@ducatus/ducatus-wallet-client-rev
Version:
Client for @ducatus/ducatus-wallet-service-rev
228 lines (189 loc) • 6.74 kB
text/typescript
import * as _ from 'lodash';
import { Constants, Utils } from './common';
var $ = require('preconditions').singleton();
import { BitcoreLib, BitcoreLibCash, DucatuscoreLib } from '../../../ducatus-crypto-wallet-core-rev';
var Bitcore = BitcoreLib;
var BCHAddress = BitcoreLibCash.Address;
var DUCAddress = DucatuscoreLib.Address;
var log = require('./log');
/**
* @desc Verifier constructor. Checks data given by the server
*
* @constructor
*/
export class Verifier {
/**
* Check address
*
* @param {Function} credentials
* @param {String} address
* @returns {Boolean} true or false
*/
static checkAddress(credentials, address) {
$.checkState(credentials.isComplete());
var local = Utils.deriveAddress(
address.type || credentials.addressType,
credentials.publicKeyRing,
address.path,
credentials.m,
credentials.network,
credentials.coin
);
return local.address == address.address && _.difference(local.publicKeys, address.publicKeys).length === 0;
}
/**
* Check copayers
*
* @param {Function} credentials
* @param {Array} copayers
* @returns {Boolean} true or false
*/
static checkCopayers(credentials, copayers) {
$.checkState(credentials.walletPrivKey);
var walletPubKey = Bitcore.PrivateKey.fromString(credentials.walletPrivKey)
.toPublicKey()
.toString();
if (copayers.length != credentials.n) {
log.error('Missing public keys in server response');
return false;
}
// Repeated xpub kes?
var uniq = [];
var error;
_.each(copayers, copayer => {
if (error) return;
if (uniq[copayers.xPubKey]++) {
log.error('Repeated public keys in server response');
error = true;
}
// Not signed pub keys
if (
!(copayer.encryptedName || copayer.name) ||
!copayer.xPubKey ||
!copayer.requestPubKey ||
!copayer.signature
) {
log.error('Missing copayer fields in server response');
error = true;
} else {
var hash = Utils.getCopayerHash(copayer.encryptedName || copayer.name, copayer.xPubKey, copayer.requestPubKey);
if (!Utils.verifyMessage(hash, copayer.signature, walletPubKey)) {
log.error('Invalid signatures in server response');
error = true;
}
}
});
if (error) return false;
if (!_.includes(_.map(copayers, 'xPubKey'), credentials.xPubKey)) {
log.error('Server response does not contains our public keys');
return false;
}
return true;
}
static checkProposalCreation(args, txp, encryptingKey) {
var strEqual = (str1, str2) => {
return (!str1 && !str2) || str1 === str2;
};
if (txp.outputs.length != args.outputs.length) return false;
for (var i = 0; i < txp.outputs.length; i++) {
var o1 = txp.outputs[i];
var o2 = args.outputs[i];
if (!strEqual(o1.toAddress, o2.toAddress)) return false;
if (!strEqual(o1.script, o2.script)) return false;
if (o1.amount != o2.amount) return false;
var decryptedMessage = null;
try {
decryptedMessage = Utils.decryptMessage(o2.message, encryptingKey);
} catch (e) {
return false;
}
if (!strEqual(o1.message, decryptedMessage)) return false;
}
var changeAddress;
if (txp.changeAddress) {
changeAddress = txp.changeAddress.address;
}
if (args.changeAddress && !strEqual(changeAddress, args.changeAddress)) return false;
if (_.isNumber(args.feePerKb) && txp.feePerKb != args.feePerKb) return false;
if (!strEqual(txp.payProUrl, args.payProUrl)) return false;
var decryptedMessage = null;
try {
decryptedMessage = Utils.decryptMessage(args.message, encryptingKey);
} catch (e) {
return false;
}
if (!strEqual(txp.message, decryptedMessage)) return false;
if ((args.customData || txp.customData) && !_.isEqual(txp.customData, args.customData)) return false;
return true;
}
static checkTxProposalSignature(credentials, txp) {
$.checkArgument(txp.creatorId);
$.checkState(credentials.isComplete());
var creatorKeys = _.find(credentials.publicKeyRing, item => {
if (Utils.xPubToCopayerId(txp.coin || 'btc', item.xPubKey) === txp.creatorId) return true;
});
if (!creatorKeys) return false;
var creatorSigningPubKey;
// If the txp using a selfsigned pub key?
if (txp.proposalSignaturePubKey) {
// Verify it...
if (!Utils.verifyRequestPubKey(txp.proposalSignaturePubKey, txp.proposalSignaturePubKeySig, creatorKeys.xPubKey))
return false;
creatorSigningPubKey = txp.proposalSignaturePubKey;
} else {
creatorSigningPubKey = creatorKeys.requestPubKey;
}
if (!creatorSigningPubKey) return false;
var hash;
if (parseInt(txp.version) >= 3) {
var t = Utils.buildTx(txp);
hash = t.uncheckedSerialize();
} else {
throw new Error('Transaction proposal not supported');
}
log.debug('Regenerating & verifying tx proposal hash -> Hash: ', hash, ' Signature: ', txp.proposalSignature);
if (!Utils.verifyMessage(hash, txp.proposalSignature, creatorSigningPubKey)) return false;
if (Constants.UTXO_COINS.includes(txp.coin) && !this.checkAddress(credentials, txp.changeAddress)) return false;
return true;
}
static checkPaypro(txp, payproOpts) {
var toAddress, amount, feeRate;
if (parseInt(txp.version) >= 3) {
toAddress = txp.outputs[0].toAddress;
amount = txp.amount;
if (txp.feePerKb) {
feeRate = txp.feePerKb / 1024;
}
} else {
toAddress = txp.toAddress;
amount = txp.amount;
}
if (amount != _.sumBy(payproOpts.instructions, 'amount')) return false;
if (txp.coin == 'btc' && toAddress != payproOpts.instructions[0].toAddress) return false;
// Workaround for cashaddr/legacy address problems...
if (
txp.coin == 'bch' &&
new BCHAddress(toAddress).toString() != new BCHAddress(payproOpts.instructions[0].toAddress).toString()
)
return false;
// this generates problems...
// if (feeRate && payproOpts.requiredFeeRate &&
// feeRate < payproOpts.requiredFeeRate)
// return false;
return true;
}
/**
* Check transaction proposal
*
* @param {Function} credentials
* @param {Object} txp
* @param {Object} Optional: paypro
* @param {Boolean} isLegit
*/
static checkTxProposal(credentials, txp, opts) {
opts = opts || {};
if (!this.checkTxProposalSignature(credentials, txp)) return false;
if (opts.paypro && !this.checkPaypro(txp, opts.paypro)) return false;
return true;
}
}