UNPKG

@taquito/signer

Version:

Provide signing functionality to be with taquito

743 lines (722 loc) • 26.5 kB

JavaScript

import { openSecretBox } from '@stablelib/nacl'; import { hash } from '@stablelib/blake2b'; import { isValidPrefix, invalidDetail, ValidationResult, Prefix, b58cdecode, prefix, buf2hex, b58cencode, hex2buf, mergebuf } from '@taquito/utils'; import toBuffer from 'typedarray-to-buffer'; import { generateKeyPairFromSeed, sign } from '@stablelib/ed25519'; import { InvalidKeyError, InvalidHexStringError, ParameterValidationError, UnsupportedActionError, InvalidDerivationPathError } from '@taquito/core'; import elliptic, { ec } from 'elliptic'; import pbkdf2 from 'pbkdf2'; import * as Bip39 from 'bip39'; import { HMAC } from '@stablelib/hmac'; import { SHA512 } from '@stablelib/sha512'; import BN from 'bn.js'; /****************************************************************************** Copyright (c) Microsoft Corporation. Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ***************************************************************************** */ /* global Reflect, Promise, SuppressedError, Symbol */ function __awaiter(thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); } typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) { var e = new Error(message); return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e; }; /** * @description Provide signing logic for ed25519 curve based key (tz1) */ class Tz1 { /** * * @param key Encoded private key * @param encrypted Is the private key encrypted * @param decrypt Decrypt function * @throws {@link InvalidKeyError} */ constructor(key, encrypted, decrypt) { this.key = key; const keyPrefix = key.substring(0, encrypted ? 5 : 4); if (!isValidPrefix(keyPrefix)) { throw new InvalidKeyError(`${invalidDetail(ValidationResult.NO_PREFIX_MATCHED)} expecting either '${Prefix.EDESK}' or '${Prefix.EDSK}'.`); } this._key = decrypt(b58cdecode(this.key, prefix[keyPrefix])); this._publicKey = this._key.slice(32); if (!this._key) { throw new InvalidKeyError('unable to decode'); } this.isInit = this.init(); } init() { return __awaiter(this, void 0, void 0, function* () { if (this._key.length !== 64) { const { publicKey, secretKey } = generateKeyPairFromSeed(new Uint8Array(this._key)); this._publicKey = publicKey; this._key = secretKey; } return true; }); } /** * * @param bytes Bytes to sign * @param bytesHash Blake2b hash of the bytes to sign */ sign(bytes, bytesHash) { return __awaiter(this, void 0, void 0, function* () { yield this.isInit; const signature = sign(new Uint8Array(this._key), new Uint8Array(bytesHash)); const signatureBuffer = toBuffer(signature); const sbytes = bytes + buf2hex(signatureBuffer); return { bytes, sig: b58cencode(signature, prefix.sig), prefixSig: b58cencode(signature, prefix.edsig), sbytes, }; }); } /** * @returns Encoded public key */ publicKey() { return __awaiter(this, void 0, void 0, function* () { yield this.isInit; return b58cencode(this._publicKey, prefix['edpk']); }); } /** * @returns Encoded public key hash */ publicKeyHash() { return __awaiter(this, void 0, void 0, function* () { yield this.isInit; return b58cencode(hash(new Uint8Array(this._publicKey), 20), prefix.tz1); }); } /** * @returns Encoded private key */ secretKey() { return __awaiter(this, void 0, void 0, function* () { yield this.isInit; let key = this._key; const { secretKey } = generateKeyPairFromSeed(new Uint8Array(key).slice(0, 32)); key = toBuffer(secretKey); return b58cencode(key, prefix[`edsk`]); }); } } const pref = { p256: { pk: prefix['p2pk'], sk: prefix['p2sk'], pkh: prefix.tz3, sig: prefix.p2sig, }, secp256k1: { pk: prefix['sppk'], sk: prefix['spsk'], pkh: prefix.tz2, sig: prefix.spsig, }, }; /** * @description Provide signing logic for elliptic curve based key (tz2, tz3) */ class ECKey { /** * * @param curve Curve to use with the key * @param key Encoded private key * @param encrypted Is the private key encrypted * @param decrypt Decrypt function * @throws {@link InvalidKeyError} */ constructor(curve, key, encrypted, decrypt) { this.curve = curve; this.key = key; const keyPrefix = key.substring(0, encrypted ? 5 : 4); if (!isValidPrefix(keyPrefix)) { throw new InvalidKeyError(invalidDetail(ValidationResult.NO_PREFIX_MATCHED) + ` expecting one of the following prefix '${Prefix.SPSK}', '${Prefix.SPESK}', '${Prefix.P2SK}' or '${Prefix.P2ESK}'.`); } this._key = decrypt(b58cdecode(this.key, prefix[keyPrefix])); const keyPair = new elliptic.ec(this.curve).keyFromPrivate(this._key); const keyPairY = keyPair.getPublic().getY().toArray(); const parityByte = keyPairY.length < 32 ? keyPairY[keyPairY.length - 1] : keyPairY[31]; const pref = parityByte % 2 ? 3 : 2; const pad = new Array(32).fill(0); this._publicKey = toBuffer(new Uint8Array([pref].concat(pad.concat(keyPair.getPublic().getX().toArray()).slice(-32)))); } /** * * @param bytes Bytes to sign * @param bytesHash Blake2b hash of the bytes to sign */ sign(bytes, bytesHash) { return __awaiter(this, void 0, void 0, function* () { const key = new elliptic.ec(this.curve).keyFromPrivate(this._key); const sig = key.sign(bytesHash, { canonical: true }); const signature = sig.r.toString('hex', 64) + sig.s.toString('hex', 64); const sbytes = bytes + signature; return { bytes, sig: b58cencode(signature, prefix.sig), prefixSig: b58cencode(signature, pref[this.curve].sig), sbytes, }; }); } /** * @returns Encoded public key */ publicKey() { return __awaiter(this, void 0, void 0, function* () { return b58cencode(this._publicKey, pref[this.curve].pk); }); } /** * @returns Encoded public key hash */ publicKeyHash() { return __awaiter(this, void 0, void 0, function* () { return b58cencode(hash(new Uint8Array(this._publicKey), 20), pref[this.curve].pkh); }); } /** * @returns Encoded private key */ secretKey() { return __awaiter(this, void 0, void 0, function* () { const key = this._key; return b58cencode(key, pref[this.curve].sk); }); } } /** * @description Tz3 key class using the p256 curve */ const Tz3 = ECKey.bind(null, 'p256'); /** * @description Tz2 key class using the secp256k1 curve */ const Tz2 = ECKey.bind(null, 'secp256k1'); function parseHex(s) { const res = []; for (let i = 0; i < s.length; i += 2) { const ss = s.slice(i, i + 2); const x = parseInt(ss, 16); if (Number.isNaN(x)) { throw new InvalidHexStringError(ss); } res.push(x); } return new Uint8Array(res); } /** * @category Error * @description Error that indicates an invalid Mnemonic being passed or used */ class InvalidMnemonicError extends ParameterValidationError { constructor(mnemonic) { super(); this.mnemonic = mnemonic; this.name = 'InvalidMnemonicError'; this.message = `Invalid mnemonic "${mnemonic}"`; } } /** * @category Error * @description Error that indicates a curve with incorrect bit size being passed or used */ class InvalidBitSize extends ParameterValidationError { constructor(message) { super(); this.message = message; this.name = 'InvalidBitSize'; } } /** * @category Error * @description Error that indicates an unsupported cureve being passed or used */ class InvalidCurveError extends ParameterValidationError { constructor(message) { super(); this.message = message; this.name = 'InvalidCurveError'; } } /** * @category Error * @description Error that indicates a seed with invalid length being passed or used */ class InvalidSeedLengthError extends ParameterValidationError { constructor(seedLength) { super(); this.seedLength = seedLength; this.name = 'InvalidSeedLengthError'; this.message = `Invalid seed length "${seedLength}" expecting length between 16 to 64.`; } } /** * @category Error * @description Error that indicates a feature still under developement */ class ToBeImplemented extends UnsupportedActionError { constructor() { super(); this.name = 'ToBeImplemented'; this.message = 'This feature is under developement'; } } /** * @category Error * @description Error that indicates an invalid passphrase being passed or used */ class InvalidPassphraseError extends ParameterValidationError { constructor(message) { super(); this.message = message; this.name = 'InvalidPassphraseError'; } } /* eslint-disable @typescript-eslint/no-this-alias */ const seedKey = { p256: 'Nist256p1 seed', secp256k1: 'Bitcoin seed', }; // MinSeedSize is the minimal allowed seed byte length const minSeedSize$1 = 16; // MaxSeedSize is the maximal allowed seed byte length const maxSeedSize$1 = 64; let PrivateKey$1 = class PrivateKey { /** * * @param priv key pair priv (BN) pub (curve.base.BasePint) if applicable * @param chainCode slice 32->n HMAC hash key and seedkey (first instance curve default seedKey. after hmac value slice 32->n) */ constructor(priv, chainCode) { this.chainCode = chainCode; this.keyPair = priv; } /** * @param seedSrc result of Bip39.mnemonicToSeed * @param curve known supported curve p256 or secp256k1 * @returns instance of PrivateKey non-HD keys derived * @throws {@link InvalidBitSize} | {@link InvalidCurveError} | {@link InvalidSeedLengthError} */ static fromSeed(seedSrc, curve) { var _a, _b; let seed = typeof seedSrc === 'string' ? parseHex(seedSrc) : seedSrc; if (seed.length < minSeedSize$1 || seed.length > maxSeedSize$1) { throw new InvalidSeedLengthError(seed.length); } if (!Object.prototype.hasOwnProperty.call(seedKey, curve)) { throw new InvalidCurveError(`Unsupported curve "${curve}" expecting either "p256" or "secp256k1"`); } const c = new ec(curve); if (((_a = c.n) === null || _a === void 0 ? void 0 : _a.bitLength()) !== 256) { throw new InvalidBitSize(`Invalid curve "${curve}" with bit size "${(_b = c.n) === null || _b === void 0 ? void 0 : _b.bitLength()}" expecting bit size "256"`); } const key = new TextEncoder().encode(seedKey[curve]); let d = null; let chain = new Uint8Array(); let i = 0; while (i === 0) { const sum = new HMAC(SHA512, key).update(seed).digest(); d = new BN(sum.subarray(0, 32)); chain = sum.subarray(32); if (d.isZero() || d.cmp(c.n) >= 0) { seed = sum; } else { i++; } } const keyPair = c.keyPair({}); keyPair.priv = d; return new PrivateKey(keyPair, chain); } /** * * @param index derivation path item pre-hardened if applicable ie: 44' -> 2^31 + 44 * @returns child PrivateKey of the current PrivateKey */ derive(index) { const data = new Uint8Array(37); if ((index & Hard) !== 0) { // hardened derivation data.set(this.keyPair.getPrivate().toArray(), 1); } else { data.set(this.keyPair.getPublic().encodeCompressed(), 0); } new DataView(data.buffer).setUint32(33, index); let d = new BN(0); let chain = new Uint8Array(); let i = 0; while (i === 0) { const sum = new HMAC(SHA512, this.chainCode).update(data).digest(); d = new BN(sum.subarray(0, 32)); chain = sum.subarray(32); if (this.keyPair.ec.n && d.cmp(this.keyPair.ec.n) < 0) { d = d.add(this.keyPair.getPrivate()).mod(this.keyPair.ec.n); if (!d.isZero()) { i++; } } data.set(chain, 1); data[0] = 1; } const keyPair = this.keyPair.ec.keyPair({}); keyPair.priv = d; return new PrivateKey(keyPair, chain); } /** * * @param path pre-hardened (if applicable) derivation path items ie 44'/1729'/0/0 -> 2^31 + 44/2^31 + 1729/0/0 * @returns final child of the full HD keys derivation */ derivePath(path) { let key = this; for (const x of path) { key = key.derive(x); } return key; } /** * * @returns Uint8Array (if contains a private key) * @throws {@link InvalidKeyError} */ bytes() { if (!this.keyPair.priv) { throw new InvalidKeyError('missing private key'); } // pad to 32 bytes as toArray() length argument seems to be ignored (BN bug) const src = this.keyPair.priv.toArray(); const out = new Uint8Array(32); out.set(src, out.length - src.length); return out; } }; var ecdsa = /*#__PURE__*/Object.freeze({ __proto__: null, PrivateKey: PrivateKey$1 }); const Hard = 0x80000000; class Path extends Array { static from(iterable) { return super.from(iterable).map((x) => x >>> 0); } /** * * @param s derivation path eg: 44'/1729'/0'/0' * @returns applied hardened values */ static fromString(s) { if (s.length === 0) { return new Path(); } let parts = s.split('/'); const out = []; if (parts[0] === 'm') { parts = parts.slice(1); } for (let p of parts) { if (p.length === 0) { throw new InvalidDerivationPathError(s, `: Invalid BIP32 path`); } let h = 0; const last = p[p.length - 1]; if (last === "'" || last === 'h' || last === 'H') { h = Hard; p = p.slice(0, p.length - 1); } const index = (parseInt(p, 10) | h) >>> 0; out.push(index); } return Path.from(out); } } /* eslint-disable @typescript-eslint/no-this-alias */ // MinSeedSize is the minimal allowed seed byte length const minSeedSize = 16; // MaxSeedSize is the maximal allowed seed byte length const maxSeedSize = 64; const ed25519Key = 'ed25519 seed'; class PrivateKey { /** * * @param priv generated keypair 0->32 private key 32->n public key * @param chainCode new HMAC hash with new key */ constructor(priv, chainCode) { this.priv = priv; this.chainCode = chainCode; } /** * * @param seedSrc result of Bip39.mnemonicToSeed * @returns instance of PrivateKey * @throws {@link InvalidSeedLengthError} */ static fromSeed(seedSrc) { const seed = typeof seedSrc === 'string' ? parseHex(seedSrc) : seedSrc; if (seed.length < minSeedSize || seed.length > maxSeedSize) { throw new InvalidSeedLengthError(seed.length); } const key = new TextEncoder().encode(ed25519Key); const sum = new HMAC(SHA512, key).update(seed).digest(); return new PrivateKey(generateKeyPairFromSeed(sum.subarray(0, 32)).secretKey, sum.subarray(32)); } /** * * @returns slice(0, 32) of current priv for new seed for next derived priv */ seed() { return this.priv.subarray(0, 32); } /** * @index current derivation path item ie: 1729' * @returns derivation path child of original private key pair */ derive(index) { if ((index & Hard) === 0) { throw new InvalidDerivationPathError(index.toString(), ': Non-hardened derivation path.'); } const data = new Uint8Array(37); data.set(this.seed(), 1); new DataView(data.buffer).setUint32(33, index); const sum = new HMAC(SHA512, this.chainCode).update(data).digest(); return new PrivateKey(generateKeyPairFromSeed(sum.subarray(0, 32)).secretKey, sum.subarray(32)); } /** * @param path array of numbers pre adjusted for hardened paths ie: 44' -> 2^31 + 44 * @returns final child of full derivation path private key pair */ derivePath(path) { let key = this; for (const index of path) { key = key.derive(index); } return key; } } var ed25519 = /*#__PURE__*/Object.freeze({ __proto__: null, PrivateKey: PrivateKey }); // bip32 when supported add to @param curve bip25519 /** * * @param seed bip39.mnemonicToSeed * @param derivationPath Tezos Requirement 44'/1729' for HD key address default 44'/1729'/0'/0' * @param curve 'ed25519' | 'secp256k1' | 'p256'' * @returns final Derivation of HD keys tezos Secret key * @throws {@link InvalidCurveError} | {@link ToBeImplemented} */ const generateSecretKey = (seed, derivationPath, curve) => { const path = Path.fromString(derivationPath); let node; switch (curve) { case 'ed25519': { node = PrivateKey.fromSeed(seed).derivePath(path); const sk = b58cencode(node.seed().slice(0, 32), prefix.edsk2); return sk; } case 'secp256k1': case 'p256': { const prefixType = curve === 'secp256k1' ? prefix.spsk : prefix.p2sk; let privKey = PrivateKey$1.fromSeed(seed, curve); privKey = privKey.derivePath(path); const uint8arr = new Uint8Array(privKey.keyPair.getPrivate().toArray()); const sk = b58cencode(uint8arr, prefixType); return sk; } case 'bip25519': { throw new ToBeImplemented(); } default: { throw new InvalidCurveError(`Unsupported curve "${curve}" expecting one of the following "ed25519", "secp256k1", "p256"`); } } }; /** * * @description Import a key to sign operation with the side-effect of setting the Tezos instance to use the InMemorySigner provider * * @warn The JSON faucets are no longer available on https://teztnets.com/ * @param toolkit The toolkit instance to attach a signer * @param privateKeyOrEmail Key to load in memory * @param passphrase If the key is encrypted passphrase to decrypt it * @param mnemonic Faucet mnemonic * @param secret Faucet secret */ function importKey(toolkit, privateKeyOrEmail, passphrase, mnemonic, secret) { return __awaiter(this, void 0, void 0, function* () { if (privateKeyOrEmail && passphrase && mnemonic && secret) { const signer = InMemorySigner.fromFundraiser(privateKeyOrEmail, passphrase, mnemonic); toolkit.setProvider({ signer }); const pkh = yield signer.publicKeyHash(); let op; try { op = yield toolkit.tz.activate(pkh, secret); } catch (ex) { const isInvalidActivationError = ex && ex.body && /Invalid activation/.test(ex.body); if (!isInvalidActivationError) { throw ex; } } if (op) { yield op.confirmation(); } } else { // Fallback to regular import const signer = yield InMemorySigner.fromSecretKey(privateKeyOrEmail, passphrase); toolkit.setProvider({ signer }); } }); } // IMPORTANT: THIS FILE IS AUTO GENERATED! DO NOT MANUALLY EDIT OR CHECKIN! const VERSION = { "commitHash": "6a2c52b9e48b299dfc856149c1fa3388e77180ad", "version": "22.0.0" }; /** * @description A local implementation of the signer. Will represent a Tezos account and be able to produce signature in its behalf * * @warn If running in production and dealing with tokens that have real value, it is strongly recommended to use a HSM backed signer so that private key material is not stored in memory or on disk * @throws {@link InvalidMnemonicError} */ class InMemorySigner { static fromFundraiser(email, password, mnemonic) { if (!Bip39.validateMnemonic(mnemonic)) { throw new InvalidMnemonicError(mnemonic); } const seed = Bip39.mnemonicToSeedSync(mnemonic, `${email}${password}`); const key = b58cencode(seed.slice(0, 32), prefix.edsk2); return new InMemorySigner(key); } static fromSecretKey(key, passphrase) { return __awaiter(this, void 0, void 0, function* () { return new InMemorySigner(key, passphrase); }); } /** * * @description Instantiation of an InMemorySigner instance from a mnemonic * @param mnemonic 12-24 word mnemonic * @param password password used to encrypt the mnemonic to seed value * @param derivationPath default 44'/1729'/0'/0' (44'/1729' mandatory) * @param curve currently only supported for tz1, tz2, tz3 addresses. soon bip25519 * @returns InMemorySigner * @throws {@link InvalidMnemonicError} */ static fromMnemonic({ mnemonic, password = '', derivationPath = "44'/1729'/0'/0'", curve = 'ed25519', }) { // check if curve is defined if not default tz1 if (!Bip39.validateMnemonic(mnemonic)) { // avoiding exposing mnemonic again in case of mistake making invalid throw new InvalidMnemonicError(mnemonic); } const seed = Bip39.mnemonicToSeedSync(mnemonic, password); const sk = generateSecretKey(seed, derivationPath, curve); return new InMemorySigner(sk); } /** * * @param key Encoded private key * @param passphrase Passphrase to decrypt the private key if it is encrypted * @throws {@link InvalidKeyError} * */ constructor(key, passphrase) { const encrypted = key.substring(2, 3) === 'e'; let decrypt = (k) => k; if (encrypted) { if (!passphrase) { throw new InvalidPassphraseError('No passphrase provided to decrypt encrypted key'); } decrypt = (constructedKey) => { const salt = toBuffer(constructedKey.slice(0, 8)); const encryptedSk = constructedKey.slice(8); const encryptionKey = pbkdf2.pbkdf2Sync(passphrase, salt, 32768, 32, 'sha512'); return openSecretBox(new Uint8Array(encryptionKey), new Uint8Array(24), new Uint8Array(encryptedSk)); }; } switch (key.substring(0, 4)) { case 'edes': case 'edsk': this._key = new Tz1(key, encrypted, decrypt); break; case 'spsk': case 'spes': this._key = new Tz2(key, encrypted, decrypt); break; case 'p2sk': case 'p2es': this._key = new Tz3(key, encrypted, decrypt); break; default: throw new InvalidKeyError(`${invalidDetail(ValidationResult.NO_PREFIX_MATCHED)} expecting one of the following '${Prefix.EDESK}', '${Prefix.EDSK}', '${Prefix.SPSK}', '${Prefix.SPESK}', '${Prefix.P2SK}' or '${Prefix.P2ESK}'.`); } } /** * * @param bytes Bytes to sign * @param watermark Watermark to append to the bytes */ sign(bytes, watermark) { return __awaiter(this, void 0, void 0, function* () { let bb = hex2buf(bytes); if (typeof watermark !== 'undefined') { bb = mergebuf(watermark, bb); } const bytesHash = hash(bb, 32); return this._key.sign(bytes, bytesHash); }); } /** * @returns Encoded public key */ publicKey() { return __awaiter(this, void 0, void 0, function* () { return this._key.publicKey(); }); } /** * @returns Encoded public key hash */ publicKeyHash() { return __awaiter(this, void 0, void 0, function* () { return this._key.publicKeyHash(); }); } /** * @returns Encoded private key */ secretKey() { return __awaiter(this, void 0, void 0, function* () { return this._key.secretKey(); }); } } export { ecdsa as ECDSA, ed25519 as Ed25519, Hard, InMemorySigner, InvalidPassphraseError, Path, VERSION, generateSecretKey, importKey }; //# sourceMappingURL=taquito-signer.es6.js.map