-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathwebBlindingClient.ts
52 lines (45 loc) · 1.72 KB
/
webBlindingClient.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
import { BlsBlindingClient } from '@celo/identity/lib/odis/bls-blinding-client'
import thresholdBls from 'blind-threshold-bls'
import { randomBytes } from 'crypto'
interface BlindedMessage {
blindingFactor: Uint8Array
message: Uint8Array
}
export class WebBlsBlindingClient implements BlsBlindingClient {
private odisPubKey: Uint8Array
private blindedValue: BlindedMessage | undefined
private rawMessage: Buffer | undefined
constructor(odisPubKey: string) {
this.odisPubKey = Buffer.from(odisPubKey, 'base64')
this.init()
}
async init() {
// @ts-ignore
await thresholdBls.init('/blind_threshold_bls_bg.wasm')
}
async blindMessage(base64PhoneNumber: string, seed?: Buffer): Promise<string> {
const userSeed = seed ?? randomBytes(32)
if (!seed) {
console.warn(
'Warning: Use a private deterministic seed (e.g. DEK private key) to preserve user quota when requests are replayed.',
)
}
this.rawMessage = Buffer.from(base64PhoneNumber, 'base64')
this.blindedValue = await thresholdBls.blind(this.rawMessage, userSeed)
const blindedMessage = this.blindedValue.message
return Buffer.from(blindedMessage).toString('base64')
}
async unblindAndVerifyMessage(base64BlindSig: string): Promise<string> {
if (!this.rawMessage || !this.blindedValue) {
throw new Error('Must call blind before unblinding')
}
const blindedSignature = Buffer.from(base64BlindSig, 'base64')
const unblindMessage = await thresholdBls.unblind(
blindedSignature,
this.blindedValue.blindingFactor,
)
// this throws on error
await thresholdBls.verify(this.odisPubKey, this.rawMessage, unblindMessage)
return Buffer.from(unblindMessage).toString('base64')
}
}