@snapshot-labs/snapshot.js 0.11.38 → 0.12.0-beta.1

package/src/utils/provider.ts

@@ -6,9 +6,15 @@ import {
 const providers = {};
 const batchedProviders = {};
 
+export type ProviderOptions = {
+  broviderUrl?: string;
+};
+
+const DEFAULT_BROVIDER_URL = 'https://rpc.snapshot.org';
+
 export default function getProvider(
   network,
-  { broviderUrl = 'https://rpc.snapshot.org' } = {}
+  { broviderUrl = DEFAULT_BROVIDER_URL }: ProviderOptions = {}
 ) {
   const url = `${broviderUrl}/${network}`;
   if (!providers[network])
@@ -25,7 +31,7 @@ export default function getProvider(
 
 export function getBatchedProvider(
   network,
-  { broviderUrl = 'https://rpc.snapshot.org' } = {}
+  { broviderUrl = DEFAULT_BROVIDER_URL }: ProviderOptions = {}
 ) {
   const url = `${broviderUrl}/${network}`;
   if (!batchedProviders[network])

package/src/utils/web3.ts

@@ -9,7 +9,7 @@ export async function getBlockNumber(provider) {
   try {
     const blockNumber: any = await provider.getBlockNumber();
     return parseInt(blockNumber);
-  } catch (e) {
+  } catch (e: any) {
     return Promise.reject();
   }
 }

package/src/utils.spec.js

@@ -1,6 +1,6 @@
 import { describe, test, expect, vi, afterEach } from 'vitest';
 import * as crossFetch from 'cross-fetch';
-import { validate, getScores, getVp } from './utils';
+import { validate, getScores, getVp, getFormattedAddress } from './utils';
 
 vi.mock('cross-fetch', async () => {
   const actual = await vi.importActual('cross-fetch');
@@ -492,4 +492,39 @@ describe('utils', () => {
       });
     });
   });
+
+  describe('getFormattedAddress', () => {
+    test('returns a checksummed EVM address', () => {
+      const address = '0x91fd2c8d24767db4ece7069aa27832ffaf8590f3';
+      expect(getFormattedAddress(address, ['evm'])).toEqual(
+        '0x91FD2c8d24767db4Ece7069AA27832ffaf8590f3'
+      );
+    });
+
+    test('returns a padded and lowercased starknet address', () => {
+      const address =
+        '0x2a0a8f3b6097e7a6bd7649deb30715323072a159c0e6b71b689bd245c146cc0';
+      expect(getFormattedAddress(address, ['starknet'])).toEqual(
+        '0x02a0a8f3b6097e7a6bd7649deb30715323072a159c0e6b71b689bd245c146cc0'
+      );
+    });
+
+    test('returns an EVM address as starknet address', () => {
+      const address = '0x91FD2c8d24767db4Ece7069AA27832ffaf8590f3';
+      expect(getFormattedAddress(address, ['starknet'])).toEqual(
+        '0x00000000000000000000000091fd2c8d24767db4ece7069aa27832ffaf8590f3'
+      );
+    });
+
+    test('throws an error when the address is not a starknet address', () => {
+      const address = 'hello';
+      expect(() => getFormattedAddress(address, ['starknet'])).toThrow();
+    });
+
+    test('throws an error when the address is not an EVM address', () => {
+      const address =
+        '0x2a0a8f3b6097e7a6bd7649deb30715323072a159c0e6b71b689bd245c146cc0';
+      expect(() => getFormattedAddress(address, ['evm'])).toThrow();
+    });
+  });
 });

package/src/utils.ts

@@ -1,7 +1,7 @@
 import fetch from 'cross-fetch';
 import { Interface } from '@ethersproject/abi';
 import { Contract } from '@ethersproject/contracts';
-import { isAddress } from '@ethersproject/address';
+import { getAddress, isAddress } from '@ethersproject/address';
 import { parseUnits } from '@ethersproject/units';
 import { namehash, ensNormalize } from '@ethersproject/hash';
 import { jsonToGraphQLQuery } from 'json-to-graphql-query';
@@ -12,11 +12,12 @@ import Multicaller from './utils/multicaller';
 import { getSnapshots } from './utils/blockfinder';
 import getProvider from './utils/provider';
 import { signMessage, getBlockNumber } from './utils/web3';
-import { getHash, verify } from './sign/utils';
+import { getHash, verify } from './verify';
 import gateways from './gateways.json';
 import networks from './networks.json';
 import voting from './voting';
 import getDelegatesBySpace, { SNAPSHOT_SUBGRAPH_URL } from './utils/delegation';
+import { validateAndParseAddress } from 'starknet';
 
 interface Options {
   url?: string;
@@ -65,7 +66,7 @@ async function parseScoreAPIResponse(res: any) {
   let data: any = await res.text();
   try {
     data = JSON.parse(data);
-  } catch (e) {
+  } catch (e: any) {
     return Promise.reject({
       code: res.status || 500,
       message: 'Failed to parse response from score API',
@@ -90,17 +91,17 @@ ajv.addFormat('address', {
   validate: (value: string) => {
     try {
       return isAddress(value);
-    } catch (err) {
+    } catch (e: any) {
       return false;
     }
   }
 });
 
-ajv.addFormat('evmOrStarknetAddress', {
+ajv.addFormat('starknetAddress', {
   validate: (value: string) => {
     try {
-      return isAddress(value) || /^0x[0-9a-fA-F]{62,64}$/.test(value);
-    } catch (err) {
+      return isStarknetAddress(value);
+    } catch (e: any) {
       return false;
     }
   }
@@ -204,7 +205,7 @@ export async function call(provider, abi: any[], call: any[], options?) {
   try {
     const params = call[2] || [];
     return await contract[call[1]](...params, options || {});
-  } catch (e) {
+  } catch (e: any) {
     return Promise.reject(e);
   }
 }
@@ -245,7 +246,7 @@ export async function multicall(
     return results.map((call, i) =>
       itf.decodeFunctionResult(calls[i][1], call)
     );
-  } catch (e) {
+  } catch (e: any) {
     return Promise.reject(e);
   }
 }
@@ -263,7 +264,7 @@ export async function subgraphRequest(url: string, query, options: any = {}) {
   let responseData: any = await res.text();
   try {
     responseData = JSON.parse(responseData);
-  } catch (e) {
+  } catch (e: any) {
     throw new Error(
       `Errors found in subgraphRequest: URL: ${url}, Status: ${
         res.status
@@ -388,7 +389,7 @@ export async function getScores(
     return options.returnValue === 'all'
       ? response.result
       : response.result[options.returnValue || 'scores'];
-  } catch (e) {
+  } catch (e: any) {
     if (e.errno) {
       return Promise.reject({ code: e.errno, message: e.toString(), data: '' });
     }
@@ -448,7 +449,7 @@ export async function getVp(
     const res = await fetch(url, init);
     const response = await parseScoreAPIResponse(res);
     return response.result;
-  } catch (e) {
+  } catch (e: any) {
     if (e.errno) {
       return Promise.reject({ code: e.errno, message: e.toString(), data: '' });
     }
@@ -502,7 +503,7 @@ export async function validate(
     const res = await fetch(url, init);
     const response = await parseScoreAPIResponse(res);
     return response.result;
-  } catch (e) {
+  } catch (e: any) {
     if (e.errno) {
       return Promise.reject({ code: e.errno, message: e.toString(), data: '' });
     }
@@ -563,7 +564,7 @@ export async function getSpaceUri(
 ): Promise<string | null> {
   try {
     return await getEnsTextRecord(id, 'snapshot', network, options);
-  } catch (e) {
+  } catch (e: any) {
     console.log(e);
     return null;
   }
@@ -647,6 +648,32 @@ function isValidSnapshot(snapshot: number | string, network: string) {
   );
 }
 
+export function isStarknetAddress(address: string): boolean {
+  if (!address) return false;
+
+  try {
+    validateAndParseAddress(address);
+    return true;
+  } catch (e: any) {
+    return false;
+  }
+}
+
+export function isEvmAddress(address: string): boolean {
+  return isAddress(address);
+}
+
+export function getFormattedAddress(
+  address: string,
+  format: string[] = ['evm', 'starknet']
+): string {
+  if (format.includes('evm') && isAddress(address)) return getAddress(address);
+  if (format.includes('starknet') && isStarknetAddress(address))
+    return validateAndParseAddress(address);
+
+  throw new Error(`Invalid address: ${address}`);
+}
+
 function inputError(message: string) {
   return Promise.reject(new Error(message));
 }
@@ -681,5 +708,8 @@ export default {
   getHash,
   verify,
   validate,
+  isStarknetAddress,
+  isEvmAddress,
+  getFormattedAddress,
   SNAPSHOT_SUBGRAPH_URL
 };

package/src/verify/evm.spec.ts

@@ -0,0 +1,32 @@
+import { test, expect, describe } from 'vitest';
+import evmMessage from '../../test/fixtures/evm/message-alias.json';
+import verify, { getHash } from './evm';
+
+describe('verify/evm', () => {
+  describe('getHash()', () => {
+    test('should return a hash string', () => {
+      const hash = getHash(evmMessage.data);
+      expect(hash).toBe(
+        '0x82ed8be33f43c86f9b83d14736e5762c89108fbc9b8b54f6e993818fc8a53525'
+      );
+    });
+  });
+
+  describe('verify()', () => {
+    test('should return true if the signature is valid', () => {
+      expect(
+        verify(evmMessage.address, evmMessage.sig, evmMessage.data)
+      ).resolves.toBe(true);
+    });
+
+    test('should throw an error if the signature is invalid', () => {
+      expect(
+        verify(
+          '0xDD983E11Cf84746f3b7589ee1Dc2081c08c40Cb3',
+          evmMessage.sig,
+          evmMessage.data
+        )
+      ).rejects.toThrowError(/isValidSignature/);
+    });
+  });
+});

package/src/verify/evm.ts

@@ -0,0 +1,82 @@
+import { verifyTypedData } from '@ethersproject/wallet';
+import { _TypedDataEncoder } from '@ethersproject/hash';
+import { arrayify } from '@ethersproject/bytes';
+import getProvider, { type ProviderOptions } from '../utils/provider';
+import { call } from '../utils';
+import type { SignaturePayload } from '.';
+import type { StaticJsonRpcProvider } from '@ethersproject/providers';
+
+function isEqual(a: string, b: string): boolean {
+  return a.toLowerCase() === b.toLowerCase();
+}
+
+export function getHash(data: SignaturePayload): string {
+  const { domain, types, message } = data;
+  return _TypedDataEncoder.hash(domain, types, message);
+}
+
+export default async function verify(
+  address: string,
+  sig: string,
+  data: SignaturePayload,
+  network = '1',
+  options: ProviderOptions = {}
+): Promise<boolean> {
+  const { domain, types, message } = data;
+
+  try {
+    const recoverAddress = verifyTypedData(domain, types, message, sig);
+    if (isEqual(address, recoverAddress)) return true;
+  } catch (e: any) {}
+
+  const provider = getProvider(network, options);
+  const hash = getHash(data);
+
+  if (await verifyDefault(address, sig, hash, provider)) return true;
+
+  return await verifyOldVersion(address, sig, hash, provider);
+}
+
+async function verifyDefault(
+  address: string,
+  sig: string,
+  hash: string,
+  provider: StaticJsonRpcProvider
+): Promise<boolean> {
+  let returnValue: string;
+  const magicValue = '0x1626ba7e';
+  const abi =
+    'function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
+  try {
+    returnValue = await call(
+      provider,
+      [abi],
+      [address, 'isValidSignature', [arrayify(hash), sig]]
+    );
+  } catch (e: any) {
+    if (e.message.startsWith('missing revert data in call exception')) {
+      return false;
+    }
+    throw e;
+  }
+
+  return isEqual(returnValue, magicValue);
+}
+
+async function verifyOldVersion(
+  address: string,
+  sig: string,
+  hash: string,
+  provider: StaticJsonRpcProvider
+): Promise<boolean> {
+  const magicValue = '0x20c13b0b';
+  const abi =
+    'function isValidSignature(bytes _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
+
+  const returnValue = await call(
+    provider,
+    [abi],
+    [address, 'isValidSignature', [arrayify(hash), sig]]
+  );
+  return isEqual(returnValue, magicValue);
+}

package/src/verify/index.spec.ts

@@ -0,0 +1,84 @@
+import { test, expect, describe, vi } from 'vitest';
+import { verify, getHash } from '.';
+import evmMessage from '../../test/fixtures/evm/message-alias.json';
+import starknetMessage from '../../test/fixtures/starknet/message-alias.json';
+import * as evmVerification from './evm';
+import * as starknetVerification from './starknet';
+
+const evmVerificationMock = vi.spyOn(evmVerification, 'default');
+const starknetVerificationMock = vi.spyOn(starknetVerification, 'default');
+evmVerificationMock.mockImplementation(() => Promise.resolve(true));
+starknetVerificationMock.mockImplementation(() => Promise.resolve(true));
+
+const evmGetHashMock = vi.spyOn(evmVerification, 'getHash');
+const starknetGetHashMock = vi.spyOn(starknetVerification, 'getHash');
+evmGetHashMock.mockImplementation(() => '');
+starknetGetHashMock.mockImplementation(() => '');
+
+describe('sign/utils', () => {
+  describe('getHash', () => {
+    test('should return an EVM hash on EVM address', () => {
+      expect.assertions(1);
+      getHash(evmMessage.data, evmMessage.address);
+
+      expect(evmGetHashMock).toHaveBeenCalled();
+    });
+
+    test('should return a Starknet hash on starknet payload and starknet address', () => {
+      expect.assertions(1);
+      getHash(starknetMessage.data, starknetMessage.address);
+
+      expect(starknetGetHashMock).toHaveBeenCalled();
+    });
+
+    test('should return a Starknet hash on starknet payload and EVM address', () => {
+      expect.assertions(1);
+      getHash(starknetMessage.data, evmMessage.address);
+
+      expect(starknetGetHashMock).toHaveBeenCalled();
+    });
+  });
+
+  describe('verify', () => {
+    test('should call EVM verification on EVM address', async () => {
+      expect.assertions(1);
+      await verify(evmMessage.address, evmMessage.sig, evmMessage.data);
+
+      expect(evmVerificationMock).toHaveBeenCalled();
+    });
+
+    test('should call Starknet verification on Starknet payload', async () => {
+      expect.assertions(1);
+      await verify(
+        starknetMessage.address,
+        starknetMessage.sig,
+        starknetMessage.data
+      );
+
+      expect(starknetVerificationMock).toHaveBeenCalled();
+    });
+
+    test('should call Starknet verification on Starknet payload and EVM message', async () => {
+      expect.assertions(1);
+      await verify(
+        evmMessage.address,
+        starknetMessage.sig,
+        starknetMessage.data
+      );
+
+      expect(starknetVerificationMock).toHaveBeenCalled();
+    });
+
+    test('should throw an error on empty address', () => {
+      expect(
+        verify('', evmMessage.sig, evmMessage.data)
+      ).rejects.toThrowError();
+    });
+
+    test('should throw an error on invalid address', () => {
+      expect(
+        verify('hello-world', evmMessage.sig, evmMessage.data)
+      ).rejects.toThrowError();
+    });
+  });
+});

package/src/verify/index.ts

@@ -0,0 +1,41 @@
+import * as starknet from './starknet';
+import * as evm from './evm';
+import { isEvmAddress, isStarknetAddress } from '../utils';
+import type { StarkNetType } from 'starknet';
+import type { TypedDataField } from '@ethersproject/abstract-signer';
+import type { ProviderOptions } from '../utils/provider';
+
+export type SignaturePayload = {
+  domain: Record<string, string>;
+  types: Record<string, StarkNetType[] | TypedDataField[]>;
+  primaryType?: string;
+  message: Record<string, any>;
+};
+
+export function getHash(data: SignaturePayload, address?: string): string {
+  const networkType = starknet.isStarknetMessage(data) ? starknet : evm;
+
+  return networkType.getHash(data, address as string);
+}
+
+export async function verify(
+  address: string,
+  sig: string | string[],
+  data: SignaturePayload,
+  network = '1',
+  options: ProviderOptions = {}
+): Promise<boolean> {
+  if (!isStarknetAddress(address) && !isEvmAddress(address)) {
+    throw new Error('Invalid address');
+  }
+
+  const networkType = starknet.isStarknetMessage(data) ? starknet : evm;
+
+  return await networkType.default(
+    address,
+    sig as any,
+    data,
+    network as any,
+    options
+  );
+}

package/src/verify/starknet.spec.ts

@@ -0,0 +1,55 @@
+import { test, expect, describe } from 'vitest';
+import starknetMessage from '../../test/fixtures/starknet/message-alias.json';
+import verify, { getHash } from './starknet';
+
+describe('verify/starknet', () => {
+  describe('getHash()', () => {
+    test('should return a hash string', () => {
+      const hash = getHash(starknetMessage.data, starknetMessage.address);
+      expect(hash).toBe(
+        '0x2513fb25c2147469748ec099bf849a21dde6c9b7cfb6b86af431b5e898309bd'
+      );
+    });
+
+    test('should return a different by address', () => {
+      const hash = getHash(starknetMessage.data, '0x0');
+      expect(hash).not.toBe(
+        '0x2513fb25c2147469748ec099bf849a21dde6c9b7cfb6b86af431b5e898309bd'
+      );
+    });
+  });
+
+  describe('verify()', () => {
+    test('should return true if the signature is valid', () => {
+      expect(
+        verify(
+          starknetMessage.address,
+          starknetMessage.sig,
+          starknetMessage.data,
+          'SN_SEPOLIA'
+        )
+      ).resolves.toBe(true);
+    });
+
+    test('should throw an error if message is on wrong network', () => {
+      expect(
+        verify(
+          starknetMessage.address,
+          starknetMessage.sig,
+          starknetMessage.data,
+          'SN_MAIN'
+        )
+      ).rejects.toThrowError();
+    });
+
+    test('should throw an error if the signature is invalid', () => {
+      expect(
+        verify(
+          '0x7667469b8e93faa642573078b6bf8c790d3a6184b2a1bb39c5c923a732862e1',
+          starknetMessage.sig,
+          starknetMessage.data
+        )
+      ).rejects.toThrow();
+    });
+  });
+});

package/src/verify/starknet.ts

@@ -0,0 +1,82 @@
+import { Contract, RpcProvider, typedData } from 'starknet';
+import type { SignaturePayload } from '.';
+import type { ProviderOptions } from '../utils/provider';
+
+export type NetworkType = 'SN_MAIN' | 'SN_SEPOLIA';
+
+const RPC_URLS: Record<NetworkType, string> = {
+  SN_MAIN: 'https://starknet-mainnet.public.blastapi.io',
+  SN_SEPOLIA: 'https://starknet-sepolia.public.blastapi.io'
+};
+
+const ABI = [
+  {
+    name: 'argent::account::interface::IDeprecatedArgentAccount',
+    type: 'interface',
+    items: [
+      {
+        name: 'isValidSignature',
+        type: 'function',
+        inputs: [
+          {
+            name: 'hash',
+            type: 'core::felt252'
+          },
+          {
+            name: 'signatures',
+            type: 'core::array::Array::<core::felt252>'
+          }
+        ],
+        outputs: [
+          {
+            type: 'core::felt252'
+          }
+        ],
+        state_mutability: 'view'
+      }
+    ]
+  }
+];
+
+function getProvider(network: NetworkType, options: ProviderOptions) {
+  if (!RPC_URLS[network]) throw new Error('Invalid network');
+
+  return new RpcProvider({
+    nodeUrl: options?.broviderUrl ?? RPC_URLS[network]
+  });
+}
+
+export function isStarknetMessage(data: SignaturePayload): boolean {
+  return !!data.primaryType && !!data.types.StarkNetDomain;
+}
+
+export function getHash(data: SignaturePayload, address: string): string {
+  const { domain, types, primaryType, message } =
+    data as Required<SignaturePayload>;
+
+  return typedData.getMessageHash(
+    { types, primaryType, domain, message },
+    address
+  );
+}
+
+export default async function verify(
+  address: string,
+  sig: string[],
+  data: SignaturePayload,
+  network: NetworkType = 'SN_MAIN',
+  options: ProviderOptions = {}
+): Promise<boolean> {
+  const contractAccount = new Contract(
+    ABI,
+    address,
+    getProvider(network, options)
+  );
+
+  await contractAccount.isValidSignature(getHash(data, address), [
+    sig[0],
+    sig[1]
+  ]);
+
+  return true;
+}

package/src/sign/eip1271.ts

@@ -1,55 +0,0 @@
-import { arrayify } from '@ethersproject/bytes';
-import { StaticJsonRpcProvider } from '@ethersproject/providers';
-import getProvider from '../utils/provider';
-import { call } from '../utils';
-
-export async function verifyDefault(
-  address: string,
-  sig: string,
-  hash: string,
-  provider: StaticJsonRpcProvider
-) {
-  let returnValue;
-  const magicValue = '0x1626ba7e';
-  const abi =
-    'function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
-  try {
-    returnValue = await call(
-      provider,
-      [abi],
-      [address, 'isValidSignature', [arrayify(hash), sig]]
-    );
-  } catch (e) {
-    // @ts-ignore
-    if (e.message.startsWith('missing revert data in call exception')) {
-      return false;
-    }
-    throw e;
-  }
-
-  return returnValue.toLowerCase() === magicValue.toLowerCase();
-}
-
-export async function verifyOldVersion(
-  address: string,
-  sig: string,
-  hash: string,
-  provider: StaticJsonRpcProvider
-) {
-  const magicValue = '0x20c13b0b';
-  const abi =
-    'function isValidSignature(bytes _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
-
-  const returnValue = await call(
-    provider,
-    [abi],
-    [address, 'isValidSignature', [arrayify(hash), sig]]
-  );
-  return returnValue.toLowerCase() === magicValue.toLowerCase();
-}
-
-export async function verify(address, sig, hash, network = '1', options = {}) {
-  const provider = getProvider(network, options);
-  if (await verifyDefault(address, sig, hash, provider)) return true;
-  return await verifyOldVersion(address, sig, hash, provider);
-}