fix: Encryption channel use multi-format for identity instead of hash (#501)

**Transaction-Manager**:
* Use multi-format instead of hashes for identity keys in the encryption

Author: vrolland

packages/transaction-manager/specs/encryption.md

@@ -48,12 +48,12 @@ The encrypted data, the encrypted keys and a hash of the data are pushed on chai
 
 ### Create an encrypted channel
 
-| Property             | Type   | Description                                                                                                                  |
-| -------------------- | ------ | ---------------------------------------------------------------------------------------------------------------------------- |
-| **data**             | String | First encrypted data of the channel in base64                                                                                |
-| **hash**             | String | Normalized Keccak256 hash of the message before encryption                                                                   |
-| **keys**             | Object | AES-256 key encrypted with ECIES from the parties public keys, encoded in base64 and indexed by the hash of their identities |
-| **encryptionMethod** | String | Encryption method use for the channel _('ECIES-AES256' here)_                                                                |
+| Property             | Type   | Description                                                                                                                      |
+| -------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------- |
+| **data**             | String | First encrypted data of the channel in base64                                                                                    |
+| **hash**             | String | Normalized Keccak256 hash of the message before encryption                                                                       |
+| **keys**             | Object | AES-256 key encrypted with ECIES from the parties public keys, encoded in base64 and indexed by their multi-formatted identities |
+| **encryptionMethod** | String | Encryption method use for the channel _('ECIES-AES256' here)_                                                                    |
 
 The data are encrypted with the algorithm AES-256 from the channel key generated for this channel.
 The channel key generation must be cryptographically strong.
@@ -67,8 +67,8 @@ Example:
   "hash": "01865ea95812388a93162b560e01c5680f12966492dfbad8a9a104e1e79f6665fc",
   "keys":
    {
-      "014e90cd5a599a1ac02d55d8af16655d4ae90d82642c6a8ef2fe2341a608053982": "aYOGYgtlt0JkBoKjxkMpoQJbE7GXtTT6JrjA+NF0Bd6BxDLyn5+hFIDvHltMkGS7rpzR3RyEnDl+SncDJ+cCxLo9Od7ntqGNVdin6n7EJqilmY0AmxJpAIAOnCwK5C46zH4RE0g7vBv/+3Gx2uFKw2Dfhpy7olQ5NL6Krsb2qEnmW32R3wmv85uCE88uxmcDlo/OrS36X+jzOye+/ZR+kOE=",
-      "01f17f52151ebef6c7334fad080c5704d77216b732f6c7334fad08072117f341a6": "AKJaJONWml2moKwTGZCuXQMxBt014+6Sxo2rzXYBbgKV8peBo3RM6KrxvhIdnCtTwxu3CrlFrkfUm6VYoMsKPu5WhZMU1Wk2R+vYl7roJFCQsTqTN1Qkx0skBLhaSKwynzZY3BWyTZ5rf1+JPmi7g6fGB9VOUpv6EDlp9k1p2RZnsVc+fMYKMAWhMnSZ3gJQUVbHY2Jx0CiQX/N+PtpnTWM=",
+      "20af083f77f1ffd54218d91491afd06c9296eac3ce": "aYOGYgtlt0JkBoKjxkMpoQJbE7GXtTT6JrjA+NF0Bd6BxDLyn5+hFIDvHltMkGS7rpzR3RyEnDl+SncDJ+cCxLo9Od7ntqGNVdin6n7EJqilmY0AmxJpAIAOnCwK5C46zH4RE0g7vBv/+3Gx2uFKw2Dfhpy7olQ5NL6Krsb2qEnmW32R3wmv85uCE88uxmcDlo/OrS36X+jzOye+/ZR+kOE=",
+      "20740fc87bd3f41d07d23a01dec90623ebc5fed9d6": "AKJaJONWml2moKwTGZCuXQMxBt014+6Sxo2rzXYBbgKV8peBo3RM6KrxvhIdnCtTwxu3CrlFrkfUm6VYoMsKPu5WhZMU1Wk2R+vYl7roJFCQsTqTN1Qkx0skBLhaSKwynzZY3BWyTZ5rf1+JPmi7g6fGB9VOUpv6EDlp9k1p2RZnsVc+fMYKMAWhMnSZ3gJQUVbHY2Jx0CiQX/N+PtpnTWM=",
     },
   "encryptionMethod": "ECIES-AES256-CBC"
 }
@@ -92,16 +92,16 @@ Example:
 
 ### Add new public keys
 
-| Property | Type   | Description                                                                                       |
-| -------- | ------ | ------------------------------------------------------------------------------------------------- |
-| **keys** | Object | AES-256 key encrypted with ECIES from the new public keys indexed by the hash of their identities |
+| Property | Type   | Description                                                                                           |
+| -------- | ------ | ----------------------------------------------------------------------------------------------------- |
+| **keys** | Object | AES-256 key encrypted with ECIES from the new public keys indexed by their multi-formatted identities |
 
 Example:
 
 ```JSON
 {
     "keys": {
-        "01c5fdf4076b8f3a5357c5e395ab970b5b54098fefa65a761e8df9792af3f398a": "OXdF4wZshE3+FM49ojErrgJIzqCx4r0DDj0bqof1yQJ7Kmz3zTaYh1xauD/Pq6HO1TJ3h+g4ca9DNzy2m2j7Q2RkqppeDkh4zsSyQ0eEN1dYLjfHqOisWelZ5l4hAH7+0LM8FHTCpKFJ1kSSHuALubYzbA+uO17eEr2dgzR3WaWDUhVn/uMYFwws3mHto41W4FWDGW+AWxIowhc3HrqsZRE=",
+        "20818b6337657a23f58581715fc610577292e521d0": "OXdF4wZshE3+FM49ojErrgJIzqCx4r0DDj0bqof1yQJ7Kmz3zTaYh1xauD/Pq6HO1TJ3h+g4ca9DNzy2m2j7Q2RkqppeDkh4zsSyQ0eEN1dYLjfHqOisWelZ5l4hAH7+0LM8FHTCpKFJ1kSSHuALubYzbA+uO17eEr2dgzR3WaWDUhVn/uMYFwws3mHto41W4FWDGW+AWxIowhc3HrqsZRE=",
     }
 }
 ```

packages/transaction-manager/src/transaction.ts

@@ -59,20 +59,25 @@ async function createEncryptedTransaction(
   const encryptedKeyAndIdentityHashesPromises = encryptionParams.map(
     async (
       encryptionParam: EncryptionTypes.IEncryptionParameters,
-    ): Promise<{ encryptedKey: string; hashedIdentity: string }> => {
+    ): Promise<{ encryptedKey: string; multiFormattedIdentity: string }> => {
       const encryptedKey = await Utils.encryption.encrypt(symmetricKey, encryptionParam);
       const identityEncryption = Utils.encryption.getIdentityFromEncryptionParams(encryptionParam);
-      const hashedIdentity = Utils.crypto.normalizeKeccak256Hash(identityEncryption);
+      const multiFormattedIdentity = Utils.multiFormat.formatIdentityEthereumAddress(
+        identityEncryption.value,
+      );
 
-      return { encryptedKey, hashedIdentity };
+      return { encryptedKey, multiFormattedIdentity };
     },
   );
   const encryptedKeyAndIdentityHashes = await Promise.all(encryptedKeyAndIdentityHashesPromises);
 
-  // Create the encrypted keys object - Encrypted keys indexed by identity hash
+  // Create the encrypted keys object - Encrypted keys indexed by identity multi-format
   const keys = encryptedKeyAndIdentityHashes.reduce(
-    (allKeys: any, keyAndHash: { encryptedKey: string; hashedIdentity: string }): Promise<any> => {
-      allKeys[keyAndHash.hashedIdentity] = keyAndHash.encryptedKey;
+    (
+      allKeys: any,
+      keyAndHash: { encryptedKey: string; multiFormattedIdentity: string },
+    ): Promise<any> => {
+      allKeys[keyAndHash.multiFormattedIdentity] = keyAndHash.encryptedKey;
       return allKeys;
     },
     {},

packages/transaction-manager/test/unit/transaction-test.ts

@@ -48,9 +48,9 @@ describe('transaction', () => {
 
       expect(Object.keys(encryptedTx.keys || {}).length, 'keys not right').to.deep.equal(3);
       expect(Object.keys(encryptedTx.keys || {}), 'keys not right').to.deep.equal([
-        Utils.crypto.normalizeKeccak256Hash(TestData.idRaw1.identity),
-        Utils.crypto.normalizeKeccak256Hash(TestData.idRaw2.identity),
-        Utils.crypto.normalizeKeccak256Hash(TestData.idRaw3.identity),
+        Utils.multiFormat.formatIdentityEthereumAddress(TestData.idRaw1.identity.value),
+        Utils.multiFormat.formatIdentityEthereumAddress(TestData.idRaw2.identity.value),
+        Utils.multiFormat.formatIdentityEthereumAddress(TestData.idRaw3.identity.value),
       ]);
 
       expect(

packages/types/src/multi-format-types.ts

@@ -7,7 +7,13 @@ export enum prefix {
   ECIES_ENCRYPTED = '02',
   /** AES256-CBC encrypted data */
   AES256_CBC_ENCRYPTED = '03',
+
+  /** Identity Ethereum address */
+  IDENTITY_ETHEREUM_ADDRESS = '20',
 }
 
 /** Length of a formatted normalized Keccak256 hash (prefix + hash = 2 + 64 = 66) (no 0x expected) */
 export const FORMAT_NORMALIZE_KECCAK256_HASH_LENGTH = 66;
+
+/** Length of a formatted ethereum address identity (prefix + address = 2 + 40 = 42) (no 0x expected) */
+export const FORMAT_IDENTITY_ETHEREUM_ADDRESS_LENGTH = 42;

packages/utils/src/multi-format.ts

@@ -6,10 +6,12 @@ import { MultiFormatTypes } from '@requestnetwork/types';
 export default {
   formatAes256cbcEncryption,
   formatEciesEncryption,
+  formatIdentityEthereumAddress,
   formatKeccak256Hash,
   formatPlainText,
   isAes256cbcEncryption,
   isEciesEncryption,
+  isIdentityEthereumAddress,
   isKeccak256Hash,
   isPlainText,
   removePadding,
@@ -19,7 +21,7 @@ export default {
  * Formats a plain text
  *
  * @param data data to format in plain text
- * @returns the data with the right prefix ('00')
+ * @returns the data with the right prefix (MultiFormatTypes.prefix.PLAIN_TEXT)
  */
 function formatPlainText(data: string): string {
   return `${MultiFormatTypes.prefix.PLAIN_TEXT}${data}`;
@@ -39,7 +41,7 @@ function isPlainText(formattedData: string): boolean {
  * Transforms a keccak256 to a multi-format keccak256
  *
  * @param hash to format
- * @returns format the hash replacing the prefix '0x' by '01'
+ * @returns format the hash replacing the prefix '0x' by MultiFormatTypes.prefix.NORMALIZE_KECCAK256_HASH
  */
 function formatKeccak256Hash(hash: string): string {
   if (hash.length !== MultiFormatTypes.FORMAT_NORMALIZE_KECCAK256_HASH_LENGTH) {
@@ -65,7 +67,7 @@ function isKeccak256Hash(formattedData: string): boolean {
  * Transforms an ECIES encrypted data to a multi-format
  *
  * @param encryptedData encrypted data to format
- * @returns format the encrypted data adding the prefix '02'
+ * @returns format the encrypted data adding the prefix MultiFormatTypes.prefix.ECIES_ENCRYPTED
  */
 function formatEciesEncryption(encryptedData: string): string {
   return `${MultiFormatTypes.prefix.ECIES_ENCRYPTED}${encryptedData}`;
@@ -85,7 +87,7 @@ function isEciesEncryption(formattedData: string): boolean {
  * Transforms an AES256-cbc encrypted data to a multi-format
  *
  * @param encryptedData encrypted data to format
- * @returns format the encrypted data adding the prefix '03'
+ * @returns format the encrypted data adding the prefix MultiFormatTypes.prefix.AES256_CBC_ENCRYPTED
  */
 function formatAes256cbcEncryption(encryptedData: string): string {
   return `${MultiFormatTypes.prefix.AES256_CBC_ENCRYPTED}${encryptedData}`;
@@ -101,6 +103,29 @@ function isAes256cbcEncryption(formattedData: string): boolean {
   return formattedData.slice(0, 2) === MultiFormatTypes.prefix.AES256_CBC_ENCRYPTED;
 }
 
+/**
+ * Transforms an ethereum address to a multi-format
+ *
+ * @param ethereumAddress ethereum address to format
+ * @returns format the encrypted data adding the prefix MultiFormatTypes.prefix.IDENTITY_ETHEREUM_ADDRESS
+ */
+function formatIdentityEthereumAddress(ethereumAddress: string): string {
+  return `${MultiFormatTypes.prefix.IDENTITY_ETHEREUM_ADDRESS}${ethereumAddress.slice(2)}`;
+}
+
+/**
+ * Checks if a formatted data is an ethereum address identity
+ *
+ * @param formattedData the formatted data to check
+ * @returns true if follow the format, false otherwise
+ */
+function isIdentityEthereumAddress(formattedData: string): boolean {
+  return (
+    formattedData.slice(0, 2) === MultiFormatTypes.prefix.IDENTITY_ETHEREUM_ADDRESS &&
+    formattedData.length === MultiFormatTypes.FORMAT_IDENTITY_ETHEREUM_ADDRESS_LENGTH
+  );
+}
+
 /**
  * Removes padding of a multi-format
  *