Merge pull request #10 from dapperlabs/pivot-to-1271

Pivot to ERC-1271 from ERC-725

Author: pazams

Diff for: ABIs/ERC1271.js

@@ -0,0 +1,27 @@
+/* eslint-disable */
+
+module.exports = [
+  {
+    constant: true,
+    inputs: [
+      {
+        name: 'hash',
+        type: 'bytes32',
+      },
+      {
+        name: '_signature',
+        type: 'bytes',
+      },
+    ],
+    name: 'isValidSignature',
+    outputs: [
+      {
+        name: 'magicValue',
+        type: 'bytes4',
+      },
+    ],
+    payable: false,
+    stateMutability: 'view',
+    type: 'function',
+  },
+];

Diff for: ABIs/ERC165.js

@@ -1,18 +1,16 @@
 const Web3 = require('web3');
 const ethUtil = require('ethereumjs-util');
-const erc165 = require('./ABIs/ERC165');
-const erc725Core = require('./ABIs/ERC725Core');
+const ERC1271 = require('./ABIs/ERC1271');
 
-const ERC725_CORE_INTERFACE_ID = '0xd202158d';
-const ERC725_INTERFACE_ID = '0xdc3d2a7b';
-const ERC725_ACTION_PURPOSE = 2;
+// bytes4(keccak256("isValidSignature(bytes32,bytes)")
+const ERC1271_MAGIC_VALUE = '0x1626ba7e';
 
 module.exports = class DappAuth {
   constructor(web3Provider) {
     this.web3 = new Web3(web3Provider);
   }
 
-  async isSignerActionableOnAddress(challenge, signature, address) {
+  async isAuthorizedSigner(challenge, signature, address) {
     const challengeHash = ethUtil.hashPersonalMessage(
       ethUtil.toBuffer(challenge),
     );
@@ -31,44 +29,12 @@ module.exports = class DappAuth {
     }
 
     // try smart-contract wallet
-    const isSupportedContract = await this._isSupportedContract(address);
-    if (!isSupportedContract) {
-      return false;
-    }
-    return this._keyHasActionPurpose(address, recoveredKey);
-  }
-
-  async _keyHasActionPurpose(contractAddr, key) {
-    const erc725CoreContract = new this.web3.eth.Contract(
-      erc725Core,
-      contractAddr,
-    );
-    const keyHash = ethUtil.keccak(key);
-
-    return erc725CoreContract.methods
-      .keyHasPurpose(keyHash, ERC725_ACTION_PURPOSE)
-      .call();
-  }
-
-  async _isSupportedContract(contractAddr) {
-    const erc165Contract = new this.web3.eth.Contract(erc165, contractAddr);
+    const erc1271CoreContract = new this.web3.eth.Contract(ERC1271, address);
 
-    const isSupportsERC725CoreInterface = await erc165Contract.methods
-      .supportsInterface(ERC725_CORE_INTERFACE_ID)
+    const magicValue = await erc1271CoreContract.methods
+      .isValidSignature(ethUtil.keccak(challenge), signature) // we send just a regular hash, which then the smart contract hashes ontop to an erc191 hash
       .call();
 
-    if (isSupportsERC725CoreInterface) {
-      return true;
-    }
-
-    const isSupportsERC725Interface = await erc165Contract.methods
-      .supportsInterface(ERC725_INTERFACE_ID)
-      .call();
-
-    if (isSupportsERC725Interface) {
-      return true;
-    }
-
-    return false;
+    return magicValue === ERC1271_MAGIC_VALUE;
   }
 };

Diff for: ABIs/ERC725Core.js

@@ -20,7 +20,9 @@
   "license": "MIT",
   "dependencies": {
     "ethereumjs-util": "^6.0.0",
-    "web3": "^1.0.0-beta.36"
+    "web3": "^1.0.0-beta.36",
+    "ethereumjs-abi": "^0.6.6",
+    "safe-buffer": "^5.1.2"
   },
   "devDependencies": {
     "babel-eslint": "^8.0.1",

Diff for: index.js

@@ -1,63 +1,61 @@
 const ethUtil = require('ethereumjs-util');
+const ethAbi = require('ethereumjs-abi');
+const Buffer = require('safe-buffer').Buffer;
+const utils = require('./utils');
 
-const erc725CoreInterfaceID = '0xd202158d';
-const erc725InterfaceID = '0xdc3d2a7b';
+// bytes4(keccak256("isValidSignature(bytes32,bytes)")
+const ERC1271_METHOD_SIG = '1626ba7e';
 
 module.exports = class MockContract {
   constructor(options) {
-    this.isSupportsERC725CoreInterface = options.isSupportsERC725CoreInterface;
-    this.isSupportsERC725Interface = options.isSupportsERC725Interface;
-    this.actionableKey = options.actionableKey;
-    this.errorOnIsSupportedContract = options.errorOnIsSupportedContract;
-    this.errorOnKeyHasPurpose = options.errorOnKeyHasPurpose;
+    this.authorizedKey = options.authorizedKey;
+    this.address = options.address;
+    this.errorIsValidSignature = options.errorIsValidSignature;
   }
 
   static _true() {
-    return '0x0000000000000000000000000000000000000000000000000000000000000001';
+    return `0x${ERC1271_METHOD_SIG}00000000000000000000000000000000000000000000000000000000`; // a.k.a the "magic value".
   }
 
   static _false(callback) {
     return '0x0000000000000000000000000000000000000000000000000000000000000000';
   }
 
+  // @param {String} methodCall
+  // @param {String} methodParams
+  // @return {String}
   run(methodCall, methodParams) {
     switch (methodCall) {
-      case '01ffc9a7':
-        return this._01ffc9a7(`0x${methodParams.substring(0, 4 * 2)}`);
-      case 'd202158d':
-        return this._d202158d(`0x${methodParams.substring(0, 32 * 2)}`);
+      case ERC1271_METHOD_SIG:
+        const [hash, signature] = ethAbi.rawDecode(
+          ['bytes32', 'bytes'],
+          Buffer.from(methodParams, 'hex'),
+        );
+
+        return this._1626ba7e(hash, signature);
       default:
         throw new Error(`Unexpected method ${methodCall}`);
     }
   }
 
-  // "isSupportedContract" method call
-  _01ffc9a7(interfaceID) {
-    if (this.errorOnIsSupportedContract) {
-      throw new Error('isSupportedContract call returned an error');
-    }
-
-    if (
-      this.isSupportsERC725CoreInterface &&
-      interfaceID === erc725CoreInterfaceID
-    ) {
-      return MockContract._true();
-    }
-
-    if (this.isSupportsERC725Interface && interfaceID === erc725InterfaceID) {
-      return MockContract._true();
+  // "isValidSignature" method call
+  // @param {Buffer} hash
+  // @param {Buffer} signature
+  // @return {String}
+  _1626ba7e(hash, signature) {
+    if (this.errorIsValidSignature) {
+      throw new Error('isValidSignature call returned an error');
     }
 
-    return MockContract._false();
-  }
+    // Get the address of whoever signed this message
+    const { v, r, s } = ethUtil.fromRpcSig(signature);
+    const erc191MessageHash = utils.erc191MessageHash(hash, this.address);
+    const recoveredKey = ethUtil.ecrecover(erc191MessageHash, v, r, s);
+    const recoveredAddress = ethUtil.publicToAddress(recoveredKey);
 
-  // "keyHasPurpose" method call
-  _d202158d(key) {
-    if (this.errorOnKeyHasPurpose) {
-      throw new Error('keyHasPurpose call returned an error');
-    }
+    const expectedAddress = ethUtil.publicToAddress(this.authorizedKey);
 
-    if (key === ethUtil.bufferToHex(ethUtil.keccak(this.actionableKey))) {
+    if (recoveredAddress.toString() === expectedAddress.toString()) {
       return MockContract._true();
     }