Unified Crypto refactor

.env.example

@@ -0,0 +1,5 @@
+TWITTER_USERNAME=
+TWITTER_PASSWORD=
+TWITTER_EMAIL=
+
+GITHUB_TOKEN=

.eslintrc.cjs

@@ -39,6 +39,8 @@ module.exports = {
             {
                 selector: "variableLike",
                 format: ["camelCase"],
+                leadingUnderscore: "allow",
+                trailingUnderscore: "allow",
             },
             {
                 selector: "function",

package.json

@@ -46,9 +46,9 @@
         "@fastify/cors": "^9.0.1",
         "@fastify/swagger": "^8.15.0",
         "@fastify/swagger-ui": "^4.1.0",
-        "@kynesyslabs/demosdk": "^2.2.49",
+        "@kynesyslabs/demosdk": "^2.2.51",
         "@octokit/core": "^6.1.5",
-        "@the-convocation/twitter-scraper": "^0.16.6",
+        "@the-convocation/twitter-scraper": "^0.17.0",
         "@types/express": "^4.17.21",
         "@types/http-proxy": "^1.17.14",
         "@types/lodash": "^4.17.4",

run

@@ -139,14 +139,14 @@ cd $PG_FOLDER
 if [ "$CLEAN" == "true" ]; then
     echo "Cleaning the database"
     sleep 1
-    sudo rm -rf data_*
+    rm -rf data_*
     mkdir data_${PG_PORT}
 fi
 
 # Suppressing errors if the database is not running
 docker compose down > /dev/null 2>&1
 if [ "$CLEAN" == "true" ]; then
-    rm -rf data_${PG_PORT} || sudo rm -rf data_${PG_PORT}
+    rm -rf data_${PG_PORT} || rm -rf data_${PG_PORT}
     mkdir data_${PG_PORT}
 fi
 # Finally starting the database

src/features/incentive/PointSystem.ts

@@ -49,11 +49,11 @@ export class PointSystem {
                 const subChainKeys = Object.keys(subChains)
 
                 for (const subChain of subChainKeys) {
-                    const addresses = subChains[subChain]
+                    const identities = subChains[subChain]
 
-                    if (Array.isArray(addresses)) {
-                        addresses.forEach(address => {
-                            const walletId = `${chain}:${address}`
+                    if (Array.isArray(identities)) {
+                        identities.forEach(identity => {
+                            const walletId = `${chain}:${identity.address}`
                             linkedWallets.push(walletId)
                         })
                     }

src/features/web2/Web2RequestManager.ts

@@ -1,8 +1,7 @@
-import Cryptography from "src/libs/crypto/cryptography"
 import Hashing from "src/libs/crypto/hashing"
 import { PeerManager } from "src/libs/peer"
 import required from "src/utilities/required"
-import SharedState from "src/utilities/sharedState"
+import SharedState, { getSharedState } from "src/utilities/sharedState"
 
 import {
     IWeb2Attestation,
@@ -12,6 +11,11 @@ import {
 import { DAHR } from "./dahr/DAHR"
 
 import terminalKit from "terminal-kit"
+import {
+    hexToUint8Array,
+    ucrypto,
+    uint8ArrayToHex,
+} from "@kynesyslabs/demosdk/encryption"
 
 const term = terminalKit.terminal
 
@@ -49,8 +53,10 @@ export class Web2RequestManager {
      * @param {IWeb2Result} web2Result - The result of the Web2 request to be attested.
      * @returns {IWeb2Attestation} The combined attestation for the Web2 request and result.
      */
-    getAttestedResult(web2Result: IWeb2Result): IWeb2Attestation {
-        const combinedAttestation = this.validateWeb2RequestAndResult(
+    async getAttestedResult(
+        web2Result: IWeb2Result,
+    ): Promise<IWeb2Attestation> {
+        const combinedAttestation = await this.validateWeb2RequestAndResult(
             this.dahr.web2Request,
             web2Result,
         )
@@ -63,10 +69,10 @@ export class Web2RequestManager {
         return combinedAttestation
     }
 
-    private validateWeb2RequestAndResult(
+    private async validateWeb2RequestAndResult(
         web2Request: IWeb2Request,
         web2Result: IWeb2Result,
-    ): IWeb2Attestation {
+    ): Promise<IWeb2Attestation> {
         term.yellow.bold("[Web2Parser] Validating request and result...\n")
 
         // Combine request and result into a single object
@@ -81,31 +87,35 @@ export class Web2RequestManager {
         term.bold("[Web2Parser] Combined hash:\n")
         console.log(hashedCombined)
 
-        const signature = Cryptography.sign(
-            hashedCombined,
-            SharedState.getInstance().identity.ed25519.privateKey,
+        const signature = await ucrypto.sign(
+            getSharedState.signingAlgorithm,
+            new TextEncoder().encode(hashedCombined),
         )
 
         const attestation: IWeb2Attestation = {
             hash: hashedCombined,
             timestamp: Date.now(),
-            identity: SharedState.getInstance().identity.ed25519.publicKey,
-            signature: signature,
+            identity: getSharedState.keypair.publicKey,
+            signature: {
+                type: getSharedState.signingAlgorithm,
+                data: uint8ArrayToHex(signature.signature),
+            },
             valid: null,
         }
         term.bold("[Web2Parser] Combined Attestation:\n")
         console.log(attestation)
 
-        const hexKey = SharedState
-            .getInstance()
-            .identity.ed25519.publicKey.toString("hex")
+        const hexKey = getSharedState.publicKeyHex
 
         // Store the attestation in the web2Request
         web2Request.attestations[hexKey] = attestation
 
         // Update the hash and signature of the web2Request
         web2Request.hash = hashedCombined
-        web2Request.signature = signature
+        web2Request.signature = {
+            type: getSharedState.signingAlgorithm,
+            data: uint8ArrayToHex(signature.signature),
+        }
 
         // Store the result in the web2Request if it's not already set
         if (web2Request.result === undefined) {
@@ -117,7 +127,7 @@ export class Web2RequestManager {
         return attestation
     }
 
-    private verifyWeb2RequestAndResult(): boolean {
+    private async verifyWeb2RequestAndResult(): Promise<boolean> {
         required(this.dahr.web2Request, "Missing request")
         let valid = true
 
@@ -127,11 +137,12 @@ export class Web2RequestManager {
             const hash = Hashing.sha256(stringifiedContent)
 
             const hashIsValid = hash === attestation.hash
-            const signatureIsValid = Cryptography.verify(
-                attestation.signature.toString("hex"),
-                attestation.hash,
-                attestation.identity,
-            )
+            const signatureIsValid = await ucrypto.verify({
+                algorithm: attestation.signature.type,
+                publicKey: attestation.identity as Uint8Array,
+                signature: hexToUint8Array(attestation.signature.signature),
+                message: new TextEncoder().encode(attestation.hash),
+            })
             const isValid = hashIsValid && signatureIsValid
             attestation.valid = isValid
 
@@ -169,10 +180,7 @@ export class Web2RequestManager {
      * @param {number} timeout - The timeout.
      * @returns {Promise<boolean>} Whether the quorum is reached.
      */
-    async quorumIsReached(
-        quorum = 10,
-        timeout = 9000,
-    ): Promise<boolean> {
+    async quorumIsReached(quorum = 10, timeout = 9000): Promise<boolean> {
         let reachedQuorum = false
         let timer = 0
         // NOTE We wait for timeout seconds before surrendering

src/features/web2/dahr/DAHR.ts

@@ -86,7 +86,7 @@ export class DAHR {
         })
 
         const attestedResult =
-            web2RequestManager.getAttestedResult(web2Response)
+            await web2RequestManager.getAttestedResult(web2Response)
 
         return {
             ...attestedResult,

src/features/web2/handleWeb2.ts

@@ -1,13 +1,13 @@
-import Cryptography from "src/libs/crypto/cryptography"
 import Hashing from "src/libs/crypto/hashing"
 import required from "src/utilities/required"
-import SharedState from "src/utilities/sharedState"
+import SharedState, { getSharedState } from "src/utilities/sharedState"
 import { IWeb2Request } from "@kynesyslabs/demosdk/types"
 import { Web2RequestManager } from "./Web2RequestManager"
 import { DAHRFactory } from "src/features/web2/dahr/DAHRFactory"
 
 import terminalKit from "terminal-kit"
 import { DAHR } from "./dahr/DAHR"
+import { ucrypto, uint8ArrayToHex } from "@kynesyslabs/demosdk/encryption"
 
 const term = terminalKit.terminal
 
@@ -77,26 +77,28 @@ export async function handleWeb2(
                 const hashedAttestations = Hashing.sha256(
                     JSON.stringify(dahr.web2Request.attestations),
                 )
-                const ourPrivateKey =
-                    SharedState.getInstance().identity.ed25519.privateKey
-                const signedAttestations = Cryptography.sign(
-                    hashedAttestations,
-                    ourPrivateKey,
+                const signature = await ucrypto.sign(
+                    getSharedState.signingAlgorithm,
+                    new TextEncoder().encode(hashedAttestations),
                 )
 
                 term.green(
                     "[handleWeb2] [*] Compiling and certifying the result on our side...",
                 )
 
                 dahr.web2Request.hash = hashedAttestations
-                dahr.web2Request.signature = signedAttestations
+                dahr.web2Request.signature = {
+                    type: getSharedState.signingAlgorithm,
+                    signature: uint8ArrayToHex(signature.signature),
+                }
             } catch (error) {
                 console.log("[handleWeb2] Error: " + JSON.stringify(error))
                 return JSON.stringify(error)
             }
         } else {
             /* TODO Activate the below on production  */
             // First, we have to validate the attestations
+            // NOTE: (For Massouji) web2RequestManager.web2ResultIsValid now returns a Promise<boolean>
             // web2RequestManager.web2ResultIsValid
             // Now that our web2request.request object is updated,
             // TODO we have to merge the attestations' arrays with valid values

src/index.ts

@@ -33,6 +33,7 @@ import getTimestampCorrection from "./libs/utils/calibrateTime"
 import net from "net"
 import { SignalingServer } from "./features/InstantMessagingProtocol/signalingServer/signalingServer"
 import { serverRpcBun } from "./libs/network/server_rpc"
+import { hexToUint8Array, ucrypto, uint8ArrayToHex } from "@kynesyslabs/demosdk/encryption"
 
 const term = terminalkit.terminal
 
@@ -224,21 +225,33 @@ async function preMainLoop() {
 
     // ANCHOR The whole first part of main ensures the environment is ready to run
     await getSharedState.identity.ensureIdentity() // ? Should we generate the identity option based too? (see SERVER_PORT and others    )
-    const id = getSharedState.identity
+    // INFO: Initialize Unified Crypto with ed25519 private key
+    await ucrypto.generateAllIdentities(
+        getSharedState.identity.ed25519.privateKey as Uint8Array,
+    )
+    getSharedState.keypair = await ucrypto.getIdentity(
+        getSharedState.signingAlgorithm,
+    )
+
+    // const id = getSharedState.identity
     term.green("[BOOTSTRAP] Our identity is ready\n")
     // Log identity
+    const publicKeyHex = uint8ArrayToHex(getSharedState.keypair.publicKey as Uint8Array)
     term.green(
-        "\n[MAIN] 🔗 WE ARE " + id.ed25519.publicKey.toString("hex") + " 🔗 \n",
+        "\n[MAIN] 🔗 WE ARE " + publicKeyHex + " 🔗 \n",
     )
     // Creating ourselves as a peer // ? Should this be removed in production?
     const ourselves = "http://127.0.0.1:" + indexState.SERVER_PORT
     getSharedState.connectionString = ourselves
     log.info("Our connection string is: " + ourselves)
     // And saves the public key file
-    const publicKeyHex = id.ed25519.publicKey.toString("hex")
-    fs.writeFileSync("publickey_" + publicKeyHex, publicKeyHex + "\n")
+    fs.writeFileSync(
+        "publickey_" + getSharedState.signingAlgorithm + "_" + publicKeyHex,
+        publicKeyHex + "\n",
+    )
     log.info("Our public key is: " + publicKeyHex)
 
+
     // ANCHOR Preparing the peer manager and loading the peer list
     PeerManager.getInstance().loadPeerList()
     indexState.PeerList = PeerManager.getInstance().getPeers()

src/libs/abstraction/index.ts

@@ -3,7 +3,7 @@ import { GithubProofParser } from "./web2/github"
 import { TwitterProofParser } from "./web2/twitter"
 import { type Web2ProofParser } from "./web2/parsers"
 import { Web2CoreTargetIdentityPayload } from "@kynesyslabs/demosdk/abstraction"
-import { forgeToHex } from "../crypto/forgeUtils"
+import { hexToUint8Array, ucrypto } from "@kynesyslabs/demosdk/encryption"
 
 /**
  * Fetches the proof data using the appropriate parser and verifies the signature
@@ -34,24 +34,31 @@ export async function verifyWeb2Proof(
     const instance = await parser.getInstance()
 
     try {
-        const { message, publicKey, signature } = await instance.readData(
+        const { message, type, signature } = await instance.readData(
             payload.proof,
         )
+        try {
+            const verified = await ucrypto.verify({
+                algorithm: type,
+                message: new TextEncoder().encode(message),
+                publicKey: hexToUint8Array(sender),
+                signature: hexToUint8Array(signature),
+            })
 
-        sender = forgeToHex(sender)
-        if (sender !== publicKey) {
+            return {
+                success: verified,
+                message: verified
+                    ? `Verified ${payload.context} proof`
+                    : `Failed to verify ${payload.context} proof`,
+            }
+        } catch (error: any) {
             return {
                 success: false,
-                message:
-                    "Unable to verify proof: public key does not match sender",
+                message: `Failed to verify ${
+                    payload.context
+                } proof: ${error.toString()}`,
             }
         }
-        const verified = Cryptography.verify(message, signature, publicKey)
-
-        return {
-            success: verified,
-            message: `Verified ${payload.context} proof`,
-        }
     } catch (error: any) {
         console.error(error)
         return {

src/libs/abstraction/web2/github.ts

@@ -1,7 +1,7 @@
 import axios from "axios"
 import { Octokit } from "@octokit/core"
 import { Web2ProofParser } from "./parsers"
-import log from "@/utilities/logger"
+import { SigningAlgorithm } from "@kynesyslabs/demosdk/types"
 
 export class GithubProofParser extends Web2ProofParser {
     private static instance: GithubProofParser
@@ -39,7 +39,7 @@ export class GithubProofParser extends Web2ProofParser {
 
     async readData(
         proofUrl: string,
-    ): Promise<{ message: string; signature: string; publicKey: string }> {
+    ): Promise<{ message: string; type: SigningAlgorithm; signature: string }> {
         this.verifyProofFormat(proofUrl, "github")
         const { username, gistId } = this.parseGistDetails(proofUrl)
         let content: string
@@ -90,12 +90,7 @@ export class GithubProofParser extends Web2ProofParser {
     static async getInstance() {
         if (!this.instance) {
             this.instance = new this()
-
-            try {
-                await this.instance.login()
-            } catch (error) {
-                log.error("Failed to login to github: " + error)
-            }
+            await this.instance.login()
         }
 
         return this.instance