From face4ace4fca4a74d9f2a88672e2ce2fb6b85b82 Mon Sep 17 00:00:00 2001
From: Silas Davis <silas@monax.io>
Date: Mon, 23 Jul 2018 13:31:56 +0100
Subject: [PATCH] Check ChainID in Verify!

Signed-off-by: Silas Davis <silas@monax.io>
---
 execution/execution.go | 2 +-
 txs/envelope.go        | 6 +++++-
 txs/tx_test.go         | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/execution/execution.go b/execution/execution.go
index 2fe05f13..63328d29 100644
--- a/execution/execution.go
+++ b/execution/execution.go
@@ -184,7 +184,7 @@ func (exe *executor) Execute(txEnv *txs.Envelope) (txe *exec.TxExecution, err er
 	logger.TraceMsg("Executing transaction", "tx", txEnv.String())
 
 	// Verify transaction signature against inputs
-	err = txEnv.Verify(exe.stateCache)
+	err = txEnv.Verify(exe.stateCache, exe.blockchain.ChainID())
 	if err != nil {
 		return nil, err
 	}
diff --git a/txs/envelope.go b/txs/envelope.go
index 06ed3832..817f26e5 100644
--- a/txs/envelope.go
+++ b/txs/envelope.go
@@ -77,12 +77,16 @@ func (txEnv *Envelope) Validate() error {
 
 // Verifies the validity of the Signatories' Signatures in the Envelope. The Signatories must
 // appear in the same order as the inputs as returned by Tx.GetInputs().
-func (txEnv *Envelope) Verify(getter state.AccountGetter) error {
+func (txEnv *Envelope) Verify(getter state.AccountGetter, chainID string) error {
 	err := txEnv.Validate()
 	if err != nil {
 		return err
 	}
 	errPrefix := fmt.Sprintf("could not verify transaction %X", txEnv.Tx.Hash())
+	if txEnv.Tx.ChainID != chainID {
+		return fmt.Errorf("%s: ChainID in envelope is %s but receiving chain has ID %s",
+			errPrefix, txEnv.Tx.ChainID, chainID)
+	}
 	inputs := txEnv.Tx.GetInputs()
 	if len(inputs) != len(txEnv.Signatories) {
 		return fmt.Errorf("%s: number of inputs (= %v) should equal number of signatories (= %v)",
diff --git a/txs/tx_test.go b/txs/tx_test.go
index b3d0d4a4..9fbc93cb 100644
--- a/txs/tx_test.go
+++ b/txs/tx_test.go
@@ -216,5 +216,5 @@ func testTxSignVerify(t *testing.T, tx payload.Payload) {
 	}
 	txEnv := Enclose(chainID, tx)
 	require.NoError(t, txEnv.Sign(signers...), "Error signing tx: %s", debug.Stack())
-	require.NoError(t, txEnv.Verify(nil), "Error verifying tx: %s", debug.Stack())
+	require.NoError(t, txEnv.Verify(nil, chainID), "Error verifying tx: %s", debug.Stack())
 }
-- 
GitLab