added checks on proofs parameters like epoch, nonce and shard

process/block/baseProcess.go

@@ -222,6 +222,35 @@ func (bp *baseProcessor) checkBlockValidity(
 		return process.ErrEpochDoesNotMatch
 	}
 
+	return bp.checkPrevProofValidity(headerHandler)
+}
+
+func (bp *baseProcessor) checkPrevProofValidity(headerHandler data.HeaderHandler) error {
+	if !bp.enableEpochsHandler.IsFlagEnabledInEpoch(common.EquivalentMessagesFlag, headerHandler.GetEpoch()) {
+		return nil
+	}
+
+	prevProof := headerHandler.GetPreviousProof()
+	if check.IfNilReflect(prevProof) {
+		return process.ErrMissingHeaderProof
+	}
+
+	headersPool := bp.dataPool.Headers()
+	prevHeader, err := headersPool.GetHeaderByHash(prevProof.GetHeaderHash())
+	if err != nil {
+		return fmt.Errorf("%w while getting header for proof hash %s", err, hex.EncodeToString(prevProof.GetHeaderHash()))
+	}
+
+	if prevProof.GetHeaderNonce() != prevHeader.GetNonce() {
+		return fmt.Errorf("%w, nonce mismatch", process.ErrInvalidHeaderProof)
+	}
+	if prevProof.GetHeaderShardId() != prevHeader.GetShardID() {
+		return fmt.Errorf("%w, shard id mismatch", process.ErrInvalidHeaderProof)
+	}
+	if prevProof.GetHeaderEpoch() != prevHeader.GetEpoch() {
+		return fmt.Errorf("%w, epoch mismatch", process.ErrInvalidHeaderProof)
+	}
+
 	return nil
 }
 

process/block/interceptedBlocks/interceptedEquivalentProof.go

@@ -1,6 +1,7 @@
 package interceptedBlocks
 
 import (
+	"encoding/hex"
 	"fmt"
 
 	"github.com/multiversx/mx-chain-core-go/core"
@@ -25,13 +26,15 @@ type ArgInterceptedEquivalentProof struct {
 	ShardCoordinator  sharding.Coordinator
 	HeaderSigVerifier consensus.HeaderSigVerifier
 	Proofs            dataRetriever.ProofsPool
+	Headers           dataRetriever.HeadersPool
 }
 
 type interceptedEquivalentProof struct {
 	proof             *block.HeaderProof
 	isForCurrentShard bool
 	headerSigVerifier consensus.HeaderSigVerifier
 	proofsPool        dataRetriever.ProofsPool
+	headersPool       dataRetriever.HeadersPool
 }
 
 // NewInterceptedEquivalentProof returns a new instance of interceptedEquivalentProof
@@ -51,6 +54,7 @@ func NewInterceptedEquivalentProof(args ArgInterceptedEquivalentProof) (*interce
 		isForCurrentShard: extractIsForCurrentShard(args.ShardCoordinator, equivalentProof),
 		headerSigVerifier: args.HeaderSigVerifier,
 		proofsPool:        args.Proofs,
+		headersPool:       args.Headers,
 	}, nil
 }
 
@@ -70,6 +74,9 @@ func checkArgInterceptedEquivalentProof(args ArgInterceptedEquivalentProof) erro
 	if check.IfNil(args.Proofs) {
 		return process.ErrNilProofsPool
 	}
+	if check.IfNil(args.Headers) {
+		return process.ErrNilHeadersDataPool
+	}
 
 	return nil
 }
@@ -115,9 +122,33 @@ func (iep *interceptedEquivalentProof) CheckValidity() error {
 		return proofscache.ErrAlreadyExistingEquivalentProof
 	}
 
+	err = iep.checkHeaderParamsFromProof()
+	if err != nil {
+		return err
+	}
+
 	return iep.headerSigVerifier.VerifyHeaderProof(iep.proof)
 }
 
+func (iep *interceptedEquivalentProof) checkHeaderParamsFromProof() error {
+	header, err := iep.headersPool.GetHeaderByHash(iep.proof.GetHeaderHash())
+	if err != nil {
+		return fmt.Errorf("%w while getting header for proof hash %s", err, hex.EncodeToString(iep.proof.GetHeaderHash()))
+	}
+
+	if iep.proof.GetHeaderNonce() != header.GetNonce() {
+		return fmt.Errorf("%w, nonce mismatch", ErrInvalidProof)
+	}
+	if iep.proof.GetHeaderShardId() != header.GetShardID() {
+		return fmt.Errorf("%w, shard id mismatch", ErrInvalidProof)
+	}
+	if iep.proof.GetHeaderEpoch() != header.GetEpoch() {
+		return fmt.Errorf("%w, epoch mismatch", ErrInvalidProof)
+	}
+
+	return nil
+}
+
 func (iep *interceptedEquivalentProof) integrity() error {
 	isProofValid := len(iep.proof.AggregatedSignature) > 0 &&
 		len(iep.proof.PubKeysBitmap) > 0 &&

process/block/interceptedBlocks/interceptedEquivalentProof_test.go

@@ -4,33 +4,40 @@ import (
 	"bytes"
 	"errors"
 	"fmt"
+	"strings"
 	"testing"
 
 	"github.com/multiversx/mx-chain-core-go/core"
+	"github.com/multiversx/mx-chain-core-go/data"
 	"github.com/multiversx/mx-chain-core-go/data/block"
 	"github.com/multiversx/mx-chain-go/consensus/mock"
 	proofscache "github.com/multiversx/mx-chain-go/dataRetriever/dataPool/proofsCache"
 	"github.com/multiversx/mx-chain-go/process"
+	"github.com/multiversx/mx-chain-go/testscommon"
 	"github.com/multiversx/mx-chain-go/testscommon/consensus"
 	"github.com/multiversx/mx-chain-go/testscommon/dataRetriever"
 	"github.com/multiversx/mx-chain-go/testscommon/marshallerMock"
+	"github.com/multiversx/mx-chain-go/testscommon/pool"
 	logger "github.com/multiversx/mx-chain-logger-go"
 	"github.com/stretchr/testify/require"
 )
 
 var (
 	expectedErr    = errors.New("expected error")
 	testMarshaller = &marshallerMock.MarshalizerMock{}
+	providedEpoch  = uint32(123)
+	providedNonce  = uint64(345)
+	providedShard  = uint32(0)
 )
 
 func createMockDataBuff() []byte {
 	proof := &block.HeaderProof{
 		PubKeysBitmap:       []byte("bitmap"),
 		AggregatedSignature: []byte("sig"),
 		HeaderHash:          []byte("hash"),
-		HeaderEpoch:         123,
-		HeaderNonce:         345,
-		HeaderShardId:       0,
+		HeaderEpoch:         providedEpoch,
+		HeaderNonce:         providedNonce,
+		HeaderShardId:       providedShard,
 	}
 
 	dataBuff, _ := testMarshaller.Marshal(proof)
@@ -44,6 +51,19 @@ func createMockArgInterceptedEquivalentProof() ArgInterceptedEquivalentProof {
 		ShardCoordinator:  &mock.ShardCoordinatorMock{},
 		HeaderSigVerifier: &consensus.HeaderSigVerifierMock{},
 		Proofs:            &dataRetriever.ProofsPoolMock{},
+		Headers: &pool.HeadersPoolStub{
+			GetHeaderByHashCalled: func(hash []byte) (data.HeaderHandler, error) {
+				return &testscommon.HeaderHandlerStub{
+					EpochField: providedEpoch,
+					GetNonceCalled: func() uint64 {
+						return providedNonce
+					},
+					GetShardIDCalled: func() uint32 {
+						return providedShard
+					},
+				}, nil
+			},
+		},
 	}
 }
 
@@ -105,6 +125,15 @@ func TestNewInterceptedEquivalentProof(t *testing.T) {
 		require.Equal(t, process.ErrNilProofsPool, err)
 		require.Nil(t, iep)
 	})
+	t.Run("nil headers pool should error", func(t *testing.T) {
+		t.Parallel()
+
+		args := createMockArgInterceptedEquivalentProof()
+		args.Headers = nil
+		iep, err := NewInterceptedEquivalentProof(args)
+		require.Equal(t, process.ErrNilHeadersDataPool, err)
+		require.Nil(t, iep)
+	})
 	t.Run("unmarshal error should error", func(t *testing.T) {
 		t.Parallel()
 
@@ -164,6 +193,97 @@ func TestInterceptedEquivalentProof_CheckValidity(t *testing.T) {
 		require.Equal(t, proofscache.ErrAlreadyExistingEquivalentProof, err)
 	})
 
+	t.Run("missing header for proof hash should error", func(t *testing.T) {
+		t.Parallel()
+
+		providedErr := errors.New("missing header")
+		args := createMockArgInterceptedEquivalentProof()
+		args.Headers = &pool.HeadersPoolStub{
+			GetHeaderByHashCalled: func(hash []byte) (data.HeaderHandler, error) {
+				return nil, providedErr
+			},
+		}
+
+		iep, err := NewInterceptedEquivalentProof(args)
+		require.NoError(t, err)
+
+		err = iep.CheckValidity()
+		require.True(t, errors.Is(err, providedErr))
+	})
+
+	t.Run("nonce mismatch should error", func(t *testing.T) {
+		t.Parallel()
+
+		args := createMockArgInterceptedEquivalentProof()
+		args.Headers = &pool.HeadersPoolStub{
+			GetHeaderByHashCalled: func(hash []byte) (data.HeaderHandler, error) {
+				return &testscommon.HeaderHandlerStub{
+					GetNonceCalled: func() uint64 {
+						return providedNonce + 1
+					},
+				}, nil
+			},
+		}
+
+		iep, err := NewInterceptedEquivalentProof(args)
+		require.NoError(t, err)
+
+		err = iep.CheckValidity()
+		require.True(t, errors.Is(err, ErrInvalidProof))
+		require.True(t, strings.Contains(err.Error(), "nonce mismatch"))
+	})
+
+	t.Run("shard id mismatch should error", func(t *testing.T) {
+		t.Parallel()
+
+		args := createMockArgInterceptedEquivalentProof()
+		args.Headers = &pool.HeadersPoolStub{
+			GetHeaderByHashCalled: func(hash []byte) (data.HeaderHandler, error) {
+				return &testscommon.HeaderHandlerStub{
+					GetNonceCalled: func() uint64 {
+						return providedNonce
+					},
+					GetShardIDCalled: func() uint32 {
+						return providedShard + 1
+					},
+				}, nil
+			},
+		}
+
+		iep, err := NewInterceptedEquivalentProof(args)
+		require.NoError(t, err)
+
+		err = iep.CheckValidity()
+		require.True(t, errors.Is(err, ErrInvalidProof))
+		require.True(t, strings.Contains(err.Error(), "shard id mismatch"))
+	})
+
+	t.Run("epoch mismatch should error", func(t *testing.T) {
+		t.Parallel()
+
+		args := createMockArgInterceptedEquivalentProof()
+		args.Headers = &pool.HeadersPoolStub{
+			GetHeaderByHashCalled: func(hash []byte) (data.HeaderHandler, error) {
+				return &testscommon.HeaderHandlerStub{
+					GetNonceCalled: func() uint64 {
+						return providedNonce
+					},
+					GetShardIDCalled: func() uint32 {
+						return providedShard
+					},
+					EpochField: providedEpoch + 1,
+				}, nil
+			},
+		}
+
+		iep, err := NewInterceptedEquivalentProof(args)
+		require.NoError(t, err)
+
+		err = iep.CheckValidity()
+		require.True(t, errors.Is(err, ErrInvalidProof))
+		require.True(t, strings.Contains(err.Error(), "epoch mismatch"))
+	})
+
 	t.Run("should work", func(t *testing.T) {
 		t.Parallel()
 

process/factory/interceptorscontainer/baseInterceptorsContainerFactory.go

@@ -913,7 +913,12 @@ func (bicf *baseInterceptorsContainerFactory) generateValidatorInfoInterceptor()
 }
 
 func (bicf *baseInterceptorsContainerFactory) createOneShardEquivalentProofsInterceptor(topic string) (process.Interceptor, error) {
-	equivalentProofsFactory := interceptorFactory.NewInterceptedEquivalentProofsFactory(*bicf.argInterceptorFactory, bicf.dataPool.Proofs())
+	args := interceptorFactory.ArgInterceptedEquivalentProofsFactory{
+		ArgInterceptedDataFactory: *bicf.argInterceptorFactory,
+		ProofsPool:                bicf.dataPool.Proofs(),
+		HeadersPool:               bicf.dataPool.Headers(),
+	}
+	equivalentProofsFactory := interceptorFactory.NewInterceptedEquivalentProofsFactory(args)
 
 	marshaller := bicf.argInterceptorFactory.CoreComponents.InternalMarshalizer()
 	argProcessor := processor.ArgEquivalentProofsInterceptorProcessor{

process/interceptors/factory/interceptedEquivalentProofsFactory.go

@@ -9,20 +9,29 @@ import (
 	"github.com/multiversx/mx-chain-go/sharding"
 )
 
+// ArgInterceptedEquivalentProofsFactory is the DTO used to create a new instance of interceptedEquivalentProofsFactory
+type ArgInterceptedEquivalentProofsFactory struct {
+	ArgInterceptedDataFactory
+	ProofsPool  dataRetriever.ProofsPool
+	HeadersPool dataRetriever.HeadersPool
+}
+
 type interceptedEquivalentProofsFactory struct {
 	marshaller        marshal.Marshalizer
 	shardCoordinator  sharding.Coordinator
 	headerSigVerifier consensus.HeaderSigVerifier
 	proofsPool        dataRetriever.ProofsPool
+	headersPool       dataRetriever.HeadersPool
 }
 
 // NewInterceptedEquivalentProofsFactory creates a new instance of interceptedEquivalentProofsFactory
-func NewInterceptedEquivalentProofsFactory(args ArgInterceptedDataFactory, proofsPool dataRetriever.ProofsPool) *interceptedEquivalentProofsFactory {
+func NewInterceptedEquivalentProofsFactory(args ArgInterceptedEquivalentProofsFactory) *interceptedEquivalentProofsFactory {
 	return &interceptedEquivalentProofsFactory{
 		marshaller:        args.CoreComponents.InternalMarshalizer(),
 		shardCoordinator:  args.ShardCoordinator,
 		headerSigVerifier: args.HeaderSigVerifier,
-		proofsPool:        proofsPool,
+		proofsPool:        args.ProofsPool,
+		headersPool:       args.HeadersPool,
 	}
 }
 
@@ -34,6 +43,7 @@ func (factory *interceptedEquivalentProofsFactory) Create(buff []byte) (process.
 		ShardCoordinator:  factory.shardCoordinator,
 		HeaderSigVerifier: factory.headerSigVerifier,
 		Proofs:            factory.proofsPool,
+		Headers:           factory.headersPool,
 	}
 	return interceptedBlocks.NewInterceptedEquivalentProof(args)
 }

process/interceptors/factory/interceptedEquivalentProofsFactory_test.go

@@ -9,16 +9,21 @@ import (
 	processMock "github.com/multiversx/mx-chain-go/process/mock"
 	"github.com/multiversx/mx-chain-go/testscommon/consensus"
 	"github.com/multiversx/mx-chain-go/testscommon/dataRetriever"
+	"github.com/multiversx/mx-chain-go/testscommon/pool"
 	"github.com/stretchr/testify/require"
 )
 
-func createMockArgInterceptedDataFactory() ArgInterceptedDataFactory {
-	return ArgInterceptedDataFactory{
-		CoreComponents: &processMock.CoreComponentsMock{
-			IntMarsh: &mock.MarshalizerMock{},
+func createMockArgInterceptedEquivalentProofsFactory() ArgInterceptedEquivalentProofsFactory {
+	return ArgInterceptedEquivalentProofsFactory{
+		ArgInterceptedDataFactory: ArgInterceptedDataFactory{
+			CoreComponents: &processMock.CoreComponentsMock{
+				IntMarsh: &mock.MarshalizerMock{},
+			},
+			ShardCoordinator:  &mock.ShardCoordinatorMock{},
+			HeaderSigVerifier: &consensus.HeaderSigVerifierMock{},
 		},
-		ShardCoordinator:  &mock.ShardCoordinatorMock{},
-		HeaderSigVerifier: &consensus.HeaderSigVerifierMock{},
+		ProofsPool:  &dataRetriever.ProofsPoolMock{},
+		HeadersPool: &pool.HeadersPoolStub{},
 	}
 }
 
@@ -28,22 +33,22 @@ func TestInterceptedEquivalentProofsFactory_IsInterfaceNil(t *testing.T) {
 	var factory *interceptedEquivalentProofsFactory
 	require.True(t, factory.IsInterfaceNil())
 
-	factory = NewInterceptedEquivalentProofsFactory(createMockArgInterceptedDataFactory(), &dataRetriever.ProofsPoolMock{})
+	factory = NewInterceptedEquivalentProofsFactory(createMockArgInterceptedEquivalentProofsFactory())
 	require.False(t, factory.IsInterfaceNil())
 }
 
 func TestNewInterceptedEquivalentProofsFactory(t *testing.T) {
 	t.Parallel()
 
-	factory := NewInterceptedEquivalentProofsFactory(createMockArgInterceptedDataFactory(), &dataRetriever.ProofsPoolMock{})
+	factory := NewInterceptedEquivalentProofsFactory(createMockArgInterceptedEquivalentProofsFactory())
 	require.NotNil(t, factory)
 }
 
 func TestInterceptedEquivalentProofsFactory_Create(t *testing.T) {
 	t.Parallel()
 
-	args := createMockArgInterceptedDataFactory()
-	factory := NewInterceptedEquivalentProofsFactory(args, &dataRetriever.ProofsPoolMock{})
+	args := createMockArgInterceptedEquivalentProofsFactory()
+	factory := NewInterceptedEquivalentProofsFactory(args)
 	require.NotNil(t, factory)
 
 	providedProof := &block.HeaderProof{