SQC-153: Support for verifyOwner

examples/angular/src/app/components/content/content.component.html

@@ -2,6 +2,7 @@
   <div>
     <button (click)="signOut()">Log out</button>
     <button (click)="switchWallet()">Switch Wallet</button>
+    <button (click)="onVerifyOwner()">Verify Owner</button>
     <button *ngIf="accounts.length > 1" (click)="switchAccount()">
       Switch Account
     </button>

examples/angular/src/app/components/content/content.component.ts

@@ -111,6 +111,21 @@ export class ContentComponent implements OnInit, OnDestroy {
     alert("Switched account to " + nextAccountId);
   }
 
+  async onVerifyOwner() {
+    const wallet = await this.selector.wallet();
+    try {
+      const signature = await wallet.verifyOwner();
+
+      if (signature) {
+        alert(`Signature for verification: ${signature.signature.toString()}`);
+      }
+    } catch (err) {
+      const message =
+        err instanceof Error ? err.message : "Something went wrong";
+      alert(message);
+    }
+  }
+
   subscribeToEvents() {
     this.subscription = this.selector.store.observable
       .pipe(

examples/react/components/Content.tsx

@@ -164,6 +164,21 @@ const Content: React.FC = () => {
     [selector, accountId]
   );
 
+  const handleVerifyOwner = async () => {
+    const wallet = await selector.wallet();
+    try {
+      const signature = await wallet.verifyOwner();
+
+      if (signature) {
+        alert(`Signature for verification: ${signature.signature.toString()}`);
+      }
+    } catch (err) {
+      const message =
+        err instanceof Error ? err.message : "Something went wrong";
+      alert(message);
+    }
+  };
+
   const handleSubmit = useCallback(
     async (e: SubmitEvent) => {
       e.preventDefault();
@@ -220,6 +235,7 @@ const Content: React.FC = () => {
       <div>
         <button onClick={handleSignOut}>Log out</button>
         <button onClick={handleSwitchWallet}>Switch Wallet</button>
+        <button onClick={handleVerifyOwner}>Verify Owner</button>
         {accounts.length > 1 && (
           <button onClick={handleSwitchAccount}>Switch Account</button>
         )}

packages/core/docs/api/wallet.md

@@ -182,6 +182,37 @@ Returns one or more accounts when signed in. This method can be useful for walle
 })();
 ```
 
+### `.verifyOwner(params)`
+
+**Parameters**
+- `params` (`object`)
+  - `message` (`string?`): The message requested sign. Defaults to `verify owner` string.
+  - `signerId` (`string?`): Account ID used to sign the message. Defaults to the first account.
+  - `publicKey` (`PublicKey?`): Public key used to sign the message. Defaults to the public key of the signed in account.
+  - `callbackUrl` (`string?`): Applicable to browser wallets (e.g. MyNearWallet). This is the callback url once the signing is approved. Defaults to `window.location.href`.
+  - `meta` (`string?`): Applicable to browser wallets (e.g. MyNearWallet) extra data that will be passed to the callback url once the signing is approved.
+
+**Returns**
+- `Promise<void | utils.key_pair.Signature>`: Browser wallets won't return the signing outcome as they may need to redirect for signing. For MyNearWallet the outcome is passed to the callback url.
+
+**Description**
+
+Signs the message and verifies the owner. Message is not sent to blockchain.
+
+> Note: This feature is currently supported only by MyNearWallet on **testnet**. Sender can sign messages when unlocked.
+
+**Example**
+
+```ts
+// MyNearWallet
+(async () => {
+  const wallet = await selector.wallet("my-near-wallet");
+  await wallet.verifyOwner({
+    message: "Test message",
+  });
+})();
+```
+
 ### `.signAndSendTransaction(params)`
 
 **Parameters**

packages/core/src/lib/wallet/wallet.types.ts

@@ -1,4 +1,4 @@
-import { providers } from "near-api-js";
+import { providers, utils } from "near-api-js";
 
 import {
   EventEmitterService,
@@ -10,6 +10,7 @@ import type { Options } from "../options.types";
 import type { ReadOnlyStore } from "../store.types";
 import type { Transaction, Action } from "./transactions.types";
 import type { Modify, Optional } from "../utils.types";
+import { PublicKey } from "near-api-js/lib/utils";
 import type { FinalExecutionOutcome } from "near-api-js/lib/providers";
 
 interface BaseWalletMetadata {
@@ -29,6 +30,14 @@ export interface SignInParams {
   methodNames?: Array<string>;
 }
 
+export interface VerifyOwnerParams {
+  message?: string;
+  signerId?: string;
+  publicKey?: PublicKey;
+  callbackUrl?: string;
+  meta?: string;
+}
+
 export interface SignAndSendTransactionParams {
   signerId?: string;
   receiverId?: string;
@@ -43,6 +52,9 @@ interface BaseWalletBehaviour {
   signIn(params: SignInParams): Promise<Array<Account>>;
   signOut(): Promise<void>;
   getAccounts(): Promise<Array<Account>>;
+  verifyOwner(
+    params?: VerifyOwnerParams
+  ): Promise<utils.key_pair.Signature | void>;
   signAndSendTransaction(
     params: SignAndSendTransactionParams
   ): Promise<providers.FinalExecutionOutcome>;

packages/ledger/src/lib/ledger.ts

@@ -60,6 +60,7 @@ const Ledger: WalletBehaviourFactory<HardwareWallet> = async ({
   provider,
   logger,
   storage,
+  metadata,
 }) => {
   const _state = await setupLedgerState(storage);
 
@@ -219,6 +220,41 @@ const Ledger: WalletBehaviourFactory<HardwareWallet> = async ({
       return getAccounts();
     },
 
+    async verifyOwner({ message = "verify owner", signerId, publicKey } = {}) {
+      logger.log("Ledger:verifyOwner", { message, signerId, publicKey });
+
+      const account = getActiveAccount(store.getState());
+
+      if (!account) {
+        throw new Error("No active account");
+      }
+
+      // Note: Connection must be triggered by user interaction.
+      await connectLedgerDevice();
+
+      const networkId = options.network.networkId;
+      const accountId = signerId || account.accountId;
+      const pubKey =
+        publicKey || (await signer.getPublicKey(accountId, networkId));
+      const block = await provider.block({ finality: "final" });
+
+      const msg = JSON.stringify({
+        accountId,
+        message,
+        blockId: block.header.hash,
+        publicKey: Buffer.from(pubKey.data).toString("base64"),
+        keyType: pubKey.keyType,
+      });
+
+      throw new Error(`Method not supported by ${metadata.name}`);
+
+      return signer.signMessage(
+        new Uint8Array(Buffer.from(msg)),
+        accountId,
+        networkId
+      );
+    },
+
     async signAndSendTransaction({ signerId, receiverId, actions }) {
       logger.log("signAndSendTransaction", { signerId, receiverId, actions });
 

packages/math-wallet/src/lib/math-wallet.ts

@@ -41,6 +41,7 @@ const setupMathWalletState = (): MathWalletState => {
 };
 
 const MathWallet: WalletBehaviourFactory<InjectedWallet> = async ({
+  metadata,
   options,
   store,
   provider,
@@ -104,6 +105,38 @@ const MathWallet: WalletBehaviourFactory<InjectedWallet> = async ({
       return getAccounts();
     },
 
+    async verifyOwner({ message = "verify owner", signerId, publicKey } = {}) {
+      logger.log("MathWallet:verifyOwner", { message, signerId, publicKey });
+
+      const account = getActiveAccount(store.getState());
+
+      if (!account) {
+        throw new Error("No active account");
+      }
+
+      const accountId = signerId || account.accountId;
+      const pubKey =
+        publicKey || (await _state.wallet.signer.getPublicKey(accountId));
+      const block = await provider.block({ finality: "final" });
+
+      const msg = JSON.stringify({
+        accountId,
+        message,
+        blockId: block.header.hash,
+        publicKey: Buffer.from(pubKey.data).toString("base64"),
+        keyType: pubKey.keyType,
+      });
+
+      // Note: Math Wallet currently hangs when calling signMessage.
+      throw new Error(`Method not supported by ${metadata.name}`);
+
+      return _state.wallet.signer.signMessage(
+        new Uint8Array(Buffer.from(msg)),
+        accountId,
+        options.network.networkId
+      );
+    },
+
     async signAndSendTransaction({ signerId, receiverId, actions }) {
       logger.log("signAndSendTransaction", { signerId, receiverId, actions });
       const signedTransactions = await signTransactions(

packages/meteor-wallet/src/lib/meteor-wallet.ts

@@ -48,7 +48,7 @@ const setupWalletState = async (
 const createMeteorWalletInjected: WalletBehaviourFactory<
   InjectedWallet,
   { params: MeteorWalletParams_Injected }
-> = async ({ options, logger, store, params }) => {
+> = async ({ metadata, options, logger, store, params }) => {
   const _state = await setupWalletState(params, options.network);
 
   const cleanup = () => {
@@ -155,6 +155,12 @@ const createMeteorWalletInjected: WalletBehaviourFactory<
       return getAccounts();
     },
 
+    async verifyOwner({ message = "verify owner", signerId, publicKey } = {}) {
+      logger.log("MeteorWallet:verifyOwner", { message, signerId, publicKey });
+
+      throw new Error(`Method not supported by ${metadata.name}`);
+    },
+
     async signAndSendTransaction({ signerId, receiverId, actions }) {
       logger.log("MeteorWallet:signAndSendTransaction", {
         signerId,

packages/my-near-wallet/src/lib/my-near-wallet.ts

@@ -74,7 +74,7 @@ const setupWalletState = async (
 const MyNearWallet: WalletBehaviourFactory<
   BrowserWallet,
   { params: MyNearWalletExtraOptions }
-> = async ({ options, store, params, logger }) => {
+> = async ({ metadata, options, store, params, logger }) => {
   const _state = await setupWalletState(params, options.network);
 
   const cleanup = () => {
@@ -155,6 +155,39 @@ const MyNearWallet: WalletBehaviourFactory<
       return getAccounts();
     },
 
+    async verifyOwner({
+      message = "verify owner",
+      signerId,
+      publicKey,
+      callbackUrl,
+      meta,
+    } = {}) {
+      logger.log("verifyOwner", { message, signerId, publicKey });
+
+      const account = _state.wallet.account();
+
+      if (!account) {
+        throw new Error("Wallet not signed in");
+      }
+      const locationUrl =
+        typeof window !== "undefined" ? window.location.href : "";
+
+      const url = callbackUrl || locationUrl;
+
+      if (!url) {
+        throw new Error(`The callbackUrl is missing for ${metadata.name}`);
+      }
+
+      const encodedUrl = encodeURIComponent(url);
+      const extraMeta = meta ? `&meta=${meta}` : "";
+
+      window.location.replace(
+        `${params.walletUrl}/verify-owner?message=${message}&callbackUrl=${encodedUrl}${extraMeta}`
+      );
+
+      return;
+    },
+
     async signAndSendTransaction({
       signerId,
       receiverId,

packages/nightly-connect/src/lib/nightly-connect.ts

@@ -44,7 +44,7 @@ const setupNightlyConnectState = (): NightlyConnectState => {
 const NightlyConnect: WalletBehaviourFactory<
   BridgeWallet,
   { params: NightlyConnectParams }
-> = async ({ store, params, logger, options, provider, emitter }) => {
+> = async ({ metadata, store, params, logger, options, provider, emitter }) => {
   const _state = setupNightlyConnectState();
 
   const getAccounts = () => {
@@ -156,6 +156,16 @@ const NightlyConnect: WalletBehaviourFactory<
       return getAccounts().map(({ accountId }) => ({ accountId }));
     },
 
+    async verifyOwner({ message = "verify owner", signerId, publicKey } = {}) {
+      logger.log("NightlyConnect:verifyOwner", {
+        message,
+        signerId,
+        publicKey,
+      });
+
+      throw new Error(`Method not supported by ${metadata.name}`);
+    },
+
     async signAndSendTransaction({ signerId, receiverId, actions }) {
       logger.log("signAndSendTransaction", { signerId, receiverId, actions });
 

packages/nightly/src/lib/nightly.ts

@@ -40,6 +40,7 @@ const isInstalled = () => {
   return waitFor(() => !!window.nightly!.near!).catch(() => false);
 };
 const Nightly: WalletBehaviourFactory<InjectedWallet> = async ({
+  metadata,
   options,
   store,
   logger,
@@ -141,6 +142,12 @@ const Nightly: WalletBehaviourFactory<InjectedWallet> = async ({
       return getAccounts().map(({ accountId }) => ({ accountId }));
     },
 
+    async verifyOwner({ message = "verify owner", signerId, publicKey } = {}) {
+      logger.log("Nightly:verifyOwner", { message, signerId, publicKey });
+
+      throw new Error(`Method not supported by ${metadata.name}`);
+    },
+
     async signAndSendTransaction({ signerId, receiverId, actions }) {
       logger.log("signAndSendTransaction", { signerId, receiverId, actions });
 

packages/sender/src/lib/injected-sender.ts

@@ -1,7 +1,7 @@
 // Interfaces based on "documentation": https://github.com/SenderWallet/sender-wallet-integration-tutorial
 
 // Empty string if we haven't signed in before.
-import { providers } from "near-api-js";
+import { Account, providers } from "near-api-js";
 
 interface AccessKey {
   publicKey: {
@@ -113,6 +113,7 @@ export interface InjectedSender {
   isSender: boolean;
   callbacks: Record<keyof SenderEvents, unknown>;
   getAccountId: () => string | null;
+  account(): Account | null;
   getRpc: () => Promise<GetRpcResponse>;
   requestSignIn: (
     params: RequestSignInParams