@notabene/verify-proof 1.0.4 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/index.cjs +1 -1
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.js +1 -1
  4. package/dist/index.js.map +1 -1
  5. package/dist/index.modern.js +1 -1
  6. package/dist/index.modern.js.map +1 -1
  7. package/dist/index.umd.js +1 -1
  8. package/dist/index.umd.js.map +1 -1
  9. package/package.json +2 -2
  10. package/src/bitcoin.ts +38 -27
  11. package/src/tests/bitcoin.test.ts +20 -1
package/dist/index.cjs CHANGED
@@ -1,2 +1,2 @@
1
- var e=require("@notabene/javascript-sdk"),r=require("@bitauth/libauth"),t=require("varuint-bitcoin"),s=require("@scure/base"),o=require("ox");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var a,i,c=/*#__PURE__*/n(require("tweetnacl"));function u(){return u=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var s in t)({}).hasOwnProperty.call(t,s)&&(e[s]=t[s])}return e},u.apply(null,arguments)}function f(e){var r=s.bech32.toWords(e);return r.unshift(0),s.bech32.encode("bc",r)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(a||(a={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(i||(i={})),exports.verifyProof=function(n){try{switch(n.type){case e.ProofTypes.SelfDeclaration:return Promise.resolve(u({},n,{status:n.confirmed?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}));case e.ProofTypes.Screenshot:return Promise.resolve(u({},n,{status:n.url?e.ProofStatus.FLAGGED:e.ProofStatus.FAILED}));case e.ProofTypes.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),s=t[2];if("eip155"!==t[0])return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}));var n=function(e,r,t){try{var s=o.PersonalMessage.getSignPayload(o.Hex.fromString(r)),n=o.Signature.fromHex(t),a=o.Secp256k1.recoverPublicKey({payload:s,signature:n});return o.Address.checksum(o.Address.fromPublicKey(a)).toString()===o.Address.checksum(e)}catch(e){return!1}}(s,r.attestation,r.proof);return Promise.resolve(u({},r,{status:n?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.ED25519:return Promise.resolve(function(r){try{var t=r.address.split(/:/),o=t[2];if("solana"!==t[0])return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}));try{var n=s.base58.decode(o),a=(new TextEncoder).encode(r.attestation),i=s.base64.decode(r.proof),f=c.default.sign.detached.verify(a,i,n);return Promise.resolve(u({},r,{status:f?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(t){return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.EIP712:case e.ProofTypes.BIP137:return Promise.resolve(function(o){try{var n=o.address.split(/:/),c=n[2];if("bip122"!==n[0])return Promise.resolve(u({},o,{status:e.ProofStatus.FAILED}));try{var P=[i.SEGWIT,i.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return i.NATIVE;if(e.match("^[32M].*"))return i.SEGWIT;if(e.match("^[1nmL].*"))return i.LEGACY;if(e.match("^(D).*"))return i.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(c)),l=function(e,o,n,i){var c=function(e){var r=s.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");return{compressed:!!(12&t),segwitType:8&t?4&t?a.P2WPKH:a.P2SH_P2WPKH:void 0,recovery:3&t,signature:r.slice(1)}}(n),u=c.compressed,P=c.segwitType,l=c.recovery,d=c.signature;if(i&&!u)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var h=function(e){var s=(new TextEncoder).encode("Bitcoin Signed Message:\n"),o=(new TextEncoder).encode(e),n=t.encode(o.length).buffer,a=new Uint8Array(s.length+n.byteLength+o.length);return a.set(s),a.set(new Uint8Array(n),s.length),a.set(o,s.length+n.byteLength),r.hash256(a)}(e),v=u?r.secp256k1.recoverPublicKeyCompressed(d,l,h):r.secp256k1.recoverPublicKeyUncompressed(d,l,h);if("string"==typeof v)throw new Error(v);var E=r.hash160(v),y="";if(P)y=f(E);else if(i)try{y=f(E)}catch(e){y=f(E)}else y=r.encodeBase58AddressFormat(0,E);return y===o}(o.attestation,c,o.proof,P);return Promise.resolve(u({},o,{status:l?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(r){return Promise.resolve(u({},o,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.TIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("tron"!==t[0])return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}));var a=function(e,r,t){try{var n=(l=o.Hex.fromString(r),o.Hash.keccak256(function(e){var r=o.Hex.from(e);return o.Hex.concat("0x19",o.Hex.fromString("TRON Signed Message:\n"+o.Hex.size(r)),r)}(l))),a=o.Signature.fromHex(t),i=o.Secp256k1.recoverPublicKey({payload:n,signature:a}),c="0x41"+o.Hash.keccak256("0x"+o.PublicKey.toHex(i).slice(4)).substring(26),u=o.Bytes.from(c),f=o.Bytes.from(o.Hash.sha256(o.Hash.sha256(c))).slice(0,4),P=o.Bytes.concat(u,f);return s.base58.encode(P)===e}catch(e){return!1}var l}(n,r.attestation,r.proof);return Promise.resolve(u({},r,{status:a?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(n))}return Promise.resolve(n)}catch(e){return Promise.reject(e)}};
1
+ var e=require("@notabene/javascript-sdk"),r=require("varuint-bitcoin"),t=require("@scure/base"),s=require("ox"),o=require("@noble/curves/secp256k1");function a(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var n,c,i=/*#__PURE__*/a(require("tweetnacl"));function u(){return u=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var s in t)({}).hasOwnProperty.call(t,s)&&(e[s]=t[s])}return e},u.apply(null,arguments)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(n||(n={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(c||(c={}));var f=t.createBase58check(s.Hash.sha256);function P(e){var r=t.bech32.toWords(e);return r.unshift(0),t.bech32.encode("bc",r)}exports.verifyProof=function(a){try{switch(a.type){case e.ProofTypes.SelfDeclaration:return Promise.resolve(u({},a,{status:a.confirmed?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}));case e.ProofTypes.Screenshot:return Promise.resolve(u({},a,{status:a.url?e.ProofStatus.FLAGGED:e.ProofStatus.FAILED}));case e.ProofTypes.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),o=t[2];if("eip155"!==t[0])return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}));var a=function(e,r,t){try{var o=s.PersonalMessage.getSignPayload(s.Hex.fromString(r)),a=s.Signature.fromHex(t),n=s.Secp256k1.recoverPublicKey({payload:o,signature:a});return s.Address.checksum(s.Address.fromPublicKey(n)).toString()===s.Address.checksum(e)}catch(e){return!1}}(o,r.attestation,r.proof);return Promise.resolve(u({},r,{status:a?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(a));case e.ProofTypes.ED25519:return Promise.resolve(function(r){try{var s=r.address.split(/:/),o=s[2];if("solana"!==s[0])return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}));try{var a=t.base58.decode(o),n=(new TextEncoder).encode(r.attestation),c=t.base64.decode(r.proof),f=i.default.sign.detached.verify(n,c,a);return Promise.resolve(u({},r,{status:f?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(t){return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(a));case e.ProofTypes.EIP712:case e.ProofTypes.BIP137:return Promise.resolve(function(a){try{var i=a.address.split(/:/),l=i[2];if("bip122"!==i[0])return Promise.resolve(u({},a,{status:e.ProofStatus.FAILED}));try{var h=[c.SEGWIT,c.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return c.NATIVE;if(e.match("^[32M].*"))return c.SEGWIT;if(e.match("^[1nmL].*"))return c.LEGACY;if(e.match("^(D).*"))return c.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(l)),d=function(e,a,c,i){var u=function(e){var r=t.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var s=r[0]-27;if(s>15||s<0)throw new Error("Invalid signature parameter");var a=!!(12&s),c=3&s,i=o.secp256k1.Signature.fromCompact(r.slice(1));return{compressed:a,segwitType:8&s?4&s?n.P2WPKH:n.P2SH_P2WPKH:void 0,signature:i.addRecoveryBit(c)}}(c),l=u.compressed,h=u.segwitType,d=u.signature;if(i&&!l)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var v,E=function(e){var t=(new TextEncoder).encode("Bitcoin Signed Message:\n"),o=(new TextEncoder).encode(e),a=r.encode(o.length).buffer,n=new Uint8Array(t.length+a.byteLength+o.length);return n.set(t),n.set(new Uint8Array(a),t.length),n.set(o,t.length+a.byteLength),function(e){return s.Hash.sha256(s.Hash.sha256(e))}(n)}(e),y=(v=d.recoverPublicKey(E).toRawBytes(l),s.Hash.ripemd160(s.Hash.sha256(v))),m="";if(h)m=P(y);else if(i)try{m=P(y)}catch(e){m=P(y)}else m=function(e,r){var t=new Uint8Array([0].concat(r));return f.encode(t)}(0,y);return m===a}(a.attestation,l,a.proof,h);return Promise.resolve(u({},a,{status:d?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(r){return Promise.resolve(u({},a,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(a));case e.ProofTypes.TIP191:return Promise.resolve(function(r){try{var o=r.address.split(/:/),a=o[2];if("tron"!==o[0])return Promise.resolve(u({},r,{status:e.ProofStatus.FAILED}));var n=function(e,r,o){try{var a=(l=s.Hex.fromString(r),s.Hash.keccak256(function(e){var r=s.Hex.from(e);return s.Hex.concat("0x19",s.Hex.fromString("TRON Signed Message:\n"+s.Hex.size(r)),r)}(l))),n=s.Signature.fromHex(o),c=s.Secp256k1.recoverPublicKey({payload:a,signature:n}),i="0x41"+s.Hash.keccak256("0x"+s.PublicKey.toHex(c).slice(4)).substring(26),u=s.Bytes.from(i),f=s.Bytes.from(s.Hash.sha256(s.Hash.sha256(i))).slice(0,4),P=s.Bytes.concat(u,f);return t.base58.encode(P)===e}catch(e){return!1}var l}(a,r.attestation,r.proof);return Promise.resolve(u({},r,{status:n?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(a))}return Promise.resolve(a)}catch(e){return Promise.reject(e)}};
2
2
  //# sourceMappingURL=index.cjs.map
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.cjs","sources":["../src/bitcoin.ts","../src/index.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport {\n secp256k1,\n hash160,\n hash256,\n RecoveryId,\n encodeBase58AddressFormat,\n} from \"@bitauth/libauth\";\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32 } from \"@scure/base\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n recovery: RecoveryId;\n signature: Uint8Array;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const signature = base64.decode(proof);\n if (signature.length !== 65) throw new Error(\"Invalid signature length\");\n\n const flagByte = signature[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n\n return {\n compressed: !!(flagByte & 12),\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n recovery: (flagByte & 3) as RecoveryId,\n signature: signature.slice(1),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, recovery, signature } =\n decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n\n const hash = magicHash(attestation);\n const publicKey: Uint8Array | string = compressed\n ? secp256k1.recoverPublicKeyCompressed(signature, recovery, hash)\n : secp256k1.recoverPublicKeyUncompressed(signature, recovery, hash);\n if (typeof publicKey === \"string\") throw new Error(publicKey);\n const publicKeyHash = hash160(publicKey);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","_","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","length","flagByte","compressed","segwitType","P2WPKH","P2SH_P2WPKH","undefined","recovery","slice","decodeSignature","hash","prefix","encodeLength","buffer","Uint8Array","byteLength","set","hash256","magicHash","secp256k1","recoverPublicKeyCompressed","recoverPublicKeyUncompressed","hash160","actual","encodeBase58AddressFormat","verifyBTCSignature","TIP191","data","Hash","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","sha256","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"0NAYKA,EAOAC,iQA2IL,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAAA,OAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAMA,OAACG,OAAO,KAAMJ,EAC7B,EAtJA,SAAKJ,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,iCCdCQ,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAUA,WAACC,gBACd,OAAAC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,cAAYC,SACZD,EAAWA,YAACE,UAEpB,KAAKT,EAAUA,WAACU,WACd,OAAAR,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAAA,YAAYK,QACZL,cAAYE,UAEpB,KAAKT,EAAAA,WAAWa,OACd,OAAAX,QAAAC,QCbwC,SAC5CL,OAEA,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,EAAOO,CAAAA,OAAQE,EAAAA,YAAYE,UAE5D,IAAMS,WArBNH,EACAI,EACArB,GAEA,IACE,IAAMsB,EAAUC,kBAAgBC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,EAASA,UAACC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAAA,QAAQC,SAASD,EAAAA,QAAQE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAASjB,EACnD,CAAE,MAAOoB,GACP,OAAO,CACT,CACF,CAQmBC,CACfrB,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EAAA,CAAA,CDFYE,CAAyB1C,IAClC,KAAKE,EAAUA,WAACyC,QACd,OAAAvC,QAAAC,QE9BqC,SACzCL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAWA,YAACE,UAC5D,IACE,IAAMmB,EAAYc,EAAMA,OAACC,OAAO5B,GAC1B6B,GAAe,IAAIC,aAAchD,OAAOC,EAAMuC,aAC9CS,EAAiBC,SAAOJ,OAAO7C,EAAMA,OACrCoB,EAAW8B,UAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAA1B,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAAA,YAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EAAA,CAAA,CFQYc,CAAsBtD,IAC/B,KAAKE,aAAWqD,OAChB,KAAKrD,EAAAA,WAAWsD,OACd,OAAApD,QAAAC,QDPgB,SACpBL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAAA,YAAYE,UAC5D,IAEE,IAAM8C,EAAS,CAACjE,EAAekE,OAAQlE,EAAemE,QAAQC,SAclE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAOrE,EAAemE,OACjB,GAAI1C,EAAQ4C,MAAM,YACvB,OAAOrE,EAAekE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAOrE,EAAesE,OACjB,GAAI7C,EAAQ4C,MAAM,UACvB,OAAOrE,EAAeuE,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CA7BMC,CAAkBjD,IAEdG,EAyDV,SACEmB,EACAtB,EACAjB,EACAmE,GAEA,IAAAC,EA3BF,SAAyBpE,GACvB,IAAM2B,EAAYsB,SAAOJ,OAAO7C,GAChC,GAAyB,KAArB2B,EAAU0C,OAAe,UAAUL,MAAM,4BAE7C,IAAMM,EAAW3C,EAAU,GAAK,GAChC,GAAI2C,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIN,MAAM,+BAGlB,MAAO,CACLO,cAA0B,GAAXD,GACfE,WAAyB,EAAXF,EAEG,EAAXA,EAEA/E,EAAakF,OADblF,EAAamF,iBAFfC,EAIJC,SAAsB,EAAXN,EACX3C,UAAWA,EAAUkD,MAAM,GAE/B,CASIC,CAAgB9E,GADVuE,EAAUH,EAAVG,WAAYC,EAAUJ,EAAVI,WAAYI,EAAQR,EAARQ,SAAUjD,EAASyC,EAATzC,UAE1C,GAAIwC,IAAsBI,EACxB,MAAU,IAAAP,MACR,kFAIJ,IAAMe,EAkCR,SAAmBxC,GACjB,IAAMyC,GAAS,IAAIjC,aAAchD,OAjIb,8BAkIdsB,GAAU,IAAI0B,aAAchD,OAAOwC,GACnC8B,EAASY,EAAYlF,OAACsB,EAAQgD,QAAQa,OACtCA,EAAS,IAAIC,WACjBH,EAAOX,OAASA,EAAOe,WAAa/D,EAAQgD,QAK9C,OAHAa,EAAOG,IAAIL,GACXE,EAAOG,IAAI,IAAIF,WAAWd,GAASW,EAAOX,QAC1Ca,EAAOG,IAAIhE,EAAS2D,EAAOX,OAASA,EAAOe,YACpCE,EAAOA,QAACJ,EACjB,CA7CeK,CAAUhD,GACjBT,EAAiCyC,EACnCiB,EAASA,UAACC,2BAA2B9D,EAAWiD,EAAUG,GAC1DS,EAASA,UAACE,6BAA6B/D,EAAWiD,EAAUG,GAChE,GAAyB,iBAAdjD,EAAwB,MAAM,IAAIkC,MAAMlC,GACnD,IAAMpC,EAAgBiG,EAAOA,QAAC7D,GAC1B8D,EAAiB,GAErB,GAAIpB,EAEAoB,EAASnG,EAAoBC,QAQ/B,GAAIyE,EACF,IACEyB,EAASnG,EAAoBC,EAE/B,CAAE,MAAO8C,GACPoD,EAASnG,EAAoBC,EAE/B,MAEAkG,EAASC,4BAA0B,EAAGnG,GAI1C,OAAOkG,IAAW3E,CACpB,CAvGqBoC,CAAOrD,EAAMuC,YAAatB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAArD,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAAA,YAAYC,SAAWD,cAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAOO,CAAAA,OAAQE,cAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EArCD,CAAA,CCyBasD,CAAmB9F,IAC5B,KAAKE,EAAUA,WAAC6F,OACd,OAAA3F,QAAAC,QGbwC,SAC5CL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,SADFA,EAAA,GACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAE1D,IAAMS,WA3BNH,EACAI,EACArB,GAEA,IACE,IAAMsB,GA0CqB0E,EA1CIvE,EAAGA,IAACC,WAAWL,GA2CzC4E,EAAAA,KAAKC,UAVR,SAAiBF,GACrB,IAAM3E,EAAUI,EAAGA,IAAC0E,KAAKH,GACzB,OAAOvE,EAAGA,IAACwC,OAET,OACAxC,EAAAA,IAAIC,WAAW,yBAA2BD,MAAI2E,KAAK/E,IACnDA,EAEJ,CAEwBtB,CAAOiG,KA1CrBrE,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,YAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD0E,SAAsBJ,EAAAA,KAAKC,UAC1BI,KAAAA,YAAUC,MAAMzE,GAAW+C,MAAM,IACtC2B,UAAU,IACNC,EAAQC,QAAMP,KAAKE,GACnBnE,EAAWwE,QAAMP,KAAKF,EAAIA,KAACU,OAAOV,EAAAA,KAAKU,OAAON,KAAOxB,MAAM,EAAG,GAC9D+B,EAAUF,EAAAA,MAAMzC,OAAOwC,EAAOvE,GAEpC,OADYU,EAAMA,OAAC7C,OAAO6G,KACX3F,CACjB,CAAE,MAAOoB,GACP,OACF,CAAA,CA6BI,IAAyB2D,CA5B/B,CAQmBa,CACf5F,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EArCD,CAAA,CHmCasE,CAAyB9G,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAwC,UAAApC,QAAAqC,OAAAD,EAAA,CAAA"}
1
+ {"version":3,"file":"index.cjs","sources":["../src/bitcoin.ts","../src/index.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","_","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"iOAOKA,EAOAC,kQAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAsHD,IAAMC,EAAcC,EAAAA,kBAAkBC,EAAAA,KAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAMA,OAACC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAAA,OAAOG,OAAO,KAAMJ,EAC7B,8BCvJEK,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAUA,WAACC,gBACd,OAAAC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,cAAYC,SACZD,EAAWA,YAACE,UAEpB,KAAKT,EAAUA,WAACU,WACd,OAAAR,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAAA,YAAYK,QACZL,cAAYE,UAEpB,KAAKT,EAAAA,WAAWa,OACd,OAAAX,QAAAC,QCbwC,SAC5CL,OAEA,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,EAAOO,CAAAA,OAAQE,EAAAA,YAAYE,UAE5D,IAAMS,WArBNH,EACAI,EACArB,GAEA,IACE,IAAMsB,EAAUC,kBAAgBC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,EAASA,UAACC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAAA,QAAQC,SAASD,EAAAA,QAAQE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAASjB,EACnD,CAAE,MAAOoB,GACP,OAAO,CACT,CACF,CAQmBC,CACfrB,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EAAA,CAAA,CDFYE,CAAyB1C,IAClC,KAAKE,EAAUA,WAACyC,QACd,OAAAvC,QAAAC,QE9BqC,SACzCL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAWA,YAACE,UAC5D,IACE,IAAMmB,EAAYc,EAAMA,OAACC,OAAO5B,GAC1B6B,GAAe,IAAIC,aAAchD,OAAOC,EAAMuC,aAC9CS,EAAiBC,SAAOJ,OAAO7C,EAAMA,OACrCoB,EAAW8B,UAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAA1B,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAAA,YAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EAAA,CAAA,CFQYc,CAAsBtD,IAC/B,KAAKE,aAAWqD,OAChB,KAAKrD,EAAAA,WAAWsD,OACd,OAAApD,QAAAC,iBDXJL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,KACY,OAAAZ,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAC5D,IAEE,IAAM8C,EAAS,CAACrE,EAAesE,OAAQtE,EAAeuE,QAAQC,SAmBlE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAOzE,EAAeuE,OACb1C,GAAAA,EAAQ4C,MAAM,YACvB,OAAOzE,EAAesE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAOzE,EAAe0E,UACb7C,EAAQ4C,MAAM,UACvB,OAAOzE,EAAe2E,SAEtB,MAAM,IAAIC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CAlCMC,CAAkBjD,IAEdG,EA8DV,SACEmB,EACAtB,EACAjB,EACAmE,GAEA,IAAAC,EA5BF,SAAyBpE,GACvB,IAAMqE,EAAWpB,EAAAA,OAAOJ,OAAO7C,GAC/B,GAAwB,KAApBqE,EAASC,OAAe,MAAU,IAAAN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAU,IAAAP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX5C,EAAY+C,EAASA,UAAC9C,UAAU+C,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEApF,EAAa2F,OADb3F,EAAa4F,iBAFfC,EAIJrD,UAAWA,EAAUsD,eAAeR,GAExC,CAQgDS,CAAgBlF,GAAtDwE,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYlD,EAASyC,EAATzC,UAChC,GAAIwC,IAAsBK,EACxB,MAAM,IAAIR,MACR,kFAGJ,IA8DemB,EA9DTC,EAuCR,SAAmB7C,GACjB,IAAM8C,GAAS,IAAItC,aAAchD,OAzIb,8BA0IdsB,GAAU,IAAI0B,aAAchD,OAAOwC,GACnC+B,EAASgB,EAAAA,OAAajE,EAAQiD,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAanE,EAAQiD,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIpE,EAASgE,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAO5F,EAAAA,KAAKC,OAAOD,EAAIA,KAACC,OAAO2F,GACjC,CAXSO,CAAQP,EACjB,CAlDeQ,CAAUpD,GAGjB7C,GA2DSyF,EA7DGxD,EAAUK,iBAAiBoD,GACZQ,WAAWpB,GA6DrCjF,EAAAA,KAAKsG,UAAUtG,EAAAA,KAAKC,OAAO2F,KA3D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAASrG,EAAoBC,QAQ/B,GAAIyE,EACF,IACE2B,EAASrG,EAAoBC,EAE/B,CAAE,MAAO8C,GACPsD,EAASrG,EAAoBC,EAE/B,MAEAoG,EASN,SAAmCC,EAAiBrG,GAClD,IAAM4B,EAAU,IAAIiE,WAAYQ,CAVO,GAUA9B,OAAKvE,IAC5C,OAAOL,EAAYU,OAAOuB,EAC5B,CAZe0E,CAA0B,EAAGtG,GAI1C,OAAOoG,IAAW7E,CACpB,CAxGqBoC,CAAOrD,EAAMuC,YAAatB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAArD,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAAA,YAAYE,SAE1D,CAAE,MAAO0B,GAEP,OAAAjC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQE,EAAAA,YAAYE,SAGxB,CACF,CAAC,MAAA6B,UAAApC,QAAAqC,OAAAD,EAAA,CAAA,CCZYyD,CAAmBjG,IAC5B,KAAKE,EAAUA,WAACgG,OACd,OAAA9F,QAAAC,QGbwC,SAC5CL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,SADFA,EAAA,GACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAE1D,IAAMS,WA3BNH,EACAI,EACArB,GAEA,IACE,IAAMsB,GA0CqB6E,EA1CI1E,EAAGA,IAACC,WAAWL,GA2CzC9B,EAAAA,KAAK6G,UAVR,SAAiBD,GACrB,IAAM9E,EAAUI,EAAGA,IAAC4E,KAAKF,GACzB,OAAO1E,EAAGA,IAACwC,OAET,OACAxC,EAAAA,IAAIC,WAAW,yBAA2BD,MAAI6E,KAAKjF,IACnDA,EAEJ,CAEwBtB,CAAOoG,KA1CrBxE,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,YAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD4E,SAAsBhH,EAAAA,KAAK6G,UAC1BI,KAAAA,YAAUC,MAAM3E,GAAW8C,MAAM,IACtC8B,UAAU,IACNC,EAAQC,QAAMP,KAAKE,GACnBrE,EAAW0E,QAAMP,KAAK9G,EAAIA,KAACC,OAAOD,EAAAA,KAAKC,OAAO+G,KAAO3B,MAAM,EAAG,GAC9DiC,EAAUD,EAAAA,MAAM3C,OAAO0C,EAAOzE,GAEpC,OADYU,EAAMA,OAAC7C,OAAO8G,KACX5F,CACjB,CAAE,MAAOoB,GACP,OACF,CAAA,CA6BI,IAAyB8D,CA5B/B,CAQmBW,CACf7F,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EArCD,CAAA,CHmCauE,CAAyB/G,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAwC,UAAApC,QAAAqC,OAAAD,EAAA,CAAA"}
package/dist/index.js CHANGED
@@ -1,2 +1,2 @@
1
- import{ProofStatus as e,ProofTypes as r}from"@notabene/javascript-sdk";import{secp256k1 as t,hash160 as n,encodeBase58AddressFormat as o,hash256 as s}from"@bitauth/libauth";import{encode as i}from"varuint-bitcoin";import{bech32 as a,base64 as c,base58 as u}from"@scure/base";import{PersonalMessage as l,Hex as f,Signature as m,Secp256k1 as v,Address as E,Hash as d,PublicKey as h,Bytes as P}from"ox";import p from"tweetnacl";function g(){return g=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)({}).hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},g.apply(null,arguments)}var I,y;function D(e){var r=a.toWords(e);return r.unshift(0),a.encode("bc",r)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(I||(I={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(y||(y={}));var w=function(a){try{switch(a.type){case r.SelfDeclaration:return Promise.resolve(g({},a,{status:a.confirmed?e.VERIFIED:e.FAILED}));case r.Screenshot:return Promise.resolve(g({},a,{status:a.url?e.FLAGGED:e.FAILED}));case r.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("eip155"!==t[0])return Promise.resolve(g({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=l.getSignPayload(f.fromString(r)),o=m.fromHex(t),s=v.recoverPublicKey({payload:n,signature:o});return E.checksum(E.fromPublicKey(s)).toString()===E.checksum(e)}catch(e){return!1}}(n,r.attestation,r.proof);return Promise.resolve(g({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(a));case r.ED25519:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("solana"!==t[0])return Promise.resolve(g({},r,{status:e.FAILED}));try{var o=u.decode(n),s=(new TextEncoder).encode(r.attestation),i=c.decode(r.proof),a=p.sign.detached.verify(s,i,o);return Promise.resolve(g({},r,{status:a?e.VERIFIED:e.FAILED}))}catch(t){return Promise.resolve(g({},r,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(a));case r.EIP712:case r.BIP137:return Promise.resolve(function(r){try{var a=r.address.split(/:/),u=a[2];if("bip122"!==a[0])return Promise.resolve(g({},r,{status:e.FAILED}));try{var l=[y.SEGWIT,y.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return y.NATIVE;if(e.match("^[32M].*"))return y.SEGWIT;if(e.match("^[1nmL].*"))return y.LEGACY;if(e.match("^(D).*"))return y.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(u)),f=function(e,r,a,u){var l=function(e){var r=c.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");return{compressed:!!(12&t),segwitType:8&t?4&t?I.P2WPKH:I.P2SH_P2WPKH:void 0,recovery:3&t,signature:r.slice(1)}}(a),f=l.compressed,m=l.segwitType,v=l.recovery,E=l.signature;if(u&&!f)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var d=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),t=(new TextEncoder).encode(e),n=i(t.length).buffer,o=new Uint8Array(r.length+n.byteLength+t.length);return o.set(r),o.set(new Uint8Array(n),r.length),o.set(t,r.length+n.byteLength),s(o)}(e),h=f?t.recoverPublicKeyCompressed(E,v,d):t.recoverPublicKeyUncompressed(E,v,d);if("string"==typeof h)throw new Error(h);var P=n(h),p="";if(m)p=D(P);else if(u)try{p=D(P)}catch(e){p=D(P)}else p=o(0,P);return p===r}(r.attestation,u,r.proof,l);return Promise.resolve(g({},r,{status:f?e.VERIFIED:e.FAILED}))}catch(t){return Promise.resolve(g({},r,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(a));case r.TIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("tron"!==t[0])return Promise.resolve(g({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=(E=f.fromString(r),d.keccak256(function(e){var r=f.from(e);return f.concat("0x19",f.fromString("TRON Signed Message:\n"+f.size(r)),r)}(E))),o=m.fromHex(t),s=v.recoverPublicKey({payload:n,signature:o}),i="0x41"+d.keccak256("0x"+h.toHex(s).slice(4)).substring(26),a=P.from(i),c=P.from(d.sha256(d.sha256(i))).slice(0,4),l=P.concat(a,c);return u.encode(l)===e}catch(e){return!1}var E}(n,r.attestation,r.proof);return Promise.resolve(g({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(a))}return Promise.resolve(a)}catch(e){return Promise.reject(e)}};export{w as verifyProof};
1
+ import{ProofStatus as e,ProofTypes as r}from"@notabene/javascript-sdk";import{encode as t}from"varuint-bitcoin";import{createBase58check as n,bech32 as o,base64 as s,base58 as a}from"@scure/base";import{Hash as i,PersonalMessage as c,Hex as u,Signature as f,Secp256k1 as l,Address as m,PublicKey as v,Bytes as d}from"ox";import{secp256k1 as h}from"@noble/curves/secp256k1";import E from"tweetnacl";function P(){return P=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)({}).hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},P.apply(null,arguments)}var p,g;!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(p||(p={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(g||(g={}));var I=n(i.sha256);function y(e){var r=o.toWords(e);return r.unshift(0),o.encode("bc",r)}var D=function(n){try{switch(n.type){case r.SelfDeclaration:return Promise.resolve(P({},n,{status:n.confirmed?e.VERIFIED:e.FAILED}));case r.Screenshot:return Promise.resolve(P({},n,{status:n.url?e.FLAGGED:e.FAILED}));case r.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("eip155"!==t[0])return Promise.resolve(P({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=c.getSignPayload(u.fromString(r)),o=f.fromHex(t),s=l.recoverPublicKey({payload:n,signature:o});return m.checksum(m.fromPublicKey(s)).toString()===m.checksum(e)}catch(e){return!1}}(n,r.attestation,r.proof);return Promise.resolve(P({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(n));case r.ED25519:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("solana"!==t[0])return Promise.resolve(P({},r,{status:e.FAILED}));try{var o=a.decode(n),i=(new TextEncoder).encode(r.attestation),c=s.decode(r.proof),u=E.sign.detached.verify(i,c,o);return Promise.resolve(P({},r,{status:u?e.VERIFIED:e.FAILED}))}catch(t){return Promise.resolve(P({},r,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case r.EIP712:case r.BIP137:return Promise.resolve(function(r){try{var n=r.address.split(/:/),o=n[2];if("bip122"!==n[0])return Promise.resolve(P({},r,{status:e.FAILED}));try{var a=[g.SEGWIT,g.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return g.NATIVE;if(e.match("^[32M].*"))return g.SEGWIT;if(e.match("^[1nmL].*"))return g.LEGACY;if(e.match("^(D).*"))return g.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(o)),c=function(e,r,n,o){var a=function(e){var r=s.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");var n=!!(12&t),o=3&t,a=h.Signature.fromCompact(r.slice(1));return{compressed:n,segwitType:8&t?4&t?p.P2WPKH:p.P2SH_P2WPKH:void 0,signature:a.addRecoveryBit(o)}}(n),c=a.compressed,u=a.segwitType,f=a.signature;if(o&&!c)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var l,m=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),n=(new TextEncoder).encode(e),o=t(n.length).buffer,s=new Uint8Array(r.length+o.byteLength+n.length);return s.set(r),s.set(new Uint8Array(o),r.length),s.set(n,r.length+o.byteLength),function(e){return i.sha256(i.sha256(e))}(s)}(e),v=(l=f.recoverPublicKey(m).toRawBytes(c),i.ripemd160(i.sha256(l))),d="";if(u)d=y(v);else if(o)try{d=y(v)}catch(e){d=y(v)}else d=function(e,r){var t=new Uint8Array([0].concat(r));return I.encode(t)}(0,v);return d===r}(r.attestation,o,r.proof,a);return Promise.resolve(P({},r,{status:c?e.VERIFIED:e.FAILED}))}catch(t){return Promise.resolve(P({},r,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case r.TIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("tron"!==t[0])return Promise.resolve(P({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=(P=u.fromString(r),i.keccak256(function(e){var r=u.from(e);return u.concat("0x19",u.fromString("TRON Signed Message:\n"+u.size(r)),r)}(P))),o=f.fromHex(t),s=l.recoverPublicKey({payload:n,signature:o}),c="0x41"+i.keccak256("0x"+v.toHex(s).slice(4)).substring(26),m=d.from(c),h=d.from(i.sha256(i.sha256(c))).slice(0,4),E=d.concat(m,h);return a.encode(E)===e}catch(e){return!1}var P}(n,r.attestation,r.proof);return Promise.resolve(P({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(n))}return Promise.resolve(n)}catch(e){return Promise.reject(e)}};export{D as verifyProof};
2
2
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sources":["../src/bitcoin.ts","../src/eth.ts","../src/index.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport {\n secp256k1,\n hash160,\n hash256,\n RecoveryId,\n encodeBase58AddressFormat,\n} from \"@bitauth/libauth\";\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32 } from \"@scure/base\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n recovery: RecoveryId;\n signature: Uint8Array;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const signature = base64.decode(proof);\n if (signature.length !== 65) throw new Error(\"Invalid signature length\");\n\n const flagByte = signature[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n\n return {\n compressed: !!(flagByte & 12),\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n recovery: (flagByte & 3) as RecoveryId,\n signature: signature.slice(1),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, recovery, signature } =\n decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n\n const hash = magicHash(attestation);\n const publicKey: Uint8Array | string = compressed\n ? secp256k1.recoverPublicKeyCompressed(signature, recovery, hash)\n : secp256k1.recoverPublicKeyUncompressed(signature, recovery, hash);\n if (typeof publicKey === \"string\") throw new Error(publicKey);\n const publicKeyHash = hash160(publicKey);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyProof","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","_","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","length","flagByte","compressed","segwitType","P2WPKH","P2SH_P2WPKH","undefined","recovery","slice","decodeSignature","hash","prefix","encodeLength","buffer","Uint8Array","byteLength","set","hash256","magicHash","secp256k1","recoverPublicKeyCompressed","recoverPublicKeyUncompressed","hash160","actual","encodeBase58AddressFormat","verifyBTCSignature","TIP191","data","Hash","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","sha256","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"qoBAYKA,EAOAC,EA2IL,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,EAtJA,SAAKJ,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,ICTD,ICNsBQ,WACpBC,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAWC,gBACd,OAAAC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,EAAYC,SACZD,EAAYE,UAEpB,KAAKT,EAAWU,WACd,OAAAR,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAYK,QACZL,EAAYE,UAEpB,KAAKT,EAAWa,OACd,OAAAX,QAAAC,QDbwC,SAC5CL,OAEA,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,EAAOO,CAAAA,OAAQE,EAAYE,UAE5D,IAAMS,WArBNH,EACAI,EACArB,GAEA,IACE,IAAMsB,EAAUC,EAAgBC,eAAeC,EAAIC,WAAWL,IACxDM,EAAYC,EAAUC,QAAQ7B,GAC9B8B,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAQC,SAASD,EAAQE,cAAcL,IACxCM,aAAeH,EAAQC,SAASjB,EACnD,CAAE,MAAOoB,GACP,OAAO,CACT,CACF,CAQmBC,CACfrB,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EAAA,CAAA,CCFYE,CAAyB1C,IAClC,KAAKE,EAAWyC,QACd,OAAAvC,QAAAC,QC9BqC,SACzCL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAYE,UAC5D,IACE,IAAMmB,EAAYc,EAAOC,OAAO5B,GAC1B6B,GAAe,IAAIC,aAAcjD,OAAOE,EAAMuC,aAC9CS,EAAiBC,EAAOJ,OAAO7C,EAAMA,OACrCoB,EAAW8B,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAA1B,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EAAA,CAAA,CDQYc,CAAsBtD,IAC/B,KAAKE,EAAWqD,OAChB,KAAKrD,EAAWsD,OACd,OAAApD,QAAAC,QFPgB,SACpBL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,UAC5D,IAEE,IAAM8C,EAAS,CAAClE,EAAemE,OAAQnE,EAAeoE,QAAQC,SAclE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAOtE,EAAeoE,OACjB,GAAI1C,EAAQ4C,MAAM,YACvB,OAAOtE,EAAemE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAOtE,EAAeuE,OACjB,GAAI7C,EAAQ4C,MAAM,UACvB,OAAOtE,EAAewE,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CA7BMC,CAAkBjD,IAEdG,EAyDV,SACEmB,EACAtB,EACAjB,EACAmE,GAEA,IAAAC,EA3BF,SAAyBpE,GACvB,IAAM2B,EAAYsB,EAAOJ,OAAO7C,GAChC,GAAyB,KAArB2B,EAAU0C,OAAe,UAAUL,MAAM,4BAE7C,IAAMM,EAAW3C,EAAU,GAAK,GAChC,GAAI2C,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIN,MAAM,+BAGlB,MAAO,CACLO,cAA0B,GAAXD,GACfE,WAAyB,EAAXF,EAEG,EAAXA,EAEAhF,EAAamF,OADbnF,EAAaoF,iBAFfC,EAIJC,SAAsB,EAAXN,EACX3C,UAAWA,EAAUkD,MAAM,GAE/B,CASIC,CAAgB9E,GADVuE,EAAUH,EAAVG,WAAYC,EAAUJ,EAAVI,WAAYI,EAAQR,EAARQ,SAAUjD,EAASyC,EAATzC,UAE1C,GAAIwC,IAAsBI,EACxB,MAAU,IAAAP,MACR,kFAIJ,IAAMe,EAkCR,SAAmBxC,GACjB,IAAMyC,GAAS,IAAIjC,aAAcjD,OAjIb,8BAkIduB,GAAU,IAAI0B,aAAcjD,OAAOyC,GACnC8B,EAASY,EAAa5D,EAAQgD,QAAQa,OACtCA,EAAS,IAAIC,WACjBH,EAAOX,OAASA,EAAOe,WAAa/D,EAAQgD,QAK9C,OAHAa,EAAOG,IAAIL,GACXE,EAAOG,IAAI,IAAIF,WAAWd,GAASW,EAAOX,QAC1Ca,EAAOG,IAAIhE,EAAS2D,EAAOX,OAASA,EAAOe,YACpCE,EAAQJ,EACjB,CA7CeK,CAAUhD,GACjBT,EAAiCyC,EACnCiB,EAAUC,2BAA2B9D,EAAWiD,EAAUG,GAC1DS,EAAUE,6BAA6B/D,EAAWiD,EAAUG,GAChE,GAAyB,iBAAdjD,EAAwB,MAAM,IAAIkC,MAAMlC,GACnD,IAAMrC,EAAgBkG,EAAQ7D,GAC1B8D,EAAiB,GAErB,GAAIpB,EAEAoB,EAASpG,EAAoBC,QAQ/B,GAAI0E,EACF,IACEyB,EAASpG,EAAoBC,EAE/B,CAAE,MAAO+C,GACPoD,EAASpG,EAAoBC,EAE/B,MAEAmG,EAASC,EAA0B,EAAGpG,GAI1C,OAAOmG,IAAW3E,CACpB,CAvGqBoC,CAAOrD,EAAMuC,YAAatB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAArD,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAOO,CAAAA,OAAQE,EAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EArCD,CAAA,CEyBasD,CAAmB9F,IAC5B,KAAKE,EAAW6F,OACd,OAAA3F,QAAAC,QEbwC,SAC5CL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,SADFA,EAAA,GACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAE1D,IAAMS,WA3BNH,EACAI,EACArB,GAEA,IACE,IAAMsB,GA0CqB0E,EA1CIvE,EAAIC,WAAWL,GA2CzC4E,EAAKC,UAVR,SAAiBF,GACrB,IAAM3E,EAAUI,EAAI0E,KAAKH,GACzB,OAAOvE,EAAIwC,OAET,OACAxC,EAAIC,WAAW,yBAA2BD,EAAI2E,KAAK/E,IACnDA,EAEJ,CAEwBvB,CAAOkG,KA1CrBrE,EAAYC,EAAUC,QAAQ7B,GAC9B8B,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD0E,SAAsBJ,EAAKC,UAC1BI,KAAAA,EAAUC,MAAMzE,GAAW+C,MAAM,IACtC2B,UAAU,IACNC,EAAQC,EAAMP,KAAKE,GACnBnE,EAAWwE,EAAMP,KAAKF,EAAKU,OAAOV,EAAKU,OAAON,KAAOxB,MAAM,EAAG,GAC9D+B,EAAUF,EAAMzC,OAAOwC,EAAOvE,GAEpC,OADYU,EAAO9C,OAAO8G,KACX3F,CACjB,CAAE,MAAOoB,GACP,OACF,CAAA,CA6BI,IAAyB2D,CA5B/B,CAQmBa,CACf5F,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EArCD,CAAA,CFmCasE,CAAyB9G,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAwC,UAAApC,QAAAqC,OAAAD,EAAA,CAAA"}
1
+ {"version":3,"file":"index.js","sources":["../src/bitcoin.ts","../src/eth.ts","../src/index.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyProof","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","_","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"smBAyBA,IAlBKA,EAOAC,GAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAsHD,IAAMC,EAAcC,EAAkBC,EAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,CClJA,ICNsBK,WACpBC,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAWC,gBACd,OAAAC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,EAAYC,SACZD,EAAYE,UAEpB,KAAKT,EAAWU,WACd,OAAAR,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAYK,QACZL,EAAYE,UAEpB,KAAKT,EAAWa,OACd,OAAAX,QAAAC,QDbwC,SAC5CL,OAEA,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,EAAOO,CAAAA,OAAQE,EAAYE,UAE5D,IAAMS,WArBNH,EACAI,EACArB,GAEA,IACE,IAAMsB,EAAUC,EAAgBC,eAAeC,EAAIC,WAAWL,IACxDM,EAAYC,EAAUC,QAAQ7B,GAC9B8B,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAQC,SAASD,EAAQE,cAAcL,IACxCM,aAAeH,EAAQC,SAASjB,EACnD,CAAE,MAAOoB,GACP,OAAO,CACT,CACF,CAQmBC,CACfrB,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EAAA,CAAA,CCFYE,CAAyB1C,IAClC,KAAKE,EAAWyC,QACd,OAAAvC,QAAAC,QC9BqC,SACzCL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAYE,UAC5D,IACE,IAAMmB,EAAYc,EAAOC,OAAO5B,GAC1B6B,GAAe,IAAIC,aAAcjD,OAAOE,EAAMuC,aAC9CS,EAAiBC,EAAOJ,OAAO7C,EAAMA,OACrCoB,EAAW8B,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAA1B,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EAAA,CAAA,CDQYc,CAAsBtD,IAC/B,KAAKE,EAAWqD,OAChB,KAAKrD,EAAWsD,OACd,OAAApD,QAAAC,iBFXJL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,KACY,OAAAZ,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAC5D,IAEE,IAAM8C,EAAS,CAACtE,EAAeuE,OAAQvE,EAAewE,QAAQC,SAmBlE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAO1E,EAAewE,OACb1C,GAAAA,EAAQ4C,MAAM,YACvB,OAAO1E,EAAeuE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAO1E,EAAe2E,UACb7C,EAAQ4C,MAAM,UACvB,OAAO1E,EAAe4E,SAEtB,MAAM,IAAIC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CAlCMC,CAAkBjD,IAEdG,EA8DV,SACEmB,EACAtB,EACAjB,EACAmE,GAEA,IAAAC,EA5BF,SAAyBpE,GACvB,IAAMqE,EAAWpB,EAAOJ,OAAO7C,GAC/B,GAAwB,KAApBqE,EAASC,OAAe,MAAU,IAAAN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAU,IAAAP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX5C,EAAY+C,EAAU9C,UAAU+C,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEArF,EAAa4F,OADb5F,EAAa6F,iBAFfC,EAIJrD,UAAWA,EAAUsD,eAAeR,GAExC,CAQgDS,CAAgBlF,GAAtDwE,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYlD,EAASyC,EAATzC,UAChC,GAAIwC,IAAsBK,EACxB,MAAM,IAAIR,MACR,kFAGJ,IA8DemB,EA9DTC,EAuCR,SAAmB7C,GACjB,IAAM8C,GAAS,IAAItC,aAAcjD,OAzIb,8BA0IduB,GAAU,IAAI0B,aAAcjD,OAAOyC,GACnC+B,EAASgB,EAAajE,EAAQiD,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAanE,EAAQiD,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIpE,EAASgE,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAO7F,EAAKC,OAAOD,EAAKC,OAAO4F,GACjC,CAXSO,CAAQP,EACjB,CAlDeQ,CAAUpD,GAGjB9C,GA2DS0F,EA7DGxD,EAAUK,iBAAiBoD,GACZQ,WAAWpB,GA6DrClF,EAAKuG,UAAUvG,EAAKC,OAAO4F,KA3D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAAStG,EAAoBC,QAQ/B,GAAI0E,EACF,IACE2B,EAAStG,EAAoBC,EAE/B,CAAE,MAAO+C,GACPsD,EAAStG,EAAoBC,EAE/B,MAEAqG,EASN,SAAmCC,EAAiBtG,GAClD,IAAM6B,EAAU,IAAIiE,WAAYQ,CAVO,GAUA9B,OAAKxE,IAC5C,OAAOL,EAAYU,OAAOwB,EAC5B,CAZe0E,CAA0B,EAAGvG,GAI1C,OAAOqG,IAAW7E,CACpB,CAxGqBoC,CAAOrD,EAAMuC,YAAatB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAArD,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAE,MAAO0B,GAEP,OAAAjC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQE,EAAYE,SAGxB,CACF,CAAC,MAAA6B,UAAApC,QAAAqC,OAAAD,EAAA,CAAA,CEZYyD,CAAmBjG,IAC5B,KAAKE,EAAWgG,OACd,OAAA9F,QAAAC,QEbwC,SAC5CL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,SADFA,EAAA,GACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAE1D,IAAMS,WA3BNH,EACAI,EACArB,GAEA,IACE,IAAMsB,GA0CqB6E,EA1CI1E,EAAIC,WAAWL,GA2CzC/B,EAAK8G,UAVR,SAAiBD,GACrB,IAAM9E,EAAUI,EAAI4E,KAAKF,GACzB,OAAO1E,EAAIwC,OAET,OACAxC,EAAIC,WAAW,yBAA2BD,EAAI6E,KAAKjF,IACnDA,EAEJ,CAEwBvB,CAAOqG,KA1CrBxE,EAAYC,EAAUC,QAAQ7B,GAC9B8B,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD4E,SAAsBjH,EAAK8G,UAC1BI,KAAAA,EAAUC,MAAM3E,GAAW8C,MAAM,IACtC8B,UAAU,IACNC,EAAQC,EAAMP,KAAKE,GACnBrE,EAAW0E,EAAMP,KAAK/G,EAAKC,OAAOD,EAAKC,OAAOgH,KAAO3B,MAAM,EAAG,GAC9DiC,EAAUD,EAAM3C,OAAO0C,EAAOzE,GAEpC,OADYU,EAAO9C,OAAO+G,KACX5F,CACjB,CAAE,MAAOoB,GACP,OACF,CAAA,CA6BI,IAAyB8D,CA5B/B,CAQmBW,CACf7F,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EArCD,CAAA,CFmCauE,CAAyB/G,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAwC,UAAApC,QAAAqC,OAAAD,EAAA,CAAA"}
package/dist/index.modern.js CHANGED
@@ -1,2 +1,2 @@
1
- import{ProofStatus as t,ProofTypes as e}from"@notabene/javascript-sdk";import{secp256k1 as r,hash160 as n,encodeBase58AddressFormat as o,hash256 as s}from"@bitauth/libauth";import{encode as c}from"varuint-bitcoin";import{bech32 as a,base64 as i,base58 as u}from"@scure/base";import{PersonalMessage as f,Hex as E,Signature as d,Secp256k1 as l,Address as h,Hash as p,PublicKey as g,Bytes as I}from"ox";import m from"tweetnacl";function y(){return y=Object.assign?Object.assign.bind():function(t){for(var e=1;e<arguments.length;e++){var r=arguments[e];for(var n in r)({}).hasOwnProperty.call(r,n)&&(t[n]=r[n])}return t},y.apply(null,arguments)}var D,w;function b(t){const e=a.toWords(t);return e.unshift(0),a.encode("bc",e)}function A(t,e,r){try{const o=(n=E.fromString(e),p.keccak256(function(t){const e=E.from(t);return E.concat("0x19",E.fromString("TRON Signed Message:\n"+E.size(e)),e)}(n))),s=d.fromHex(r),c=l.recoverPublicKey({payload:o,signature:s}),a=`0x41${p.keccak256(`0x${g.toHex(c).slice(4)}`).substring(26)}`,i=I.from(a),f=I.from(p.sha256(p.sha256(a))).slice(0,4),h=I.concat(i,f);return u.encode(h)===t}catch(t){return!1}var n}async function P(a){switch(a.type){case e.SelfDeclaration:return y({},a,{status:a.confirmed?t.VERIFIED:t.FAILED});case e.Screenshot:return y({},a,{status:a.url?t.FLAGGED:t.FAILED});case e.EIP191:return async function(e){const[r,n,o]=e.address.split(/:/);if("eip155"!==r)return y({},e,{status:t.FAILED});const s=function(t,e,r){try{const n=f.getSignPayload(E.fromString(e)),o=d.fromHex(r),s=l.recoverPublicKey({payload:n,signature:o});return h.checksum(h.fromPublicKey(s)).toString()===h.checksum(t)}catch(t){return!1}}(o,e.attestation,e.proof);return y({},e,{status:s?t.VERIFIED:t.FAILED})}(a);case e.ED25519:return async function(e){const[r,n,o]=e.address.split(/:/);if("solana"!==r)return y({},e,{status:t.FAILED});try{const r=u.decode(o),n=(new TextEncoder).encode(e.attestation),s=i.decode(e.proof);return y({},e,{status:m.sign.detached.verify(n,s,r)?t.VERIFIED:t.FAILED})}catch(r){return y({},e,{status:t.FAILED})}}(a);case e.EIP712:case e.BIP137:return async function(e){const[a,u,f]=e.address.split(/:/);if("bip122"!==a)return y({},e,{status:t.FAILED});try{const a=[w.SEGWIT,w.NATIVE].includes(function(t){if(t.match("^(bc1|tb1|ltc1).*"))return w.NATIVE;if(t.match("^[32M].*"))return w.SEGWIT;if(t.match("^[1nmL].*"))return w.LEGACY;if(t.match("^(D).*"))return w.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(t).concat(" is not a valid or a supported address"))}(f)),u=function(t,e,a,u){const{compressed:f,segwitType:E,recovery:d,signature:l}=function(t){const e=i.decode(t);if(65!==e.length)throw new Error("Invalid signature length");const r=e[0]-27;if(r>15||r<0)throw new Error("Invalid signature parameter");return{compressed:!!(12&r),segwitType:8&r?4&r?D.P2WPKH:D.P2SH_P2WPKH:void 0,recovery:3&r,signature:e.slice(1)}}(a);if(u&&!f)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");const h=function(t){const e=(new TextEncoder).encode("Bitcoin Signed Message:\n"),r=(new TextEncoder).encode(t),n=c(r.length).buffer,o=new Uint8Array(e.length+n.byteLength+r.length);return o.set(e),o.set(new Uint8Array(n),e.length),o.set(r,e.length+n.byteLength),s(o)}(t),p=f?r.recoverPublicKeyCompressed(l,d,h):r.recoverPublicKeyUncompressed(l,d,h);if("string"==typeof p)throw new Error(p);const g=n(p);let I="";if(E)I=b(g);else if(u)try{I=b(g)}catch(t){I=b(g)}else I=o(0,g);return I===e}(e.attestation,f,e.proof,a);return y({},e,{status:u?t.VERIFIED:t.FAILED})}catch(r){return y({},e,{status:t.FAILED})}}(a);case e.TIP191:return async function(e){const[r,n,o]=e.address.split(/:/);return y({},e,"tron"!==r?{status:t.FAILED}:{status:A(o,e.attestation,e.proof)?t.VERIFIED:t.FAILED})}(a)}return a}!function(t){t.P2WPKH="p2wpkh",t.P2SH_P2WPKH="p2sh(p2wpkh)"}(D||(D={})),function(t){t.LEGACY="Legacy",t.NATIVE="Native SegWit",t.SEGWIT="SegWit",t.P2SH_SEGWIT="p2sh",t.BCH="Bitcoin Cash",t.ETHEREUM="Ethereum",t.DOGECOIN="Dogecoin",t.UNKNOWN="Unknown"}(w||(w={}));export{P as verifyProof};
1
+ import{ProofStatus as t,ProofTypes as e}from"@notabene/javascript-sdk";import{encode as n}from"varuint-bitcoin";import{createBase58check as r,bech32 as s,base64 as o,base58 as c}from"@scure/base";import{Hash as a,PersonalMessage as i,Hex as u,Signature as f,Secp256k1 as d,Address as E,PublicKey as h,Bytes as l}from"ox";import{secp256k1 as p}from"@noble/curves/secp256k1";import g from"tweetnacl";function I(){return I=Object.assign?Object.assign.bind():function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var r in n)({}).hasOwnProperty.call(n,r)&&(t[r]=n[r])}return t},I.apply(null,arguments)}var m,y;!function(t){t.P2WPKH="p2wpkh",t.P2SH_P2WPKH="p2sh(p2wpkh)"}(m||(m={})),function(t){t.LEGACY="Legacy",t.NATIVE="Native SegWit",t.SEGWIT="SegWit",t.P2SH_SEGWIT="p2sh",t.BCH="Bitcoin Cash",t.ETHEREUM="Ethereum",t.DOGECOIN="Dogecoin",t.UNKNOWN="Unknown"}(y||(y={}));const D=r(a.sha256);function w(t){const e=s.toWords(t);return e.unshift(0),s.encode("bc",e)}function A(t,e,n){try{const s=(r=u.fromString(e),a.keccak256(function(t){const e=u.from(t);return u.concat("0x19",u.fromString("TRON Signed Message:\n"+u.size(e)),e)}(r))),o=f.fromHex(n),i=d.recoverPublicKey({payload:s,signature:o}),E=`0x41${a.keccak256(`0x${h.toHex(i).slice(4)}`).substring(26)}`,p=l.from(E),g=l.from(a.sha256(a.sha256(E))).slice(0,4),I=l.concat(p,g);return c.encode(I)===t}catch(t){return!1}var r}async function b(r){switch(r.type){case e.SelfDeclaration:return I({},r,{status:r.confirmed?t.VERIFIED:t.FAILED});case e.Screenshot:return I({},r,{status:r.url?t.FLAGGED:t.FAILED});case e.EIP191:return async function(e){const[n,r,s]=e.address.split(/:/);if("eip155"!==n)return I({},e,{status:t.FAILED});const o=function(t,e,n){try{const r=i.getSignPayload(u.fromString(e)),s=f.fromHex(n),o=d.recoverPublicKey({payload:r,signature:s});return E.checksum(E.fromPublicKey(o)).toString()===E.checksum(t)}catch(t){return!1}}(s,e.attestation,e.proof);return I({},e,{status:o?t.VERIFIED:t.FAILED})}(r);case e.ED25519:return async function(e){const[n,r,s]=e.address.split(/:/);if("solana"!==n)return I({},e,{status:t.FAILED});try{const n=c.decode(s),r=(new TextEncoder).encode(e.attestation),a=o.decode(e.proof);return I({},e,{status:g.sign.detached.verify(r,a,n)?t.VERIFIED:t.FAILED})}catch(n){return I({},e,{status:t.FAILED})}}(r);case e.EIP712:case e.BIP137:return async function(e){const[r,s,c]=e.address.split(/:/);if("bip122"!==r)return I({},e,{status:t.FAILED});try{const r=[y.SEGWIT,y.NATIVE].includes(function(t){if(t.match("^(bc1|tb1|ltc1).*"))return y.NATIVE;if(t.match("^[32M].*"))return y.SEGWIT;if(t.match("^[1nmL].*"))return y.LEGACY;if(t.match("^(D).*"))return y.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(t).concat(" is not a valid or a supported address"))}(c)),s=function(t,e,r,s){const{compressed:c,segwitType:i,signature:u}=function(t){const e=o.decode(t);if(65!==e.length)throw new Error("Invalid signature length");const n=e[0]-27;if(n>15||n<0)throw new Error("Invalid signature parameter");const r=!!(12&n),s=3&n,c=p.Signature.fromCompact(e.slice(1));return{compressed:r,segwitType:8&n?4&n?m.P2WPKH:m.P2SH_P2WPKH:void 0,signature:c.addRecoveryBit(s)}}(r);if(s&&!c)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");const f=function(t){const e=(new TextEncoder).encode("Bitcoin Signed Message:\n"),r=(new TextEncoder).encode(t),s=n(r.length).buffer,o=new Uint8Array(e.length+s.byteLength+r.length);return o.set(e),o.set(new Uint8Array(s),e.length),o.set(r,e.length+s.byteLength),function(t){return a.sha256(a.sha256(t))}(o)}(t),d=(E=u.recoverPublicKey(f).toRawBytes(c),a.ripemd160(a.sha256(E)));var E;let h="";if(i)h=w(d);else if(s)try{h=w(d)}catch(t){h=w(d)}else h=function(t,e){const n=new Uint8Array([0,...e]);return D.encode(n)}(0,d);return h===e}(e.attestation,c,e.proof,r);return I({},e,{status:s?t.VERIFIED:t.FAILED})}catch(n){return I({},e,{status:t.FAILED})}}(r);case e.TIP191:return async function(e){const[n,r,s]=e.address.split(/:/);return I({},e,"tron"!==n?{status:t.FAILED}:{status:A(s,e.attestation,e.proof)?t.VERIFIED:t.FAILED})}(r)}return r}export{b as verifyProof};
2
2
  //# sourceMappingURL=index.modern.js.map
package/dist/index.modern.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.modern.js","sources":["../src/bitcoin.ts","../src/tron.ts","../src/index.ts","../src/eth.ts","../src/solana.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport {\n secp256k1,\n hash160,\n hash256,\n RecoveryId,\n encodeBase58AddressFormat,\n} from \"@bitauth/libauth\";\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32 } from \"@scure/base\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n recovery: RecoveryId;\n signature: Uint8Array;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const signature = base64.decode(proof);\n if (signature.length !== 65) throw new Error(\"Invalid signature length\");\n\n const flagByte = signature[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n\n return {\n compressed: !!(flagByte & 12),\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n recovery: (flagByte & 3) as RecoveryId,\n signature: signature.slice(1),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, recovery, signature } =\n decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n\n const hash = magicHash(attestation);\n const publicKey: Uint8Array | string = compressed\n ? secp256k1.recoverPublicKeyCompressed(signature, recovery, hash)\n : secp256k1.recoverPublicKeyUncompressed(signature, recovery, hash);\n if (typeof publicKey === \"string\") throw new Error(publicKey);\n const publicKeyHash = hash160(publicKey);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyTIP191","address","message","proof","payload","data","Hex","fromString","Hash","keccak256","from","concat","size","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","hex","PublicKey","toHex","slice","substring","bytes","Bytes","checksum","sha256","checked","base58","error","async","verifyProof","type","ProofTypes","SelfDeclaration","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","ns","_","split","verified","PersonalMessage","getSignPayload","Address","fromPublicKey","toString","verifyEIP191","attestation","verifyPersonalSignEIP191","ED25519","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","getDerivationMode","checkSegwitAlways","compressed","segwitType","recovery","length","flagByte","P2WPKH","P2SH_P2WPKH","undefined","decodeSignature","hash","prefix","encodeLength","buffer","Uint8Array","byteLength","set","hash256","magicHash","secp256k1","recoverPublicKeyCompressed","recoverPublicKeyUncompressed","hash160","actual","e","encodeBase58AddressFormat","verifyBTCSignature","TIP191","verifyPersonalSignTIP191"],"mappings":"ioBAYA,IAAKA,EAOAC,EA2IL,SAASC,EAAoBC,GAC3B,MAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,UC9JgBK,EACdC,EACAC,EACAC,GAEA,IACE,MAAMC,GA0CqBC,EA1CIC,EAAIC,WAAWL,GA2CzCM,EAAKC,UAVR,SAAiBJ,GACrB,MAAMH,EAAUI,EAAII,KAAKL,GACzB,OAAOC,EAAIK,OAET,OACAL,EAAIC,WAAW,yBAA2BD,EAAIM,KAAKV,IACnDA,EAEJ,CAEwBH,CAAOM,KA1CrBQ,EAAYC,EAAUC,QAAQZ,GAC9Ba,EAAYC,EAAUC,iBAAiB,CAAEd,UAASS,cAClDM,EAAe,OAAOX,EAAKC,UAC/B,KAAKW,EAAUC,MAAML,GAAWM,MAAM,MACtCC,UAAU,MACNC,EAAQC,EAAMf,KAAKS,GACnBO,EAAWD,EAAMf,KAAKF,EAAKmB,OAAOnB,EAAKmB,OAAOR,KAAOG,MAAM,EAAG,GAC9DM,EAAUH,EAAMd,OAAOa,EAAOE,GAEpC,OADYG,EAAO9B,OAAO6B,KACX3B,CACjB,CAAE,MAAO6B,GACP,OACF,CAAA,KA6B6BzB,CA5B/B,CCXO0B,eAAeC,EACpB7B,GAEA,OAAQA,EAAM8B,MACZ,KAAKC,EAAWC,gBACd,OAAAC,EACKjC,CAAAA,EAAAA,EACHkC,CAAAA,OAASlC,EAA2BmC,UAChCC,EAAYC,SACZD,EAAYE,SAEpB,KAAKP,EAAWQ,WACd,OAAAN,KACKjC,EAAK,CACRkC,OAASlC,EAA0BwC,IAC/BJ,EAAYK,QACZL,EAAYE,SAEpB,KAAKP,EAAWW,OACd,OCbCd,eACL5B,GAEA,MAAO2C,EAAIC,EAAG9C,GAAWE,EAAMF,QAAQ+C,MAAM,KAC7C,GAAW,WAAPF,EAAiB,OAAAV,EAAYjC,CAAAA,EAAAA,GAAOkC,OAAQE,EAAYE,SAE5D,MAAMQ,WArBNhD,EACAC,EACAC,GAEA,IACE,MAAMC,EAAU8C,EAAgBC,eAAe7C,EAAIC,WAAWL,IACxDW,EAAYC,EAAUC,QAAQZ,GAC9Ba,EAAYC,EAAUC,iBAAiB,CAAEd,UAASS,cAExD,OADkBuC,EAAQ1B,SAAS0B,EAAQC,cAAcrC,IACxCsC,aAAeF,EAAQ1B,SAASzB,EACnD,CAAE,MAAO6B,GACP,OACF,CAAA,CACF,CAQmByB,CACftD,EACAE,EAAMqD,YACNrD,EAAMA,OAER,OAAAiC,EAAA,CAAA,EACKjC,EACHkC,CAAAA,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,QAE1D,CDFagB,CAAyBtD,GAClC,KAAK+B,EAAWwB,QACd,OE9BC3B,eACL5B,GAEA,MAAO2C,EAAIC,EAAG9C,GAAWE,EAAMF,QAAQ+C,MAAM,KAC7C,GAAW,WAAPF,EAAiB,OAAAV,EAAYjC,GAAAA,EAAOkC,CAAAA,OAAQE,EAAYE,SAC5D,IACE,MAAMzB,EAAYa,EAAO8B,OAAO1D,GAC1B2D,GAAe,IAAIC,aAAc9D,OAAOI,EAAMqD,aAC9CM,EAAiBC,EAAOJ,OAAOxD,EAAMA,OAO3C,OAAAiC,KACKjC,EAAK,CACRkC,OARe2B,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACA9C,GAKmBuB,EAAYC,SAAWD,EAAYE,QAE1D,CAAE,MAAOX,GACP,OAAAM,EAAA,CAAA,EAAYjC,EAAK,CAAEkC,OAAQE,EAAYE,QACzC,CACF,CFQa2B,CAAsBjE,GAC/B,KAAK+B,EAAWmC,OAChB,KAAKnC,EAAWoC,OACd,OFPCvC,eACL5B,GAEA,MAAO2C,EAAIC,EAAG9C,GAAWE,EAAMF,QAAQ+C,MAAM,KAC7C,GAAW,WAAPF,EAAiB,OAAAV,EAAYjC,CAAAA,EAAAA,GAAOkC,OAAQE,EAAYE,SAC5D,IAEE,MAAM8B,EAAS,CAAC/E,EAAegF,OAAQhF,EAAeiF,QAAQC,SAclE,SAA2BzE,GACzB,GAAIA,EAAQ0E,MAAM,qBAChB,OAAOnF,EAAeiF,UACbxE,EAAQ0E,MAAM,YACvB,OAAOnF,EAAegF,UACbvE,EAAQ0E,MAAM,aACvB,OAAOnF,EAAeoF,OACb3E,GAAAA,EAAQ0E,MAAM,UACvB,OAAOnF,EAAeqF,SAEtB,UAAUC,MACR,oBACGnE,OAAOV,GACPU,OAAO,0CAGhB,CA7BMoE,CAAkB9E,IAEdgD,EAyDV,SACEO,EACAvD,EACAE,EACA6E,GAEA,MAAMC,WAAEA,EAAUC,WAAEA,EAAUC,SAAEA,EAAQtE,UAAEA,GA3B5C,SAAyBV,GACvB,MAAMU,EAAYkD,EAAOJ,OAAOxD,GAChC,GAAyB,KAArBU,EAAUuE,OAAe,UAAUN,MAAM,4BAE7C,MAAMO,EAAWxE,EAAU,GAAK,GAChC,GAAIwE,EAAW,IAAMA,EAAW,EAC9B,UAAUP,MAAM,+BAGlB,MAAO,CACLG,cAA0B,GAAXI,GACfH,WAAyB,EAAXG,EAEG,EAAXA,EAEA9F,EAAa+F,OADb/F,EAAagG,iBAFfC,EAIJL,SAAsB,EAAXE,EACXxE,UAAWA,EAAUS,MAAM,GAE/B,CASImE,CAAgBtF,GAClB,GAAI6E,IAAsBC,EACxB,UAAUH,MACR,kFAIJ,MAAMY,EAkCR,SAAmBlC,GACjB,MAAMmC,GAAS,IAAI9B,aAAc9D,OAjIb,8BAkIdG,GAAU,IAAI2D,aAAc9D,OAAOyD,GACnC4B,EAASQ,EAAa1F,EAAQkF,QAAQS,OACtCA,EAAS,IAAIC,WACjBH,EAAOP,OAASA,EAAOW,WAAa7F,EAAQkF,QAK9C,OAHAS,EAAOG,IAAIL,GACXE,EAAOG,IAAI,IAAIF,WAAWV,GAASO,EAAOP,QAC1CS,EAAOG,IAAI9F,EAASyF,EAAOP,OAASA,EAAOW,YACpCE,EAAQJ,EACjB,CA7CeK,CAAU1C,GACjBxC,EAAiCiE,EACnCkB,EAAUC,2BAA2BvF,EAAWsE,EAAUO,GAC1DS,EAAUE,6BAA6BxF,EAAWsE,EAAUO,GAChE,GAAyB,iBAAd1E,EAAwB,MAAM,IAAI8D,MAAM9D,GACnD,MAAMtB,EAAgB4G,EAAQtF,GAC9B,IAAIuF,EAAiB,GAErB,GAAIrB,EAEAqB,EAAS9G,EAAoBC,QAQ/B,GAAIsF,EACF,IACEuB,EAAS9G,EAAoBC,EAE/B,CAAE,MAAO8G,GACPD,EAAS9G,EAAoBC,EAE/B,MAEA6G,EAASE,EAA0B,EAAG/G,GAI1C,OAAO6G,IAAWtG,CACpB,CAvGqBkE,CAAOhE,EAAMqD,YAAavD,EAASE,EAAMA,MAAOoE,GAEjE,OAAAnC,EACKjC,CAAAA,EAAAA,GACHkC,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,QAE1D,CAAE,MAAOX,GACP,OAAAM,EAAYjC,CAAAA,EAAAA,GAAOkC,OAAQE,EAAYE,QACzC,CACF,CEZaiE,CAAmBvG,GAC5B,KAAK+B,EAAWyE,OACd,ODbC5E,eACL5B,GAEA,MAAO2C,EAAIC,EAAG9C,GAAWE,EAAMF,QAAQ+C,MAAM,KAC7C,OAAmBZ,EAAYjC,CAAAA,EAAAA,EAApB,SAAP2C,GAAkCT,OAAQE,EAAYE,QAQhD,CACRJ,OAPerC,EACfC,EACAE,EAAMqD,YACNrD,EAAMA,OAIaoC,EAAYC,SAAWD,EAAYE,QAE1D,CCFamE,CAAyBzG,GAIpC,OAAOA,CACT,EFhCA,SAAKZ,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,KAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA"}
1
+ {"version":3,"file":"index.modern.js","sources":["../src/bitcoin.ts","../src/tron.ts","../src/index.ts","../src/eth.ts","../src/solana.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyTIP191","address","message","proof","payload","data","Hex","fromString","keccak256","from","concat","size","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","hex","PublicKey","toHex","slice","substring","bytes","Bytes","checksum","checked","base58","error","async","verifyProof","type","ProofTypes","SelfDeclaration","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","ns","_","split","verified","PersonalMessage","getSignPayload","Address","fromPublicKey","toString","verifyEIP191","attestation","verifyPersonalSignEIP191","ED25519","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","getDerivationMode","checkSegwitAlways","compressed","segwitType","sigbytes","length","flagByte","recovery","secp256k1","fromCompact","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","hash","prefix","encodeLength","buffer","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","e","version","encodeBase58AddressFormat","verifyBTCSignature","TIP191","verifyPersonalSignTIP191"],"mappings":"smBAOA,IAAKA,EAOAC,GAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,KAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAsHD,MAAMC,EAAcC,EAAkBC,EAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,MAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,UCjKgBK,EACdC,EACAC,EACAC,GAEA,IACE,MAAMC,GA0CqBC,EA1CIC,EAAIC,WAAWL,GA2CzCX,EAAKiB,UAVR,SAAiBH,GACrB,MAAMH,EAAUI,EAAIG,KAAKJ,GACzB,OAAOC,EAAII,OAET,OACAJ,EAAIC,WAAW,yBAA2BD,EAAIK,KAAKT,IACnDA,EAEJ,CAEwBH,CAAOM,KA1CrBO,EAAYC,EAAUC,QAAQX,GAC9BY,EAAYC,EAAUC,iBAAiB,CAAEb,UAASQ,cAClDM,EAAe,OAAO3B,EAAKiB,UAC/B,KAAKW,EAAUC,MAAML,GAAWM,MAAM,MACtCC,UAAU,MACNC,EAAQC,EAAMf,KAAKS,GACnBO,EAAWD,EAAMf,KAAKlB,EAAKC,OAAOD,EAAKC,OAAO0B,KAAOG,MAAM,EAAG,GAC9DK,EAAUF,EAAMd,OAAOa,EAAOE,GAEpC,OADYE,EAAO5B,OAAO2B,KACXzB,CACjB,CAAE,MAAO2B,GACP,OACF,CAAA,KA6B6BvB,CA5B/B,CCXOwB,eAAeC,EACpB3B,GAEA,OAAQA,EAAM4B,MACZ,KAAKC,EAAWC,gBACd,OAAAC,EACK/B,CAAAA,EAAAA,EACHgC,CAAAA,OAAShC,EAA2BiC,UAChCC,EAAYC,SACZD,EAAYE,SAEpB,KAAKP,EAAWQ,WACd,OAAAN,KACK/B,EAAK,CACRgC,OAAShC,EAA0BsC,IAC/BJ,EAAYK,QACZL,EAAYE,SAEpB,KAAKP,EAAWW,OACd,OCbCd,eACL1B,GAEA,MAAOyC,EAAIC,EAAG5C,GAAWE,EAAMF,QAAQ6C,MAAM,KAC7C,GAAW,WAAPF,EAAiB,OAAAV,EAAY/B,CAAAA,EAAAA,GAAOgC,OAAQE,EAAYE,SAE5D,MAAMQ,WArBN9C,EACAC,EACAC,GAEA,IACE,MAAMC,EAAU4C,EAAgBC,eAAe3C,EAAIC,WAAWL,IACxDU,EAAYC,EAAUC,QAAQX,GAC9BY,EAAYC,EAAUC,iBAAiB,CAAEb,UAASQ,cAExD,OADkBsC,EAAQzB,SAASyB,EAAQC,cAAcpC,IACxCqC,aAAeF,EAAQzB,SAASxB,EACnD,CAAE,MAAO2B,GACP,OACF,CAAA,CACF,CAQmByB,CACfpD,EACAE,EAAMmD,YACNnD,EAAMA,OAER,OAAA+B,EAAA,CAAA,EACK/B,EACHgC,CAAAA,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,QAE1D,CDFagB,CAAyBpD,GAClC,KAAK6B,EAAWwB,QACd,OE9BC3B,eACL1B,GAEA,MAAOyC,EAAIC,EAAG5C,GAAWE,EAAMF,QAAQ6C,MAAM,KAC7C,GAAW,WAAPF,EAAiB,OAAAV,EAAY/B,GAAAA,EAAOgC,CAAAA,OAAQE,EAAYE,SAC5D,IACE,MAAMxB,EAAYY,EAAO8B,OAAOxD,GAC1ByD,GAAe,IAAIC,aAAc5D,OAAOI,EAAMmD,aAC9CM,EAAiBC,EAAOJ,OAAOtD,EAAMA,OAO3C,OAAA+B,KACK/B,EAAK,CACRgC,OARe2B,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACA7C,GAKmBsB,EAAYC,SAAWD,EAAYE,QAE1D,CAAE,MAAOX,GACP,OAAAM,EAAA,CAAA,EAAY/B,EAAK,CAAEgC,OAAQE,EAAYE,QACzC,CACF,CFQa2B,CAAsB/D,GAC/B,KAAK6B,EAAWmC,OAChB,KAAKnC,EAAWoC,OACd,OFZgBvC,eACpB1B,GAEA,MAAOyC,EAAIC,EAAG5C,GAAWE,EAAMF,QAAQ6C,MAAM,KAC7C,GAAW,WAAPF,EAAiB,OAAAV,EAAY/B,CAAAA,EAAAA,GAAOgC,OAAQE,EAAYE,SAC5D,IAEE,MAAM8B,EAAS,CAACjF,EAAekF,OAAQlF,EAAemF,QAAQC,SAmBlE,SAA2BvE,GACzB,GAAIA,EAAQwE,MAAM,qBAChB,OAAOrF,EAAemF,OACbtE,GAAAA,EAAQwE,MAAM,YACvB,OAAOrF,EAAekF,OACbrE,GAAAA,EAAQwE,MAAM,aACvB,OAAOrF,EAAesF,UACbzE,EAAQwE,MAAM,UACvB,OAAOrF,EAAeuF,SAEtB,MAAM,IAAIC,MACR,oBACGlE,OAAOT,GACPS,OAAO,0CAGhB,CAlCMmE,CAAkB5E,IAEd8C,EA8DV,SACEO,EACArD,EACAE,EACA2E,GAEA,MAAMC,WAAEA,EAAUC,WAAEA,EAAUpE,UAAEA,GA5BlC,SAAyBT,GACvB,MAAM8E,EAAWpB,EAAOJ,OAAOtD,GAC/B,GAAwB,KAApB8E,EAASC,OAAe,MAAM,IAAIN,MAAM,4BAC5C,MAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,UAAUP,MAAM,+BAElB,MAAMG,KAA2B,GAAXI,GAChBC,EAAsB,EAAXD,EACXvE,EAAYyE,EAAUxE,UAAUyE,YAAYL,EAAS5D,MAAM,IAEjE,MAAO,CACL0D,aACAC,WAAyB,EAAXG,EAEG,EAAXA,EAEAhG,EAAaoG,OADbpG,EAAaqG,iBAFfC,EAIJ7E,UAAWA,EAAU8E,eAAeN,GAExC,CAQgDO,CAAgBxF,GAC9D,GAAI2E,IAAsBC,EACxB,MAAU,IAAAH,MACR,kFAGJ,MAAMgB,EAuCR,SAAmBtC,GACjB,MAAMuC,GAAS,IAAIlC,aAAc5D,OAzIb,8BA0IdG,GAAU,IAAIyD,aAAc5D,OAAOuD,GACnC4B,EAASY,EAAa5F,EAAQgF,QAAQa,OACtCA,EAAS,IAAIC,WACjBH,EAAOX,OAASA,EAAOe,WAAa/F,EAAQgF,QAK9C,OAHAa,EAAOG,IAAIL,GACXE,EAAOG,IAAI,IAAIF,WAAWd,GAASW,EAAOX,QAC1Ca,EAAOG,IAAIhG,EAAS2F,EAAOX,OAASA,EAAOe,YAU7C,SAAiBF,GACf,OAAOxG,EAAKC,OAAOD,EAAKC,OAAOuG,GACjC,CAXSI,CAAQJ,EACjB,CAlDeK,CAAU9C,GAGjB5D,GA2DSqG,EA7DGnF,EAAUK,iBAAiB2E,GACZS,WAAWtB,GA6DrCxF,EAAK+G,UAAU/G,EAAKC,OAAOuG,KADpC,IAAiBA,EA1Df,IAAIQ,EAAiB,GAErB,GAAIvB,EAEAuB,EAAS9G,EAAoBC,QAQ/B,GAAIoF,EACF,IACEyB,EAAS9G,EAAoBC,EAE/B,CAAE,MAAO8G,GACPD,EAAS9G,EAAoBC,EAE/B,MAEA6G,EASN,SAAmCE,EAAiB/G,GAClD,MAAMU,EAAU,IAAI4F,WAAW,CAVQ,KAUKtG,IAC5C,OAAOL,EAAYU,OAAOK,EAC5B,CAZesG,CAA0B,EAAGhH,GAI1C,OAAO6G,IAAWtG,CACpB,CAxGqBgE,CAAO9D,EAAMmD,YAAarD,EAASE,EAAMA,MAAOkE,GAEjE,OAAAnC,EACK/B,CAAAA,EAAAA,EACHgC,CAAAA,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,QAE1D,CAAE,MAAOX,GAEP,OAAAM,EAAA,CAAA,EACK/B,EAAK,CACRgC,OAAQE,EAAYE,QAGxB,CACF,CEZaoE,CAAmBxG,GAC5B,KAAK6B,EAAW4E,OACd,ODbC/E,eACL1B,GAEA,MAAOyC,EAAIC,EAAG5C,GAAWE,EAAMF,QAAQ6C,MAAM,KAC7C,OAAmBZ,EAAY/B,CAAAA,EAAAA,EAApB,SAAPyC,GAAkCT,OAAQE,EAAYE,QAQhD,CACRJ,OAPenC,EACfC,EACAE,EAAMmD,YACNnD,EAAMA,OAIakC,EAAYC,SAAWD,EAAYE,QAE1D,CCFasE,CAAyB1G,GAIpC,OAAOA,CACT"}
package/dist/index.umd.js CHANGED
@@ -1,2 +1,2 @@
1
- !function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(exports,require("@notabene/javascript-sdk"),require("@bitauth/libauth"),require("varuint-bitcoin"),require("@scure/base"),require("ox"),require("tweetnacl")):"function"==typeof define&&define.amd?define(["exports","@notabene/javascript-sdk","@bitauth/libauth","varuint-bitcoin","@scure/base","ox","tweetnacl"],r):r((e||self).verifyProof={},e.javascriptSdk,e.libauth,e.varuintBitcoin,e.base,e.ox,e.tweetnacl)}(this,function(e,r,t,o,s,n,a){function i(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var c,u,f=/*#__PURE__*/i(a);function l(){return l=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var o in t)({}).hasOwnProperty.call(t,o)&&(e[o]=t[o])}return e},l.apply(null,arguments)}function P(e){var r=s.bech32.toWords(e);return r.unshift(0),s.bech32.encode("bc",r)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(c||(c={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(u||(u={})),e.verifyProof=function(e){try{switch(e.type){case r.ProofTypes.SelfDeclaration:return Promise.resolve(l({},e,{status:e.confirmed?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}));case r.ProofTypes.Screenshot:return Promise.resolve(l({},e,{status:e.url?r.ProofStatus.FLAGGED:r.ProofStatus.FAILED}));case r.ProofTypes.EIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),o=t[2];if("eip155"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));var s=function(e,r,t){try{var o=n.PersonalMessage.getSignPayload(n.Hex.fromString(r)),s=n.Signature.fromHex(t),a=n.Secp256k1.recoverPublicKey({payload:o,signature:s});return n.Address.checksum(n.Address.fromPublicKey(a)).toString()===n.Address.checksum(e)}catch(e){return!1}}(o,e.attestation,e.proof);return Promise.resolve(l({},e,{status:s?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.ED25519:return Promise.resolve(function(e){try{var t=e.address.split(/:/),o=t[2];if("solana"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));try{var n=s.base58.decode(o),a=(new TextEncoder).encode(e.attestation),i=s.base64.decode(e.proof),c=f.default.sign.detached.verify(a,i,n);return Promise.resolve(l({},e,{status:c?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(t){return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.EIP712:case r.ProofTypes.BIP137:return Promise.resolve(function(e){try{var n=e.address.split(/:/),a=n[2];if("bip122"!==n[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));try{var i=[u.SEGWIT,u.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return u.NATIVE;if(e.match("^[32M].*"))return u.SEGWIT;if(e.match("^[1nmL].*"))return u.LEGACY;if(e.match("^(D).*"))return u.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(a)),f=function(e,r,n,a){var i=function(e){var r=s.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");return{compressed:!!(12&t),segwitType:8&t?4&t?c.P2WPKH:c.P2SH_P2WPKH:void 0,recovery:3&t,signature:r.slice(1)}}(n),u=i.compressed,f=i.segwitType,l=i.recovery,d=i.signature;if(a&&!u)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var h=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),s=(new TextEncoder).encode(e),n=o.encode(s.length).buffer,a=new Uint8Array(r.length+n.byteLength+s.length);return a.set(r),a.set(new Uint8Array(n),r.length),a.set(s,r.length+n.byteLength),t.hash256(a)}(e),v=u?t.secp256k1.recoverPublicKeyCompressed(d,l,h):t.secp256k1.recoverPublicKeyUncompressed(d,l,h);if("string"==typeof v)throw new Error(v);var p=t.hash160(v),y="";if(f)y=P(p);else if(a)try{y=P(p)}catch(e){y=P(p)}else y=t.encodeBase58AddressFormat(0,p);return y===r}(e.attestation,a,e.proof,i);return Promise.resolve(l({},e,{status:f?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(t){return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.TIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),o=t[2];if("tron"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));var a=function(e,r,t){try{var o=(P=n.Hex.fromString(r),n.Hash.keccak256(function(e){var r=n.Hex.from(e);return n.Hex.concat("0x19",n.Hex.fromString("TRON Signed Message:\n"+n.Hex.size(r)),r)}(P))),a=n.Signature.fromHex(t),i=n.Secp256k1.recoverPublicKey({payload:o,signature:a}),c="0x41"+n.Hash.keccak256("0x"+n.PublicKey.toHex(i).slice(4)).substring(26),u=n.Bytes.from(c),f=n.Bytes.from(n.Hash.sha256(n.Hash.sha256(c))).slice(0,4),l=n.Bytes.concat(u,f);return s.base58.encode(l)===e}catch(e){return!1}var P}(o,e.attestation,e.proof);return Promise.resolve(l({},e,{status:a?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e))}return Promise.resolve(e)}catch(e){return Promise.reject(e)}}});
1
+ !function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(exports,require("@notabene/javascript-sdk"),require("varuint-bitcoin"),require("@scure/base"),require("ox"),require("@noble/curves/secp256k1"),require("tweetnacl")):"function"==typeof define&&define.amd?define(["exports","@notabene/javascript-sdk","varuint-bitcoin","@scure/base","ox","@noble/curves/secp256k1","tweetnacl"],r):r((e||self).verifyProof={},e.javascriptSdk,e.varuintBitcoin,e.base,e.ox,e.secp256k1,e.tweetnacl)}(this,function(e,r,t,o,s,n,a){function i(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var c,u,f=/*#__PURE__*/i(a);function l(){return l=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var o in t)({}).hasOwnProperty.call(t,o)&&(e[o]=t[o])}return e},l.apply(null,arguments)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(c||(c={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(u||(u={}));var P=o.createBase58check(s.Hash.sha256);function d(e){var r=o.bech32.toWords(e);return r.unshift(0),o.bech32.encode("bc",r)}e.verifyProof=function(e){try{switch(e.type){case r.ProofTypes.SelfDeclaration:return Promise.resolve(l({},e,{status:e.confirmed?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}));case r.ProofTypes.Screenshot:return Promise.resolve(l({},e,{status:e.url?r.ProofStatus.FLAGGED:r.ProofStatus.FAILED}));case r.ProofTypes.EIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),o=t[2];if("eip155"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));var n=function(e,r,t){try{var o=s.PersonalMessage.getSignPayload(s.Hex.fromString(r)),n=s.Signature.fromHex(t),a=s.Secp256k1.recoverPublicKey({payload:o,signature:n});return s.Address.checksum(s.Address.fromPublicKey(a)).toString()===s.Address.checksum(e)}catch(e){return!1}}(o,e.attestation,e.proof);return Promise.resolve(l({},e,{status:n?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.ED25519:return Promise.resolve(function(e){try{var t=e.address.split(/:/),s=t[2];if("solana"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));try{var n=o.base58.decode(s),a=(new TextEncoder).encode(e.attestation),i=o.base64.decode(e.proof),c=f.default.sign.detached.verify(a,i,n);return Promise.resolve(l({},e,{status:c?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(t){return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.EIP712:case r.ProofTypes.BIP137:return Promise.resolve(function(e){try{var a=e.address.split(/:/),i=a[2];if("bip122"!==a[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));try{var f=[u.SEGWIT,u.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return u.NATIVE;if(e.match("^[32M].*"))return u.SEGWIT;if(e.match("^[1nmL].*"))return u.LEGACY;if(e.match("^(D).*"))return u.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(i)),h=function(e,r,a,i){var u=function(e){var r=o.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");var s=!!(12&t),a=3&t,i=n.secp256k1.Signature.fromCompact(r.slice(1));return{compressed:s,segwitType:8&t?4&t?c.P2WPKH:c.P2SH_P2WPKH:void 0,signature:i.addRecoveryBit(a)}}(a),f=u.compressed,l=u.segwitType,h=u.signature;if(i&&!f)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var v,p=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),o=(new TextEncoder).encode(e),n=t.encode(o.length).buffer,a=new Uint8Array(r.length+n.byteLength+o.length);return a.set(r),a.set(new Uint8Array(n),r.length),a.set(o,r.length+n.byteLength),function(e){return s.Hash.sha256(s.Hash.sha256(e))}(a)}(e),y=(v=h.recoverPublicKey(p).toRawBytes(f),s.Hash.ripemd160(s.Hash.sha256(v))),m="";if(l)m=d(y);else if(i)try{m=d(y)}catch(e){m=d(y)}else m=function(e,r){var t=new Uint8Array([0].concat(r));return P.encode(t)}(0,y);return m===r}(e.attestation,i,e.proof,f);return Promise.resolve(l({},e,{status:h?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(t){return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.TIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),n=t[2];if("tron"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));var a=function(e,r,t){try{var n=(P=s.Hex.fromString(r),s.Hash.keccak256(function(e){var r=s.Hex.from(e);return s.Hex.concat("0x19",s.Hex.fromString("TRON Signed Message:\n"+s.Hex.size(r)),r)}(P))),a=s.Signature.fromHex(t),i=s.Secp256k1.recoverPublicKey({payload:n,signature:a}),c="0x41"+s.Hash.keccak256("0x"+s.PublicKey.toHex(i).slice(4)).substring(26),u=s.Bytes.from(c),f=s.Bytes.from(s.Hash.sha256(s.Hash.sha256(c))).slice(0,4),l=s.Bytes.concat(u,f);return o.base58.encode(l)===e}catch(e){return!1}var P}(n,e.attestation,e.proof);return Promise.resolve(l({},e,{status:a?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e))}return Promise.resolve(e)}catch(e){return Promise.reject(e)}}});
2
2
  //# sourceMappingURL=index.umd.js.map
package/dist/index.umd.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.umd.js","sources":["../src/bitcoin.ts","../src/index.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport {\n secp256k1,\n hash160,\n hash256,\n RecoveryId,\n encodeBase58AddressFormat,\n} from \"@bitauth/libauth\";\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32 } from \"@scure/base\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n recovery: RecoveryId;\n signature: Uint8Array;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const signature = base64.decode(proof);\n if (signature.length !== 65) throw new Error(\"Invalid signature length\");\n\n const flagByte = signature[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n\n return {\n compressed: !!(flagByte & 12),\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n recovery: (flagByte & 3) as RecoveryId,\n signature: signature.slice(1),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, recovery, signature } =\n decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n\n const hash = magicHash(attestation);\n const publicKey: Uint8Array | string = compressed\n ? secp256k1.recoverPublicKeyCompressed(signature, recovery, hash)\n : secp256k1.recoverPublicKeyUncompressed(signature, recovery, hash);\n if (typeof publicKey === \"string\") throw new Error(publicKey);\n const publicKeyHash = hash160(publicKey);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","_","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","length","flagByte","compressed","segwitType","P2WPKH","P2SH_P2WPKH","undefined","recovery","slice","decodeSignature","hash","prefix","encodeLength","buffer","Uint8Array","byteLength","set","hash256","magicHash","secp256k1","recoverPublicKeyCompressed","recoverPublicKeyUncompressed","hash160","actual","encodeBase58AddressFormat","verifyBTCSignature","TIP191","data","Hash","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","sha256","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"onBAYKA,EAOAC,8OA2IL,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAAA,OAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAMA,OAACG,OAAO,KAAMJ,EAC7B,EAtJA,SAAKJ,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,2BCdCQ,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAUA,WAACC,gBACd,OAAAC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,cAAYC,SACZD,EAAWA,YAACE,UAEpB,KAAKT,EAAUA,WAACU,WACd,OAAAR,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAAA,YAAYK,QACZL,cAAYE,UAEpB,KAAKT,EAAAA,WAAWa,OACd,OAAAX,QAAAC,QCbwC,SAC5CL,OAEA,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,EAAOO,CAAAA,OAAQE,EAAAA,YAAYE,UAE5D,IAAMS,WArBNH,EACAI,EACArB,GAEA,IACE,IAAMsB,EAAUC,kBAAgBC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,EAASA,UAACC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAAA,QAAQC,SAASD,EAAAA,QAAQE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAASjB,EACnD,CAAE,MAAOoB,GACP,OAAO,CACT,CACF,CAQmBC,CACfrB,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EAAA,CAAA,CDFYE,CAAyB1C,IAClC,KAAKE,EAAUA,WAACyC,QACd,OAAAvC,QAAAC,QE9BqC,SACzCL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAWA,YAACE,UAC5D,IACE,IAAMmB,EAAYc,EAAMA,OAACC,OAAO5B,GAC1B6B,GAAe,IAAIC,aAAchD,OAAOC,EAAMuC,aAC9CS,EAAiBC,SAAOJ,OAAO7C,EAAMA,OACrCoB,EAAW8B,UAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAA1B,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAAA,YAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EAAA,CAAA,CFQYc,CAAsBtD,IAC/B,KAAKE,aAAWqD,OAChB,KAAKrD,EAAAA,WAAWsD,OACd,OAAApD,QAAAC,QDPgB,SACpBL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAAA,YAAYE,UAC5D,IAEE,IAAM8C,EAAS,CAACjE,EAAekE,OAAQlE,EAAemE,QAAQC,SAclE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAOrE,EAAemE,OACjB,GAAI1C,EAAQ4C,MAAM,YACvB,OAAOrE,EAAekE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAOrE,EAAesE,OACjB,GAAI7C,EAAQ4C,MAAM,UACvB,OAAOrE,EAAeuE,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CA7BMC,CAAkBjD,IAEdG,EAyDV,SACEmB,EACAtB,EACAjB,EACAmE,GAEA,IAAAC,EA3BF,SAAyBpE,GACvB,IAAM2B,EAAYsB,SAAOJ,OAAO7C,GAChC,GAAyB,KAArB2B,EAAU0C,OAAe,UAAUL,MAAM,4BAE7C,IAAMM,EAAW3C,EAAU,GAAK,GAChC,GAAI2C,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIN,MAAM,+BAGlB,MAAO,CACLO,cAA0B,GAAXD,GACfE,WAAyB,EAAXF,EAEG,EAAXA,EAEA/E,EAAakF,OADblF,EAAamF,iBAFfC,EAIJC,SAAsB,EAAXN,EACX3C,UAAWA,EAAUkD,MAAM,GAE/B,CASIC,CAAgB9E,GADVuE,EAAUH,EAAVG,WAAYC,EAAUJ,EAAVI,WAAYI,EAAQR,EAARQ,SAAUjD,EAASyC,EAATzC,UAE1C,GAAIwC,IAAsBI,EACxB,MAAU,IAAAP,MACR,kFAIJ,IAAMe,EAkCR,SAAmBxC,GACjB,IAAMyC,GAAS,IAAIjC,aAAchD,OAjIb,8BAkIdsB,GAAU,IAAI0B,aAAchD,OAAOwC,GACnC8B,EAASY,EAAYlF,OAACsB,EAAQgD,QAAQa,OACtCA,EAAS,IAAIC,WACjBH,EAAOX,OAASA,EAAOe,WAAa/D,EAAQgD,QAK9C,OAHAa,EAAOG,IAAIL,GACXE,EAAOG,IAAI,IAAIF,WAAWd,GAASW,EAAOX,QAC1Ca,EAAOG,IAAIhE,EAAS2D,EAAOX,OAASA,EAAOe,YACpCE,EAAOA,QAACJ,EACjB,CA7CeK,CAAUhD,GACjBT,EAAiCyC,EACnCiB,EAASA,UAACC,2BAA2B9D,EAAWiD,EAAUG,GAC1DS,EAASA,UAACE,6BAA6B/D,EAAWiD,EAAUG,GAChE,GAAyB,iBAAdjD,EAAwB,MAAM,IAAIkC,MAAMlC,GACnD,IAAMpC,EAAgBiG,EAAOA,QAAC7D,GAC1B8D,EAAiB,GAErB,GAAIpB,EAEAoB,EAASnG,EAAoBC,QAQ/B,GAAIyE,EACF,IACEyB,EAASnG,EAAoBC,EAE/B,CAAE,MAAO8C,GACPoD,EAASnG,EAAoBC,EAE/B,MAEAkG,EAASC,4BAA0B,EAAGnG,GAI1C,OAAOkG,IAAW3E,CACpB,CAvGqBoC,CAAOrD,EAAMuC,YAAatB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAArD,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAAA,YAAYC,SAAWD,cAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAOO,CAAAA,OAAQE,cAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EArCD,CAAA,CCyBasD,CAAmB9F,IAC5B,KAAKE,EAAUA,WAAC6F,OACd,OAAA3F,QAAAC,QGbwC,SAC5CL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,SADFA,EAAA,GACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAE1D,IAAMS,WA3BNH,EACAI,EACArB,GAEA,IACE,IAAMsB,GA0CqB0E,EA1CIvE,EAAGA,IAACC,WAAWL,GA2CzC4E,EAAAA,KAAKC,UAVR,SAAiBF,GACrB,IAAM3E,EAAUI,EAAGA,IAAC0E,KAAKH,GACzB,OAAOvE,EAAGA,IAACwC,OAET,OACAxC,EAAAA,IAAIC,WAAW,yBAA2BD,MAAI2E,KAAK/E,IACnDA,EAEJ,CAEwBtB,CAAOiG,KA1CrBrE,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,YAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD0E,SAAsBJ,EAAAA,KAAKC,UAC1BI,KAAAA,YAAUC,MAAMzE,GAAW+C,MAAM,IACtC2B,UAAU,IACNC,EAAQC,QAAMP,KAAKE,GACnBnE,EAAWwE,QAAMP,KAAKF,EAAIA,KAACU,OAAOV,EAAAA,KAAKU,OAAON,KAAOxB,MAAM,EAAG,GAC9D+B,EAAUF,EAAAA,MAAMzC,OAAOwC,EAAOvE,GAEpC,OADYU,EAAMA,OAAC7C,OAAO6G,KACX3F,CACjB,CAAE,MAAOoB,GACP,OACF,CAAA,CA6BI,IAAyB2D,CA5B/B,CAQmBa,CACf5F,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EArCD,CAAA,CHmCasE,CAAyB9G,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAwC,UAAApC,QAAAqC,OAAAD,EAAA,CAAA"}
1
+ {"version":3,"file":"index.umd.js","sources":["../src/bitcoin.ts","../src/index.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address),\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\"),\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean,\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\",\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length,\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof,\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, _, address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","_","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"ooBAOKA,EAOAC,+OAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAsHD,IAAMC,EAAcC,EAAAA,kBAAkBC,EAAAA,KAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAMA,OAACC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAAA,OAAOG,OAAO,KAAMJ,EAC7B,wBCvJEK,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAUA,WAACC,gBACd,OAAAC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,cAAYC,SACZD,EAAWA,YAACE,UAEpB,KAAKT,EAAUA,WAACU,WACd,OAAAR,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAAA,YAAYK,QACZL,cAAYE,UAEpB,KAAKT,EAAAA,WAAWa,OACd,OAAAX,QAAAC,QCbwC,SAC5CL,OAEA,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,EAAOO,CAAAA,OAAQE,EAAAA,YAAYE,UAE5D,IAAMS,WArBNH,EACAI,EACArB,GAEA,IACE,IAAMsB,EAAUC,kBAAgBC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,EAASA,UAACC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAAA,QAAQC,SAASD,EAAAA,QAAQE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAASjB,EACnD,CAAE,MAAOoB,GACP,OAAO,CACT,CACF,CAQmBC,CACfrB,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EAAA,CAAA,CDFYE,CAAyB1C,IAClC,KAAKE,EAAUA,WAACyC,QACd,OAAAvC,QAAAC,QE9BqC,SACzCL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,EAAEG,GACU,OAAAf,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAWA,YAACE,UAC5D,IACE,IAAMmB,EAAYc,EAAMA,OAACC,OAAO5B,GAC1B6B,GAAe,IAAIC,aAAchD,OAAOC,EAAMuC,aAC9CS,EAAiBC,SAAOJ,OAAO7C,EAAMA,OACrCoB,EAAW8B,UAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAA1B,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAAA,YAAYE,SAE1D,CAAE,MAAO0B,GACP,OAAAjC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,SACzC,CACF,CAAC,MAAA6B,GAAA,OAAApC,QAAAqC,OAAAD,EAAA,CAAA,CFQYc,CAAsBtD,IAC/B,KAAKE,aAAWqD,OAChB,KAAKrD,EAAAA,WAAWsD,OACd,OAAApD,QAAAC,iBDXJL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACrB,GAAA,GAAW,WADFA,KACY,OAAAZ,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAC5D,IAEE,IAAM8C,EAAS,CAACrE,EAAesE,OAAQtE,EAAeuE,QAAQC,SAmBlE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAOzE,EAAeuE,OACb1C,GAAAA,EAAQ4C,MAAM,YACvB,OAAOzE,EAAesE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAOzE,EAAe0E,UACb7C,EAAQ4C,MAAM,UACvB,OAAOzE,EAAe2E,SAEtB,MAAM,IAAIC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CAlCMC,CAAkBjD,IAEdG,EA8DV,SACEmB,EACAtB,EACAjB,EACAmE,GAEA,IAAAC,EA5BF,SAAyBpE,GACvB,IAAMqE,EAAWpB,EAAAA,OAAOJ,OAAO7C,GAC/B,GAAwB,KAApBqE,EAASC,OAAe,MAAU,IAAAN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAU,IAAAP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX5C,EAAY+C,EAASA,UAAC9C,UAAU+C,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEApF,EAAa2F,OADb3F,EAAa4F,iBAFfC,EAIJrD,UAAWA,EAAUsD,eAAeR,GAExC,CAQgDS,CAAgBlF,GAAtDwE,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYlD,EAASyC,EAATzC,UAChC,GAAIwC,IAAsBK,EACxB,MAAM,IAAIR,MACR,kFAGJ,IA8DemB,EA9DTC,EAuCR,SAAmB7C,GACjB,IAAM8C,GAAS,IAAItC,aAAchD,OAzIb,8BA0IdsB,GAAU,IAAI0B,aAAchD,OAAOwC,GACnC+B,EAASgB,EAAAA,OAAajE,EAAQiD,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAanE,EAAQiD,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIpE,EAASgE,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAO5F,EAAAA,KAAKC,OAAOD,EAAIA,KAACC,OAAO2F,GACjC,CAXSO,CAAQP,EACjB,CAlDeQ,CAAUpD,GAGjB7C,GA2DSyF,EA7DGxD,EAAUK,iBAAiBoD,GACZQ,WAAWpB,GA6DrCjF,EAAAA,KAAKsG,UAAUtG,EAAAA,KAAKC,OAAO2F,KA3D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAASrG,EAAoBC,QAQ/B,GAAIyE,EACF,IACE2B,EAASrG,EAAoBC,EAE/B,CAAE,MAAO8C,GACPsD,EAASrG,EAAoBC,EAE/B,MAEAoG,EASN,SAAmCC,EAAiBrG,GAClD,IAAM4B,EAAU,IAAIiE,WAAYQ,CAVO,GAUA9B,OAAKvE,IAC5C,OAAOL,EAAYU,OAAOuB,EAC5B,CAZe0E,CAA0B,EAAGtG,GAI1C,OAAOoG,IAAW7E,CACpB,CAxGqBoC,CAAOrD,EAAMuC,YAAatB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAArD,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,EAAAA,YAAYE,SAE1D,CAAE,MAAO0B,GAEP,OAAAjC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQE,EAAAA,YAAYE,SAGxB,CACF,CAAC,MAAA6B,UAAApC,QAAAqC,OAAAD,EAAA,CAAA,CCZYyD,CAAmBjG,IAC5B,KAAKE,EAAUA,WAACgG,OACd,OAAA9F,QAAAC,QGbwC,SAC5CL,GAAqB,IAErB,IAAAgB,EAAyBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACrB,GAAW,SADFA,EAAA,GACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAE1D,IAAMS,WA3BNH,EACAI,EACArB,GAEA,IACE,IAAMsB,GA0CqB6E,EA1CI1E,EAAGA,IAACC,WAAWL,GA2CzC9B,EAAAA,KAAK6G,UAVR,SAAiBD,GACrB,IAAM9E,EAAUI,EAAGA,IAAC4E,KAAKF,GACzB,OAAO1E,EAAGA,IAACwC,OAET,OACAxC,EAAAA,IAAIC,WAAW,yBAA2BD,MAAI6E,KAAKjF,IACnDA,EAEJ,CAEwBtB,CAAOoG,KA1CrBxE,EAAYC,EAASA,UAACC,QAAQ7B,GAC9B8B,EAAYC,YAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD4E,SAAsBhH,EAAAA,KAAK6G,UAC1BI,KAAAA,YAAUC,MAAM3E,GAAW8C,MAAM,IACtC8B,UAAU,IACNC,EAAQC,QAAMP,KAAKE,GACnBrE,EAAW0E,QAAMP,KAAK9G,EAAIA,KAACC,OAAOD,EAAAA,KAAKC,OAAO+G,KAAO3B,MAAM,EAAG,GAC9DiC,EAAUD,EAAAA,MAAM3C,OAAO0C,EAAOzE,GAEpC,OADYU,EAAMA,OAAC7C,OAAO8G,KACX5F,CACjB,CAAE,MAAOoB,GACP,OACF,CAAA,CA6BI,IAAyB8D,CA5B/B,CAQmBW,CACf7F,EACAjB,EAAMuC,YACNvC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQa,EAAWX,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAA6B,GAAApC,OAAAA,QAAAqC,OAAAD,EArCD,CAAA,CHmCauE,CAAyB/G,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAwC,UAAApC,QAAAqC,OAAAD,EAAA,CAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@notabene/verify-proof",
3
- "version": "1.0.4",
3
+ "version": "1.0.6",
4
4
  "description": "Verify ownership proofs",
5
5
  "source": "src/index.ts",
6
6
  "type": "module",
@@ -31,7 +31,7 @@
31
31
  "vitest": "^2.0.5"
32
32
  },
33
33
  "dependencies": {
34
- "@bitauth/libauth": "^3.0.0",
34
+ "@noble/curves": "^1.7.0",
35
35
  "@notabene/javascript-sdk": "^2.3.0",
36
36
  "@scure/base": "^1.2.1",
37
37
  "ox": "^0.2.2",
package/src/bitcoin.ts CHANGED
@@ -1,15 +1,10 @@
1
1
  import { ProofStatus, SignatureProof } from "@notabene/javascript-sdk";
2
2
 
3
- import {
4
- secp256k1,
5
- hash160,
6
- hash256,
7
- RecoveryId,
8
- encodeBase58AddressFormat,
9
- } from "@bitauth/libauth";
10
3
  import { encode as encodeLength } from "varuint-bitcoin";
11
- import { base64, bech32 } from "@scure/base";
12
-
4
+ import { base64, bech32, createBase58check } from "@scure/base";
5
+ import { Hash } from "ox";
6
+ import { secp256k1 } from "@noble/curves/secp256k1";
7
+ import { SignatureType } from "@noble/curves/abstract/weierstrass";
13
8
  enum SEGWIT_TYPES {
14
9
  P2WPKH = "p2wpkh",
15
10
  P2SH_P2WPKH = "p2sh(p2wpkh)",
@@ -45,7 +40,12 @@ export async function verifyBTCSignature(
45
40
  status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,
46
41
  };
47
42
  } catch (error) {
48
- return { ...proof, status: ProofStatus.FAILED };
43
+ // console.error("error verifying proof", error);
44
+ return {
45
+ ...proof,
46
+ status: ProofStatus.FAILED,
47
+ // error: error.message || error,
48
+ };
49
49
  }
50
50
  }
51
51
 
@@ -70,28 +70,28 @@ function getDerivationMode(address: string) {
70
70
  type DecodedSignature = {
71
71
  compressed: boolean;
72
72
  segwitType?: SEGWIT_TYPES;
73
- recovery: RecoveryId;
74
- signature: Uint8Array;
73
+ signature: SignatureType;
75
74
  };
76
75
 
77
76
  function decodeSignature(proof: string): DecodedSignature {
78
- const signature = base64.decode(proof);
79
- if (signature.length !== 65) throw new Error("Invalid signature length");
80
-
81
- const flagByte = signature[0] - 27;
77
+ const sigbytes = base64.decode(proof);
78
+ if (sigbytes.length !== 65) throw new Error("Invalid signature length");
79
+ const flagByte = sigbytes[0] - 27;
82
80
  if (flagByte > 15 || flagByte < 0) {
83
81
  throw new Error("Invalid signature parameter");
84
82
  }
83
+ const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?
84
+ const recovery = flagByte & 3;
85
+ const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));
85
86
 
86
87
  return {
87
- compressed: !!(flagByte & 12),
88
+ compressed,
88
89
  segwitType: !(flagByte & 8)
89
90
  ? undefined
90
91
  : !(flagByte & 4)
91
92
  ? SEGWIT_TYPES.P2SH_P2WPKH
92
93
  : SEGWIT_TYPES.P2WPKH,
93
- recovery: (flagByte & 3) as RecoveryId,
94
- signature: signature.slice(1),
94
+ signature: signature.addRecoveryBit(recovery),
95
95
  };
96
96
  }
97
97
 
@@ -101,20 +101,16 @@ function verify(
101
101
  proof: string,
102
102
  checkSegwitAlways: boolean,
103
103
  ) {
104
- const { compressed, segwitType, recovery, signature } =
105
- decodeSignature(proof);
104
+ const { compressed, segwitType, signature } = decodeSignature(proof);
106
105
  if (checkSegwitAlways && !compressed) {
107
106
  throw new Error(
108
107
  "checkSegwitAlways can only be used with a compressed pubkey signature flagbyte",
109
108
  );
110
109
  }
111
-
112
110
  const hash = magicHash(attestation);
113
- const publicKey: Uint8Array | string = compressed
114
- ? secp256k1.recoverPublicKeyCompressed(signature, recovery, hash)
115
- : secp256k1.recoverPublicKeyUncompressed(signature, recovery, hash);
116
- if (typeof publicKey === "string") throw new Error(publicKey);
117
- const publicKeyHash = hash160(publicKey);
111
+ const publicKey = signature.recoverPublicKey(hash);
112
+ const publicKeyBytes = publicKey.toRawBytes(compressed);
113
+ const publicKeyHash = hash160(publicKeyBytes);
118
114
  let actual: string = "";
119
115
 
120
116
  if (segwitType) {
@@ -143,6 +139,13 @@ function verify(
143
139
  return actual === address;
144
140
  }
145
141
 
142
+ const base58check = createBase58check(Hash.sha256);
143
+
144
+ function encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {
145
+ const payload = new Uint8Array([version, ...publicKeyHash]);
146
+ return base58check.encode(payload);
147
+ }
148
+
146
149
  function magicHash(attestation: string) {
147
150
  const prefix = new TextEncoder().encode(messagePrefix);
148
151
  const message = new TextEncoder().encode(attestation);
@@ -161,3 +164,11 @@ function encodeBech32Address(publicKeyHash: Uint8Array): string {
161
164
  bwords.unshift(0);
162
165
  return bech32.encode("bc", bwords);
163
166
  }
167
+
168
+ function hash256(buffer: Uint8Array): Uint8Array {
169
+ return Hash.sha256(Hash.sha256(buffer));
170
+ }
171
+
172
+ function hash160(buffer: Uint8Array): Uint8Array {
173
+ return Hash.ripemd160(Hash.sha256(buffer));
174
+ }
package/src/tests/bitcoin.test.ts CHANGED
@@ -31,6 +31,16 @@ const legacyProof: SignatureProof = {
31
31
  wallet_provider: "BitMask",
32
32
  };
33
33
 
34
+ const uncompressedProof: SignatureProof = {
35
+ type: ProofTypes.BIP137,
36
+ address: "bip122:000000000019d6689c085ae165831e93:13W4xRkFbbeDnZA3T7G9MRxcznLwv3UVVQ",
37
+ did: "did:pkh:bip122:000000000019d6689c085ae165831e93:13W4xRkFbbeDnZA3T7G9MRxcznLwv3UVVQ",
38
+ attestation: "A message signed by an uncompressed legacy Bitcoin address",
39
+ proof: "HNBf9Xd4eSTBeuq6WXISKM5NqazBW3O546Jq7AaHnGowVtt8I1Ndng4EVlgJl0CPrfeaUxU0QSu73jwzfyOVnWk=",
40
+ status: ProofStatus.PENDING,
41
+ wallet_provider: "BitMask",
42
+ };
43
+
34
44
  describe("verifyBTCSignature", () => {
35
45
  it("handles native segwit addresses", async () => {
36
46
  const result = await verifyBTCSignature(segwitProof);
@@ -46,7 +56,10 @@ describe("verifyBTCSignature", () => {
46
56
  const proof: SignatureProof = { ...legacyProof, proof: "invalitd" };
47
57
 
48
58
  const result = await verifyBTCSignature(proof);
49
- expect(result).toEqual({ ...proof, status: ProofStatus.FAILED });
59
+ expect(result).toEqual({
60
+ ...proof,
61
+ status: ProofStatus.FAILED,
62
+ });
50
63
  });
51
64
 
52
65
  it("returns failed proof for non-BIP122 address", async () => {
@@ -58,4 +71,10 @@ describe("verifyBTCSignature", () => {
58
71
  const result = await verifyBTCSignature(proof);
59
72
  expect(result).toEqual({ ...proof, status: ProofStatus.FAILED });
60
73
  });
74
+
75
+ it("verifies an uncompressed legacy bitcoin address signature", async () => {
76
+ const result = await verifyBTCSignature(uncompressedProof);
77
+ expect(result).toEqual({ ...uncompressedProof, status: ProofStatus.VERIFIED });
78
+ });
61
79
  });
80
+