex, new MultisigSubsig(myPK, sig));
             return lsig;
         } catch (NoSuchAlgorithmException ex) {
             throw new IOException("could not sign transaction", ex);
@@ -556,11 +560,14 @@ public static SignedTransaction signLogicTransactionWithAddress(LogicsigSignatur
      */
     public static SignedTransaction signLogicsigTransaction(LogicsigSignature lsig, Transaction tx) throws IllegalArgumentException, IOException {
         boolean hasSig = lsig.sig != null;
+        boolean hasLmsig = lsig.lmsig != null;
         boolean hasMsig = lsig.msig != null;
         Address lsigAddr;
         try {
             if (hasSig) {
                 lsigAddr = tx.sender;
+            } else if (hasLmsig) {
+                lsigAddr = lsig.lmsig.convertToMultisigAddress().toAddress();
             } else if (hasMsig) {
                 lsigAddr = lsig.msig.convertToMultisigAddress().toAddress();
             } else {

src/main/java/com/algorand/algosdk/account/LogicSigAccount.java

@@ -95,9 +95,11 @@ public void appendMultiSig(PrivateKey privateKey)
     public LogicSigAccount(LogicsigSignature lsig, Ed25519PublicKey signerPublicKey)
             throws IllegalArgumentException, NoSuchAlgorithmException {
         boolean hasSig = lsig.sig != null;
+        boolean hasLmsig = lsig.lmsig != null;
         boolean hasMsig = lsig.msig != null;
-        if (hasSig && hasMsig)
-            throw new IllegalArgumentException("Logicsig has too many signatures, at most one of Sig or Msig may be defined");
+
+        if (lsig.sigCount() > 1)
+            throw new IllegalArgumentException("Logicsig has too many signatures, at most one of Sig, Msig, or LMsig may be defined");
         if (hasSig) {
             if (signerPublicKey == null)
                 throw new IllegalArgumentException("Cannot generate LogicSigAccount from single-signed LogicSig and a null public key");
@@ -119,8 +121,9 @@ public LogicSigAccount(LogicsigSignature lsig, Ed25519PublicKey signerPublicKey)
      */
     public boolean isDelegated() {
         boolean hasSig = this.lsig.sig != null;
+        boolean hasLmsig = this.lsig.lmsig != null;
         boolean hasMsig = this.lsig.msig != null;
-        return hasSig || hasMsig;
+        return hasSig || hasLmsig || hasMsig;
     }
 
     /**
@@ -131,13 +134,22 @@ public boolean isDelegated() {
      */
     public Address getAddress() throws NoSuchAlgorithmException, IllegalArgumentException {
         boolean hasSig = this.lsig.sig != null;
+        boolean hasLmsig = this.lsig.lmsig != null;
         boolean hasMsig = this.lsig.msig != null;
-        if (hasSig && hasMsig)
-            throw new IllegalArgumentException("Logicsig has too many signatures, at most one of Sig or Msig may be defined");
+
+        if (this.lsig.sigCount() > 1)
+            throw new IllegalArgumentException("Logicsig has too many signatures, at most one of Sig, Msig, or LMsig may be defined");
         if (hasSig) {
             byte[] sigKeyRaw = this.sigKey.getBytes();
             return new Address(sigKeyRaw);
         }
+        if (hasLmsig) {
+            List<Ed25519PublicKey> pkFromSubSig = new ArrayList<>();
+            for (MultisigSignature.MultisigSubsig subSig : this.lsig.lmsig.subsigs)
+                pkFromSubSig.add(subSig.key);
+            MultisigAddress ma = new MultisigAddress(this.lsig.lmsig.version, this.lsig.lmsig.threshold, pkFromSubSig);
+            return ma.toAddress();
+        }
         if (hasMsig) {
             List<Ed25519PublicKey> pkFromSubSig = new ArrayList<>();
             for (MultisigSignature.MultisigSubsig subSig : this.lsig.msig.subsigs)

src/main/java/com/algorand/algosdk/crypto/LogicsigSignature.java

@@ -29,6 +29,8 @@ public class LogicsigSignature {
     @JsonIgnore
     private static final byte[] LOGIC_PREFIX = ("Program").getBytes(StandardCharsets.UTF_8);
     @JsonIgnore
+    private static final byte[] MULTISIG_PROGRAM_PREFIX = ("MsigProgram").getBytes(StandardCharsets.UTF_8);
+    @JsonIgnore
     private static final String SIGN_ALGO = "EdDSA";
 
     @JsonProperty("l")
@@ -39,6 +41,8 @@ public class LogicsigSignature {
     public Signature sig;
     @JsonProperty("msig")
     public MultisigSignature msig;
+    @JsonProperty("lmsig")
+    public MultisigSignature lmsig;
 
 
     private static boolean isAsciiPrintable(final byte symbol) {
@@ -98,7 +102,8 @@ public LogicsigSignature(
         @JsonProperty("l") byte[] logic,
         @JsonProperty("arg") List<byte[]> args,
         @JsonProperty("sig") byte[] sig,
-        @JsonProperty("msig") MultisigSignature msig
+        @JsonProperty("msig") MultisigSignature msig,
+        @JsonProperty("lmsig") MultisigSignature lmsig
     ) {
         this.logic = Objects.requireNonNull(logic, "program must not be null");
         this.args = args;
@@ -107,6 +112,7 @@ public LogicsigSignature(
 
         if (sig != null) this.sig = new Signature(sig);
         this.msig = msig;
+        this.lmsig = lmsig;
     }
 
     /**
@@ -123,7 +129,7 @@ public LogicsigSignature(byte[] logicsig) {
      * @param args
      */
     public LogicsigSignature(byte[] logicsig, List<byte[]> args) {
-        this(logicsig, args, null, null);
+        this(logicsig, args, null, null, null);
     }
 
     /**
@@ -134,6 +140,19 @@ public LogicsigSignature() {
         this.args = null;
     }
 
+    /**
+     * Returns the number of signatures (sig, msig, lmsig) on this LogicSig.
+     * At most one of these should be present.
+     * @return the number of signature types present
+     */
+    public int sigCount() {
+        int count = 0;
+        if (this.sig != null) count++;
+        if (this.msig != null) count++;
+        if (this.lmsig != null) count++;
+        return count;
+    }
+
     /**
      * Calculate escrow address from logic sig program
      * NOTE: THIS RETURNS AN ESCROW ACCOUNT OF A LOGIC-SIG (FROM LOGIC ITSELF),
@@ -157,6 +176,21 @@ public byte[] bytesToSign() {
         return prefixedEncoded;
     }
 
+    /**
+     * Return prefixed program with multisig address as byte array that is ready to use with multisig
+     * signatures on delegated logicsig programs
+     * @param multisigAddress the multisig address to include in signed data
+     * @return byte[]
+     */
+    public byte[] bytesToSignMultisig(Address multisigAddress) {
+        byte[] addressBytes = multisigAddress.getBytes();
+        byte[] prefixedEncoded = new byte[this.logic.length + MULTISIG_PROGRAM_PREFIX.length + addressBytes.length];
+        System.arraycopy(MULTISIG_PROGRAM_PREFIX, 0, prefixedEncoded, 0, MULTISIG_PROGRAM_PREFIX.length);
+        System.arraycopy(addressBytes, 0, prefixedEncoded, MULTISIG_PROGRAM_PREFIX.length, addressBytes.length);
+        System.arraycopy(this.logic, 0, prefixedEncoded, MULTISIG_PROGRAM_PREFIX.length + addressBytes.length, this.logic.length);
+        return prefixedEncoded;
+    }
+
     /**
      * Perform signature verification against the sender address
      * @param singleSigner only used in the case of a delegated LogicSig whose delegating account
@@ -168,7 +202,8 @@ public boolean verify(Address singleSigner) throws NoSuchAlgorithmException {
             return false;
         }
 
-        if (this.sig != null && this.msig != null) {
+        // At most one signature type should be present
+        if (sigCount() > 1) {
             return false;
         }
 
@@ -191,6 +226,11 @@ public boolean verify(Address singleSigner) throws NoSuchAlgorithmException {
             }
         }
 
+        if (this.lmsig != null) {
+            Address multisigAddr = this.lmsig.convertToMultisigAddress().toAddress();
+            return this.lmsig.verify(this.bytesToSignMultisig(multisigAddr));
+        }
+
         if (this.msig != null)
             return this.msig.verify(this.bytesToSign());
 
@@ -221,6 +261,9 @@ public boolean equals(Object obj) {
             if (!LogicsigSignature.nullCheck(this.sig, actual.sig)) return false;
             if (this.sig != null && !this.sig.equals(actual.sig)) return false;
 
+            if (!LogicsigSignature.nullCheck(this.lmsig, actual.lmsig)) return false;
+            if (this.lmsig != null && !this.lmsig.equals(actual.lmsig)) return false;
+
             if (!LogicsigSignature.nullCheck(this.msig, actual.msig)) return false;
             return this.msig == null || this.msig.equals(actual.msig);
         } else {