@dripfi/drip-sdk 1.1.2 → 1.1.3

package/dist/DripSdk.d.ts

@@ -18,6 +18,7 @@ export default class DripSdk {
     getTokenPrice(tokenName: string): Promise<number>;
     updateSigner(newSigner: Signer): void;
     isUserAuthenticated(): Promise<AuthenticationStatus>;
+    verifySignature(address: string, message: string, signature: string): Promise<boolean>;
     authenticate(): Promise<boolean>;
     deposit(tokenAddress: string, vaultAddress: string, amount: string): Promise<string>;
     getExpectedSwapResult(fromTokenAddress: string, toTokenAddress: string, amount: string, decimals: number): Promise<string>;

package/dist/DripSdk.js

@@ -87,17 +87,52 @@ class DripSdk {
                 if (!authToken) {
                     return { isAuthenticated: false, message: 'Auth token not found' };
                 }
-                const { address } = web3_token_1.default.verify(authToken);
-                if (address.toLowerCase() !== userAddress.toLowerCase()) {
+                // const { address, body } = Web3Token.verify(authToken);
+                const decodedBody = JSON.parse(Buffer.from(authToken, 'base64').toString('utf-8'));
+                const message = decodedBody.body;
+                const signature = decodedBody.signature;
+                if (!message || !signature) {
+                    console.error('Message or signature not found in the token body');
+                    return { isAuthenticated: false, message: 'Invalid token structure' };
+                }
+                const isValid = yield this.verifySignature(userAddress, message, signature);
+                if (!isValid) {
                     js_cookie_1.default.remove(cookieName);
-                    return { isAuthenticated: false, message: 'Invalid token' };
+                    return { isAuthenticated: false, message: 'Invalid token or signature' };
                 }
-                return { isAuthenticated: true, address: address.toLowerCase(), token: authToken };
+                return { isAuthenticated: true, address: userAddress.toLowerCase(), token: authToken };
+            }
+            catch (error) {
+                return { isAuthenticated: false };
+            }
+        });
+    }
+    verifySignature(address, message, signature) {
+        return __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            // First, try standard signature verification
+            try {
+                const recoveredAddress = ethers_1.ethers.utils.verifyMessage(message, signature);
+                if (recoveredAddress.toLowerCase() === address.toLowerCase()) {
+                    return true;
+                }
+            }
+            catch (error) {
+                console.error('Standard signature verification error: ', error);
+            }
+            // If standard verification fails, try EIP-1271 verification
+            try {
+                const SafeInterface = new ethers_1.ethers.utils.Interface([
+                    'function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4)'
+                ]);
+                const safeContract = new ethers_1.ethers.Contract(address, SafeInterface, (_a = this.signer) === null || _a === void 0 ? void 0 : _a.provider);
+                const messageHash = ethers_1.ethers.utils.hashMessage(message);
+                const isValidSignature = yield safeContract.isValidSignature(messageHash, signature);
+                return isValidSignature === '0x1626ba7e'; // EIP-1271 magic value
             }
             catch (error) {
-                console.log(error);
+                return false;
             }
-            return { isAuthenticated: false };
         });
     }
     authenticate() {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dripfi/drip-sdk",
-  "version": "1.1.2",
+  "version": "1.1.3",
   "description": "Drip SDK",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",