-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #119 from hoprnet/jjpa/idx-sign-59
Adding verification of node and query
- Loading branch information
Showing
7 changed files
with
289 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
import { Ed25519Provider } from "key-did-provider-ed25519"; | ||
import KeyResolver from "key-did-resolver"; | ||
import { DID } from "dids"; | ||
import CeramicClient from "@ceramicnetwork/http-client"; | ||
import { TileDocument } from "@ceramicnetwork/stream-tile"; | ||
import { | ||
CERAMIC_API_URL, | ||
CERAMIC_TILE_ID, | ||
} from "../../../../constants/ceramic"; | ||
|
||
import { utils } from "ethers"; | ||
|
||
const secretKey = Uint8Array.from( | ||
utils.arrayify(`0x${process.env.HOPR_DASHBOARD_API_PRIVATE_KEY}`) | ||
); | ||
const provider = new Ed25519Provider(secretKey); | ||
const did = new DID({ provider, resolver: KeyResolver.getResolver() }); | ||
const client = new CeramicClient(CERAMIC_API_URL); | ||
const tileId = CERAMIC_TILE_ID; | ||
|
||
export default async (req, res) => { | ||
await did.authenticate(); | ||
client.setDID(did); | ||
|
||
const records = await TileDocument.load(client, tileId); | ||
|
||
return res.status(200).json({ | ||
status: "ok", | ||
tileId, | ||
records: records.content, | ||
}); | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,86 @@ | ||
import { Ed25519Provider } from "key-did-provider-ed25519"; | ||
import KeyResolver from "key-did-resolver"; | ||
import { DID } from "dids"; | ||
import CeramicClient from "@ceramicnetwork/http-client"; | ||
import { TileDocument } from "@ceramicnetwork/stream-tile"; | ||
import { | ||
HOPR_WEB3_SIGNATURE_DOMAIN, | ||
HOPR_WEB3_SIGNATURE_FOR_NODE_TYPES, | ||
} from "../../../../constants/hopr"; | ||
import { | ||
CERAMIC_API_URL, | ||
CERAMIC_TILE_ID, | ||
} from "../../../../constants/ceramic"; | ||
|
||
import { verifySignatureFromPeerId } from "@hoprnet/hopr-utils"; | ||
import { utils} from "ethers"; | ||
|
||
// NB: HOPR Node sign messages using the prefix to avoid having | ||
// the nodes sign any generic data which could be used maliciously | ||
// (e.g. a transfer request). Thus, we need to prefix the message | ||
// to get a valid signature. | ||
// see https://github.com/hoprnet/hoprnet/blob/master/packages/core/src/index.ts#L865-L870 | ||
const HOPR_PREFIX = "HOPR Signed Message: "; | ||
|
||
const secretKey = Uint8Array.from( | ||
utils.arrayify(`0x${process.env.HOPR_DASHBOARD_API_PRIVATE_KEY}`) | ||
); | ||
const provider = new Ed25519Provider(secretKey); | ||
const did = new DID({ provider, resolver: KeyResolver.getResolver() }); | ||
const client = new CeramicClient(CERAMIC_API_URL); | ||
const tileId = CERAMIC_TILE_ID; | ||
|
||
export default async (req, res) => { | ||
const { address } = req.query; | ||
const { signature, message } = req.body; | ||
|
||
const signerAddress = utils.verifyTypedData( | ||
HOPR_WEB3_SIGNATURE_DOMAIN, | ||
HOPR_WEB3_SIGNATURE_FOR_NODE_TYPES, | ||
message, | ||
signature | ||
); | ||
const isValidSignature = address == signerAddress; | ||
|
||
if (isValidSignature) { | ||
const checksumedAddress = utils.getAddress(address); | ||
const { hoprSignature, hoprAddress, ethAddress } = message; | ||
const messageSignedByNode = `${HOPR_PREFIX}${ethAddress}`; | ||
|
||
const isAddressOwnerOfNode = await verifySignatureFromPeerId( | ||
hoprAddress, | ||
messageSignedByNode, | ||
hoprSignature | ||
); | ||
|
||
if (isAddressOwnerOfNode) { | ||
|
||
await did.authenticate(); | ||
client.setDID(did); | ||
|
||
const docs = await TileDocument.load(client, tileId); | ||
const mutatedDoc = Object.assign({}, docs.content, { | ||
[hoprAddress]: ethAddress, | ||
}); | ||
await docs.update(mutatedDoc); | ||
|
||
return res.status(200).json({ | ||
status: "ok", | ||
tile: docs.id.toString(), | ||
message: `Your node was recorded into the Ceramic network.`, | ||
}); | ||
} else { | ||
return res.status(200).json({ | ||
status: "invalid", | ||
address: checksumedAddress, | ||
node: hoprAddress, | ||
message: `Your signature does not match the address you are submitting. Please try with a new signature.`, | ||
}); | ||
} | ||
} else { | ||
return res.json({ | ||
status: "err", | ||
message: "Signature is invalid.", | ||
}); | ||
} | ||
}; |
Oops, something went wrong.
15d075b
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Successfully deployed to the following URLs: