@dubsdotapp/expo 0.2.10 → 0.2.11

package/src/wallet/phantom-deeplink/phantom-deeplink-adapter.ts

@@ -0,0 +1,323 @@
+import { PublicKey, Transaction } from '@solana/web3.js';
+import bs58 from 'bs58';
+import type { WalletAdapter } from '../types';
+import {
+  generateKeyPair,
+  deriveSharedSecret,
+  encryptPayload,
+  decryptPayload,
+} from './crypto';
+import { DeeplinkHandler } from './deeplink-handler';
+
+const TAG = '[Dubs:PhantomAdapter]';
+
+/** Serializable session state — save this to restore without a deeplink round-trip. */
+export interface PhantomSession {
+  /** Our x25519 public key (base58) */
+  dappPublicKey: string;
+  /** Our x25519 secret key (base58) */
+  dappSecretKey: string;
+  /** Phantom's x25519 public key (base58) */
+  phantomPublicKey: string;
+  /** Shared secret (base58) */
+  sharedSecret: string;
+  /** Phantom session token (opaque string) */
+  sessionToken: string;
+  /** User's wallet public key (base58) */
+  walletPublicKey: string;
+}
+
+export interface PhantomDeeplinkAdapterConfig {
+  /** The deeplink redirect URI, e.g. "myapp://phantom-callback" */
+  redirectUri: string;
+  /** Shown in Phantom's connect screen */
+  appUrl?: string;
+  /** Solana cluster: 'devnet' | 'mainnet-beta' */
+  cluster?: string;
+  /** Deeplink round-trip timeout in ms (default 120000) */
+  timeout?: number;
+  /** Called when the Phantom session changes (save/clear for persistence) */
+  onSessionChange?: (session: PhantomSession | null) => void;
+}
+
+let requestCounter = 0;
+function nextRequestId(): string {
+  return `req${Date.now()}_${++requestCounter}`;
+}
+
+/**
+ * Phantom wallet adapter using deeplinks (works on iOS and Android).
+ * Uses x25519 encrypted communication per Phantom's deeplink protocol.
+ */
+export class PhantomDeeplinkAdapter implements WalletAdapter {
+  private _publicKey: PublicKey | null = null;
+  private _connected = false;
+  private _dappKeyPair: { publicKey: Uint8Array; secretKey: Uint8Array } | null = null;
+  private _sharedSecret: Uint8Array | null = null;
+  private _sessionToken: string | null = null;
+  private _phantomPublicKey: Uint8Array | null = null;
+
+  private readonly config: PhantomDeeplinkAdapterConfig;
+  private readonly handler: DeeplinkHandler;
+  private readonly timeout: number;
+
+  constructor(config: PhantomDeeplinkAdapterConfig) {
+    console.log(TAG, 'Creating adapter with config:', {
+      redirectUri: config.redirectUri,
+      appUrl: config.appUrl,
+      cluster: config.cluster,
+      timeout: config.timeout,
+    });
+    this.config = config;
+    this.timeout = config.timeout ?? 120_000;
+    this.handler = new DeeplinkHandler(config.redirectUri);
+    this.handler.start();
+    console.log(TAG, 'Adapter created and deeplink listener started');
+  }
+
+  get publicKey(): PublicKey | null {
+    return this._publicKey;
+  }
+
+  get connected(): boolean {
+    return this._connected;
+  }
+
+  /**
+   * Restore a previously saved session without opening Phantom.
+   * Call this before connect() if you have persisted session state.
+   */
+  restoreSession(saved: PhantomSession): void {
+    console.log(TAG, 'Restoring session for wallet:', saved.walletPublicKey);
+    this._dappKeyPair = {
+      publicKey: bs58.decode(saved.dappPublicKey),
+      secretKey: bs58.decode(saved.dappSecretKey),
+    };
+    this._phantomPublicKey = bs58.decode(saved.phantomPublicKey);
+    this._sharedSecret = bs58.decode(saved.sharedSecret);
+    this._sessionToken = saved.sessionToken;
+    this._publicKey = new PublicKey(saved.walletPublicKey);
+    this._connected = true;
+    console.log(TAG, 'Session restored successfully — connected:', this._publicKey.toBase58());
+  }
+
+  /** Serialize the current session for persistence. Returns null if not connected. */
+  getSession(): PhantomSession | null {
+    if (
+      !this._connected ||
+      !this._dappKeyPair ||
+      !this._phantomPublicKey ||
+      !this._sharedSecret ||
+      !this._sessionToken ||
+      !this._publicKey
+    ) {
+      return null;
+    }
+    return {
+      dappPublicKey: bs58.encode(this._dappKeyPair.publicKey),
+      dappSecretKey: bs58.encode(this._dappKeyPair.secretKey),
+      phantomPublicKey: bs58.encode(this._phantomPublicKey),
+      sharedSecret: bs58.encode(this._sharedSecret),
+      sessionToken: this._sessionToken,
+      walletPublicKey: this._publicKey.toBase58(),
+    };
+  }
+
+  async connect(): Promise<void> {
+    console.log(TAG, 'connect() — generating x25519 keypair');
+    // Generate a fresh keypair for this connection
+    this._dappKeyPair = generateKeyPair();
+    const dappPubBase58 = bs58.encode(this._dappKeyPair.publicKey);
+    console.log(TAG, 'Dapp public key:', dappPubBase58);
+
+    const requestId = nextRequestId();
+    const redirectLink = `${this.config.redirectUri}/${requestId}`;
+    console.log(TAG, `connect() requestId=${requestId} redirectLink=${redirectLink}`);
+
+    const params = new URLSearchParams({
+      dapp_encryption_public_key: dappPubBase58,
+      cluster: this.config.cluster || 'mainnet-beta',
+      redirect_link: redirectLink,
+    });
+    if (this.config.appUrl) {
+      params.set('app_url', this.config.appUrl);
+    }
+
+    const url = `https://phantom.app/ul/v1/connect?${params.toString()}`;
+    console.log(TAG, 'Opening Phantom connect deeplink...');
+    const response = await this.handler.send(url, requestId, this.timeout);
+    console.log(TAG, 'Received connect response, param keys:', Object.keys(response.params).join(', '));
+
+    // Extract Phantom's public key and derive shared secret
+    const phantomPubBase58 = response.params.phantom_encryption_public_key;
+    if (!phantomPubBase58) {
+      console.log(TAG, 'ERROR: No phantom_encryption_public_key in response');
+      throw new Error('Phantom did not return an encryption public key');
+    }
+    console.log(TAG, 'Phantom public key:', phantomPubBase58);
+
+    this._phantomPublicKey = bs58.decode(phantomPubBase58);
+    this._sharedSecret = deriveSharedSecret(
+      this._dappKeyPair.secretKey,
+      this._phantomPublicKey,
+    );
+    console.log(TAG, 'Shared secret derived, decrypting response...');
+
+    // Decrypt the connect response data
+    const data = decryptPayload(
+      response.params.data,
+      response.params.nonce,
+      this._sharedSecret,
+    );
+    console.log(TAG, 'Decrypted connect data — public_key:', data.public_key, 'session length:', data.session?.length);
+
+    this._sessionToken = data.session;
+    this._publicKey = new PublicKey(data.public_key);
+    this._connected = true;
+
+    console.log(TAG, 'Connected! Wallet:', this._publicKey.toBase58());
+
+    // Notify consumer of new session
+    this.config.onSessionChange?.(this.getSession());
+  }
+
+  disconnect(): void {
+    console.log(TAG, 'disconnect() — clearing state, was connected:', this._connected, 'wallet:', this._publicKey?.toBase58());
+    this._publicKey = null;
+    this._connected = false;
+    this._dappKeyPair = null;
+    this._sharedSecret = null;
+    this._sessionToken = null;
+    this._phantomPublicKey = null;
+    this.config.onSessionChange?.(null);
+    console.log(TAG, 'Disconnected');
+  }
+
+  async signTransaction(transaction: Transaction): Promise<Transaction> {
+    this.assertConnected();
+    console.log(TAG, 'signTransaction() — serializing transaction');
+
+    const serializedTx = bs58.encode(
+      transaction.serialize({ requireAllSignatures: false, verifySignatures: false }),
+    );
+    console.log(TAG, 'Transaction serialized, length:', serializedTx.length);
+
+    const { nonce, ciphertext } = encryptPayload(
+      { transaction: serializedTx, session: this._sessionToken },
+      this._sharedSecret!,
+    );
+
+    const requestId = nextRequestId();
+    const redirectLink = `${this.config.redirectUri}/${requestId}`;
+    console.log(TAG, `signTransaction() requestId=${requestId}`);
+
+    const params = new URLSearchParams({
+      dapp_encryption_public_key: bs58.encode(this._dappKeyPair!.publicKey),
+      nonce,
+      payload: ciphertext,
+      redirect_link: redirectLink,
+    });
+
+    const url = `https://phantom.app/ul/v1/signTransaction?${params.toString()}`;
+    console.log(TAG, 'Opening Phantom signTransaction deeplink...');
+    const response = await this.handler.send(url, requestId, this.timeout);
+    console.log(TAG, 'Received signTransaction response');
+
+    const data = decryptPayload(
+      response.params.data,
+      response.params.nonce,
+      this._sharedSecret!,
+    );
+    console.log(TAG, 'Decrypted signed transaction, length:', data.transaction?.length);
+
+    return Transaction.from(bs58.decode(data.transaction));
+  }
+
+  async signAndSendTransaction(transaction: Transaction): Promise<string> {
+    this.assertConnected();
+    console.log(TAG, 'signAndSendTransaction() — serializing transaction');
+
+    const serializedTx = bs58.encode(
+      transaction.serialize({ requireAllSignatures: false, verifySignatures: false }),
+    );
+    console.log(TAG, 'Transaction serialized, length:', serializedTx.length);
+
+    const { nonce, ciphertext } = encryptPayload(
+      { transaction: serializedTx, session: this._sessionToken },
+      this._sharedSecret!,
+    );
+
+    const requestId = nextRequestId();
+    const redirectLink = `${this.config.redirectUri}/${requestId}`;
+    console.log(TAG, `signAndSendTransaction() requestId=${requestId}`);
+
+    const params = new URLSearchParams({
+      dapp_encryption_public_key: bs58.encode(this._dappKeyPair!.publicKey),
+      nonce,
+      payload: ciphertext,
+      redirect_link: redirectLink,
+    });
+
+    const url = `https://phantom.app/ul/v1/signAndSendTransaction?${params.toString()}`;
+    console.log(TAG, 'Opening Phantom signAndSendTransaction deeplink...');
+    const response = await this.handler.send(url, requestId, this.timeout);
+    console.log(TAG, 'Received signAndSendTransaction response');
+
+    const data = decryptPayload(
+      response.params.data,
+      response.params.nonce,
+      this._sharedSecret!,
+    );
+    console.log(TAG, 'Transaction sent! Signature:', data.signature);
+
+    return data.signature as string;
+  }
+
+  async signMessage(message: Uint8Array): Promise<Uint8Array> {
+    this.assertConnected();
+    console.log(TAG, 'signMessage() — message length:', message.length);
+
+    const { nonce, ciphertext } = encryptPayload(
+      { message: bs58.encode(message), session: this._sessionToken },
+      this._sharedSecret!,
+    );
+
+    const requestId = nextRequestId();
+    const redirectLink = `${this.config.redirectUri}/${requestId}`;
+    console.log(TAG, `signMessage() requestId=${requestId}`);
+
+    const params = new URLSearchParams({
+      dapp_encryption_public_key: bs58.encode(this._dappKeyPair!.publicKey),
+      nonce,
+      payload: ciphertext,
+      redirect_link: redirectLink,
+    });
+
+    const url = `https://phantom.app/ul/v1/signMessage?${params.toString()}`;
+    console.log(TAG, 'Opening Phantom signMessage deeplink...');
+    const response = await this.handler.send(url, requestId, this.timeout);
+    console.log(TAG, 'Received signMessage response');
+
+    const data = decryptPayload(
+      response.params.data,
+      response.params.nonce,
+      this._sharedSecret!,
+    );
+    console.log(TAG, 'Message signed, signature:', data.signature?.substring(0, 20) + '...');
+
+    return bs58.decode(data.signature);
+  }
+
+  /** Remove the Linking event listener. Call when the adapter is no longer needed. */
+  destroy(): void {
+    console.log(TAG, 'destroy() — cleaning up');
+    this.handler.destroy();
+  }
+
+  private assertConnected(): void {
+    if (!this._connected || !this._sharedSecret || !this._sessionToken) {
+      console.log(TAG, 'assertConnected FAILED — connected:', this._connected, 'hasSecret:', !!this._sharedSecret, 'hasSession:', !!this._sessionToken);
+      throw new Error('Wallet not connected');
+    }
+  }
+}