shogun-core 1.2.7 → 1.2.8

package/dist/plugins/web3/web3ConnectorPlugin.js

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Web3ConnectorPlugin = void 0;
 const base_1 = require("../base");
 const web3Connector_1 = require("./web3Connector");
+const web3Signer_1 = require("./web3Signer");
 const logger_1 = require("../../utils/logger");
 const ethers_1 = require("ethers");
 const errorHandler_1 = require("../../utils/errorHandler");
@@ -14,6 +15,7 @@ class Web3ConnectorPlugin extends base_1.BasePlugin {
     version = "1.0.0";
     description = "Provides Ethereum wallet connection and authentication for ShogunCore";
     Web3 = null;
+    signer = null;
     /**
      * @inheritdoc
      */
@@ -21,7 +23,8 @@ class Web3ConnectorPlugin extends base_1.BasePlugin {
         super.initialize(core);
         // Inizializziamo il modulo Web3
         this.Web3 = new web3Connector_1.Web3Connector();
-        (0, logger_1.log)("Web3 plugin initialized");
+        this.signer = new web3Signer_1.Web3Signer(this.Web3);
+        (0, logger_1.log)("Web3 plugin initialized with signer support");
     }
     /**
      * @inheritdoc
@@ -31,6 +34,7 @@ class Web3ConnectorPlugin extends base_1.BasePlugin {
             this.Web3.cleanup();
         }
         this.Web3 = null;
+        this.signer = null;
         super.destroy();
         (0, logger_1.log)("Web3 plugin destroyed");
     }
@@ -45,6 +49,17 @@ class Web3ConnectorPlugin extends base_1.BasePlugin {
         }
         return this.Web3;
     }
+    /**
+     * Assicura che il signer sia inizializzato
+     * @private
+     */
+    assertSigner() {
+        this.assertInitialized();
+        if (!this.signer) {
+            throw new Error("Web3 signer not initialized");
+        }
+        return this.signer;
+    }
     /**
      * @inheritdoc
      */
@@ -100,6 +115,147 @@ class Web3ConnectorPlugin extends base_1.BasePlugin {
     async verifySignature(message, signature) {
         return this.assertMetaMask().verifySignature(message, signature);
     }
+    // === WEB3 SIGNER METHODS ===
+    /**
+     * Creates a new Web3 signing credential
+     * CONSISTENT with normal Web3 approach
+     */
+    async createSigningCredential(address) {
+        try {
+            (0, logger_1.log)(`Creating Web3 signing credential for address: ${address}`);
+            return await this.assertSigner().createSigningCredential(address);
+        }
+        catch (error) {
+            (0, logger_1.logError)(`Error creating Web3 signing credential: ${error.message}`);
+            throw error;
+        }
+    }
+    /**
+     * Creates an authenticator function for Web3 signing
+     */
+    createAuthenticator(address) {
+        try {
+            (0, logger_1.log)(`Creating Web3 authenticator for address: ${address}`);
+            return this.assertSigner().createAuthenticator(address);
+        }
+        catch (error) {
+            (0, logger_1.logError)(`Error creating Web3 authenticator: ${error.message}`);
+            throw error;
+        }
+    }
+    /**
+     * Creates a derived key pair from Web3 credential
+     */
+    async createDerivedKeyPair(address, extra) {
+        try {
+            (0, logger_1.log)(`Creating derived key pair for address: ${address}`);
+            return await this.assertSigner().createDerivedKeyPair(address, extra);
+        }
+        catch (error) {
+            (0, logger_1.logError)(`Error creating derived key pair: ${error.message}`);
+            throw error;
+        }
+    }
+    /**
+     * Signs data with derived keys after Web3 verification
+     */
+    async signWithDerivedKeys(data, address, extra) {
+        try {
+            (0, logger_1.log)(`Signing data with derived keys for address: ${address}`);
+            return await this.assertSigner().signWithDerivedKeys(data, address, extra);
+        }
+        catch (error) {
+            (0, logger_1.logError)(`Error signing with derived keys: ${error.message}`);
+            throw error;
+        }
+    }
+    /**
+     * Get signing credential by address
+     */
+    getSigningCredential(address) {
+        return this.assertSigner().getCredential(address);
+    }
+    /**
+     * List all signing credentials
+     */
+    listSigningCredentials() {
+        return this.assertSigner().listCredentials();
+    }
+    /**
+     * Remove a signing credential
+     */
+    removeSigningCredential(address) {
+        return this.assertSigner().removeCredential(address);
+    }
+    // === CONSISTENCY METHODS ===
+    /**
+     * Creates a Gun user from Web3 signing credential
+     * This ensures the SAME user is created as with normal approach
+     */
+    async createGunUserFromSigningCredential(address) {
+        try {
+            const core = this.assertInitialized();
+            (0, logger_1.log)(`Creating Gun user from Web3 signing credential: ${address}`);
+            return await this.assertSigner().createGunUser(address, core.gun);
+        }
+        catch (error) {
+            (0, logger_1.logError)(`Error creating Gun user from Web3 signing credential: ${error.message}`);
+            throw error;
+        }
+    }
+    /**
+     * Get the Gun user public key for a signing credential
+     */
+    getGunUserPubFromSigningCredential(address) {
+        return this.assertSigner().getGunUserPub(address);
+    }
+    /**
+     * Get the password (for consistency checking)
+     */
+    getPassword(address) {
+        return this.assertSigner().getPassword(address);
+    }
+    /**
+     * Verify consistency between oneshot and normal approaches
+     * This ensures both approaches create the same Gun user
+     */
+    async verifyConsistency(address, expectedUserPub) {
+        try {
+            (0, logger_1.log)(`Verifying Web3 consistency for address: ${address}`);
+            return await this.assertSigner().verifyConsistency(address, expectedUserPub);
+        }
+        catch (error) {
+            (0, logger_1.logError)(`Error verifying Web3 consistency: ${error.message}`);
+            return { consistent: false };
+        }
+    }
+    /**
+     * Complete oneshot workflow that creates the SAME Gun user as normal approach
+     * This is the recommended method for oneshot signing with full consistency
+     */
+    async setupConsistentOneshotSigning(address) {
+        try {
+            (0, logger_1.log)(`Setting up consistent Web3 oneshot signing for: ${address}`);
+            // 1. Create signing credential (with consistent password generation)
+            const credential = await this.createSigningCredential(address);
+            // 2. Create authenticator
+            const authenticator = this.createAuthenticator(address);
+            // 3. Create Gun user (same as normal approach)
+            const gunUser = await this.createGunUserFromSigningCredential(address);
+            return {
+                credential,
+                authenticator,
+                gunUser,
+                username: credential.username,
+                password: credential.password,
+            };
+        }
+        catch (error) {
+            (0, logger_1.logError)(`Error setting up consistent Web3 oneshot signing: ${error.message}`);
+            throw error;
+        }
+    }
+    // === EXISTING METHODS ===
     /**
      * Login con Web3
      * @param address - Indirizzo Ethereum

package/dist/plugins/web3/web3Signer.js

@@ -0,0 +1,268 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Web3Signer = void 0;
+const web3Connector_1 = require("./web3Connector");
+const ethers_1 = require("ethers");
+const logger_1 = require("../../utils/logger");
+const derive_1 = __importDefault(require("../../gundb/derive"));
+/**
+ * Web3 Signer - Provides oneshot signing functionality
+ * Similar to webauthn.js but for Web3/MetaMask
+ * CONSISTENT with normal Web3 approach
+ */
+class Web3Signer {
+    web3Connector;
+    credentials = new Map();
+    MESSAGE_TO_SIGN = "I Love Shogun!"; // Same as normal approach
+    constructor(web3Connector) {
+        this.web3Connector = web3Connector || new web3Connector_1.Web3Connector();
+    }
+    /**
+     * Creates a new Web3 signing credential
+     * CONSISTENT with normal Web3 approach
+     */
+    async createSigningCredential(address) {
+        try {
+            (0, logger_1.logDebug)(`Creating Web3 signing credential for address: ${address}`);
+            // Validate address
+            const validAddress = ethers_1.ethers.getAddress(address.toLowerCase());
+            // Request signature using the same approach as normal Web3
+            const signature = await this.requestSignature(validAddress);
+            // Generate credentials using the SAME logic as normal approach
+            const username = `${validAddress.toLowerCase()}`;
+            const password = ethers_1.ethers.keccak256(ethers_1.ethers.toUtf8Bytes(`${signature}:${validAddress.toLowerCase()}`));
+            const signingCredential = {
+                address: validAddress,
+                signature,
+                message: this.MESSAGE_TO_SIGN,
+                username,
+                password, // This ensures consistency with normal approach
+            };
+            // Store credential for later use
+            this.credentials.set(validAddress.toLowerCase(), signingCredential);
+            (0, logger_1.logDebug)("Created Web3 signing credential:", signingCredential);
+            return signingCredential;
+        }
+        catch (error) {
+            (0, logger_1.logError)("Error creating Web3 signing credential:", error);
+            throw new Error(`Failed to create Web3 signing credential: ${error.message}`);
+        }
+    }
+    /**
+     * Request signature from MetaMask
+     * Uses the same approach as normal Web3Connector
+     */
+    async requestSignature(address) {
+        try {
+            const signer = await this.web3Connector.getSigner();
+            const signerAddress = await signer.getAddress();
+            if (signerAddress.toLowerCase() !== address.toLowerCase()) {
+                throw new Error(`Signer address (${signerAddress}) does not match expected address (${address})`);
+            }
+            (0, logger_1.logDebug)(`Requesting signature for message: ${this.MESSAGE_TO_SIGN}`);
+            const signature = await signer.signMessage(this.MESSAGE_TO_SIGN);
+            (0, logger_1.logDebug)("Signature obtained successfully");
+            return signature;
+        }
+        catch (error) {
+            (0, logger_1.logError)("Failed to request signature:", error);
+            throw error;
+        }
+    }
+    /**
+     * Creates an authenticator function compatible with SEA.sign
+     * This is the key function that makes it work like webauthn.js but for Web3
+     */
+    createAuthenticator(address) {
+        const credential = this.credentials.get(address.toLowerCase());
+        if (!credential) {
+            throw new Error(`Credential for address ${address} not found`);
+        }
+        return async (data) => {
+            try {
+                // Verify the user by requesting a new signature for the data
+                const signer = await this.web3Connector.getSigner();
+                const signerAddress = await signer.getAddress();
+                if (signerAddress.toLowerCase() !== address.toLowerCase()) {
+                    throw new Error("Address mismatch during authentication");
+                }
+                // Sign the data
+                const dataToSign = JSON.stringify(data);
+                const signature = await signer.signMessage(dataToSign);
+                (0, logger_1.logDebug)("Web3 authentication successful:", { data, signature });
+                return signature;
+            }
+            catch (error) {
+                (0, logger_1.logError)("Web3 authentication error:", error);
+                throw error;
+            }
+        };
+    }
+    /**
+     * Creates a derived key pair from Web3 credential
+     * CONSISTENT with normal approach: uses password as seed
+     */
+    async createDerivedKeyPair(address, extra) {
+        const credential = this.credentials.get(address.toLowerCase());
+        if (!credential) {
+            throw new Error(`Credential for address ${address} not found`);
+        }
+        try {
+            // CONSISTENCY: Use the same approach as normal Web3
+            // Use password as seed (same as normal approach)
+            const derivedKeys = await (0, derive_1.default)(credential.password, // This is the key consistency point!
+            extra, { includeP256: true });
+            return {
+                pub: derivedKeys.pub,
+                priv: derivedKeys.priv,
+                epub: derivedKeys.epub,
+                epriv: derivedKeys.epriv,
+            };
+        }
+        catch (error) {
+            (0, logger_1.logError)("Error deriving keys from Web3 credential:", error);
+            throw error;
+        }
+    }
+    /**
+     * Creates a Gun user from Web3 credential
+     * This ensures the SAME user is created as with normal approach
+     */
+    async createGunUser(address, gunInstance) {
+        const credential = this.credentials.get(address.toLowerCase());
+        if (!credential) {
+            throw new Error(`Credential for address ${address} not found`);
+        }
+        try {
+            // Use the SAME approach as normal Web3
+            return new Promise((resolve) => {
+                gunInstance
+                    .user()
+                    .create(credential.username, credential.password, (ack) => {
+                    if (ack.err) {
+                        // Try to login if user already exists
+                        gunInstance
+                            .user()
+                            .auth(credential.username, credential.password, (authAck) => {
+                            if (authAck.err) {
+                                resolve({ success: false, error: authAck.err });
+                            }
+                            else {
+                                const userPub = authAck.pub;
+                                // Update credential with Gun user pub
+                                credential.gunUserPub = userPub;
+                                this.credentials.set(address.toLowerCase(), credential);
+                                resolve({ success: true, userPub });
+                            }
+                        });
+                    }
+                    else {
+                        // User created, now login
+                        gunInstance
+                            .user()
+                            .auth(credential.username, credential.password, (authAck) => {
+                            if (authAck.err) {
+                                resolve({ success: false, error: authAck.err });
+                            }
+                            else {
+                                const userPub = authAck.pub;
+                                // Update credential with Gun user pub
+                                credential.gunUserPub = userPub;
+                                this.credentials.set(address.toLowerCase(), credential);
+                                resolve({ success: true, userPub });
+                            }
+                        });
+                    }
+                });
+            });
+        }
+        catch (error) {
+            (0, logger_1.logError)("Error creating Gun user:", error);
+            return { success: false, error: error.message };
+        }
+    }
+    /**
+     * Signs data using Web3 + derived keys
+     * This provides a hybrid approach: Web3 for user verification + derived keys for actual signing
+     * CONSISTENT with normal approach
+     */
+    async signWithDerivedKeys(data, address, extra) {
+        try {
+            // First, verify user with Web3
+            const authenticator = this.createAuthenticator(address);
+            await authenticator(data); // This verifies the user
+            // Then use derived keys for actual signing (CONSISTENT approach)
+            const keyPair = await this.createDerivedKeyPair(address, extra);
+            // Create signature using the same approach as SEA
+            const message = JSON.stringify(data);
+            const messageHash = ethers_1.ethers.keccak256(ethers_1.ethers.toUtf8Bytes(message));
+            // Use ethers for signing (compatible with SEA)
+            const wallet = new ethers_1.ethers.Wallet(keyPair.priv);
+            const signature = await wallet.signMessage(message);
+            // Format like SEA signature
+            const seaSignature = {
+                m: message,
+                s: signature,
+            };
+            return "SEA" + JSON.stringify(seaSignature);
+        }
+        catch (error) {
+            (0, logger_1.logError)("Error signing with derived keys:", error);
+            throw error;
+        }
+    }
+    /**
+     * Get the Gun user public key for a credential
+     * This allows checking if the same user would be created
+     */
+    getGunUserPub(address) {
+        const credential = this.credentials.get(address.toLowerCase());
+        return credential?.gunUserPub;
+    }
+    /**
+     * Get the password (for consistency checking)
+     */
+    getPassword(address) {
+        const credential = this.credentials.get(address.toLowerCase());
+        return credential?.password;
+    }
+    /**
+     * Check if this credential would create the same Gun user as normal approach
+     */
+    async verifyConsistency(address, expectedUserPub) {
+        const credential = this.credentials.get(address.toLowerCase());
+        if (!credential) {
+            return { consistent: false };
+        }
+        // The derived keys should be the same as normal approach
+        const derivedKeys = await this.createDerivedKeyPair(address);
+        return {
+            consistent: expectedUserPub ? derivedKeys.pub === expectedUserPub : true,
+            actualUserPub: derivedKeys.pub,
+            expectedUserPub,
+        };
+    }
+    /**
+     * Get credential by address
+     */
+    getCredential(address) {
+        return this.credentials.get(address.toLowerCase());
+    }
+    /**
+     * List all stored credentials
+     */
+    listCredentials() {
+        return Array.from(this.credentials.values());
+    }
+    /**
+     * Remove a credential
+     */
+    removeCredential(address) {
+        return this.credentials.delete(address.toLowerCase());
+    }
+}
+exports.Web3Signer = Web3Signer;
+exports.default = Web3Signer;

package/dist/plugins/webauthn/webauthnChain.js

@@ -5,8 +5,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const gun_1 = __importDefault(require("gun"));
 const webauthn_1 = require("./webauthn");
+const webauthnSigner_1 = require("./webauthnSigner");
 const webauthnChain = () => {
     const webauthn = new webauthn_1.Webauthn();
+    const signer = new webauthnSigner_1.WebAuthnSigner(webauthn);
     gun_1.default.chain.webauthn = {};
     gun_1.default.chain.webauthn.isSupported = function () {
         return webauthn.isSupported();
@@ -32,5 +34,81 @@ const webauthnChain = () => {
     gun_1.default.chain.webauthn.validateUsername = function (username) {
         return webauthn.validateUsername(username);
     };
+    gun_1.default.chain.webauthn.createSigningCredential = async function (username) {
+        return await signer.createSigningCredential(username);
+    };
+    gun_1.default.chain.webauthn.createAuthenticator = function (credentialId) {
+        return signer.createAuthenticator(credentialId);
+    };
+    gun_1.default.chain.webauthn.createDerivedKeyPair = async function (credentialId, username, extra) {
+        return await signer.createDerivedKeyPair(credentialId, username, extra);
+    };
+    gun_1.default.chain.webauthn.signWithDerivedKeys = async function (data, credentialId, username, extra) {
+        return await signer.signWithDerivedKeys(data, credentialId, username, extra);
+    };
+    gun_1.default.chain.webauthn.getSigningCredential = function (credentialId) {
+        return signer.getCredential(credentialId);
+    };
+    gun_1.default.chain.webauthn.listSigningCredentials = function () {
+        return signer.listCredentials();
+    };
+    gun_1.default.chain.webauthn.removeSigningCredential = function (credentialId) {
+        return signer.removeCredential(credentialId);
+    };
+    gun_1.default.chain.webauthn.setupOneshotSigning = async function (username) {
+        const credential = await signer.createSigningCredential(username);
+        const authenticator = signer.createAuthenticator(credential.id);
+        return {
+            credential,
+            authenticator,
+            pub: credential.pub,
+        };
+    };
+    gun_1.default.chain.webauthn.quickSign = async function (data, credentialId, username, extra) {
+        return await signer.signWithDerivedKeys(data, credentialId, username, extra);
+    };
+    // === CONSISTENCY METHODS ===
+    /**
+     * Creates a Gun user from WebAuthn signing credential
+     * Ensures SAME user as normal approach
+     */
+    gun_1.default.chain.webauthn.createGunUserFromSigningCredential =
+        async function (credentialId, username) {
+            return await signer.createGunUser(credentialId, username, this);
+        };
+    /**
+     * Get the Gun user public key for a signing credential
+     */
+    gun_1.default.chain.webauthn.getGunUserPubFromSigningCredential = function (credentialId) {
+        return signer.getGunUserPub(credentialId);
+    };
+    /**
+     * Get the hashed credential ID (for consistency checking)
+     */
+    gun_1.default.chain.webauthn.getHashedCredentialId = function (credentialId) {
+        return signer.getHashedCredentialId(credentialId);
+    };
+    /**
+     * Verify consistency between oneshot and normal approaches
+     */
+    gun_1.default.chain.webauthn.verifyConsistency = async function (credentialId, username, expectedUserPub) {
+        return await signer.verifyConsistency(credentialId, username, expectedUserPub);
+    };
+    /**
+     * Complete consistent oneshot signing workflow
+     * Creates the SAME Gun user as normal approach
+     */
+    gun_1.default.chain.webauthn.setupConsistentOneshotSigning = async function (username) {
+        const credential = await signer.createSigningCredential(username);
+        const authenticator = signer.createAuthenticator(credential.id);
+        const gunUser = await signer.createGunUser(credential.id, username, this);
+        return {
+            credential,
+            authenticator,
+            gunUser,
+            pub: credential.pub,
+            hashedCredentialId: credential.hashedCredentialId,
+        };
+    };
 };
 exports.default = webauthnChain;