Not return err when pass random str or invalid privateKey to func PrivateKeyFromBase58

[Almazatun]

I just tried to use the func to validate private key but got some other behavior that func.

https://github.com/gagliardetto/solana-go/blob/main/keys.go#L48

It's correct behavior ?

[Almazatun]

Also, I want to add some notes if pass incorrect value or random str the func and call public method PublicKey() or call Sign(pk) not return error argument but call panic. But the methods should return err argument.

panic: runtime error: slice bounds out of range [x:x] | panic: ed25519: bad private key length

If pass correct privateKey, everything will be fine and return publicKey.

[pikomonde]

I just tried to use the func to validate private key but got some other behavior that func.

https://github.com/gagliardetto/solana-go/blob/main/keys.go#L48

It's correct behavior ?

Hi @Almazatun , can you explain what is the "some other behaviour"?

Also, I want to add some notes if pass incorrect value or random str the func and call public method PublicKey() or call Sign(pk) not return error argument but call panic. But the methods should return err argument.

panic: runtime error: slice bounds out of range [x:x] | panic: ed25519: bad private key length

If pass correct privateKey, everything will be fine and return publicKey.

Can you give the sample of the code that give that exact error? It will help us to debugging. Thank you

[Almazatun]

@pikomonde Thank you very much for your reply. The PrivateKeyFromBase58 method returns two values. If I guess that means if pass invalid privateKey should be returned err that does not equal nil. But instead of this behavior, you will get err = nil.

invalidPrivateKey := "6HsFaXKVD7mo43oTbdqyGgAnYFeNNhqY75B3JGJ6K8a227KjjG3uW3v"

_, err := solana.PrivateKeyFromBase58(invalidPk)

fmt.Println(err)

Is this the correct behavior of the method?

[pikomonde]

Ah, I got your question now. My question is, how do you know that 6HsFaXKVD7mo43oTbdqyGgAnYFeNNhqY75B3JGJ6K8a227KjjG3uW3v is an invalid private key? Is there any docs on Solana that classify that this particular private key is invalid?

[Almazatun]

@pikomonde You can copy and paste it to phantom wallet for checking.

[pikomonde]

I'm not sure if it is the correct behaviour or not (I think we need to compare with solana's official client)

But I think it is invalid because it is not on the a valid "ed25519" pair, and unfortunately the golang's "crypto/ed25519" package not providing a valid validation for it. Need to implement using this: https://security.stackexchange.com/questions/233099/validating-an-ed25519-public-key (haven't check it yet)

So I think there are 2 action items:

• Comparing the implementation of solana's official client;
• Check whether the implementation of https://security.stackexchange.com/questions/233099/validating-an-ed25519-public-key is correct or not.

[pikomonde]

Just realized that there is already a function provided by this library:

solana.IsOnCurve("6HsFaXKVD7mo43oTbdqyGgAnYFeNNhqY75B3JGJ6K8a227KjjG3uW3v")