mixin_bot 0.12.1 → 1.0.0

data/lib/mixin_bot/api/multisig.rb

@@ -3,241 +3,36 @@
 module MixinBot
   class API
     module Multisig
-      def outputs(**kwargs)
-        limit = kwargs[:limit] || 100
-        offset = kwargs[:offset] || ''
-        state = kwargs[:state] || ''
-        members = kwargs[:members] || []
-        threshold = kwargs[:threshold] || ''
-        access_token = kwargs[:access_token]
-        members = SHA3::Digest::SHA256.hexdigest(members&.sort&.join)
-
-        path = format(
-          '/multisigs/outputs?limit=%<limit>s&offset=%<offset>s&state=%<state>s&members=%<members>s&threshold=%<threshold>s',
-          limit: limit,
-          offset: offset,
-          state: state,
-          members: members,
-          threshold: threshold
-        )
-        access_token ||= access_token('GET', path, '')
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
-      end
-      alias multisigs outputs
-      alias multisig_outputs outputs
-
-      def create_output(receivers:, index:, hint: nil, access_token: nil)
-        path = '/outputs'
-        payload = {
-          receivers: receivers,
-          index: index,
-          hint: hint
-        }
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
-      end
-
-      MULTISIG_REQUEST_ACTIONS = %i[sign unlock].freeze
-      def create_multisig_request(action, raw, access_token: nil)
-        raise ArgumentError, "request action is limited in #{MULTISIG_REQUEST_ACTIONS.join(', ')}" unless MULTISIG_REQUEST_ACTIONS.include? action.to_sym
-
-        path = '/multisigs/requests'
-        payload = {
-          action: action,
+      def create_safe_multisig_request(request_id, raw, access_token: nil)
+        path = '/safe/multisigs'
+        payload = [{
+          request_id: request_id,
           raw: raw
-        }
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
-      end
+        }]
 
-      # transfer from the multisig address
-      def create_sign_multisig_request(raw, access_token: nil)
-        create_multisig_request 'sign', raw, access_token: access_token
-      end
-
-      # transfer from the multisig address
-      # create a request for unlock a multi-sign
-      def create_unlock_multisig_request(raw, access_token: nil)
-        create_multisig_request 'unlock', raw, access_token: access_token
-      end
-
-      def sign_multisig_request(request_id, pin)
-        path = format('/multisigs/requests/%<request_id>s/sign', request_id: request_id)
-        payload = {
-          pin: encrypt_pin(pin)
-        }
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
-      end
-
-      def unlock_multisig_request(request_id, pin)
-        path = format('/multisigs/requests/%<request_id>s/unlock', request_id: request_id)
-        payload = {
-          pin: encrypt_pin(pin)
-        }
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        client.post path, *payload
       end
 
-      def cancel_multisig_request(request_id, pin)
-        path = format('/multisigs/requests/%<request_id>s/cancel', request_id: request_id)
-        payload = {
-          pin: encrypt_pin(pin)
-        }
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
-      end
+      def sign_safe_multisig_request(request_id, raw, access_token: nil)
+        path = format('/safe/multisigs/%<request_id>s/sign', request_id:)
 
-      # pay to the multisig address
-      # used for create multisig payment code_id
-      def create_payment(**kwargs)
-        path = '/payments'
         payload = {
-          asset_id: kwargs[:asset_id],
-          amount: format('%.8f', kwargs[:amount].to_d.to_r),
-          trace_id: kwargs[:trace_id] || SecureRandom.uuid,
-          memo: kwargs[:memo],
-          opponent_multisig: {
-            receivers: kwargs[:receivers],
-            threshold: kwargs[:threshold]
-          }
+          raw:
         }
-        access_token = kwargs[:access_token]
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
-      end
-      alias create_multisig_payment create_payment
 
-      def verify_multisig(code_id, access_token: nil)
-        path = format('/codes/%<code_id>s', code_id: code_id)
-        access_token ||= access_token('GET', path, '')
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
+        client.post path, **payload
       end
 
-      def build_threshold_script(threshold)
-        s = threshold.to_s(16)
-        s = s.length == 1 ? "0#{s}" : s
-        raise 'NVALID THRESHOLD' if s.length > 2
+      def unlock_safe_multisig_request(request_id, access_token: nil)
+        path = format('/safe/multisigs/%<request_id>s/unlock', request_id:)
 
-        "fffe#{s}"
+        client.post path, access_token: access_token
       end
 
-      # kwargs:
-      # {
-      #   senders: [ uuid ],
-      #   senders_threshold: integer,
-      #   receivers: [ uuid ],
-      #   receivers_threshold: integer,
-      #   asset_id: uuid,
-      #   amount: string / float,
-      #   memo: string,
-      # }
-      RAW_TRANSACTION_ARGUMENTS = %i[utxos senders senders_threshold receivers receivers_threshold amount].freeze
-      def build_raw_transaction(**kwargs)
-        raise ArgumentError, "#{RAW_TRANSACTION_ARGUMENTS.join(', ')} are needed for build raw transaction" unless RAW_TRANSACTION_ARGUMENTS.all? { |param| kwargs.keys.include? param }
-
-        senders             = kwargs[:senders]
-        senders_threshold   = kwargs[:senders_threshold]
-        receivers           = kwargs[:receivers]
-        receivers_threshold = kwargs[:receivers_threshold]
-        amount              = kwargs[:amount]
-        asset_id            = kwargs[:asset_id]
-        asset_mixin_id      = kwargs[:asset_mixin_id]
-        utxos               = kwargs[:utxos]
-        memo                = kwargs[:memo]
-        extra               = kwargs[:extra]
-        access_token        = kwargs[:access_token]
-        outputs             = kwargs[:outputs] || []
-        hint                = kwargs[:hint]
-
-        raise 'access_token required!' if access_token.nil? && !senders.include?(client_id)
-
-        amount = amount.to_d.round(8)
-        input_amount = utxos.map(
-          &lambda { |utxo|
-            utxo['amount'].to_d
-          }
-        ).sum
-
-        if input_amount < amount
-          raise format(
-            'not enough amount! %<input_amount>s < %<amount>s',
-            input_amount: input_amount,
-            amount: amount
-          )
-        end
-
-        inputs = utxos.map(
-          &lambda { |utx|
-            {
-              'hash' => utx['transaction_hash'],
-              'index' => utx['output_index']
-            }
-          }
-        )
-
-        if outputs.empty?
-          receivers_threshold = 1 if receivers.size == 1
-          output0 = build_output(
-            receivers: receivers,
-            index: 0,
-            amount: amount,
-            threshold: receivers_threshold,
-            hint: hint
-          )
-          outputs.push output0
-
-          if input_amount > amount
-            output1 = build_output(
-              receivers: senders,
-              index: 1,
-              amount: input_amount - amount,
-              threshold: senders_threshold,
-              hint: hint
-            )
-            outputs.push output1
-          end
-        end
-
-        extra ||= Digest.hexencode(memo.to_s.slice(0, 140))
-        asset = asset_mixin_id || SHA3::Digest::SHA256.hexdigest(asset_id)
-        tx = {
-          version: 2,
-          asset: asset,
-          inputs: inputs,
-          outputs: outputs,
-          extra: extra
-        }
-
-        tx.to_json
-      end
-
-      def build_output(receivers:, index:, amount:, threshold:, hint: nil)
-        _output = create_output receivers: receivers, index: index, hint: hint
-        {
-          amount: format('%.8f', amount.to_d.to_r),
-          script: build_threshold_script(threshold),
-          mask: _output['mask'],
-          keys: _output['keys']
-        }
-      end
-
-      def str_to_bin(str)
-        return if str.nil?
-
-        str.scan(/../).map(&:hex).pack('c*')
-      end
+      def safe_multisig_request(request_id, access_token: nil)
+        path = format('/safe/multisigs/%<request_id>s', request_id:)
 
-      def generate_trace_from_hash(hash, output_index = 0)
-        MixinBot::Utils.generate_trace_from_hash hash, output_index
+        client.get path, access_token:
       end
     end
   end

data/lib/mixin_bot/api/output.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+module MixinBot
+  class API
+    module Output
+      def build_threshold_script(threshold)
+        s = threshold.to_s(16)
+        s = "0#{s}" if s.length == 1
+        raise 'NVALID THRESHOLD' if s.length > 2
+
+        "fffe#{s}"
+      end
+
+      def safe_outputs(**kwargs)
+        asset = kwargs[:asset] || kwargs[:asset_id]
+        limit = kwargs[:limit] || 500
+        offset = kwargs[:offset] || ''
+        state = kwargs[:state] || ''
+        access_token = kwargs[:access_token]
+        order = kwargs[:order] || 'ASC'
+        members = kwargs[:members] || [config.app_id]
+        threshold = kwargs[:threshold] || members.length
+
+        members_hash = SHA3::Digest::SHA256.hexdigest(members&.sort&.join)
+
+        path = '/safe/outputs'
+        params = {
+          asset:,
+          limit:,
+          offset:,
+          state:,
+          members: members_hash,
+          threshold:,
+          order:
+        }.compact
+
+        client.get path, **params, access_token:
+      end
+
+      def safe_output(id, access_token: nil)
+        path = format('/safe/outputs/%<id>s', id:)
+        client.get path, access_token:
+      end
+    end
+  end
+end

data/lib/mixin_bot/api/payment.rb

@@ -3,28 +3,17 @@
 module MixinBot
   class API
     module Payment
-      def pay_url(options)
-        format(
-          'https://mixin.one/pay?recipient=%<recipient_id>s&asset=%<asset>s&amount=%<amount>s&trace=%<trace>s&memo=%<memo>s',
-          recipient_id: options[:recipient_id],
-          asset: options[:asset_id],
-          amount: options[:amount].to_s,
-          trace: options[:trace],
-          memo: options[:memo]
-        )
-      end
+      def safe_pay_url(**kwargs)
+        members = kwargs[:members]
+        threshold = kwargs[:threshold]
+        asset_id = kwargs[:asset_id]
+        amount = kwargs[:amount]
+        memo = kwargs[:memo] || ''
+        trace_id = kwargs[:trace_id] || SecureRandom.uuid
 
-      # https://developers.mixin.one/api/alpha-mixin-network/verify-payment/
-      def verify_payment(options)
-        path = 'payments'
-        payload = {
-          asset_id: options[:asset_id],
-          opponent_id: options[:opponent_id],
-          amount: options[:amount].to_s,
-          trace_id: options[:trace]
-        }
+        mix_address = MixinBot.utils.build_mix_address(members, threshold)
 
-        client.post(path, json: payload)
+        "https://mixin.one/pay/#{mix_address}?amount=#{amount}&asset=#{asset_id}&memo=#{memo}&trace=#{trace_id}"
       end
     end
   end

data/lib/mixin_bot/api/pin.rb

@@ -4,89 +4,81 @@ module MixinBot
   class API
     module Pin
       # https://developers.mixin.one/api/alpha-mixin-network/verify-pin/
-      def verify_pin(pin_code)
+      def verify_pin(pin = nil)
+        pin ||= MixinBot.config.pin
+        raise ArgumentError, 'invalid pin' if pin.blank?
+
         path = '/pin/verify'
-        payload = {
-          pin: encrypt_pin(pin_code)
-        }
 
-        access_token = access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        payload =
+          if pin.length > 6
+            timestamp = (Time.now.utc.to_f * 1e9).to_i
+            pin_base64 = encrypt_tip_pin pin, 'TIP:VERIFY:', timestamp.to_s.rjust(32, '0')
+
+            {
+              pin_base64:,
+              timestamp:
+            }
+          else
+            {
+              pin: MixinBot.utils.encrypt_pin(pin)
+            }
+          end
+
+        client.post path, **payload
       end
 
       # https://developers.mixin.one/api/alpha-mixin-network/create-pin/
-      def update_pin(old_pin:, pin:)
+      def update_pin(pin:, old_pin: nil)
+        old_pin ||= MixinBot.config.pin
+        raise ArgumentError, 'invalid old pin' if old_pin.present? && old_pin.length != 6
+
         path = '/pin/update'
         encrypted_old_pin = old_pin.nil? ? '' : encrypt_pin(old_pin, iterator: Time.now.utc.to_i)
+
         encrypted_pin = encrypt_pin(pin, iterator: Time.now.utc.to_i + 1)
         payload = {
-          old_pin: encrypted_old_pin,
-          pin: encrypted_pin
+          old_pin_base64: encrypted_old_pin,
+          pin_base64: encrypted_pin
         }
 
-        access_token = access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        client.post path, **payload
       end
 
-      # decrypt the encrpted pin, just for test
-      def decrypt_pin(msg)
-        msg = Base64.strict_decode64 msg
-        iv = msg[0..15]
-        cipher = msg[16..47]
-        alg = 'AES-256-CBC'
-        decode_cipher = OpenSSL::Cipher.new(alg)
-        decode_cipher.decrypt
-        decode_cipher.iv = iv
-        decode_cipher.key = _generate_aes_key
-        decoded = decode_cipher.update(cipher)
-        decoded[0..5]
+      def prepare_tip_key(counter = 0)
+        ed25519_key = JOSE::JWA::Ed25519.keypair
+
+        private_key = ed25519_key[1].unpack1('H*')
+        public_key = (ed25519_key[0].bytes + MixinBot::Utils.encode_uint_64(counter + 1)).pack('c*').unpack1('H*')
+
+        {
+          private_key:,
+          public_key:
+        }
       end
 
-      # https://developers.mixin.one/api/alpha-mixin-network/encrypted-pin/
-      # use timestamp(timestamp) for iterator as default: must be bigger than the previous, the first time must be greater than 0. After a new session created, it will be reset to 0.
-      def encrypt_pin(pin_code, iterator: nil)
-        iterator ||= Time.now.utc.to_i
-        tszero = iterator % 0x100
-        tsone = (iterator % 0x10000) >> 8
-        tstwo = (iterator % 0x1000000) >> 16
-        tsthree = (iterator % 0x100000000) >> 24
-        tsstring = "#{tszero.chr}#{tsone.chr}#{tstwo.chr}#{tsthree.chr}\u0000\u0000\u0000\u0000"
-        encrypt_content = pin_code + tsstring + tsstring
-        pad_count = 16 - encrypt_content.length % 16
-        padded_content =
-          if pad_count.positive?
-            encrypt_content + pad_count.chr * pad_count
-          else
-            encrypt_content
-          end
+      def encrypt_pin(pin, iterator: nil)
+        MixinBot.utils.encrypt_pin(pin, iterator:, shared_key: generate_shared_key_with_server)
+      end
 
-        alg = 'AES-256-CBC'
-        aes = OpenSSL::Cipher.new(alg)
-        iv = OpenSSL::Cipher.new(alg).random_iv
-        aes.encrypt
-        aes.key = _generate_aes_key
-        aes.iv = iv
-        cipher = aes.update(padded_content)
-        msg = iv + cipher
-        Base64.strict_encode64 msg
+      def decrypt_pin(msg)
+        MixinBot.utils.decrypt_pin msg, shared_key: generate_shared_key_with_server
       end
-    end
 
-    def _generate_aes_key
-      if pin_token.size == 32
-        JOSE::JWA::X25519.x25519(
-          JOSE::JWA::Ed25519.secret_to_curve25519(private_key[0..31]),
-          pin_token
-        )
-      else
-        JOSE::JWA::PKCS1.rsaes_oaep_decrypt(
-          'SHA256',
-          pin_token,
-          OpenSSL::PKey::RSA.new(private_key),
-          session_id
-        )
+      def generate_shared_key_with_server
+        if config.server_public_key.size == 32
+          JOSE::JWA::X25519.x25519(
+            config.session_private_key_curve25519,
+            config.server_public_key_curve25519
+          )
+        else
+          JOSE::JWA::PKCS1.rsaes_oaep_decrypt(
+            'SHA256',
+            config.server_public_key,
+            OpenSSL::PKey::RSA.new(config.session_private_key),
+            session_id
+          )
+        end
       end
     end
   end

data/lib/mixin_bot/api/rpc.rb

@@ -6,18 +6,16 @@ module MixinBot
       def rpc_proxy(method, params = [], access_token: nil)
         path = '/external/proxy'
         payload = {
-          method: method,
-          params: params
+          method:,
+          params:
         }
 
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        client.post path, **payload, access_token:
       end
 
       # send a signed transaction to main net
       def send_raw_transaction(raw, access_token: nil)
-        rpc_proxy('sendrawtransaction', [raw], access_token: access_token)
+        rpc_proxy('sendrawtransaction', [raw], access_token:)
       end
 
       def get_transaction(hash, access_token: nil)
@@ -25,23 +23,23 @@ module MixinBot
       end
 
       def get_utxo(hash, index = 0, access_token: nil)
-        rpc_proxy 'getutxo', [hash, index], access_token: access_token
+        rpc_proxy 'getutxo', [hash, index], access_token:
       end
 
       def get_snapshot(hash, access_token: nil)
-        rpc_proxy 'getsnapshot', [hash], access_token: access_token
+        rpc_proxy 'getsnapshot', [hash], access_token:
       end
 
       def list_snapshots(offset = 0, count = 10, sig = false, tx = false, access_token: nil)
-        rpc_proxy 'listsnapshots', [offset, count, sig, tx], access_token: access_token
+        rpc_proxy 'listsnapshots', [offset, count, sig, tx], access_token:
       end
 
       def list_mint_works(offset = 0, access_token: nil)
-        rpc_proxy 'listmintworks', [offset], access_token: access_token
+        rpc_proxy 'listmintworks', [offset], access_token:
       end
 
       def list_mint_distributions(offset = 0, count = 10, tx = false, access_token: nil)
-        rpc_proxy 'listmintdistributions', [offset, count, tx], access_token: access_token
+        rpc_proxy 'listmintdistributions', [offset, count, tx], access_token:
       end
     end
   end

data/lib/mixin_bot/api/snapshot.rb

@@ -3,45 +3,31 @@
 module MixinBot
   class API
     module Snapshot
-      def network_snapshots(**options)
-        path = format(
-          '/network/snapshots?limit=%<limit>s&offset=%<offset>s&asset=%<asset>s&order=%<order>s',
-          limit: options[:limit],
-          offset: options[:offset],
-          asset: options[:asset],
-          order: options[:order]
-        )
-
-        access_token = options[:access_token] || access_token('GET', path)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
-      end
-      alias read_network_snapshots network_snapshots
-
-      def snapshots(**options)
-        path = format(
-          '/snapshots?limit=%<limit>s&offset=%<offset>s&asset=%<asset>s&opponent=%<opponent>s&order=%<order>s',
+      def safe_snapshots(**options)
+        path = '/safe/snapshots'
+        params = {
           limit: options[:limit],
           offset: options[:offset],
           asset: options[:asset],
           opponent: options[:opponent],
+          app: options[:app_id],
           order: options[:order]
-        )
+        }
 
-        access_token = options[:access_token] || access_token('GET', path)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
+        client.get path, **params
       end
-      alias read_snapshots snapshots
 
-      def network_snapshot(snapshot_id, **options)
-        path = format('/network/snapshots/%<snapshot_id>s', snapshot_id: snapshot_id)
+      def create_safe_snapshot_notification(**kwargs)
+        path = '/safe/snapshots/notifications'
+
+        payload = {
+          transaction_hash: kwargs[:transaction_hash],
+          output_index: kwargs[:output_index],
+          receiver_id: kwargs[:receiver_id]
+        }
 
-        access_token = options[:access_token] || access_token('GET', path)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
+        client.post path, **payload, access_token: kwargs[:access_token]
       end
-      alias read_network_snapshot network_snapshot
     end
   end
 end

data/lib/mixin_bot/api/tip.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module MixinBot
+  class API
+    module Tip
+      TIP_ACTIONS = %w[
+        TIP:VERIFY:
+        TIP:ADDRESS:ADD:
+        TIP:ADDRESS:REMOVE:
+        TIP:USER:DEACTIVATE:
+        TIP:EMERGENCY:CONTACT:CREATE:
+        TIP:EMERGENCY:CONTACT:READ:
+        TIP:EMERGENCY:CONTACT:REMOVE:
+        TIP:PHONE:NUMBER:UPDATE:
+        TIP:MULTISIG:REQUEST:SIGN:
+        TIP:MULTISIG:REQUEST:UNLOCK:
+        TIP:COLLECTIBLE:REQUEST:SIGN:
+        TIP:COLLECTIBLE:REQUEST:UNLOCK:
+        TIP:TRANSFER:CREATE:
+        TIP:WITHDRAWAL:CREATE:
+        TIP:TRANSACTION:CREATE:
+        TIP:OAUTH:APPROVE:
+        TIP:PROVISIONING:UPDATE:
+        TIP:APP:OWNERSHIP:TRANSFER:
+        SEQUENCER:REGISTER:
+      ].freeze
+
+      def encrypt_tip_pin(pin, action, *params)
+        raise ArgumentError, 'invalid action' unless TIP_ACTIONS.include? action
+
+        pin_key = MixinBot.utils.decode_key pin
+
+        msg = action + params.flatten.map(&:to_s).join
+
+        msg = Digest::SHA256.digest(msg) unless action == 'TIP:VERIFY:'
+
+        signature = JOSE::JWA::Ed25519.sign msg, pin_key
+
+        encrypt_pin signature
+      end
+    end
+  end
+end