@steemit/steem-js 1.0.10 → 1.0.11

package/dist/index.cjs

@@ -14193,6 +14193,77 @@ function sign$3(curve, hash, d, nonce) {
     const finalS = s.gt(N_OVER_TWO) ? n.sub(s) : s;
     return new ECSignature(r, finalS);
 }
+/**
+ * Recover a public key from a signature.
+ *
+ * See SEC 1: Elliptic Curve Cryptography, section 4.1.6, "Public
+ * Key Recovery Operation".
+ *
+ * http://www.secg.org/download/aid-780/sec1-v2.pdf
+ */
+function recoverPubKey(curve, e, signature, i) {
+    if ((i & 3) !== i) {
+        throw new Error('Recovery param is more than two bits');
+    }
+    const n = new BN(curve.n.toString());
+    const r = signature.r;
+    const s = signature.s;
+    if (r.isNeg() || r.isZero() || !r.lt(n))
+        throw new Error('Invalid r value');
+    if (s.isNeg() || s.isZero() || !s.lt(n))
+        throw new Error('Invalid s value');
+    // Try using elliptic's built-in recoverPubKey method
+    // It expects: msg (Buffer), signature ({r: BN, s: BN}), j (recovery param)
+    try {
+        // Convert e (BN) to Buffer
+        const msgBuffer = e.toArrayLike(Buffer, 'be', 32);
+        // Create signature object compatible with elliptic's recoverPubKey
+        // elliptic expects {r: BN, s: BN} format
+        const sigObj = { r: r, s: s };
+        // Use elliptic's built-in method
+        const Q = curve.recoverPubKey(msgBuffer, sigObj, i);
+        return Q;
+    }
+    catch (error) {
+        // Fallback to manual implementation if elliptic's method fails
+        const G = curve.g;
+        // A set LSB signifies that the y-coordinate is odd
+        const isYOdd = !!(i & 1);
+        // The more significant bit specifies whether we should use the
+        // first or second candidate key.
+        const isSecondKey = i >> 1;
+        // 1.1 Let x = r + jn
+        const x = isSecondKey ? r.add(n) : r;
+        // pointFromX expects a hex string (not BN object)
+        // Convert BN to hex string and ensure proper padding
+        const xHex = x.toString(16);
+        // Ensure hex string is properly padded to 64 characters (32 bytes)
+        const xHexPadded = xHex.padStart(64, '0');
+        // pointFromX may also accept a Buffer, but hex string is more reliable
+        let R;
+        try {
+            R = curve.curve.pointFromX(xHexPadded, isYOdd);
+        }
+        catch (error) {
+            // If hex string fails, try with Buffer
+            const xBuffer = x.toArrayLike(Buffer, 'be', 32);
+            R = curve.curve.pointFromX(xBuffer, isYOdd);
+        }
+        // 1.4 Check that nR is at infinity
+        const nR = R.mul(n);
+        if (!nR.isInfinity())
+            throw new Error('nR is not a valid curve point');
+        // Compute -e from e
+        const eNeg = e.neg().mod(n);
+        // 1.6.1 Compute Q = r^-1 (sR -  eG)
+        //               Q = r^-1 (sR + -eG)
+        const rInv = r.invm(n);
+        const sR = R.mul(s);
+        const eGNeg = G.mul(eNeg);
+        const Q = sR.add(eGNeg).mul(rInv);
+        return Q;
+    }
+}
 /**
  * Calculate pubkey extraction parameter.
  *
@@ -14207,11 +14278,15 @@ function sign$3(curve, hash, d, nonce) {
 function calcPubKeyRecoveryParam(curve, e, signature, Q) {
     for (let i = 0; i < 4; i++) {
         try {
-            // Use elliptic's built-in recovery method
-            const Qprime = curve.recoverPubKey(e, signature, i);
+            // Use our own recoverPubKey function instead of curve.recoverPubKey
+            const Qprime = recoverPubKey(curve, e, signature, i);
             // 1.6.2 Verify Q = Q'
-            // Compare points by checking if they are the same point
-            if (Qprime.eq(Q)) {
+            // Compare points by checking coordinates (more reliable than eq method)
+            const Qx = Q.getX().toString(16);
+            const Qy = Q.getY().toString(16);
+            const QprimeX = Qprime.getX().toString(16);
+            const QprimeY = Qprime.getY().toString(16);
+            if (Qx === QprimeX && Qy === QprimeY) {
                 return i;
             }
         }
@@ -14245,7 +14320,13 @@ class Signature {
             throw new Error('Invalid signature length');
         }
         const i = buffer.readUInt8(0);
-        if ((i - 27) !== ((i - 27) & 7)) {
+        // Support both formats: 27-30 (old/legacy) and 31-34 (dsteem compatible)
+        // Check if it's in the old format (27-30) or new format (31-34)
+        const recoveryOld = i - 27;
+        const recoveryNew = i - 31;
+        const isValidOld = recoveryOld >= 0 && recoveryOld <= 3 && (recoveryOld === (recoveryOld & 7));
+        const isValidNew = recoveryNew >= 0 && recoveryNew <= 3 && (recoveryNew === (recoveryNew & 7));
+        if (!isValidOld && !isValidNew) {
             throw new Error('Invalid signature parameter');
         }
         const r = new BN(buffer.slice(1, 33));
@@ -14294,7 +14375,9 @@ class Signature {
             }
         }
         const i = calcPubKeyRecoveryParam(secp256k1, new BN(buf_sha256), ecsignature, privKey.toPublic().Q);
-        return new Signature(ecsignature.r, ecsignature.s, i + 27);
+        // Use recovery byte 31-34 (instead of 27-30) to be compatible with dsteem
+        // dsteem expects: recovery = byte - 31, so byte = recovery + 31
+        return new Signature(ecsignature.r, ecsignature.s, i + 31);
     }
     static isCanonical(r, s) {
         // See libraries/fc/src/crypto/elliptic_common.cpp is_fc_canonical
@@ -25754,7 +25837,7 @@ const steem = {
     operations,
     serializer,
     utils: utils$3,
-    version: '1.0.10',
+    version: '1.0.11',
     config: {
         set: (options) => {
             // If nodes is provided, extract the first node as url for API
@@ -25801,6 +25884,8 @@ exports.hmacSha256 = hmacSha256;
 exports.ripemd160 = ripemd160;
 exports.sha256 = sha256;
 exports.sign = sign;
+exports.signRequest = sign$2;
 exports.steem = steem;
+exports.validateRequest = validate;
 exports.verify = verify;
 //# sourceMappingURL=index.cjs.map