@snapshot-labs/snapshot.js 0.12.0-beta.0 → 0.12.0-beta.2

package/src/verify/evm.ts

@@ -0,0 +1,82 @@
+import { verifyTypedData } from '@ethersproject/wallet';
+import { _TypedDataEncoder } from '@ethersproject/hash';
+import { arrayify } from '@ethersproject/bytes';
+import getProvider, { type ProviderOptions } from '../utils/provider';
+import { call } from '../utils';
+import type { SignaturePayload } from '.';
+import type { StaticJsonRpcProvider } from '@ethersproject/providers';
+
+function isEqual(a: string, b: string): boolean {
+  return a.toLowerCase() === b.toLowerCase();
+}
+
+export function getHash(data: SignaturePayload): string {
+  const { domain, types, message } = data;
+  return _TypedDataEncoder.hash(domain, types, message);
+}
+
+export default async function verify(
+  address: string,
+  sig: string,
+  data: SignaturePayload,
+  network = '1',
+  options: ProviderOptions = {}
+): Promise<boolean> {
+  const { domain, types, message } = data;
+
+  try {
+    const recoverAddress = verifyTypedData(domain, types, message, sig);
+    if (isEqual(address, recoverAddress)) return true;
+  } catch (e: any) {}
+
+  const provider = getProvider(network, options);
+  const hash = getHash(data);
+
+  if (await verifyDefault(address, sig, hash, provider)) return true;
+
+  return await verifyOldVersion(address, sig, hash, provider);
+}
+
+async function verifyDefault(
+  address: string,
+  sig: string,
+  hash: string,
+  provider: StaticJsonRpcProvider
+): Promise<boolean> {
+  let returnValue: string;
+  const magicValue = '0x1626ba7e';
+  const abi =
+    'function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
+  try {
+    returnValue = await call(
+      provider,
+      [abi],
+      [address, 'isValidSignature', [arrayify(hash), sig]]
+    );
+  } catch (e: any) {
+    if (e.message.startsWith('missing revert data in call exception')) {
+      return false;
+    }
+    throw e;
+  }
+
+  return isEqual(returnValue, magicValue);
+}
+
+async function verifyOldVersion(
+  address: string,
+  sig: string,
+  hash: string,
+  provider: StaticJsonRpcProvider
+): Promise<boolean> {
+  const magicValue = '0x20c13b0b';
+  const abi =
+    'function isValidSignature(bytes _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
+
+  const returnValue = await call(
+    provider,
+    [abi],
+    [address, 'isValidSignature', [arrayify(hash), sig]]
+  );
+  return isEqual(returnValue, magicValue);
+}

package/src/verify/index.spec.ts

@@ -0,0 +1,84 @@
+import { test, expect, describe, vi } from 'vitest';
+import { verify, getHash } from '.';
+import evmMessage from '../../test/fixtures/evm/message-alias.json';
+import starknetMessage from '../../test/fixtures/starknet/message-alias.json';
+import * as evmVerification from './evm';
+import * as starknetVerification from './starknet';
+
+const evmVerificationMock = vi.spyOn(evmVerification, 'default');
+const starknetVerificationMock = vi.spyOn(starknetVerification, 'default');
+evmVerificationMock.mockImplementation(() => Promise.resolve(true));
+starknetVerificationMock.mockImplementation(() => Promise.resolve(true));
+
+const evmGetHashMock = vi.spyOn(evmVerification, 'getHash');
+const starknetGetHashMock = vi.spyOn(starknetVerification, 'getHash');
+evmGetHashMock.mockImplementation(() => '');
+starknetGetHashMock.mockImplementation(() => '');
+
+describe('sign/utils', () => {
+  describe('getHash', () => {
+    test('should return an EVM hash on EVM address', () => {
+      expect.assertions(1);
+      getHash(evmMessage.data, evmMessage.address);
+
+      expect(evmGetHashMock).toHaveBeenCalled();
+    });
+
+    test('should return a Starknet hash on starknet payload and starknet address', () => {
+      expect.assertions(1);
+      getHash(starknetMessage.data, starknetMessage.address);
+
+      expect(starknetGetHashMock).toHaveBeenCalled();
+    });
+
+    test('should return a Starknet hash on starknet payload and EVM address', () => {
+      expect.assertions(1);
+      getHash(starknetMessage.data, evmMessage.address);
+
+      expect(starknetGetHashMock).toHaveBeenCalled();
+    });
+  });
+
+  describe('verify', () => {
+    test('should call EVM verification on EVM address', async () => {
+      expect.assertions(1);
+      await verify(evmMessage.address, evmMessage.sig, evmMessage.data);
+
+      expect(evmVerificationMock).toHaveBeenCalled();
+    });
+
+    test('should call Starknet verification on Starknet payload', async () => {
+      expect.assertions(1);
+      await verify(
+        starknetMessage.address,
+        starknetMessage.sig,
+        starknetMessage.data
+      );
+
+      expect(starknetVerificationMock).toHaveBeenCalled();
+    });
+
+    test('should call Starknet verification on Starknet payload and EVM message', async () => {
+      expect.assertions(1);
+      await verify(
+        evmMessage.address,
+        starknetMessage.sig,
+        starknetMessage.data
+      );
+
+      expect(starknetVerificationMock).toHaveBeenCalled();
+    });
+
+    test('should throw an error on empty address', () => {
+      expect(
+        verify('', evmMessage.sig, evmMessage.data)
+      ).rejects.toThrowError();
+    });
+
+    test('should throw an error on invalid address', () => {
+      expect(
+        verify('hello-world', evmMessage.sig, evmMessage.data)
+      ).rejects.toThrowError();
+    });
+  });
+});

package/src/verify/index.ts

@@ -0,0 +1,41 @@
+import * as starknet from './starknet';
+import * as evm from './evm';
+import { isEvmAddress, isStarknetAddress } from '../utils';
+import type { StarkNetType } from 'starknet';
+import type { TypedDataField } from '@ethersproject/abstract-signer';
+import type { ProviderOptions } from '../utils/provider';
+
+export type SignaturePayload = {
+  domain: Record<string, string>;
+  types: Record<string, StarkNetType[] | TypedDataField[]>;
+  primaryType?: string;
+  message: Record<string, any>;
+};
+
+export function getHash(data: SignaturePayload, address?: string): string {
+  const networkType = starknet.isStarknetMessage(data) ? starknet : evm;
+
+  return networkType.getHash(data, address as string);
+}
+
+export async function verify(
+  address: string,
+  sig: string | string[],
+  data: SignaturePayload,
+  network = '1',
+  options: ProviderOptions = {}
+): Promise<boolean> {
+  if (!isStarknetAddress(address) && !isEvmAddress(address)) {
+    throw new Error('Invalid address');
+  }
+
+  const networkType = starknet.isStarknetMessage(data) ? starknet : evm;
+
+  return await networkType.default(
+    address,
+    sig as any,
+    data,
+    network as any,
+    options
+  );
+}

package/src/verify/starknet.spec.ts

@@ -0,0 +1,55 @@
+import { test, expect, describe } from 'vitest';
+import starknetMessage from '../../test/fixtures/starknet/message-alias.json';
+import verify, { getHash } from './starknet';
+
+describe('verify/starknet', () => {
+  describe('getHash()', () => {
+    test('should return a hash string', () => {
+      const hash = getHash(starknetMessage.data, starknetMessage.address);
+      expect(hash).toBe(
+        '0x2513fb25c2147469748ec099bf849a21dde6c9b7cfb6b86af431b5e898309bd'
+      );
+    });
+
+    test('should return a different by address', () => {
+      const hash = getHash(starknetMessage.data, '0x0');
+      expect(hash).not.toBe(
+        '0x2513fb25c2147469748ec099bf849a21dde6c9b7cfb6b86af431b5e898309bd'
+      );
+    });
+  });
+
+  describe('verify()', () => {
+    test('should return true if the signature is valid', () => {
+      expect(
+        verify(
+          starknetMessage.address,
+          starknetMessage.sig,
+          starknetMessage.data,
+          'SN_SEPOLIA'
+        )
+      ).resolves.toBe(true);
+    });
+
+    test('should throw an error if message is on wrong network', () => {
+      expect(
+        verify(
+          starknetMessage.address,
+          starknetMessage.sig,
+          starknetMessage.data,
+          'SN_MAIN'
+        )
+      ).rejects.toThrowError();
+    });
+
+    test('should throw an error if the signature is invalid', () => {
+      expect(
+        verify(
+          '0x7667469b8e93faa642573078b6bf8c790d3a6184b2a1bb39c5c923a732862e1',
+          starknetMessage.sig,
+          starknetMessage.data
+        )
+      ).rejects.toThrow();
+    });
+  });
+});

package/src/verify/starknet.ts

@@ -0,0 +1,82 @@
+import { Contract, RpcProvider, typedData } from 'starknet';
+import type { SignaturePayload } from '.';
+import type { ProviderOptions } from '../utils/provider';
+
+export type NetworkType = 'SN_MAIN' | 'SN_SEPOLIA';
+
+const RPC_URLS: Record<NetworkType, string> = {
+  SN_MAIN: 'https://starknet-mainnet.public.blastapi.io',
+  SN_SEPOLIA: 'https://starknet-sepolia.public.blastapi.io'
+};
+
+const ABI = [
+  {
+    name: 'argent::account::interface::IDeprecatedArgentAccount',
+    type: 'interface',
+    items: [
+      {
+        name: 'isValidSignature',
+        type: 'function',
+        inputs: [
+          {
+            name: 'hash',
+            type: 'core::felt252'
+          },
+          {
+            name: 'signatures',
+            type: 'core::array::Array::<core::felt252>'
+          }
+        ],
+        outputs: [
+          {
+            type: 'core::felt252'
+          }
+        ],
+        state_mutability: 'view'
+      }
+    ]
+  }
+];
+
+function getProvider(network: NetworkType, options: ProviderOptions) {
+  if (!RPC_URLS[network]) throw new Error('Invalid network');
+
+  return new RpcProvider({
+    nodeUrl: options?.broviderUrl ?? RPC_URLS[network]
+  });
+}
+
+export function isStarknetMessage(data: SignaturePayload): boolean {
+  return !!data.primaryType && !!data.types.StarkNetDomain;
+}
+
+export function getHash(data: SignaturePayload, address: string): string {
+  const { domain, types, primaryType, message } =
+    data as Required<SignaturePayload>;
+
+  return typedData.getMessageHash(
+    { types, primaryType, domain, message },
+    address
+  );
+}
+
+export default async function verify(
+  address: string,
+  sig: string[],
+  data: SignaturePayload,
+  network: NetworkType = 'SN_MAIN',
+  options: ProviderOptions = {}
+): Promise<boolean> {
+  const contractAccount = new Contract(
+    ABI,
+    address,
+    getProvider(network, options)
+  );
+
+  await contractAccount.isValidSignature(getHash(data, address), [
+    sig[0],
+    sig[1]
+  ]);
+
+  return true;
+}

package/src/sign/eip1271.ts

@@ -1,55 +0,0 @@
-import { arrayify } from '@ethersproject/bytes';
-import { StaticJsonRpcProvider } from '@ethersproject/providers';
-import getProvider from '../utils/provider';
-import { call } from '../utils';
-
-export async function verifyDefault(
-  address: string,
-  sig: string,
-  hash: string,
-  provider: StaticJsonRpcProvider
-) {
-  let returnValue;
-  const magicValue = '0x1626ba7e';
-  const abi =
-    'function isValidSignature(bytes32 _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
-  try {
-    returnValue = await call(
-      provider,
-      [abi],
-      [address, 'isValidSignature', [arrayify(hash), sig]]
-    );
-  } catch (e) {
-    // @ts-ignore
-    if (e.message.startsWith('missing revert data in call exception')) {
-      return false;
-    }
-    throw e;
-  }
-
-  return returnValue.toLowerCase() === magicValue.toLowerCase();
-}
-
-export async function verifyOldVersion(
-  address: string,
-  sig: string,
-  hash: string,
-  provider: StaticJsonRpcProvider
-) {
-  const magicValue = '0x20c13b0b';
-  const abi =
-    'function isValidSignature(bytes _hash, bytes memory _signature) public view returns (bytes4 magicValue)';
-
-  const returnValue = await call(
-    provider,
-    [abi],
-    [address, 'isValidSignature', [arrayify(hash), sig]]
-  );
-  return returnValue.toLowerCase() === magicValue.toLowerCase();
-}
-
-export async function verify(address, sig, hash, network = '1', options = {}) {
-  const provider = getProvider(network, options);
-  if (await verifyDefault(address, sig, hash, provider)) return true;
-  return await verifyOldVersion(address, sig, hash, provider);
-}

package/src/sign/utils.ts

@@ -1,27 +0,0 @@
-import { verifyTypedData } from '@ethersproject/wallet';
-import { _TypedDataEncoder } from '@ethersproject/hash';
-import { verify as verifyEIP1271 } from './eip1271';
-
-export function getHash(data) {
-  const { domain, types, message } = data;
-  return _TypedDataEncoder.hash(domain, types, message);
-}
-
-export async function verify(address, sig, data, network = '1', options = {}) {
-  const { domain, types, message } = data;
-
-  const hash = getHash(data);
-  // console.log('Hash', hash);
-  // console.log('Address', address);
-
-  try {
-    const recoverAddress = verifyTypedData(domain, types, message, sig);
-    // console.log('Recover address', recoverAddress);
-    if (address === recoverAddress) return true;
-  } catch (e) {
-    // console.log('Could not recoverAddress:' + e.message);
-  }
-
-  // console.log('Check EIP1271 signature');
-  return await verifyEIP1271(address, sig, hash, network, options);
-}