@mysten/sui 1.16.2 → 1.17.0

package/package.json

@@ -3,7 +3,7 @@
   "author": "Mysten Labs <build@mystenlabs.com>",
   "description": "Sui TypeScript API(Work in Progress)",
   "homepage": "https://sdk.mystenlabs.com",
-  "version": "1.16.2",
+  "version": "1.17.0",
   "license": "Apache-2.0",
   "sideEffects": false,
   "files": [
@@ -62,6 +62,10 @@
       "import": "./dist/esm/keypairs/secp256r1/index.js",
       "require": "./dist/cjs/keypairs/secp256r1/index.js"
     },
+    "./keypairs/passkey": {
+      "import": "./dist/esm/keypairs/passkey/index.js",
+      "require": "./dist/cjs/keypairs/passkey/index.js"
+    },
     "./multisig": {
       "import": "./dist/esm/multisig/index.js",
       "require": "./dist/cjs/multisig/index.js"
@@ -126,6 +130,7 @@
     "@noble/hashes": "^1.4.0",
     "@scure/bip32": "^1.4.0",
     "@scure/bip39": "^1.3.0",
+    "@simplewebauthn/typescript-types": "^7.4.0",
     "@suchipi/femver": "^1.0.0",
     "bech32": "^2.0.0",
     "gql.tada": "^1.8.2",

package/src/bcs/bcs.ts

@@ -298,3 +298,9 @@ export const SenderSignedTransaction = bcs.struct('SenderSignedTransaction', {
 export const SenderSignedData = bcs.vector(SenderSignedTransaction, {
 	name: 'SenderSignedData',
 });
+
+export const PasskeyAuthenticator = bcs.struct('PasskeyAuthenticator', {
+	authenticatorData: bcs.vector(bcs.u8()),
+	clientDataJson: bcs.string(),
+	userSignature: bcs.vector(bcs.u8()),
+});

package/src/bcs/index.ts

@@ -20,6 +20,7 @@ import {
 	MultiSigPublicKey,
 	ObjectArg,
 	ObjectDigest,
+	PasskeyAuthenticator,
 	ProgrammableMoveCall,
 	ProgrammableTransaction,
 	PublicKey,
@@ -82,6 +83,7 @@ const suiBcs = {
 	TransactionKind,
 	TypeTag,
 	TransactionEffects,
+	PasskeyAuthenticator,
 };
 
 export { suiBcs as bcs };

package/src/cryptography/signature-scheme.ts

@@ -7,6 +7,7 @@ export const SIGNATURE_SCHEME_TO_FLAG = {
 	Secp256r1: 0x02,
 	MultiSig: 0x03,
 	ZkLogin: 0x05,
+	Passkey: 0x06,
 } as const;
 
 export const SIGNATURE_SCHEME_TO_SIZE = {
@@ -21,8 +22,15 @@ export const SIGNATURE_FLAG_TO_SCHEME = {
 	0x02: 'Secp256r1',
 	0x03: 'MultiSig',
 	0x05: 'ZkLogin',
+	0x06: 'Passkey',
 } as const;
 
-export type SignatureScheme = 'ED25519' | 'Secp256k1' | 'Secp256r1' | 'MultiSig' | 'ZkLogin';
+export type SignatureScheme =
+	| 'ED25519'
+	| 'Secp256k1'
+	| 'Secp256r1'
+	| 'MultiSig'
+	| 'ZkLogin'
+	| 'Passkey';
 
 export type SignatureFlag = keyof typeof SIGNATURE_FLAG_TO_SCHEME;

package/src/cryptography/signature.ts

@@ -4,6 +4,7 @@
 import { fromBase64, toBase64 } from '@mysten/bcs';
 
 import { bcs } from '../bcs/index.js';
+import { parseSerializedPasskeySignature } from '../keypairs/passkey/publickey.js';
 import type { MultiSigStruct } from '../multisig/publickey.js';
 import { parseSerializedZkLoginSignature } from '../zklogin/publickey.js';
 import type { PublicKey } from './publickey.js';
@@ -55,6 +56,8 @@ export function parseSerializedSignature(serializedSignature: string) {
 		SIGNATURE_FLAG_TO_SCHEME[bytes[0] as keyof typeof SIGNATURE_FLAG_TO_SCHEME];
 
 	switch (signatureScheme) {
+		case 'Passkey':
+			return parseSerializedPasskeySignature(serializedSignature);
 		case 'MultiSig':
 			const multisig: MultiSigStruct = bcs.MultiSig.parse(bytes.slice(1));
 			return {

package/src/keypairs/passkey/index.ts

@@ -0,0 +1,5 @@
+// Copyright (c) Mysten Labs, Inc.
+// SPDX-License-Identifier: Apache-2.0
+export { PasskeyKeypair, BrowserPasskeyProvider } from './keypair.js';
+export type { PasskeyProvider, BrowserPasswordProviderOptions } from './keypair.js';
+export { PasskeyPublicKey } from './publickey.js';

package/src/keypairs/passkey/keypair.ts

@@ -0,0 +1,209 @@
+// Copyright (c) Mysten Labs, Inc.
+// SPDX-License-Identifier: Apache-2.0
+
+import { toBase64 } from '@mysten/bcs';
+import { secp256r1 } from '@noble/curves/p256';
+import { blake2b } from '@noble/hashes/blake2b';
+import { randomBytes } from '@noble/hashes/utils';
+import type {
+	AuthenticationCredential,
+	RegistrationCredential,
+} from '@simplewebauthn/typescript-types';
+
+import { PasskeyAuthenticator } from '../../bcs/bcs.js';
+import type { IntentScope, SignatureWithBytes } from '../../cryptography/index.js';
+import { messageWithIntent, SIGNATURE_SCHEME_TO_FLAG, Signer } from '../../cryptography/index.js';
+import type { PublicKey } from '../../cryptography/publickey.js';
+import type { SignatureScheme } from '../../cryptography/signature-scheme.js';
+import {
+	parseDerSPKI,
+	PASSKEY_PUBLIC_KEY_SIZE,
+	PASSKEY_SIGNATURE_SIZE,
+	PasskeyPublicKey,
+} from './publickey.js';
+
+type DeepPartialConfigKeys = 'rp' | 'user' | 'authenticatorSelection';
+
+type DeepPartial<T> = T extends object
+	? {
+			[P in keyof T]?: DeepPartial<T[P]>;
+		}
+	: T;
+
+export type BrowserPasswordProviderOptions = Pick<
+	DeepPartial<PublicKeyCredentialCreationOptions>,
+	DeepPartialConfigKeys
+> &
+	Omit<
+		Partial<PublicKeyCredentialCreationOptions>,
+		DeepPartialConfigKeys | 'pubKeyCredParams' | 'challenge'
+	>;
+
+export interface PasskeyProvider {
+	create(): Promise<RegistrationCredential>;
+	get(challenge: Uint8Array): Promise<AuthenticationCredential>;
+}
+
+// Default browser implementation
+export class BrowserPasskeyProvider implements PasskeyProvider {
+	#name: string;
+	#options: BrowserPasswordProviderOptions;
+
+	constructor(name: string, options: BrowserPasswordProviderOptions) {
+		this.#name = name;
+		this.#options = options;
+	}
+
+	async create(): Promise<RegistrationCredential> {
+		return (await navigator.credentials.create({
+			publicKey: {
+				timeout: this.#options.timeout ?? 60000,
+				...this.#options,
+				rp: {
+					name: this.#name,
+					...this.#options.rp,
+				},
+				user: {
+					name: this.#name,
+					displayName: this.#name,
+					...this.#options.user,
+					id: randomBytes(10),
+				},
+				challenge: new TextEncoder().encode('Create passkey wallet on Sui'),
+				pubKeyCredParams: [{ alg: -7, type: 'public-key' }],
+				authenticatorSelection: {
+					authenticatorAttachment: 'cross-platform',
+					residentKey: 'required',
+					requireResidentKey: true,
+					userVerification: 'required',
+					...this.#options.authenticatorSelection,
+				},
+			},
+		})) as RegistrationCredential;
+	}
+
+	async get(challenge: Uint8Array): Promise<AuthenticationCredential> {
+		return (await navigator.credentials.get({
+			publicKey: {
+				challenge,
+				userVerification: this.#options.authenticatorSelection?.userVerification || 'required',
+				timeout: this.#options.timeout ?? 60000,
+			},
+		})) as AuthenticationCredential;
+	}
+}
+
+/**
+ * @experimental
+ * A passkey signer used for signing transactions. This is a client side implementation for [SIP-9](https://github.com/sui-foundation/sips/blob/main/sips/sip-9.md).
+ */
+export class PasskeyKeypair extends Signer {
+	private publicKey: Uint8Array;
+	private provider: PasskeyProvider;
+
+	/**
+	 * Get the key scheme of passkey,
+	 */
+	getKeyScheme(): SignatureScheme {
+		return 'Passkey';
+	}
+
+	/**
+	 * Creates an instance of Passkey signer. It's expected to call the static `getPasskeyInstance` method to create an instance.
+	 * For example:
+	 * ```
+	 * const signer = await PasskeyKeypair.getPasskeyInstance();
+	 * ```
+	 */
+	constructor(publicKey: Uint8Array, provider: PasskeyProvider) {
+		super();
+		this.publicKey = publicKey;
+		this.provider = provider;
+	}
+
+	/**
+	 * Creates an instance of Passkey signer invoking the passkey from navigator.
+	 */
+	static async getPasskeyInstance(provider: PasskeyProvider): Promise<PasskeyKeypair> {
+		// create a passkey secp256r1 with the provider.
+		const credential = await provider.create();
+
+		if (!credential.response.getPublicKey()) {
+			throw new Error('Invalid credential create response');
+		} else {
+			const derSPKI = credential.response.getPublicKey()!;
+			const pubkeyUncompressed = parseDerSPKI(new Uint8Array(derSPKI));
+			const pubkey = secp256r1.ProjectivePoint.fromHex(pubkeyUncompressed);
+			const pubkeyCompressed = pubkey.toRawBytes(true);
+			return new PasskeyKeypair(pubkeyCompressed, provider);
+		}
+	}
+
+	/**
+	 * Return the public key for this passkey.
+	 */
+	getPublicKey(): PublicKey {
+		return new PasskeyPublicKey(this.publicKey);
+	}
+
+	/**
+	 * Return the signature for the provided data (i.e. blake2b(intent_message)).
+	 * This is sent to passkey as the challenge field.
+	 */
+	async sign(data: Uint8Array) {
+		// sendss the passkey to sign over challenge as the data.
+		const credential = await this.provider.get(data);
+
+		// parse authenticatorData (as bytes), clientDataJSON (decoded as string).
+		const authenticatorData = new Uint8Array(credential.response.authenticatorData);
+		const clientDataJSON = new Uint8Array(credential.response.clientDataJSON); // response.clientDataJSON is already UTF-8 encoded JSON
+		const decoder = new TextDecoder();
+		const clientDataJSONString: string = decoder.decode(clientDataJSON);
+
+		// parse the signature from DER format, normalize and convert to compressed format (33 bytes).
+		const sig = secp256r1.Signature.fromDER(new Uint8Array(credential.response.signature));
+		const normalized = sig.normalizeS().toCompactRawBytes();
+
+		if (
+			normalized.length !== PASSKEY_SIGNATURE_SIZE ||
+			this.publicKey.length !== PASSKEY_PUBLIC_KEY_SIZE
+		) {
+			throw new Error('Invalid signature or public key length');
+		}
+
+		// construct userSignature as flag || sig || pubkey for the secp256r1 signature.
+		const arr = new Uint8Array(1 + normalized.length + this.publicKey.length);
+		arr.set([SIGNATURE_SCHEME_TO_FLAG['Secp256r1']]);
+		arr.set(normalized, 1);
+		arr.set(this.publicKey, 1 + normalized.length);
+
+		// serialize all fields into a passkey signature according to https://github.com/sui-foundation/sips/blob/main/sips/sip-9.md#signature-encoding
+		return PasskeyAuthenticator.serialize({
+			authenticatorData: authenticatorData,
+			clientDataJson: clientDataJSONString,
+			userSignature: arr,
+		}).toBytes();
+	}
+
+	/**
+	 * This overrides the base class implementation that accepts the raw bytes and signs its
+	 * digest of the intent message, then serialize it with the passkey flag.
+	 */
+	async signWithIntent(bytes: Uint8Array, intent: IntentScope): Promise<SignatureWithBytes> {
+		// prepend it into an intent message and computes the digest.
+		const intentMessage = messageWithIntent(intent, bytes);
+		const digest = blake2b(intentMessage, { dkLen: 32 });
+
+		// sign the digest.
+		const signature = await this.sign(digest);
+
+		// prepend with the passkey flag.
+		const serializedSignature = new Uint8Array(1 + signature.length);
+		serializedSignature.set([SIGNATURE_SCHEME_TO_FLAG[this.getKeyScheme()]]);
+		serializedSignature.set(signature, 1);
+		return {
+			signature: toBase64(serializedSignature),
+			bytes: toBase64(bytes),
+		};
+	}
+}

package/src/keypairs/passkey/publickey.ts

@@ -0,0 +1,188 @@
+// Copyright (c) Mysten Labs, Inc.
+// SPDX-License-Identifier: Apache-2.0
+
+import { fromBase64, toBase64 } from '@mysten/bcs';
+import { secp256r1 } from '@noble/curves/p256';
+import { sha256 } from '@noble/hashes/sha256';
+
+import { PasskeyAuthenticator } from '../../bcs/bcs.js';
+import { bytesEqual, PublicKey } from '../../cryptography/publickey.js';
+import type { PublicKeyInitData } from '../../cryptography/publickey.js';
+import { SIGNATURE_SCHEME_TO_FLAG } from '../../cryptography/signature-scheme.js';
+
+export const PASSKEY_PUBLIC_KEY_SIZE = 33;
+export const PASSKEY_UNCOMPRESSED_PUBLIC_KEY_SIZE = 65;
+export const PASSKEY_SIGNATURE_SIZE = 64;
+/** Fixed DER header for secp256r1 SubjectPublicKeyInfo
+DER structure for P-256 SPKI:
+30 -- SEQUENCE
+  59 -- length (89 bytes)
+  30 -- SEQUENCE
+    13 -- length (19 bytes)
+    06 -- OBJECT IDENTIFIER
+      07 -- length
+      2A 86 48 CE 3D 02 01 -- id-ecPublicKey
+    06 -- OBJECT IDENTIFIER
+      08 -- length
+      2A 86 48 CE 3D 03 01 07 -- secp256r1/prime256v1
+  03 -- BIT STRING
+    42 -- length (66 bytes)
+    00 -- padding
+	===== above bytes are considered header =====
+    04 || x || y -- uncompressed point (65 bytes: 0x04 || 32-byte x || 32-byte y)
+*/
+export const SECP256R1_SPKI_HEADER = new Uint8Array([
+	0x30,
+	0x59, // SEQUENCE, length 89
+	0x30,
+	0x13, // SEQUENCE, length 19
+	0x06,
+	0x07, // OID, length 7
+	0x2a,
+	0x86,
+	0x48,
+	0xce,
+	0x3d,
+	0x02,
+	0x01, // OID: 1.2.840.10045.2.1 (ecPublicKey)
+	0x06,
+	0x08, // OID, length 8
+	0x2a,
+	0x86,
+	0x48,
+	0xce,
+	0x3d,
+	0x03,
+	0x01,
+	0x07, // OID: 1.2.840.10045.3.1.7 (prime256v1/secp256r1)
+	0x03,
+	0x42, // BIT STRING, length 66
+	0x00, // no unused bits
+] as const);
+
+/**
+ * A passkey public key
+ */
+export class PasskeyPublicKey extends PublicKey {
+	static SIZE = PASSKEY_PUBLIC_KEY_SIZE;
+	private data: Uint8Array;
+
+	/**
+	 * Create a new PasskeyPublicKey object
+	 * @param value passkey public key as buffer or base-64 encoded string
+	 */
+	constructor(value: PublicKeyInitData) {
+		super();
+
+		if (typeof value === 'string') {
+			this.data = fromBase64(value);
+		} else if (value instanceof Uint8Array) {
+			this.data = value;
+		} else {
+			this.data = Uint8Array.from(value);
+		}
+
+		if (this.data.length !== PASSKEY_PUBLIC_KEY_SIZE) {
+			throw new Error(
+				`Invalid public key input. Expected ${PASSKEY_PUBLIC_KEY_SIZE} bytes, got ${this.data.length}`,
+			);
+		}
+	}
+
+	/**
+	 * Checks if two passkey public keys are equal
+	 */
+	override equals(publicKey: PasskeyPublicKey): boolean {
+		return super.equals(publicKey);
+	}
+
+	/**
+	 * Return the byte array representation of the Secp256r1 public key
+	 */
+	toRawBytes(): Uint8Array {
+		return this.data;
+	}
+
+	/**
+	 * Return the Sui address associated with this Secp256r1 public key
+	 */
+	flag(): number {
+		return SIGNATURE_SCHEME_TO_FLAG['Passkey'];
+	}
+
+	/**
+	 * Verifies that the signature is valid for for the provided message
+	 */
+	async verify(message: Uint8Array, signature: Uint8Array | string): Promise<boolean> {
+		const parsed = parseSerializedPasskeySignature(signature);
+		const clientDataJSON = JSON.parse(parsed.clientDataJson);
+
+		if (clientDataJSON.type !== 'webauthn.get') {
+			return false;
+		}
+
+		// parse challenge from base64 url
+		const parsedChallenge = fromBase64(
+			clientDataJSON.challenge.replace(/-/g, '+').replace(/_/g, '/'),
+		);
+		if (!bytesEqual(message, parsedChallenge)) {
+			return false;
+		}
+
+		const pk = parsed.userSignature.slice(1 + PASSKEY_SIGNATURE_SIZE);
+		if (!bytesEqual(this.toRawBytes(), pk)) {
+			return false;
+		}
+
+		const payload = new Uint8Array([...parsed.authenticatorData, ...sha256(parsed.clientDataJson)]);
+		const sig = parsed.userSignature.slice(1, PASSKEY_SIGNATURE_SIZE + 1);
+		return secp256r1.verify(sig, sha256(payload), pk);
+	}
+}
+
+/**
+ * Parses a DER SubjectPublicKeyInfo into an uncompressed public key. This also verifies
+ * that the curve used is P-256 (secp256r1).
+ *
+ * @param data: DER SubjectPublicKeyInfo
+ * @returns uncompressed public key (`0x04 || x || y`)
+ */
+export function parseDerSPKI(derBytes: Uint8Array): Uint8Array {
+	// Verify length and header bytes are expected
+	if (derBytes.length !== SECP256R1_SPKI_HEADER.length + PASSKEY_UNCOMPRESSED_PUBLIC_KEY_SIZE) {
+		throw new Error('Invalid DER length');
+	}
+	for (let i = 0; i < SECP256R1_SPKI_HEADER.length; i++) {
+		if (derBytes[i] !== SECP256R1_SPKI_HEADER[i]) {
+			throw new Error('Invalid spki header');
+		}
+	}
+
+	if (derBytes[SECP256R1_SPKI_HEADER.length] !== 0x04) {
+		throw new Error('Invalid point marker');
+	}
+
+	// Returns the last 65 bytes `04 || x || y`
+	return derBytes.slice(SECP256R1_SPKI_HEADER.length);
+}
+
+/**
+ * Parse signature from bytes or base64 string into the following fields.
+ */
+export function parseSerializedPasskeySignature(signature: Uint8Array | string) {
+	const bytes = typeof signature === 'string' ? fromBase64(signature) : signature;
+
+	if (bytes[0] !== SIGNATURE_SCHEME_TO_FLAG.Passkey) {
+		throw new Error('Invalid signature scheme');
+	}
+	const dec = PasskeyAuthenticator.parse(bytes.slice(1));
+	return {
+		signatureScheme: 'Passkey' as const,
+		serializedSignature: toBase64(bytes),
+		signature: bytes,
+		authenticatorData: dec.authenticatorData,
+		clientDataJson: dec.clientDataJson,
+		userSignature: new Uint8Array(dec.userSignature),
+		publicKey: new Uint8Array(dec.userSignature.slice(1 + PASSKEY_SIGNATURE_SIZE)),
+	};
+}

package/src/verify/verify.ts

@@ -7,6 +7,7 @@ import type { PublicKey, SignatureFlag, SignatureScheme } from '../cryptography/
 import { parseSerializedSignature, SIGNATURE_FLAG_TO_SCHEME } from '../cryptography/index.js';
 import type { SuiGraphQLClient } from '../graphql/client.js';
 import { Ed25519PublicKey } from '../keypairs/ed25519/publickey.js';
+import { PasskeyPublicKey } from '../keypairs/passkey/publickey.js';
 import { Secp256k1PublicKey } from '../keypairs/secp256k1/publickey.js';
 import { Secp256r1PublicKey } from '../keypairs/secp256r1/publickey.js';
 // eslint-disable-next-line import/no-cycle
@@ -98,6 +99,8 @@ export function publicKeyFromRawBytes(
 			return new MultiSigPublicKey(bytes);
 		case 'ZkLogin':
 			return new ZkLoginPublicIdentifier(bytes, options);
+		case 'Passkey':
+			return new PasskeyPublicKey(bytes);
 		default:
 			throw new Error(`Unsupported signature scheme ${signatureScheme}`);
 	}

package/src/version.ts

@@ -3,5 +3,5 @@
 
 // This file is generated by genversion.mjs. Do not edit it directly.
 
-export const PACKAGE_VERSION = '1.16.2';
+export const PACKAGE_VERSION = '1.17.0';
 export const TARGETED_RPC_VERSION = '1.40.0';