ed25519 keys support and import keys new flow

.vscode/settings.json

@@ -1,6 +1,6 @@
 {
   "editor.codeActionsOnSave": {
-    "source.fixAll": true
+    "source.fixAll": "explicit"
   },
   "cSpell.words": ["Mutex", "Mutexes", "toruslabs"]
 }

src/Point.ts

@@ -19,7 +19,11 @@ class Point {
   encode(enc: string): Buffer {
     switch (enc) {
       case "arr":
-        return Buffer.concat([Buffer.from("04", "hex"), Buffer.from(this.x.toString("hex"), "hex"), Buffer.from(this.y.toString("hex"), "hex")]);
+        return Buffer.concat([
+          Buffer.from("04", "hex"),
+          Buffer.from(this.x.toString("hex", 64), "hex"),
+          Buffer.from(this.y.toString("hex", 64), "hex"),
+        ]);
       case "elliptic-compressed": {
         const key = this.ecCurve.keyFromPublic({ x: this.x.toString("hex", 64), y: this.y.toString("hex", 64) }, "hex");
         return Buffer.from(key.getPublic(true, "hex"));

src/Share.ts

@@ -19,8 +19,8 @@ class Share {
 
   toJSON(): StringifiedType {
     return {
-      share: this.share.toString("hex"),
-      shareIndex: this.shareIndex.toString("hex"),
+      share: this.share.toString("hex", 64),
+      shareIndex: this.shareIndex.toString("hex", 64),
     };
   }
 }

src/constants.ts

@@ -1,6 +1,6 @@
 export const JRPC_METHODS = {
   GET_OR_SET_KEY: "GetPubKeyOrKeyAssign",
   COMMITMENT_REQUEST: "CommitmentRequest",
-  IMPORT_SHARE: "ImportShare",
+  IMPORT_SHARES: "ImportShares",
   GET_SHARE_OR_KEY_ASSIGN: "GetShareOrKeyAssign",
 };

src/helpers/common.ts

@@ -1,7 +1,9 @@
 import { Ecies } from "@toruslabs/eccrypto";
+import { BN } from "bn.js";
 import JsonStringify from "json-stable-stringify";
 
 import { EciesHex, VerifierLookupResponse } from "../interfaces";
+import { keccak256 } from ".";
 
 // this function normalizes the result from nodes before passing the result to threshold check function
 // For ex: some fields returns by nodes might be different from each other
@@ -13,13 +15,14 @@ export const normalizeKeysResult = (result: VerifierLookupResponse) => {
     is_new_key: result.is_new_key,
   };
   if (result && result.keys && result.keys.length > 0) {
-    finalResult.keys = result.keys.map((key) => {
-      return {
-        pub_key_X: key.pub_key_X,
-        pub_key_Y: key.pub_key_Y,
-        address: key.address,
-      };
-    });
+    const finalKey = result.keys[0];
+    finalResult.keys = [
+      {
+        pub_key_X: finalKey.pub_key_X,
+        pub_key_Y: finalKey.pub_key_Y,
+        address: finalKey.address,
+      },
+    ];
   }
   return finalResult;
 };
@@ -83,3 +86,10 @@ export function encParamsHexToBuf(eciesData: Omit<EciesHex, "ciphertext">): Omit
     mac: Buffer.from(eciesData.mac, "hex"),
   };
 }
+
+export function getProxyCoordinatorEndpointIndex(endpoints: string[], verifier: string, verifierId: string) {
+  const verifierIdStr = `${verifier}${verifierId}`;
+  const hashedVerifierId = keccak256(Buffer.from(verifierIdStr, "utf8"));
+  const proxyEndpointNum = new BN(hashedVerifierId, "hex").mod(new BN(endpoints.length)).toNumber();
+  return proxyEndpointNum;
+}

src/helpers/keyUtils.ts

@@ -1,14 +1,23 @@
+import { INodePub } from "@toruslabs/constants";
+import { Ecies, encrypt } from "@toruslabs/eccrypto";
 import BN from "bn.js";
-import { ec } from "elliptic";
+import { curve, ec as EC } from "elliptic";
 import { keccak256 as keccakHash } from "ethereum-cryptography/keccak";
+import stringify from "json-stable-stringify";
 
+import { ImportedShare, KeyType } from "..";
 import log from "../loglevel";
+import { encParamsBufToHex, generateNonceMetadataParams, generateRandomPolynomial } from ".";
 
 export function keccak256(a: Buffer): string {
   const hash = Buffer.from(keccakHash(a)).toString("hex");
   return `0x${hash}`;
 }
 
+export const generatePrivateKey = (ecCurve: EC, buf: typeof Buffer): Buffer => {
+  return ecCurve.genKeyPair().getPrivate().toArrayLike(buf, "le", 32);
+};
+
 export function stripHexPrefix(str: string): string {
   return str.startsWith("0x") ? str.slice(2) : str;
 }
@@ -31,24 +40,89 @@ export function toChecksumAddress(hexAddress: string): string {
   return ret;
 }
 
-export function generateAddressFromPrivKey(ecCurve: ec, privateKey: BN): string {
+export function generateAddressFromPrivKey(ecCurve: EC, privateKey: BN): string {
   const key = ecCurve.keyFromPrivate(privateKey.toString("hex", 64), "hex");
   const publicKey = key.getPublic().encode("hex", false).slice(2);
   log.info(publicKey, "public key");
   const evmAddressLower = `0x${keccak256(Buffer.from(publicKey, "hex")).slice(64 - 38)}`;
   return toChecksumAddress(evmAddressLower);
 }
 
-export function generateAddressFromPubKey(ecCurve: ec, publicKeyX: BN, publicKeyY: BN): string {
+export function generateAddressFromPubKey(ecCurve: EC, publicKeyX: BN, publicKeyY: BN): string {
   const key = ecCurve.keyFromPublic({ x: publicKeyX.toString("hex", 64), y: publicKeyY.toString("hex", 64) });
   const publicKey = key.getPublic().encode("hex", false).slice(2);
   log.info(key.getPublic().encode("hex", false), "public key");
   const evmAddressLower = `0x${keccak256(Buffer.from(publicKey, "hex")).slice(64 - 38)}`;
   return toChecksumAddress(evmAddressLower);
 }
 
-export function getPostboxKeyFrom1OutOf1(ecCurve: ec, privKey: string, nonce: string): string {
+export function getPostboxKeyFrom1OutOf1(ecCurve: EC, privKey: string, nonce: string): string {
   const privKeyBN = new BN(privKey, 16);
   const nonceBN = new BN(nonce, 16);
   return privKeyBN.sub(nonceBN).umod(ecCurve.curve.n).toString("hex");
 }
+
+export function derivePubKey(ecCurve: EC, sk: BN): curve.base.BasePoint {
+  const skHex = sk.toString(16, 64);
+  return ecCurve.keyFromPrivate(skHex).getPublic();
+}
+
+export const encryptionEC = new EC("secp256k1");
+
+export const generateShares = async (
+  ecCurve: EC,
+  keyType: KeyType,
+  serverTimeOffset: number,
+  nodeIndexes: number[],
+  nodePubkeys: INodePub[],
+  privKey: string
+) => {
+  const key = ecCurve.keyFromPrivate(privKey.padStart(64, "0"), "hex");
+
+  const threshold = ~~(nodePubkeys.length / 2) + 1;
+  const degree = threshold - 1;
+  const nodeIndexesBn: BN[] = [];
+
+  for (const nodeIndex of nodeIndexes) {
+    nodeIndexesBn.push(new BN(nodeIndex));
+  }
+  const privKeyBn = key.getPrivate();
+  const randomNonce = new BN(generatePrivateKey(ecCurve, Buffer));
+  const oAuthKey = privKeyBn.sub(randomNonce).umod(ecCurve.curve.n);
+  const oAuthPubKey = ecCurve.keyFromPrivate(oAuthKey.toString("hex").padStart(64, "0")).getPublic();
+  const poly = generateRandomPolynomial(ecCurve, degree, oAuthKey);
+  const shares = poly.generateShares(nodeIndexesBn);
+  const nonceParams = generateNonceMetadataParams(ecCurve, serverTimeOffset, "getOrSetNonce", oAuthKey, keyType, randomNonce);
+  const nonceData = Buffer.from(stringify(nonceParams.set_data), "utf8").toString("base64");
+  const sharesData: ImportedShare[] = [];
+  const encPromises: Promise<Ecies>[] = [];
+  for (let i = 0; i < nodeIndexesBn.length; i++) {
+    const shareJson = shares[nodeIndexesBn[i].toString("hex", 64)].toJSON() as Record<string, string>;
+    if (!nodePubkeys[i]) {
+      throw new Error(`Missing node pub key for node index: ${nodeIndexesBn[i].toString("hex", 64)}`);
+    }
+    const nodePubKey = encryptionEC.keyFromPublic({ x: nodePubkeys[i].X, y: nodePubkeys[i].Y });
+    encPromises.push(
+      encrypt(Buffer.from(nodePubKey.getPublic().encodeCompressed("hex"), "hex"), Buffer.from(shareJson.share.padStart(64, "0"), "hex"))
+    );
+  }
+  const encShares = await Promise.all(encPromises);
+  for (let i = 0; i < nodeIndexesBn.length; i++) {
+    const shareJson = shares[nodeIndexesBn[i].toString("hex", 64)].toJSON() as Record<string, string>;
+    const encParams = encShares[i];
+    const encParamsMetadata = encParamsBufToHex(encParams);
+    const shareData: ImportedShare = {
+      pub_key_x: oAuthPubKey.getX().toString("hex", 64),
+      pub_key_y: oAuthPubKey.getY().toString("hex", 64),
+      encrypted_share: encParamsMetadata.ciphertext,
+      encrypted_share_metadata: encParamsMetadata,
+      node_index: Number.parseInt(shareJson.shareIndex, 16),
+      key_type: keyType,
+      nonce_data: nonceData,
+      nonce_signature: nonceParams.signature,
+    };
+    sharesData.push(shareData);
+  }
+
+  return sharesData;
+};

src/helpers/langrangeInterpolatePoly.ts

@@ -1,15 +1,15 @@
-import { generatePrivate } from "@toruslabs/eccrypto";
 import BN from "bn.js";
 import { ec as EC } from "elliptic";
 
 import Point from "../Point";
 import Polynomial from "../Polynomial";
 import Share from "../Share";
+import { generatePrivateKey } from ".";
 
-function generatePrivateExcludingIndexes(shareIndexes: BN[]): BN {
-  const key = new BN(generatePrivate());
+function generatePrivateExcludingIndexes(shareIndexes: BN[], ecCurve: EC): BN {
+  const key = new BN(generatePrivateKey(ecCurve, Buffer));
   if (shareIndexes.find((el) => el.eq(key))) {
-    return generatePrivateExcludingIndexes(shareIndexes);
+    return generatePrivateExcludingIndexes(shareIndexes, ecCurve);
   }
   return key;
 }
@@ -111,12 +111,12 @@ export function lagrangeInterpolation(ecCurve: EC, shares: BN[], nodeIndex: BN[]
 export function generateRandomPolynomial(ecCurve: EC, degree: number, secret?: BN, deterministicShares?: Share[]): Polynomial {
   let actualS = secret;
   if (!secret) {
-    actualS = generatePrivateExcludingIndexes([new BN(0)]);
+    actualS = generatePrivateExcludingIndexes([new BN(0)], ecCurve);
   }
   if (!deterministicShares) {
     const poly = [actualS];
     for (let i = 0; i < degree; i += 1) {
-      const share = generatePrivateExcludingIndexes(poly);
+      const share = generatePrivateExcludingIndexes(poly, ecCurve);
       poly.push(share);
     }
     return new Polynomial(poly, ecCurve);
@@ -133,11 +133,11 @@ export function generateRandomPolynomial(ecCurve: EC, degree: number, secret?: B
     points[share.shareIndex.toString("hex", 64)] = new Point(share.shareIndex, share.share, ecCurve);
   });
   for (let i = 0; i < degree - deterministicShares.length; i += 1) {
-    let shareIndex = generatePrivateExcludingIndexes([new BN(0)]);
+    let shareIndex = generatePrivateExcludingIndexes([new BN(0)], ecCurve);
     while (points[shareIndex.toString("hex", 64)] !== undefined) {
-      shareIndex = generatePrivateExcludingIndexes([new BN(0)]);
+      shareIndex = generatePrivateExcludingIndexes([new BN(0)], ecCurve);
     }
-    points[shareIndex.toString("hex", 64)] = new Point(shareIndex, new BN(generatePrivate()), ecCurve);
+    points[shareIndex.toString("hex", 64)] = new Point(shareIndex, new BN(generatePrivateKey(ecCurve, Buffer)), ecCurve);
   }
   points["0"] = new Point(new BN(0), actualS, ecCurve);
   return lagrangeInterpolatePolynomial(ecCurve, Object.values(points));

src/helpers/metadataUtils.ts

@@ -5,7 +5,7 @@ import { ec } from "elliptic";
 import stringify from "json-stable-stringify";
 import log from "loglevel";
 
-import { EciesHex, GetOrSetNonceResult, MetadataParams } from "../interfaces";
+import { EciesHex, GetOrSetNonceResult, KeyType, MetadataParams, NonceMetadataParams, SetNonceData } from "../interfaces";
 import { encParamsHexToBuf } from "./common";
 import { keccak256 } from "./keyUtils";
 
@@ -25,7 +25,7 @@ export async function decryptNodeData(eciesData: EciesHex, ciphertextHex: string
   return decryptedSigBuffer;
 }
 
-export function generateMetadataParams(ecCurve: ec, serverTimeOffset: number, message: string, privateKey: BN): MetadataParams {
+export function generateMetadataParams(ecCurve: ec, serverTimeOffset: number, message: string, privateKey: BN, keyType: KeyType): MetadataParams {
   const key = ecCurve.keyFromPrivate(privateKey.toString("hex", 64));
   const setData = {
     data: message,
@@ -36,6 +36,7 @@ export function generateMetadataParams(ecCurve: ec, serverTimeOffset: number, me
     pub_key_X: key.getPublic().getX().toString("hex"), // DO NOT PAD THIS. BACKEND DOESN'T
     pub_key_Y: key.getPublic().getY().toString("hex"), // DO NOT PAD THIS. BACKEND DOESN'T
     set_data: setData,
+    key_type: keyType,
     signature: Buffer.from(sig.r.toString(16, 64) + sig.s.toString(16, 64) + new BN("").toString(16, 2), "hex").toString("base64"),
   };
 }
@@ -60,6 +61,7 @@ export async function getMetadata(
 export async function getOrSetNonce(
   legacyMetadataHost: string,
   ecCurve: ec,
+  keyType: KeyType,
   serverTimeOffset: number,
   X: string,
   Y: string,
@@ -69,7 +71,7 @@ export async function getOrSetNonce(
   let data: Data;
   const msg = getOnly ? "getNonce" : "getOrSetNonce";
   if (privKey) {
-    data = generateMetadataParams(ecCurve, serverTimeOffset, msg, privKey);
+    data = generateMetadataParams(ecCurve, serverTimeOffset, msg, privKey, keyType);
   } else {
     data = {
       pub_key_X: X,
@@ -83,10 +85,38 @@ export async function getOrSetNonce(
 export async function getNonce(
   legacyMetadataHost: string,
   ecCurve: ec,
+  keyType: KeyType,
   serverTimeOffset: number,
   X: string,
   Y: string,
   privKey?: BN
 ): Promise<GetOrSetNonceResult> {
-  return getOrSetNonce(legacyMetadataHost, ecCurve, serverTimeOffset, X, Y, privKey, true);
+  return getOrSetNonce(legacyMetadataHost, ecCurve, keyType, serverTimeOffset, X, Y, privKey, true);
+}
+
+export function generateNonceMetadataParams(
+  ecCurve: ec,
+  serverTimeOffset: number,
+  operation: string,
+  privateKey: BN,
+  keyType: KeyType,
+  nonce?: BN
+): NonceMetadataParams {
+  const key = ecCurve.keyFromPrivate(privateKey.toString("hex", 64));
+  const setData: Partial<SetNonceData> = {
+    operation,
+    timestamp: new BN(~~(serverTimeOffset + Date.now() / 1000)).toString(16),
+  };
+
+  if (nonce) {
+    setData.data = nonce.toString("hex", 64);
+  }
+  const sig = key.sign(keccak256(Buffer.from(stringify(setData), "utf8")).slice(2));
+  return {
+    pub_key_X: key.getPublic().getX().toString("hex", 64),
+    pub_key_Y: key.getPublic().getY().toString("hex", 64),
+    set_data: setData,
+    key_type: keyType,
+    signature: Buffer.from(sig.r.toString(16, 64) + sig.s.toString(16, 64) + new BN("").toString(16, 2), "hex").toString("base64"),
+  };
 }