@maci-protocol/coordinator 0.0.0-ci.01622be

package/build/tests/e2e.deploy.test.js

@@ -0,0 +1,282 @@
+import { Keypair } from "@maci-protocol/domainobjs";
+import { ContractStorage, joinPoll, signup, sleep } from "@maci-protocol/sdk";
+import { ValidationPipe } from "@nestjs/common";
+import { Test } from "@nestjs/testing";
+import dotenv from "dotenv";
+import { io } from "socket.io-client";
+import { zeroAddress } from "viem";
+import path from "path";
+import { AppModule } from "../ts/app.module";
+import { ESupportedNetworks, getSigner } from "../ts/common";
+import { getPublicClient } from "../ts/common/accountAbstraction";
+import { coordinatorMACIKeypair, pollStartDateExtraSeconds, testMaciDeploymentConfig, testPollDeploymentConfig, } from "../ts/deployer/__tests__/utils";
+import { DeployerModule } from "../ts/deployer/deployer.module";
+import { FileModule } from "../ts/file/file.module";
+import { ProofModule } from "../ts/proof/proof.module";
+import { generateApproval, getKernelAccount } from "../ts/sessionKeys/__tests__/utils";
+import { SessionKeysModule } from "../ts/sessionKeys/sessionKeys.module";
+import { pollJoiningTestZkeyPath, testPollJoiningWasmPath, testPollJoiningWitnessPath, testRapidsnarkPath, zeroUint256Encoded, } from "./constants";
+import { encryptWithCoordinatorRSAPublicKey, getAuthorizationHeader, rechargeGasIfNeeded } from "./utils";
+dotenv.config();
+jest.setTimeout(700000); // Sets timeout to 700 seconds
+const TEST_URL = "http://localhost:3000/v1";
+const CHAIN = ESupportedNetworks.OPTIMISM_SEPOLIA;
+const REGEX_SUBGRAPH = /^https:\/\/api\.studio\.thegraph\.com\/query\/\d+\/maci-subgraph\/v0\.0\.\d+$/;
+const NUM_USERS = 1;
+const VOTE_OPTIONS = {
+    "0": 0,
+    "1": 0,
+};
+describe("E2E Deployment Tests", () => {
+    let signer;
+    let encryptedHeader;
+    let sessionKeyAddress;
+    let approval;
+    let app;
+    let socket;
+    const publicClient = getPublicClient(CHAIN);
+    let maciAddress;
+    let pollId;
+    const pollDuration = 600;
+    // set up coordinator address
+    beforeAll(async () => {
+        signer = getSigner(CHAIN);
+        encryptedHeader = await getAuthorizationHeader(signer);
+        process.env.COORDINATOR_ADDRESSES = await signer.getAddress();
+        await rechargeGasIfNeeded(process.env.COORDINATOR_ADDRESSES, "0.007", "0.007");
+    });
+    // set up NestJS app
+    beforeAll(async () => {
+        const moduleFixture = await Test.createTestingModule({
+            imports: [AppModule, FileModule, DeployerModule, ProofModule, SessionKeysModule],
+        }).compile();
+        app = moduleFixture.createNestApplication();
+        app.useGlobalPipes(new ValidationPipe({ transform: true }));
+        await app.init();
+        await app.listen(3000);
+    });
+    afterAll(async () => {
+        await app.close();
+        const storageInstance = ContractStorage.getInstance(path.join(process.cwd(), "deployed-contracts.json"));
+        storageInstance.cleanup(CHAIN);
+    });
+    // set up auth header in WS connection
+    beforeEach(async () => {
+        const authorization = await getAuthorizationHeader(signer);
+        await new Promise((resolve) => {
+            app.getUrl().then((url) => {
+                socket = io(url, {
+                    extraHeaders: {
+                        authorization,
+                    },
+                });
+                socket.on("connect", () => {
+                    resolve(true);
+                });
+            });
+        });
+    });
+    afterEach(() => {
+        socket.disconnect();
+    });
+    // run tests
+    test("should retrieve RSA public key", async () => {
+        const response = await fetch(`${TEST_URL}/proof/publicKey`, {
+            method: "GET",
+        });
+        const body = (await response.json());
+        expect(response.status).toBe(200);
+        expect(body.publicKey).toBeDefined();
+        // this RSA should be used in the encrypted auth header and the encrypted coordinator maci private key
+    });
+    test("should retrieve the session key address", async () => {
+        const response = await fetch(`${TEST_URL}/session-keys/generate`, {
+            method: "GET",
+            headers: {
+                Authorization: encryptedHeader,
+            },
+        });
+        const body = (await response.json());
+        expect(response.status).toBe(200);
+        expect(body.sessionKeyAddress).not.toBe(zeroAddress);
+        // save them for next tests
+        sessionKeyAddress = body.sessionKeyAddress;
+        approval = await generateApproval(sessionKeyAddress);
+        const sessionKeyAccount = await getKernelAccount(sessionKeyAddress);
+        await rechargeGasIfNeeded(sessionKeyAccount.address, "0.03", "0.03");
+    });
+    test("should deploy MACI correctly", async () => {
+        const config = testMaciDeploymentConfig;
+        config.VerifyingKeysRegistry.args.stateTreeDepth = config.VerifyingKeysRegistry.args.stateTreeDepth.toString();
+        config.VerifyingKeysRegistry.args.pollStateTreeDepth =
+            config.VerifyingKeysRegistry.args.pollStateTreeDepth.toString();
+        config.VerifyingKeysRegistry.args.tallyProcessingStateTreeDepth =
+            config.VerifyingKeysRegistry.args.tallyProcessingStateTreeDepth.toString();
+        config.VerifyingKeysRegistry.args.voteOptionTreeDepth =
+            config.VerifyingKeysRegistry.args.voteOptionTreeDepth.toString();
+        const response = await fetch(`${TEST_URL}/deploy/maci`, {
+            method: "POST",
+            headers: {
+                Authorization: encryptedHeader,
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                approval,
+                sessionKeyAddress,
+                chain: CHAIN,
+                config,
+            }),
+        });
+        const body = (await response.json());
+        expect(response.status).toBe(201);
+        expect(body.address).not.toBe(zeroAddress);
+        // save them for next tests
+        maciAddress = body.address;
+    });
+    test("should deploy a poll correctly", async () => {
+        const config = testPollDeploymentConfig;
+        config.voteOptions = config.voteOptions.toString();
+        const startDate = Math.floor(Date.now() / 1000) + pollStartDateExtraSeconds;
+        config.startDate = startDate;
+        config.endDate = startDate + pollDuration;
+        const response = await fetch(`${TEST_URL}/deploy/poll`, {
+            method: "POST",
+            headers: {
+                Authorization: encryptedHeader,
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                chain: CHAIN,
+                config,
+            }),
+        });
+        const body = (await response.json());
+        expect(response.status).toBe(201);
+        expect(body.pollId).toBeDefined();
+        // save them for next tests
+        pollId = BigInt(body.pollId);
+    });
+    test("should allow voting on a poll", async () => {
+        await sleep(pollStartDateExtraSeconds * 1000);
+        for (let i = 0; i < NUM_USERS; i += 1) {
+            const keypairUser = new Keypair();
+            const userPublicKey = keypairUser.publicKey.serialize();
+            const userPrivateKey = keypairUser.privateKey.serialize();
+            const vote = i % 2;
+            VOTE_OPTIONS[String(vote)] += 1;
+            // user signs up to MACI
+            // eslint-disable-next-line no-await-in-loop
+            await signup({
+                maciAddress,
+                maciPublicKey: userPublicKey,
+                sgData: zeroUint256Encoded,
+                signer,
+            });
+            // user joins the poll
+            // eslint-disable-next-line no-await-in-loop
+            await joinPoll({
+                maciAddress,
+                privateKey: userPrivateKey,
+                stateIndex: 1n,
+                pollId: BigInt(pollId),
+                pollJoiningZkey: pollJoiningTestZkeyPath,
+                useWasm: true,
+                pollWasm: testPollJoiningWasmPath,
+                pollWitgen: testPollJoiningWitnessPath,
+                rapidsnark: testRapidsnarkPath,
+                sgDataArg: zeroUint256Encoded,
+                ivcpDataArg: zeroUint256Encoded,
+                signer,
+            });
+        }
+    });
+    test("should deploy a subgraph correctly", async () => {
+        const blockNumber = await publicClient.getBlockNumber();
+        const response = await fetch(`${TEST_URL}/subgraph/deploy`, {
+            method: "POST",
+            headers: {
+                Authorization: encryptedHeader,
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                maciContractAddress: maciAddress,
+                startBlock: Number(blockNumber),
+                network: CHAIN,
+                name: process.env.SUBGRAPH_NAME,
+                tag: `v0.0.${blockNumber}`, // different versions per test using block number
+            }),
+        });
+        const body = (await response.json());
+        const { url } = body;
+        expect(response.status).toBe(201);
+        expect(body.url).toBeDefined();
+        expect(REGEX_SUBGRAPH.test(url)).toBe(true);
+    });
+    test("should merge correctly", async () => {
+        await sleep(pollDuration * 2000);
+        const response = await fetch(`${TEST_URL}/proof/merge`, {
+            method: "POST",
+            headers: {
+                Authorization: encryptedHeader,
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                maciContractAddress: maciAddress,
+                pollId: Number(pollId),
+                approval,
+                sessionKeyAddress,
+                chain: CHAIN,
+            }),
+        });
+        expect(response.status).toBe(201);
+    });
+    test("should generate proofs correctly", async () => {
+        const blockNumber = await publicClient.getBlockNumber();
+        const encryptedCoordinatorPrivateKey = await encryptWithCoordinatorRSAPublicKey(coordinatorMACIKeypair.privateKey.serialize());
+        const response = await fetch(`${TEST_URL}/proof/generate`, {
+            method: "POST",
+            headers: {
+                Authorization: encryptedHeader,
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                poll: Number(pollId),
+                maciContractAddress: maciAddress,
+                mode: testPollDeploymentConfig.mode,
+                encryptedCoordinatorPrivateKey,
+                startBlock: Number(blockNumber) - 100,
+                endBlock: Number(blockNumber) + 100,
+                blocksPerBatch: 20,
+                approval,
+                sessionKeyAddress,
+                chain: CHAIN,
+            }),
+        });
+        const body = (await response.json());
+        expect(response.status).toBe(201);
+        expect(body.processProofs).toBeDefined();
+        expect(body.processProofs.length).toBeGreaterThan(0);
+        expect(body.tallyProofs).toBeDefined();
+        expect(body.tallyProofs.length).toBeGreaterThan(0);
+        expect(body.tallyData).toBeDefined();
+        expect(body.tallyData.results).toBeDefined();
+    });
+    test("should submit results on-chain correctly", async () => {
+        const response = await fetch(`${TEST_URL}/proof/submit`, {
+            method: "POST",
+            headers: {
+                Authorization: encryptedHeader,
+                "Content-Type": "application/json",
+            },
+            body: JSON.stringify({
+                pollId: Number(pollId),
+                maciContractAddress: maciAddress,
+                approval,
+                sessionKeyAddress,
+                chain: CHAIN,
+            }),
+        });
+        expect(response.status).toBe(201);
+    });
+});
+//# sourceMappingURL=e2e.deploy.test.js.map

package/build/tests/e2e.deploy.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"e2e.deploy.test.js","sourceRoot":"","sources":["../../tests/e2e.deploy.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,2BAA2B,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC9E,OAAO,EAAE,cAAc,EAAyB,MAAM,gBAAgB,CAAC;AACvE,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,MAAM,MAAM,QAAQ,CAAC;AAE5B,OAAO,EAAU,EAAE,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAO,WAAW,EAAE,MAAM,MAAM,CAAC;AAExC,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EACL,sBAAsB,EACtB,yBAAyB,EACzB,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,gCAAgC,CAAC;AACxC,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAEhE,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AAEvD,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACvF,OAAO,EAAE,iBAAiB,EAAE,MAAM,sCAAsC,CAAC;AAIzE,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,0BAA0B,EAC1B,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,kCAAkC,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,SAAS,CAAC;AAE1G,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,8BAA8B;AAEvD,MAAM,QAAQ,GAAG,0BAA0B,CAAC;AAC5C,MAAM,KAAK,GAAG,kBAAkB,CAAC,gBAAgB,CAAC;AAElD,MAAM,cAAc,GAAG,+EAA+E,CAAC;AAEvG,MAAM,SAAS,GAAG,CAAC,CAAC;AACpB,MAAM,YAAY,GAA2B;IAC3C,GAAG,EAAE,CAAC;IACN,GAAG,EAAE,CAAC;CACP,CAAC;AAEF,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,IAAI,MAAc,CAAC;IACnB,IAAI,eAAuB,CAAC;IAC5B,IAAI,iBAAsB,CAAC;IAC3B,IAAI,QAAgB,CAAC;IAErB,IAAI,GAAqB,CAAC;IAC1B,IAAI,MAAc,CAAC;IACnB,MAAM,YAAY,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IAE5C,IAAI,WAAgB,CAAC;IACrB,IAAI,MAAc,CAAC;IAEnB,MAAM,YAAY,GAAG,GAAG,CAAC;IAEzB,6BAA6B;IAC7B,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;QAC1B,eAAe,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,qBAAqB,GAAG,MAAM,MAAM,CAAC,UAAU,EAAE,CAAC;QAC9D,MAAM,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAAC,qBAA4B,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IACxF,CAAC,CAAC,CAAC;IAEH,oBAAoB;IACpB,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;YACnD,OAAO,EAAE,CAAC,SAAS,EAAE,UAAU,EAAE,cAAc,EAAE,WAAW,EAAE,iBAAiB,CAAC;SACjF,CAAC,CAAC,OAAO,EAAE,CAAC;QACb,GAAG,GAAG,aAAa,CAAC,qBAAqB,EAAE,CAAC;QAC5C,GAAG,CAAC,cAAc,CAAC,IAAI,cAAc,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC5D,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,KAAK,IAAI,EAAE;QAClB,MAAM,GAAG,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,eAAe,GAAG,eAAe,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,yBAAyB,CAAC,CAAC,CAAC;QACzG,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,sCAAsC;IACtC,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,MAAM,aAAa,GAAG,MAAM,sBAAsB,CAAC,MAAM,CAAC,CAAC;QAE3D,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC5B,GAAG,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;gBACxB,MAAM,GAAG,EAAE,CAAC,GAAG,EAAE;oBACf,YAAY,EAAE;wBACZ,aAAa;qBACd;iBACF,CAAC,CAAC;gBACH,MAAM,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;oBACxB,OAAO,CAAC,IAAI,CAAC,CAAC;gBAChB,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,SAAS,CAAC,GAAG,EAAE;QACb,MAAM,CAAC,UAAU,EAAE,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,YAAY;IACZ,IAAI,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,kBAAkB,EAAE;YAC1D,MAAM,EAAE,KAAK;SACd,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAsB,CAAC;QAC1D,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QAErC,sGAAsG;IACxG,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACzD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,wBAAwB,EAAE;YAChE,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,aAAa,EAAE,eAAe;aAC/B;SACF,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA8B,CAAC;QAClE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAErD,2BAA2B;QAC3B,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAC3C,QAAQ,GAAG,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,CAAC;QACrD,MAAM,iBAAiB,GAAG,MAAM,gBAAgB,CAAC,iBAAiB,CAAC,CAAC;QACpE,MAAM,mBAAmB,CAAC,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,8BAA8B,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,MAAM,GAAG,wBAAwB,CAAC;QACxC,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;QAC/G,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,kBAAkB;YAClD,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,kBAAkB,CAAC,QAAQ,EAAE,CAAC;QAClE,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,6BAA6B;YAC7D,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,6BAA6B,CAAC,QAAQ,EAAE,CAAC;QAC7E,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB;YACnD,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,EAAE,CAAC;QAEnE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,cAAc,EAAE;YACtD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,eAAe;gBAC9B,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,QAAQ;gBACR,iBAAiB;gBACjB,KAAK,EAAE,KAAK;gBACZ,MAAM;aACY,CAAC;SACtB,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAwB,CAAC;QAE5D,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAE3C,2BAA2B;QAC3B,WAAW,GAAG,IAAI,CAAC,OAAc,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAChD,MAAM,MAAM,GAAG,wBAAwB,CAAC;QACxC,MAAM,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,CAAC;QAEnD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,yBAAyB,CAAC;QAC5E,MAAM,CAAC,SAAS,GAAG,SAAS,CAAC;QAC7B,MAAM,CAAC,OAAO,GAAG,SAAS,GAAG,YAAY,CAAC;QAE1C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,cAAc,EAAE;YACtD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,eAAe;gBAC9B,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK,EAAE,KAAK;gBACZ,MAAM;aACY,CAAC;SACtB,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAuB,CAAC;QAC3D,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QAElC,2BAA2B;QAC3B,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,KAAK,CAAC,yBAAyB,GAAG,IAAI,CAAC,CAAC;QAC9C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;YACtC,MAAM,WAAW,GAAG,IAAI,OAAO,EAAE,CAAC;YAClC,MAAM,aAAa,GAAG,WAAW,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC;YACxD,MAAM,cAAc,GAAG,WAAW,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;YAC1D,MAAM,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC;YAEhC,wBAAwB;YACxB,4CAA4C;YAC5C,MAAM,MAAM,CAAC;gBACX,WAAW;gBACX,aAAa,EAAE,aAAa;gBAC5B,MAAM,EAAE,kBAAkB;gBAC1B,MAAM;aACP,CAAC,CAAC;YAEH,sBAAsB;YACtB,4CAA4C;YAC5C,MAAM,QAAQ,CAAC;gBACb,WAAW;gBACX,UAAU,EAAE,cAAc;gBAC1B,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC;gBACtB,eAAe,EAAE,uBAAuB;gBACxC,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,uBAAuB;gBACjC,UAAU,EAAE,0BAA0B;gBACtC,UAAU,EAAE,kBAAkB;gBAC9B,SAAS,EAAE,kBAAkB;gBAC7B,WAAW,EAAE,kBAAkB;gBAC/B,MAAM;aACP,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;QACpD,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,cAAc,EAAE,CAAC;QACxD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,kBAAkB,EAAE;YAC1D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,eAAe;gBAC9B,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,mBAAmB,EAAE,WAAW;gBAChC,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC;gBAC/B,OAAO,EAAE,KAAK;gBACd,IAAI,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa;gBAC/B,GAAG,EAAE,QAAQ,WAAW,EAAE,EAAE,iDAAiD;aACvD,CAAC;SAC1B,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;QACxD,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;QAErB,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/B,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,wBAAwB,EAAE,KAAK,IAAI,EAAE;QACxC,MAAM,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,cAAc,EAAE;YACtD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,eAAe;gBAC9B,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,mBAAmB,EAAE,WAAW;gBAChC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC;gBACtB,QAAQ;gBACR,iBAAiB;gBACjB,KAAK,EAAE,KAAK;aACC,CAAC;SACjB,CAAC,CAAC;QAEH,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;QAClD,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,cAAc,EAAE,CAAC;QACxD,MAAM,8BAA8B,GAAG,MAAM,kCAAkC,CAC7E,sBAAsB,CAAC,UAAU,CAAC,SAAS,EAAE,CAC9C,CAAC;QAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,iBAAiB,EAAE;YACzD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,eAAe;gBAC9B,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC;gBACpB,mBAAmB,EAAE,WAAW;gBAChC,IAAI,EAAE,wBAAwB,CAAC,IAAI;gBACnC,8BAA8B;gBAC9B,UAAU,EAAE,MAAM,CAAC,WAAW,CAAC,GAAG,GAAG;gBACrC,QAAQ,EAAE,MAAM,CAAC,WAAW,CAAC,GAAG,GAAG;gBACnC,cAAc,EAAE,EAAE;gBAClB,QAAQ;gBACR,iBAAiB;gBACjB,KAAK,EAAE,KAAK;aACI,CAAC;SACpB,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAkB,CAAC;QAEtD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACnD,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;QAC1D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,QAAQ,eAAe,EAAE;YACvD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,eAAe;gBAC9B,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC;gBACtB,mBAAmB,EAAE,WAAW;gBAChC,QAAQ;gBACR,iBAAiB;gBACjB,KAAK,EAAE,KAAK;aACQ,CAAC;SACxB,CAAC,CAAC;QAEH,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/build/tests/utils.d.ts

@@ -0,0 +1,20 @@
+import { type Signer } from "ethers";
+import { Hex } from "viem";
+/**
+ * Encrypt a message using the coordinator's public key
+ * @param message to encrypt
+ * @returns encrypted message (ciphertext)
+ */
+export declare const encryptWithCoordinatorRSAPublicKey: (message: string) => Promise<string>;
+/**
+ * Sign a message with a wallet and encrypt it using the coordinator's public key
+ * @param signer
+ * @returns Authorization header
+ */
+export declare const getAuthorizationHeader: (signer: Signer) => Promise<string>;
+/**
+ * Reloads with ETH in case the smart account is out of gas (less than 0.05)
+ * @param sessionKeyAddress
+ */
+export declare const rechargeGasIfNeeded: (address: Hex, minimumValueOfEther: string, valueToSendOfEther: string) => Promise<void>;
+//# sourceMappingURL=utils.d.ts.map

package/build/tests/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../tests/utils.ts"],"names":[],"mappings":"AACA,OAAO,EAAyB,KAAK,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC5D,OAAO,EAAmC,GAAG,EAAoB,MAAM,MAAM,CAAC;AAY9E;;;;GAIG;AACH,eAAO,MAAM,kCAAkC,GAAU,SAAS,MAAM,KAAG,OAAO,CAAC,MAAM,CAIxF,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,GAAU,QAAQ,MAAM,KAAG,OAAO,CAAC,MAAM,CAK3E,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,mBAAmB,GAC9B,SAAS,GAAG,EACZ,qBAAqB,MAAM,EAC3B,oBAAoB,MAAM,KACzB,OAAO,CAAC,IAAI,CAgBd,CAAC"}

package/build/tests/utils.js

@@ -0,0 +1,53 @@
+import dotenv from "dotenv";
+import { getBytes, hashMessage } from "ethers";
+import { createWalletClient, formatEther, http, parseEther } from "viem";
+import { privateKeyToAccount } from "viem/accounts";
+import { optimismSepolia } from "viem/chains";
+import fs from "fs";
+import { ESupportedNetworks } from "../ts/common";
+import { getPublicClient } from "../ts/common/accountAbstraction";
+import { CryptoService } from "../ts/crypto/crypto.service";
+dotenv.config();
+/**
+ * Encrypt a message using the coordinator's public key
+ * @param message to encrypt
+ * @returns encrypted message (ciphertext)
+ */
+export const encryptWithCoordinatorRSAPublicKey = async (message) => {
+    const cryptoService = new CryptoService();
+    const publicKey = await fs.promises.readFile(process.env.COORDINATOR_PUBLIC_KEY_PATH);
+    return cryptoService.encrypt(publicKey, message);
+};
+/**
+ * Sign a message with a wallet and encrypt it using the coordinator's public key
+ * @param signer
+ * @returns Authorization header
+ */
+export const getAuthorizationHeader = async (signer) => {
+    const signature = await signer.signMessage("message");
+    const digest = Buffer.from(getBytes(hashMessage("message"))).toString("hex");
+    const encrypted = await encryptWithCoordinatorRSAPublicKey(`${signature}:${digest}`);
+    return `Bearer ${encrypted}`;
+};
+/**
+ * Reloads with ETH in case the smart account is out of gas (less than 0.05)
+ * @param sessionKeyAddress
+ */
+export const rechargeGasIfNeeded = async (address, minimumValueOfEther, valueToSendOfEther) => {
+    const publicClient = getPublicClient(ESupportedNetworks.OPTIMISM_SEPOLIA);
+    const balance = await publicClient.getBalance({ address });
+    const balanceAsEther = formatEther(balance);
+    if (balanceAsEther <= minimumValueOfEther) {
+        const testAccount = privateKeyToAccount(process.env.TEST_PRIVATE_KEY);
+        const walletClient = createWalletClient({
+            chain: optimismSepolia,
+            transport: http(),
+        });
+        await walletClient.sendTransaction({
+            account: testAccount,
+            to: address,
+            value: parseEther(valueToSendOfEther),
+        });
+    }
+};
+//# sourceMappingURL=utils.js.map

package/build/tests/utils.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../tests/utils.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAe,MAAM,QAAQ,CAAC;AAC5D,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAO,IAAI,EAAE,UAAU,EAAE,MAAM,MAAM,CAAC;AAC9E,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9C,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,cAAc,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAE5D,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB;;;;GAIG;AACH,MAAM,CAAC,MAAM,kCAAkC,GAAG,KAAK,EAAE,OAAe,EAAmB,EAAE;IAC3F,MAAM,aAAa,GAAG,IAAI,aAAa,EAAE,CAAC;IAC1C,MAAM,SAAS,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,2BAA4B,CAAC,CAAC;IACvF,OAAO,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;AACnD,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAG,KAAK,EAAE,MAAc,EAAmB,EAAE;IAC9E,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IACtD,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC7E,MAAM,SAAS,GAAG,MAAM,kCAAkC,CAAC,GAAG,SAAS,IAAI,MAAM,EAAE,CAAC,CAAC;IACrF,OAAO,UAAU,SAAS,EAAE,CAAC;AAC/B,CAAC,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,KAAK,EACtC,OAAY,EACZ,mBAA2B,EAC3B,kBAA0B,EACX,EAAE;IACjB,MAAM,YAAY,GAAG,eAAe,CAAC,kBAAkB,CAAC,gBAAgB,CAAC,CAAC;IAC1E,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAC3D,MAAM,cAAc,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IAC5C,IAAI,cAAc,IAAI,mBAAmB,EAAE,CAAC;QAC1C,MAAM,WAAW,GAAG,mBAAmB,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAwB,CAAC,CAAC;QAC9E,MAAM,YAAY,GAAG,kBAAkB,CAAC;YACtC,KAAK,EAAE,eAAe;YACtB,SAAS,EAAE,IAAI,EAAE;SAClB,CAAC,CAAC;QACH,MAAM,YAAY,CAAC,eAAe,CAAC;YACjC,OAAO,EAAE,WAAW;YACpB,EAAE,EAAE,OAAO;YACX,KAAK,EAAE,UAAU,CAAC,kBAAkB,CAAC;SACtC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC"}

package/build/ts/app.module.d.ts

@@ -0,0 +1,3 @@
+export declare class AppModule {
+}
+//# sourceMappingURL=app.module.d.ts.map

package/build/ts/app.module.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"app.module.d.ts","sourceRoot":"","sources":["../../ts/app.module.ts"],"names":[],"mappings":"AAUA,qBAgBa,SAAS;CAAG"}

package/build/ts/app.module.js

@@ -0,0 +1,36 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+import { Module } from "@nestjs/common";
+import { ThrottlerModule } from "@nestjs/throttler";
+import { CryptoModule } from "./crypto/crypto.module";
+import { DeployerModule } from "./deployer/deployer.module";
+import { FileModule } from "./file/file.module";
+import { ProofModule } from "./proof/proof.module";
+import { SessionKeysModule } from "./sessionKeys/sessionKeys.module";
+import { SubgraphModule } from "./subgraph/subgraph.module";
+let AppModule = class AppModule {
+};
+AppModule = __decorate([
+    Module({
+        imports: [
+            ThrottlerModule.forRoot([
+                {
+                    ttl: Number(process.env.TTL),
+                    limit: Number(process.env.LIMIT),
+                },
+            ]),
+            FileModule,
+            CryptoModule,
+            SubgraphModule,
+            ProofModule,
+            SessionKeysModule,
+            DeployerModule,
+        ],
+    })
+], AppModule);
+export { AppModule };
+//# sourceMappingURL=app.module.js.map

package/build/ts/app.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"app.module.js","sourceRoot":"","sources":["../../ts/app.module.ts"],"names":[],"mappings":";;;;;;AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAC;AACxC,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAEpD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAkBrD,IAAM,SAAS,GAAf,MAAM,SAAS;CAAG,CAAA;AAAZ,SAAS;IAhBrB,MAAM,CAAC;QACN,OAAO,EAAE;YACP,eAAe,CAAC,OAAO,CAAC;gBACtB;oBACE,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;oBAC5B,KAAK,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC;iBACjC;aACF,CAAC;YACF,UAAU;YACV,YAAY;YACZ,cAAc;YACd,WAAW;YACX,iBAAiB;YACjB,cAAc;SACf;KACF,CAAC;GACW,SAAS,CAAG"}

package/build/ts/auth/AccountSignatureGuard.service.d.ts

@@ -0,0 +1,44 @@
+import { type CanActivate, type ExecutionContext, type CustomDecorator } from "@nestjs/common";
+import { Reflector } from "@nestjs/core";
+import { CryptoService } from "../crypto/crypto.service";
+/**
+ * Public metadata key
+ */
+export declare const PUBLIC_METADATA_KEY = "isPublic";
+/**
+ * Public decorator to by-pass auth checks
+ *
+ * @returns public decorator
+ */
+export declare const Public: () => CustomDecorator;
+/**
+ * AccountSignatureGuard is responsible for protecting calling controller and websocket gateway functions.
+ * If account address is not added to .env file, you will not be allowed to call any API methods.
+ * Make sure you send `Authorization: Bearer encrypt({signature}:{digest})` header where:
+ * 1. encrypt - RSA public encryption.
+ * 2. signature - eth wallet signature for any message
+ * 3. digest - hex representation of message digest
+ *
+ * ```
+ * const signature = await signer.signMessage("message");
+ * const digest = Buffer.from(getBytes(hashMessage("message"))).toString("hex");
+ * ```
+ * See tests for more details about authorization.
+ */
+export declare class AccountSignatureGuard implements CanActivate {
+    private readonly cryptoService;
+    private readonly reflector;
+    /**
+     * Logger
+     */
+    private readonly logger;
+    constructor(cryptoService: CryptoService, reflector: Reflector);
+    /**
+     * This function should return a boolean, indicating  whether the request is allowed or not based on message signature and digest.
+     *
+     * @param ctx - execution context
+     * @returns whether the request is allowed or not
+     */
+    canActivate(ctx: ExecutionContext): Promise<boolean>;
+}
+//# sourceMappingURL=AccountSignatureGuard.service.d.ts.map

package/build/ts/auth/AccountSignatureGuard.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccountSignatureGuard.service.d.ts","sourceRoot":"","sources":["../../../ts/auth/AccountSignatureGuard.service.ts"],"names":[],"mappings":"AAAA,OAAO,EAEL,KAAK,WAAW,EAGhB,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACrB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AASzC,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD;;GAEG;AACH,eAAO,MAAM,mBAAmB,aAAa,CAAC;AAE9C;;;;GAIG;AACH,eAAO,MAAM,MAAM,QAAO,eAAyD,CAAC;AAEpF;;;;;;;;;;;;;GAaG;AACH,qBACa,qBAAsB,YAAW,WAAW;IAOrD,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAP5B;;OAEG;IACH,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;gBAGb,aAAa,EAAE,aAAa,EAC5B,SAAS,EAAE,SAAS;IAKvC;;;;;OAKG;IACG,WAAW,CAAC,GAAG,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;CAqC3D"}

package/build/ts/auth/AccountSignatureGuard.service.js

@@ -0,0 +1,96 @@
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var AccountSignatureGuard_1;
+import { Logger, Injectable, SetMetadata, } from "@nestjs/common";
+import { Reflector } from "@nestjs/core";
+import { ethers } from "ethers";
+import fs from "fs";
+import path from "path";
+import { CryptoService } from "../crypto/crypto.service";
+/**
+ * Public metadata key
+ */
+export const PUBLIC_METADATA_KEY = "isPublic";
+/**
+ * Public decorator to by-pass auth checks
+ *
+ * @returns public decorator
+ */
+export const Public = () => SetMetadata(PUBLIC_METADATA_KEY, true);
+/**
+ * AccountSignatureGuard is responsible for protecting calling controller and websocket gateway functions.
+ * If account address is not added to .env file, you will not be allowed to call any API methods.
+ * Make sure you send `Authorization: Bearer encrypt({signature}:{digest})` header where:
+ * 1. encrypt - RSA public encryption.
+ * 2. signature - eth wallet signature for any message
+ * 3. digest - hex representation of message digest
+ *
+ * ```
+ * const signature = await signer.signMessage("message");
+ * const digest = Buffer.from(getBytes(hashMessage("message"))).toString("hex");
+ * ```
+ * See tests for more details about authorization.
+ */
+let AccountSignatureGuard = AccountSignatureGuard_1 = class AccountSignatureGuard {
+    cryptoService;
+    reflector;
+    /**
+     * Logger
+     */
+    logger;
+    constructor(cryptoService, reflector) {
+        this.cryptoService = cryptoService;
+        this.reflector = reflector;
+        this.logger = new Logger(AccountSignatureGuard_1.name);
+    }
+    /**
+     * This function should return a boolean, indicating  whether the request is allowed or not based on message signature and digest.
+     *
+     * @param ctx - execution context
+     * @returns whether the request is allowed or not
+     */
+    async canActivate(ctx) {
+        try {
+            const isPublic = this.reflector.get(PUBLIC_METADATA_KEY, ctx.getHandler());
+            if (isPublic) {
+                return true;
+            }
+            const request = ctx.switchToHttp().getRequest();
+            const socket = ctx.switchToWs().getClient();
+            const encryptedHeader = socket.handshake?.headers.authorization || request.headers?.authorization;
+            if (!encryptedHeader) {
+                this.logger.warn("No authorization header");
+                return false;
+            }
+            const privateKey = await fs.promises.readFile(path.resolve(process.env.COORDINATOR_PRIVATE_KEY_PATH));
+            const [signature, digest] = this.cryptoService
+                .decrypt(privateKey, encryptedHeader.replace("Bearer", "").trim())
+                .split(":");
+            if (!signature || !digest) {
+                this.logger.warn("No signature or digest");
+                return false;
+            }
+            const address = ethers.recoverAddress(Buffer.from(digest, "hex"), signature).toLowerCase();
+            const coordinatorAddress = process.env.COORDINATOR_ADDRESSES?.split(",").map((value) => value.toLowerCase()) ?? [];
+            return coordinatorAddress.includes(address);
+        }
+        catch (error) {
+            this.logger.error("Error", error);
+            return false;
+        }
+    }
+};
+AccountSignatureGuard = AccountSignatureGuard_1 = __decorate([
+    Injectable(),
+    __metadata("design:paramtypes", [CryptoService,
+        Reflector])
+], AccountSignatureGuard);
+export { AccountSignatureGuard };
+//# sourceMappingURL=AccountSignatureGuard.service.js.map

package/build/ts/auth/AccountSignatureGuard.service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccountSignatureGuard.service.js","sourceRoot":"","sources":["../../../ts/auth/AccountSignatureGuard.service.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,OAAO,EACL,MAAM,EAEN,UAAU,EACV,WAAW,GAGZ,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAEhC,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAKxB,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAEzD;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,UAAU,CAAC;AAE9C;;;;GAIG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,GAAoB,EAAE,CAAC,WAAW,CAAC,mBAAmB,EAAE,IAAI,CAAC,CAAC;AAEpF;;;;;;;;;;;;;GAaG;AAEI,IAAM,qBAAqB,6BAA3B,MAAM,qBAAqB;IAOb;IACA;IAPnB;;OAEG;IACc,MAAM,CAAS;IAEhC,YACmB,aAA4B,EAC5B,SAAoB;QADpB,kBAAa,GAAb,aAAa,CAAe;QAC5B,cAAS,GAAT,SAAS,CAAW;QAErC,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,uBAAqB,CAAC,IAAI,CAAC,CAAC;IACvD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CAAC,GAAqB;QACrC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAU,mBAAmB,EAAE,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;YAEpF,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,OAAO,GAAG,GAAG,CAAC,YAAY,EAAE,CAAC,UAAU,EAAgB,CAAC;YAC9D,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,EAAE,CAAC,SAAS,EAAmB,CAAC;YAC7D,MAAM,eAAe,GAAG,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,OAAO,EAAE,aAAa,CAAC;YAElG,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBAC5C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,4BAA6B,CAAC,CAAC,CAAC;YACvG,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,GAAG,IAAI,CAAC,aAAa;iBAC3C,OAAO,CAAC,UAAU,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;iBACjE,KAAK,CAAC,GAAG,CAAC,CAAC;YAEd,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC1B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;gBAC3C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAC3F,MAAM,kBAAkB,GACtB,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;YAE1F,OAAO,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAClC,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF,CAAA;AAxDY,qBAAqB;IADjC,UAAU,EAAE;qCAQuB,aAAa;QACjB,SAAS;GAR5B,qBAAqB,CAwDjC"}

package/build/ts/auth/__tests__/AccountSignatureGuard.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=AccountSignatureGuard.test.d.ts.map

package/build/ts/auth/__tests__/AccountSignatureGuard.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccountSignatureGuard.test.d.ts","sourceRoot":"","sources":["../../../../ts/auth/__tests__/AccountSignatureGuard.test.ts"],"names":[],"mappings":""}