@dynamic-labs/multi-wallet 0.16.4 → 0.16.6

package/CHANGELOG.md

@@ -1,4 +1,18 @@
 
+### [0.16.6](https://github.com/dynamic-labs/DynamicAuth/compare/v0.16.5...v0.16.6) (2023-04-23)
+
+
+### Bug Fixes
+
+* wait for safe transaction validation before verify call v16 ([#1930](https://github.com/dynamic-labs/DynamicAuth/issues/1930)) ([6064455](https://github.com/dynamic-labs/DynamicAuth/commit/60644554916100bffc4c5e1090475b3f7b9b79c3))
+
+### [0.16.5](https://github.com/dynamic-labs/DynamicAuth/compare/v0.16.4...v0.16.5) (2023-04-22)
+
+
+### Bug Fixes
+
+* lock qrcode to 1.5.1 (since 1.5.2 breaks cjs) ([#1924](https://github.com/dynamic-labs/DynamicAuth/issues/1924)) ([abec1aa](https://github.com/dynamic-labs/DynamicAuth/commit/abec1aa66a33d1ff50fafcaa2a87cef80b286801))
+
 ### [0.16.4](https://github.com/dynamic-labs/DynamicAuth/compare/v0.16.3...v0.16.4) (2023-04-19)
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@dynamic-labs/multi-wallet",
-  "version": "0.16.4",
+  "version": "0.16.6",
   "repository": {
     "type": "git",
     "url": "https://github.com/dynamic-labs/DynamicAuth.git",
@@ -28,8 +28,8 @@
     "magic-sdk": "^16.0.1",
     "@keplr-wallet/provider": "0.11.56",
     "@keplr-wallet/types": "^0.11.51",
-    "@dynamic-labs/logger": "0.16.4",
-    "@dynamic-labs/wallet-connector-core": "0.16.4"
+    "@dynamic-labs/logger": "0.16.6",
+    "@dynamic-labs/wallet-connector-core": "0.16.6"
   },
   "devDependencies": {
     "@walletconnect/types": "^2.2.1"

package/src/wallets/clients/walletConnect/walletConnect.cjs

@@ -4,6 +4,7 @@ Object.defineProperty(exports, '__esModule', { value: true });
 
 var tslib = require('tslib');
 var Client = require('@walletconnect/client');
+var ethers = require('ethers');
 var isMobile = require('../../../utils/isMobile.cjs');
 var isSameAddress = require('../../../utils/isSameAddress/isSameAddress.cjs');
 var logger = require('../../../utils/logger.cjs');
@@ -156,7 +157,7 @@ const fetchWalletConnectEVMPublicAddress = (metadata, wcClient, opts) => tslib._
     const [accountPublicAddress] = payload.params[0].accounts;
     return accountPublicAddress;
 });
-const signWalletConnectPersonalMessage = (messageToSign, metadata, client) => tslib.__awaiter(void 0, void 0, void 0, function* () {
+const signWalletConnectPersonalMessage = (messageToSign, metadata, client, rpcProvider) => tslib.__awaiter(void 0, void 0, void 0, function* () {
     var _c, _d;
     const isCryptoWallet = ((_c = client === null || client === void 0 ? void 0 : client.peerMeta) === null || _c === void 0 ? void 0 : _c.name) === 'Crypto.com | DeFi Wallet' ||
         ((_d = client === null || client === void 0 ? void 0 : client.peerMeta) === null || _d === void 0 ? void 0 : _d.name) === 'DeFi Wallet';
@@ -184,12 +185,63 @@ const signWalletConnectPersonalMessage = (messageToSign, metadata, client) => ts
             // and not allowing the user to sign the message
             yield sleep(1000);
         }
-        return client.signPersonalMessage([messageToSign, accountPublicAddress]);
+        const signature = yield client.signPersonalMessage([
+            messageToSign,
+            accountPublicAddress,
+        ]);
+        yield waitForSafeTransactionOrTimeout(accountPublicAddress, signature, messageToSign, client, rpcProvider);
+        return signature;
     }
     catch (e) {
         logger.logger.debug(e);
         throw e;
     }
+});
+const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+// Successful value as defined by the EIP
+// https://eips.ethereum.org/EIPS/eip-1271#specification
+const MAGIC_VALUE = '0x1626ba7e';
+const IS_VALID_SIGNATURE_ABI = [
+    'function isValidSignature(bytes32 _message, bytes _signature) public view returns (bytes4)',
+];
+const waitForSafeTransactionOrTimeout = (accountPublicAddress, signature, messageToSign, client, rpcProvider) => tslib.__awaiter(void 0, void 0, void 0, function* () {
+    var _e;
+    if (signature === '0x' &&
+        // this is what wallet connect client returns there's no `safe` or `Safe`
+        // exact string anywhere, so this seems like the best proxy
+        ((_e = client.peerMeta) === null || _e === void 0 ? void 0 : _e.name) === 'WalletConnect Safe App') {
+        if (!rpcProvider) {
+            return;
+        }
+        const contract = new ethers.Contract(accountPublicAddress, IS_VALID_SIGNATURE_ABI, yield rpcProvider());
+        const safeTransactionPromise = waitForSafeTransaction(signature, messageToSign, contract);
+        const timeoutPromise = new Promise((resolve) => {
+            setTimeout(resolve, 120000);
+        });
+        yield Promise.race([safeTransactionPromise, timeoutPromise]);
+    }
+});
+// this is a hack for safe
+// before sending the signature downstream, we need to make sure
+// the transaction is recorded first on the blockchain
+// redcoast verify WILL fail if it attempts to verify the signature
+// that has not yet been properly processed!
+const waitForSafeTransaction = (signature, messageToSign, contract) => tslib.__awaiter(void 0, void 0, void 0, function* () {
+    // wait for safe wallet to finish txn on the blockchain contract
+    for (let i = 0; i < 120; i++) {
+        try {
+            // this will result in an exception if the transaction is still not ready
+            // we need to catch it below
+            const result = yield contract.isValidSignature(ethers.ethers.utils.hashMessage(messageToSign), signature);
+            if (result === MAGIC_VALUE)
+                return;
+        }
+        catch (err) {
+            logger.logger.info('Safe transaction cannot be validated yet. Retrying.');
+        }
+        // try again after 2 seconds
+        yield sleep(2000);
+    }
 });
 
 exports.createSession = createSession;

package/src/wallets/clients/walletConnect/walletConnect.d.ts

@@ -1,4 +1,5 @@
 import Client from '@walletconnect/client';
+import { ethers } from 'ethers';
 import { FetchPublicAddressOpts, PayloadParams, WalletEventListeners } from '@dynamic-labs/wallet-connector-core';
 import { WalletSchema } from '@dynamic-labs/wallet-book';
 import { KeplrWalletConnectV1 } from '../../cosmos/wcClient';
@@ -19,4 +20,4 @@ export declare const createSession: (client: Client) => Promise<PayloadParams>;
 export declare const useDeepLink: (metadata: WalletSchema, wcClient: Client, opts?: FetchPublicAddressOpts) => void;
 export declare const fetchWalletConnectCosmosPublicAddress: (metadata: WalletSchema, wcClient: Client, provider: KeplrWalletConnectV1, opts: FetchPublicAddressOpts & Required<Pick<FetchPublicAddressOpts, 'chainId'>>) => Promise<string>;
 export declare const fetchWalletConnectEVMPublicAddress: (metadata: WalletSchema, wcClient: Client, opts?: FetchPublicAddressOpts) => Promise<string | undefined>;
-export declare const signWalletConnectPersonalMessage: (messageToSign: string, metadata: WalletSchema, client: Client) => Promise<string | undefined>;
+export declare const signWalletConnectPersonalMessage: (messageToSign: string, metadata: WalletSchema, client: Client, rpcProvider?: () => Promise<ethers.providers.JsonRpcProvider | undefined>) => Promise<string | undefined>;

package/src/wallets/clients/walletConnect/walletConnect.js

@@ -1,5 +1,6 @@
 import { __awaiter } from 'tslib';
 import Client from '@walletconnect/client';
+import { Contract, ethers } from 'ethers';
 import { isMobile, isIOS } from '../../../utils/isMobile.js';
 import { isSameAddress } from '../../../utils/isSameAddress/isSameAddress.js';
 import { logger } from '../../../utils/logger.js';
@@ -148,7 +149,7 @@ const fetchWalletConnectEVMPublicAddress = (metadata, wcClient, opts) => __await
     const [accountPublicAddress] = payload.params[0].accounts;
     return accountPublicAddress;
 });
-const signWalletConnectPersonalMessage = (messageToSign, metadata, client) => __awaiter(void 0, void 0, void 0, function* () {
+const signWalletConnectPersonalMessage = (messageToSign, metadata, client, rpcProvider) => __awaiter(void 0, void 0, void 0, function* () {
     var _c, _d;
     const isCryptoWallet = ((_c = client === null || client === void 0 ? void 0 : client.peerMeta) === null || _c === void 0 ? void 0 : _c.name) === 'Crypto.com | DeFi Wallet' ||
         ((_d = client === null || client === void 0 ? void 0 : client.peerMeta) === null || _d === void 0 ? void 0 : _d.name) === 'DeFi Wallet';
@@ -176,12 +177,63 @@ const signWalletConnectPersonalMessage = (messageToSign, metadata, client) => __
             // and not allowing the user to sign the message
             yield sleep(1000);
         }
-        return client.signPersonalMessage([messageToSign, accountPublicAddress]);
+        const signature = yield client.signPersonalMessage([
+            messageToSign,
+            accountPublicAddress,
+        ]);
+        yield waitForSafeTransactionOrTimeout(accountPublicAddress, signature, messageToSign, client, rpcProvider);
+        return signature;
     }
     catch (e) {
         logger.debug(e);
         throw e;
     }
+});
+const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+// Successful value as defined by the EIP
+// https://eips.ethereum.org/EIPS/eip-1271#specification
+const MAGIC_VALUE = '0x1626ba7e';
+const IS_VALID_SIGNATURE_ABI = [
+    'function isValidSignature(bytes32 _message, bytes _signature) public view returns (bytes4)',
+];
+const waitForSafeTransactionOrTimeout = (accountPublicAddress, signature, messageToSign, client, rpcProvider) => __awaiter(void 0, void 0, void 0, function* () {
+    var _e;
+    if (signature === '0x' &&
+        // this is what wallet connect client returns there's no `safe` or `Safe`
+        // exact string anywhere, so this seems like the best proxy
+        ((_e = client.peerMeta) === null || _e === void 0 ? void 0 : _e.name) === 'WalletConnect Safe App') {
+        if (!rpcProvider) {
+            return;
+        }
+        const contract = new Contract(accountPublicAddress, IS_VALID_SIGNATURE_ABI, yield rpcProvider());
+        const safeTransactionPromise = waitForSafeTransaction(signature, messageToSign, contract);
+        const timeoutPromise = new Promise((resolve) => {
+            setTimeout(resolve, 120000);
+        });
+        yield Promise.race([safeTransactionPromise, timeoutPromise]);
+    }
+});
+// this is a hack for safe
+// before sending the signature downstream, we need to make sure
+// the transaction is recorded first on the blockchain
+// redcoast verify WILL fail if it attempts to verify the signature
+// that has not yet been properly processed!
+const waitForSafeTransaction = (signature, messageToSign, contract) => __awaiter(void 0, void 0, void 0, function* () {
+    // wait for safe wallet to finish txn on the blockchain contract
+    for (let i = 0; i < 120; i++) {
+        try {
+            // this will result in an exception if the transaction is still not ready
+            // we need to catch it below
+            const result = yield contract.isValidSignature(ethers.utils.hashMessage(messageToSign), signature);
+            if (result === MAGIC_VALUE)
+                return;
+        }
+        catch (err) {
+            logger.info('Safe transaction cannot be validated yet. Retrying.');
+        }
+        // try again after 2 seconds
+        yield sleep(2000);
+    }
 });
 
 export { createSession, fetchWalletConnectCosmosPublicAddress, fetchWalletConnectEVMPublicAddress, getDeepLink, initClient, killWalletConnectSession, setupWalletConnectEventListeners, signWalletConnectPersonalMessage, teardownWalletConnectEventListeners, useDeepLink };

package/src/wallets/walletConnect/walletConnect.cjs

@@ -94,7 +94,9 @@ class WalletConnect extends ethProvider.EthProvider {
     }
     signMessage(messageToSign) {
         return tslib.__awaiter(this, void 0, void 0, function* () {
-            return walletConnect.signWalletConnectPersonalMessage(messageToSign, walletBook.getWalletBookWallet(this.name), this.getClient());
+            return walletConnect.signWalletConnectPersonalMessage(messageToSign, walletBook.getWalletBookWallet(this.name), this.getClient(), 
+            // don't call getRpcProvider until we really need to
+            () => tslib.__awaiter(this, void 0, void 0, function* () { return this.getRpcProvider(); }));
         });
     }
     proveOwnership(messageToSign) {

package/src/wallets/walletConnect/walletConnect.js

@@ -88,7 +88,9 @@ class WalletConnect extends EthProvider {
     }
     signMessage(messageToSign) {
         return __awaiter(this, void 0, void 0, function* () {
-            return signWalletConnectPersonalMessage(messageToSign, getWalletBookWallet(this.name), this.getClient());
+            return signWalletConnectPersonalMessage(messageToSign, getWalletBookWallet(this.name), this.getClient(), 
+            // don't call getRpcProvider until we really need to
+            () => __awaiter(this, void 0, void 0, function* () { return this.getRpcProvider(); }));
         });
     }
     proveOwnership(messageToSign) {