@notabene/verify-proof 1.0.0-preview.6 → 1.0.0-preview.7

package/package.json

@@ -1,10 +1,11 @@
 {
   "name": "@notabene/verify-proof",
-  "version": "1.0.0-preview.6",
+  "version": "1.0.0-preview.7",
   "description": "Verify ownership proofs",
   "source": "src/index.ts",
   "type": "module",
   "module": "dist/index.js",
+  "types": "dist/index.d.ts",
   "main": "dist/index.cjs",
   "author": "Pelle Braendgaard",
   "license": "Apache-2.0",
@@ -31,16 +32,20 @@
     "microbundle": "^0.15.1",
     "tiny-secp256k1": "^2.2.3",
     "typescript": "^5.5.4",
-    "vitest": "^2.0.5"
+    "vite": "^5.4.11",
+    "vitest": "^2.0.5",
+    "bitcoinjs-message": "^2.2.0",
+    "ox": "^0.1.4"
   },
   "dependencies": {
+    "@bitauth/libauth": "^3.0.0",
     "@notabene/javascript-sdk": "^2.0.2",
-    "@solana/web3.js": "^1.95.4",
     "@stablelib/base64": "^2.0.0",
+    "bech32": "^2.0.0",
     "bigi": "^1.4.2",
-    "bitcoinjs-message": "^2.2.0",
-    "ox": "^0.1.4",
+    "bs58": "^6.0.0",
     "tweetnacl": "^1.0.3",
+    "varuint-bitcoin": "^2.0.0",
     "viem": "^2.21.44"
   }
 }

package/src/bitcoin.ts

@@ -2,7 +2,24 @@ import {
   ProofStatus,
   SignatureProof,
 } from "@notabene/javascript-sdk/src/types";
-import * as bitcoinMessage from "bitcoinjs-message";
+import { bech32 } from "bech32";
+
+import {
+  secp256k1,
+  hash160,
+  hash256,
+  RecoveryId,
+  encodeBase58AddressFormat,
+} from "@bitauth/libauth";
+import { encode as encodeLength } from "varuint-bitcoin";
+import { decode as decodeBase64 } from "@stablelib/base64";
+
+enum SEGWIT_TYPES {
+  P2WPKH = "p2wpkh",
+  P2SH_P2WPKH = "p2sh(p2wpkh)",
+}
+
+const messagePrefix = "\u0018Bitcoin Signed Message:\n";
 
 export enum DerivationMode {
   LEGACY = "Legacy",
@@ -25,13 +42,7 @@ export async function verifyBTCSignature(
     const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(
       getDerivationMode(address),
     );
-    const verified = bitcoinMessage.verify(
-      proof.attestation,
-      address,
-      proof.proof,
-      undefined,
-      segwit,
-    );
+    const verified = verify(proof.attestation, address, proof.proof, segwit);
 
     return {
       ...proof,
@@ -59,3 +70,97 @@ function getDerivationMode(address: string) {
     );
   }
 }
+
+type DecodedSignature = {
+  compressed: boolean;
+  segwitType?: SEGWIT_TYPES;
+  recovery: RecoveryId;
+  signature: Uint8Array;
+};
+function decodeSignature(proof: string): DecodedSignature {
+  const signature = decodeBase64(proof);
+  if (signature.length !== 65) throw new Error("Invalid signature length");
+
+  const flagByte = signature[0] - 27;
+  if (flagByte > 15 || flagByte < 0) {
+    throw new Error("Invalid signature parameter");
+  }
+
+  return {
+    compressed: !!(flagByte & 12),
+    segwitType: !(flagByte & 8)
+      ? undefined
+      : !(flagByte & 4)
+        ? SEGWIT_TYPES.P2SH_P2WPKH
+        : SEGWIT_TYPES.P2WPKH,
+    recovery: (flagByte & 3) as RecoveryId,
+    signature: signature.slice(1),
+  };
+}
+
+function verify(
+  attestation: string,
+  address: string,
+  proof: string,
+  checkSegwitAlways: boolean,
+) {
+  const { compressed, segwitType, recovery, signature } =
+    decodeSignature(proof);
+  if (checkSegwitAlways && !compressed) {
+    throw new Error(
+      "checkSegwitAlways can only be used with a compressed pubkey signature flagbyte",
+    );
+  }
+
+  const hash = magicHash(attestation);
+  const publicKey: Uint8Array | string = compressed
+    ? secp256k1.recoverPublicKeyCompressed(signature, recovery, hash)
+    : secp256k1.recoverPublicKeyUncompressed(signature, recovery, hash);
+  if (typeof publicKey === "string") throw new Error(publicKey);
+  const publicKeyHash = hash160(publicKey);
+  let actual: string = "";
+
+  if (segwitType) {
+    if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {
+      actual = encodeBech32Address(publicKeyHash);
+    } else {
+      // parsed.segwitType === SEGWIT_TYPES.P2WPKH
+      // must be true since we only return null, P2SH_P2WPKH, or P2WPKH
+      // from the decodeSignature function.
+      actual = encodeBech32Address(publicKeyHash);
+    }
+  } else {
+    if (checkSegwitAlways) {
+      try {
+        actual = encodeBech32Address(publicKeyHash);
+        // if address is bech32 it is not p2sh
+      } catch (e) {
+        actual = encodeBech32Address(publicKeyHash);
+        // base58 can be p2pkh or p2sh-p2wpkh
+      }
+    } else {
+      actual = encodeBase58AddressFormat(0, publicKeyHash);
+    }
+  }
+
+  return actual === address;
+}
+
+export function magicHash(attestation: string) {
+  const prefix = new TextEncoder().encode(messagePrefix);
+  const message = new TextEncoder().encode(attestation);
+  const length = encodeLength(message.length).buffer;
+  const buffer = new Uint8Array(
+    prefix.length + length.byteLength + message.length,
+  );
+  buffer.set(prefix);
+  buffer.set(new Uint8Array(length), prefix.length);
+  buffer.set(message, prefix.length + length.byteLength);
+  return hash256(buffer);
+}
+
+function encodeBech32Address(publicKeyHash: Uint8Array): string {
+  const bwords = bech32.toWords(publicKeyHash);
+  bwords.unshift(0);
+  return bech32.encode("bc", bwords);
+}

package/src/solana.ts

@@ -1,24 +1,23 @@
-import { PublicKey } from "@solana/web3.js";
 import nacl from "tweetnacl";
 import {
   ProofStatus,
   SignatureProof,
 } from "@notabene/javascript-sdk/src/types";
 import { decode as decodeBase64 } from "@stablelib/base64";
-
+import bs58 from "bs58";
 export async function verifySolanaSignature(
   proof: SignatureProof,
 ): Promise<SignatureProof> {
   const [ns, _, address] = proof.address.split(/:/);
   if (ns !== "solana") return { ...proof, status: ProofStatus.FAILED };
   try {
-    const publicKey = new PublicKey(address);
+    const publicKey = bs58.decode(address);
     const messageBytes = new TextEncoder().encode(proof.attestation);
     const signatureBytes = decodeBase64(proof.proof);
     const verified = nacl.sign.detached.verify(
       messageBytes,
       signatureBytes,
-      publicKey.toBytes(),
+      publicKey,
     );
 
     return {

package/src/tests/bitcoin.test.ts

@@ -1,4 +1,4 @@
-import { describe, it, expect, vi } from "vitest";
+import { describe, it, expect } from "vitest";
 import * as bitcoin from "bitcoinjs-lib";
 import * as bitcoinMessage from "bitcoinjs-message";
 import { Buffer } from "node:buffer";
@@ -19,10 +19,13 @@ function signMessage(
 ): SignatureProof {
   const keyPair = bitcoin.ECPair.makeRandom({ rng: rng });
   const address = toAddress(keyPair);
+  const sigOptions: bitcoinMessage.SignatureOptions | undefined =
+    address.startsWith("bc1") ? { segwitType: "p2wpkh" } : undefined;
   const privateKey = keyPair.d.toBuffer(32);
   var attestation = "This is an example of a signed message.";
+
   var proof = bitcoinMessage
-    .sign(attestation, privateKey, keyPair.compressed)
+    .sign(attestation, privateKey, keyPair.compressed, sigOptions)
     .toString("base64");
   // console.log("signMessage", { proof, address });
   return {
@@ -67,6 +70,7 @@ describe("verifyBTCSignature", () => {
     const proof: SignatureProof = {
       type: ProofTypes.BIP137,
       did: "did:pkh:bip122:000000000019d6689c085ae165831e93:1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa",
+      wallet_provider: "ledger",
       address:
         "bip122:000000000019d6689c085ae165831e93:1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa",
       attestation: "test message",

package/src/tests/eth.test.ts

@@ -1,4 +1,4 @@
-import { describe, it, expect, vi } from "vitest";
+import { describe, it, expect } from "vitest";
 import { verifyPersonalSignEIP191 } from "../eth";
 import {
   type SignatureProof,
@@ -45,6 +45,7 @@ describe("verifyPersonalSignEIP191", () => {
     const proof: SignatureProof = {
       type: ProofTypes.EIP191,
       did: `did:pkh:bip122:000000000019d6689c085ae165831e93:128Lkh3S7CkDTBZ8W7BbpsN3YYizJMp8p6`,
+      wallet_provider: "metamask",
       address:
         "bip122:000000000019d6689c085ae165831e93:128Lkh3S7CkDTBZ8W7BbpsN3YYizJMp8p6",
       attestation: "test message",

package/src/tests/solana.test.ts

@@ -1,5 +1,5 @@
 import { describe, it, expect } from "vitest";
-import { Keypair } from "@solana/web3.js";
+import bs58 from "bs58";
 import nacl from "tweetnacl";
 import {
   ProofStatus,
@@ -9,17 +9,18 @@ import {
 import { verifySolanaSignature } from "../solana";
 
 describe("verifySolanaSignature", () => {
+  const keypair = nacl.sign.keyPair();
+  const address = bs58.encode(keypair.publicKey);
   it("verifies valid Solana signature", async () => {
     // Generate a test keypair
-    const keypair = Keypair.generate();
     const message = "Test message";
     const messageBytes = new TextEncoder().encode(message);
     const signature = nacl.sign.detached(messageBytes, keypair.secretKey);
     const proof: SignatureProof = {
       type: ProofTypes.ED25519,
       status: ProofStatus.PENDING,
-      did: `did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${keypair.publicKey.toString()}`,
-      address: `solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${keypair.publicKey.toString()}`,
+      did: `did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${address}`,
+      address: `solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${address}`,
       attestation: message,
       proof: Buffer.from(signature).toString("base64"),
       wallet_provider: "Phantom",
@@ -29,12 +30,11 @@ describe("verifySolanaSignature", () => {
   });
 
   it("fails for invalid signature", async () => {
-    const keypair = Keypair.generate();
     const proof: SignatureProof = {
       type: ProofTypes.ED25519,
       status: ProofStatus.PENDING,
-      did: `did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${keypair.publicKey.toString()}`,
-      address: `solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${keypair.publicKey.toString()}`,
+      did: `did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${address}`,
+      address: `solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${address}`,
       attestation: "Test message",
       proof: "invalid_signature",
       wallet_provider: "Phantom",