How do cross-chain bridges work? A case on Wormhole (Part 2)

Following Part 1, in this article we focus on guardian signatures verification in Wormhole on both Solana and Ethereum.

How are the guardian signatures verified (to prevent fake VAAs)?

On Solana, Wormhole uses the verify_signatures function to verify all the signatures in a VAA. Each VAA may contain multiple signatures (at least 2/3 of 19 verified signatures to reach a quorum). Because of the compute limit, it splits the signature verification into multiple steps (i.e., calling verify_signatures multiple times), with each call verifying a subset (e.g., six or seven) of the guardian signatures:

The input accounts in VerifySignatures are defined below:

The two PDA accounts guardian_set and signature_set are important. The guardian_set account must have been initialized (AccountState::Initialized) and it stores a set of the verified guardians (including their keys):