Handle nil operator ID in GetChunks() (#1006)

Signed-off-by: Cody Littley <[email protected]>
Layr-Labs · Dec 17, 2024 · be75ef1 · be75ef1
1 parent f8afd92
commit be75ef1
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 0 deletions.
diff --git a/relay/auth/authenticator.go b/relay/auth/authenticator.go
@@ -117,6 +117,10 @@ func (a *requestAuthenticator) AuthenticateGetChunksRequest(
 		return nil
 	}
 
+	if request.OperatorId == nil || len(request.OperatorId) != 32 {
+		return errors.New("invalid operator ID")
+	}
+
 	key, err := a.getOperatorKey(ctx, core.OperatorID(request.OperatorId))
 	if err != nil {
 		return fmt.Errorf("failed to get operator key: %w", err)

diff --git a/relay/auth/authenticator_test.go b/relay/auth/authenticator_test.go
@@ -241,3 +241,34 @@ func TestBadSignature(t *testing.T) {
 		now)
 	require.Error(t, err)
 }
+
+func TestMissingOperatorID(t *testing.T) {
+	tu.InitializeRandom()
+
+	ctx := context.Background()
+
+	operatorID := mock.MakeOperatorId(0)
+	stakes := map[core.QuorumID]map[core.OperatorID]int{
+		core.QuorumID(0): {
+			operatorID: 1,
+		},
+	}
+	ics, err := mock.NewChainDataMock(stakes)
+	require.NoError(t, err)
+	ics.Mock.On("GetCurrentBlockNumber").Return(uint(0), nil)
+
+	timeout := 10 * time.Second
+
+	authenticator, err := NewRequestAuthenticator(ctx, ics, 1024, timeout)
+	require.NoError(t, err)
+
+	request := randomGetChunksRequest()
+	request.OperatorId = nil
+
+	err = authenticator.AuthenticateGetChunksRequest(
+		ctx,
+		"foobar",
+		request,
+		time.Now())
+	require.Error(t, err)
+}