verifymessagewithname in SPV is insecure

[pinheadmz]

bob-wallet/app/background/node/service.js

Lines 491 to 514 in 6f3f93b

	async getCoin(hash, index) {
	if (await this.getSpvMode()) {
	return hapiGet(`/coin/${hash}/${index}`);
	}
	return this.client.getCoin(hash, index);
	}
	async verifyMessageWithName(name, signature, message) {
	if (await this.getSpvMode()) {
	const result = await this.getNameInfo(name);
	const owner = result?.info?.owner;
	if (!owner) {
	throw new Error('Cannot find the name owner.');
	}
	const coin = await this.getCoin(owner.hash, owner.index);
	if (!coin) {
	throw new Error('Cannot find the owner\'s address.');
	}
	return this._execRPC('verifymessage', [coin.address, signature, message]);
	}

This is (a) broken because getNameInfo() will always return null for every name in SPV mode. (rpc getnameinfo relies on the Urkel Tree, which in SPV mode is always empty). It is (b) insecure because it relies on an API server to getCoin() (even though it never will, because getnameinfo will always be null)

Verify with name is possible in SPV mode though, consider this:

• Request Urkel proof for name from full node, which returns a complete NameState object
• NameState contains owner which is hash and index of a UTXO
• Bob Wallet requests the ENTIRE TX from API server with that hash
• Bob verifies the TX from the server hashes to the hash in NameState.owner
• Bob now has the coin that owns the name: by looking up the index in the TX it just verified
• Bob now has the address that owns the name and everything is verified.

Update: ok I misread the code, getnameinfo is actually fetched from the API server, so its not broken its just insecure.

[rithvikvibhu]

Request Urkel proof for name from full node, which returns a complete NameState object

With handshake-org/hsd#647 it's possible to get the namestate, but it will be stale (2 hours?) so would need a warning or something I guess.