mpp-rb 0.1.0

data/lib/mpp/methods/tempo/intents.rb

@@ -0,0 +1,377 @@
+# typed: false
+# frozen_string_literal: true
+
+require "time"
+require "json"
+
+module Mpp
+  module Methods
+    module Tempo
+      MAX_RECEIPT_RETRY_ATTEMPTS = 20
+      RECEIPT_RETRY_DELAY_SECONDS = 0.5
+
+      TRANSFER_SELECTOR = "a9059cbb"
+      TRANSFER_WITH_MEMO_SELECTOR = "95777d59"
+      TRANSFER_TOPIC = "0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef"
+      TRANSFER_WITH_MEMO_TOPIC = "0x57bc7354aa85aed339e000bccffabbc529466af35f0772c8f8ee1145927de7f0"
+
+      # Tempo charge intent for server-side verification.
+      class ChargeIntent
+        attr_reader :name
+        attr_accessor :rpc_url
+
+        def initialize(chain_id: nil, rpc_url: nil, timeout: 30, store: nil)
+          @name = "charge"
+          @rpc_url = rpc_url || (chain_id ? Defaults.rpc_url_for_chain(chain_id) : nil)
+          @_method = nil
+          @timeout = timeout
+          @store = store
+        end
+
+        def fee_payer
+          @_method&.fee_payer
+        end
+
+        def verify(credential, request)
+          req = Schemas::ChargeRequest.from_hash(request)
+
+          # Check challenge expiry
+          challenge_expires = credential.challenge.expires
+          if challenge_expires
+            expires = Time.iso8601(challenge_expires.gsub("Z", "+00:00"))
+            raise Mpp::VerificationError, "Request has expired" if expires < Time.now.utc
+          end
+
+          payload_data = credential.payload
+          unless payload_data.is_a?(Hash) && payload_data.key?("type")
+            raise Mpp::VerificationError,
+              "Invalid credential payload"
+          end
+
+          case payload_data["type"]
+          when "hash"
+            payload = Schemas::HashCredentialPayload.new(type: "hash", hash: payload_data["hash"])
+            verify_hash(payload, req)
+          when "transaction"
+            payload = Schemas::TransactionCredentialPayload.new(
+              type: "transaction", signature: payload_data["signature"]
+            )
+            verify_transaction(payload, req)
+          when "proof"
+            payload = Schemas::ProofCredentialPayload.new(
+              type: "proof", signature: payload_data["signature"]
+            )
+            verify_proof(payload, req, credential: credential)
+          else
+            raise Mpp::VerificationError, "Invalid credential type: #{payload_data["type"]}"
+          end
+        end
+
+        private
+
+        def get_rpc_url
+          raise Mpp::VerificationError, "No rpc_url configured on ChargeIntent" unless @rpc_url
+
+          @rpc_url
+        end
+
+        def verify_hash(payload, request)
+          if @store
+            store_key = "mpp:charge:#{payload.hash.downcase}"
+            raise Mpp::VerificationError, "Transaction hash already used" unless @store.put_if_absent(store_key,
+              payload.hash)
+          end
+
+          rpc_url = get_rpc_url
+          result = Rpc.call(rpc_url, "eth_getTransactionReceipt", [payload.hash])
+
+          raise Mpp::VerificationError, "Transaction not found" unless result
+          raise Mpp::VerificationError, "Transaction reverted" unless result["status"] == "0x1"
+          unless verify_transfer_logs(
+            result, request
+          )
+            raise Mpp::VerificationError,
+              "Transaction must contain a Transfer log matching request parameters"
+          end
+
+          Mpp::Receipt.success(payload.hash)
+        end
+
+        def verify_transaction(payload, request)
+          validate_transaction_payload(payload.signature, request)
+
+          raw_tx = payload.signature
+
+          if request.method_details.fee_payer
+            if fee_payer
+              raw_tx = cosign_as_fee_payer(raw_tx, request.currency, request: request)
+            else
+              fee_payer_url = request.method_details.fee_payer_url || Defaults::DEFAULT_FEE_PAYER_URL
+              result = Rpc.call(fee_payer_url, "eth_signRawTransaction", [raw_tx])
+              raise Mpp::VerificationError, "Fee payer returned no signed transaction" unless result
+
+              raw_tx = result
+            end
+          end
+
+          rpc_url = get_rpc_url
+          tx_hash = Rpc.call(rpc_url, "eth_sendRawTransaction", [raw_tx])
+          raise Mpp::VerificationError, "No transaction hash returned" unless tx_hash
+
+          receipt_data = T.let(nil, T.untyped)
+          MAX_RECEIPT_RETRY_ATTEMPTS.times do |attempt|
+            receipt_data = Rpc.call(rpc_url, "eth_getTransactionReceipt", [tx_hash])
+            break if receipt_data
+
+            sleep(RECEIPT_RETRY_DELAY_SECONDS) if attempt < MAX_RECEIPT_RETRY_ATTEMPTS - 1
+          end
+
+          raise Mpp::VerificationError, "Transaction receipt not found after retries" unless receipt_data
+          raise Mpp::VerificationError, "Transaction reverted" unless receipt_data["status"] == "0x1"
+          unless verify_transfer_logs(
+            receipt_data, request
+          )
+            raise Mpp::VerificationError,
+              "Transaction must contain a Transfer log matching request parameters"
+          end
+
+          Mpp::Receipt.success(tx_hash)
+        end
+
+        def verify_transfer_logs(receipt, request, expected_sender: nil)
+          expected_memo = request.method_details.memo
+
+          (receipt["logs"] || []).each do |log|
+            next unless log["address"]&.downcase == request.currency.downcase
+
+            topics = log["topics"] || []
+            next if topics.length < 3
+
+            from_address = "0x#{topics[1][-40..]}"
+            to_address = "0x#{topics[2][-40..]}"
+
+            next unless to_address.downcase == request.recipient.downcase
+            next if expected_sender && from_address.downcase != expected_sender.downcase
+
+            if expected_memo
+              next unless topics[0] == TRANSFER_WITH_MEMO_TOPIC
+              next if topics.length < 4
+
+              data = log.fetch("data", "0x")
+              next if data.length < 66
+
+              amount = data[2, 64].to_i(16)
+              memo = topics[3]
+              memo_clean = expected_memo.downcase
+              memo_clean = "0x#{memo_clean}" unless memo_clean.start_with?("0x")
+              return true if amount == Integer(request.amount) && memo.downcase == memo_clean
+            else
+              next unless topics[0] == TRANSFER_TOPIC
+
+              data = log.fetch("data", "0x")
+              next if data.length < 66
+
+              amount = data.delete_prefix("0x").to_i(16)
+              return true if amount == Integer(request.amount)
+            end
+          end
+
+          false
+        end
+
+        def validate_transaction_payload(signature, request)
+          # Best-effort pre-broadcast check
+          begin
+            require "rlp"
+          rescue LoadError
+            return
+          end
+
+          begin
+            tx_bytes = [signature.delete_prefix("0x")].pack("H*")
+          rescue ArgumentError
+            return
+          end
+
+          return if tx_bytes.empty? || ![0x76, 0x78].include?(tx_bytes.getbyte(0))
+
+          begin
+            decoded = RLP.decode(tx_bytes[1..])
+          rescue
+            return
+          end
+
+          return unless decoded.is_a?(Array) && decoded.length >= 5
+
+          calls_data = decoded[4] || []
+          raise Mpp::VerificationError, "Transaction contains no calls" if calls_data.empty?
+
+          found = calls_data.any? do |call_item|
+            next unless call_item.is_a?(Array) && call_item.length >= 3
+
+            call_to_bytes = call_item[0]
+            call_data_bytes = call_item[2]
+            next unless call_to_bytes && call_data_bytes
+
+            to_hex = call_to_bytes.is_a?(String) ? call_to_bytes.unpack1("H*") : call_to_bytes.to_s
+            next unless "0x#{to_hex}".downcase == request.currency.downcase
+
+            data_hex = call_data_bytes.is_a?(String) ? call_data_bytes.unpack1("H*") : call_data_bytes.to_s
+            match_transfer_calldata(data_hex, request)
+          end
+
+          raise Mpp::VerificationError, "Invalid transaction: no matching payment call found" unless found
+        end
+
+        def match_transfer_calldata(call_data_hex, request)
+          return false if call_data_hex.length < 136
+
+          selector = call_data_hex[0, 8].downcase
+          expected_memo = request.method_details.memo
+
+          if expected_memo
+            return false unless selector == TRANSFER_WITH_MEMO_SELECTOR
+          elsif ![TRANSFER_SELECTOR, TRANSFER_WITH_MEMO_SELECTOR].include?(selector)
+            return false
+          end
+
+          decoded_to = "0x#{call_data_hex[32, 40]}"
+          decoded_amount = call_data_hex[72, 64].to_i(16)
+
+          return false unless decoded_to.downcase == request.recipient.downcase
+          return false unless decoded_amount == Integer(request.amount)
+
+          if expected_memo
+            return false if call_data_hex.length < 200
+
+            decoded_memo = "0x#{call_data_hex[136, 64]}"
+            memo_clean = expected_memo.downcase
+            memo_clean = "0x#{memo_clean}" unless memo_clean.start_with?("0x")
+            return false unless decoded_memo.downcase == memo_clean
+          end
+
+          true
+        end
+
+        def verify_proof(payload, request, credential:)
+          raise Mpp::VerificationError, "Proof credentials are only valid for zero-amount challenges" unless Integer(request.amount).zero?
+          raise Mpp::VerificationError, "Proof credential must include a source" unless credential.source
+
+          resolved_chain_id = request.method_details.chain_id
+          source = Proof.parse_source(credential.source)
+          raise Mpp::VerificationError, "Proof credential source is invalid" unless source
+          raise Mpp::VerificationError, "Proof credential source chain mismatch" unless source[:chain_id] == resolved_chain_id
+
+          valid = Proof.verify(
+            address: source[:address],
+            chain_id: resolved_chain_id,
+            challenge_id: credential.challenge.id,
+            signature: payload.signature
+          )
+          raise Mpp::VerificationError, "Proof signature does not match source" unless valid
+
+          Mpp::Receipt.success(credential.challenge.id)
+        end
+
+        def cosign_as_fee_payer(raw_tx, fee_token, request: nil)
+          require "eth"
+          require "rlp"
+
+          raise Mpp::VerificationError, "No fee payer account configured" unless fee_payer
+
+          # Decode the 0x78 fee payer envelope
+          begin
+            all_bytes = [raw_tx.delete_prefix("0x")].pack("H*")
+            decoded, sender_addr_bytes, sender_sig, key_auth = FeePayer.decode(all_bytes)
+          rescue => e
+            raise Mpp::VerificationError, "Failed to deserialize client transaction: #{e.message}"
+          end
+
+          int = ->(b) {
+            if b.is_a?(String) && !b.empty?
+              b.unpack1("H*").to_i(16)
+            elsif b.is_a?(Integer)
+              b
+            else
+              0
+            end
+          }
+
+          # Validate fee-payer invariants
+          fee_token_field = decoded[10]
+          if fee_token_field.is_a?(String) && !fee_token_field.empty?
+            raise Mpp::VerificationError, "Fee payer transaction must not include fee_token (server sets it)"
+          end
+
+          nonce_key = int.call(decoded[6])
+          unless nonce_key == (1 << 256) - 1
+            raise Mpp::VerificationError, "Fee payer envelope must use expiring nonce key (U256::MAX)"
+          end
+
+          valid_before_raw = decoded[8]
+          if !valid_before_raw.is_a?(String) || valid_before_raw.empty?
+            raise Mpp::VerificationError, "Fee payer envelope must include valid_before"
+          end
+          valid_before = int.call(valid_before_raw)
+          if valid_before <= Time.now.to_i
+            raise Mpp::VerificationError,
+              "Fee payer envelope expired: valid_before (#{valid_before}) is not in the future"
+          end
+
+          # Build calls from decoded RLP
+          calls_data = decoded[4] || []
+          calls = calls_data.map do |c|
+            Transaction::Call.new(
+              to: "0x#{c[0].unpack1("H*")}",
+              value: int.call(c[1]),
+              data: "0x#{c[2].unpack1("H*")}"
+            )
+          end
+
+          # Reconstruct transaction for sender signature recovery
+          tx_for_recovery = Transaction::SignedTransaction.new(
+            chain_id: int.call(decoded[0]),
+            max_priority_fee_per_gas: int.call(decoded[1]),
+            max_fee_per_gas: int.call(decoded[2]),
+            gas_limit: int.call(decoded[3]),
+            calls: calls,
+            access_list: Transaction::EMPTY_LIST,
+            nonce_key: int.call(decoded[6]),
+            nonce: int.call(decoded[7]),
+            valid_before: int.call(decoded[8]),
+            valid_after: (decoded[9].is_a?(String) && !decoded[9].empty?) ? int.call(decoded[9]) : nil,
+            fee_token: nil,
+            sender_signature: sender_sig,
+            fee_payer_signature: Transaction::EMPTY_SIGNATURE,
+            sender_address: "0x#{sender_addr_bytes.unpack1("H*")}",
+            tempo_authorization_list: decoded[12] || Transaction::EMPTY_LIST,
+            key_authorization: key_auth
+          )
+
+          # Verify sender signature
+          sender_hash = tx_for_recovery.signature_hash
+          recovered = Eth::Key.personal_recover(sender_hash, "0x#{sender_sig.unpack1("H*")}")
+          recovered_addr = Eth::Util.public_key_to_address(recovered).to_s
+          envelope_addr = "0x#{sender_addr_bytes.unpack1("H*")}"
+
+          unless recovered_addr.downcase == envelope_addr.downcase
+            raise Mpp::VerificationError, "Sender address does not match recovered signer"
+          end
+
+          # Build the final transaction with fee_token set
+          resolved_fee_token = fee_token || request&.currency
+          raise Mpp::VerificationError, "No fee token available" unless resolved_fee_token
+
+          tx_to_sign = tx_for_recovery.with(fee_token: resolved_fee_token)
+
+          # Fee payer signs over fields including sender_signature
+          fee_payer_hash = tx_to_sign.fee_payer_signature_hash
+          fee_payer_sig = fee_payer.sign_hash(fee_payer_hash)
+
+          signed = tx_to_sign.with(fee_payer_signature: fee_payer_sig)
+          "0x#{signed.encoded_2718.unpack1("H*")}"
+        end
+      end
+    end
+  end
+end

data/lib/mpp/methods/tempo/keychain.rb

@@ -0,0 +1,31 @@
+# typed: true
+# frozen_string_literal: true
+
+module Mpp
+  module Methods
+    module Tempo
+      module Keychain
+        SIGNATURE_TYPE = 0x03
+        SIGNATURE_LENGTH = 86
+
+        module_function
+
+        # Build a Keychain signature for a message hash.
+        #
+        # Format: 0x03 || root_account (20 bytes) || inner_sig (65 bytes)
+        # Total: 86 bytes
+        def build_signature(msg_hash:, access_key:, root_account:)
+          inner_sig = access_key.sign_hash(msg_hash)
+          root_bytes = [root_account.delete_prefix("0x")].pack("H*")
+
+          keychain_sig = [SIGNATURE_TYPE].pack("C") + root_bytes + inner_sig
+          unless keychain_sig.bytesize == SIGNATURE_LENGTH
+            Kernel.raise "Invalid keychain signature length: #{keychain_sig.bytesize}"
+          end
+
+          keychain_sig
+        end
+      end
+    end
+  end
+end

data/lib/mpp/methods/tempo/proof.rb

@@ -0,0 +1,127 @@
+# typed: false
+# frozen_string_literal: true
+
+module Mpp
+  module Methods
+    module Tempo
+      # EIP-712 proof credentials for zero-amount challenges.
+      #
+      # Domain: { name: "MPP", version: "1", chainId }
+      # Types:  { Proof: [{ name: "challengeId", type: "string" }] }
+      # Message: { challengeId: <challenge.id> }
+      module Proof
+        DOMAIN_NAME = "MPP"
+        DOMAIN_VERSION = "1"
+
+        # EIP-712 domain separator type hash
+        DOMAIN_TYPE_HASH = "EIP712Domain(string name,string version,uint256 chainId)"
+        PROOF_TYPE_HASH = "Proof(string challengeId)"
+
+        module_function
+
+        def keccak256(data)
+          Kernel.require "eth"
+          Eth::Util.keccak256(data)
+        end
+
+        # Compute the EIP-712 domain separator.
+        def domain_separator(chain_id)
+          keccak256(
+            abi_encode(
+              keccak256(DOMAIN_TYPE_HASH),
+              keccak256(DOMAIN_NAME),
+              keccak256(DOMAIN_VERSION),
+              uint256(chain_id)
+            )
+          )
+        end
+
+        # Compute the EIP-712 struct hash for Proof(challengeId).
+        def struct_hash(challenge_id)
+          keccak256(
+            abi_encode(
+              keccak256(PROOF_TYPE_HASH),
+              keccak256(challenge_id)
+            )
+          )
+        end
+
+        # Compute the full EIP-712 signing hash.
+        def signing_hash(chain_id:, challenge_id:)
+          keccak256(
+            "\x19\x01".b + domain_separator(chain_id) + struct_hash(challenge_id)
+          )
+        end
+
+        # Sign a proof credential (client-side).
+        def sign(account:, chain_id:, challenge_id:)
+          hash = signing_hash(chain_id: chain_id, challenge_id: challenge_id)
+          sig = account.sign_hash(hash)
+          "0x#{sig.unpack1("H*")}"
+        end
+
+        # Verify a proof credential signature (server-side).
+        def verify(address:, chain_id:, challenge_id:, signature:)
+          Kernel.require "eth"
+
+          hash = signing_hash(chain_id: chain_id, challenge_id: challenge_id)
+          sig_bytes = [signature.delete_prefix("0x")].pack("H*")
+
+          # Recover the signer address from the signature
+          recovered = recover_address(hash, sig_bytes)
+          return false unless recovered
+
+          recovered.downcase == address.downcase
+        end
+
+        # Construct source DID for proof credentials.
+        def source(address:, chain_id:)
+          "did:pkh:eip155:#{chain_id}:#{address}"
+        end
+
+        # Parse a proof source DID. Returns { address:, chain_id: } or nil.
+        def parse_source(source_str)
+          match = source_str.match(/\Adid:pkh:eip155:(0|[1-9]\d*):(.+)\z/)
+          return nil unless match
+
+          chain_id = Integer(match[1])
+          address = match[2]
+          return nil unless address.match?(/\A0x[a-fA-F0-9]{40}\z/)
+
+          {address: address, chain_id: chain_id}
+        rescue ArgumentError
+          nil
+        end
+
+        # ABI-encode values (packed 32-byte words).
+        def abi_encode(*values)
+          values.map { |v|
+            case v
+            when String
+              v.b.rjust(32, "\x00".b)
+            when Integer
+              uint256(v)
+            end
+          }.join
+        end
+
+        def uint256(value)
+          [value].pack("Q>").rjust(32, "\x00".b)
+        end
+
+        def recover_address(hash, sig_bytes)
+          Kernel.require "eth"
+
+          return nil unless sig_bytes.bytesize == 65
+
+          sig_hex = "0x#{sig_bytes.unpack1("H*")}"
+          # Use raw ecrecover (not personal_recover which adds EIP-191 prefix)
+          recovered_key = Eth::Signature.recover(hash, sig_hex)
+          Eth::Util.public_key_to_address(recovered_key).to_s
+        rescue => _e
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/mpp/methods/tempo/rpc.rb

@@ -0,0 +1,60 @@
+# typed: false
+# frozen_string_literal: true
+
+require "net/http"
+require "uri"
+require "json"
+
+module Mpp
+  module Methods
+    module Tempo
+      module Rpc
+        DEFAULT_TIMEOUT = 30
+
+        module_function
+
+        # Make a JSON-RPC call.
+        def call(rpc_url, method, params, client: nil)
+          payload = {"jsonrpc" => "2.0", "method" => method, "params" => params, "id" => 1}
+
+          uri = URI.parse(rpc_url)
+          http = client || Net::HTTP.new(uri.host, uri.port)
+          http.use_ssl = uri.scheme == "https" unless client
+          http.read_timeout = DEFAULT_TIMEOUT unless client
+
+          request = Net::HTTP::Post.new(uri)
+          request["Content-Type"] = "application/json"
+          request.body = JSON.generate(payload)
+
+          response = http.request(request)
+          result = JSON.parse(response.body)
+
+          Kernel.raise "RPC error: #{result["error"]}" if result.key?("error")
+
+          result["result"]
+        end
+
+        # Fetch chain_id, nonce, and gas_price.
+        def get_tx_params(rpc_url, sender, client: nil)
+          # In Ruby, we make these calls sequentially (or use threads)
+          chain_id_hex = call(rpc_url, "eth_chainId", [], client: client)
+          nonce_hex = call(rpc_url, "eth_getTransactionCount", [sender, "pending"], client: client)
+          gas_hex = call(rpc_url, "eth_gasPrice", [], client: client)
+
+          [chain_id_hex.to_i(16), nonce_hex.to_i(16), gas_hex.to_i(16)]
+        end
+
+        # Estimate gas for a call.
+        def estimate_gas(rpc_url, from_addr, to, data, client: nil)
+          result = call(
+            rpc_url,
+            "eth_estimateGas",
+            [{"from" => from_addr, "to" => to, "data" => data}, "latest"],
+            client: client
+          )
+          result.to_i(16)
+        end
+      end
+    end
+  end
+end

data/lib/mpp/methods/tempo/schemas.rb

@@ -0,0 +1,96 @@
+# typed: false
+# frozen_string_literal: true
+
+module Mpp
+  module Methods
+    module Tempo
+      module Schemas
+        HEX_PATTERN = /\A0x[a-fA-F0-9]+\z/
+
+        MethodDetails = Data.define(:chain_id, :fee_payer, :fee_payer_url, :memo) do
+          def initialize(chain_id: 4217, fee_payer: false, fee_payer_url: nil, memo: nil)
+            super
+          end
+
+          def self.from_hash(hash)
+            return new unless hash.is_a?(Hash)
+
+            new(
+              chain_id: hash["chainId"] || 4217,
+              fee_payer: hash["feePayer"] || false,
+              fee_payer_url: hash["feePayerUrl"],
+              memo: hash["memo"]
+            )
+          end
+        end
+
+        ChargeRequest = Data.define(:amount, :currency, :recipient, :description,
+          :external_id, :method_details) do
+          def initialize(amount:, currency:, recipient:, description: nil,
+            external_id: nil, method_details: nil)
+            raise ArgumentError, "currency must be a hex address" unless currency.match?(HEX_PATTERN)
+            raise ArgumentError, "recipient must be a hex address" unless recipient.match?(HEX_PATTERN)
+
+            method_details ||= MethodDetails.new
+            super
+          end
+
+          def self.from_hash(hash)
+            new(
+              amount: hash["amount"],
+              currency: hash["currency"],
+              recipient: hash["recipient"],
+              description: hash["description"],
+              external_id: hash["externalId"],
+              method_details: MethodDetails.from_hash(hash["methodDetails"])
+            )
+          end
+        end
+
+        HashCredentialPayload = Data.define(:type, :hash) do
+          def initialize(type:, hash:)
+            raise ArgumentError, "type must be 'hash'" unless type == "hash"
+            raise ArgumentError, "hash must be a hex string" unless hash.match?(HEX_PATTERN)
+
+            super
+          end
+        end
+
+        TransactionCredentialPayload = Data.define(:type, :signature) do
+          def initialize(type:, signature:)
+            raise ArgumentError, "type must be 'transaction'" unless type == "transaction"
+            raise ArgumentError, "signature must be a hex string" unless signature.match?(HEX_PATTERN)
+
+            super
+          end
+        end
+
+        ProofCredentialPayload = Data.define(:type, :signature) do
+          def initialize(type:, signature:)
+            raise ArgumentError, "type must be 'proof'" unless type == "proof"
+            raise ArgumentError, "signature must be a hex string" unless signature.match?(HEX_PATTERN)
+
+            super
+          end
+        end
+
+        module_function
+
+        def parse_credential_payload(data)
+          Kernel.raise ArgumentError, "Invalid credential payload" unless data.is_a?(Hash) && data.key?("type")
+
+          case data["type"]
+          when "hash"
+            HashCredentialPayload.new(type: "hash", hash: data["hash"])
+          when "transaction"
+            TransactionCredentialPayload.new(type: "transaction", signature: data["signature"])
+          when "proof"
+            ProofCredentialPayload.new(type: "proof", signature: data["signature"])
+          else
+            Kernel.raise ArgumentError, "Invalid credential type: #{data["type"]}"
+          end
+        end
+      end
+    end
+  end
+end