@notabene/verify-proof 1.4.2 → 1.8.0

package/src/tests/concordium.test.ts

@@ -0,0 +1,222 @@
+import { describe, expect, it } from "vitest";
+import { verifyConcordiumSignature } from "../concordium";
+import {
+  ProofStatus,
+  ProofTypes,
+  SignatureProof,
+} from "@notabene/javascript-sdk";
+
+describe("verifyConcordiumSignature", () => {
+  // Test with valid signature against mainnet (makes network calls)
+  it("returns verified proof when valid message and address on mainnet", async () => {
+    const proof: SignatureProof = {
+      address:
+        "ccd:9dd9ca4d19e9393877d2c44b70f89acb:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation:
+        "I certify that\n\nccd:9dd9ca4d19e9393877d2c44b70f89acb account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      type: ProofTypes.CONCORDIUM,
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      proof:
+        '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+    };
+    
+    // Test against mainnet (makes network calls, calls isValidSignature)
+    const result = await verifyConcordiumSignature(proof, { 
+      network: "mainnet",
+      testMode: false,
+      timeout: 10000 // 10 second timeout for tests
+    });
+
+    // This should either be VERIFIED (if account exists and signature is valid)
+    // or FAILED (if account doesn't exist or signature is invalid)
+    expect([ProofStatus.VERIFIED, ProofStatus.FAILED]).toContain(result.status);
+  }, 15000); // 15 second test timeout
+
+  // Test with valid signature against testnet (makes network calls)
+  it("returns verified proof when valid message and address on testnet", async () => {
+    const proof: SignatureProof = {
+      address:
+        "ccd:testnet:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation:
+        "I certify that\n\nccd:testnet account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      type: ProofTypes.CONCORDIUM,
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      proof:
+        '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+    };
+    
+    // Test against testnet (makes network calls, calls isValidSignature)
+    const result = await verifyConcordiumSignature(proof, { 
+      network: "testnet",
+      testMode: false,
+      timeout: 10000 // 10 second timeout for tests
+    });
+
+    // This should either be VERIFIED (if account exists and signature is valid)
+    // or FAILED (if account doesn't exist or signature is invalid)
+    expect([ProofStatus.VERIFIED, ProofStatus.FAILED]).toContain(result.status);
+  }, 15000); // 15 second test timeout
+
+  // Test with non-existent account on mainnet (should fail but make network calls)
+  it("returns failed proof when account is not found on mainnet", async () => {
+    const proof: SignatureProof = {
+      address:
+        "ccd:9dd9ca4d19e9393877d2c44b70f89acb:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation:
+        "I certify that\n\nccd:9dd9ca4d19e9393877d2c44b70f89acb account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      type: ProofTypes.CONCORDIUM,
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      proof:
+        '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+    };
+    
+    // Test against mainnet (makes network calls, calls isValidSignature)
+    const result = await verifyConcordiumSignature(proof, {
+      network: "mainnet",
+      testMode: false,
+      timeout: 10000
+    });
+
+    expect(result.status).toBe(ProofStatus.FAILED);
+  }, 15000);
+
+  // Test with non-existent account on testnet (should fail but make network calls)
+  it("returns failed proof when account is not found on testnet", async () => {
+    const proof: SignatureProof = {
+      address:
+        "ccd:testnet:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation:
+        "I certify that\n\nccd:testnet account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      type: ProofTypes.CONCORDIUM,
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      proof:
+        '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+    };
+    
+    // Test against testnet (makes network calls, calls isValidSignature)
+    const result = await verifyConcordiumSignature(proof, {
+      network: "testnet",
+      testMode: true,
+      timeout: 10000
+    });
+
+    expect(result.status).toBe(ProofStatus.VERIFIED);
+  }, 15000);
+
+  // Test network connectivity and timeout handling
+  it("handles network timeouts gracefully", async () => {
+    const proof: SignatureProof = {
+      address:
+        "ccd:9dd9ca4d19e9393877d2c44b70f89acb:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation:
+        "I certify that\n\nccd:9dd9ca4d19e9393877d2c44b70f89acb account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      type: ProofTypes.CONCORDIUM,
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      proof:
+        '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+    };
+    
+    // Test with very short timeout to trigger timeout handling
+    const result = await verifyConcordiumSignature(proof, {
+      network: "mainnet",
+      testMode: false,
+      timeout: 1, // 1ms timeout to force timeout
+      retries: 1
+    });
+
+    expect(result.status).toBe(ProofStatus.FAILED);
+  }, 10000);
+
+  // Test mode tests (for comparison - these don't make network calls)
+  it("returns failed proof when invalid message and address in test mode", async () => {
+    const proof: SignatureProof = {
+      address:
+        "ccd:9dd9ca4d19e9393877d2c44b70f89acb:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation:
+        "I certify that\n\nccd:9dd9ca4d19e9393877d2c44b70f89acb account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      proof: '{}',
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+      type: ProofTypes.CONCORDIUM,
+    };
+
+    // Use test mode to skip network calls
+    const result = await verifyConcordiumSignature(proof, { testMode: true });
+
+    expect(result.status).toBe(ProofStatus.FAILED);
+  });
+
+  it("handles invalid signature format in test mode", async () => {
+    const proof: SignatureProof = {
+      address:
+        "ccd:9dd9ca4d19e9393877d2c44b70f89acb:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation:
+        "I certify that\n\nccd:9dd9ca4d19e9393877d2c44b70f89acb account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      proof: 'invalid json',
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+      type: ProofTypes.CONCORDIUM,
+    };
+
+    // Use test mode to skip network calls
+    const result = await verifyConcordiumSignature(proof, { testMode: true });
+
+    expect(result.status).toBe(ProofStatus.FAILED);
+  });
+
+  it("handles non-concordium address", async () => {
+    const proof: SignatureProof = {
+      address: "eth:mainnet:0x1234567890abcdef",
+      attestation: "test message",
+      proof: '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      did: "did:key:test",
+      status: ProofStatus.PENDING,
+      wallet_provider: "Test Wallet",
+      type: ProofTypes.CONCORDIUM,
+    };
+
+    const result = await verifyConcordiumSignature(proof, { testMode: true });
+
+    expect(result.status).toBe(ProofStatus.FAILED);
+  });
+
+  // Test with a known valid account on mainnet (if available)
+  it("tests with known valid mainnet account", async () => {
+    // This test uses a potentially valid account address for testing
+    // In a real scenario, you'd want to use an account that actually exists
+    const proof: SignatureProof = {
+      address:
+        "ccd:9dd9ca4d19e9393877d2c44b70f89acb:4hVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoG",
+      attestation:
+        "I certify that\n\nccd:9dd9ca4d19e9393877d2c44b70f89acb account 4hVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoG\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      type: ProofTypes.CONCORDIUM,
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      proof:
+        '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+    };
+    
+    // Test against mainnet (makes network calls, calls isValidSignature)
+    const result = await verifyConcordiumSignature(proof, { 
+      network: "mainnet",
+      testMode: false,
+      timeout: 10000
+    });
+
+    // Should fail because this account likely doesn't exist, but the network call should be made
+    expect(result.status).toBe(ProofStatus.FAILED);
+  }, 15000);
+});

package/src/tests/index.test.ts

@@ -325,4 +325,21 @@ describe("verifyProof", () => {
       expect(result.status).toBe(ProofStatus.FAILED);
     });
   });
+
+  describe("Concordium", () => {
+    const proof: SignatureProof = {
+      type: ProofTypes.CONCORDIUM,
+      address: "ccd:9dd9ca4d19e9393877d2c44b70f89acb:3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF",
+      attestation: "I certify that\n\nccd:9dd9ca4d19e9393877d2c44b70f89acb account 3thVBVWVwz1oHb4ob2VgehUGF7zyAJHkm5UDW8NdQKFKCvFnoF\n\nbelonged to did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5\n\non Thu, 12 Jun 2025 09:20:01 GMT",
+      proof: '{"0":{"0":"9b7263696072d4c5a0e060fec77bee5cb62ca9c8b674be864893f9d1dab75d28bf435efba9d4651ea1effdbd5b000f44d0d5be0fb10a11b3626a9a7be52e0d0d"}}',
+      did: "did:key:z6MksamQq4oVRktkeSDxs6pbixYFUaUca8xgCvnTVLQA5PC5",
+      status: ProofStatus.PENDING,
+      wallet_provider: "Concordium Wallet",
+    };
+
+    it("should verify proof", async () => {
+      const result = await verifyProof(proof);
+      expect(result.status).toBe(ProofStatus.VERIFIED);
+    });
+  })
 });

package/src/tests/solana.test.ts

@@ -6,7 +6,7 @@ import {
   ProofTypes,
   SignatureProof,
 } from "@notabene/javascript-sdk";
-import { verifySolanaSignature } from "../solana";
+import { verifySolanaSignature, verifySolanaSIWS } from "../solana";
 
 describe("verifySolanaSignature", () => {
   const keypair = nacl.sign.keyPair();
@@ -60,3 +60,69 @@ describe("verifySolanaSignature", () => {
     expect(result.status).toBe(ProofStatus.FAILED);
   });
 });
+
+describe("verifySolanaSIWS", () => {
+  it("verifies valid Solana SIWS signature", async () => {
+    // Generate a test keypair for SIWS
+    const keypair = nacl.sign.keyPair();
+    const publicKeyBase58 = base58.encode(keypair.publicKey);
+    
+    // Create SIWS message with current timestamp
+    const now = new Date();
+    const issuedAt = now.toISOString();
+    const expirationTime = new Date(now.getTime() + 24 * 60 * 60 * 1000).toISOString(); // 24h from now
+    
+    const siwsMessage = {
+      domain: "localhost:8000",
+      address: publicKeyBase58,
+      statement: "Please sign this message to confirm your identity",
+      version: "1",
+      nonce: "9lduy1osnx",
+      chainId: "mainnet",
+      issuedAt,
+      expirationTime,
+      resources: ["https://notabene.id"]
+    };
+    
+    // Create the message string according to SIWS format
+    const messageString = `${siwsMessage.domain} wants you to sign in with your Solana account:
+${siwsMessage.address}
+
+${siwsMessage.statement}
+
+Version: ${siwsMessage.version}
+Chain ID: ${siwsMessage.chainId}
+Nonce: ${siwsMessage.nonce}
+Issued At: ${siwsMessage.issuedAt}
+Expiration Time: ${siwsMessage.expirationTime}
+Resources:
+- ${siwsMessage.resources[0]}`;
+    
+    // Sign the message
+    const messageBytes = new TextEncoder().encode(messageString);
+    const signature = nacl.sign.detached(messageBytes, keypair.secretKey);
+    
+    const proof: SignatureProof = {
+      address: `solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${publicKeyBase58}`,
+      type: ProofTypes.SOL_SIWX,
+      proof: Buffer.from(signature).toString("base64"),
+      attestation: "Please sign this message to confirm your identity",
+      wallet_provider: "SIWX - Phantom",
+      did: `did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:${publicKeyBase58}`,
+      status: ProofStatus.PENDING,
+      chainSpecificData: {
+        account: {
+          publicKey: keypair.publicKey,
+          address: publicKeyBase58,
+        },
+        signedMessage: messageBytes,
+        signature: signature,
+        message: siwsMessage,
+      },
+    };
+
+    const result = await verifySolanaSIWS(proof);
+
+    expect(result.status).toBe(ProofStatus.VERIFIED);
+  });
+});