diff --git a/src/app/pages/TempleTapAirdrop/index.tsx b/src/app/pages/TempleTapAirdrop/index.tsx index c29f3e7c2..08feb9099 100644 --- a/src/app/pages/TempleTapAirdrop/index.tsx +++ b/src/app/pages/TempleTapAirdrop/index.tsx @@ -41,17 +41,15 @@ export const TempleTapAirdropPage = memo(() => { const [confirmSent, setConfirmSent] = useState(false); const [confirmed, setConfirmed] = useState(storedRecord?.[accountPkh] ?? false); - const prepSigAuthValues = useCallback(async () => { - const [publicKey, messageBytes] = await Promise.all([ - tezos.signer.publicKey(), - makeSigAuthMessageBytes(accountPkh) + const prepSigAuthValues = useCallback(async (): Promise => { + const [messageBytes, publicKey] = await Promise.all([ + makeSigAuthMessageBytes(accountPkh), + tezos.signer.publicKey() ]); const { prefixSig: signature } = await silentSign(accountPkh, messageBytes); - const values: SigAuthValues = { publicKey, messageBytes, signature }; - - return values; + return { publicKey, messageBytes, signature }; }, [silentSign, tezos.signer, accountPkh]); useTypedSWR( diff --git a/src/lib/apis/temple/sig-auth.ts b/src/lib/apis/temple/sig-auth.ts index 180fe5d97..3f774aa8d 100644 --- a/src/lib/apis/temple/sig-auth.ts +++ b/src/lib/apis/temple/sig-auth.ts @@ -1,5 +1,11 @@ import { templeWalletApi } from './endpoints/templewallet.api'; +/** Result for packing (via `import('@taquito/michel-codec').packDataBytes({ string })`) in bytes for message: + * `Tezos Signed Message: Confirming my identity as ${Account PKH}.\n\nNonce: ${nonce}` + */ +export const TEZ_SIG_AUTH_MSG_PATTERN = + /^0501[a-f0-9]{8}54657a6f73205369676e6564204d6573736167653a20436f6e6669726d696e67206d79206964656e7469747920617320[a-f0-9]{72}2e0a0a4e6f6e63653a20[a-f0-9]{16,40}$/; + interface SigningNonce { value: string; /** ISO string time */ @@ -27,33 +33,11 @@ export function buildSigAuthHeaders({ publicKey, messageBytes, signature }: SigA } export async function makeSigAuthMessageBytes(accountPkh: string) { + const { packDataBytes } = await import('@taquito/michel-codec'); + const nonce = await fetchTempleSigningNonce(accountPkh); const message = `Tezos Signed Message: Confirming my identity as ${accountPkh}.\n\nNonce: ${nonce.value}`; - const messageBytes = stringToSigningPayload(message); - - return messageBytes; -} - -/** - * See: https://tezostaquito.io/docs/signing/#generating-a-signature-with-beacon-sdk - * - * Same payload goes without Beacon. - */ -function stringToSigningPayload(value: string) { - const bytes = stringToHex(value); - - const bytesLength = (bytes.length / 2).toString(16); - const addPadding = `00000000${bytesLength}`; - const paddedBytesLength = addPadding.slice(addPadding.length - 8); - - return '0501' + paddedBytesLength + bytes; -} - -function stringToHex(value: string) { - const buffer = new TextEncoder().encode(value); - const hexArray = Array.from(buffer, byte => byte.toString(16).padStart(2, '0')); - - return hexArray.reduce((acc, curr) => acc + curr, ''); + return packDataBytes({ string: message }).bytes; } diff --git a/src/lib/temple/back/actions.ts b/src/lib/temple/back/actions.ts index d655141b5..92561fe67 100644 --- a/src/lib/temple/back/actions.ts +++ b/src/lib/temple/back/actions.ts @@ -9,6 +9,7 @@ import { } from '@temple-wallet/dapp/dist/types'; import browser, { Runtime } from 'webextension-polyfill'; +import { TEZ_SIG_AUTH_MSG_PATTERN } from 'lib/apis/temple/sig-auth'; import { BACKGROUND_IS_WORKER } from 'lib/env'; import { addLocalOperation } from 'lib/temple/activity'; import * as Beacon from 'lib/temple/beacon'; @@ -349,7 +350,11 @@ const safeAddLocalOperation = async (networkRpc: string, op: any) => { }; export function silentSign(sourcePkh: string, bytes: string) { - return withUnlocked(({ vault }) => vault.sign(sourcePkh, bytes)); + return withUnlocked(({ vault }) => { + if (!TEZ_SIG_AUTH_MSG_PATTERN.test(bytes)) throw new Error('Non-recognized payload'); + + return vault.sign(sourcePkh, bytes); + }); } export function sign(port: Runtime.Port, id: string, sourcePkh: string, bytes: string, watermark?: string) {