@notabene/verify-proof 1.0.7 → 1.1.2-next.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/dist/cardano.d.ts +2 -0
  2. package/dist/index.cjs +1 -1
  3. package/dist/index.cjs.map +1 -1
  4. package/dist/index.js +1 -1
  5. package/dist/index.js.map +1 -1
  6. package/dist/index.modern.js +1 -1
  7. package/dist/index.modern.js.map +1 -1
  8. package/dist/index.umd.js +1 -1
  9. package/dist/index.umd.js.map +1 -1
  10. package/dist/tests/cardano.test.d.ts +1 -0
  11. package/package.json +12 -3
  12. package/src/cardano.ts +23 -0
  13. package/src/index.ts +3 -0
  14. package/src/tests/cardano.test.ts +52 -0
package/dist/cardano.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import { SignatureProof } from "@notabene/javascript-sdk";
2
+ export declare function verifyCIP8Signature(proof: SignatureProof): Promise<SignatureProof>;
package/dist/index.cjs CHANGED
@@ -1,2 +1,2 @@
1
- var e=require("@notabene/javascript-sdk"),r=require("varuint-bitcoin"),t=require("@scure/base"),s=require("ox"),o=require("@noble/curves/secp256k1"),a=require("bip322-js");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var i,c,u=/*#__PURE__*/n(require("tweetnacl"));function f(){return f=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var s in t)({}).hasOwnProperty.call(t,s)&&(e[s]=t[s])}return e},f.apply(null,arguments)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(i||(i={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(c||(c={}));var P=t.createBase58check(s.Hash.sha256);function l(e){var r=t.bech32.toWords(e);return r.unshift(0),t.bech32.encode("bc",r)}exports.verifyProof=function(n){try{switch(n.type){case e.ProofTypes.SelfDeclaration:return Promise.resolve(f({},n,{status:n.confirmed?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}));case e.ProofTypes.Screenshot:return Promise.resolve(f({},n,{status:n.url?e.ProofStatus.FLAGGED:e.ProofStatus.FAILED}));case e.ProofTypes.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),o=t[2];if("eip155"!==t[0])return Promise.resolve(f({},r,{status:e.ProofStatus.FAILED}));var a=function(e,r,t){try{var o=s.PersonalMessage.getSignPayload(s.Hex.fromString(r)),a=s.Signature.fromHex(t),n=s.Secp256k1.recoverPublicKey({payload:o,signature:a});return s.Address.checksum(s.Address.fromPublicKey(n)).toString()===s.Address.checksum(e)}catch(e){return!1}}(o,r.attestation,r.proof);return Promise.resolve(f({},r,{status:a?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.ED25519:return Promise.resolve(function(r){try{var s=r.address.split(/:/),o=s[2];if("solana"!==s[0])return Promise.resolve(f({},r,{status:e.ProofStatus.FAILED}));try{var a=t.base58.decode(o),n=(new TextEncoder).encode(r.attestation),i=t.base64.decode(r.proof),c=u.default.sign.detached.verify(n,i,a);return Promise.resolve(f({},r,{status:c?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(t){return Promise.resolve(f({},r,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.EIP712:case e.ProofTypes.BIP137:case e.ProofTypes.BIP322:return Promise.resolve(function(n){try{var u=n.address.split(/:/),h=u[2];if("bip122"!==u[0])return Promise.resolve(f({},n,{status:e.ProofStatus.FAILED}));try{switch(n.type){case e.ProofTypes.BIP137:return Promise.resolve(function(a,n){var u=[c.SEGWIT,c.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return c.NATIVE;if(e.match("^[32M].*"))return c.SEGWIT;if(e.match("^[1nmL].*"))return c.LEGACY;if(e.match("^(D).*"))return c.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(a)),h=function(e,a,n,c){var u=function(e){var r=t.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var s=r[0]-27;if(s>15||s<0)throw new Error("Invalid signature parameter");var a=!!(12&s),n=3&s,c=o.secp256k1.Signature.fromCompact(r.slice(1));return{compressed:a,segwitType:8&s?4&s?i.P2WPKH:i.P2SH_P2WPKH:void 0,signature:c.addRecoveryBit(n)}}(n),f=u.compressed,h=u.segwitType,d=u.signature;if(c&&!f)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var v,p=function(e){var t=(new TextEncoder).encode("Bitcoin Signed Message:\n"),o=(new TextEncoder).encode(e),a=r.encode(o.length).buffer,n=new Uint8Array(t.length+a.byteLength+o.length);return n.set(t),n.set(new Uint8Array(a),t.length),n.set(o,t.length+a.byteLength),function(e){return s.Hash.sha256(s.Hash.sha256(e))}(n)}(e),y=(v=d.recoverPublicKey(p).toRawBytes(f),s.Hash.ripemd160(s.Hash.sha256(v))),E="";if(h)E=l(y);else if(c)try{E=l(y)}catch(e){E=l(y)}else E=function(e,r){var t=new Uint8Array([0].concat(r));return P.encode(t)}(0,y);return E===a}(n.attestation,a,n.proof,u);return f({},n,{status:h?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED})}(h,n));case e.ProofTypes.BIP322:return Promise.resolve(function(r,t){return f({},t,{status:a.Verifier.verifySignature(r,t.attestation,t.proof)?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED})}(h,n));default:return Promise.resolve(f({},n,{status:e.ProofStatus.FAILED}))}}catch(r){return Promise.resolve(f({},n,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.TIP191:return Promise.resolve(function(r){try{var o=r.address.split(/:/),a=o[2];if("tron"!==o[0])return Promise.resolve(f({},r,{status:e.ProofStatus.FAILED}));var n=function(e,r,o){try{var a=(l=s.Hex.fromString(r),s.Hash.keccak256(function(e){var r=s.Hex.from(e);return s.Hex.concat("0x19",s.Hex.fromString("TRON Signed Message:\n"+s.Hex.size(r)),r)}(l))),n=s.Signature.fromHex(o),i=s.Secp256k1.recoverPublicKey({payload:a,signature:n}),c="0x41"+s.Hash.keccak256("0x"+s.PublicKey.toHex(i).slice(4)).substring(26),u=s.Bytes.from(c),f=s.Bytes.from(s.Hash.sha256(s.Hash.sha256(c))).slice(0,4),P=s.Bytes.concat(u,f);return t.base58.encode(P)===e}catch(e){return!1}var l}(a,r.attestation,r.proof);return Promise.resolve(f({},r,{status:n?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(n))}return Promise.resolve(n)}catch(e){return Promise.reject(e)}};
1
+ var e=require("@notabene/javascript-sdk"),r=require("varuint-bitcoin"),t=require("@scure/base"),o=require("ox"),s=require("@noble/curves/secp256k1"),a=require("bip322-js"),n=require("tweetnacl"),i=require("@cardano-foundation/cardano-verify-datasignature");function u(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var c,f,P=/*#__PURE__*/u(n),l=/*#__PURE__*/u(i);function d(){return d=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var o in t)({}).hasOwnProperty.call(t,o)&&(e[o]=t[o])}return e},d.apply(null,arguments)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(c||(c={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(f||(f={}));var v=t.createBase58check(o.Hash.sha256);function h(e){var r=t.bech32.toWords(e);return r.unshift(0),t.bech32.encode("bc",r)}exports.verifyProof=function(n){try{switch(n.type){case e.ProofTypes.SelfDeclaration:return Promise.resolve(d({},n,{status:n.confirmed?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}));case e.ProofTypes.Screenshot:return Promise.resolve(d({},n,{status:n.url?e.ProofStatus.FLAGGED:e.ProofStatus.FAILED}));case e.ProofTypes.CIP8:return Promise.resolve(function(r){try{var t,o=r.address.split(/:/),s=o[2],a=null==(t=r.chainSpecificData)?void 0:t.cardanoCoseKey;if("cardano"!==o[0]||!a)return Promise.resolve(d({},r,{status:e.ProofStatus.FAILED}));try{var n=l.default(r.proof,a,r.attestation,s);return Promise.resolve(d({},r,{status:n?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(t){return Promise.resolve(d({},r,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),s=t[2];if("eip155"!==t[0])return Promise.resolve(d({},r,{status:e.ProofStatus.FAILED}));var a=function(e,r,t){try{var s=o.PersonalMessage.getSignPayload(o.Hex.fromString(r)),a=o.Signature.fromHex(t),n=o.Secp256k1.recoverPublicKey({payload:s,signature:a});return o.Address.checksum(o.Address.fromPublicKey(n)).toString()===o.Address.checksum(e)}catch(e){return!1}}(s,r.attestation,r.proof);return Promise.resolve(d({},r,{status:a?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.ED25519:return Promise.resolve(function(r){try{var o=r.address.split(/:/),s=o[2];if("solana"!==o[0])return Promise.resolve(d({},r,{status:e.ProofStatus.FAILED}));try{var a=t.base58.decode(s),n=(new TextEncoder).encode(r.attestation),i=t.base64.decode(r.proof),u=P.default.sign.detached.verify(n,i,a);return Promise.resolve(d({},r,{status:u?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(t){return Promise.resolve(d({},r,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.EIP712:case e.ProofTypes.BIP137:case e.ProofTypes.BIP322:return Promise.resolve(function(n){try{var i=n.address.split(/:/),u=i[2];if("bip122"!==i[0])return Promise.resolve(d({},n,{status:e.ProofStatus.FAILED}));try{switch(n.type){case e.ProofTypes.BIP137:return Promise.resolve(function(a,n){var i=[f.SEGWIT,f.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return f.NATIVE;if(e.match("^[32M].*"))return f.SEGWIT;if(e.match("^[1nmL].*"))return f.LEGACY;if(e.match("^(D).*"))return f.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(a)),u=function(e,a,n,i){var u=function(e){var r=t.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var o=r[0]-27;if(o>15||o<0)throw new Error("Invalid signature parameter");var a=!!(12&o),n=3&o,i=s.secp256k1.Signature.fromCompact(r.slice(1));return{compressed:a,segwitType:8&o?4&o?c.P2WPKH:c.P2SH_P2WPKH:void 0,signature:i.addRecoveryBit(n)}}(n),f=u.compressed,P=u.segwitType,l=u.signature;if(i&&!f)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var d,y=function(e){var t=(new TextEncoder).encode("Bitcoin Signed Message:\n"),s=(new TextEncoder).encode(e),a=r.encode(s.length).buffer,n=new Uint8Array(t.length+a.byteLength+s.length);return n.set(t),n.set(new Uint8Array(a),t.length),n.set(s,t.length+a.byteLength),function(e){return o.Hash.sha256(o.Hash.sha256(e))}(n)}(e),E=(d=l.recoverPublicKey(y).toRawBytes(f),o.Hash.ripemd160(o.Hash.sha256(d))),p="";if(P)p=h(E);else if(i)try{p=h(E)}catch(e){p=h(E)}else p=function(e,r){var t=new Uint8Array([0].concat(r));return v.encode(t)}(0,E);return p===a}(n.attestation,a,n.proof,i);return d({},n,{status:u?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED})}(u,n));case e.ProofTypes.BIP322:return Promise.resolve(function(r,t){return d({},t,{status:a.Verifier.verifySignature(r,t.attestation,t.proof)?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED})}(u,n));default:return Promise.resolve(d({},n,{status:e.ProofStatus.FAILED}))}}catch(r){return Promise.resolve(d({},n,{status:e.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case e.ProofTypes.TIP191:return Promise.resolve(function(r){try{var s=r.address.split(/:/),a=s[2];if("tron"!==s[0])return Promise.resolve(d({},r,{status:e.ProofStatus.FAILED}));var n=function(e,r,s){try{var a=(l=o.Hex.fromString(r),o.Hash.keccak256(function(e){var r=o.Hex.from(e);return o.Hex.concat("0x19",o.Hex.fromString("TRON Signed Message:\n"+o.Hex.size(r)),r)}(l))),n=o.Signature.fromHex(s),i=o.Secp256k1.recoverPublicKey({payload:a,signature:n}),u="0x41"+o.Hash.keccak256("0x"+o.PublicKey.toHex(i).slice(4)).substring(26),c=o.Bytes.from(u),f=o.Bytes.from(o.Hash.sha256(o.Hash.sha256(u))).slice(0,4),P=o.Bytes.concat(c,f);return t.base58.encode(P)===e}catch(e){return!1}var l}(a,r.attestation,r.proof);return Promise.resolve(d({},r,{status:n?e.ProofStatus.VERIFIED:e.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(n))}return Promise.resolve(n)}catch(e){return Promise.reject(e)}};
2
2
  //# sourceMappingURL=index.cjs.map
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.cjs","sources":["../src/bitcoin.ts","../src/index.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBIP137","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"wPAaKA,EAOAC,kQAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,IAAMC,EAAcC,EAAAA,kBAAkBC,EAAAA,KAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAMA,OAACC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAAA,OAAOG,OAAO,KAAMJ,EAC7B,8BC1LEK,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAUA,WAACC,gBACd,OAAAC,QAAAC,QAAAC,EACKN,GAAAA,GACHO,OAASP,EAA2BQ,UAChCC,EAAAA,YAAYC,SACZD,cAAYE,UAEpB,KAAKT,EAAAA,WAAWU,WACd,OAAAR,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAASP,EAA0Ba,IAC/BJ,cAAYK,QACZL,EAAWA,YAACE,UAEpB,KAAKT,aAAWa,OACd,OAAAX,QAAAC,QCZwC,SAC5CL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE5D,IAAMQ,WAtBNF,EACAG,EACApB,GAEA,IACE,IAAMqB,EAAUC,EAAeA,gBAACC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAAAA,UAAUC,QAAQ5B,GAC9B6B,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAOA,QAACC,SAASD,EAAOA,QAACE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAAShB,EAEnD,CAAE,MAAOmB,GACP,OAAO,CACT,CACF,CAQmBC,CACfpB,EACAjB,EAAMsC,YACNtC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQY,EAAWV,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CDHYE,CAAyBzC,IAClC,KAAKE,EAAUA,WAACwC,QACd,OAAAtC,QAAAC,QE9BgB,SACpBL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,UAC5D,IACE,IAAMkB,EAAYc,SAAOC,OAAO3B,GAC1B4B,GAAe,IAAIC,aAAc/C,OAAOC,EAAMsC,aAC9CS,EAAiBC,EAAMA,OAACJ,OAAO5C,EAAMA,OACrCmB,EAAW8B,EAAI,QAACC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAAzB,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQY,EAAWV,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAG1D,CAAE,MAAOyB,GACP,OAAAhC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAAA,YAAYE,SACzC,CACF,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CFOYc,CAAsBrD,IAC/B,KAAKE,EAAAA,WAAWoD,OAChB,KAAKpD,EAAUA,WAACqD,OAChB,KAAKrD,aAAWsD,OACd,OAAApD,QAAAC,QDPgB,SACpBL,GAAqB,IAErB,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAC5D,IACE,OAAQX,EAAMC,MACZ,KAAKC,EAAAA,WAAWqD,OACd,OAAAnD,QAAAC,QAiCR,SAAsBY,EAAiBjB,GAErC,IAAMyD,EAAS,CAACrE,EAAesE,OAAQtE,EAAeuE,QAAQC,SAWhE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAOzE,EAAeuE,OACjB,GAAI1C,EAAQ4C,MAAM,YACvB,OAAOzE,EAAesE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAOzE,EAAe0E,OACb7C,GAAAA,EAAQ4C,MAAM,UACvB,OAAOzE,EAAe2E,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CA1BIC,CAAkBjD,IAEdE,EAsDR,SACEmB,EACArB,EACAjB,EACAmE,GAEA,IAAAC,EA5BF,SAAyBpE,GACvB,IAAMqE,EAAWrB,EAAAA,OAAOJ,OAAO5C,GAC/B,GAAwB,KAApBqE,EAASC,OAAe,MAAM,IAAIN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX7C,EAAYgD,EAASA,UAAC/C,UAAUgD,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEFpF,EAAa2F,OADb3F,EAAa4F,iBAFbC,EAIJtD,UAAWA,EAAUuD,eAAeR,GAExC,CAQgDS,CAAgBlF,GAAtDwE,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYnD,EAAS0C,EAAT1C,UAChC,GAAIyC,IAAsBK,EACxB,MAAU,IAAAR,MACR,kFAGJ,IA+DemB,EA/DTC,EAwCR,SAAmB9C,GACjB,IAAM+C,GAAS,IAAIvC,aAAc/C,OAtKb,8BAuKdqB,GAAU,IAAI0B,aAAc/C,OAAOuC,GACnCgC,EAASgB,EAAYvF,OAACqB,EAAQkD,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAapE,EAAQkD,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIrE,EAASiE,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAO5F,EAAAA,KAAKC,OAAOD,EAAAA,KAAKC,OAAO2F,GACjC,CAXSO,CAAQP,EACjB,CAnDeQ,CAAUrD,GAGjB5C,GA4DSyF,EA9DGzD,EAAUK,iBAAiBqD,GACZQ,WAAWpB,GA8DrCjF,EAAIA,KAACsG,UAAUtG,EAAIA,KAACC,OAAO2F,KA5D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAASrG,EAAoBC,QAQ/B,GAAIyE,EACF,IACE2B,EAASrG,EAAoBC,EAG/B,CAAE,MAAO6C,GACPuD,EAASrG,EAAoBC,EAE/B,MAEAoG,EASN,SAAmCC,EAAiBrG,GAClD,IAAM2B,EAAU,IAAIkE,WAAU,CAVS,GAUAtB,OAAKvE,IAC5C,OAAOL,EAAYU,OAAOsB,EAC5B,CAZe2E,CAA0B,EAAGtG,GAI1C,OAAOoG,IAAW7E,CACpB,CAjGmBmC,CAAOpD,EAAMsC,YAAarB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAAnD,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQY,EAAWV,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA5CesF,CAAahF,EAASjB,IAC/B,KAAKE,EAAAA,WAAWsD,OACd,OAAApD,QAAAC,QAkBR,SAAsBY,EAAiBjB,GAOrC,OAAAM,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAPe2F,EAAQA,SAACC,gBACxBlF,EAF6CjB,EAAvCsC,YAAuCtC,EAA1BA,OAQAS,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA7BeyF,CAAanF,EAASjB,IAC/B,QACE,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQE,EAAAA,YAAYE,UAI5B,CAAE,MAAOyB,GAEP,OAAAhC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQE,EAAWA,YAACE,SAGxB,CACF,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CCnBY8D,CAAmBrG,IAC5B,KAAKE,EAAUA,WAACoG,OACd,OAAAlG,QAAAC,iBGZJL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,SADFA,KACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE1D,IAAMQ,EA7BQ,SACdF,EACAG,EACApB,GAEA,IACE,IAAMqB,GA2CqBkF,EA3CI/E,EAAAA,IAAIC,WAAWL,GA4CzC7B,EAAAA,KAAKiH,UAVE,SAAOD,GACrB,IAAMnF,EAAUI,MAAIiF,KAAKF,GACzB,OAAO/E,MAAIyC,OAET,OACAzC,EAAGA,IAACC,WAAW,yBAA2BD,EAAAA,IAAIkF,KAAKtF,IACnDA,EAEJ,CAEwBrB,CAAOwG,KA3CrB7E,EAAYC,EAAAA,UAAUC,QAAQ5B,GAC9B6B,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClDiF,EAAG,OAAmBpH,EAAIA,KAACiH,eAC1BI,EAAAA,UAAUC,MAAMhF,GAAW+C,MAAM,IACtCkC,UAAU,IACNC,EAAQC,EAAAA,MAAMP,KAAKE,GACnB1E,EAAW+E,EAAAA,MAAMP,KAAKlH,EAAIA,KAACC,OAAOD,EAAAA,KAAKC,OAAOmH,KAAO/B,MAAM,EAAG,GAC9DqC,EAAUD,QAAM/C,OAAO8C,EAAO9E,GAEpC,OADYU,EAAAA,OAAO5C,OAAOkH,KACXhG,CAEjB,CAAE,MAAOmB,GACP,OAAO,CACT,CA6Bc,IAAemE,CA5B/B,CAQmBW,CACfjG,EACAjB,EAAMsC,YACNtC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQY,EAAWV,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAA4B,GAAAnC,OAAAA,QAAAoC,OAAAD,EAAA,CAAA,CHFY4E,CAAyBnH,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAuC,UAAAnC,QAAAoC,OAAAD,EAAA,CAAA"}
1
+ {"version":3,"file":"index.cjs","sources":["../src/bitcoin.ts","../src/index.ts","../src/cardano.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\nimport { verifyCIP8Signature } from \"./cardano\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.CIP8:\n return verifyCIP8Signature(proof as SignatureProof);\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import verifyDataSignature from \"@cardano-foundation/cardano-verify-datasignature\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nexport async function verifyCIP8Signature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n const key = proof.chainSpecificData?.cardanoCoseKey;\n \n if (ns !== \"cardano\" || !key) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n \n try {\n const verified = verifyDataSignature(proof.proof, key, proof.attestation, address);\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED\n };\n } catch {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","CIP8","_proof$chainSpecificD","_proof$address$split","address","split","key","chainSpecificData","cardanoCoseKey","verified","verifyDataSignature","attestation","_unused","e","reject","verifyCIP8Signature","EIP191","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBIP137","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"6UAaKA,EAOAC,mQAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,IAAMC,EAAcC,EAAAA,kBAAkBC,EAAAA,KAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAMA,OAACC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAAA,OAAOG,OAAO,KAAMJ,EAC7B,qBC1LsB,SACpBK,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,aAAWC,gBACd,OAAAC,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,EAAAA,YAAYC,SACZD,cAAYE,UAEpB,KAAKT,EAAUA,WAACU,WACd,OAAAR,QAAAC,QAAAC,EAAA,CAAA,EACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAAA,YAAYK,QACZL,EAAWA,YAACE,UAEpB,KAAKT,EAAUA,WAACa,KACd,OAAAX,QAAAC,QC9BmC,SACvCL,GAAqB,QAAAgB,EAErBC,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAMG,EAAMJ,OAAHA,EAAGhB,EAAMqB,wBAANL,EAAAA,EAAyBM,eAErC,GAAW,YAHFL,EAAIC,KAGYE,EACvB,OAAAhB,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAWA,YAACE,UAGzC,IACE,IAAMY,EAAWC,EAAAA,QAAoBxB,EAAMA,MAAOoB,EAAKpB,EAAMyB,YAAaP,GAC1E,OAAAd,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQgB,EAAWd,cAAYC,SAAWD,EAAWA,YAACE,SAE1D,CAAE,MAAAe,GACA,OAAAtB,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAAA,YAAYE,SACzC,CACF,CAAC,MAAAgB,GAAAvB,OAAAA,QAAAwB,OAAAD,EAAA,CAAA,CDWYE,CAAoB7B,IAC7B,KAAKE,EAAAA,WAAW4B,OACd,OAAA1B,QAAAC,QEfwC,SAC5CL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE5D,IAAMY,WAtBNL,EACAa,EACA/B,GAEA,IACE,IAAMgC,EAAUC,EAAeA,gBAACC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAAAA,UAAUC,QAAQvC,GAC9BwC,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAOA,QAACC,SAASD,EAAOA,QAACE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAAS1B,EAEnD,CAAE,MAAO6B,GACP,OAAO,CACT,CACF,CAQmBC,CACf9B,EACAlB,EAAMyB,YACNzB,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQgB,EAAWd,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CFAYsB,CAAyBjD,IAClC,KAAKE,EAAAA,WAAWgD,QACd,OAAA9C,QAAAC,QGjCgB,SACpBL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,UAC5D,IACE,IAAM6B,EAAYW,SAAOC,OAAOlC,GAC1BmC,GAAe,IAAIC,aAAcvD,OAAOC,EAAMyB,aAC9C8B,EAAiBC,EAAMA,OAACJ,OAAOpD,EAAMA,OACrCuB,EAAWkC,EAAI,QAACC,KAAKC,SAASC,OAClCP,EACAE,EACAf,GAGF,OAAApC,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQgB,EAAWd,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAG1D,CAAE,MAAOoC,GACP,OAAA3C,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAAA,YAAYE,SACzC,CACF,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CHUYkC,CAAsB7D,IAC/B,KAAKE,EAAAA,WAAW4D,OAChB,KAAK5D,EAAAA,WAAW6D,OAChB,KAAK7D,EAAAA,WAAW8D,OACd,OAAA5D,QAAAC,QDVgB,SACpBL,GAAqB,IAErB,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAC5D,IACE,OAAQX,EAAMC,MACZ,KAAKC,EAAAA,WAAW6D,OACd,OAAA3D,QAAAC,QAiCR,SAAsBa,EAAiBlB,GAErC,IAAMiE,EAAS,CAAC7E,EAAe8E,OAAQ9E,EAAe+E,QAAQC,SAWhE,SAA2BlD,GACzB,GAAIA,EAAQmD,MAAM,qBAChB,OAAOjF,EAAe+E,OACjB,GAAIjD,EAAQmD,MAAM,YACvB,OAAOjF,EAAe8E,OACjB,GAAIhD,EAAQmD,MAAM,aACvB,OAAOjF,EAAekF,OACbpD,GAAAA,EAAQmD,MAAM,UACvB,OAAOjF,EAAemF,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOvD,GACPuD,OAAO,0CAGhB,CA1BIC,CAAkBxD,IAEdK,EAsDR,SACEE,EACAP,EACAlB,EACA2E,GAEA,IAAAC,EA5BF,SAAyB5E,GACvB,IAAM6E,EAAWrB,EAAAA,OAAOJ,OAAOpD,GAC/B,GAAwB,KAApB6E,EAASC,OAAe,MAAM,IAAIN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX1C,EAAY6C,EAASA,UAAC5C,UAAU6C,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEF5F,EAAamG,OADbnG,EAAaoG,iBAFbC,EAIJnD,UAAWA,EAAUoD,eAAeR,GAExC,CAQgDS,CAAgB1F,GAAtDgF,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYhD,EAASuC,EAATvC,UAChC,GAAIsC,IAAsBK,EACxB,MAAU,IAAAR,MACR,kFAGJ,IA+DemB,EA/DTC,EAwCR,SAAmBnE,GACjB,IAAMoE,GAAS,IAAIvC,aAAcvD,OAtKb,8BAuKdgC,GAAU,IAAIuB,aAAcvD,OAAO0B,GACnCqD,EAASgB,EAAY/F,OAACgC,EAAQ+C,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAajE,EAAQ+C,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIlE,EAAS8D,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAOpG,EAAAA,KAAKC,OAAOD,EAAAA,KAAKC,OAAOmG,GACjC,CAXSO,CAAQP,EACjB,CAnDeQ,CAAU1E,GAGjB/B,GA4DSiG,EA9DGtD,EAAUK,iBAAiBkD,GACZQ,WAAWpB,GA8DrCzF,EAAIA,KAAC8G,UAAU9G,EAAIA,KAACC,OAAOmG,KA5D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAAS7G,EAAoBC,QAQ/B,GAAIiF,EACF,IACE2B,EAAS7G,EAAoBC,EAG/B,CAAE,MAAOiC,GACP2E,EAAS7G,EAAoBC,EAE/B,MAEA4G,EASN,SAAmCC,EAAiB7G,GAClD,IAAMsC,EAAU,IAAI+D,WAAU,CAVS,GAUAtB,OAAK/E,IAC5C,OAAOL,EAAYU,OAAOiC,EAC5B,CAZewE,CAA0B,EAAG9G,GAI1C,OAAO4G,IAAWpF,CACpB,CAjGmB0C,CAAO5D,EAAMyB,YAAaP,EAASlB,EAAMA,MAAOiE,GAEjE,OAAA3D,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQgB,EAAWd,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA5Ce8F,CAAavF,EAASlB,IAC/B,KAAKE,EAAAA,WAAW8D,OACd,OAAA5D,QAAAC,QAkBR,SAAsBa,EAAiBlB,GAOrC,OAAAM,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAPemG,EAAQA,SAACC,gBACxBzF,EAF6ClB,EAAvCyB,YAAuCzB,EAA1BA,OAQAS,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA7BeiG,CAAa1F,EAASlB,IAC/B,QACE,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQE,EAAAA,YAAYE,UAI5B,CAAE,MAAOoC,GAEP,OAAA3C,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQE,EAAWA,YAACE,SAGxB,CACF,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CChBYkF,CAAmB7G,IAC5B,KAAKE,EAAAA,WAAW4G,OACd,OAAA1G,QAAAC,iBIfJL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,SADFA,KACU,OAAAb,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE1D,IAAMY,EA7BQ,SACdL,EACAa,EACA/B,GAEA,IACE,IAAMgC,GA2CqB+E,EA3CI5E,EAAAA,IAAIC,WAAWL,GA4CzCxC,EAAAA,KAAKyH,UAVE,SAAOD,GACrB,IAAMhF,EAAUI,MAAI8E,KAAKF,GACzB,OAAO5E,MAAIsC,OAET,OACAtC,EAAGA,IAACC,WAAW,yBAA2BD,EAAAA,IAAI+E,KAAKnF,IACnDA,EAEJ,CAEwBhC,CAAOgH,KA3CrB1E,EAAYC,EAAAA,UAAUC,QAAQvC,GAC9BwC,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD8E,EAAG,OAAmB5H,EAAIA,KAACyH,eAC1BI,EAAAA,UAAUC,MAAM7E,GAAW4C,MAAM,IACtCkC,UAAU,IACNC,EAAQC,EAAAA,MAAMP,KAAKE,GACnBvE,EAAW4E,EAAAA,MAAMP,KAAK1H,EAAIA,KAACC,OAAOD,EAAAA,KAAKC,OAAO2H,KAAO/B,MAAM,EAAG,GAC9DqC,EAAUD,QAAM/C,OAAO8C,EAAO3E,GAEpC,OADYO,EAAAA,OAAOpD,OAAO0H,KACXvG,CAEjB,CAAE,MAAO6B,GACP,OAAO,CACT,CA6Bc,IAAegE,CA5B/B,CAQmBW,CACfxG,EACAlB,EAAMyB,YACNzB,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQgB,EAAWd,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAAgB,GAAAvB,OAAAA,QAAAwB,OAAAD,EAAA,CAAA,CJCYgG,CAAyB3H,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAA2B,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA"}
package/dist/index.js CHANGED
@@ -1,2 +1,2 @@
1
- import{ProofStatus as e,ProofTypes as r}from"@notabene/javascript-sdk";import{encode as t}from"varuint-bitcoin";import{createBase58check as n,bech32 as o,base64 as s,base58 as a}from"@scure/base";import{Hash as i,PersonalMessage as c,Hex as u,Signature as f,Secp256k1 as l,Address as m,PublicKey as v,Bytes as E}from"ox";import{secp256k1 as d}from"@noble/curves/secp256k1";import{Verifier as h}from"bip322-js";import P from"tweetnacl";function p(){return p=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)({}).hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},p.apply(null,arguments)}var I,g;!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(I||(I={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(g||(g={}));var y=n(i.sha256);function D(e){var r=o.toWords(e);return r.unshift(0),o.encode("bc",r)}var w=function(n){try{switch(n.type){case r.SelfDeclaration:return Promise.resolve(p({},n,{status:n.confirmed?e.VERIFIED:e.FAILED}));case r.Screenshot:return Promise.resolve(p({},n,{status:n.url?e.FLAGGED:e.FAILED}));case r.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("eip155"!==t[0])return Promise.resolve(p({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=c.getSignPayload(u.fromString(r)),o=f.fromHex(t),s=l.recoverPublicKey({payload:n,signature:o});return m.checksum(m.fromPublicKey(s)).toString()===m.checksum(e)}catch(e){return!1}}(n,r.attestation,r.proof);return Promise.resolve(p({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(n));case r.ED25519:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("solana"!==t[0])return Promise.resolve(p({},r,{status:e.FAILED}));try{var o=a.decode(n),i=(new TextEncoder).encode(r.attestation),c=s.decode(r.proof),u=P.sign.detached.verify(i,c,o);return Promise.resolve(p({},r,{status:u?e.VERIFIED:e.FAILED}))}catch(t){return Promise.resolve(p({},r,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case r.EIP712:case r.BIP137:case r.BIP322:return Promise.resolve(function(n){try{var o=n.address.split(/:/),a=o[2];if("bip122"!==o[0])return Promise.resolve(p({},n,{status:e.FAILED}));try{switch(n.type){case r.BIP137:return Promise.resolve(function(r,n){var o=[g.SEGWIT,g.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return g.NATIVE;if(e.match("^[32M].*"))return g.SEGWIT;if(e.match("^[1nmL].*"))return g.LEGACY;if(e.match("^(D).*"))return g.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(r)),a=function(e,r,n,o){var a=function(e){var r=s.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");var n=!!(12&t),o=3&t,a=d.Signature.fromCompact(r.slice(1));return{compressed:n,segwitType:8&t?4&t?I.P2WPKH:I.P2SH_P2WPKH:void 0,signature:a.addRecoveryBit(o)}}(n),c=a.compressed,u=a.segwitType,f=a.signature;if(o&&!c)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var l,m=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),n=(new TextEncoder).encode(e),o=t(n.length).buffer,s=new Uint8Array(r.length+o.byteLength+n.length);return s.set(r),s.set(new Uint8Array(o),r.length),s.set(n,r.length+o.byteLength),function(e){return i.sha256(i.sha256(e))}(s)}(e),v=(l=f.recoverPublicKey(m).toRawBytes(c),i.ripemd160(i.sha256(l))),E="";if(u)E=D(v);else if(o)try{E=D(v)}catch(e){E=D(v)}else E=function(e,r){var t=new Uint8Array([0].concat(r));return y.encode(t)}(0,v);return E===r}(n.attestation,r,n.proof,o);return p({},n,{status:a?e.VERIFIED:e.FAILED})}(a,n));case r.BIP322:return Promise.resolve(function(r,t){return p({},t,{status:h.verifySignature(r,t.attestation,t.proof)?e.VERIFIED:e.FAILED})}(a,n));default:return Promise.resolve(p({},n,{status:e.FAILED}))}}catch(r){return Promise.resolve(p({},n,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case r.TIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("tron"!==t[0])return Promise.resolve(p({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=(P=u.fromString(r),i.keccak256(function(e){var r=u.from(e);return u.concat("0x19",u.fromString("TRON Signed Message:\n"+u.size(r)),r)}(P))),o=f.fromHex(t),s=l.recoverPublicKey({payload:n,signature:o}),c="0x41"+i.keccak256("0x"+v.toHex(s).slice(4)).substring(26),m=E.from(c),d=E.from(i.sha256(i.sha256(c))).slice(0,4),h=E.concat(m,d);return a.encode(h)===e}catch(e){return!1}var P}(n,r.attestation,r.proof);return Promise.resolve(p({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(n))}return Promise.resolve(n)}catch(e){return Promise.reject(e)}};export{w as verifyProof};
1
+ import{ProofStatus as e,ProofTypes as r}from"@notabene/javascript-sdk";import{encode as t}from"varuint-bitcoin";import{createBase58check as n,bech32 as o,base64 as s,base58 as a}from"@scure/base";import{Hash as i,PersonalMessage as c,Hex as u,Signature as f,Secp256k1 as l,Address as m,PublicKey as v,Bytes as d}from"ox";import{secp256k1 as E}from"@noble/curves/secp256k1";import{Verifier as P}from"bip322-js";import h from"tweetnacl";import I from"@cardano-foundation/cardano-verify-datasignature";function p(){return p=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var n in t)({}).hasOwnProperty.call(t,n)&&(e[n]=t[n])}return e},p.apply(null,arguments)}var g,y;!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(g||(g={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(y||(y={}));var D=n(i.sha256);function A(e){var r=o.toWords(e);return r.unshift(0),o.encode("bc",r)}var w=function(n){try{switch(n.type){case r.SelfDeclaration:return Promise.resolve(p({},n,{status:n.confirmed?e.VERIFIED:e.FAILED}));case r.Screenshot:return Promise.resolve(p({},n,{status:n.url?e.FLAGGED:e.FAILED}));case r.CIP8:return Promise.resolve(function(r){try{var t,n=r.address.split(/:/),o=n[2],s=null==(t=r.chainSpecificData)?void 0:t.cardanoCoseKey;if("cardano"!==n[0]||!s)return Promise.resolve(p({},r,{status:e.FAILED}));try{var a=I(r.proof,s,r.attestation,o);return Promise.resolve(p({},r,{status:a?e.VERIFIED:e.FAILED}))}catch(t){return Promise.resolve(p({},r,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case r.EIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("eip155"!==t[0])return Promise.resolve(p({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=c.getSignPayload(u.fromString(r)),o=f.fromHex(t),s=l.recoverPublicKey({payload:n,signature:o});return m.checksum(m.fromPublicKey(s)).toString()===m.checksum(e)}catch(e){return!1}}(n,r.attestation,r.proof);return Promise.resolve(p({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(n));case r.ED25519:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("solana"!==t[0])return Promise.resolve(p({},r,{status:e.FAILED}));try{var o=a.decode(n),i=(new TextEncoder).encode(r.attestation),c=s.decode(r.proof),u=h.sign.detached.verify(i,c,o);return Promise.resolve(p({},r,{status:u?e.VERIFIED:e.FAILED}))}catch(t){return Promise.resolve(p({},r,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case r.EIP712:case r.BIP137:case r.BIP322:return Promise.resolve(function(n){try{var o=n.address.split(/:/),a=o[2];if("bip122"!==o[0])return Promise.resolve(p({},n,{status:e.FAILED}));try{switch(n.type){case r.BIP137:return Promise.resolve(function(r,n){var o=[y.SEGWIT,y.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return y.NATIVE;if(e.match("^[32M].*"))return y.SEGWIT;if(e.match("^[1nmL].*"))return y.LEGACY;if(e.match("^(D).*"))return y.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(r)),a=function(e,r,n,o){var a=function(e){var r=s.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");var n=!!(12&t),o=3&t,a=E.Signature.fromCompact(r.slice(1));return{compressed:n,segwitType:8&t?4&t?g.P2WPKH:g.P2SH_P2WPKH:void 0,signature:a.addRecoveryBit(o)}}(n),c=a.compressed,u=a.segwitType,f=a.signature;if(o&&!c)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var l,m=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),n=(new TextEncoder).encode(e),o=t(n.length).buffer,s=new Uint8Array(r.length+o.byteLength+n.length);return s.set(r),s.set(new Uint8Array(o),r.length),s.set(n,r.length+o.byteLength),function(e){return i.sha256(i.sha256(e))}(s)}(e),v=(l=f.recoverPublicKey(m).toRawBytes(c),i.ripemd160(i.sha256(l))),d="";if(u)d=A(v);else if(o)try{d=A(v)}catch(e){d=A(v)}else d=function(e,r){var t=new Uint8Array([0].concat(r));return D.encode(t)}(0,v);return d===r}(n.attestation,r,n.proof,o);return p({},n,{status:a?e.VERIFIED:e.FAILED})}(a,n));case r.BIP322:return Promise.resolve(function(r,t){return p({},t,{status:P.verifySignature(r,t.attestation,t.proof)?e.VERIFIED:e.FAILED})}(a,n));default:return Promise.resolve(p({},n,{status:e.FAILED}))}}catch(r){return Promise.resolve(p({},n,{status:e.FAILED}))}}catch(e){return Promise.reject(e)}}(n));case r.TIP191:return Promise.resolve(function(r){try{var t=r.address.split(/:/),n=t[2];if("tron"!==t[0])return Promise.resolve(p({},r,{status:e.FAILED}));var o=function(e,r,t){try{var n=(h=u.fromString(r),i.keccak256(function(e){var r=u.from(e);return u.concat("0x19",u.fromString("TRON Signed Message:\n"+u.size(r)),r)}(h))),o=f.fromHex(t),s=l.recoverPublicKey({payload:n,signature:o}),c="0x41"+i.keccak256("0x"+v.toHex(s).slice(4)).substring(26),m=d.from(c),E=d.from(i.sha256(i.sha256(c))).slice(0,4),P=d.concat(m,E);return a.encode(P)===e}catch(e){return!1}var h}(n,r.attestation,r.proof);return Promise.resolve(p({},r,{status:o?e.VERIFIED:e.FAILED}))}catch(e){return Promise.reject(e)}}(n))}return Promise.resolve(n)}catch(e){return Promise.reject(e)}};export{w as verifyProof};
2
2
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sources":["../src/bitcoin.ts","../src/eth.ts","../src/index.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyProof","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBIP137","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"2oBA+BA,IAlBKA,EAOAC,GAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,IAAMC,EAAcC,EAAkBC,EAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,CCpLA,ICPsBK,WACpBC,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAWC,gBACd,OAAAC,QAAAC,QAAAC,EACKN,GAAAA,GACHO,OAASP,EAA2BQ,UAChCC,EAAYC,SACZD,EAAYE,UAEpB,KAAKT,EAAWU,WACd,OAAAR,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAASP,EAA0Ba,IAC/BJ,EAAYK,QACZL,EAAYE,UAEpB,KAAKT,EAAWa,OACd,OAAAX,QAAAC,QDZwC,SAC5CL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAE5D,IAAMQ,WAtBNF,EACAG,EACApB,GAEA,IACE,IAAMqB,EAAUC,EAAgBC,eAAeC,EAAIC,WAAWL,IACxDM,EAAYC,EAAUC,QAAQ5B,GAC9B6B,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAQC,SAASD,EAAQE,cAAcL,IACxCM,aAAeH,EAAQC,SAAShB,EAEnD,CAAE,MAAOmB,GACP,OAAO,CACT,CACF,CAQmBC,CACfpB,EACAjB,EAAMsC,YACNtC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CCHYE,CAAyBzC,IAClC,KAAKE,EAAWwC,QACd,OAAAtC,QAAAC,QC9BgB,SACpBL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,UAC5D,IACE,IAAMkB,EAAYc,EAAOC,OAAO3B,GAC1B4B,GAAe,IAAIC,aAAchD,OAAOE,EAAMsC,aAC9CS,EAAiBC,EAAOJ,OAAO5C,EAAMA,OACrCmB,EAAW8B,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAAzB,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,SAG1D,CAAE,MAAOyB,GACP,OAAAhC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,SACzC,CACF,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CDOYc,CAAsBrD,IAC/B,KAAKE,EAAWoD,OAChB,KAAKpD,EAAWqD,OAChB,KAAKrD,EAAWsD,OACd,OAAApD,QAAAC,QFPgB,SACpBL,GAAqB,IAErB,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAC5D,IACE,OAAQX,EAAMC,MACZ,KAAKC,EAAWqD,OACd,OAAAnD,QAAAC,QAiCR,SAAsBY,EAAiBjB,GAErC,IAAMyD,EAAS,CAACtE,EAAeuE,OAAQvE,EAAewE,QAAQC,SAWhE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAO1E,EAAewE,OACjB,GAAI1C,EAAQ4C,MAAM,YACvB,OAAO1E,EAAeuE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAO1E,EAAe2E,OACb7C,GAAAA,EAAQ4C,MAAM,UACvB,OAAO1E,EAAe4E,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CA1BIC,CAAkBjD,IAEdE,EAsDR,SACEmB,EACArB,EACAjB,EACAmE,GAEA,IAAAC,EA5BF,SAAyBpE,GACvB,IAAMqE,EAAWrB,EAAOJ,OAAO5C,GAC/B,GAAwB,KAApBqE,EAASC,OAAe,MAAM,IAAIN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX7C,EAAYgD,EAAU/C,UAAUgD,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEFrF,EAAa4F,OADb5F,EAAa6F,iBAFbC,EAIJtD,UAAWA,EAAUuD,eAAeR,GAExC,CAQgDS,CAAgBlF,GAAtDwE,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYnD,EAAS0C,EAAT1C,UAChC,GAAIyC,IAAsBK,EACxB,MAAU,IAAAR,MACR,kFAGJ,IA+DemB,EA/DTC,EAwCR,SAAmB9C,GACjB,IAAM+C,GAAS,IAAIvC,aAAchD,OAtKb,8BAuKdsB,GAAU,IAAI0B,aAAchD,OAAOwC,GACnCgC,EAASgB,EAAalE,EAAQkD,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAapE,EAAQkD,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIrE,EAASiE,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAO7F,EAAKC,OAAOD,EAAKC,OAAO4F,GACjC,CAXSO,CAAQP,EACjB,CAnDeQ,CAAUrD,GAGjB7C,GA4DS0F,EA9DGzD,EAAUK,iBAAiBqD,GACZQ,WAAWpB,GA8DrClF,EAAKuG,UAAUvG,EAAKC,OAAO4F,KA5D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAAStG,EAAoBC,QAQ/B,GAAI0E,EACF,IACE2B,EAAStG,EAAoBC,EAG/B,CAAE,MAAO8C,GACPuD,EAAStG,EAAoBC,EAE/B,MAEAqG,EASN,SAAmCC,EAAiBtG,GAClD,IAAM4B,EAAU,IAAIkE,WAAU,CAVS,GAUAtB,OAAKxE,IAC5C,OAAOL,EAAYU,OAAOuB,EAC5B,CAZe2E,CAA0B,EAAGvG,GAI1C,OAAOqG,IAAW7E,CACpB,CAjGmBmC,CAAOpD,EAAMsC,YAAarB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAAnD,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,QAE1D,CA5CesF,CAAahF,EAASjB,IAC/B,KAAKE,EAAWsD,OACd,OAAApD,QAAAC,QAkBR,SAAsBY,EAAiBjB,GAOrC,OAAAM,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAPe2F,EAASC,gBACxBlF,EAF6CjB,EAAvCsC,YAAuCtC,EAA1BA,OAQAS,EAAYC,SAAWD,EAAYE,QAE1D,CA7BeyF,CAAanF,EAASjB,IAC/B,QACE,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQE,EAAYE,UAI5B,CAAE,MAAOyB,GAEP,OAAAhC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQE,EAAYE,SAGxB,CACF,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CEnBY8D,CAAmBrG,IAC5B,KAAKE,EAAWoG,OACd,OAAAlG,QAAAC,iBEZJL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,SADFA,KACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAE1D,IAAMQ,EA7BQ,SACdF,EACAG,EACApB,GAEA,IACE,IAAMqB,GA2CqBkF,EA3CI/E,EAAIC,WAAWL,GA4CzC9B,EAAKkH,UAVE,SAAOD,GACrB,IAAMnF,EAAUI,EAAIiF,KAAKF,GACzB,OAAO/E,EAAIyC,OAET,OACAzC,EAAIC,WAAW,yBAA2BD,EAAIkF,KAAKtF,IACnDA,EAEJ,CAEwBtB,CAAOyG,KA3CrB7E,EAAYC,EAAUC,QAAQ5B,GAC9B6B,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClDiF,EAAG,OAAmBrH,EAAKkH,eAC1BI,EAAUC,MAAMhF,GAAW+C,MAAM,IACtCkC,UAAU,IACNC,EAAQC,EAAMP,KAAKE,GACnB1E,EAAW+E,EAAMP,KAAKnH,EAAKC,OAAOD,EAAKC,OAAOoH,KAAO/B,MAAM,EAAG,GAC9DqC,EAAUD,EAAM/C,OAAO8C,EAAO9E,GAEpC,OADYU,EAAO7C,OAAOmH,KACXhG,CAEjB,CAAE,MAAOmB,GACP,OAAO,CACT,CA6Bc,IAAemE,CA5B/B,CAQmBW,CACfjG,EACAjB,EAAMsC,YACNtC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAA4B,GAAAnC,OAAAA,QAAAoC,OAAAD,EAAA,CAAA,CFFY4E,CAAyBnH,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAuC,UAAAnC,QAAAoC,OAAAD,EAAA,CAAA"}
1
+ {"version":3,"file":"index.js","sources":["../src/bitcoin.ts","../src/eth.ts","../src/index.ts","../src/cardano.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\nimport { verifyCIP8Signature } from \"./cardano\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.CIP8:\n return verifyCIP8Signature(proof as SignatureProof);\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import verifyDataSignature from \"@cardano-foundation/cardano-verify-datasignature\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nexport async function verifyCIP8Signature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n const key = proof.chainSpecificData?.cardanoCoseKey;\n \n if (ns !== \"cardano\" || !key) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n \n try {\n const verified = verifyDataSignature(proof.proof, key, proof.attestation, address);\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED\n };\n } catch {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyProof","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","CIP8","_proof$chainSpecificD","_proof$address$split","address","split","key","chainSpecificData","cardanoCoseKey","verified","verifyDataSignature","attestation","_unused","e","reject","verifyCIP8Signature","EIP191","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBIP137","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"2sBA+BA,IAlBKA,EAOAC,GAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,IAAMC,EAAcC,EAAkBC,EAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,CCpLA,ICNsBK,EAAA,SACpBC,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAWC,gBACd,OAAAC,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,EAAYC,SACZD,EAAYE,UAEpB,KAAKT,EAAWU,WACd,OAAAR,QAAAC,QAAAC,EAAA,CAAA,EACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAYK,QACZL,EAAYE,UAEpB,KAAKT,EAAWa,KACd,OAAAX,QAAAC,QC9BmC,SACvCL,GAAqB,QAAAgB,EAErBC,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAMG,EAAMJ,OAAHA,EAAGhB,EAAMqB,wBAANL,EAAAA,EAAyBM,eAErC,GAAW,YAHFL,EAAIC,KAGYE,EACvB,OAAAhB,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,UAGzC,IACE,IAAMY,EAAWC,EAAoBxB,EAAMA,MAAOoB,EAAKpB,EAAMyB,YAAaP,GAC1E,OAAAd,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQgB,EAAWd,EAAYC,SAAWD,EAAYE,SAE1D,CAAE,MAAAe,GACA,OAAAtB,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAYE,SACzC,CACF,CAAC,MAAAgB,GAAAvB,OAAAA,QAAAwB,OAAAD,EAAA,CAAA,CDWYE,CAAoB7B,IAC7B,KAAKE,EAAW4B,OACd,OAAA1B,QAAAC,QDfwC,SAC5CL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAE5D,IAAMY,WAtBNL,EACAa,EACA/B,GAEA,IACE,IAAMgC,EAAUC,EAAgBC,eAAeC,EAAIC,WAAWL,IACxDM,EAAYC,EAAUC,QAAQvC,GAC9BwC,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAQC,SAASD,EAAQE,cAAcL,IACxCM,aAAeH,EAAQC,SAAS1B,EAEnD,CAAE,MAAO6B,GACP,OAAO,CACT,CACF,CAQmBC,CACf9B,EACAlB,EAAMyB,YACNzB,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQgB,EAAWd,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CCAYsB,CAAyBjD,IAClC,KAAKE,EAAWgD,QACd,OAAA9C,QAAAC,QEjCgB,SACpBL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,UAC5D,IACE,IAAM6B,EAAYW,EAAOC,OAAOlC,GAC1BmC,GAAe,IAAIC,aAAcxD,OAAOE,EAAMyB,aAC9C8B,EAAiBC,EAAOJ,OAAOpD,EAAMA,OACrCuB,EAAWkC,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACAf,GAGF,OAAApC,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQgB,EAAWd,EAAYC,SAAWD,EAAYE,SAG1D,CAAE,MAAOoC,GACP,OAAA3C,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAYE,SACzC,CACF,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CFUYkC,CAAsB7D,IAC/B,KAAKE,EAAW4D,OAChB,KAAK5D,EAAW6D,OAChB,KAAK7D,EAAW8D,OACd,OAAA5D,QAAAC,QFVgB,SACpBL,GAAqB,IAErB,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAC5D,IACE,OAAQX,EAAMC,MACZ,KAAKC,EAAW6D,OACd,OAAA3D,QAAAC,QAiCR,SAAsBa,EAAiBlB,GAErC,IAAMiE,EAAS,CAAC9E,EAAe+E,OAAQ/E,EAAegF,QAAQC,SAWhE,SAA2BlD,GACzB,GAAIA,EAAQmD,MAAM,qBAChB,OAAOlF,EAAegF,OACjB,GAAIjD,EAAQmD,MAAM,YACvB,OAAOlF,EAAe+E,OACjB,GAAIhD,EAAQmD,MAAM,aACvB,OAAOlF,EAAemF,OACbpD,GAAAA,EAAQmD,MAAM,UACvB,OAAOlF,EAAeoF,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOvD,GACPuD,OAAO,0CAGhB,CA1BIC,CAAkBxD,IAEdK,EAsDR,SACEE,EACAP,EACAlB,EACA2E,GAEA,IAAAC,EA5BF,SAAyB5E,GACvB,IAAM6E,EAAWrB,EAAOJ,OAAOpD,GAC/B,GAAwB,KAApB6E,EAASC,OAAe,MAAM,IAAIN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX1C,EAAY6C,EAAU5C,UAAU6C,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEF7F,EAAaoG,OADbpG,EAAaqG,iBAFbC,EAIJnD,UAAWA,EAAUoD,eAAeR,GAExC,CAQgDS,CAAgB1F,GAAtDgF,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYhD,EAASuC,EAATvC,UAChC,GAAIsC,IAAsBK,EACxB,MAAU,IAAAR,MACR,kFAGJ,IA+DemB,EA/DTC,EAwCR,SAAmBnE,GACjB,IAAMoE,GAAS,IAAIvC,aAAcxD,OAtKb,8BAuKdiC,GAAU,IAAIuB,aAAcxD,OAAO2B,GACnCqD,EAASgB,EAAa/D,EAAQ+C,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAajE,EAAQ+C,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIlE,EAAS8D,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAOrG,EAAKC,OAAOD,EAAKC,OAAOoG,GACjC,CAXSO,CAAQP,EACjB,CAnDeQ,CAAU1E,GAGjBhC,GA4DSkG,EA9DGtD,EAAUK,iBAAiBkD,GACZQ,WAAWpB,GA8DrC1F,EAAK+G,UAAU/G,EAAKC,OAAOoG,KA5D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAAS9G,EAAoBC,QAQ/B,GAAIkF,EACF,IACE2B,EAAS9G,EAAoBC,EAG/B,CAAE,MAAOkC,GACP2E,EAAS9G,EAAoBC,EAE/B,MAEA6G,EASN,SAAmCC,EAAiB9G,GAClD,IAAMuC,EAAU,IAAI+D,WAAU,CAVS,GAUAtB,OAAKhF,IAC5C,OAAOL,EAAYU,OAAOkC,EAC5B,CAZewE,CAA0B,EAAG/G,GAI1C,OAAO6G,IAAWpF,CACpB,CAjGmB0C,CAAO5D,EAAMyB,YAAaP,EAASlB,EAAMA,MAAOiE,GAEjE,OAAA3D,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQgB,EAAWd,EAAYC,SAAWD,EAAYE,QAE1D,CA5Ce8F,CAAavF,EAASlB,IAC/B,KAAKE,EAAW8D,OACd,OAAA5D,QAAAC,QAkBR,SAAsBa,EAAiBlB,GAOrC,OAAAM,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAPemG,EAASC,gBACxBzF,EAF6ClB,EAAvCyB,YAAuCzB,EAA1BA,OAQAS,EAAYC,SAAWD,EAAYE,QAE1D,CA7BeiG,CAAa1F,EAASlB,IAC/B,QACE,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQE,EAAYE,UAI5B,CAAE,MAAOoC,GAEP,OAAA3C,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQE,EAAYE,SAGxB,CACF,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CEhBYkF,CAAmB7G,IAC5B,KAAKE,EAAW4G,OACd,OAAA1G,QAAAC,iBGfJL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,SADFA,KACU,OAAAb,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAYE,UAE1D,IAAMY,EA7BQ,SACdL,EACAa,EACA/B,GAEA,IACE,IAAMgC,GA2CqB+E,EA3CI5E,EAAIC,WAAWL,GA4CzCzC,EAAK0H,UAVE,SAAOD,GACrB,IAAMhF,EAAUI,EAAI8E,KAAKF,GACzB,OAAO5E,EAAIsC,OAET,OACAtC,EAAIC,WAAW,yBAA2BD,EAAI+E,KAAKnF,IACnDA,EAEJ,CAEwBjC,CAAOiH,KA3CrB1E,EAAYC,EAAUC,QAAQvC,GAC9BwC,EAAYC,EAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD8E,EAAG,OAAmB7H,EAAK0H,eAC1BI,EAAUC,MAAM7E,GAAW4C,MAAM,IACtCkC,UAAU,IACNC,EAAQC,EAAMP,KAAKE,GACnBvE,EAAW4E,EAAMP,KAAK3H,EAAKC,OAAOD,EAAKC,OAAO4H,KAAO/B,MAAM,EAAG,GAC9DqC,EAAUD,EAAM/C,OAAO8C,EAAO3E,GAEpC,OADYO,EAAOrD,OAAO2H,KACXvG,CAEjB,CAAE,MAAO6B,GACP,OAAO,CACT,CA6Bc,IAAegE,CA5B/B,CAQmBW,CACfxG,EACAlB,EAAMyB,YACNzB,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQgB,EAAWd,EAAYC,SAAWD,EAAYE,SAE1D,CAAC,MAAAgB,GAAAvB,OAAAA,QAAAwB,OAAAD,EAAA,CAAA,CHCYgG,CAAyB3H,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAA2B,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA"}
package/dist/index.modern.js CHANGED
@@ -1,2 +1,2 @@
1
- import{ProofStatus as t,ProofTypes as e}from"@notabene/javascript-sdk";import{encode as n}from"varuint-bitcoin";import{createBase58check as r,bech32 as s,base64 as o,base58 as c}from"@scure/base";import{Hash as a,PersonalMessage as i,Hex as u,Signature as f,Secp256k1 as E,Address as d,PublicKey as p,Bytes as I}from"ox";import{secp256k1 as h}from"@noble/curves/secp256k1";import{Verifier as l}from"bip322-js";import g from"tweetnacl";function m(){return m=Object.assign?Object.assign.bind():function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var r in n)({}).hasOwnProperty.call(n,r)&&(t[r]=n[r])}return t},m.apply(null,arguments)}var y,D;!function(t){t.P2WPKH="p2wpkh",t.P2SH_P2WPKH="p2sh(p2wpkh)"}(y||(y={})),function(t){t.LEGACY="Legacy",t.NATIVE="Native SegWit",t.SEGWIT="SegWit",t.P2SH_SEGWIT="p2sh",t.BCH="Bitcoin Cash",t.ETHEREUM="Ethereum",t.DOGECOIN="Dogecoin",t.UNKNOWN="Unknown"}(D||(D={}));const w=r(a.sha256);function A(t){const e=s.toWords(t);return e.unshift(0),s.encode("bc",e)}function P(t,e,n){try{const s=(r=u.fromString(e),a.keccak256(function(t){const e=u.from(t);return u.concat("0x19",u.fromString("TRON Signed Message:\n"+u.size(e)),e)}(r))),o=f.fromHex(n),i=E.recoverPublicKey({payload:s,signature:o}),d=`0x41${a.keccak256(`0x${p.toHex(i).slice(4)}`).substring(26)}`,h=I.from(d),l=I.from(a.sha256(a.sha256(d))).slice(0,4),g=I.concat(h,l);return c.encode(g)===t}catch(t){return!1}var r}async function b(r){switch(r.type){case e.SelfDeclaration:return m({},r,{status:r.confirmed?t.VERIFIED:t.FAILED});case e.Screenshot:return m({},r,{status:r.url?t.FLAGGED:t.FAILED});case e.EIP191:return async function(e){const[n,,r]=e.address.split(/:/);if("eip155"!==n)return m({},e,{status:t.FAILED});const s=function(t,e,n){try{const r=i.getSignPayload(u.fromString(e)),s=f.fromHex(n),o=E.recoverPublicKey({payload:r,signature:s});return d.checksum(d.fromPublicKey(o)).toString()===d.checksum(t)}catch(t){return!1}}(r,e.attestation,e.proof);return m({},e,{status:s?t.VERIFIED:t.FAILED})}(r);case e.ED25519:return async function(e){const[n,,r]=e.address.split(/:/);if("solana"!==n)return m({},e,{status:t.FAILED});try{const n=c.decode(r),s=(new TextEncoder).encode(e.attestation),a=o.decode(e.proof);return m({},e,{status:g.sign.detached.verify(s,a,n)?t.VERIFIED:t.FAILED})}catch(n){return m({},e,{status:t.FAILED})}}(r);case e.EIP712:case e.BIP137:case e.BIP322:return async function(r){const[s,,c]=r.address.split(/:/);if("bip122"!==s)return m({},r,{status:t.FAILED});try{switch(r.type){case e.BIP137:return function(e,r){const s=[D.SEGWIT,D.NATIVE].includes(function(t){if(t.match("^(bc1|tb1|ltc1).*"))return D.NATIVE;if(t.match("^[32M].*"))return D.SEGWIT;if(t.match("^[1nmL].*"))return D.LEGACY;if(t.match("^(D).*"))return D.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(t).concat(" is not a valid or a supported address"))}(e)),c=function(t,e,r,s){const{compressed:c,segwitType:i,signature:u}=function(t){const e=o.decode(t);if(65!==e.length)throw new Error("Invalid signature length");const n=e[0]-27;if(n>15||n<0)throw new Error("Invalid signature parameter");const r=!!(12&n),s=3&n,c=h.Signature.fromCompact(e.slice(1));return{compressed:r,segwitType:8&n?4&n?y.P2WPKH:y.P2SH_P2WPKH:void 0,signature:c.addRecoveryBit(s)}}(r);if(s&&!c)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");const f=function(t){const e=(new TextEncoder).encode("Bitcoin Signed Message:\n"),r=(new TextEncoder).encode(t),s=n(r.length).buffer,o=new Uint8Array(e.length+s.byteLength+r.length);return o.set(e),o.set(new Uint8Array(s),e.length),o.set(r,e.length+s.byteLength),function(t){return a.sha256(a.sha256(t))}(o)}(t),E=(d=u.recoverPublicKey(f).toRawBytes(c),a.ripemd160(a.sha256(d)));var d;let p="";if(i)p=A(E);else if(s)try{p=A(E)}catch(t){p=A(E)}else p=function(t,e){const n=new Uint8Array([0,...e]);return w.encode(n)}(0,E);return p===e}(r.attestation,e,r.proof,s);return m({},r,{status:c?t.VERIFIED:t.FAILED})}(c,r);case e.BIP322:return function(e,n){const{attestation:r,proof:s}=n;return m({},n,{status:l.verifySignature(e,r,s)?t.VERIFIED:t.FAILED})}(c,r);default:return m({},r,{status:t.FAILED})}}catch(e){return m({},r,{status:t.FAILED})}}(r);case e.TIP191:return async function(e){const[n,,r]=e.address.split(/:/);return m({},e,"tron"!==n?{status:t.FAILED}:{status:P(r,e.attestation,e.proof)?t.VERIFIED:t.FAILED})}(r)}return r}export{b as verifyProof};
1
+ import{ProofStatus as t,ProofTypes as e}from"@notabene/javascript-sdk";import{encode as n}from"varuint-bitcoin";import{createBase58check as r,bech32 as s,base64 as o,base58 as c}from"@scure/base";import{Hash as a,PersonalMessage as i,Hex as u,Signature as f,Secp256k1 as d,Address as E,PublicKey as I,Bytes as p}from"ox";import{secp256k1 as l}from"@noble/curves/secp256k1";import{Verifier as h}from"bip322-js";import g from"tweetnacl";import m from"@cardano-foundation/cardano-verify-datasignature";function y(){return y=Object.assign?Object.assign.bind():function(t){for(var e=1;e<arguments.length;e++){var n=arguments[e];for(var r in n)({}).hasOwnProperty.call(n,r)&&(t[r]=n[r])}return t},y.apply(null,arguments)}var D,A;!function(t){t.P2WPKH="p2wpkh",t.P2SH_P2WPKH="p2sh(p2wpkh)"}(D||(D={})),function(t){t.LEGACY="Legacy",t.NATIVE="Native SegWit",t.SEGWIT="SegWit",t.P2SH_SEGWIT="p2sh",t.BCH="Bitcoin Cash",t.ETHEREUM="Ethereum",t.DOGECOIN="Dogecoin",t.UNKNOWN="Unknown"}(A||(A={}));const w=r(a.sha256);function F(t){const e=s.toWords(t);return e.unshift(0),s.encode("bc",e)}function L(t,e,n){try{const s=(r=u.fromString(e),a.keccak256(function(t){const e=u.from(t);return u.concat("0x19",u.fromString("TRON Signed Message:\n"+u.size(e)),e)}(r))),o=f.fromHex(n),i=d.recoverPublicKey({payload:s,signature:o}),E=`0x41${a.keccak256(`0x${I.toHex(i).slice(4)}`).substring(26)}`,l=p.from(E),h=p.from(a.sha256(a.sha256(E))).slice(0,4),g=p.concat(l,h);return c.encode(g)===t}catch(t){return!1}var r}async function P(r){switch(r.type){case e.SelfDeclaration:return y({},r,{status:r.confirmed?t.VERIFIED:t.FAILED});case e.Screenshot:return y({},r,{status:r.url?t.FLAGGED:t.FAILED});case e.CIP8:return async function(e){var n;const[r,,s]=e.address.split(/:/),o=null==(n=e.chainSpecificData)?void 0:n.cardanoCoseKey;if("cardano"!==r||!o)return y({},e,{status:t.FAILED});try{return y({},e,{status:m(e.proof,o,e.attestation,s)?t.VERIFIED:t.FAILED})}catch(n){return y({},e,{status:t.FAILED})}}(r);case e.EIP191:return async function(e){const[n,,r]=e.address.split(/:/);if("eip155"!==n)return y({},e,{status:t.FAILED});const s=function(t,e,n){try{const r=i.getSignPayload(u.fromString(e)),s=f.fromHex(n),o=d.recoverPublicKey({payload:r,signature:s});return E.checksum(E.fromPublicKey(o)).toString()===E.checksum(t)}catch(t){return!1}}(r,e.attestation,e.proof);return y({},e,{status:s?t.VERIFIED:t.FAILED})}(r);case e.ED25519:return async function(e){const[n,,r]=e.address.split(/:/);if("solana"!==n)return y({},e,{status:t.FAILED});try{const n=c.decode(r),s=(new TextEncoder).encode(e.attestation),a=o.decode(e.proof);return y({},e,{status:g.sign.detached.verify(s,a,n)?t.VERIFIED:t.FAILED})}catch(n){return y({},e,{status:t.FAILED})}}(r);case e.EIP712:case e.BIP137:case e.BIP322:return async function(r){const[s,,c]=r.address.split(/:/);if("bip122"!==s)return y({},r,{status:t.FAILED});try{switch(r.type){case e.BIP137:return function(e,r){const s=[A.SEGWIT,A.NATIVE].includes(function(t){if(t.match("^(bc1|tb1|ltc1).*"))return A.NATIVE;if(t.match("^[32M].*"))return A.SEGWIT;if(t.match("^[1nmL].*"))return A.LEGACY;if(t.match("^(D).*"))return A.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(t).concat(" is not a valid or a supported address"))}(e)),c=function(t,e,r,s){const{compressed:c,segwitType:i,signature:u}=function(t){const e=o.decode(t);if(65!==e.length)throw new Error("Invalid signature length");const n=e[0]-27;if(n>15||n<0)throw new Error("Invalid signature parameter");const r=!!(12&n),s=3&n,c=l.Signature.fromCompact(e.slice(1));return{compressed:r,segwitType:8&n?4&n?D.P2WPKH:D.P2SH_P2WPKH:void 0,signature:c.addRecoveryBit(s)}}(r);if(s&&!c)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");const f=function(t){const e=(new TextEncoder).encode("Bitcoin Signed Message:\n"),r=(new TextEncoder).encode(t),s=n(r.length).buffer,o=new Uint8Array(e.length+s.byteLength+r.length);return o.set(e),o.set(new Uint8Array(s),e.length),o.set(r,e.length+s.byteLength),function(t){return a.sha256(a.sha256(t))}(o)}(t),d=(E=u.recoverPublicKey(f).toRawBytes(c),a.ripemd160(a.sha256(E)));var E;let I="";if(i)I=F(d);else if(s)try{I=F(d)}catch(t){I=F(d)}else I=function(t,e){const n=new Uint8Array([0,...e]);return w.encode(n)}(0,d);return I===e}(r.attestation,e,r.proof,s);return y({},r,{status:c?t.VERIFIED:t.FAILED})}(c,r);case e.BIP322:return function(e,n){const{attestation:r,proof:s}=n;return y({},n,{status:h.verifySignature(e,r,s)?t.VERIFIED:t.FAILED})}(c,r);default:return y({},r,{status:t.FAILED})}}catch(e){return y({},r,{status:t.FAILED})}}(r);case e.TIP191:return async function(e){const[n,,r]=e.address.split(/:/);return y({},e,"tron"!==n?{status:t.FAILED}:{status:L(r,e.attestation,e.proof)?t.VERIFIED:t.FAILED})}(r)}return r}export{P as verifyProof};
2
2
  //# sourceMappingURL=index.modern.js.map
package/dist/index.modern.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.modern.js","sources":["../src/bitcoin.ts","../src/tron.ts","../src/index.ts","../src/eth.ts","../src/solana.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyTIP191","address","message","proof","payload","data","Hex","fromString","keccak256","from","concat","size","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","hex","PublicKey","toHex","slice","substring","bytes","Bytes","checksum","checked","base58","error","verifyProof","type","ProofTypes","SelfDeclaration","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","async","ns","split","verified","PersonalMessage","getSignPayload","Address","fromPublicKey","toString","verifyEIP191","attestation","verifyPersonalSignEIP191","ED25519","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","getDerivationMode","checkSegwitAlways","compressed","segwitType","sigbytes","length","flagByte","recovery","secp256k1","fromCompact","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","hash","prefix","encodeLength","buffer","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","e","version","encodeBase58AddressFormat","verifyBIP137","signatureProof","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","verifyPersonalSignTIP191"],"mappings":"2oBAaA,IAAKA,EAOAC,GAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,MAAMC,EAAcC,EAAkBC,EAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,MAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,UCpMgBK,EACdC,EACAC,EACAC,GAEA,IACE,MAAMC,GA2CqBC,EA3CIC,EAAIC,WAAWL,GA4CzCX,EAAKiB,UAVR,SAAiBH,GACrB,MAAMH,EAAUI,EAAIG,KAAKJ,GACzB,OAAOC,EAAII,OAET,OACAJ,EAAIC,WAAW,yBAA2BD,EAAIK,KAAKT,IACnDA,EAEJ,CAEwBH,CAAOM,KA3CrBO,EAAYC,EAAUC,QAAQX,GAC9BY,EAAYC,EAAUC,iBAAiB,CAAEb,UAASQ,cAClDM,EAAe,OAAO3B,EAAKiB,UAC/B,KAAKW,EAAUC,MAAML,GAAWM,MAAM,MACtCC,UAAU,MACNC,EAAQC,EAAMf,KAAKS,GACnBO,EAAWD,EAAMf,KAAKlB,EAAKC,OAAOD,EAAKC,OAAO0B,KAAOG,MAAM,EAAG,GAC9DK,EAAUF,EAAMd,OAAOa,EAAOE,GAEpC,OADYE,EAAO5B,OAAO2B,KACXzB,CAEjB,CAAE,MAAO2B,GACP,OAAO,CACT,KA6B6BvB,CA5B/B,gBCZsBwB,EACpB1B,GAEA,OAAQA,EAAM2B,MACZ,KAAKC,EAAWC,gBACd,OAAAC,EAAA,CAAA,EACK9B,EACH+B,CAAAA,OAAS/B,EAA2BgC,UAChCC,EAAYC,SACZD,EAAYE,SAEpB,KAAKP,EAAWQ,WACd,OAAAN,EAAA,CAAA,EACK9B,EAAK,CACR+B,OAAS/B,EAA0BqC,IAC/BJ,EAAYK,QACZL,EAAYE,SAEpB,KAAKP,EAAWW,OACd,OCZgBC,eACpBxC,GAEA,MAAOyC,EAAM3C,CAAAA,GAAWE,EAAMF,QAAQ4C,MAAM,KAC5C,GAAW,WAAPD,EAAiB,OAAAX,EAAY9B,CAAAA,EAAAA,GAAO+B,OAAQE,EAAYE,SAE5D,MAAMQ,WAtBN7C,EACAC,EACAC,GAEA,IACE,MAAMC,EAAU2C,EAAgBC,eAAe1C,EAAIC,WAAWL,IACxDU,EAAYC,EAAUC,QAAQX,GAC9BY,EAAYC,EAAUC,iBAAiB,CAAEb,UAASQ,cAExD,OADkBqC,EAAQxB,SAASwB,EAAQC,cAAcnC,IACxCoC,aAAeF,EAAQxB,SAASxB,EAEnD,CAAE,MAAO2B,GACP,QACF,CACF,CAQmBwB,CACfnD,EACAE,EAAMkD,YACNlD,EAAMA,OAER,OAAA8B,EAAA,CAAA,EACK9B,EACH+B,CAAAA,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,QAE1D,CDHagB,CAAyBnD,GAClC,KAAK4B,EAAWwB,QACd,OE9BCZ,eACLxC,GAEA,MAAOyC,EAAM3C,CAAAA,GAAWE,EAAMF,QAAQ4C,MAAM,KAC5C,GAAW,WAAPD,EAAiB,OAAAX,KAAY9B,EAAK,CAAE+B,OAAQE,EAAYE,SAC5D,IACE,MAAMvB,EAAYY,EAAO6B,OAAOvD,GAC1BwD,GAAe,IAAIC,aAAc3D,OAAOI,EAAMkD,aAC9CM,EAAiBC,EAAOJ,OAAOrD,EAAMA,OAO3C,OAAA8B,KACK9B,EAAK,CACR+B,OARe2B,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACA5C,GAKmBqB,EAAYC,SAAWD,EAAYE,QAG1D,CAAE,MAAOV,GACP,OAAAK,EAAA,CAAA,EAAY9B,EAAK,CAAE+B,OAAQE,EAAYE,QACzC,CACF,CFOa2B,CAAsB9D,GAC/B,KAAK4B,EAAWmC,OAChB,KAAKnC,EAAWoC,OAChB,KAAKpC,EAAWqC,OACd,OFPgBzB,eACpBxC,GAEA,MAAOyC,EAAM3C,CAAAA,GAAWE,EAAMF,QAAQ4C,MAAM,KAC5C,GAAW,WAAPD,EAAiB,OAAAX,EAAY9B,CAAAA,EAAAA,EAAO+B,CAAAA,OAAQE,EAAYE,SAC5D,IACE,OAAQnC,EAAM2B,MACZ,KAAKC,EAAWoC,OACd,OAiCR,SAAsBlE,EAAiBE,GAErC,MAAMkE,EAAS,CAACjF,EAAekF,OAAQlF,EAAemF,QAAQC,SAWhE,SAA2BvE,GACzB,GAAIA,EAAQwE,MAAM,qBAChB,OAAOrF,EAAemF,OACbtE,GAAAA,EAAQwE,MAAM,YACvB,OAAOrF,EAAekF,OACbrE,GAAAA,EAAQwE,MAAM,aACvB,OAAOrF,EAAesF,OACbzE,GAAAA,EAAQwE,MAAM,UACvB,OAAOrF,EAAeuF,SAEtB,MAAU,IAAAC,MACR,oBACGlE,OAAOT,GACPS,OAAO,0CAGhB,CA1BImE,CAAkB5E,IAEd6C,EAsDR,SACEO,EACApD,EACAE,EACA2E,GAEA,MAAMC,WAAEA,EAAUC,WAAEA,EAAUpE,UAAEA,GA5BlC,SAAyBT,GACvB,MAAM8E,EAAWrB,EAAOJ,OAAOrD,GAC/B,GAAwB,KAApB8E,EAASC,OAAe,MAAU,IAAAN,MAAM,4BAC5C,MAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAU,IAAAP,MAAM,+BAElB,MAAMG,KAA2B,GAAXI,GAChBC,EAAsB,EAAXD,EACXvE,EAAYyE,EAAUxE,UAAUyE,YAAYL,EAAS5D,MAAM,IAEjE,MAAO,CACL0D,aACAC,WAAyB,EAAXG,EAEG,EAAXA,EAEFhG,EAAaoG,OADbpG,EAAaqG,iBAFbC,EAIJ7E,UAAWA,EAAU8E,eAAeN,GAExC,CAQgDO,CAAgBxF,GAC9D,GAAI2E,IAAsBC,EACxB,MAAM,IAAIH,MACR,kFAGJ,MAAMgB,EAwCR,SAAmBvC,GACjB,MAAMwC,GAAS,IAAInC,aAAc3D,OAtKb,8BAuKdG,GAAU,IAAIwD,aAAc3D,OAAOsD,GACnC6B,EAASY,EAAa5F,EAAQgF,QAAQa,OACtCA,EAAS,IAAIC,WACjBH,EAAOX,OAASA,EAAOe,WAAa/F,EAAQgF,QAK9C,OAHAa,EAAOG,IAAIL,GACXE,EAAOG,IAAI,IAAIF,WAAWd,GAASW,EAAOX,QAC1Ca,EAAOG,IAAIhG,EAAS2F,EAAOX,OAASA,EAAOe,YAU7C,SAAiBF,GACf,OAAOxG,EAAKC,OAAOD,EAAKC,OAAOuG,GACjC,CAXSI,CAAQJ,EACjB,CAnDeK,CAAU/C,GAGjB3D,GA4DSqG,EA9DGnF,EAAUK,iBAAiB2E,GACZS,WAAWtB,GA8DrCxF,EAAK+G,UAAU/G,EAAKC,OAAOuG,KADpC,IAAiBA,EA3Df,IAAIQ,EAAiB,GAErB,GAAIvB,EAEAuB,EAAS9G,EAAoBC,QAQ/B,GAAIoF,EACF,IACEyB,EAAS9G,EAAoBC,EAG/B,CAAE,MAAO8G,GACPD,EAAS9G,EAAoBC,EAE/B,MAEA6G,EASN,SAAmCE,EAAiB/G,GAClD,MAAMU,EAAU,IAAI4F,WAAW,CAVQ,KAUKtG,IAC5C,OAAOL,EAAYU,OAAOK,EAC5B,CAZesG,CAA0B,EAAGhH,GAI1C,OAAO6G,IAAWtG,CACpB,CAjGmB+D,CAAO7D,EAAMkD,YAAapD,EAASE,EAAMA,MAAOkE,GAEjE,OAAApC,EACK9B,CAAAA,EAAAA,EACH+B,CAAAA,OAAQY,EAAWV,EAAYC,SAAWD,EAAYE,QAE1D,CA5CeqE,CAAa1G,EAASE,GAC/B,KAAK4B,EAAWqC,OACd,OAkBR,SAAsBnE,EAAiBE,GACrC,MAAMkD,YAAEA,EAAalD,MAAOyG,GAAmBzG,EAM/C,OAAA8B,EAAA,CAAA,EACK9B,EAAK,CACR+B,OAPe2E,EAASC,gBACxB7G,EACAoD,EACAuD,GAImBxE,EAAYC,SAAWD,EAAYE,QAE1D,CA7BeyE,CAAa9G,EAASE,GAC/B,QACE,OAAA8B,EAAA,CAAA,EACK9B,EAAK,CACR+B,OAAQE,EAAYE,SAI5B,CAAE,MAAOV,GAEP,OAAAK,EACK9B,CAAAA,EAAAA,GACH+B,OAAQE,EAAYE,QAGxB,CACF,CEnBa0E,CAAmB7G,GAC5B,KAAK4B,EAAWkF,OACd,ODbgBtE,eACpBxC,GAEA,MAAOyC,EAAE,CAAI3C,GAAWE,EAAMF,QAAQ4C,MAAM,KAC5C,OAAmBZ,EAAY9B,CAAAA,EAAAA,EAApB,SAAPyC,GAAkCV,OAAQE,EAAYE,QAQhD,CACRJ,OAPelC,EACfC,EACAE,EAAMkD,YACNlD,EAAMA,OAIaiC,EAAYC,SAAWD,EAAYE,QAE1D,CCFa4E,CAAyB/G,GAIpC,OAAOA,CACT"}
1
+ {"version":3,"file":"index.modern.js","sources":["../src/bitcoin.ts","../src/tron.ts","../src/index.ts","../src/cardano.ts","../src/eth.ts","../src/solana.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\nimport { verifyCIP8Signature } from \"./cardano\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.CIP8:\n return verifyCIP8Signature(proof as SignatureProof);\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import verifyDataSignature from \"@cardano-foundation/cardano-verify-datasignature\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nexport async function verifyCIP8Signature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n const key = proof.chainSpecificData?.cardanoCoseKey;\n \n if (ns !== \"cardano\" || !key) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n \n try {\n const verified = verifyDataSignature(proof.proof, key, proof.attestation, address);\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED\n };\n } catch {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","verifyTIP191","address","message","proof","payload","data","Hex","fromString","keccak256","from","concat","size","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","hex","PublicKey","toHex","slice","substring","bytes","Bytes","checksum","checked","base58","error","async","verifyProof","type","ProofTypes","SelfDeclaration","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","CIP8","_proof$chainSpecificD","ns","split","key","chainSpecificData","cardanoCoseKey","verifyDataSignature","attestation","_unused","verifyCIP8Signature","EIP191","verified","PersonalMessage","getSignPayload","Address","fromPublicKey","toString","verifyEIP191","verifyPersonalSignEIP191","ED25519","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","getDerivationMode","checkSegwitAlways","compressed","segwitType","sigbytes","length","flagByte","recovery","secp256k1","fromCompact","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","hash","prefix","encodeLength","buffer","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","e","version","encodeBase58AddressFormat","verifyBIP137","signatureProof","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","verifyPersonalSignTIP191"],"mappings":"2sBAaA,IAAKA,EAOAC,GAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,MAAMC,EAAcC,EAAkBC,EAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,MAAMC,EAASC,EAAOC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAOG,OAAO,KAAMJ,EAC7B,UCpMgBK,EACdC,EACAC,EACAC,GAEA,IACE,MAAMC,GA2CqBC,EA3CIC,EAAIC,WAAWL,GA4CzCX,EAAKiB,UAVR,SAAiBH,GACrB,MAAMH,EAAUI,EAAIG,KAAKJ,GACzB,OAAOC,EAAII,OAET,OACAJ,EAAIC,WAAW,yBAA2BD,EAAIK,KAAKT,IACnDA,EAEJ,CAEwBH,CAAOM,KA3CrBO,EAAYC,EAAUC,QAAQX,GAC9BY,EAAYC,EAAUC,iBAAiB,CAAEb,UAASQ,cAClDM,EAAe,OAAO3B,EAAKiB,UAC/B,KAAKW,EAAUC,MAAML,GAAWM,MAAM,MACtCC,UAAU,MACNC,EAAQC,EAAMf,KAAKS,GACnBO,EAAWD,EAAMf,KAAKlB,EAAKC,OAAOD,EAAKC,OAAO0B,KAAOG,MAAM,EAAG,GAC9DK,EAAUF,EAAMd,OAAOa,EAAOE,GAEpC,OADYE,EAAO5B,OAAO2B,KACXzB,CAEjB,CAAE,MAAO2B,GACP,OAAO,CACT,KA6B6BvB,CA5B/B,CCXOwB,eAAeC,EACpB3B,GAEA,OAAQA,EAAM4B,MACZ,KAAKC,EAAWC,gBACd,OAAAC,EACK/B,CAAAA,EAAAA,GACHgC,OAAShC,EAA2BiC,UAChCC,EAAYC,SACZD,EAAYE,SAEpB,KAAKP,EAAWQ,WACd,OAAAN,EAAA,CAAA,EACK/B,EACHgC,CAAAA,OAAShC,EAA0BsC,IAC/BJ,EAAYK,QACZL,EAAYE,SAEpB,KAAKP,EAAWW,KACd,OC9BCd,eACL1B,GAAqB,IAAAyC,EAErB,MAAOC,EAAE,CAAI5C,GAAWE,EAAMF,QAAQ6C,MAAM,KACtCC,EAA6B,OAA1BH,EAAGzC,EAAM6C,wBAAiB,EAAvBJ,EAAyBK,eAErC,GAAW,YAAPJ,IAAqBE,EACvB,OAAAb,EAAA,CAAA,EAAY/B,EAAK,CAAEgC,OAAQE,EAAYE,SAGzC,IAEE,OAAAL,EACK/B,CAAAA,EAAAA,EACHgC,CAAAA,OAHee,EAAoB/C,EAAMA,MAAO4C,EAAK5C,EAAMgD,YAAalD,GAGrDoC,EAAYC,SAAWD,EAAYE,QAE1D,CAAE,MAAAa,GACA,OAAAlB,EAAY/B,CAAAA,EAAAA,EAAOgC,CAAAA,OAAQE,EAAYE,QACzC,CACF,CDWac,CAAoBlD,GAC7B,KAAK6B,EAAWsB,OACd,OEfgBzB,eACpB1B,GAEA,MAAO0C,EAAM5C,CAAAA,GAAWE,EAAMF,QAAQ6C,MAAM,KAC5C,GAAW,WAAPD,EAAiB,OAAAX,EAAY/B,CAAAA,EAAAA,GAAOgC,OAAQE,EAAYE,SAE5D,MAAMgB,WAtBNtD,EACAC,EACAC,GAEA,IACE,MAAMC,EAAUoD,EAAgBC,eAAenD,EAAIC,WAAWL,IACxDU,EAAYC,EAAUC,QAAQX,GAC9BY,EAAYC,EAAUC,iBAAiB,CAAEb,UAASQ,cAExD,OADkB8C,EAAQjC,SAASiC,EAAQC,cAAc5C,IACxC6C,aAAeF,EAAQjC,SAASxB,EAEnD,CAAE,MAAO2B,GACP,QACF,CACF,CAQmBiC,CACf5D,EACAE,EAAMgD,YACNhD,EAAMA,OAER,OAAA+B,EAAA,CAAA,EACK/B,EACHgC,CAAAA,OAAQoB,EAAWlB,EAAYC,SAAWD,EAAYE,QAE1D,CFAauB,CAAyB3D,GAClC,KAAK6B,EAAW+B,QACd,OGjCClC,eACL1B,GAEA,MAAO0C,EAAM5C,CAAAA,GAAWE,EAAMF,QAAQ6C,MAAM,KAC5C,GAAW,WAAPD,EAAiB,OAAAX,KAAY/B,EAAK,CAAEgC,OAAQE,EAAYE,SAC5D,IACE,MAAMxB,EAAYY,EAAOqC,OAAO/D,GAC1BgE,GAAe,IAAIC,aAAcnE,OAAOI,EAAMgD,aAC9CgB,EAAiBC,EAAOJ,OAAO7D,EAAMA,OAO3C,OAAA+B,KACK/B,EAAK,CACRgC,OARekC,EAAKC,KAAKC,SAASC,OAClCP,EACAE,EACApD,GAKmBsB,EAAYC,SAAWD,EAAYE,QAG1D,CAAE,MAAOX,GACP,OAAAM,EAAA,CAAA,EAAY/B,EAAK,CAAEgC,OAAQE,EAAYE,QACzC,CACF,CHUakC,CAAsBtE,GAC/B,KAAK6B,EAAW0C,OAChB,KAAK1C,EAAW2C,OAChB,KAAK3C,EAAW4C,OACd,OFVgB/C,eACpB1B,GAEA,MAAO0C,EAAM5C,CAAAA,GAAWE,EAAMF,QAAQ6C,MAAM,KAC5C,GAAW,WAAPD,EAAiB,OAAAX,EAAY/B,CAAAA,EAAAA,EAAOgC,CAAAA,OAAQE,EAAYE,SAC5D,IACE,OAAQpC,EAAM4B,MACZ,KAAKC,EAAW2C,OACd,OAiCR,SAAsB1E,EAAiBE,GAErC,MAAM0E,EAAS,CAACzF,EAAe0F,OAAQ1F,EAAe2F,QAAQC,SAWhE,SAA2B/E,GACzB,GAAIA,EAAQgF,MAAM,qBAChB,OAAO7F,EAAe2F,OACb9E,GAAAA,EAAQgF,MAAM,YACvB,OAAO7F,EAAe0F,OACb7E,GAAAA,EAAQgF,MAAM,aACvB,OAAO7F,EAAe8F,OACbjF,GAAAA,EAAQgF,MAAM,UACvB,OAAO7F,EAAe+F,SAEtB,MAAU,IAAAC,MACR,oBACG1E,OAAOT,GACPS,OAAO,0CAGhB,CA1BI2E,CAAkBpF,IAEdsD,EAsDR,SACEJ,EACAlD,EACAE,EACAmF,GAEA,MAAMC,WAAEA,EAAUC,WAAEA,EAAU5E,UAAEA,GA5BlC,SAAyBT,GACvB,MAAMsF,EAAWrB,EAAOJ,OAAO7D,GAC/B,GAAwB,KAApBsF,EAASC,OAAe,MAAU,IAAAN,MAAM,4BAC5C,MAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAU,IAAAP,MAAM,+BAElB,MAAMG,KAA2B,GAAXI,GAChBC,EAAsB,EAAXD,EACX/E,EAAYiF,EAAUhF,UAAUiF,YAAYL,EAASpE,MAAM,IAEjE,MAAO,CACLkE,aACAC,WAAyB,EAAXG,EAEG,EAAXA,EAEFxG,EAAa4G,OADb5G,EAAa6G,iBAFbC,EAIJrF,UAAWA,EAAUsF,eAAeN,GAExC,CAQgDO,CAAgBhG,GAC9D,GAAImF,IAAsBC,EACxB,MAAM,IAAIH,MACR,kFAGJ,MAAMgB,EAwCR,SAAmBjD,GACjB,MAAMkD,GAAS,IAAInC,aAAcnE,OAtKb,8BAuKdG,GAAU,IAAIgE,aAAcnE,OAAOoD,GACnCuC,EAASY,EAAapG,EAAQwF,QAAQa,OACtCA,EAAS,IAAIC,WACjBH,EAAOX,OAASA,EAAOe,WAAavG,EAAQwF,QAK9C,OAHAa,EAAOG,IAAIL,GACXE,EAAOG,IAAI,IAAIF,WAAWd,GAASW,EAAOX,QAC1Ca,EAAOG,IAAIxG,EAASmG,EAAOX,OAASA,EAAOe,YAU7C,SAAiBF,GACf,OAAOhH,EAAKC,OAAOD,EAAKC,OAAO+G,GACjC,CAXSI,CAAQJ,EACjB,CAnDeK,CAAUzD,GAGjBzD,GA4DS6G,EA9DG3F,EAAUK,iBAAiBmF,GACZS,WAAWtB,GA8DrChG,EAAKuH,UAAUvH,EAAKC,OAAO+G,KADpC,IAAiBA,EA3Df,IAAIQ,EAAiB,GAErB,GAAIvB,EAEAuB,EAAStH,EAAoBC,QAQ/B,GAAI4F,EACF,IACEyB,EAAStH,EAAoBC,EAG/B,CAAE,MAAOsH,GACPD,EAAStH,EAAoBC,EAE/B,MAEAqH,EASN,SAAmCE,EAAiBvH,GAClD,MAAMU,EAAU,IAAIoG,WAAW,CAVQ,KAUK9G,IAC5C,OAAOL,EAAYU,OAAOK,EAC5B,CAZe8G,CAA0B,EAAGxH,GAI1C,OAAOqH,IAAW9G,CACpB,CAjGmBuE,CAAOrE,EAAMgD,YAAalD,EAASE,EAAMA,MAAO0E,GAEjE,OAAA3C,EACK/B,CAAAA,EAAAA,EACHgC,CAAAA,OAAQoB,EAAWlB,EAAYC,SAAWD,EAAYE,QAE1D,CA5Ce4E,CAAalH,EAASE,GAC/B,KAAK6B,EAAW4C,OACd,OAkBR,SAAsB3E,EAAiBE,GACrC,MAAMgD,YAAEA,EAAahD,MAAOiH,GAAmBjH,EAM/C,OAAA+B,EAAA,CAAA,EACK/B,EAAK,CACRgC,OAPekF,EAASC,gBACxBrH,EACAkD,EACAiE,GAImB/E,EAAYC,SAAWD,EAAYE,QAE1D,CA7BegF,CAAatH,EAASE,GAC/B,QACE,OAAA+B,EAAA,CAAA,EACK/B,EAAK,CACRgC,OAAQE,EAAYE,SAI5B,CAAE,MAAOX,GAEP,OAAAM,EACK/B,CAAAA,EAAAA,GACHgC,OAAQE,EAAYE,QAGxB,CACF,CEhBaiF,CAAmBrH,GAC5B,KAAK6B,EAAWyF,OACd,ODhBgB5F,eACpB1B,GAEA,MAAO0C,EAAE,CAAI5C,GAAWE,EAAMF,QAAQ6C,MAAM,KAC5C,OAAmBZ,EAAY/B,CAAAA,EAAAA,EAApB,SAAP0C,GAAkCV,OAAQE,EAAYE,QAQhD,CACRJ,OAPenC,EACfC,EACAE,EAAMgD,YACNhD,EAAMA,OAIakC,EAAYC,SAAWD,EAAYE,QAE1D,CCCamF,CAAyBvH,GAIpC,OAAOA,CACT"}
package/dist/index.umd.js CHANGED
@@ -1,2 +1,2 @@
1
- !function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(exports,require("@notabene/javascript-sdk"),require("varuint-bitcoin"),require("@scure/base"),require("ox"),require("@noble/curves/secp256k1"),require("bip322-js"),require("tweetnacl")):"function"==typeof define&&define.amd?define(["exports","@notabene/javascript-sdk","varuint-bitcoin","@scure/base","ox","@noble/curves/secp256k1","bip322-js","tweetnacl"],r):r((e||self).verifyProof={},e.javascriptSdk,e.varuintBitcoin,e.base,e.ox,e.secp256k1,e.bip322Js,e.tweetnacl)}(this,function(e,r,t,o,s,n,a,i){function c(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var u,f,P=/*#__PURE__*/c(i);function l(){return l=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var o in t)({}).hasOwnProperty.call(t,o)&&(e[o]=t[o])}return e},l.apply(null,arguments)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(u||(u={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(f||(f={}));var d=o.createBase58check(s.Hash.sha256);function h(e){var r=o.bech32.toWords(e);return r.unshift(0),o.bech32.encode("bc",r)}e.verifyProof=function(e){try{switch(e.type){case r.ProofTypes.SelfDeclaration:return Promise.resolve(l({},e,{status:e.confirmed?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}));case r.ProofTypes.Screenshot:return Promise.resolve(l({},e,{status:e.url?r.ProofStatus.FLAGGED:r.ProofStatus.FAILED}));case r.ProofTypes.EIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),o=t[2];if("eip155"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));var n=function(e,r,t){try{var o=s.PersonalMessage.getSignPayload(s.Hex.fromString(r)),n=s.Signature.fromHex(t),a=s.Secp256k1.recoverPublicKey({payload:o,signature:n});return s.Address.checksum(s.Address.fromPublicKey(a)).toString()===s.Address.checksum(e)}catch(e){return!1}}(o,e.attestation,e.proof);return Promise.resolve(l({},e,{status:n?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.ED25519:return Promise.resolve(function(e){try{var t=e.address.split(/:/),s=t[2];if("solana"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));try{var n=o.base58.decode(s),a=(new TextEncoder).encode(e.attestation),i=o.base64.decode(e.proof),c=P.default.sign.detached.verify(a,i,n);return Promise.resolve(l({},e,{status:c?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(t){return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.EIP712:case r.ProofTypes.BIP137:case r.ProofTypes.BIP322:return Promise.resolve(function(e){try{var i=e.address.split(/:/),c=i[2];if("bip122"!==i[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));try{switch(e.type){case r.ProofTypes.BIP137:return Promise.resolve(function(e,a){var i=[f.SEGWIT,f.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return f.NATIVE;if(e.match("^[32M].*"))return f.SEGWIT;if(e.match("^[1nmL].*"))return f.LEGACY;if(e.match("^(D).*"))return f.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(e)),c=function(e,r,a,i){var c=function(e){var r=o.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");var s=!!(12&t),a=3&t,i=n.secp256k1.Signature.fromCompact(r.slice(1));return{compressed:s,segwitType:8&t?4&t?u.P2WPKH:u.P2SH_P2WPKH:void 0,signature:i.addRecoveryBit(a)}}(a),f=c.compressed,P=c.segwitType,l=c.signature;if(i&&!f)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var p,v=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),o=(new TextEncoder).encode(e),n=t.encode(o.length).buffer,a=new Uint8Array(r.length+n.byteLength+o.length);return a.set(r),a.set(new Uint8Array(n),r.length),a.set(o,r.length+n.byteLength),function(e){return s.Hash.sha256(s.Hash.sha256(e))}(a)}(e),y=(p=l.recoverPublicKey(v).toRawBytes(f),s.Hash.ripemd160(s.Hash.sha256(p))),E="";if(P)E=h(y);else if(i)try{E=h(y)}catch(e){E=h(y)}else E=function(e,r){var t=new Uint8Array([0].concat(r));return d.encode(t)}(0,y);return E===r}(a.attestation,e,a.proof,i);return l({},a,{status:c?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED})}(c,e));case r.ProofTypes.BIP322:return Promise.resolve(function(e,t){return l({},t,{status:a.Verifier.verifySignature(e,t.attestation,t.proof)?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED})}(c,e));default:return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}))}}catch(t){return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.TIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),n=t[2];if("tron"!==t[0])return Promise.resolve(l({},e,{status:r.ProofStatus.FAILED}));var a=function(e,r,t){try{var n=(l=s.Hex.fromString(r),s.Hash.keccak256(function(e){var r=s.Hex.from(e);return s.Hex.concat("0x19",s.Hex.fromString("TRON Signed Message:\n"+s.Hex.size(r)),r)}(l))),a=s.Signature.fromHex(t),i=s.Secp256k1.recoverPublicKey({payload:n,signature:a}),c="0x41"+s.Hash.keccak256("0x"+s.PublicKey.toHex(i).slice(4)).substring(26),u=s.Bytes.from(c),f=s.Bytes.from(s.Hash.sha256(s.Hash.sha256(c))).slice(0,4),P=s.Bytes.concat(u,f);return o.base58.encode(P)===e}catch(e){return!1}var l}(n,e.attestation,e.proof);return Promise.resolve(l({},e,{status:a?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e))}return Promise.resolve(e)}catch(e){return Promise.reject(e)}}});
1
+ !function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(exports,require("@notabene/javascript-sdk"),require("varuint-bitcoin"),require("@scure/base"),require("ox"),require("@noble/curves/secp256k1"),require("bip322-js"),require("tweetnacl"),require("@cardano-foundation/cardano-verify-datasignature")):"function"==typeof define&&define.amd?define(["exports","@notabene/javascript-sdk","varuint-bitcoin","@scure/base","ox","@noble/curves/secp256k1","bip322-js","tweetnacl","@cardano-foundation/cardano-verify-datasignature"],r):r((e||self).verifyProof={},e.javascriptSdk,e.varuintBitcoin,e.base,e.ox,e.secp256k1,e.bip322Js,e.tweetnacl,e.verifyDataSignature)}(this,function(e,r,t,o,s,a,n,i,u){function c(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}var f,P,d=/*#__PURE__*/c(i),l=/*#__PURE__*/c(u);function v(){return v=Object.assign?Object.assign.bind():function(e){for(var r=1;r<arguments.length;r++){var t=arguments[r];for(var o in t)({}).hasOwnProperty.call(t,o)&&(e[o]=t[o])}return e},v.apply(null,arguments)}!function(e){e.P2WPKH="p2wpkh",e.P2SH_P2WPKH="p2sh(p2wpkh)"}(f||(f={})),function(e){e.LEGACY="Legacy",e.NATIVE="Native SegWit",e.SEGWIT="SegWit",e.P2SH_SEGWIT="p2sh",e.BCH="Bitcoin Cash",e.ETHEREUM="Ethereum",e.DOGECOIN="Dogecoin",e.UNKNOWN="Unknown"}(P||(P={}));var p=o.createBase58check(s.Hash.sha256);function h(e){var r=o.bech32.toWords(e);return r.unshift(0),o.bech32.encode("bc",r)}e.verifyProof=function(e){try{switch(e.type){case r.ProofTypes.SelfDeclaration:return Promise.resolve(v({},e,{status:e.confirmed?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}));case r.ProofTypes.Screenshot:return Promise.resolve(v({},e,{status:e.url?r.ProofStatus.FLAGGED:r.ProofStatus.FAILED}));case r.ProofTypes.CIP8:return Promise.resolve(function(e){try{var t,o=e.address.split(/:/),s=o[2],a=null==(t=e.chainSpecificData)?void 0:t.cardanoCoseKey;if("cardano"!==o[0]||!a)return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}));try{var n=l.default(e.proof,a,e.attestation,s);return Promise.resolve(v({},e,{status:n?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(t){return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.EIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),o=t[2];if("eip155"!==t[0])return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}));var a=function(e,r,t){try{var o=s.PersonalMessage.getSignPayload(s.Hex.fromString(r)),a=s.Signature.fromHex(t),n=s.Secp256k1.recoverPublicKey({payload:o,signature:a});return s.Address.checksum(s.Address.fromPublicKey(n)).toString()===s.Address.checksum(e)}catch(e){return!1}}(o,e.attestation,e.proof);return Promise.resolve(v({},e,{status:a?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.ED25519:return Promise.resolve(function(e){try{var t=e.address.split(/:/),s=t[2];if("solana"!==t[0])return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}));try{var a=o.base58.decode(s),n=(new TextEncoder).encode(e.attestation),i=o.base64.decode(e.proof),u=d.default.sign.detached.verify(n,i,a);return Promise.resolve(v({},e,{status:u?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(t){return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.EIP712:case r.ProofTypes.BIP137:case r.ProofTypes.BIP322:return Promise.resolve(function(e){try{var i=e.address.split(/:/),u=i[2];if("bip122"!==i[0])return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}));try{switch(e.type){case r.ProofTypes.BIP137:return Promise.resolve(function(e,n){var i=[P.SEGWIT,P.NATIVE].includes(function(e){if(e.match("^(bc1|tb1|ltc1).*"))return P.NATIVE;if(e.match("^[32M].*"))return P.SEGWIT;if(e.match("^[1nmL].*"))return P.LEGACY;if(e.match("^(D).*"))return P.DOGECOIN;throw new Error("INVALID ADDRESS: ".concat(e).concat(" is not a valid or a supported address"))}(e)),u=function(e,r,n,i){var u=function(e){var r=o.base64.decode(e);if(65!==r.length)throw new Error("Invalid signature length");var t=r[0]-27;if(t>15||t<0)throw new Error("Invalid signature parameter");var s=!!(12&t),n=3&t,i=a.secp256k1.Signature.fromCompact(r.slice(1));return{compressed:s,segwitType:8&t?4&t?f.P2WPKH:f.P2SH_P2WPKH:void 0,signature:i.addRecoveryBit(n)}}(n),c=u.compressed,P=u.segwitType,d=u.signature;if(i&&!c)throw new Error("checkSegwitAlways can only be used with a compressed pubkey signature flagbyte");var l,v=function(e){var r=(new TextEncoder).encode("Bitcoin Signed Message:\n"),o=(new TextEncoder).encode(e),a=t.encode(o.length).buffer,n=new Uint8Array(r.length+a.byteLength+o.length);return n.set(r),n.set(new Uint8Array(a),r.length),n.set(o,r.length+a.byteLength),function(e){return s.Hash.sha256(s.Hash.sha256(e))}(n)}(e),y=(l=d.recoverPublicKey(v).toRawBytes(c),s.Hash.ripemd160(s.Hash.sha256(l))),E="";if(P)E=h(y);else if(i)try{E=h(y)}catch(e){E=h(y)}else E=function(e,r){var t=new Uint8Array([0].concat(r));return p.encode(t)}(0,y);return E===r}(n.attestation,e,n.proof,i);return v({},n,{status:u?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED})}(u,e));case r.ProofTypes.BIP322:return Promise.resolve(function(e,t){return v({},t,{status:n.Verifier.verifySignature(e,t.attestation,t.proof)?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED})}(u,e));default:return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}))}}catch(t){return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}))}}catch(e){return Promise.reject(e)}}(e));case r.ProofTypes.TIP191:return Promise.resolve(function(e){try{var t=e.address.split(/:/),a=t[2];if("tron"!==t[0])return Promise.resolve(v({},e,{status:r.ProofStatus.FAILED}));var n=function(e,r,t){try{var a=(d=s.Hex.fromString(r),s.Hash.keccak256(function(e){var r=s.Hex.from(e);return s.Hex.concat("0x19",s.Hex.fromString("TRON Signed Message:\n"+s.Hex.size(r)),r)}(d))),n=s.Signature.fromHex(t),i=s.Secp256k1.recoverPublicKey({payload:a,signature:n}),u="0x41"+s.Hash.keccak256("0x"+s.PublicKey.toHex(i).slice(4)).substring(26),c=s.Bytes.from(u),f=s.Bytes.from(s.Hash.sha256(s.Hash.sha256(u))).slice(0,4),P=s.Bytes.concat(c,f);return o.base58.encode(P)===e}catch(e){return!1}var d}(a,e.attestation,e.proof);return Promise.resolve(v({},e,{status:n?r.ProofStatus.VERIFIED:r.ProofStatus.FAILED}))}catch(e){return Promise.reject(e)}}(e))}return Promise.resolve(e)}catch(e){return Promise.reject(e)}}});
2
2
  //# sourceMappingURL=index.umd.js.map
package/dist/index.umd.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.umd.js","sources":["../src/bitcoin.ts","../src/index.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","EIP191","_proof$address$split","address","split","verified","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","attestation","e","reject","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBIP137","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"krBAaKA,EAOAC,+OAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,IAAMC,EAAcC,EAAAA,kBAAkBC,EAAAA,KAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAMA,OAACC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAAA,OAAOG,OAAO,KAAMJ,EAC7B,wBC1LEK,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,EAAUA,WAACC,gBACd,OAAAC,QAAAC,QAAAC,EACKN,GAAAA,GACHO,OAASP,EAA2BQ,UAChCC,EAAAA,YAAYC,SACZD,cAAYE,UAEpB,KAAKT,EAAAA,WAAWU,WACd,OAAAR,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAASP,EAA0Ba,IAC/BJ,cAAYK,QACZL,EAAWA,YAACE,UAEpB,KAAKT,aAAWa,OACd,OAAAX,QAAAC,QCZwC,SAC5CL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE5D,IAAMQ,WAtBNF,EACAG,EACApB,GAEA,IACE,IAAMqB,EAAUC,EAAeA,gBAACC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAAAA,UAAUC,QAAQ5B,GAC9B6B,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAOA,QAACC,SAASD,EAAOA,QAACE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAAShB,EAEnD,CAAE,MAAOmB,GACP,OAAO,CACT,CACF,CAQmBC,CACfpB,EACAjB,EAAMsC,YACNtC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQY,EAAWV,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CDHYE,CAAyBzC,IAClC,KAAKE,EAAUA,WAACwC,QACd,OAAAtC,QAAAC,QE9BgB,SACpBL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,UAC5D,IACE,IAAMkB,EAAYc,SAAOC,OAAO3B,GAC1B4B,GAAe,IAAIC,aAAc/C,OAAOC,EAAMsC,aAC9CS,EAAiBC,EAAMA,OAACJ,OAAO5C,EAAMA,OACrCmB,EAAW8B,EAAI,QAACC,KAAKC,SAASC,OAClCP,EACAE,EACAlB,GAGF,OAAAzB,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQY,EAAWV,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAG1D,CAAE,MAAOyB,GACP,OAAAhC,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAAA,YAAYE,SACzC,CACF,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CFOYc,CAAsBrD,IAC/B,KAAKE,EAAAA,WAAWoD,OAChB,KAAKpD,EAAUA,WAACqD,OAChB,KAAKrD,aAAWsD,OACd,OAAApD,QAAAC,QDPgB,SACpBL,GAAqB,IAErB,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,WADFA,EAAA,GACY,OAAAZ,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAC5D,IACE,OAAQX,EAAMC,MACZ,KAAKC,EAAAA,WAAWqD,OACd,OAAAnD,QAAAC,QAiCR,SAAsBY,EAAiBjB,GAErC,IAAMyD,EAAS,CAACrE,EAAesE,OAAQtE,EAAeuE,QAAQC,SAWhE,SAA2B3C,GACzB,GAAIA,EAAQ4C,MAAM,qBAChB,OAAOzE,EAAeuE,OACjB,GAAI1C,EAAQ4C,MAAM,YACvB,OAAOzE,EAAesE,OACjB,GAAIzC,EAAQ4C,MAAM,aACvB,OAAOzE,EAAe0E,OACb7C,GAAAA,EAAQ4C,MAAM,UACvB,OAAOzE,EAAe2E,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOhD,GACPgD,OAAO,0CAGhB,CA1BIC,CAAkBjD,IAEdE,EAsDR,SACEmB,EACArB,EACAjB,EACAmE,GAEA,IAAAC,EA5BF,SAAyBpE,GACvB,IAAMqE,EAAWrB,EAAAA,OAAOJ,OAAO5C,GAC/B,GAAwB,KAApBqE,EAASC,OAAe,MAAM,IAAIN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX7C,EAAYgD,EAASA,UAAC/C,UAAUgD,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEFpF,EAAa2F,OADb3F,EAAa4F,iBAFbC,EAIJtD,UAAWA,EAAUuD,eAAeR,GAExC,CAQgDS,CAAgBlF,GAAtDwE,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYnD,EAAS0C,EAAT1C,UAChC,GAAIyC,IAAsBK,EACxB,MAAU,IAAAR,MACR,kFAGJ,IA+DemB,EA/DTC,EAwCR,SAAmB9C,GACjB,IAAM+C,GAAS,IAAIvC,aAAc/C,OAtKb,8BAuKdqB,GAAU,IAAI0B,aAAc/C,OAAOuC,GACnCgC,EAASgB,EAAYvF,OAACqB,EAAQkD,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAapE,EAAQkD,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIrE,EAASiE,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAO5F,EAAAA,KAAKC,OAAOD,EAAAA,KAAKC,OAAO2F,GACjC,CAXSO,CAAQP,EACjB,CAnDeQ,CAAUrD,GAGjB5C,GA4DSyF,EA9DGzD,EAAUK,iBAAiBqD,GACZQ,WAAWpB,GA8DrCjF,EAAIA,KAACsG,UAAUtG,EAAIA,KAACC,OAAO2F,KA5D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAASrG,EAAoBC,QAQ/B,GAAIyE,EACF,IACE2B,EAASrG,EAAoBC,EAG/B,CAAE,MAAO6C,GACPuD,EAASrG,EAAoBC,EAE/B,MAEAoG,EASN,SAAmCC,EAAiBrG,GAClD,IAAM2B,EAAU,IAAIkE,WAAU,CAVS,GAUAtB,OAAKvE,IAC5C,OAAOL,EAAYU,OAAOsB,EAC5B,CAZe2E,CAA0B,EAAGtG,GAI1C,OAAOoG,IAAW7E,CACpB,CAjGmBmC,CAAOpD,EAAMsC,YAAarB,EAASjB,EAAMA,MAAOyD,GAEjE,OAAAnD,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQY,EAAWV,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA5CesF,CAAahF,EAASjB,IAC/B,KAAKE,EAAAA,WAAWsD,OACd,OAAApD,QAAAC,QAkBR,SAAsBY,EAAiBjB,GAOrC,OAAAM,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAPe2F,EAAQA,SAACC,gBACxBlF,EAF6CjB,EAAvCsC,YAAuCtC,EAA1BA,OAQAS,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA7BeyF,CAAanF,EAASjB,IAC/B,QACE,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQE,EAAAA,YAAYE,UAI5B,CAAE,MAAOyB,GAEP,OAAAhC,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQE,EAAWA,YAACE,SAGxB,CACF,CAAC,MAAA4B,GAAA,OAAAnC,QAAAoC,OAAAD,EAAA,CAAA,CCnBY8D,CAAmBrG,IAC5B,KAAKE,EAAUA,WAACoG,OACd,OAAAlG,QAAAC,iBGZJL,OAEA,IAAAgB,EAAwBhB,EAAMiB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,SADFA,KACU,OAAAZ,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE1D,IAAMQ,EA7BQ,SACdF,EACAG,EACApB,GAEA,IACE,IAAMqB,GA2CqBkF,EA3CI/E,EAAAA,IAAIC,WAAWL,GA4CzC7B,EAAAA,KAAKiH,UAVE,SAAOD,GACrB,IAAMnF,EAAUI,MAAIiF,KAAKF,GACzB,OAAO/E,MAAIyC,OAET,OACAzC,EAAGA,IAACC,WAAW,yBAA2BD,EAAAA,IAAIkF,KAAKtF,IACnDA,EAEJ,CAEwBrB,CAAOwG,KA3CrB7E,EAAYC,EAAAA,UAAUC,QAAQ5B,GAC9B6B,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClDiF,EAAG,OAAmBpH,EAAIA,KAACiH,eAC1BI,EAAAA,UAAUC,MAAMhF,GAAW+C,MAAM,IACtCkC,UAAU,IACNC,EAAQC,EAAAA,MAAMP,KAAKE,GACnB1E,EAAW+E,EAAAA,MAAMP,KAAKlH,EAAIA,KAACC,OAAOD,EAAAA,KAAKC,OAAOmH,KAAO/B,MAAM,EAAG,GAC9DqC,EAAUD,QAAM/C,OAAO8C,EAAO9E,GAEpC,OADYU,EAAAA,OAAO5C,OAAOkH,KACXhG,CAEjB,CAAE,MAAOmB,GACP,OAAO,CACT,CA6Bc,IAAemE,CA5B/B,CAQmBW,CACfjG,EACAjB,EAAMsC,YACNtC,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQY,EAAWV,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAA4B,GAAAnC,OAAAA,QAAAoC,OAAAD,EAAA,CAAA,CHFY4E,CAAyBnH,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAAuC,UAAAnC,QAAAoC,OAAAD,EAAA,CAAA"}
1
+ {"version":3,"file":"index.umd.js","sources":["../src/bitcoin.ts","../src/index.ts","../src/cardano.ts","../src/eth.ts","../src/solana.ts","../src/tron.ts"],"sourcesContent":["import {\n ProofStatus,\n ProofTypes,\n SignatureProof,\n} from \"@notabene/javascript-sdk\";\n\nimport { encode as encodeLength } from \"varuint-bitcoin\";\nimport { base64, bech32, createBase58check } from \"@scure/base\";\nimport { Hash } from \"ox\";\nimport { secp256k1 } from \"@noble/curves/secp256k1\";\nimport { SignatureType } from \"@noble/curves/abstract/weierstrass\";\nimport { Verifier } from \"bip322-js\";\n\nenum SEGWIT_TYPES {\n P2WPKH = \"p2wpkh\",\n P2SH_P2WPKH = \"p2sh(p2wpkh)\",\n}\n\nconst messagePrefix = \"\\u0018Bitcoin Signed Message:\\n\";\n\nenum DerivationMode {\n LEGACY = \"Legacy\",\n NATIVE = \"Native SegWit\",\n SEGWIT = \"SegWit\",\n P2SH_SEGWIT = \"p2sh\",\n BCH = \"Bitcoin Cash\",\n ETHEREUM = \"Ethereum\",\n DOGECOIN = \"Dogecoin\",\n UNKNOWN = \"Unknown\",\n}\n\nexport async function verifyBTCSignature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"bip122\") return { ...proof, status: ProofStatus.FAILED };\n try {\n switch (proof.type) {\n case ProofTypes.BIP137:\n return verifyBIP137(address, proof);\n case ProofTypes.BIP322:\n return verifyBIP322(address, proof);\n default:\n return {\n ...proof,\n status: ProofStatus.FAILED,\n };\n }\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n // console.error(\"error verifying proof\", error);\n return {\n ...proof,\n status: ProofStatus.FAILED,\n // error: error.message || error,\n };\n }\n}\n\nfunction verifyBIP322(address: string, proof: SignatureProof) {\n const { attestation, proof: signatureProof } = proof;\n const verified = Verifier.verifySignature(\n address,\n attestation,\n signatureProof\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction verifyBIP137(address: string, proof: SignatureProof) {\n // const messageToBeSigned = message.replace(/\\s+/g, \" \").trim();\n const segwit = [DerivationMode.SEGWIT, DerivationMode.NATIVE].includes(\n getDerivationMode(address)\n );\n const verified = verify(proof.attestation, address, proof.proof, segwit);\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nfunction getDerivationMode(address: string) {\n if (address.match(\"^(bc1|tb1|ltc1).*\")) {\n return DerivationMode.NATIVE;\n } else if (address.match(\"^[32M].*\")) {\n return DerivationMode.SEGWIT;\n } else if (address.match(\"^[1nmL].*\")) {\n return DerivationMode.LEGACY;\n } else if (address.match(\"^(D).*\")) {\n return DerivationMode.DOGECOIN;\n } else {\n throw new Error(\n \"INVALID ADDRESS: \"\n .concat(address)\n .concat(\" is not a valid or a supported address\")\n );\n }\n}\n\ntype DecodedSignature = {\n compressed: boolean;\n segwitType?: SEGWIT_TYPES;\n signature: SignatureType;\n};\n\nfunction decodeSignature(proof: string): DecodedSignature {\n const sigbytes = base64.decode(proof);\n if (sigbytes.length !== 65) throw new Error(\"Invalid signature length\");\n const flagByte = sigbytes[0] - 27;\n if (flagByte > 15 || flagByte < 0) {\n throw new Error(\"Invalid signature parameter\");\n }\n const compressed = !!(flagByte & 12); // Are there cases that aren't compressed?\n const recovery = flagByte & 3;\n const signature = secp256k1.Signature.fromCompact(sigbytes.slice(1));\n\n return {\n compressed,\n segwitType: !(flagByte & 8)\n ? undefined\n : !(flagByte & 4)\n ? SEGWIT_TYPES.P2SH_P2WPKH\n : SEGWIT_TYPES.P2WPKH,\n signature: signature.addRecoveryBit(recovery),\n };\n}\n\nfunction verify(\n attestation: string,\n address: string,\n proof: string,\n checkSegwitAlways: boolean\n) {\n const { compressed, segwitType, signature } = decodeSignature(proof);\n if (checkSegwitAlways && !compressed) {\n throw new Error(\n \"checkSegwitAlways can only be used with a compressed pubkey signature flagbyte\"\n );\n }\n const hash = magicHash(attestation);\n const publicKey = signature.recoverPublicKey(hash);\n const publicKeyBytes = publicKey.toRawBytes(compressed);\n const publicKeyHash = hash160(publicKeyBytes);\n let actual: string = \"\";\n\n if (segwitType) {\n if (segwitType === SEGWIT_TYPES.P2SH_P2WPKH) {\n actual = encodeBech32Address(publicKeyHash);\n } else {\n // parsed.segwitType === SEGWIT_TYPES.P2WPKH\n // must be true since we only return null, P2SH_P2WPKH, or P2WPKH\n // from the decodeSignature function.\n actual = encodeBech32Address(publicKeyHash);\n }\n } else {\n if (checkSegwitAlways) {\n try {\n actual = encodeBech32Address(publicKeyHash);\n // if address is bech32 it is not p2sh\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (e) {\n actual = encodeBech32Address(publicKeyHash);\n // base58 can be p2pkh or p2sh-p2wpkh\n }\n } else {\n actual = encodeBase58AddressFormat(0, publicKeyHash);\n }\n }\n\n return actual === address;\n}\n\nconst base58check = createBase58check(Hash.sha256);\n\nfunction encodeBase58AddressFormat(version: number, publicKeyHash: Uint8Array) {\n const payload = new Uint8Array([version, ...publicKeyHash]);\n return base58check.encode(payload);\n}\n\nfunction magicHash(attestation: string) {\n const prefix = new TextEncoder().encode(messagePrefix);\n const message = new TextEncoder().encode(attestation);\n const length = encodeLength(message.length).buffer;\n const buffer = new Uint8Array(\n prefix.length + length.byteLength + message.length\n );\n buffer.set(prefix);\n buffer.set(new Uint8Array(length), prefix.length);\n buffer.set(message, prefix.length + length.byteLength);\n return hash256(buffer);\n}\n\nfunction encodeBech32Address(publicKeyHash: Uint8Array): string {\n const bwords = bech32.toWords(publicKeyHash);\n bwords.unshift(0);\n return bech32.encode(\"bc\", bwords);\n}\n\nfunction hash256(buffer: Uint8Array): Uint8Array {\n return Hash.sha256(Hash.sha256(buffer));\n}\n\nfunction hash160(buffer: Uint8Array): Uint8Array {\n return Hash.ripemd160(Hash.sha256(buffer));\n}\n","import {\n type OwnershipProof,\n SignatureProof,\n DeclarationProof,\n ScreenshotProof,\n ProofTypes,\n ProofStatus,\n} from \"@notabene/javascript-sdk\";\nimport { verifyBTCSignature } from \"./bitcoin\";\nimport { verifyPersonalSignEIP191 } from \"./eth\";\nimport { verifySolanaSignature } from \"./solana\";\nimport { verifyPersonalSignTIP191 } from \"./tron\";\nimport { verifyCIP8Signature } from \"./cardano\";\n\nexport async function verifyProof(\n proof: OwnershipProof\n): Promise<OwnershipProof> {\n switch (proof.type) {\n case ProofTypes.SelfDeclaration:\n return {\n ...proof,\n status: (proof as DeclarationProof).confirmed\n ? ProofStatus.VERIFIED\n : ProofStatus.FAILED,\n };\n case ProofTypes.Screenshot:\n return {\n ...proof,\n status: (proof as ScreenshotProof).url\n ? ProofStatus.FLAGGED\n : ProofStatus.FAILED,\n };\n case ProofTypes.CIP8:\n return verifyCIP8Signature(proof as SignatureProof);\n case ProofTypes.EIP191:\n return verifyPersonalSignEIP191(proof as SignatureProof);\n case ProofTypes.ED25519:\n return verifySolanaSignature(proof as SignatureProof);\n case ProofTypes.EIP712:\n case ProofTypes.BIP137:\n case ProofTypes.BIP322:\n return verifyBTCSignature(proof as SignatureProof);\n case ProofTypes.TIP191:\n return verifyPersonalSignTIP191(proof as SignatureProof);\n case ProofTypes.BIP137_XPUB:\n case ProofTypes.MicroTransfer:\n }\n return proof;\n}\n","import verifyDataSignature from \"@cardano-foundation/cardano-verify-datasignature\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\n\nexport async function verifyCIP8Signature(\n proof: SignatureProof\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n const key = proof.chainSpecificData?.cardanoCoseKey;\n \n if (ns !== \"cardano\" || !key) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n \n try {\n const verified = verifyDataSignature(proof.proof, key, proof.attestation, address);\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED\n };\n } catch {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, PersonalMessage, Signature, Address } from \"ox\";\n\nexport function verifyEIP191(\n address: Hex.Hex,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = PersonalMessage.getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const recovered = Address.checksum(Address.fromPublicKey(publicKey));\n return recovered.toString() === Address.checksum(address);\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignEIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"eip155\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyEIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n","import nacl from \"tweetnacl\";\nimport { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { base64, base58 } from \"@scure/base\";\n\nexport async function verifySolanaSignature(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"solana\") return { ...proof, status: ProofStatus.FAILED };\n try {\n const publicKey = base58.decode(address);\n const messageBytes = new TextEncoder().encode(proof.attestation);\n const signatureBytes = base64.decode(proof.proof);\n const verified = nacl.sign.detached.verify(\n messageBytes,\n signatureBytes,\n publicKey,\n );\n\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return { ...proof, status: ProofStatus.FAILED };\n }\n}\n","import { ProofStatus, SignatureProof } from \"@notabene/javascript-sdk\";\nimport { Secp256k1, Hex, Signature, Hash, Bytes, PublicKey } from \"ox\";\nimport { base58 } from \"@scure/base\";\n\nexport function verifyTIP191(\n address: string,\n message: string,\n proof: Hex.Hex,\n): boolean {\n try {\n const payload = getSignPayload(Hex.fromString(message));\n const signature = Signature.fromHex(proof);\n const publicKey = Secp256k1.recoverPublicKey({ payload, signature });\n const hex: Hex.Hex = `0x41${Hash.keccak256(\n `0x${PublicKey.toHex(publicKey).slice(4)}`,\n ).substring(26)}`;\n const bytes = Bytes.from(hex);\n const checksum = Bytes.from(Hash.sha256(Hash.sha256(hex))).slice(0, 4);\n const checked = Bytes.concat(bytes, checksum);\n const b58 = base58.encode(checked);\n return b58 === address;\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n } catch (error) {\n return false;\n }\n}\n\nexport async function verifyPersonalSignTIP191(\n proof: SignatureProof,\n): Promise<SignatureProof> {\n const [ns, , address] = proof.address.split(/:/);\n if (ns !== \"tron\") return { ...proof, status: ProofStatus.FAILED };\n\n const verified = verifyTIP191(\n address as Hex.Hex,\n proof.attestation,\n proof.proof as Hex.Hex,\n );\n return {\n ...proof,\n status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED,\n };\n}\n\nexport function encode(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n const message = Hex.from(data);\n return Hex.concat(\n // Personal Sign Format: `0x19 ‖ \"Ethereum Signed Message:\\n\" ‖ message.length ‖ message`\n \"0x19\",\n Hex.fromString(\"TRON Signed Message:\\n\" + Hex.size(message)),\n message,\n );\n}\nexport function getSignPayload(data: Hex.Hex | Bytes.Bytes): Hex.Hex {\n return Hash.keccak256(encode(data));\n}\n"],"names":["SEGWIT_TYPES","DerivationMode","base58check","createBase58check","Hash","sha256","encodeBech32Address","publicKeyHash","bwords","bech32","toWords","unshift","encode","proof","type","ProofTypes","SelfDeclaration","Promise","resolve","_extends","status","confirmed","ProofStatus","VERIFIED","FAILED","Screenshot","url","FLAGGED","CIP8","_proof$chainSpecificD","_proof$address$split","address","split","key","chainSpecificData","cardanoCoseKey","verified","verifyDataSignature","attestation","_unused","e","reject","verifyCIP8Signature","EIP191","message","payload","PersonalMessage","getSignPayload","Hex","fromString","signature","Signature","fromHex","publicKey","Secp256k1","recoverPublicKey","Address","checksum","fromPublicKey","toString","error","verifyEIP191","verifyPersonalSignEIP191","ED25519","base58","decode","messageBytes","TextEncoder","signatureBytes","base64","nacl","sign","detached","verify","verifySolanaSignature","EIP712","BIP137","BIP322","segwit","SEGWIT","NATIVE","includes","match","LEGACY","DOGECOIN","Error","concat","getDerivationMode","checkSegwitAlways","_decodeSignature","sigbytes","length","flagByte","compressed","recovery","secp256k1","fromCompact","slice","segwitType","P2WPKH","P2SH_P2WPKH","undefined","addRecoveryBit","decodeSignature","buffer","hash","prefix","encodeLength","Uint8Array","byteLength","set","hash256","magicHash","toRawBytes","ripemd160","actual","version","encodeBase58AddressFormat","verifyBIP137","Verifier","verifySignature","verifyBIP322","verifyBTCSignature","TIP191","data","keccak256","from","size","hex","PublicKey","toHex","substring","bytes","Bytes","checked","verifyTIP191","verifyPersonalSignTIP191"],"mappings":"yzBAaKA,EAOAC,mQAPL,SAAKD,GACHA,EAAA,OAAA,SACAA,EAAA,YAAA,cACD,CAHD,CAAKA,IAAAA,EAGJ,CAAA,IAID,SAAKC,GACHA,EAAA,OAAA,SACAA,EAAA,OAAA,gBACAA,EAAA,OAAA,SACAA,EAAA,YAAA,OACAA,EAAA,IAAA,eACAA,EAAA,SAAA,WACAA,EAAA,SAAA,WACAA,EAAA,QAAA,SACD,CATD,CAAKA,IAAAA,EASJ,CAAA,IAmJD,IAAMC,EAAcC,EAAAA,kBAAkBC,EAAAA,KAAKC,QAoB3C,SAASC,EAAoBC,GAC3B,IAAMC,EAASC,EAAMA,OAACC,QAAQH,GAE9B,OADAC,EAAOG,QAAQ,GACRF,EAAAA,OAAOG,OAAO,KAAMJ,EAC7B,eC1LsB,SACpBK,GAAqB,IAErB,OAAQA,EAAMC,MACZ,KAAKC,aAAWC,gBACd,OAAAC,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAASP,EAA2BQ,UAChCC,EAAAA,YAAYC,SACZD,cAAYE,UAEpB,KAAKT,EAAUA,WAACU,WACd,OAAAR,QAAAC,QAAAC,EAAA,CAAA,EACKN,EAAK,CACRO,OAASP,EAA0Ba,IAC/BJ,EAAAA,YAAYK,QACZL,EAAWA,YAACE,UAEpB,KAAKT,EAAUA,WAACa,KACd,OAAAX,QAAAC,QC9BmC,SACvCL,GAAqB,QAAAgB,EAErBC,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAMG,EAAMJ,OAAHA,EAAGhB,EAAMqB,wBAANL,EAAAA,EAAyBM,eAErC,GAAW,YAHFL,EAAIC,KAGYE,EACvB,OAAAhB,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAWA,YAACE,UAGzC,IACE,IAAMY,EAAWC,EAAAA,QAAoBxB,EAAMA,MAAOoB,EAAKpB,EAAMyB,YAAaP,GAC1E,OAAAd,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQgB,EAAWd,cAAYC,SAAWD,EAAWA,YAACE,SAE1D,CAAE,MAAAe,GACA,OAAAtB,QAAAC,QAAAC,EAAYN,GAAAA,GAAOO,OAAQE,EAAAA,YAAYE,SACzC,CACF,CAAC,MAAAgB,GAAAvB,OAAAA,QAAAwB,OAAAD,EAAA,CAAA,CDWYE,CAAoB7B,IAC7B,KAAKE,EAAAA,WAAW4B,OACd,OAAA1B,QAAAC,QEfwC,SAC5CL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE5D,IAAMY,WAtBNL,EACAa,EACA/B,GAEA,IACE,IAAMgC,EAAUC,EAAeA,gBAACC,eAAeC,EAAAA,IAAIC,WAAWL,IACxDM,EAAYC,EAAAA,UAAUC,QAAQvC,GAC9BwC,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAExD,OADkBM,EAAOA,QAACC,SAASD,EAAOA,QAACE,cAAcL,IACxCM,aAAeH,EAAAA,QAAQC,SAAS1B,EAEnD,CAAE,MAAO6B,GACP,OAAO,CACT,CACF,CAQmBC,CACf9B,EACAlB,EAAMyB,YACNzB,EAAMA,OAER,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQgB,EAAWd,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAE1D,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CFAYsB,CAAyBjD,IAClC,KAAKE,EAAAA,WAAWgD,QACd,OAAA9C,QAAAC,QGjCgB,SACpBL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EACpB,GAAA,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,cAAYE,UAC5D,IACE,IAAM6B,EAAYW,SAAOC,OAAOlC,GAC1BmC,GAAe,IAAIC,aAAcvD,OAAOC,EAAMyB,aAC9C8B,EAAiBC,EAAMA,OAACJ,OAAOpD,EAAMA,OACrCuB,EAAWkC,EAAI,QAACC,KAAKC,SAASC,OAClCP,EACAE,EACAf,GAGF,OAAApC,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,GACHO,OAAQgB,EAAWd,EAAAA,YAAYC,SAAWD,EAAWA,YAACE,SAG1D,CAAE,MAAOoC,GACP,OAAA3C,QAAAC,QAAAC,EAAYN,CAAAA,EAAAA,GAAOO,OAAQE,EAAAA,YAAYE,SACzC,CACF,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CHUYkC,CAAsB7D,IAC/B,KAAKE,EAAAA,WAAW4D,OAChB,KAAK5D,EAAAA,WAAW6D,OAChB,KAAK7D,EAAAA,WAAW8D,OACd,OAAA5D,QAAAC,QDVgB,SACpBL,GAAqB,IAErB,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,WADFA,EAAA,GACY,OAAAb,QAAAC,QAAAC,EAAA,CAAA,EAAYN,EAAK,CAAEO,OAAQE,EAAAA,YAAYE,UAC5D,IACE,OAAQX,EAAMC,MACZ,KAAKC,EAAAA,WAAW6D,OACd,OAAA3D,QAAAC,QAiCR,SAAsBa,EAAiBlB,GAErC,IAAMiE,EAAS,CAAC7E,EAAe8E,OAAQ9E,EAAe+E,QAAQC,SAWhE,SAA2BlD,GACzB,GAAIA,EAAQmD,MAAM,qBAChB,OAAOjF,EAAe+E,OACjB,GAAIjD,EAAQmD,MAAM,YACvB,OAAOjF,EAAe8E,OACjB,GAAIhD,EAAQmD,MAAM,aACvB,OAAOjF,EAAekF,OACbpD,GAAAA,EAAQmD,MAAM,UACvB,OAAOjF,EAAemF,SAEtB,MAAU,IAAAC,MACR,oBACGC,OAAOvD,GACPuD,OAAO,0CAGhB,CA1BIC,CAAkBxD,IAEdK,EAsDR,SACEE,EACAP,EACAlB,EACA2E,GAEA,IAAAC,EA5BF,SAAyB5E,GACvB,IAAM6E,EAAWrB,EAAAA,OAAOJ,OAAOpD,GAC/B,GAAwB,KAApB6E,EAASC,OAAe,MAAM,IAAIN,MAAM,4BAC5C,IAAMO,EAAWF,EAAS,GAAK,GAC/B,GAAIE,EAAW,IAAMA,EAAW,EAC9B,MAAM,IAAIP,MAAM,+BAElB,IAAMQ,KAA2B,GAAXD,GAChBE,EAAsB,EAAXF,EACX1C,EAAY6C,EAASA,UAAC5C,UAAU6C,YAAYN,EAASO,MAAM,IAEjE,MAAO,CACLJ,WAAAA,EACAK,WAAyB,EAAXN,EAEG,EAAXA,EAEF5F,EAAamG,OADbnG,EAAaoG,iBAFbC,EAIJnD,UAAWA,EAAUoD,eAAeR,GAExC,CAQgDS,CAAgB1F,GAAtDgF,EAAUJ,EAAVI,WAAYK,EAAUT,EAAVS,WAAYhD,EAASuC,EAATvC,UAChC,GAAIsC,IAAsBK,EACxB,MAAU,IAAAR,MACR,kFAGJ,IA+DemB,EA/DTC,EAwCR,SAAmBnE,GACjB,IAAMoE,GAAS,IAAIvC,aAAcvD,OAtKb,8BAuKdgC,GAAU,IAAIuB,aAAcvD,OAAO0B,GACnCqD,EAASgB,EAAY/F,OAACgC,EAAQ+C,QAAQa,OACtCA,EAAS,IAAII,WACjBF,EAAOf,OAASA,EAAOkB,WAAajE,EAAQ+C,QAK9C,OAHAa,EAAOM,IAAIJ,GACXF,EAAOM,IAAI,IAAIF,WAAWjB,GAASe,EAAOf,QAC1Ca,EAAOM,IAAIlE,EAAS8D,EAAOf,OAASA,EAAOkB,YAU7C,SAAiBL,GACf,OAAOpG,EAAAA,KAAKC,OAAOD,EAAAA,KAAKC,OAAOmG,GACjC,CAXSO,CAAQP,EACjB,CAnDeQ,CAAU1E,GAGjB/B,GA4DSiG,EA9DGtD,EAAUK,iBAAiBkD,GACZQ,WAAWpB,GA8DrCzF,EAAIA,KAAC8G,UAAU9G,EAAIA,KAACC,OAAOmG,KA5D9BW,EAAiB,GAErB,GAAIjB,EAEAiB,EAAS7G,EAAoBC,QAQ/B,GAAIiF,EACF,IACE2B,EAAS7G,EAAoBC,EAG/B,CAAE,MAAOiC,GACP2E,EAAS7G,EAAoBC,EAE/B,MAEA4G,EASN,SAAmCC,EAAiB7G,GAClD,IAAMsC,EAAU,IAAI+D,WAAU,CAVS,GAUAtB,OAAK/E,IAC5C,OAAOL,EAAYU,OAAOiC,EAC5B,CAZewE,CAA0B,EAAG9G,GAI1C,OAAO4G,IAAWpF,CACpB,CAjGmB0C,CAAO5D,EAAMyB,YAAaP,EAASlB,EAAMA,MAAOiE,GAEjE,OAAA3D,EAAA,CAAA,EACKN,EAAK,CACRO,OAAQgB,EAAWd,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA5Ce8F,CAAavF,EAASlB,IAC/B,KAAKE,EAAAA,WAAW8D,OACd,OAAA5D,QAAAC,QAkBR,SAAsBa,EAAiBlB,GAOrC,OAAAM,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAPemG,EAAQA,SAACC,gBACxBzF,EAF6ClB,EAAvCyB,YAAuCzB,EAA1BA,OAQAS,EAAWA,YAACC,SAAWD,EAAWA,YAACE,QAE1D,CA7BeiG,CAAa1F,EAASlB,IAC/B,QACE,OAAAI,QAAAC,QAAAC,EACKN,CAAAA,EAAAA,EACHO,CAAAA,OAAQE,EAAAA,YAAYE,UAI5B,CAAE,MAAOoC,GAEP,OAAA3C,QAAAC,QAAAC,EAAA,CAAA,EACKN,EACHO,CAAAA,OAAQE,EAAWA,YAACE,SAGxB,CACF,CAAC,MAAAgB,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA,CChBYkF,CAAmB7G,IAC5B,KAAKE,EAAAA,WAAW4G,OACd,OAAA1G,QAAAC,iBIfJL,OAEA,IAAAiB,EAAwBjB,EAAMkB,QAAQC,MAAM,KAA/BD,EAAOD,EAAA,GACpB,GAAW,SADFA,KACU,OAAAb,QAAAC,QAAAC,KAAYN,EAAK,CAAEO,OAAQE,EAAWA,YAACE,UAE1D,IAAMY,EA7BQ,SACdL,EACAa,EACA/B,GAEA,IACE,IAAMgC,GA2CqB+E,EA3CI5E,EAAAA,IAAIC,WAAWL,GA4CzCxC,EAAAA,KAAKyH,UAVE,SAAOD,GACrB,IAAMhF,EAAUI,MAAI8E,KAAKF,GACzB,OAAO5E,MAAIsC,OAET,OACAtC,EAAGA,IAACC,WAAW,yBAA2BD,EAAAA,IAAI+E,KAAKnF,IACnDA,EAEJ,CAEwBhC,CAAOgH,KA3CrB1E,EAAYC,EAAAA,UAAUC,QAAQvC,GAC9BwC,EAAYC,EAAAA,UAAUC,iBAAiB,CAAEV,QAAAA,EAASK,UAAAA,IAClD8E,EAAG,OAAmB5H,EAAIA,KAACyH,eAC1BI,EAAAA,UAAUC,MAAM7E,GAAW4C,MAAM,IACtCkC,UAAU,IACNC,EAAQC,EAAAA,MAAMP,KAAKE,GACnBvE,EAAW4E,EAAAA,MAAMP,KAAK1H,EAAIA,KAACC,OAAOD,EAAAA,KAAKC,OAAO2H,KAAO/B,MAAM,EAAG,GAC9DqC,EAAUD,QAAM/C,OAAO8C,EAAO3E,GAEpC,OADYO,EAAAA,OAAOpD,OAAO0H,KACXvG,CAEjB,CAAE,MAAO6B,GACP,OAAO,CACT,CA6Bc,IAAegE,CA5B/B,CAQmBW,CACfxG,EACAlB,EAAMyB,YACNzB,EAAMA,OAER,OAAAI,QAAAC,QAAAC,KACKN,EAAK,CACRO,OAAQgB,EAAWd,EAAWA,YAACC,SAAWD,cAAYE,SAE1D,CAAC,MAAAgB,GAAAvB,OAAAA,QAAAwB,OAAAD,EAAA,CAAA,CJCYgG,CAAyB3H,IAIpC,OAAAI,QAAAC,QAAOL,EACT,CAAC,MAAA2B,GAAA,OAAAvB,QAAAwB,OAAAD,EAAA,CAAA"}
package/dist/tests/cardano.test.d.ts ADDED
@@ -0,0 +1 @@
1
+ export {};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@notabene/verify-proof",
3
- "version": "1.0.7",
3
+ "version": "1.1.2-next.1",
4
4
  "description": "Verify ownership proofs",
5
5
  "source": "src/index.ts",
6
6
  "type": "module",
@@ -9,6 +9,7 @@
9
9
  "main": "dist/index.cjs",
10
10
  "author": "Pelle Braendgaard",
11
11
  "license": "Apache-2.0",
12
+ "packageManager": "yarn@4.6.0",
12
13
  "files": [
13
14
  "dist",
14
15
  "src",
@@ -22,11 +23,18 @@
22
23
  "lint": "eslint ./src",
23
24
  "test": "vitest"
24
25
  },
26
+ "publishConfig": {
27
+ "access": "public"
28
+ },
25
29
  "devDependencies": {
26
30
  "@eslint/js": "^9.20.0",
31
+ "@semantic-release/git": "^10.0.1",
32
+ "@semantic-release/gitlab": "^13.2.4",
33
+ "@semantic-release/npm": "^12.0.1",
27
34
  "eslint": "^9.20.1",
28
35
  "globals": "^15.15.0",
29
36
  "microbundle": "^0.15.1",
37
+ "semantic-release": "^24.2.3",
30
38
  "tronweb": "^6.0.0",
31
39
  "typescript": "^5.5.4",
32
40
  "typescript-eslint": "^8.24.1",
@@ -34,12 +42,13 @@
34
42
  "vitest": "^2.0.5"
35
43
  },
36
44
  "dependencies": {
45
+ "@cardano-foundation/cardano-verify-datasignature": "^1.0.11",
37
46
  "@noble/curves": "^1.7.0",
38
- "@notabene/javascript-sdk": "^2.3.0",
47
+ "@notabene/javascript-sdk": "^2.7.0",
39
48
  "@scure/base": "^1.2.1",
40
49
  "bip322-js": "^2.0.0",
41
50
  "ox": "^0.2.2",
42
51
  "tweetnacl": "^1.0.3",
43
52
  "varuint-bitcoin": "^2.0.0"
44
53
  }
45
- }
54
+ }
package/src/cardano.ts ADDED
@@ -0,0 +1,23 @@
1
+ import verifyDataSignature from "@cardano-foundation/cardano-verify-datasignature";
2
+ import { ProofStatus, SignatureProof } from "@notabene/javascript-sdk";
3
+
4
+ export async function verifyCIP8Signature(
5
+ proof: SignatureProof
6
+ ): Promise<SignatureProof> {
7
+ const [ns, , address] = proof.address.split(/:/);
8
+ const key = proof.chainSpecificData?.cardanoCoseKey;
9
+
10
+ if (ns !== "cardano" || !key) {
11
+ return { ...proof, status: ProofStatus.FAILED };
12
+ }
13
+
14
+ try {
15
+ const verified = verifyDataSignature(proof.proof, key, proof.attestation, address);
16
+ return {
17
+ ...proof,
18
+ status: verified ? ProofStatus.VERIFIED : ProofStatus.FAILED
19
+ };
20
+ } catch {
21
+ return { ...proof, status: ProofStatus.FAILED };
22
+ }
23
+ }
package/src/index.ts CHANGED
@@ -10,6 +10,7 @@ import { verifyBTCSignature } from "./bitcoin";
10
10
  import { verifyPersonalSignEIP191 } from "./eth";
11
11
  import { verifySolanaSignature } from "./solana";
12
12
  import { verifyPersonalSignTIP191 } from "./tron";
13
+ import { verifyCIP8Signature } from "./cardano";
13
14
 
14
15
  export async function verifyProof(
15
16
  proof: OwnershipProof
@@ -29,6 +30,8 @@ export async function verifyProof(
29
30
  ? ProofStatus.FLAGGED
30
31
  : ProofStatus.FAILED,
31
32
  };
33
+ case ProofTypes.CIP8:
34
+ return verifyCIP8Signature(proof as SignatureProof);
32
35
  case ProofTypes.EIP191:
33
36
  return verifyPersonalSignEIP191(proof as SignatureProof);
34
37
  case ProofTypes.ED25519:
package/src/tests/cardano.test.ts ADDED
@@ -0,0 +1,52 @@
1
+
2
+ import { ProofStatus, ProofTypes, SignatureProof } from "@notabene/javascript-sdk";
3
+ import { describe, expect, it } from "vitest";
4
+ import { verifyCIP8Signature } from "../cardano";
5
+
6
+ const YOROI_PROOF: SignatureProof = {
7
+ type: ProofTypes.CIP8,
8
+ status: ProofStatus.PENDING,
9
+ address: `cardano:mainnet:addr1qy58rqrwahalep9l9t83aevvmu0h8hksqj3u6n2fvrkse4d8v387at20m9fgf0rstupcp6fa3af53h86gu838df0nmgs7lekj2`,
10
+ did: `did:key:z6MkuyaPKeAa6iZwKGFo2ZYMSGHhAnahwW1Ss2Zc6SfxBYhx`,
11
+ attestation: "test",
12
+ proof: "845846a2012767616464726573735839012871806eedfbfc84bf2acf1ee58cdf1f73ded004a3cd4d4960ed0cd5a7644feead4fd95284bc705f0380e93d8f5348dcfa470f13b52f9ed1a166686173686564f444746573745840dd85eb4498a4a4228185c556a56509024e3f2f144bef1e54aa2910a850934dac47fb419bf967575f9e8dd269f3566e2d34ef57e07113011b84b5c0af25b8450b",
13
+ wallet_provider: "Yoroi",
14
+ chainSpecificData: {
15
+ cardanoCoseKey: "a4010103272006215820e91872688a7eb182e3b505a45e2123b8e0ce527e736937a74c2f59b035389210",
16
+ },
17
+ };
18
+
19
+ describe("verifyCIP8Signature", () => {
20
+ it("verifies valid CIP8 signature", async () => {
21
+ const result = await verifyCIP8Signature(YOROI_PROOF);
22
+ expect(result.status).toBe(ProofStatus.VERIFIED);
23
+ });
24
+
25
+ it("fails for invalid CBOR proof", async () => {
26
+ const invalidProof = {
27
+ ...YOROI_PROOF,
28
+ proof: "invalid_cbor_data"
29
+ };
30
+
31
+ const result = await verifyCIP8Signature(invalidProof);
32
+ expect(result.status).toBe(ProofStatus.FAILED);
33
+ });
34
+
35
+ it("fails if cardanoCoseKey is not provided", async () => {
36
+ const invalidProof = {
37
+ ...YOROI_PROOF,
38
+ chainSpecificData: undefined
39
+ };
40
+ const result = await verifyCIP8Signature(invalidProof);
41
+ expect(result.status).toBe(ProofStatus.FAILED);
42
+ });
43
+
44
+ it("fails for non-Cardano address", async () => {
45
+ const invalidProof = {
46
+ ...YOROI_PROOF,
47
+ address: "eth:1:0x1234567890123456789012345678901234567890" as `eth:${string}:${string}`
48
+ };
49
+ const result = await verifyCIP8Signature(invalidProof);
50
+ expect(result.status).toBe(ProofStatus.FAILED);
51
+ });
52
+ });