Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove wallet extension endpoints #1641

Merged
merged 4 commits into from
Mar 25, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion contracts/hardhat.config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import 'hardhat-deploy';
// Hardhat ignore warnings plugin - https://www.npmjs.com/package/hardhat-ignore-warnings
import 'hardhat-ignore-warnings';

import './tasks/wallet-extension';
import * as abigen from './tasks/abigen';
import './tasks/obscuro-deploy';

Expand Down
74 changes: 0 additions & 74 deletions contracts/tasks/wallet-extension.ts

This file was deleted.

83 changes: 83 additions & 0 deletions integration/obscurogateway/tengateway_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,16 @@ import (
"context"
"encoding/json"
"fmt"
"io"
"math/big"
"net/http"
"strings"
"testing"
"time"

"github.com/go-kit/kit/transport/http/jsonrpc"
"github.com/ten-protocol/go-ten/go/rpc"

log2 "github.com/ten-protocol/go-ten/go/common/log"

"github.com/ethereum/go-ethereum"
Expand Down Expand Up @@ -102,6 +106,8 @@ func TestTenGateway(t *testing.T) {
"testClosingConnectionWhileSubscribed": testClosingConnectionWhileSubscribed,
"testSubscriptionTopics": testSubscriptionTopics,
"testDifferentMessagesOnRegister": testDifferentMessagesOnRegister,
"testInvokeNonSensitiveMethod": testInvokeNonSensitiveMethod,
"testGetStorageAtForReturningUserID": testGetStorageAtForReturningUserID,
} {
t.Run(name, func(t *testing.T) {
test(t, httpURL, wsURL, w)
Expand Down Expand Up @@ -620,6 +626,83 @@ func testDifferentMessagesOnRegister(t *testing.T, httpURL, wsURL string, w wall
require.NoError(t, err)
}

func testInvokeNonSensitiveMethod(t *testing.T, httpURL, wsURL string, w wallet.Wallet) {
user, err := NewUser([]wallet.Wallet{w}, httpURL, wsURL)
require.NoError(t, err)

// call one of the non-sensitive methods with unauthenticated user
// and make sure gateway is not complaining about not having viewing keys
respBody := makeHTTPEthJSONReq(httpURL, rpc.ChainID, user.tgClient.UserID(), nil)
if strings.Contains(string(respBody), fmt.Sprintf("method %s cannot be called with an unauthorised client - no signed viewing keys found", rpc.ChainID)) {
t.Errorf("sensitive method called without authenticating viewingkeys and did fail because of it: %s", rpc.ChainID)
}
}

func testGetStorageAtForReturningUserID(t *testing.T, httpURL, wsURL string, w wallet.Wallet) {
user, err := NewUser([]wallet.Wallet{w}, httpURL, wsURL)
require.NoError(t, err)

type JSONResponse struct {
Result string `json:"result"`
}
var response JSONResponse

// make a request to GetStorageAt with correct parameters to get userID that exists in the database
respBody := makeHTTPEthJSONReq(httpURL, rpc.GetStorageAt, user.tgClient.UserID(), []interface{}{"getUserID", "0", nil})
if err = json.Unmarshal(respBody, &response); err != nil {
t.Error("Unable to unmarshal response")
}
if response.Result != user.tgClient.UserID() {
t.Errorf("Wrong UserID returned. Expected: %s, received: %s", user.tgClient.UserID(), response.Result)
}

// make a request to GetStorageAt with correct parameters to get userID, but with wrong userID
respBody2 := makeHTTPEthJSONReq(httpURL, rpc.GetStorageAt, "invalid_user_id", []interface{}{"getUserID", "0", nil})
if !strings.Contains(string(respBody2), "method eth_getStorageAt cannot be called with an unauthorised client - no signed viewing keys found") {
t.Error("eth_getStorageAt did not respond with error: method eth_getStorageAt cannot be called with an unauthorised client - no signed viewing keys found")
}

// make a request to GetStorageAt with wrong parameters to get userID, but correct userID
respBody3 := makeHTTPEthJSONReq(httpURL, rpc.GetStorageAt, user.tgClient.UserID(), []interface{}{"abc", "0", nil})
if !strings.Contains(string(respBody3), "method eth_getStorageAt cannot be called with an unauthorised client - no signed viewing keys found") {
t.Error("eth_getStorageAt did not respond with error: no signed viewing keys found")
}
}

func makeRequestHTTP(url string, body []byte) []byte {
generateViewingKeyBody := bytes.NewBuffer(body)
resp, err := http.Post(url, "application/json", generateViewingKeyBody) //nolint:noctx,gosec
if resp != nil && resp.Body != nil {
defer resp.Body.Close()
}
if err != nil {
panic(err)
}
viewingKey, err := io.ReadAll(resp.Body)
if err != nil {
panic(err)
}
return viewingKey
}

func makeHTTPEthJSONReq(url string, method string, userID string, params interface{}) []byte {
reqBody := prepareRequestBody(method, params)
return makeRequestHTTP(fmt.Sprintf("%s/v1/?token=%s", url, userID), reqBody)
}

func prepareRequestBody(method string, params interface{}) []byte {
reqBodyBytes, err := json.Marshal(map[string]interface{}{
wecommon.JSONKeyRPCVersion: jsonrpc.Version,
wecommon.JSONKeyMethod: method,
wecommon.JSONKeyParams: params,
wecommon.JSONKeyID: "1",
})
if err != nil {
panic(fmt.Errorf("failed to prepare request body. Cause: %w", err))
}
return reqBodyBytes
}

func transferRandomAddr(t *testing.T, client *ethclient.Client, w wallet.Wallet) common.TxHash { //nolint: unused
ctx := context.Background()
toAddr := datagenerator.RandomAddress()
Expand Down
83 changes: 0 additions & 83 deletions tools/walletextension/api/routes.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,6 @@ import (
"github.com/ten-protocol/go-ten/tools/walletextension"
"github.com/ten-protocol/go-ten/tools/walletextension/common"
"github.com/ten-protocol/go-ten/tools/walletextension/userconn"

gethcommon "github.com/ethereum/go-ethereum/common"
)

// NewHTTPRoutes returns the http specific routes
Expand All @@ -31,14 +29,6 @@ func NewHTTPRoutes(walletExt *walletextension.WalletExtension) []node.Route {
Name: common.PathReady,
Func: httpHandler(walletExt, readyRequestHandler),
},
{
Name: common.PathGenerateViewingKey,
Func: httpHandler(walletExt, generateViewingKeyRequestHandler),
},
{
Name: common.PathSubmitViewingKey,
Func: httpHandler(walletExt, submitViewingKeyRequestHandler),
},
{
Name: common.APIVersion1 + common.PathJoin,
Func: httpHandler(walletExt, joinRequestHandler),
Expand Down Expand Up @@ -106,15 +96,6 @@ func NewWSRoutes(walletExt *walletextension.WalletExtension) []node.Route {
Name: common.PathReady,
Func: wsHandler(walletExt, readyRequestHandler),
},
{
Name: common.PathGenerateViewingKey,
Func: wsHandler(walletExt, generateViewingKeyRequestHandler),
},

{
Name: common.PathSubmitViewingKey,
Func: wsHandler(walletExt, submitViewingKeyRequestHandler),
},
}
}

Expand Down Expand Up @@ -198,70 +179,6 @@ func ethRequestHandler(walletExt *walletextension.WalletExtension, conn userconn
// readyRequestHandler is used to check whether the server is ready
func readyRequestHandler(_ *walletextension.WalletExtension, _ userconn.UserConn) {}

// generateViewingKeyRequestHandler parses the gen vk request
func generateViewingKeyRequestHandler(walletExt *walletextension.WalletExtension, conn userconn.UserConn) {
body, err := conn.ReadRequest()
if err != nil {
handleError(conn, walletExt.Logger(), fmt.Errorf("error reading request: %w", err))
return
}

var reqJSONMap map[string]string
err = json.Unmarshal(body, &reqJSONMap)
if err != nil {
handleError(conn, walletExt.Logger(), fmt.Errorf("could not unmarshal address request - %w", err))
return
}

address := gethcommon.HexToAddress(reqJSONMap[common.JSONKeyAddress])

pubViewingKey, err := walletExt.GenerateViewingKey(address)
if err != nil {
handleError(conn, walletExt.Logger(), fmt.Errorf("unable to generate vieweing key - %w", err))
return
}

err = conn.WriteResponse([]byte(pubViewingKey))
if err != nil {
walletExt.Logger().Error("error writing success response", log.ErrKey, err)
}
}

// submitViewingKeyRequestHandler submits the viewing key and signed bytes to the WE
func submitViewingKeyRequestHandler(walletExt *walletextension.WalletExtension, conn userconn.UserConn) {
body, err := conn.ReadRequest()
if err != nil {
handleError(conn, walletExt.Logger(), fmt.Errorf("error reading request: %w", err))
return
}

var reqJSONMap map[string]string
err = json.Unmarshal(body, &reqJSONMap)
if err != nil {
handleError(conn, walletExt.Logger(), fmt.Errorf("could not unmarshal address request - %w", err))
return
}
accAddress := gethcommon.HexToAddress(reqJSONMap[common.JSONKeyAddress])

signature, err := hex.DecodeString(reqJSONMap[common.JSONKeySignature][2:])
if err != nil {
handleError(conn, walletExt.Logger(), fmt.Errorf("could not decode signature from client to hex - %w", err))
return
}

err = walletExt.SubmitViewingKey(accAddress, signature)
if err != nil {
handleError(conn, walletExt.Logger(), fmt.Errorf("could not submit viewing key - %w", err))
return
}

err = conn.WriteResponse([]byte(common.SuccessMsg))
if err != nil {
walletExt.Logger().Error("error writing success response", log.ErrKey, err)
return
}
}

// This function handles request to /join endpoint. It is responsible to create new user (new key-pair) and store it to the db
func joinRequestHandler(walletExt *walletextension.WalletExtension, conn userconn.UserConn) {
// todo (@ziga) add protection against DDOS attacks
Expand Down
Loading
Loading