Add viewID to block signed content (#2877)

* [consensus] Add ConstructCommitPayload for consensus signatures * [internal/engine] verify consensus sigs on hash+blockNum+viewID * [consensus] Add ConstructCommitPayload for consensus signatures * [internal/engine] verify consensus sigs on hash+blockNum+viewID * [consensus] verify consensus sigs on hash+blockNum+viewID * [node] verify consensus sigs for explorer on hash+blockNum+viewID * [crosslink] Add viewID & tie break by viewID last on sort * [api] Update crosslink constructor for viewID addition * [staking] Verify consensus sigs on hash+blockNum+viewID * [slash] update tests * [engine] Fix VerifyHeaderWithSignature commit signature payload * [crosslink] Make NewCrossLink return a pointer to CrossLink * [node] update ConstructCrossLinkMessage to reflect NewCrossLink change * [debug] Remove debugging logs
5 years ago · 451d16c14d
parent f1d26b3a75
commit 451d16c14d
13 changed files with 137 additions and 84 deletions
--- a/api/proto/node/node.go
+++ b/api/proto/node/node.go
@ -189,7 +189,7 @@ func ConstructSlashMessage(witnesses slash.Records) []byte {
 // ConstructCrossLinkMessage constructs cross link message to send to beacon chain
 func ConstructCrossLinkMessage(bc engine.ChainReader, headers []*block.Header) []byte {
 	byteBuffer := bytes.NewBuffer(crossLinkH)
-	crosslinks := []types.CrossLink{}
+	crosslinks := []*types.CrossLink{}
 	for _, header := range headers {
 		if header.Number().Uint64() <= 1 || !bc.Config().IsCrossLink(header.Epoch()) {
 			continue
@ -198,8 +198,7 @@ func ConstructCrossLinkMessage(bc engine.ChainReader, headers []*block.Header) [
 		if parentHeader == nil {
 			continue
 		}
-		epoch := parentHeader.Epoch()
-		crosslinks = append(crosslinks, types.NewCrossLink(header, epoch))
+		crosslinks = append(crosslinks, types.NewCrossLink(header, parentHeader))
 	}
 	crosslinksData, _ := rlp.EncodeToBytes(crosslinks)
 	byteBuffer.Write(crosslinksData)
--- a/consensus/leader.go
+++ b/consensus/leader.go
@ -1,7 +1,7 @@
 package consensus

 import (
-	"encoding/binary"
+	"math/big"
 	"time"

 	"github.com/ethereum/go-ethereum/common"
@ -9,6 +9,7 @@ import (
 	"github.com/harmony-one/bls/ffi/go/bls"
 	msg_pb "github.com/harmony-one/harmony/api/proto/message"
 	"github.com/harmony-one/harmony/consensus/quorum"
+	"github.com/harmony-one/harmony/consensus/signature"
 	"github.com/harmony-one/harmony/core/types"
 	nodeconfig "github.com/harmony-one/harmony/internal/configs/node"
 	"github.com/harmony-one/harmony/p2p"
@ -222,10 +223,8 @@ func (consensus *Consensus) onCommit(msg *msg_pb.Message) {
 		return
 	}

-	// TODO(audit): verify signature on hash+blockNum+viewID (add a hard fork)
-	blockNumHash := make([]byte, 8)
-	binary.LittleEndian.PutUint64(blockNumHash, recvMsg.BlockNum)
-	commitPayload := append(blockNumHash, recvMsg.BlockHash[:]...)
+	commitPayload := signature.ConstructCommitPayload(consensus.ChainReader,
+		new(big.Int).SetUint64(consensus.epoch), recvMsg.BlockHash, recvMsg.BlockNum, consensus.viewID)
 	logger = logger.With().
 		Uint64("MsgViewID", recvMsg.ViewID).
 		Uint64("MsgBlockNum", recvMsg.BlockNum).
--- a/consensus/signature/signature.go
+++ b/consensus/signature/signature.go
@ -0,0 +1,28 @@
+package signature
+
+import (
+	"encoding/binary"
+	"math/big"
+
+	"github.com/ethereum/go-ethereum/common"
+	"github.com/harmony-one/harmony/internal/params"
+)
+
+type signatureChainReader interface {
+	Config() *params.ChainConfig
+}
+
+// ConstructCommitPayload returns the commit payload for consensus signatures.
+func ConstructCommitPayload(
+	chain signatureChainReader, epoch *big.Int, blockHash common.Hash, blockNum, viewID uint64,
+) []byte {
+	blockNumBytes := make([]byte, 8)
+	binary.LittleEndian.PutUint64(blockNumBytes, blockNum)
+	commitPayload := append(blockNumBytes, blockHash.Bytes()...)
+	if !chain.Config().IsStaking(epoch) {
+		return commitPayload
+	}
+	viewIDBytes := make([]byte, 8)
+	binary.LittleEndian.PutUint64(viewIDBytes, viewID)
+	return append(commitPayload, viewIDBytes...)
+}
--- a/consensus/threshold.go
+++ b/consensus/threshold.go
@ -1,11 +1,12 @@
 package consensus

 import (
-	"encoding/binary"
+	"math/big"

 	"github.com/ethereum/go-ethereum/common"
 	msg_pb "github.com/harmony-one/harmony/api/proto/message"
 	"github.com/harmony-one/harmony/consensus/quorum"
+	"github.com/harmony-one/harmony/consensus/signature"
 	nodeconfig "github.com/harmony-one/harmony/internal/configs/node"
 	"github.com/harmony-one/harmony/internal/utils"
 	"github.com/harmony-one/harmony/p2p"
@ -37,10 +38,8 @@ func (consensus *Consensus) didReachPrepareQuorum() error {
 	consensus.aggregatedPrepareSig = aggSig
 	consensus.FBFTLog.AddMessage(FBFTMsg)
 	// Leader add commit phase signature
-	// TODO(audit): sign signature on hash+blockNum+viewID (add a hard fork)
-	blockNumHash := [8]byte{}
-	binary.LittleEndian.PutUint64(blockNumHash[:], consensus.blockNum)
-	commitPayload := append(blockNumHash[:], consensus.blockHash[:]...)
+	commitPayload := signature.ConstructCommitPayload(consensus.ChainReader,
+		new(big.Int).SetUint64(consensus.epoch), consensus.blockHash, consensus.blockNum, consensus.viewID)

 	// so by this point, everyone has committed to the blockhash of this block
 	// in prepare and so this is the actual block.
--- a/consensus/validator.go
+++ b/consensus/validator.go
@ -2,13 +2,14 @@ package consensus

 import (
 	"bytes"
-	"encoding/binary"
 	"encoding/hex"
+	"math/big"
 	"time"

 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/rlp"
 	msg_pb "github.com/harmony-one/harmony/api/proto/message"
+	"github.com/harmony-one/harmony/consensus/signature"
 	"github.com/harmony-one/harmony/core/types"
 	nodeconfig "github.com/harmony-one/harmony/internal/configs/node"
 	"github.com/harmony-one/harmony/p2p"
@ -199,16 +200,17 @@ func (consensus *Consensus) onPrepared(msg *msg_pb.Message) {
 	if bytes.Equal(consensus.blockHash[:], emptyHash[:]) {
 		copy(consensus.blockHash[:], blockHash[:])
 	}
-	blockNumBytes := make([]byte, 8)
-	binary.LittleEndian.PutUint64(blockNumBytes, consensus.blockNum)
+
+	// local viewID may not be constant with other, so use received msg viewID.
+	commitPayload := signature.ConstructCommitPayload(consensus.ChainReader,
+		new(big.Int).SetUint64(consensus.epoch), consensus.blockHash, consensus.blockNum, recvMsg.ViewID)
 	groupID := []nodeconfig.GroupID{
 		nodeconfig.NewGroupIDByShardID(nodeconfig.ShardID(consensus.ShardID)),
 	}
 	for i, key := range consensus.PubKey.PublicKey {
 		networkMessage, _ := consensus.construct(
-			// TODO(audit): sign signature on hash+blockNum+viewID (add a hard fork)
 			msg_pb.MessageType_COMMIT,
-			append(blockNumBytes, consensus.blockHash[:]...),
+			commitPayload,
 			key, consensus.priKey.PrivateKey[i],
 		)

@ -256,10 +258,9 @@ func (consensus *Consensus) onCommitted(msg *msg_pb.Message) {
 		return
 	}

-	// TODO(audit): verify signature on hash+blockNum+viewID (add a hard fork)
-	blockNumBytes := make([]byte, 8)
-	binary.LittleEndian.PutUint64(blockNumBytes, recvMsg.BlockNum)
-	commitPayload := append(blockNumBytes, recvMsg.BlockHash[:]...)
+	// Received msg must be about same epoch, otherwise it's invalid anyways.
+	commitPayload := signature.ConstructCommitPayload(consensus.ChainReader,
+		new(big.Int).SetUint64(consensus.epoch), recvMsg.BlockHash, recvMsg.BlockNum, recvMsg.ViewID)
 	if !aggSig.VerifyHash(mask.AggregatePublic, commitPayload) {
 		consensus.getLogger().Error().
 			Uint64("MsgBlockNum", recvMsg.BlockNum).
--- a/consensus/view_change.go
+++ b/consensus/view_change.go
@ -3,6 +3,7 @@ package consensus
 import (
 	"bytes"
 	"encoding/binary"
+	"math/big"
 	"sync"
 	"time"

@ -10,6 +11,7 @@ import (
 	"github.com/harmony-one/bls/ffi/go/bls"
 	msg_pb "github.com/harmony-one/harmony/api/proto/message"
 	"github.com/harmony-one/harmony/consensus/quorum"
+	"github.com/harmony-one/harmony/consensus/signature"
 	bls_cosi "github.com/harmony-one/harmony/crypto/bls"
 	nodeconfig "github.com/harmony-one/harmony/internal/configs/node"
 	"github.com/harmony-one/harmony/internal/utils"
@ -361,10 +363,8 @@ func (consensus *Consensus) onViewChange(msg *msg_pb.Message) {
 			consensus.aggregatedPrepareSig = aggSig
 			consensus.prepareBitmap = mask
 			// Leader sign and add commit message
-			// TODO(audit): verify signature on hash+blockNum+viewID (add a hard fork)
-			blockNumBytes := [8]byte{}
-			binary.LittleEndian.PutUint64(blockNumBytes[:], consensus.blockNum)
-			commitPayload := append(blockNumBytes[:], consensus.blockHash[:]...)
+			commitPayload := signature.ConstructCommitPayload(consensus.ChainReader,
+				new(big.Int).SetUint64(consensus.epoch), consensus.blockHash, consensus.blockNum, recvMsg.ViewID)
 			for i, key := range consensus.PubKey.PublicKey {
 				priKey := consensus.priKey.PrivateKey[i]
 				if _, err := consensus.Decider.SubmitVote(
@ -533,14 +533,14 @@ func (consensus *Consensus) onNewView(msg *msg_pb.Message) {
 	// TODO: check magic number 32
 	if len(recvMsg.Payload) > 32 {
 		// Construct and send the commit message
-		blockNumHash := make([]byte, 8)
-		binary.LittleEndian.PutUint64(blockNumHash, consensus.blockNum)
+		commitPayload := signature.ConstructCommitPayload(consensus.ChainReader,
+			new(big.Int).SetUint64(consensus.epoch), consensus.blockHash, consensus.blockNum, consensus.viewID)
 		groupID := []nodeconfig.GroupID{
 			nodeconfig.NewGroupIDByShardID(nodeconfig.ShardID(consensus.ShardID))}
 		for i, key := range consensus.PubKey.PublicKey {
 			network, err := consensus.construct(
 				msg_pb.MessageType_COMMIT,
-				append(blockNumHash, consensus.blockHash[:]...),
+				commitPayload,
 				key, consensus.priKey.PrivateKey[i],
 			)
 			if err != nil {
--- a/core/types/crosslink.go
+++ b/core/types/crosslink.go
@ -13,12 +13,13 @@ import (

 // CrossLink is only used on beacon chain to store the hash links from other shards
 // signature and bitmap correspond to |blockNumber|parentHash| byte array
-// Captial to enable rlp encoding
+// Capital to enable rlp encoding
 // Here we replace header to signatures only, the basic assumption is the committee will not be
 // corrupted during one epoch, which is the same as consensus assumption
 type CrossLink struct {
 	HashF        common.Hash
 	BlockNumberF *big.Int
+	ViewIDF      *big.Int
 	SignatureF   [96]byte //aggregated signature
 	BitmapF      []byte   //corresponding bitmap mask for agg signature
 	ShardIDF     uint32   //will be verified with signature on |blockNumber|blockHash| is correct
@ -26,56 +27,72 @@ type CrossLink struct {
 }

 // NewCrossLink returns a new cross link object
-// epoch is the parentHeader's epoch
-func NewCrossLink(header *block.Header, epoch *big.Int) CrossLink {
+func NewCrossLink(header *block.Header, parentHeader *block.Header) *CrossLink {
 	parentBlockNum := big.NewInt(0)
-	if header.Number().Uint64() == 0 { // should not happend, just to be defensive
-		return CrossLink{header.ParentHash(), parentBlockNum, header.LastCommitSignature(), header.LastCommitBitmap(), header.ShardID(), epoch}
+	parentViewID := big.NewInt(0)
+	parentEpoch := big.NewInt(0)
+	if parentHeader != nil { // Should always happen, default values to be defensive.
+		parentBlockNum = parentHeader.Number()
+		parentViewID = parentHeader.ViewID()
+		parentEpoch = parentHeader.Epoch()
+	}
+	return &CrossLink{
+		HashF:        header.ParentHash(),
+		BlockNumberF: parentBlockNum,
+		ViewIDF:      parentViewID,
+		SignatureF:   header.LastCommitSignature(),
+		BitmapF:      header.LastCommitBitmap(),
+		ShardIDF:     header.ShardID(),
+		EpochF:       parentEpoch,
 	}
-	parentBlockNum.Sub(header.Number(), big.NewInt(1))
-	return CrossLink{header.ParentHash(), parentBlockNum, header.LastCommitSignature(), header.LastCommitBitmap(), header.ShardID(), epoch}
 }

 // ShardID returns shardID
-func (cl CrossLink) ShardID() uint32 {
+func (cl *CrossLink) ShardID() uint32 {
 	return cl.ShardIDF
 }

 // Number returns blockNum with big.Int format
-func (cl CrossLink) Number() *big.Int {
+func (cl *CrossLink) Number() *big.Int {
 	return cl.BlockNumberF
 }

+// ViewID returns viewID with big.Int format
+func (cl *CrossLink) ViewID() *big.Int {
+	return cl.ViewIDF
+}
+
 // Epoch returns epoch with big.Int format
-func (cl CrossLink) Epoch() *big.Int {
+func (cl *CrossLink) Epoch() *big.Int {
 	return cl.EpochF
 }

 // BlockNum returns blockNum
-func (cl CrossLink) BlockNum() uint64 {
+func (cl *CrossLink) BlockNum() uint64 {
 	return cl.BlockNumberF.Uint64()
 }

 // Hash returns hash
-func (cl CrossLink) Hash() common.Hash {
+func (cl *CrossLink) Hash() common.Hash {
 	return cl.HashF
 }

 // Bitmap returns bitmap
-func (cl CrossLink) Bitmap() []byte {
+func (cl *CrossLink) Bitmap() []byte {
 	return cl.BitmapF
 }

 // Signature returns aggregated signature
-func (cl CrossLink) Signature() [96]byte {
+func (cl *CrossLink) Signature() [96]byte {
 	return cl.SignatureF
 }

 // MarshalJSON ..
-func (cl CrossLink) MarshalJSON() ([]byte, error) {
+func (cl *CrossLink) MarshalJSON() ([]byte, error) {
 	return json.Marshal(struct {
 		Hash        common.Hash `json:"hash"`
 		BlockNumber *big.Int    `json:"block-number"`
+		ViewID      *big.Int    `json:"view-id"`
 		Signature   string      `json:"signature"`
 		Bitmap      string      `json:"signature-bitmap"`
 		ShardID     uint32      `json:"shard-id"`
@ -83,6 +100,7 @@ func (cl CrossLink) MarshalJSON() ([]byte, error) {
 	}{
 		cl.HashF,
 		cl.BlockNumberF,
+		cl.ViewIDF,
 		hex.EncodeToString(cl.SignatureF[:]),
 		hex.EncodeToString(cl.BitmapF),
 		cl.ShardIDF,
@ -91,7 +109,7 @@ func (cl CrossLink) MarshalJSON() ([]byte, error) {
 }

 // Serialize returns bytes of cross link rlp-encoded content
-func (cl CrossLink) Serialize() []byte {
+func (cl *CrossLink) Serialize() []byte {
 	bytes, _ := rlp.EncodeToBytes(cl)
 	return bytes
 }
@ -109,16 +127,20 @@ func DeserializeCrossLink(bytes []byte) (*CrossLink, error) {
 // CrossLinks is a collection of cross links
 type CrossLinks []CrossLink

-// Sort crosslinks by shardID and then by blockNum
+// Sort crosslinks by shardID and then tie break by blockNum then by viewID
 func (cls CrossLinks) Sort() {
 	sort.Slice(cls, func(i, j int) bool {
-		return cls[i].ShardID() < cls[j].ShardID() || (cls[i].ShardID() == cls[j].ShardID() && cls[i].Number().Cmp(cls[j].Number()) < 0)
+		return cls[i].ShardID() < cls[j].ShardID() ||
+			(cls[i].ShardID() == cls[j].ShardID() && cls[i].Number().Cmp(cls[j].Number()) < 0) ||
+			(cls[i].ShardID() == cls[j].ShardID() && cls[i].Number() == cls[j].Number() && cls[i].ViewID().Cmp(cls[j].ViewID()) < 0)
 	})
 }

 // IsSorted checks whether the cross links are sorted
 func (cls CrossLinks) IsSorted() bool {
 	return sort.SliceIsSorted(cls, func(i, j int) bool {
-		return cls[i].ShardID() < cls[j].ShardID() || (cls[i].ShardID() == cls[j].ShardID() && cls[i].Number().Cmp(cls[j].Number()) < 0)
+		return cls[i].ShardID() < cls[j].ShardID() ||
+			(cls[i].ShardID() == cls[j].ShardID() && cls[i].Number().Cmp(cls[j].Number()) < 0) ||
+			(cls[i].ShardID() == cls[j].ShardID() && cls[i].Number() == cls[j].Number() && cls[i].ViewID().Cmp(cls[j].ViewID()) < 0)
 	})
 }
--- a/internal/chain/engine.go
+++ b/internal/chain/engine.go
@ -2,7 +2,6 @@ package chain

 import (
 	"bytes"
-	"encoding/binary"
 	"math/big"
 	"sort"

@ -13,6 +12,7 @@ import (
 	"github.com/harmony-one/harmony/consensus/engine"
 	"github.com/harmony-one/harmony/consensus/quorum"
 	"github.com/harmony-one/harmony/consensus/reward"
+	"github.com/harmony-one/harmony/consensus/signature"
 	"github.com/harmony-one/harmony/core/state"
 	"github.com/harmony-one/harmony/core/types"
 	"github.com/harmony-one/harmony/internal/utils"
@ -227,10 +227,8 @@ func (e *engineImpl) VerifySeal(chain engine.ChainReader, header *block.Header)
 		}
 	}

-	// TODO(audit): verify signature on hash+blockNum+viewID (add a hard fork)
-	blockNumHash := make([]byte, 8)
-	binary.LittleEndian.PutUint64(blockNumHash, header.Number().Uint64()-1)
-	lastCommitPayload := append(blockNumHash, parentHash[:]...)
+	lastCommitPayload := signature.ConstructCommitPayload(chain,
+		parentHeader.Epoch(), parentHeader.Hash(), parentHeader.Number().Uint64(), parentHeader.ViewID().Uint64())
 	if !aggSig.VerifyHash(mask.AggregatePublic, lastCommitPayload) {
 		const msg = "[VerifySeal] Unable to verify aggregated signature from last block"
 		return errors.New(msg)
@ -505,7 +503,6 @@ func (e *engineImpl) VerifyHeaderWithSignature(chain engine.ChainReader, header
 			"[VerifyHeaderWithSignature] Unable to deserialize signatures",
 		)
 	}
-	hash := header.Hash()

 	if e := header.Epoch(); chain.Config().IsStaking(e) {
 		slotList, err := chain.ReadShardState(e)
@ -543,10 +540,8 @@ func (e *engineImpl) VerifyHeaderWithSignature(chain engine.ChainReader, header
 			)
 		}
 	}
-	// TODO(audit): verify signature on hash+blockNum+viewID (add a hard fork)
-	blockNumHash := make([]byte, 8)
-	binary.LittleEndian.PutUint64(blockNumHash, header.Number().Uint64())
-	commitPayload := append(blockNumHash, hash[:]...)
+	commitPayload := signature.ConstructCommitPayload(chain,
+		header.Epoch(), header.Hash(), header.Number().Uint64(), header.ViewID().Uint64())

 	if !aggSig.VerifyHash(mask.AggregatePublic, commitPayload) {
 		return errors.New("[VerifySeal] Unable to verify aggregated signature for block")
--- a/node/node_cross_link.go
+++ b/node/node_cross_link.go
@ -145,6 +145,6 @@ func (node *Node) VerifyCrossLink(cl types.CrossLink) error {
 	}

 	return verify.AggregateSigForCommittee(
-		committee, aggSig, cl.Hash(), cl.BlockNum(), cl.Epoch(), cl.Bitmap(),
+		node.Blockchain(), committee, aggSig, cl.Hash(), cl.BlockNum(), cl.ViewID().Uint64(), cl.Epoch(), cl.Bitmap(),
 	)
 }
--- a/node/node_explorer.go
+++ b/node/node_explorer.go
@ -1,7 +1,6 @@
 package node

 import (
-	"encoding/binary"
 	"sort"
 	"sync"

@ -11,6 +10,7 @@ import (
 	msg_pb "github.com/harmony-one/harmony/api/proto/message"
 	"github.com/harmony-one/harmony/api/service/explorer"
 	"github.com/harmony-one/harmony/consensus"
+	"github.com/harmony-one/harmony/consensus/signature"
 	"github.com/harmony-one/harmony/core/types"
 	"github.com/harmony-one/harmony/internal/utils"
 )
@ -52,18 +52,6 @@ func (node *Node) ExplorerMessageHandler(payload []byte) {
 			return
 		}

-		// TODO(audit): verify signature on hash+blockNum+viewID (add a hard fork)
-		blockNumHash := make([]byte, 8)
-		binary.LittleEndian.PutUint64(blockNumHash, recvMsg.BlockNum)
-		commitPayload := append(blockNumHash, recvMsg.BlockHash[:]...)
-		if !aggSig.VerifyHash(mask.AggregatePublic, commitPayload) {
-			utils.Logger().
-				Error().Err(err).
-				Uint64("msgBlock", recvMsg.BlockNum).
-				Msg("[Explorer] Failed to verify the multi signature for commit phase")
-			return
-		}
-
 		block := node.Consensus.FBFTLog.GetBlockByHash(recvMsg.BlockHash)

 		if block == nil {
@ -74,6 +62,16 @@ func (node *Node) ExplorerMessageHandler(payload []byte) {
 			return
 		}

+		commitPayload := signature.ConstructCommitPayload(node.Blockchain(),
+			block.Epoch(), block.Hash(), block.Number().Uint64(), block.Header().ViewID().Uint64())
+		if !aggSig.VerifyHash(mask.AggregatePublic, commitPayload) {
+			utils.Logger().
+				Error().Err(err).
+				Uint64("msgBlock", recvMsg.BlockNum).
+				Msg("[Explorer] Failed to verify the multi signature for commit phase")
+			return
+		}
+
 		node.AddNewBlockForExplorer(block)
 		node.commitBlockForExplorer(block)
 	} else if msg.Type == msg_pb.MessageType_PREPARED {
--- a/staking/slash/double-sign.go
+++ b/staking/slash/double-sign.go
@ -1,7 +1,6 @@
 package slash

 import (
-	"encoding/binary"
 	"encoding/hex"
 	"encoding/json"
 	"math/big"
@ -9,11 +8,13 @@ import (
 	"github.com/ethereum/go-ethereum/common"
 	"github.com/ethereum/go-ethereum/rlp"
 	"github.com/harmony-one/bls/ffi/go/bls"
+	consensus_sig "github.com/harmony-one/harmony/consensus/signature"
 	"github.com/harmony-one/harmony/consensus/votepower"
 	"github.com/harmony-one/harmony/core/state"
 	"github.com/harmony-one/harmony/core/types"
 	"github.com/harmony-one/harmony/crypto/hash"
 	common2 "github.com/harmony-one/harmony/internal/common"
+	"github.com/harmony-one/harmony/internal/params"
 	"github.com/harmony-one/harmony/internal/utils"
 	"github.com/harmony-one/harmony/numeric"
 	"github.com/harmony-one/harmony/shard"
@ -78,7 +79,7 @@ type Record struct {

 // Application tracks the slash application to state
 type Application struct {
-	TotalSlashed      *big.Int `json:'total-slashed`
+	TotalSlashed      *big.Int `json:"total-slashed"`
 	TotalSnitchReward *big.Int `json:"total-snitch-reward"`
 }

@ -136,6 +137,7 @@ func (r Record) String() string {

 // CommitteeReader ..
 type CommitteeReader interface {
+	Config() *params.ChainConfig
 	ReadShardState(epoch *big.Int) (*shard.State, error)
 	CurrentBlock() *types.Block
 }
@ -241,10 +243,15 @@ func Verify(
 			return err
 		}

-		blockNumBytes := make([]byte, 8)
-		// TODO(audit): add view ID into signature payload
-		binary.LittleEndian.PutUint64(blockNumBytes, ballot.Height)
-		commitPayload := append(blockNumBytes, ballot.BlockHeaderHash[:]...)
+		// slash verification only happens in staking era, therefore want commit payload for staking epoch
+		commitPayload := consensus_sig.ConstructCommitPayload(chain,
+			chain.Config().StakingEpoch, ballot.BlockHeaderHash, ballot.Height, ballot.ViewID)
+		utils.Logger().Debug().
+			Uint64("epoch", chain.Config().StakingEpoch.Uint64()).
+			Uint64("block-number", ballot.Height).
+			Uint64("view-id", ballot.ViewID).
+			Msgf("[COMMIT-PAYLOAD] doubleSignVerify %v", hex.EncodeToString(commitPayload))
+
 		if !signature.VerifyHash(publicKey, commitPayload) {
 			return errFailVerifySlash
 		}
--- a/staking/slash/double-sign_test.go
+++ b/staking/slash/double-sign_test.go
@ -16,6 +16,7 @@ import (
 	"github.com/harmony-one/harmony/core/state"
 	"github.com/harmony-one/harmony/core/types"
 	common2 "github.com/harmony-one/harmony/internal/common"
+	"github.com/harmony-one/harmony/internal/params"
 	"github.com/harmony-one/harmony/numeric"
 	"github.com/harmony-one/harmony/shard"
 	"github.com/harmony-one/harmony/staking/effective"
@ -399,7 +400,7 @@ func (mockOutChainReader) ReadShardState(epoch *big.Int) (*shard.State, error) {
 	return &shard.State{
 		Epoch: doubleSignEpochBig,
 		Shards: []shard.Committee{
-			shard.Committee{
+			{
 				ShardID: doubleSignShardID,
 				Slots: shard.SlotList{
 					shard.Slot{
@ -413,6 +414,10 @@ func (mockOutChainReader) ReadShardState(epoch *big.Int) (*shard.State, error) {
 	}, nil
 }

+func (mockOutChainReader) Config() *params.ChainConfig {
+	return params.TestChainConfig
+}
+
 func TestVerify(t *testing.T) {
 	stateHandle := defaultStateWithAccountsApplied()

--- a/staking/verify/verify.go
+++ b/staking/verify/verify.go
@ -1,12 +1,13 @@
 package verify

 import (
-	"encoding/binary"
 	"math/big"

 	"github.com/ethereum/go-ethereum/common"
 	"github.com/harmony-one/bls/ffi/go/bls"
 	"github.com/harmony-one/harmony/consensus/quorum"
+	"github.com/harmony-one/harmony/consensus/signature"
+	"github.com/harmony-one/harmony/core"
 	bls_cosi "github.com/harmony-one/harmony/crypto/bls"
 	"github.com/harmony-one/harmony/multibls"
 	"github.com/harmony-one/harmony/shard"
@ -20,10 +21,11 @@ var (

 // AggregateSigForCommittee ..
 func AggregateSigForCommittee(
+	chain *core.BlockChain,
 	committee *shard.Committee,
 	aggSignature *bls.Sign,
 	hash common.Hash,
-	blockNum uint64,
+	blockNum, viewID uint64,
 	epoch *big.Int,
 	bitmap []byte,
 ) error {
@ -52,9 +54,7 @@ func AggregateSigForCommittee(
 		return errQuorumVerifyAggSign
 	}

-	blockNumBytes := make([]byte, 8)
-	binary.LittleEndian.PutUint64(blockNumBytes, blockNum)
-	commitPayload := append(blockNumBytes, hash[:]...)
+	commitPayload := signature.ConstructCommitPayload(chain, epoch, hash, blockNum, viewID)
 	if !aggSignature.VerifyHash(mask.AggregatePublic, commitPayload) {
 		return errAggregateSigFail
 	}