mixin_bot 0.12.1 → 1.1.0

data/lib/mixin_bot/api/user.rb

@@ -3,76 +3,111 @@
 module MixinBot
   class API
     module User
-      # https://developers.mixin.one/api/beta-mixin-message/read-user/
-      def read_user(user_id)
-        # user_id: Mixin User UUID
-        path = format('/users/%<user_id>s', user_id: user_id)
-        access_token = access_token('GET', path, '')
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
+      def user(user_id, access_token: nil)
+        path = format('/users/%<user_id>s', user_id:)
+        client.get path, access_token:
       end
 
-      # https://developers.mixin.one/api/alpha-mixin-network/app-user/
-      # Create a new Mixin Network user (like a normal Mixin Messenger user). You should keep PrivateKey which is used to sign an AuthenticationToken and encrypted PIN for the user.
-      def create_user(full_name, key_type: 'RSA', rsa_key: nil, ed25519_key: nil)
-        case key_type
-        when 'RSA'
-          rsa_key ||= generate_rsa_key
-          session_secret = rsa_key[:public_key].gsub(/^-----.*PUBLIC KEY-----$/, '').strip
-        when 'Ed25519'
-          ed25519_key ||= generate_ed25519_key
-          session_secret = ed25519_key[:public_key]
-        else
-          raise 'Only RSA and Ed25519 are supported'
-        end
+      def create_user(full_name, key: nil)
+        keypair = JOSE::JWA::Ed25519.keypair key
+        session_secret = Base64.urlsafe_encode64 keypair[0], padding: false
+        private_key = keypair[1].unpack1('H*')
 
+        path = '/users'
         payload = {
-          full_name: full_name,
-          session_secret: session_secret
+          full_name:,
+          session_secret:
         }
-        access_token = access_token('POST', '/users', payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        res = client.post('/users', headers: { 'Authorization': authorization }, json: payload)
 
-        res.merge(rsa_key: rsa_key, ed25519_key: ed25519_key)
+        res = client.post path, **payload
+        res.merge(private_key:).with_indifferent_access
       end
 
-      def generate_rsa_key
-        rsa_key = OpenSSL::PKey::RSA.new 1024
-        {
-          private_key: rsa_key.to_pem,
-          public_key: rsa_key.public_key.to_pem
-        }
+      def search_user(query, access_token: nil)
+        path = format('/search/%<query>s', query:)
+
+        client.get path, access_token:
       end
 
-      def generate_ed25519_key
-        ed25519_key = JOSE::JWA::Ed25519.keypair
-        {
-          private_key: Base64.strict_encode64(ed25519_key[1]),
-          public_key: Base64.strict_encode64(ed25519_key[0])
+      def fetch_users(user_ids)
+        path = '/users/fetch'
+        user_ids = [user_ids] if user_ids.is_a? String
+        payload = user_ids
+
+        client.post path, *payload
+      end
+
+      def create_safe_user(name, private_key: nil, spend_key: nil)
+        private_keypair = JOSE::JWA::Ed25519.keypair private_key
+        private_key = private_keypair[1].unpack1('H*')
+
+        spend_keypair = JOSE::JWA::Ed25519.keypair spend_key
+        spend_key = spend_keypair[1].unpack1('H*')
+
+        user = create_user name, key: private_keypair[1][...32]
+
+        keystore = {
+          app_id: user['data']['user_id'],
+          session_id: user['data']['session_id'],
+          private_key:,
+          pin_token: user['data']['pin_token_base64'],
+          spend_key: spend_keypair[1].unpack1('H*')
         }
+        user_api = MixinBot::API.new(**keystore)
+
+        user_api.update_pin pin: MixinBot.utils.tip_public_key(spend_keypair[0], counter: user['data']['tip_counter'])
+
+        # wait for tip pin update in server
+        sleep 1
+
+        user_api.safe_register spend_key
+
+        keystore
       end
 
-      # https://developers.mixin.one/api/beta-mixin-message/search-user/
-      # search by Mixin Id or Phone Number
-      def search_user(query)
-        path = format('/search/%<query>s', query: query)
+      def safe_register(pin, spend_key: nil)
+        path = '/safe/users'
+
+        spend_key ||= MixinBot.utils.decode_key pin
+        key = JOSE::JWA::Ed25519.keypair spend_key[...32]
+        public_key = key[0].unpack1('H*')
+
+        hex = SHA3::Digest::SHA256.hexdigest config.app_id
+        signature = Base64.urlsafe_encode64 JOSE::JWA::Ed25519.sign([hex].pack('H*'), key[1]), padding: false
 
-        access_token = access_token('GET', path, '')
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
+        pin_base64 = encrypt_tip_pin pin, 'SEQUENCER:REGISTER:', config.app_id, public_key
+
+        payload = {
+          public_key:,
+          signature:,
+          pin_base64:
+        }
+
+        client.post path, **payload
       end
 
-      # https://developers.mixin.one/api/beta-mixin-message/read-users/
-      def fetch_users(user_ids)
-        # user_ids: a array of user_ids
-        path = '/users/fetch'
-        user_ids = [user_ids] if user_ids.is_a? String
-        payload = user_ids
+      def migrate_to_safe(spend_key:, pin: nil)
+        profile = me['data']
+        return true if profile['has_safe']
+
+        spend_keypair = JOSE::JWA::Ed25519.keypair spend_key
+        spend_key = spend_keypair[1].unpack1('H*')
 
-        access_token = access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        if profile['tip_key_base64'].blank?
+          new_pin = MixinBot.utils.tip_public_key(spend_keypair[0], counter: profile['tip_counter'])
+          update_pin(pin: new_pin, old_pin: pin)
+
+          pin = new_pin
+        end
+
+        # wait for tip pin update in server
+        sleep 1
+
+        safe_register pin, spend_key
+
+        {
+          spend_key:
+        }.with_indifferent_access
       end
     end
   end

data/lib/mixin_bot/api/withdraw.rb

@@ -3,75 +3,74 @@
 module MixinBot
   class API
     module Withdraw
-      # https://developers.mixin.one/api/alpha-mixin-network/create-address/
-      def create_withdraw_address(options, access_token: nil)
+      def create_withdraw_address(**kwargs)
         path = '/addresses'
-        encrypted_pin = encrypt_pin(options[:pin])
+        pin = kwargs[:pin]
         payload =
-          # for EOS withdraw, account_name & account_tag must be valid
-          if options[:public_key].nil?
-            {
-              asset_id: options[:asset_id],
-              account_name: options[:account_name],
-              account_tag: options[:account_tag],
-              label: options[:label],
-              pin: encrypted_pin
-            }
-          # for other withdraw
-          else
-            {
-              asset_id: options[:asset_id],
-              public_key: options[:public_key],
-              label: options[:label],
-              pin: encrypted_pin
-            }
-          end
+          {
+            asset_id: kwargs[:asset_id],
+            destination: kwargs[:destination],
+            tag: kwargs[:tag],
+            label: kwargs[:label]
+          }
+
+        if pin.length > 6
+          payload[:pin_base64] = encrypt_tip_pin pin, 'TIP:ADDRESS:ADD:', payload[:asset_id], payload[:destination], payload[:tag], payload[:label]
+        else
+          payload[:pin] = encrypt_pin pin
+        end
 
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        client.post path, **payload
       end
 
-      # https://developers.mixin.one/api/alpha-mixin-network/read-address/
       def get_withdraw_address(address, access_token: nil)
-        path = format('/addresses/%<address>s', address: address)
-        access_token ||= access_token('GET', path, '')
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.get(path, headers: { 'Authorization': authorization })
+        path = format('/addresses/%<address>s', address:)
+
+        client.get path, access_token:
       end
 
-      # https://developers.mixin.one/api/alpha-mixin-network/delete-address/
-      def delete_withdraw_address(address, pin, access_token: nil)
-        path = format('/addresses/%<address>s/delete', address: address)
-        payload = {
-          pin: encrypt_pin(pin)
-        }
+      def delete_withdraw_address(address, **kwargs)
+        pin = kwargs[:pin]
 
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        path = format('/addresses/%<address>s/delete', address:)
+        payload =
+          if pin.length > 6
+            {
+              pin_base64: encrypt_tip_pin(pin, 'TIP:ADDRESS:REMOVE:', address)
+            }
+          else
+            {
+              pin: encrypt_pin(pin)
+            }
+          end
+
+        client.post path, **payload
       end
 
-      # https://developers.mixin.one/api/alpha-mixin-network/withdrawal-addresses/
-      def withdrawals(options, access_token: nil)
-        address_id = options[:address_id]
-        pin = options[:pin]
-        amount = options[:amount]
-        trace_id = options[:trace_id]
-        memo = options[:memo]
+      def withdrawals(**kwargs)
+        address_id = kwargs[:address_id]
+        pin = kwargs[:pin]
+        amount = format('%.8f', kwargs[:amount].to_d.to_r)
+        trace_id = kwargs[:trace_id]
+        memo = kwargs[:memo]
+        kwargs[:access_token]
 
         path = '/withdrawals'
         payload = {
-          address_id: address_id,
-          amount: amount,
-          trace_id: trace_id,
-          memo: memo,
-          pin: encrypt_pin(pin)
+          address_id:,
+          amount:,
+          trace_id:,
+          memo:
         }
 
-        access_token ||= access_token('POST', path, payload.to_json)
-        authorization = format('Bearer %<access_token>s', access_token: access_token)
-        client.post(path, headers: { 'Authorization': authorization }, json: payload)
+        if pin.length > 6
+          fee = '0'
+          payload[:pin_base64] = encrypt_tip_pin pin, 'TIP:WITHDRAW:', address_id, amount, fee, trace_id, memo
+        else
+          payload[:pin] = encrypt_pin pin
+        end
+
+        client.post path, **payload
       end
     end
   end

data/lib/mixin_bot/api.rb

@@ -1,62 +1,87 @@
 # frozen_string_literal: true
 
-require_relative './client'
-require_relative './api/app'
-require_relative './api/asset'
-require_relative './api/attachment'
-require_relative './api/auth'
-require_relative './api/blaze'
-require_relative './api/collectible'
-require_relative './api/conversation'
-require_relative './api/encrypted_message'
-require_relative './api/me'
-require_relative './api/message'
-require_relative './api/multisig'
-require_relative './api/payment'
-require_relative './api/pin'
-require_relative './api/rpc'
-require_relative './api/snapshot'
-require_relative './api/transaction'
-require_relative './api/transfer'
-require_relative './api/user'
-require_relative './api/withdraw'
+require_relative 'client'
+require_relative 'configuration'
+require_relative 'api/address'
+require_relative 'api/app'
+require_relative 'api/asset'
+require_relative 'api/attachment'
+require_relative 'api/auth'
+require_relative 'api/blaze'
+require_relative 'api/conversation'
+require_relative 'api/encrypted_message'
+require_relative 'api/inscription'
+require_relative 'api/legacy_collectible'
+require_relative 'api/legacy_multisig'
+require_relative 'api/legacy_output'
+require_relative 'api/legacy_payment'
+require_relative 'api/legacy_snapshot'
+require_relative 'api/legacy_transaction'
+require_relative 'api/legacy_transfer'
+require_relative 'api/me'
+require_relative 'api/message'
+require_relative 'api/multisig'
+require_relative 'api/output'
+require_relative 'api/payment'
+require_relative 'api/pin'
+require_relative 'api/rpc'
+require_relative 'api/snapshot'
+require_relative 'api/tip'
+require_relative 'api/transaction'
+require_relative 'api/transfer'
+require_relative 'api/user'
+require_relative 'api/withdraw'
 
 module MixinBot
   class API
-    attr_reader :client_id, :client_secret, :session_id, :pin_token, :private_key, :client, :blaze_host, :key_type
-
-    def initialize(options = {})
-      @client_id = options[:client_id] || MixinBot.client_id
-      @client_secret = options[:client_secret] || MixinBot.client_secret
-      @session_id = options[:session_id] || MixinBot.session_id
-      @client = Client.new(MixinBot.api_host || 'api.mixin.one')
-      @blaze_host = MixinBot.blaze_host || 'blaze.mixin.one'
-      @pin_token =
-        begin
-          Base64.urlsafe_decode64 options[:pin_token] || MixinBot.pin_token
-        rescue StandardError
-          ''
+    attr_reader :config, :client
+
+    def initialize(**kwargs)
+      @config =
+        if kwargs.present?
+          MixinBot::Configuration.new(**kwargs)
+        else
+          MixinBot.config
         end
-      _private_key = options[:private_key] || MixinBot.private_key
-      if /^-----BEGIN RSA PRIVATE KEY-----/.match? _private_key
-        @private_key = _private_key.gsub('\\r\\n', "\n").gsub("\r\n", "\n")
-        @key_type = :rsa
-      else
-        @private_key = Base64.urlsafe_decode64 _private_key
-        @key_type = :ed25519
-      end
+
+      @client = Client.new(@config)
+    end
+
+    def utils
+      MixinBot::Utils
+    end
+
+    def client_id
+      config.app_id
     end
 
-    def sign_raw_transaction(tx)
-      MixinBot::Utils.sign_raw_transaction tx
+    def access_token(method, uri, body, **kwargs)
+      utils.access_token(
+        method,
+        uri,
+        body,
+        exp_in: kwargs.delete(:exp_in) || 600,
+        scp: kwargs.delete(:scp) || 'FULL',
+        app_id: config.app_id,
+        session_id: config.session_id,
+        private_key: config.session_private_key
+      )
+    end
+
+    def encode_raw_transaction(txn)
+      utils.encode_raw_transaction txn
     end
 
     def decode_raw_transaction(raw)
-      MixinBot::Utils.decode_raw_transaction raw
+      utils.decode_raw_transaction raw
+    end
+
+    def generate_trace_from_hash(hash, output_index = 0)
+      utils.generate_trace_from_hash hash, output_index
     end
 
     # Use a mixin software to implement transaction build
-    def sign_raw_transaction_native(json)
+    def encode_raw_transaction_native(json)
       ensure_mixin_command_exist
       command = format("mixin signrawtransaction --raw '%<arg>s'", arg: json)
 
@@ -77,21 +102,31 @@ module MixinBot
       JSON.parse output.chomp
     end
 
+    include MixinBot::API::Address
     include MixinBot::API::App
     include MixinBot::API::Asset
     include MixinBot::API::Attachment
     include MixinBot::API::Auth
     include MixinBot::API::Blaze
-    include MixinBot::API::Collectible
     include MixinBot::API::Conversation
     include MixinBot::API::EncryptedMessage
+    include MixinBot::API::Inscription
+    include MixinBot::API::LegacyCollectible
+    include MixinBot::API::LegacyMultisig
+    include MixinBot::API::LegacyOutput
+    include MixinBot::API::LegacyPayment
+    include MixinBot::API::LegacySnapshot
+    include MixinBot::API::LegacyTransaction
+    include MixinBot::API::LegacyTransfer
     include MixinBot::API::Me
     include MixinBot::API::Message
     include MixinBot::API::Multisig
+    include MixinBot::API::Output
     include MixinBot::API::Payment
     include MixinBot::API::Pin
     include MixinBot::API::Rpc
     include MixinBot::API::Snapshot
+    include MixinBot::API::Tip
     include MixinBot::API::Transaction
     include MixinBot::API::Transfer
     include MixinBot::API::User

data/lib/mixin_bot/cli/api.rb

@@ -34,16 +34,16 @@ module MixinBot
         end
 
       access_token = options[:accesstoken] || api_instance.access_token(options[:method].upcase, path, payload.blank? ? '' : payload.to_json)
-      authorization = format('Bearer %<access_token>s', access_token: access_token)
+      authorization = format('Bearer %<access_token>s', access_token:)
       res = {}
 
       CLI::UI::Spinner.spin("#{options[:method]} #{path}, payload: #{payload}") do |_spinner|
         res =
           case options[:method].downcase.to_sym
           when :post
-            api_instance.client.post(path, headers: { 'Authorization': authorization }, json: payload)
+            api_instance.client.post(path, headers: { Authorization: authorization }, json: payload)
           when :get
-            api_instance.client.get(path, headers: { 'Authorization': authorization })
+            api_instance.client.get(path, headers: { Authorization: authorization })
           end
       end
 
@@ -52,19 +52,163 @@ module MixinBot
 
     desc 'authcode', 'code to authorize other mixin account'
     option :keystore, type: :string, aliases: '-k', required: true, desc: 'keystore or keystore.json file path'
-    option :client_id, type: :string, required: true, aliases: '-c', desc: 'client_id of bot to authorize'
+    option :app_id, type: :string, required: true, aliases: '-c', desc: 'app_id of bot to authorize'
     option :scope, type: :array, default: ['PROFILE:READ'], aliases: '-s', desc: 'scope to authorize'
     def authcode
       res = {}
       CLI::UI::Spinner.spin('POST /oauth/authorize') do |_spinner|
         res =
           api_instance.authorize_code(
-            user_id: options[:client_id],
+            user_id: options[:app_id],
             scope: options[:scope],
             pin: keystore['pin']
           )
       end
       log res['data']
     end
+
+    desc 'updatetip PIN', 'update TIP pin'
+    option :keystore, type: :string, aliases: '-k', required: true, desc: 'keystore or keystore.json file path'
+    def updatetip(pin)
+      profile = api_instance.me
+      log UI.fmt "{{v}} #{profile['full_name']}, TIP counter: #{profile['tip_counter']}"
+
+      counter = profile['tip_counter']
+      key = api_instance.prepare_tip_key counter
+      log UI.fmt "{{v}} Generated key: #{key[:private_key]}"
+
+      res = api_instance.update_pin old_pin: pin.to_s, pin: key[:public_key]
+
+      log({
+            pin: key[:private_key],
+            tip_key_base64: res['tip_key_base64']
+          })
+    rescue StandardError => e
+      log UI.fmt "{{x}} #{e.inspect}"
+    end
+
+    desc 'verifypin PIN', 'verify pin'
+    option :keystore, type: :string, aliases: '-k', required: true, desc: 'keystore or keystore.json file path'
+    def verifypin(pin)
+      res = api_instance.verify_pin pin.to_s
+
+      log res
+    rescue StandardError => e
+      log UI.fmt "{{x}} #{e.inspect}"
+    end
+
+    desc 'transfer USER_ID', 'transfer asset to USER_ID'
+    option :asset, type: :string, required: true, desc: 'Asset ID'
+    option :amount, type: :numeric, required: true, desc: 'Amount'
+    option :memo, type: :string, required: false, desc: 'memo'
+    option :keystore, type: :string, aliases: '-k', required: true, desc: 'keystore or keystore.json file path'
+    def transfer(user_id)
+      res = {}
+
+      CLI::UI::Spinner.spin "Try to transfer #{options[:amount]} #{options[:asset]} to #{user_id}" do |_spinner|
+        res = api_instance.create_transfer(
+          keystore['pin'],
+          {
+            asset_id: options[:asset],
+            opponent_id: user_id,
+            amount: options[:amount],
+            memo: options[:memo]
+          }
+        )
+      end
+
+      return unless res['snapshot_id'].present?
+
+      log UI.fmt "{{v}} Finished: https://mixin.one/snapshots/#{res['snapshot_id']}"
+    end
+
+    desc 'saferegister', 'register SAFE network'
+    option :spend_key, type: :string, required: true, desc: 'spend_key'
+    option :keystore, type: :string, aliases: '-k', required: true, desc: 'keystore or keystore.json file path'
+    def saferegister
+      res = api_instance.safe_register options[:spend_key]
+      log res
+    end
+
+    desc 'pay', 'generate payment url'
+    option :members, type: :array, required: true, desc: 'Reveivers, maybe multisig'
+    option :threshold, type: :numeric, required: false, default: 1, desc: 'Threshold of multisig'
+    option :asset, type: :string, required: true, desc: 'Asset ID'
+    option :amount, type: :numeric, required: true, desc: 'Amount'
+    option :trace, type: :string, required: false, desc: 'Trace ID'
+    option :memo, type: :string, required: false, desc: 'memo'
+    def pay
+      url = api_instance.safe_pay_url(
+        members: options[:members],
+        threshold: options[:threshold],
+        asset_id: options[:asset],
+        amount: options[:amount],
+        trace_id: options[:trace],
+        memo: options[:memo]
+      )
+
+      log UI.fmt "{{v}} #{url}"
+    end
+
+    desc 'safetransfer USER_ID', 'transfer asset to USER_ID with SAFE network'
+    option :asset, type: :string, required: true, desc: 'Asset ID'
+    option :amount, type: :numeric, required: true, desc: 'Amount'
+    option :trace, type: :string, required: false, desc: 'Trace ID'
+    option :memo, type: :string, required: false, desc: 'memo'
+    option :keystore, type: :string, aliases: '-k', required: true, desc: 'keystore or keystore.json file path'
+    def safetransfer(user_id)
+      amount = options[:amount].to_d
+      asset = options[:asset]
+      memo = options[:memo] || ''
+
+      # step 1: select inputs
+      outputs = api_instance.safe_outputs(state: 'unspent', asset_id: asset, limit: 500)['data'].sort_by { |o| o['amount'].to_d }
+      balance = outputs.sum(&->(output) { output['amount'].to_d })
+
+      utxos = []
+      outputs.each do |output|
+        break if utxos.sum { |o| o['amount'].to_d } >= amount
+
+        utxos.shift if utxos.size >= 255
+        utxos << output
+      end
+
+      log UI.fmt "Step 1/7: {{v}} Found #{outputs.count} unspent outputs, balance: #{balance}, selected #{utxos.count} outputs"
+
+      # step 2: build transaction
+      tx = api_instance.build_safe_transaction(
+        utxos:,
+        receivers: [
+          members: [user_id],
+          threshold: 1,
+          amount:
+        ],
+        extra: memo
+      )
+      raw = MixinBot::Utils.encode_raw_transaction tx
+      log UI.fmt "Step 2/5: {{v}} Built raw: #{raw}"
+
+      # step 3: verify transaction
+      request_id = SecureRandom.uuid
+      request = api_instance.create_safe_transaction_request(request_id, raw)['data']
+      log UI.fmt "Step 3/5: {{v}} Verified transaction, request_id: #{request[0]['request_id']}"
+
+      # step 4: sign transaction
+      signed_raw = api_instance.sign_safe_transaction(
+        raw:,
+        utxos:,
+        request: request[0]
+      )
+      log UI.fmt "Step 4/5: {{v}} Signed transaction: #{signed_raw}"
+
+      # step 5: submit transaction
+      r = api_instance.send_safe_transaction(
+        request_id,
+        signed_raw
+      )
+      log UI.fmt "Step 5/5: {{v}} Submit transaction, hash: #{r['data'].first['transaction_hash']}"
+    rescue StandardError => e
+      log UI.fmt "{{x}} #{e.inspect}"
+    end
   end
 end