fix: improve SignedHeader.Verify function (#1742)

Major change in this PR is the way how non-adjacent `SignedHeader`s are
`Verify`ed. This was long-overdue issue. Incompatibility was introduced
in go-header v0.1.1.

`Verify` method was refactored and simplified.

Resolves #1496
Resolves #1741 


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

- **New Features**
- Introduced additional verification methods for header and commit
hashes to enhance validation processes.
	- Added functionality to check the adjacency of header heights.

- **Bug Fixes**
	- Improved error handling within the verification process.

- **Tests**
- Added new test cases for non-adjacent headers and proposer
verification failures.
	- Updated existing test cases for better coverage and accuracy.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

Author: tzdybal

types/signed_header.go

@@ -29,9 +29,6 @@ func (sh *SignedHeader) IsZero() bool {
 }
 
 var (
-	// ErrNonAdjacentHeaders is returned when the headers are not adjacent.
-	ErrNonAdjacentHeaders = errors.New("non-adjacent headers")
-
 	// ErrLastHeaderHashMismatch is returned when the last header hash doesn't match.
 	ErrLastHeaderHashMismatch = errors.New("last header hash mismatch")
 
@@ -48,38 +45,49 @@ func (sh *SignedHeader) Verify(untrstH *SignedHeader) error {
 		}
 	}
 
-	if sh.Height()+1 < untrstH.Height() {
-		return &header.VerifyError{
-			Reason: fmt.Errorf("%w: untrusted %d, trusted %d",
-				ErrNonAdjacentHeaders,
-				untrstH.Height(),
-				sh.Height(),
-			),
-			SoftFailure: true,
+	if sh.isAdjacent(untrstH) {
+		if err := sh.verifyHeaderHash(untrstH); err != nil {
+			return err
+		}
+		if err := sh.verifyCommitHash(untrstH); err != nil {
+			return err
 		}
 	}
 
-	sHHash := sh.Header.Hash()
-	if !bytes.Equal(untrstH.LastHeaderHash[:], sHHash) {
-		return &header.VerifyError{
-			Reason: fmt.Errorf("%w: expected %v, but got %v",
-				ErrLastHeaderHashMismatch,
-				untrstH.LastHeaderHash[:], sHHash,
-			),
-		}
+	return nil
+}
+
+// verifyHeaderHash verifies the header hash.
+func (sh *SignedHeader) verifyHeaderHash(untrstH *SignedHeader) error {
+	hash := sh.Hash()
+	if !bytes.Equal(hash, untrstH.LastHeader()) {
+		return sh.newVerifyError(ErrLastHeaderHashMismatch, hash, untrstH.LastHeader())
 	}
-	sHLastCommitHash := sh.Commit.GetCommitHash(&untrstH.Header, sh.ProposerAddress)
-	if !bytes.Equal(untrstH.LastCommitHash[:], sHLastCommitHash) {
-		return &header.VerifyError{
-			Reason: fmt.Errorf("%w: expected %v, but got %v",
-				ErrLastCommitHashMismatch,
-				untrstH.LastCommitHash[:], sHHash,
-			),
-		}
+	return nil
+}
+
+// verifyCommitHash verifies the commit hash.
+func (sh *SignedHeader) verifyCommitHash(untrstH *SignedHeader) error {
+	expectedCommitHash := sh.Commit.GetCommitHash(&untrstH.Header, sh.ProposerAddress)
+	if !bytes.Equal(expectedCommitHash, untrstH.LastCommitHash) {
+		return sh.newVerifyError(ErrLastCommitHashMismatch, expectedCommitHash, untrstH.LastCommitHash)
 	}
+
 	return nil
 }
 
+// isAdjacent checks if the height of headers is adjacent.
+func (sh *SignedHeader) isAdjacent(untrstH *SignedHeader) bool {
+	return sh.Height()+1 == untrstH.Height()
+}
+
+// newVerifyError creates and returns a new error verification.
+func (sh *SignedHeader) newVerifyError(err error, expected, got []byte) *header.VerifyError {
+	return &header.VerifyError{
+		Reason: fmt.Errorf("verification error at height %d: %w: expected %X, but got %X", sh.Height(), err, expected, got),
+	}
+}
+
 var (
 	// ErrAggregatorSetHashMismatch is returned when the aggregator set hash
 	// in the signed header doesn't match the hash of the validator set.

types/signed_header_test.go

@@ -32,14 +32,14 @@ func testVerify(t *testing.T, trusted *SignedHeader, untrustedAdj *SignedHeader,
 		prepare func() (*SignedHeader, bool) // Function to prepare the test case
 		err     error                        // Expected error
 	}{
-		// 1. Test valid
+		// 0. Test valid
 		// Verify valid adjacent headers
 		// Expect success
 		{
 			prepare: func() (*SignedHeader, bool) { return untrustedAdj, false },
 			err:     nil,
 		},
-		// 2. Test invalid LastHeaderHash link
+		// 1. Test invalid LastHeaderHash link
 		// break the LastHeaderHash link between the trusted and untrusted header
 		// Expect failure
 		{
@@ -52,7 +52,7 @@ func testVerify(t *testing.T, trusted *SignedHeader, untrustedAdj *SignedHeader,
 				Reason: ErrLastHeaderHashMismatch,
 			},
 		},
-		// 3. Test LastCommitHash link between trusted and untrusted header
+		// 2. Test LastCommitHash link between trusted and untrusted header
 		// break the LastCommitHash link between the trusted and untrusted header
 		// Expect failure
 		{
@@ -65,27 +65,39 @@ func testVerify(t *testing.T, trusted *SignedHeader, untrustedAdj *SignedHeader,
 				Reason: ErrLastCommitHashMismatch,
 			},
 		},
-		// 4. Test non-adjacent
-		// increments the BaseHeader.Height so it's unexpected
-		// Expect failure
+		// 3. Test non-adjacent
+		// increments the BaseHeader.Height so it's headers are non-adjacent
+		// Expect success
 		{
 			prepare: func() (*SignedHeader, bool) {
 				// Checks for non-adjacency
 				untrusted := *untrustedAdj
 				untrusted.Header.BaseHeader.Height++
 				return &untrusted, true
 			},
+			err: nil,
+		},
+		// 4. Test proposer verification
+		// changes the proposed address to a random address
+		// Expect failure
+		{
+			prepare: func() (*SignedHeader, bool) {
+				untrusted := *untrustedAdj
+				untrusted.Header.ProposerAddress = GetRandomBytes(32)
+				return &untrusted, true
+			},
 			err: &header.VerifyError{
-				Reason: ErrNonAdjacentHeaders,
+				Reason: ErrProposerVerificationFailed,
 			},
 		},
-		// 5. Test proposer verification
-		// changes the proposed address to a random address
+		// 5. Test proposer verification for non-adjacent headers
+		// changes the proposed address to a random address and updates height
 		// Expect failure
 		{
 			prepare: func() (*SignedHeader, bool) {
 				untrusted := *untrustedAdj
 				untrusted.Header.ProposerAddress = GetRandomBytes(32)
+				untrusted.BaseHeader.Height++
 				return &untrusted, true
 			},
 			err: &header.VerifyError{