@getpara/react-native-wallet 0.1.0

package/src/react-native/ParaMobile.ts

@@ -0,0 +1,294 @@
+// Copyright (c) Para Labs Inc. All rights reserved.
+
+import {
+  ConstructorOpts,
+  ParaCore,
+  Environment,
+  PlatformUtils,
+  Wallet,
+  decryptPrivateKeyAndDecryptShare,
+  encryptPrivateKey,
+  getAsymmetricKeyPair,
+  getDerivedPrivateKeyAndDecrypt,
+  getPublicKeyHex,
+  getSHA256HashHex,
+  parseCredentialCreationRes,
+} from '@getpara/web-sdk';
+import { ReactNativeUtils } from './ReactNativeUtils.js';
+import {
+  Passkey,
+  PasskeyCreateRequest,
+  PasskeyCreateResult,
+  PasskeyGetRequest,
+  PasskeyGetResult,
+} from 'react-native-passkey';
+import { extractAuth, PublicKeyStatus, WalletScheme } from '@getpara/user-management-client';
+import { setEnv } from '../config.js';
+import base64url from 'base64url';
+import { webcrypto } from 'crypto';
+import { CountryCallingCode } from 'libphonenumber-js';
+
+const ES256_ALGORITHM = -7;
+const RS256_ALGORITHM = -257;
+
+/**
+ * Represents a mobile implementation of the Para SDK.
+ * @extends ParaCore
+ */
+export class ParaMobile extends ParaCore {
+  private relyingPartyId: string;
+  /**
+   * Creates an instance of ParaMobile.
+   * @param {Environment} env - The environment to use (DEV, SANDBOX, BETA, or PROD).
+   * @param {string} [apiKey] - The API key for authentication.
+   * @param {string} [relyingPartyId] - The relying party ID for WebAuthn.
+   * @param {ConstructorOpts} [opts] - Additional constructor options.
+   */
+  constructor(env: Environment, apiKey?: string, relyingPartyId?: string, opts?: ConstructorOpts) {
+    super(env, apiKey, opts);
+
+    setEnv(env);
+
+    if (relyingPartyId) {
+      this.relyingPartyId = relyingPartyId;
+    } else {
+      switch (env) {
+        case Environment.DEV:
+          throw new Error('relyingPartyId is required');
+        case Environment.SANDBOX:
+          this.relyingPartyId = 'app.sandbox.usecapsule.com';
+          break;
+        case Environment.BETA:
+          this.relyingPartyId = 'app.beta.usecapsule.com';
+          break;
+        case Environment.PROD:
+          this.relyingPartyId = 'app.usecapsule.com';
+          break;
+      }
+    }
+  }
+
+  protected getPlatformUtils(): PlatformUtils {
+    return new ReactNativeUtils();
+  }
+
+  /**
+   * Verifies an email and returns the biometrics ID.
+   * @param {string} verificationCode - The verification code sent to the email.
+   * @returns {Promise<string>} The biometrics ID.
+   */
+  async verifyEmailBiometricsId(verificationCode: string): Promise<string> {
+    const webAuthCreateUrl = await super.verifyEmail(verificationCode);
+    const segments = webAuthCreateUrl.split('/');
+    const segments2 = segments[segments.length - 1]!.split('?');
+    const biometricsId = segments2[0]!;
+
+    return biometricsId;
+  }
+
+  /**
+   * Verifies a phone number and returns the biometrics ID.
+   * @param {string} verificationCode - The verification code sent to the phone.
+   * @returns {Promise<string>} The biometrics ID.
+   */
+  async verifyPhoneBiometricsId(verificationCode: string): Promise<string> {
+    const webAuthCreateUrl = await super.verifyPhone(verificationCode);
+    const segments = webAuthCreateUrl.split('/');
+    const segments2 = segments[segments.length - 1]!.split('?');
+    const biometricsId = segments2[0]!;
+
+    return biometricsId;
+  }
+
+  /**
+   * Registers a passkey for the user.
+   * @param {string} identifier - The user's email or phone number.
+   * @param {string} biometricsId - The biometrics ID obtained from verification.
+   * @param {webcrypto.Crypto} crypto - The Web Crypto API instance.
+   * @param {'email' | 'phone'} [identifierType='email'] - The type of identifier used.
+   * @param {CountryCallingCode} [countryCode] - The country calling code for phone numbers.
+   * @returns {Promise<void>}
+   */
+  async registerPasskey(
+    identifier: string,
+    biometricsId: string,
+    crypto: webcrypto.Crypto,
+    identifierType: 'email' | 'phone' = 'email',
+    countryCode?: CountryCallingCode,
+  ) {
+    const userHandle = new Uint8Array(32);
+    crypto.getRandomValues(userHandle);
+    const userHandleEncoded = base64url.encode(userHandle as any);
+
+    const displayIdentifier = identifierType === 'email' ? identifier : `${countryCode}${identifier}`;
+
+    const requestJson: PasskeyCreateRequest = {
+      authenticatorSelection: {
+        authenticatorAttachment: 'platform' as any,
+        requireResidentKey: true,
+        residentKey: 'required' as any,
+        userVerification: 'required' as any,
+      },
+      rp: {
+        id: this.relyingPartyId,
+        name: 'Para',
+      },
+      user: {
+        id: userHandleEncoded,
+        name: displayIdentifier,
+        displayName: displayIdentifier,
+      },
+      pubKeyCredParams: [
+        {
+          type: 'public-key',
+          alg: ES256_ALGORITHM,
+        },
+        {
+          type: 'public-key',
+          alg: RS256_ALGORITHM,
+        },
+      ],
+      attestation: 'direct' as any,
+      timeout: 60000,
+      challenge: base64url.encode('somechallenge'),
+    };
+
+    const result: PasskeyCreateResult = await Passkey.create(requestJson);
+    let resultJson;
+
+    if (typeof result === 'string') {
+      resultJson = JSON.parse(result);
+    } else {
+      resultJson = result;
+    }
+
+    const { cosePublicKey, clientDataJSON } = parseCredentialCreationRes(resultJson, ES256_ALGORITHM);
+
+    const keyPair = await getAsymmetricKeyPair(this.ctx);
+    const publicKeyHex = getPublicKeyHex(keyPair);
+
+    const encryptionKeyHash = getSHA256HashHex(userHandleEncoded);
+    const encryptedPrivateKeyHex = await encryptPrivateKey(keyPair, userHandleEncoded);
+
+    const session = await this.ctx.client.touchSession();
+    await this.ctx.client.patchSessionPublicKey(session.data.partnerId, this.getUserId()!, biometricsId, {
+      publicKey: resultJson.id,
+      sigDerivedPublicKey: publicKeyHex,
+      cosePublicKey,
+      clientDataJSON,
+      status: PublicKeyStatus.COMPLETE,
+    });
+
+    await this.ctx.client.uploadEncryptedWalletPrivateKey(
+      this.getUserId()!,
+      encryptedPrivateKeyHex,
+      encryptionKeyHash,
+      resultJson.id,
+    );
+  }
+
+  /**
+   * Logs in the user using either email or phone number.
+   * @param {string} [email] - The user's email address.
+   * @param {string} [phone] - The user's phone number.
+   * @param {CountryCallingCode} [countryCode] - The country calling code for phone numbers.
+   * @returns {Promise<Wallet[]>} An array of user wallets.
+   */
+  async login(email?: string, phone?: string, countryCode?: CountryCallingCode): Promise<void> {
+    await this.logout();
+    const auth = extractAuth({ email, phone, countryCode }, { optional: true });
+    const { challenge, allowedPublicKeys } = await this.ctx.client.getWebChallenge(auth);
+
+    const requestJson: PasskeyGetRequest = {
+      challenge,
+      timeout: 60000,
+      rpId: this.relyingPartyId,
+      allowCredentials: allowedPublicKeys?.[0] ? [{ type: 'public-key', id: allowedPublicKeys[0] }] : [],
+    };
+
+    const result: PasskeyGetResult = await Passkey.get(requestJson);
+
+    let resultJson;
+
+    if (typeof result === 'string') {
+      resultJson = JSON.parse(result);
+    } else {
+      resultJson = result;
+    }
+
+    const session = await this.ctx.client.touchSession();
+    const publicKey = resultJson.id;
+    const verifyWebChallengeResult = await this.ctx.client.verifyWebChallenge(session.data.partnerId, {
+      publicKey,
+      signature: {
+        clientDataJSON: resultJson.response.clientDataJSON,
+        authenticatorData: resultJson.response.authenticatorData,
+        signature: resultJson.response.signature,
+      },
+    });
+
+    const userId = verifyWebChallengeResult.data.userId;
+
+    await this.setUserId(userId);
+
+    const { user } = await this.ctx.client.getUser(userId);
+
+    if (user.phone) {
+      await this.setPhoneNumber(user.phone.number, user.phone.countryCode);
+    }
+
+    if (user.email) {
+      await this.setEmail(user.email);
+    }
+
+    if (user.farcasterUsername) {
+      await this.setFarcasterUsername(user.farcasterUsername);
+    }
+
+    const encryptedSharesResult = await this.ctx.client.getBiometricKeyshares(userId, resultJson.id);
+
+    const encryptionKeyHash = getSHA256HashHex(resultJson.response.userHandle);
+    const { encryptedPrivateKeys } = await this.ctx.client.getEncryptedWalletPrivateKeys(userId, encryptionKeyHash);
+
+    let decryptedShares;
+    if (encryptedPrivateKeys.length === 0) {
+      decryptedShares = await getDerivedPrivateKeyAndDecrypt(
+        this.ctx,
+        resultJson.response.userHandle,
+        encryptedSharesResult.data.keyShares,
+      );
+      const keyPair = await getAsymmetricKeyPair(this.ctx, resultJson.response.userHandle);
+      const encryptedPrivateKeyHex = await encryptPrivateKey(keyPair, resultJson.response.userHandle);
+      await this.ctx.client.uploadEncryptedWalletPrivateKey(
+        userId,
+        encryptedPrivateKeyHex,
+        encryptionKeyHash,
+        resultJson.id,
+      );
+    } else {
+      decryptedShares = await decryptPrivateKeyAndDecryptShare(
+        resultJson.response.userHandle,
+        encryptedSharesResult.data.keyShares,
+        encryptedPrivateKeys[0].encryptedPrivateKey,
+      );
+    }
+
+    const walletsRes = await this.ctx.client.getWallets(userId);
+    const desiredWallets = walletsRes.data.wallets;
+
+    const walletsToInsert: { [id: string]: Wallet } = {};
+    for (let desiredWallet of desiredWallets) {
+      const decryptedShare = decryptedShares.find(share => share.walletId === desiredWallet.id)!;
+      walletsToInsert[decryptedShare.walletId] = {
+        id: decryptedShare.walletId,
+        signer: decryptedShare.signer,
+        address: desiredWallet.address || undefined,
+        publicKey: desiredWallet.publicKey || undefined,
+        scheme: desiredWallet.scheme as WalletScheme,
+        type: desiredWallet.type || undefined,
+      };
+    }
+
+    await this.setWallets(walletsToInsert);
+  }
+}

package/src/react-native/ReactNativeUtils.ts

@@ -0,0 +1,266 @@
+// Copyright (c) Capsule Labs Inc. All rights reserved.
+
+import { PlatformUtils, TPregenIdentifierType } from '@getpara/web-sdk';
+import { Ctx } from '@getpara/web-sdk';
+import { SignatureRes } from '@getpara/web-sdk';
+import { BackupKitEmailProps, KeyShareType, WalletScheme, WalletType } from '@getpara/user-management-client';
+import { NativeModules } from 'react-native';
+
+import { AsyncStorage } from '../AsyncStorage.js';
+import { KeychainStorage } from '../KeychainStorage.js';
+
+const { ParaSignerModule } = NativeModules;
+
+async function keygenRequest(ctx: Ctx, userId: string, walletId: string, protocolId: string): Promise<{ signer: string }> {
+  const { data } = await ctx.mpcComputationClient!.post('/wallets', {
+    userId,
+    walletId,
+    protocolId,
+  });
+  return data;
+}
+
+async function signMessageRequest(
+  ctx: Ctx,
+  userId: string,
+  walletId: string,
+  protocolId: string,
+  message: string,
+  signer: string,
+): Promise<{ signature: string }> {
+  const { data } = await ctx.mpcComputationClient!.post(`/wallets/${walletId}/messages/sign`, {
+    userId,
+    protocolId,
+    message,
+    signer,
+  });
+  return data;
+}
+
+async function sendTransactionRequest(
+  ctx: Ctx,
+  userId: string,
+  walletId: string,
+  protocolId: string,
+  transaction: string,
+  signer: string,
+  chainId: string,
+): Promise<{ signature: string }> {
+  const { data } = await ctx.mpcComputationClient!.post(`/wallets/${walletId}/transactions/send`, {
+    userId,
+    protocolId,
+    transaction,
+    signer,
+    chainId,
+  });
+  return data;
+}
+
+export class ReactNativeUtils implements PlatformUtils {
+  disableProviderModal?: boolean | undefined;
+  localStorage = new AsyncStorage();
+  sessionStorage = new AsyncStorage();
+  secureStorage = new KeychainStorage();
+  isSyncStorage = false;
+
+  // only used in web for now, can implement functionality if ever needed for mobile
+  async generateBlumPrimes(_ctx: Ctx): Promise<{ p: string; q: string }> {
+    throw new Error('method not implemented');
+  }
+
+  async keygen(
+    ctx: Ctx,
+    userId: string,
+    type: Exclude<WalletType, WalletType.SOLANA>,
+    _secretKey: string | null,
+    _sessionCookie: string,
+    _emailProps?: BackupKitEmailProps | undefined,
+  ): Promise<{ signer: string; walletId: string }> {
+    const { walletId, protocolId } = await ctx.client.createWallet(userId, {
+      type,
+      useTwoSigners: true,
+      scheme: ctx.useDKLS ? WalletScheme.DKLS : WalletScheme.CGGMP,
+    });
+
+    if (ctx.mpcComputationClient && !ctx.useDKLS) {
+      const { signer } = await keygenRequest(ctx, userId, walletId, protocolId);
+      return { signer, walletId };
+    }
+
+    const createAccountFn = !ctx.useDKLS ? ParaSignerModule.createAccount : ParaSignerModule.dklsCreateAccount;
+    const signer = await createAccountFn(walletId, protocolId, KeyShareType.USER, userId);
+    return { signer, walletId };
+  }
+
+  refresh(
+    _ctx: Ctx,
+    _sessionCookie: string,
+    _userId: string,
+    _walletId: string,
+    _share: string,
+    _oldPartnerId?: string,
+    _newPartnerId?: string,
+  ): Promise<{
+    signer: string;
+  }> {
+    throw new Error('Method not implemented.');
+  }
+
+  preKeygen(
+    _ctx: Ctx,
+    _partnerId: string,
+    _email: string,
+    _secretKey: string | null,
+    _sessionCookie: string,
+  ): Promise<{ signer: string; walletId: string }> {
+    throw new Error('Method not implemented.');
+  }
+
+  getPrivateKey(_ctx: Ctx, _userId: string, _walletId: string, _share: string, _sessionCookie: string): Promise<string> {
+    throw new Error('Method not implemented.');
+  }
+
+  openPopup(_popupUrl: string): any {
+    throw new Error('Method not implemented.');
+  }
+
+  private async baseSignTransaction(
+    ctx: Ctx,
+    userId: string,
+    walletId: string,
+    protocolId: string,
+    share: string,
+    rlpEncodedTxBase64: string,
+    chainId: string,
+    isDKLS?: boolean,
+  ): Promise<SignatureRes> {
+    if (ctx.mpcComputationClient && !isDKLS) {
+      const signature = (await sendTransactionRequest(ctx, userId, walletId, protocolId, rlpEncodedTxBase64, share, chainId))
+        .signature;
+      return { signature };
+    }
+
+    const sendTransactionFn = isDKLS ? ParaSignerModule.dklsSendTransaction : ParaSignerModule.sendTransaction;
+    const signature = await sendTransactionFn(protocolId, share, rlpEncodedTxBase64, userId);
+    return { signature: signature.slice(2) };
+  }
+
+  async sendTransaction(
+    ctx: Ctx,
+    userId: string,
+    walletId: string,
+    share: string,
+    rlpEncodedTxBase64: string,
+    chainId: string,
+    _sessionCookie: string,
+    isDKLS?: boolean,
+  ): Promise<SignatureRes> {
+    const { protocolId } = (
+      await ctx.client.sendTransaction(userId, walletId, {
+        transaction: rlpEncodedTxBase64,
+        chainId,
+      })
+    ).data;
+    return this.baseSignTransaction(ctx, userId, walletId, protocolId, share, rlpEncodedTxBase64, chainId, isDKLS);
+  }
+
+  async signHash(_address: string, _hash: string): Promise<{ v: number; r: Buffer; s: Buffer }> {
+    throw new Error('not implemented');
+  }
+
+  async signMessage(
+    ctx: Ctx,
+    userId: string,
+    walletId: string,
+    share: string,
+    messageBase64: string, // base64 message
+    _sessionCookie: string,
+    isDKLS?: boolean,
+  ): Promise<SignatureRes> {
+    const res = await ctx.client.preSignMessage(userId, walletId, messageBase64);
+
+    if (ctx.mpcComputationClient && !isDKLS) {
+      const signature = (await signMessageRequest(ctx, userId, walletId, res.protocolId, messageBase64, share)).signature;
+      return { signature };
+    }
+
+    const signMessageFn = isDKLS ? ParaSignerModule.dklsSignMessage : ParaSignerModule.signMessage;
+    const signature = await signMessageFn(res.protocolId, share, messageBase64, userId);
+
+    if (signature.startsWith('0x')) {
+      return { signature: signature.slice(2) };
+    }
+    return { signature };
+  }
+
+  async signTransaction(
+    ctx: Ctx,
+    userId: string,
+    walletId: string,
+    share: string,
+    rlpEncodedTxBase64: string, // base64 encoding of rlp encoded tx
+    chainId: string,
+    _sessionCookie: string,
+    isDKLS?: boolean,
+  ): Promise<SignatureRes> {
+    const { protocolId } = (
+      await ctx.client.signTransaction(userId, walletId, {
+        transaction: rlpEncodedTxBase64,
+        chainId,
+      })
+    ).data;
+    return this.baseSignTransaction(ctx, userId, walletId, protocolId, share, rlpEncodedTxBase64, chainId, isDKLS);
+  }
+
+  async ed25519Keygen(
+    ctx: Ctx,
+    userId: string,
+    _sessionCookie: string,
+    _emailProps?: BackupKitEmailProps,
+  ): Promise<{
+    signer: string;
+    walletId: string;
+  }> {
+    const { walletId, protocolId } = await ctx.client.createWallet(userId, {
+      scheme: WalletScheme.ED25519,
+      type: WalletType.SOLANA,
+    });
+
+    const signer = await ParaSignerModule.ed25519CreateAccount(walletId, protocolId);
+    return { signer, walletId };
+  }
+
+  async ed25519PreKeygen(
+    ctx: Ctx,
+    pregenIdentifier: string,
+    pregenIdentifierType: TPregenIdentifierType,
+    _sessionCookie: string,
+  ): Promise<{
+    signer: string;
+    walletId: string;
+  }> {
+    const { walletId, protocolId } = await ctx.client.createWalletPreGen({
+      pregenIdentifier,
+      pregenIdentifierType,
+      scheme: WalletScheme.ED25519,
+      type: WalletType.SOLANA,
+    });
+
+    const signer = await ParaSignerModule.ed25519CreateAccount(walletId, protocolId);
+    return { signer, walletId };
+  }
+
+  async ed25519Sign(
+    ctx: Ctx,
+    userId: string,
+    walletId: string,
+    share: string,
+    base64Bytes: string,
+    _sessionCookie: string,
+  ): Promise<SignatureRes> {
+    const { protocolId } = await ctx.client.preSignMessage(userId, walletId, base64Bytes, WalletScheme.ED25519);
+
+    const base64Sig = await ParaSignerModule.ed25519Sign(protocolId, share, base64Bytes);
+    return { signature: base64Sig };
+  }
+}

package/src/shim.js

@@ -0,0 +1,59 @@
+// 1) Node-like crypto + Web Crypto API (subtle + getRandomValues)
+import crypto from 'react-native-quick-crypto';
+import { webcrypto } from 'crypto';
+import { Crypto } from '@peculiar/webcrypto';
+
+if (typeof global.crypto === 'undefined') {
+  // Attach Node-style crypto for randomFillSync, createHash, etc.
+  global.crypto = crypto;
+}
+
+// If `crypto.subtle` is missing, patch it with `@peculiar/webcrypto`
+if (!global.crypto.subtle) {
+  const peculiarCrypto = new Crypto();
+  global.crypto.subtle = peculiarCrypto.subtle;
+  global.crypto.getRandomValues = peculiarCrypto.getRandomValues.bind(peculiarCrypto);
+}
+
+// Add getRandomValues to webcrypto from peculiar
+const peculiarCrypto = new Crypto();
+webcrypto.getRandomValues = peculiarCrypto.getRandomValues.bind(peculiarCrypto);
+
+// 2) Provide TextEncoder / TextDecoder
+import * as FSTED from 'fastestsmallesttextencoderdecoder';
+
+if (typeof global.TextEncoder === 'undefined') {
+  global.TextEncoder = FSTED.TextEncoder;
+}
+if (typeof global.TextDecoder === 'undefined') {
+  global.TextDecoder = FSTED.TextDecoder;
+}
+
+// 3) Provide atob / btoa via react-native-quick-base64
+import { atob, btoa } from 'react-native-quick-base64';
+
+if (typeof global.atob === 'undefined') {
+  global.atob = atob;
+}
+if (typeof global.btoa === 'undefined') {
+  global.btoa = btoa;
+}
+
+// 4) Patch node-forge with react-native-modpow for faster RSA ops
+import Forge from 'node-forge';
+import modPow from 'react-native-modpow';
+
+Forge.jsbn.BigInteger.prototype.modPow = function nativeModPow(e, m) {
+  const result = modPow({
+    target: this.toString(16),
+    value: e.toString(16),
+    modifier: m.toString(16),
+  });
+  return new Forge.jsbn.BigInteger(result, 16);
+};
+
+// 5) Provide global Buffer
+import { Buffer } from '@craftzdog/react-native-buffer';
+if (typeof global.Buffer === 'undefined') {
+  global.Buffer = Buffer;
+}