@exodus/solana-lib 3.18.2 → 3.18.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/CHANGELOG.md +20 -0
  2. package/package.json +2 -2
  3. package/src/key-identifier.js +2 -2
  4. package/src/msg/validation.js +1 -1
  5. package/src/tx/sign-hardware.js +29 -29
package/CHANGELOG.md CHANGED
@@ -3,6 +3,26 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
5
 
6
+ ## [3.18.4](https://github.com/ExodusMovement/assets/compare/@exodus/solana-lib@3.18.3...@exodus/solana-lib@3.18.4) (2026-01-06)
7
+
8
+
9
+ ### Bug Fixes
10
+
11
+
12
+ * fix(solana-lib): support signing `Uint8Array` messages (#7197)
13
+
14
+
15
+
16
+ ## [3.18.3](https://github.com/ExodusMovement/assets/compare/@exodus/solana-lib@3.18.2...@exodus/solana-lib@3.18.3) (2025-12-19)
17
+
18
+
19
+ ### Bug Fixes
20
+
21
+
22
+ * fix: use proper keyidentifier in signHardware (#7140)
23
+
24
+
25
+
6
26
  ## [3.18.2](https://github.com/ExodusMovement/assets/compare/@exodus/solana-lib@3.18.1...@exodus/solana-lib@3.18.2) (2025-12-16)
7
27
 
8
28
  **Note:** Version bump only for package @exodus/solana-lib
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@exodus/solana-lib",
3
- "version": "3.18.2",
3
+ "version": "3.18.4",
4
4
  "description": "Solana utils, such as for cryptography, address encoding/decoding, transaction building, etc.",
5
5
  "type": "module",
6
6
  "main": "src/index.js",
@@ -47,5 +47,5 @@
47
47
  "type": "git",
48
48
  "url": "git+https://github.com/ExodusMovement/assets.git"
49
49
  },
50
- "gitHead": "e0c3dec90d1b6a5a1fac0ab54f3f7c551100ddb7"
50
+ "gitHead": "0fcef736a50834339ce3516241ef8d6d6f8bdbe1"
51
51
  }
package/src/key-identifier.js CHANGED
@@ -29,7 +29,8 @@ export const createGetKeyIdentifier =
29
29
 
30
30
  switch (compatibilityMode) {
31
31
  case 'phantom':
32
- // Phantom doesn't use chainIndex (normal vs change address)
32
+ case 'trezor':
33
+ // Phantom and Trezor don't use chainIndex (normal vs change address)
33
34
  return {
34
35
  assetName,
35
36
  derivationAlgorithm: 'SLIP10',
@@ -37,7 +38,6 @@ export const createGetKeyIdentifier =
37
38
  keyType: 'nacl',
38
39
  }
39
40
  case 'ledger':
40
- case 'trezor':
41
41
  case 'trust':
42
42
  return {
43
43
  assetName,
package/src/msg/validation.js CHANGED
@@ -49,7 +49,7 @@ export function isTransactionMessage(data) {
49
49
  */
50
50
  export function assertValidMessage(message) {
51
51
  const { rawMessage } = message
52
- assert(Buffer.isBuffer(rawMessage), `rawMessage must be buffer`)
52
+ assert(rawMessage instanceof Uint8Array, 'rawMessage is not a Uint8Array')
53
53
  assert(
54
54
  !isTransactionMessage(rawMessage),
55
55
  `malicious message signing request, was a transaction message`
package/src/tx/sign-hardware.js CHANGED
@@ -4,32 +4,32 @@ import { PublicKey } from '../vendor/index.js'
4
4
  import { extractTransaction } from './common.js'
5
5
  import { prepareForSigning } from './prepare-for-signing.js'
6
6
 
7
- export async function signHardware({ unsignedTx, hardwareDevice, accountIndex }) {
8
- assert(hardwareDevice, 'expected hardwareDevice to be defined')
9
- assert(Number.isInteger(accountIndex) && accountIndex >= 0, 'expected accountIndex to be integer')
10
-
11
- const tx = prepareForSigning(unsignedTx)
12
- const signatures = await signWithHardwareWallet({ tx, hardwareDevice, accountIndex })
13
- applySignatures({ tx, signatures })
14
-
15
- return extractTransaction({ tx })
16
- }
17
-
18
- const signWithHardwareWallet = async ({ tx, hardwareDevice, accountIndex }) => {
19
- assert(hardwareDevice, `hardwareDevice required`)
20
- assert(Number.isInteger(accountIndex), `accountIndex required`)
21
-
22
- const messageToSign = tx.message.serialize()
23
-
24
- return hardwareDevice.signTransaction({
25
- assetName: 'solana',
26
- signableTransaction: Buffer.from(messageToSign),
27
- derivationPaths: [`m/44'/501'/${accountIndex}'`],
28
- })
29
- }
30
-
31
- const applySignatures = ({ tx, signatures }) => {
32
- signatures.forEach(({ publicKey, signature }) => {
33
- tx.addSignature(new PublicKey(publicKey), signature)
34
- })
35
- }
7
+ export const createSignHardwareFactory =
8
+ ({ getKeyIdentifier }) =>
9
+ async ({ unsignedTx, hardwareDevice, accountIndex }) => {
10
+ assert(hardwareDevice, 'expected hardwareDevice to be defined')
11
+ assert(
12
+ Number.isInteger(accountIndex) && accountIndex >= 0,
13
+ 'expected accountIndex to be integer'
14
+ )
15
+
16
+ const tx = prepareForSigning(unsignedTx)
17
+
18
+ const { derivationPath } = getKeyIdentifier({
19
+ compatibilityMode: hardwareDevice.descriptor.manufacturer,
20
+ purpose: 44,
21
+ accountIndex,
22
+ })
23
+
24
+ const signatures = await hardwareDevice.signTransaction({
25
+ assetName: 'solana',
26
+ signableTransaction: Buffer.from(tx.message.serialize()),
27
+ derivationPaths: [derivationPath],
28
+ })
29
+
30
+ signatures.forEach(({ publicKey, signature }) => {
31
+ tx.addSignature(new PublicKey(publicKey), signature)
32
+ })
33
+
34
+ return extractTransaction({ tx })
35
+ }