UNPKG

@oasisprotocol/sapphire-paratime

Version:

The Sapphire ParaTime Web3 integration library.

github.com/oasisprotocol/sapphire-paratime/tree/main/clients/js

oasisprotocol/sapphire-paratime

206 lines 8.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
// SPDX-License-Identifier: Apache-2.0 import { decode as cborDecode, encode as cborEncode } from 'cborg'; import deoxysii from '@oasisprotocol/deoxysii'; import { sha512_256 } from '@noble/hashes/sha512'; import { hmac } from '@noble/hashes/hmac'; import { randomBytes } from '@noble/hashes/utils'; import { boxKeyPairFromSecretKey, crypto_box_SECRETKEYBYTES, naclScalarMult, } from './munacl.js'; import { isBytesLike, getBytes, hexlify } from './ethersutils.js'; /** * Some Ethereum libraries are picky about hex encoding vs Uint8Array * * The ethers BytesLike type can be either, if the request came as a hex encoded * string we should return hex encoded string, if request came as Uint8Array we * should return one. * * Notably hardhat-ignition doesn't work well with Uint8Array responses * * @param example Some example data, where we should return the same type * @param output Output data * @returns Output data, as either hex encoded 0x-prefixed string, or Uint8Array */ function asBytesLike(example, output) { if (!isBytesLike(example) || !isBytesLike(output)) { throw new Error('Not byteslike data!'); } if (typeof example === 'string') { if (typeof output === 'string') { return output; } return hexlify(output); } if (typeof output === 'string') { return hexlify(output); } return output; } export var CipherKind; (function (CipherKind) { CipherKind[CipherKind["X25519DeoxysII"] = 1] = "X25519DeoxysII"; })(CipherKind || (CipherKind = {})); function formatFailure(fail) { if (fail.message) return fail.message; return `Call failed in module '${fail.module}' with code '${fail.code}'`; } export class Cipher { /** Encrypts the plaintext and encodes it for sending. */ encryptCall(calldata, nonce) { // Txs without data are just balance transfers, and all data in those is public. if (calldata === undefined || calldata === null || calldata.length === 0) return ''; if (!isBytesLike(calldata)) { throw new Error('Attempted to sign tx having non-byteslike data.'); } const innerEnvelope = cborEncode({ body: getBytes(calldata) }); let ciphertext; ({ ciphertext, nonce } = this.encrypt(innerEnvelope, nonce)); const envelope = { format: this.kind, body: { pk: this.publicKey, nonce, data: ciphertext, epoch: this.epoch, }, }; return asBytesLike(calldata, cborEncode(envelope)); } decryptCall(envelopeBytes) { const envelope = cborDecode(getBytes(envelopeBytes)); if (!isEnvelopeFormatOk(envelope)) { throw new EnvelopeError('Unexpected non-envelope!'); } const result = this.decrypt(envelope.body.nonce, envelope.body.data); const inner = cborDecode(result); return asBytesLike(envelopeBytes, inner.body); } encryptResult(ok, innerFail, outerFail) { if (ok || innerFail) { if ((ok && innerFail) || outerFail) { throw new EnvelopeError('Conflicting result envelope', { ok, innerFail, outerFail, }); } // Inner envelope is encrypted const inner = cborEncode(innerFail ? { fail: innerFail } : { ok }); const { nonce, ciphertext: data } = this.encrypt(inner); // Outer envelope is plaintext const envelope = cborEncode({ ok: { nonce, data }, }); return envelope; } if (outerFail) { // Outer failures are returned in plaintext return cborEncode({ fail: outerFail }); } throw new EnvelopeError('Cannot encrypt result with no data or failures!', { ok, innerFail, outerFail, }); } /** Decrypts the data contained within a hex-encoded serialized envelope. */ decryptResult(callResult) { var _a; const envelope = cborDecode(getBytes(callResult)); if (envelope.fail) { throw new EnvelopeError(formatFailure(envelope.fail), envelope.fail); } // Unencrypted results will have `ok` as bytes, not a struct if (envelope.ok && (typeof envelope.ok === 'string' || envelope.ok instanceof Uint8Array)) { throw new EnvelopeError('Received unencrypted envelope', envelope); } // Encrypted result will have `ok` as a CBOR encoded struct const { nonce, data } = (_a = envelope.ok) !== null && _a !== void 0 ? _a : envelope.unknown; const inner = cborDecode(this.decrypt(nonce, data)); if (inner.ok) { return asBytesLike(callResult, getBytes(inner.ok)); } if (inner.fail) { throw new EnvelopeError(formatFailure(inner.fail), inner.fail); } throw new EnvelopeError(`Unexpected inner call result: ${JSON.stringify(inner)}`, inner); } } /** * A {@link Cipher} that derives a shared secret using X25519 and then uses DeoxysII for encrypting using that secret. * * This is the default cipher. */ export class X25519DeoxysII extends Cipher { /** Creates a new cipher using an ephemeral keypair stored in memory. */ static ephemeral(peerPublicKey, epoch) { const keypair = boxKeyPairFromSecretKey(randomBytes(crypto_box_SECRETKEYBYTES)); return new X25519DeoxysII(keypair, getBytes(peerPublicKey), epoch); } static fromSecretKey(secretKey, peerPublicKey, epoch) { const keypair = boxKeyPairFromSecretKey(getBytes(secretKey)); return new X25519DeoxysII(keypair, getBytes(peerPublicKey), epoch); } constructor(keypair, peerPublicKey, epoch) { super(); this.kind = CipherKind.X25519DeoxysII; this.publicKey = keypair.publicKey; this.ephemeralKey = keypair.secretKey; this.epoch = epoch; // Derive a shared secret using X25519 (followed by hashing to remove ECDH bias). const keyBytes = hmac .create(sha512_256, new TextEncoder().encode('MRAE_Box_Deoxys-II-256-128')) .update(naclScalarMult(keypair.secretKey, peerPublicKey)) .digest().buffer; this.secretKey = new Uint8Array(keyBytes); this.cipher = new deoxysii.AEAD(new Uint8Array(this.secretKey)); // deoxysii owns the input } encrypt(plaintext, nonce = randomBytes(deoxysii.NonceSize)) { const ciphertext = this.cipher.encrypt(nonce, plaintext); return { nonce, ciphertext }; } decrypt(nonce, ciphertext) { return this.cipher.decrypt(nonce, ciphertext); } } // ----------------------------------------------------------------------------- // Determine if the CBOR encoded calldata is a signed query or an evelope export class EnvelopeError extends Error { constructor(message, response) { super(message); this.response = response; } } function isEnvelopeFormatOk(envelope) { const { format, body } = envelope; if (!body || !format) { throw new EnvelopeError('No body or format specified', envelope); } if (format !== CipherKind.X25519DeoxysII) { throw new EnvelopeError('Not encrypted format', envelope); } if (isBytesLike(body)) throw new EnvelopeError('Requires struct body', envelope); if (!isBytesLike(body.data)) throw new EnvelopeError('No body data', envelope); return true; } export function isCalldataEnveloped(calldata) { if (calldata === undefined) { return false; } try { const envelope = cborDecode(getBytes(calldata)); if (!isEnvelopeFormatOk(envelope)) { throw new EnvelopeError('Bogus Sapphire enveloped data found in transaction!'); } return true; } catch (e) { if (e instanceof EnvelopeError) throw e; } return false; } //# sourceMappingURL=cipher.js.map