From 3814a047eb234ef6a4c6f2eeb0c4583166b5fb0d Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:30:01 -0500 Subject: [PATCH 01/13] wip - verify ethereum sigs --- npm-shrinkwrap.json | 283 ++++++++++++++++++++++++++++++++++--------- package.json | 2 + src/peer/identity.js | 22 +++- 3 files changed, 252 insertions(+), 55 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 53b0e56..c8c67f9 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -9,9 +9,9 @@ "optional": true }, "@types/node": { - "version": "6.0.61", + "version": "6.0.62", "from": "@types/node@>=6.0.45 <7.0.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-6.0.61.tgz" + "resolved": "https://registry.npmjs.org/@types/node/-/node-6.0.62.tgz" }, "abstract-leveldown": { "version": "2.4.1", @@ -49,11 +49,21 @@ "from": "any-promise@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz" }, + "aproba": { + "version": "1.0.4", + "from": "aproba@>=1.0.3 <2.0.0", + "resolved": "https://registry.npmjs.org/aproba/-/aproba-1.0.4.tgz" + }, "archive-type": { "version": "3.2.0", "from": "archive-type@>=3.0.1 <4.0.0", "resolved": "https://registry.npmjs.org/archive-type/-/archive-type-3.2.0.tgz" }, + "are-we-there-yet": { + "version": "1.1.2", + "from": "are-we-there-yet@>=1.1.2 <1.2.0", + "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-1.1.2.tgz" + }, "arr-diff": { "version": "2.0.0", "from": "arr-diff@>=2.0.0 <3.0.0", @@ -86,12 +96,12 @@ }, "asn1.js": { "version": "4.9.1", - "from": "asn1.js@>=4.8.1 <5.0.0", + "from": "asn1.js@>=4.9.1 <5.0.0", "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.9.1.tgz" }, "async": { "version": "2.1.4", - "from": "async@>=2.1.2 <3.0.0", + "from": "async@>=2.1.4 <3.0.0", "resolved": "https://registry.npmjs.org/async/-/async-2.1.4.tgz" }, "async-each-series": { @@ -110,9 +120,9 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-0.4.2.tgz" }, "base-x": { - "version": "1.1.0", - "from": "base-x@>=1.1.0 <2.0.0", - "resolved": "https://registry.npmjs.org/base-x/-/base-x-1.1.0.tgz" + "version": "2.0.3", + "from": "base-x@>=2.0.1 <3.0.0", + "resolved": "https://registry.npmjs.org/base-x/-/base-x-2.0.3.tgz" }, "beeper": { "version": "1.1.1", @@ -129,6 +139,16 @@ "from": "bin-build@>=2.2.0 <3.0.0", "resolved": "https://registry.npmjs.org/bin-build/-/bin-build-2.2.0.tgz" }, + "bindings": { + "version": "1.2.1", + "from": "bindings@>=1.2.1 <2.0.0", + "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.2.1.tgz" + }, + "bip66": { + "version": "1.1.4", + "from": "bip66@>=1.1.3 <2.0.0", + "resolved": "https://registry.npmjs.org/bip66/-/bip66-1.1.4.tgz" + }, "bl": { "version": "1.2.0", "from": "bl@>=1.0.0 <2.0.0", @@ -141,13 +161,13 @@ }, "bn.js": { "version": "4.11.6", - "from": "bn.js@>=4.0.0 <5.0.0", + "from": "bn.js@>=4.8.0 <5.0.0", "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.6.tgz" }, "borc": { - "version": "2.0.1", + "version": "2.0.2", "from": "borc@>=2.0.1 <3.0.0", - "resolved": "https://registry.npmjs.org/borc/-/borc-2.0.1.tgz", + "resolved": "https://registry.npmjs.org/borc/-/borc-2.0.2.tgz", "dependencies": { "commander": { "version": "2.9.0", @@ -203,6 +223,11 @@ "from": "browserify-rsa@>=4.0.0 <5.0.0", "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.0.1.tgz" }, + "browserify-sha3": { + "version": "0.0.1", + "from": "browserify-sha3@>=0.0.1 <0.0.2", + "resolved": "https://registry.npmjs.org/browserify-sha3/-/browserify-sha3-0.0.1.tgz" + }, "browserify-sign": { "version": "4.0.0", "from": "browserify-sign@>=4.0.0 <5.0.0", @@ -214,9 +239,9 @@ "resolved": "https://registry.npmjs.org/browserify-zlib-next/-/browserify-zlib-next-1.0.1.tgz" }, "bs58": { - "version": "3.1.0", - "from": "bs58@>=3.1.0 <4.0.0", - "resolved": "https://registry.npmjs.org/bs58/-/bs58-3.1.0.tgz" + "version": "4.0.0", + "from": "bs58@>=4.0.0 <5.0.0", + "resolved": "https://registry.npmjs.org/bs58/-/bs58-4.0.0.tgz" }, "buffer-crc32": { "version": "0.2.13", @@ -289,7 +314,7 @@ }, "cipher-base": { "version": "1.0.3", - "from": "cipher-base@>=1.0.0 <2.0.0", + "from": "cipher-base@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/cipher-base/-/cipher-base-1.0.3.tgz" }, "cliui": { @@ -332,6 +357,11 @@ "from": "concat-stream@>=1.4.6 <2.0.0", "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.0.tgz" }, + "console-control-strings": { + "version": "1.1.0", + "from": "console-control-strings@>=1.1.0 <1.2.0", + "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz" + }, "convert-source-map": { "version": "1.3.0", "from": "convert-source-map@>=1.1.1 <2.0.0", @@ -359,12 +389,12 @@ }, "create-hash": { "version": "1.1.2", - "from": "create-hash@>=1.1.0 <2.0.0", + "from": "create-hash@>=1.1.2 <2.0.0", "resolved": "https://registry.npmjs.org/create-hash/-/create-hash-1.1.2.tgz" }, "create-hmac": { "version": "1.1.4", - "from": "create-hmac@>=1.1.0 <2.0.0", + "from": "create-hmac@>=1.1.4 <2.0.0", "resolved": "https://registry.npmjs.org/create-hmac/-/create-hmac-1.1.4.tgz" }, "crypto-browserify": { @@ -465,6 +495,11 @@ "from": "deferred-leveldown@>=1.2.1 <1.3.0", "resolved": "https://registry.npmjs.org/deferred-leveldown/-/deferred-leveldown-1.2.1.tgz" }, + "delegates": { + "version": "1.0.0", + "from": "delegates@>=1.0.0 <2.0.0", + "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz" + }, "delimit-stream": { "version": "0.1.0", "from": "delimit-stream@0.1.0", @@ -502,6 +537,11 @@ } } }, + "drbg.js": { + "version": "1.0.1", + "from": "drbg.js@>=1.0.1 <2.0.0", + "resolved": "https://registry.npmjs.org/drbg.js/-/drbg.js-1.0.1.tgz" + }, "duplex-child-process": { "version": "0.0.5", "from": "duplex-child-process@0.0.5", @@ -531,7 +571,7 @@ }, "elliptic": { "version": "6.3.2", - "from": "elliptic@>=6.0.0 <7.0.0", + "from": "elliptic@>=6.2.3 <7.0.0", "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.3.2.tgz" }, "encoding": { @@ -586,6 +626,11 @@ "from": "esutils@>=1.0.0 <1.1.0", "resolved": "https://registry.npmjs.org/esutils/-/esutils-1.0.0.tgz" }, + "ethereumjs-util": { + "version": "5.0.1", + "from": "ethereumjs-util@>=5.0.1 <6.0.0", + "resolved": "https://registry.npmjs.org/ethereumjs-util/-/ethereumjs-util-5.0.1.tgz" + }, "evp_bytestokey": { "version": "1.0.0", "from": "evp_bytestokey@>=1.0.0 <2.0.0", @@ -613,6 +658,11 @@ "from": "expand-range@>=1.8.1 <2.0.0", "resolved": "https://registry.npmjs.org/expand-range/-/expand-range-1.8.2.tgz" }, + "expand-template": { + "version": "1.0.3", + "from": "expand-template@>=1.0.2 <2.0.0", + "resolved": "https://registry.npmjs.org/expand-template/-/expand-template-1.0.3.tgz" + }, "expand-tilde": { "version": "1.2.2", "from": "expand-tilde@>=1.2.2 <2.0.0", @@ -754,6 +804,23 @@ "from": "functional-red-black-tree@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz" }, + "gauge": { + "version": "2.7.2", + "from": "gauge@>=2.7.1 <2.8.0", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-2.7.2.tgz", + "dependencies": { + "object-assign": { + "version": "4.1.1", + "from": "object-assign@>=4.1.0 <5.0.0", + "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz" + }, + "supports-color": { + "version": "0.2.0", + "from": "supports-color@>=0.2.0 <0.3.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-0.2.0.tgz" + } + } + }, "generate-function": { "version": "2.0.0", "from": "generate-function@>=2.0.0 <3.0.0", @@ -784,6 +851,11 @@ "from": "get-stdin@>=4.0.1 <5.0.0", "resolved": "https://registry.npmjs.org/get-stdin/-/get-stdin-4.0.1.tgz" }, + "github-from-package": { + "version": "0.0.0", + "from": "github-from-package@0.0.0", + "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz" + }, "glob": { "version": "5.0.15", "from": "glob@>=5.0.3 <6.0.0", @@ -922,6 +994,11 @@ "from": "has-gulplog@>=0.1.0 <0.2.0", "resolved": "https://registry.npmjs.org/has-gulplog/-/has-gulplog-0.1.0.tgz" }, + "has-unicode": { + "version": "2.0.1", + "from": "has-unicode@>=2.0.0 <3.0.0", + "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz" + }, "hash.js": { "version": "1.0.3", "from": "hash.js@>=1.0.0 <2.0.0", @@ -1163,9 +1240,9 @@ "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz" }, "js-sha3": { - "version": "0.5.7", - "from": "js-sha3@>=0.5.5 <0.6.0", - "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" + "version": "0.3.1", + "from": "js-sha3@>=0.3.1 <0.4.0", + "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.3.1.tgz" }, "jsbn": { "version": "0.1.0", @@ -1192,9 +1269,14 @@ "from": "jsonify@>=0.0.0 <0.1.0", "resolved": "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz" }, + "keccakjs": { + "version": "0.2.1", + "from": "keccakjs@>=0.2.0 <0.3.0", + "resolved": "https://registry.npmjs.org/keccakjs/-/keccakjs-0.2.1.tgz" + }, "keypair": { "version": "1.0.1", - "from": "keypair@>=1.0.0 <2.0.0", + "from": "keypair@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/keypair/-/keypair-1.0.1.tgz" }, "kind-of": { @@ -1272,9 +1354,9 @@ "resolved": "https://registry.npmjs.org/levelup/-/levelup-1.3.3.tgz" }, "libp2p-crypto": { - "version": "0.7.6", + "version": "0.7.7", "from": "libp2p-crypto@>=0.7.6 <0.8.0", - "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.7.6.tgz" + "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.7.7.tgz" }, "libp2p-identify": { "version": "0.3.1", @@ -1289,7 +1371,19 @@ "libp2p-secio": { "version": "0.6.5", "from": "libp2p-secio@>=0.6.4 <0.7.0", - "resolved": "https://registry.npmjs.org/libp2p-secio/-/libp2p-secio-0.6.5.tgz" + "resolved": "https://registry.npmjs.org/libp2p-secio/-/libp2p-secio-0.6.5.tgz", + "dependencies": { + "js-sha3": { + "version": "0.5.7", + "from": "js-sha3@>=0.5.5 <0.6.0", + "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" + }, + "multihashing-async": { + "version": "0.3.0", + "from": "multihashing-async@>=0.3.0 <0.4.0", + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" + } + } }, "libp2p-spdy": { "version": "0.10.3", @@ -1297,9 +1391,9 @@ "resolved": "https://registry.npmjs.org/libp2p-spdy/-/libp2p-spdy-0.10.3.tgz" }, "libp2p-swarm": { - "version": "0.26.12", + "version": "0.26.14", "from": "libp2p-swarm@>=0.26.2 <0.27.0", - "resolved": "https://registry.npmjs.org/libp2p-swarm/-/libp2p-swarm-0.26.12.tgz", + "resolved": "https://registry.npmjs.org/libp2p-swarm/-/libp2p-swarm-0.26.14.tgz", "dependencies": { "once": { "version": "1.4.0", @@ -1705,30 +1799,28 @@ "multiaddr": { "version": "2.2.0", "from": "multiaddr@>=2.1.3 <3.0.0", - "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-2.2.0.tgz", - "dependencies": { - "base-x": { - "version": "2.0.3", - "from": "base-x@>=2.0.1 <3.0.0", - "resolved": "https://registry.npmjs.org/base-x/-/base-x-2.0.3.tgz" - }, - "bs58": { - "version": "4.0.0", - "from": "bs58@>=4.0.0 <5.0.0", - "resolved": "https://registry.npmjs.org/bs58/-/bs58-4.0.0.tgz" - } - } + "resolved": "https://registry.npmjs.org/multiaddr/-/multiaddr-2.2.0.tgz" }, "multihashes": { - "version": "0.3.1", + "version": "0.3.2", "from": "multihashes@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/multihashes/-/multihashes-0.3.1.tgz" + "resolved": "https://registry.npmjs.org/multihashes/-/multihashes-0.3.2.tgz" }, "multihashing": { "version": "0.2.1", "from": "multihashing@>=0.2.1 <0.3.0", "resolved": "https://registry.npmjs.org/multihashing/-/multihashing-0.2.1.tgz", "dependencies": { + "base-x": { + "version": "1.1.0", + "from": "base-x@>=1.1.0 <2.0.0", + "resolved": "https://registry.npmjs.org/base-x/-/base-x-1.1.0.tgz" + }, + "bs58": { + "version": "3.1.0", + "from": "bs58@>=3.0.0 <4.0.0", + "resolved": "https://registry.npmjs.org/bs58/-/bs58-3.1.0.tgz" + }, "multihashes": { "version": "0.2.2", "from": "multihashes@>=0.2.0 <0.3.0", @@ -1737,9 +1829,16 @@ } }, "multihashing-async": { - "version": "0.3.0", - "from": "multihashing-async@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" + "version": "0.4.0", + "from": "multihashing-async@>=0.4.0 <0.5.0", + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.0.tgz", + "dependencies": { + "js-sha3": { + "version": "0.5.7", + "from": "js-sha3@>=0.5.7 <0.6.0", + "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" + } + } }, "multipipe": { "version": "0.1.2", @@ -1764,9 +1863,9 @@ } }, "multistream-select": { - "version": "0.13.2", - "from": "multistream-select@>=0.13.2 <0.14.0", - "resolved": "https://registry.npmjs.org/multistream-select/-/multistream-select-0.13.2.tgz", + "version": "0.13.3", + "from": "multistream-select@>=0.13.3 <0.14.0", + "resolved": "https://registry.npmjs.org/multistream-select/-/multistream-select-0.13.3.tgz", "dependencies": { "once": { "version": "1.4.0", @@ -1780,11 +1879,15 @@ } } }, + "murmurhash3js": { + "version": "3.0.1", + "from": "murmurhash3js@>=3.0.1 <4.0.0", + "resolved": "https://registry.npmjs.org/murmurhash3js/-/murmurhash3js-3.0.1.tgz" + }, "nan": { "version": "2.5.1", - "from": "nan@>=2.4.0 <3.0.0", - "resolved": "https://registry.npmjs.org/nan/-/nan-2.5.1.tgz", - "optional": true + "from": "nan@>=2.0.5 <3.0.0", + "resolved": "https://registry.npmjs.org/nan/-/nan-2.5.1.tgz" }, "ndjson": { "version": "1.5.0", @@ -1798,6 +1901,11 @@ } } }, + "node-abi": { + "version": "1.1.0", + "from": "node-abi@>=1.0.3 <2.0.0", + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-1.1.0.tgz" + }, "node-fetch": { "version": "1.6.3", "from": "node-fetch@>=1.6.3 <2.0.0", @@ -1810,7 +1918,7 @@ }, "node-webcrypto-ossl": { "version": "1.0.16", - "from": "node-webcrypto-ossl@>=1.0.15 <2.0.0", + "from": "node-webcrypto-ossl@>=1.0.16 <2.0.0", "resolved": "https://registry.npmjs.org/node-webcrypto-ossl/-/node-webcrypto-ossl-1.0.16.tgz", "optional": true }, @@ -1819,6 +1927,11 @@ "from": "nodeify@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/nodeify/-/nodeify-1.0.0.tgz" }, + "noop-logger": { + "version": "0.1.1", + "from": "noop-logger@>=0.1.1 <0.2.0", + "resolved": "https://registry.npmjs.org/noop-logger/-/noop-logger-0.1.1.tgz" + }, "normalize-package-data": { "version": "2.3.5", "from": "normalize-package-data@>=2.3.2 <3.0.0", @@ -1829,6 +1942,11 @@ "from": "normalize-path@>=2.0.1 <3.0.0", "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.0.1.tgz" }, + "npmlog": { + "version": "4.0.2", + "from": "npmlog@>=4.0.1 <5.0.0", + "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-4.0.2.tgz" + }, "number-is-nan": { "version": "1.0.1", "from": "number-is-nan@>=1.0.0 <2.0.0", @@ -1976,7 +2094,19 @@ "peer-book": { "version": "0.3.0", "from": "peer-book@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/peer-book/-/peer-book-0.3.0.tgz" + "resolved": "https://registry.npmjs.org/peer-book/-/peer-book-0.3.0.tgz", + "dependencies": { + "base-x": { + "version": "1.1.0", + "from": "base-x@>=1.1.0 <2.0.0", + "resolved": "https://registry.npmjs.org/base-x/-/base-x-1.1.0.tgz" + }, + "bs58": { + "version": "3.1.0", + "from": "bs58@>=3.0.0 <4.0.0", + "resolved": "https://registry.npmjs.org/bs58/-/bs58-3.1.0.tgz" + } + } }, "peer-id": { "version": "0.8.1", @@ -2031,6 +2161,11 @@ "from": "pinkie-promise@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/pinkie-promise/-/pinkie-promise-2.0.1.tgz" }, + "prebuild-install": { + "version": "2.1.0", + "from": "prebuild-install@>=2.0.0 <3.0.0", + "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-2.1.0.tgz" + }, "prepend-http": { "version": "1.0.4", "from": "prepend-http@>=1.0.1 <2.0.0", @@ -2155,6 +2290,11 @@ "from": "pull-ws@>=3.2.8 <4.0.0", "resolved": "https://registry.npmjs.org/pull-ws/-/pull-ws-3.2.8.tgz" }, + "pump": { + "version": "1.0.2", + "from": "pump@>=1.0.1 <2.0.0", + "resolved": "https://registry.npmjs.org/pump/-/pump-1.0.2.tgz" + }, "quote-stream": { "version": "1.0.2", "from": "quote-stream@>=1.0.1 <2.0.0", @@ -2274,6 +2414,11 @@ "from": "ripemd160@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/ripemd160/-/ripemd160-1.0.1.tgz" }, + "rlp": { + "version": "2.0.0", + "from": "rlp@>=2.0.0 <3.0.0", + "resolved": "https://registry.npmjs.org/rlp/-/rlp-2.0.0.tgz" + }, "rsa-pem-to-jwk": { "version": "1.1.3", "from": "rsa-pem-to-jwk@>=1.1.3 <2.0.0", @@ -2289,6 +2434,11 @@ "from": "safe-buffer@>=5.0.1 <6.0.0", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.0.1.tgz" }, + "secp256k1": { + "version": "3.2.5", + "from": "https://registry.npmjs.org/secp256k1/-/secp256k1-3.2.5.tgz", + "resolved": "https://registry.npmjs.org/secp256k1/-/secp256k1-3.2.5.tgz" + }, "seek-bzip": { "version": "1.0.5", "from": "seek-bzip@>=1.0.3 <2.0.0", @@ -2301,7 +2451,7 @@ }, "set-blocking": { "version": "2.0.0", - "from": "set-blocking@>=2.0.0 <3.0.0", + "from": "set-blocking@>=2.0.0 <2.1.0", "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz" }, "set-immediate-shim": { @@ -2314,16 +2464,31 @@ "from": "sha.js@>=2.3.6 <3.0.0", "resolved": "https://registry.npmjs.org/sha.js/-/sha.js-2.4.8.tgz" }, + "sha3": { + "version": "1.2.0", + "from": "sha3@>=1.1.0 <2.0.0", + "resolved": "https://registry.npmjs.org/sha3/-/sha3-1.2.0.tgz" + }, "shallow-copy": { "version": "0.0.1", "from": "shallow-copy@>=0.0.1 <0.1.0", "resolved": "https://registry.npmjs.org/shallow-copy/-/shallow-copy-0.0.1.tgz" }, + "signal-exit": { + "version": "3.0.2", + "from": "signal-exit@>=3.0.0 <4.0.0", + "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz" + }, "signed-varint": { "version": "2.0.1", "from": "signed-varint@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/signed-varint/-/signed-varint-2.0.1.tgz" }, + "simple-get": { + "version": "1.4.3", + "from": "simple-get@>=1.4.2 <2.0.0", + "resolved": "https://registry.npmjs.org/simple-get/-/simple-get-1.4.3.tgz" + }, "source-map": { "version": "0.1.43", "from": "source-map@>=0.1.33 <0.2.0", @@ -3313,7 +3478,7 @@ }, "string-width": { "version": "1.0.2", - "from": "string-width@>=1.0.2 <2.0.0", + "from": "string-width@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz" }, "strip-ansi": { @@ -3356,6 +3521,11 @@ "from": "supports-color@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz" }, + "tar-fs": { + "version": "1.15.0", + "from": "tar-fs@>=1.13.0 <2.0.0", + "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-1.15.0.tgz" + }, "tar-stream": { "version": "1.5.2", "from": "tar-stream@>=1.1.1 <2.0.0", @@ -3622,6 +3792,11 @@ "from": "which-module@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/which-module/-/which-module-1.0.0.tgz" }, + "wide-align": { + "version": "1.1.0", + "from": "wide-align@>=1.1.0 <2.0.0", + "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.0.tgz" + }, "wordwrap": { "version": "0.0.3", "from": "wordwrap@>=0.0.2 <0.1.0", diff --git a/package.json b/package.json index 49c2cb0..433db09 100644 --- a/package.json +++ b/package.json @@ -35,6 +35,7 @@ "byline": "^5.0.0", "digest-stream": "^1.0.1", "duplex-child-process": "0.0.5", + "ethereumjs-util": "^5.0.1", "knex": "^0.12.6", "levelup": "^1.3.3", "libp2p-crypto": "^0.7.6", @@ -67,6 +68,7 @@ "pull-pushable": "^2.0.1", "pull-stream": "^3.5.0", "pull-window": "^2.1.4", + "secp256k1": "https://registry.npmjs.org/secp256k1/-/secp256k1-3.2.5.tgz", "sqlite3": "^3.1.8", "temp": "^0.8.3", "thenify-all": "^1.6.0", diff --git a/src/peer/identity.js b/src/peer/identity.js index 788bd15..0477fed 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -6,6 +6,8 @@ const PeerInfo = require('peer-info') const Crypto = thenifyAll(require('libp2p-crypto'), {}, ['unmarshalPrivateKey', 'generateKeyPair']) const Multiaddr = require('multiaddr') const b58 = require('bs58') +const ethereumUtils = require('ethereumjs-util') +const secp256k1 = require('secp256k1') const NODE_KEY_TYPE = 'RSA' const NODE_KEY_BITS = 2048 @@ -225,6 +227,23 @@ class PublisherId { } } +// FIXME: this needs a better interface +// it should accept a libp2p marshaled public key instead of an ethereum address +function verifyEthereumSignature (message: Buffer | string, sig: Buffer | string, ethAddress: Buffer | string): boolean { + const msgBuffer = ethereumUtils.toBuffer(message) + const prefixedMsg = Buffer.concat([ + Buffer.from('\u0019Ethereum Signed Message:\n', 'utf-8'), + Buffer.from(msgBuffer.length.toString(), 'utf-8'), + msgBuffer + ]) + const msgHash = ethereumUtils.sha3(prefixedMsg) + const {v, r, s} = ethereumUtils.fromRpcSig(sig) + + const pubKey = ethereumUtils.ecrecover(msgHash, v, r, s) + const sigAddress = ethereumUtils.pubToAddress(pubKey) + return sigAddress.equals(ethereumUtils.toBuffer(ethAddress)) +} + module.exports = { generateIdentity, saveIdentity, @@ -233,5 +252,6 @@ module.exports = { inflateMultiaddr, PublisherId, PublicSigningKey, - PrivateSigningKey + PrivateSigningKey, + verifyEthereumSignature // FIXME: remove once integrated into PublisherId } From e6175199498e45c71a6993c356f9b979c095fcb9 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:38:03 -0500 Subject: [PATCH 02/13] add verifyEthereum method to PublicSigningKey --- npm-shrinkwrap.json | 41 +++++++----------------- package.json | 2 +- src/peer/identity.js | 74 +++++++++++++++++++++++++++++++++++--------- 3 files changed, 73 insertions(+), 44 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index c8c67f9..3e930ed 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -96,12 +96,12 @@ }, "asn1.js": { "version": "4.9.1", - "from": "asn1.js@>=4.9.1 <5.0.0", + "from": "asn1.js@>=4.8.1 <5.0.0", "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.9.1.tgz" }, "async": { "version": "2.1.4", - "from": "async@>=2.1.4 <3.0.0", + "from": "async@>=2.1.2 <3.0.0", "resolved": "https://registry.npmjs.org/async/-/async-2.1.4.tgz" }, "async-each-series": { @@ -1276,7 +1276,7 @@ }, "keypair": { "version": "1.0.1", - "from": "keypair@>=1.0.1 <2.0.0", + "from": "keypair@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/keypair/-/keypair-1.0.1.tgz" }, "kind-of": { @@ -1354,9 +1354,9 @@ "resolved": "https://registry.npmjs.org/levelup/-/levelup-1.3.3.tgz" }, "libp2p-crypto": { - "version": "0.7.7", - "from": "libp2p-crypto@>=0.7.6 <0.8.0", - "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.7.7.tgz" + "version": "0.7.6", + "from": "git://github.com/yusefnapora/js-libp2p-crypto.git#7a27b786054ac137d7bebf616b4d2228bb8a0e68", + "resolved": "git://github.com/yusefnapora/js-libp2p-crypto.git#7a27b786054ac137d7bebf616b4d2228bb8a0e68" }, "libp2p-identify": { "version": "0.3.1", @@ -1371,19 +1371,7 @@ "libp2p-secio": { "version": "0.6.5", "from": "libp2p-secio@>=0.6.4 <0.7.0", - "resolved": "https://registry.npmjs.org/libp2p-secio/-/libp2p-secio-0.6.5.tgz", - "dependencies": { - "js-sha3": { - "version": "0.5.7", - "from": "js-sha3@>=0.5.5 <0.6.0", - "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" - }, - "multihashing-async": { - "version": "0.3.0", - "from": "multihashing-async@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" - } - } + "resolved": "https://registry.npmjs.org/libp2p-secio/-/libp2p-secio-0.6.5.tgz" }, "libp2p-spdy": { "version": "0.10.3", @@ -1829,13 +1817,13 @@ } }, "multihashing-async": { - "version": "0.4.0", - "from": "multihashing-async@>=0.4.0 <0.5.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.0.tgz", + "version": "0.3.0", + "from": "multihashing-async@>=0.3.0 <0.4.0", + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz", "dependencies": { "js-sha3": { "version": "0.5.7", - "from": "js-sha3@>=0.5.7 <0.6.0", + "from": "js-sha3@>=0.5.5 <0.6.0", "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" } } @@ -1879,11 +1867,6 @@ } } }, - "murmurhash3js": { - "version": "3.0.1", - "from": "murmurhash3js@>=3.0.1 <4.0.0", - "resolved": "https://registry.npmjs.org/murmurhash3js/-/murmurhash3js-3.0.1.tgz" - }, "nan": { "version": "2.5.1", "from": "nan@>=2.0.5 <3.0.0", @@ -1918,7 +1901,7 @@ }, "node-webcrypto-ossl": { "version": "1.0.16", - "from": "node-webcrypto-ossl@>=1.0.16 <2.0.0", + "from": "node-webcrypto-ossl@>=1.0.15 <2.0.0", "resolved": "https://registry.npmjs.org/node-webcrypto-ossl/-/node-webcrypto-ossl-1.0.16.tgz", "optional": true }, diff --git a/package.json b/package.json index 433db09..d170ecb 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,7 @@ "ethereumjs-util": "^5.0.1", "knex": "^0.12.6", "levelup": "^1.3.3", - "libp2p-crypto": "^0.7.6", + "libp2p-crypto": "git://github.com/yusefnapora/js-libp2p-crypto.git#7a27b786054ac137d7bebf616b4d2228bb8a0e68", "libp2p-ping": "^0.3.0", "libp2p-secio": "^0.6.4", "libp2p-spdy": "^0.10.1", diff --git a/src/peer/identity.js b/src/peer/identity.js index 0477fed..658d437 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -4,6 +4,7 @@ const fs = thenifyAll(require('fs'), {}, ['readFile', 'writeFile']) const PeerId = thenifyAll(require('peer-id'), {}, ['createFromPrivKey', 'create']) const PeerInfo = require('peer-info') const Crypto = thenifyAll(require('libp2p-crypto'), {}, ['unmarshalPrivateKey', 'generateKeyPair']) +const Secp256k1PublicKey = Crypto.keys.secp256k1.Secp256k1PublicKey const Multiaddr = require('multiaddr') const b58 = require('bs58') const ethereumUtils = require('ethereumjs-util') @@ -165,8 +166,22 @@ class PublicSigningKey { static fromB58String (b58String: string): PublicSigningKey { const bytes = Buffer.from(b58.decode(b58String)) - const p2pKey = Crypto.unmarshalPublicKey(bytes) - return new PublicSigningKey(p2pKey) + return this.fromBytes(bytes) + } + + static fromBytes (bytes: Buffer): PublicSigningKey { + try { + const p2pKey = Crypto.unmarshalPublicKey(bytes) + return new PublicSigningKey(p2pKey) + } catch (err) { + const ethKey = decodeEthereumPubKey(bytes) + const p2pKey = new Secp256k1PublicKey(ethKey) + return new PublicSigningKey(p2pKey) + } + } + + get isSecp256k1 () { + return (this._key instanceof Secp256k1PublicKey) } save (filename: string): Promise { @@ -182,6 +197,10 @@ class PublicSigningKey { } verify (message: Buffer, signature: Buffer): Promise { + if (this.isSecp256k1 && signature.length === ETH_SIGNATURE_LENGTH) { + return this.verifyEthereum(message, signature) + } + return new Promise((resolve, reject) => { this._key.verify(message, signature, (err, valid) => { if (err) return reject(err) @@ -189,6 +208,21 @@ class PublicSigningKey { }) }) } + + verifyEthereum (message: Buffer, signature: Buffer): Promise { + return Promise.resolve().then(() => { + if (!this.isSecp256k1) { + throw new Error('Only secp256k1 public keys can verify ethereum signatures') + } + if (signature.length !== ETH_SIGNATURE_LENGTH) { + throw new Error(`Invalid ethereum signature length ${signature.length}, expected ${ETH_SIGNATURE_LENGTH}`) + } + + const pubKey = recoverEthereumPubKey(message, signature) + const p2pKey = new Secp256k1PublicKey(pubKey) + return p2pKey.bytes.equals(this.bytes) + }) + } } class PublisherId { @@ -227,21 +261,34 @@ class PublisherId { } } -// FIXME: this needs a better interface -// it should accept a libp2p marshaled public key instead of an ethereum address -function verifyEthereumSignature (message: Buffer | string, sig: Buffer | string, ethAddress: Buffer | string): boolean { - const msgBuffer = ethereumUtils.toBuffer(message) +const ETH_SIGNATURE_LENGTH = 65 + +function ethereumPubKeyToStandardSecp (ethKey: Buffer): Buffer { + return secp256k1.publicKeyConvert(Buffer.concat([Buffer.from([4]), ethKey])) +} + +function decodeEthereumPubKey (key: Buffer): Buffer { + if (key.length === 65 || key.length === 33) { + key = secp256k1.publicKeyConvert(key) + } else if (key.length === 64) { + key = secp256k1.publicKeyConvert(ethereumPubKeyToStandardSecp(key)) + } else { + throw new Error(`Invalid public key length ${key.length}`) + } + return key +} + +function recoverEthereumPubKey (message: Buffer, signature: Buffer): Buffer { const prefixedMsg = Buffer.concat([ Buffer.from('\u0019Ethereum Signed Message:\n', 'utf-8'), - Buffer.from(msgBuffer.length.toString(), 'utf-8'), - msgBuffer + Buffer.from(message.length.toString(), 'utf-8'), + message ]) const msgHash = ethereumUtils.sha3(prefixedMsg) - const {v, r, s} = ethereumUtils.fromRpcSig(sig) + const { v, r, s } = ethereumUtils.fromRpcSig(signature) - const pubKey = ethereumUtils.ecrecover(msgHash, v, r, s) - const sigAddress = ethereumUtils.pubToAddress(pubKey) - return sigAddress.equals(ethereumUtils.toBuffer(ethAddress)) + const ethereumPubKey = ethereumUtils.ecrecover(msgHash, v, r, s) + return ethereumPubKeyToStandardSecp(ethereumPubKey) } module.exports = { @@ -252,6 +299,5 @@ module.exports = { inflateMultiaddr, PublisherId, PublicSigningKey, - PrivateSigningKey, - verifyEthereumSignature // FIXME: remove once integrated into PublisherId + PrivateSigningKey } From 56259fb6b0d1853b6ea7ed5e6837efad72534a08 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:44:31 -0500 Subject: [PATCH 03/13] add PublicSigningKey.fromSignedEthereumMessage fn --- src/peer/identity.js | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/peer/identity.js b/src/peer/identity.js index 658d437..3991a57 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -180,6 +180,17 @@ class PublicSigningKey { } } + static fromSignedEthereumMessage (message: Buffer, signature: Buffer, ethereumAddress: Buffer | string): PublicSigningKey { + const pubKey = recoverEthereumPubKey(message, signature) + const addrForSig = ethereumUtils.pubToAddress(pubKey, true) + const expectedAddr = ethereumUtils.toBuffer(ethereumAddress) + if (!expectedAddr.equals(addrForSig)) { + throw new Error(`Public key for signature does not match expected ethereum address ${expectedAddr.toString('hex')}`) + } + const p2pKey = new Secp256k1PublicKey(pubKey) + return new PublicSigningKey(p2pKey) + } + get isSecp256k1 () { return (this._key instanceof Secp256k1PublicKey) } From ae1ef9ff2798b2afd6f244576e5fba8f9126fa6d Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:46:29 -0500 Subject: [PATCH 04/13] use modular libp2p-crypto-secp256k1 fork --- npm-shrinkwrap.json | 9 +++++++-- package.json | 3 ++- src/peer/identity.js | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 3e930ed..43579a1 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -1355,8 +1355,13 @@ }, "libp2p-crypto": { "version": "0.7.6", - "from": "git://github.com/yusefnapora/js-libp2p-crypto.git#7a27b786054ac137d7bebf616b4d2228bb8a0e68", - "resolved": "git://github.com/yusefnapora/js-libp2p-crypto.git#7a27b786054ac137d7bebf616b4d2228bb8a0e68" + "from": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a", + "resolved": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a" + }, + "libp2p-crypto-secp256k1": { + "version": "0.0.1", + "from": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#fb7a7c331880bb8e8caf63d853376f043316d2e3", + "resolved": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#fb7a7c331880bb8e8caf63d853376f043316d2e3" }, "libp2p-identify": { "version": "0.3.1", diff --git a/package.json b/package.json index d170ecb..bffddba 100644 --- a/package.json +++ b/package.json @@ -38,7 +38,8 @@ "ethereumjs-util": "^5.0.1", "knex": "^0.12.6", "levelup": "^1.3.3", - "libp2p-crypto": "git://github.com/yusefnapora/js-libp2p-crypto.git#7a27b786054ac137d7bebf616b4d2228bb8a0e68", + "libp2p-crypto": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a", + "libp2p-crypto-secp256k1": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#fb7a7c331880bb8e8caf63d853376f043316d2e3", "libp2p-ping": "^0.3.0", "libp2p-secio": "^0.6.4", "libp2p-spdy": "^0.10.1", diff --git a/src/peer/identity.js b/src/peer/identity.js index 3991a57..4ea3f8d 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -4,7 +4,7 @@ const fs = thenifyAll(require('fs'), {}, ['readFile', 'writeFile']) const PeerId = thenifyAll(require('peer-id'), {}, ['createFromPrivKey', 'create']) const PeerInfo = require('peer-info') const Crypto = thenifyAll(require('libp2p-crypto'), {}, ['unmarshalPrivateKey', 'generateKeyPair']) -const Secp256k1PublicKey = Crypto.keys.secp256k1.Secp256k1PublicKey +const { Secp256k1PublicKey } = require('libp2p-crypto-secp256k1') const Multiaddr = require('multiaddr') const b58 = require('bs58') const ethereumUtils = require('ethereumjs-util') From 33f25c9bf327d8ffec06c3a8bb378cafebf10dff Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Mon, 23 Jan 2017 14:22:46 -0500 Subject: [PATCH 05/13] use ethereumjs-util fork with eth_sign helpers --- npm-shrinkwrap.json | 27 ++++++--------------------- package.json | 2 +- src/peer/identity.js | 20 ++++++-------------- 3 files changed, 13 insertions(+), 36 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 43579a1..fb9668d 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -223,11 +223,6 @@ "from": "browserify-rsa@>=4.0.0 <5.0.0", "resolved": "https://registry.npmjs.org/browserify-rsa/-/browserify-rsa-4.0.1.tgz" }, - "browserify-sha3": { - "version": "0.0.1", - "from": "browserify-sha3@>=0.0.1 <0.0.2", - "resolved": "https://registry.npmjs.org/browserify-sha3/-/browserify-sha3-0.0.1.tgz" - }, "browserify-sign": { "version": "4.0.0", "from": "browserify-sign@>=4.0.0 <5.0.0", @@ -628,8 +623,8 @@ }, "ethereumjs-util": { "version": "5.0.1", - "from": "ethereumjs-util@>=5.0.1 <6.0.0", - "resolved": "https://registry.npmjs.org/ethereumjs-util/-/ethereumjs-util-5.0.1.tgz" + "from": "git://github.com/yusefnapora/ethereumjs-util.git#ad7c8317c9d109ba68d1dc646066a9cacb19c3a9", + "resolved": "git://github.com/yusefnapora/ethereumjs-util.git#ad7c8317c9d109ba68d1dc646066a9cacb19c3a9" }, "evp_bytestokey": { "version": "1.0.0", @@ -1239,11 +1234,6 @@ "from": "isobject@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz" }, - "js-sha3": { - "version": "0.3.1", - "from": "js-sha3@>=0.3.1 <0.4.0", - "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.3.1.tgz" - }, "jsbn": { "version": "0.1.0", "from": "jsbn@0.1.0", @@ -1269,10 +1259,10 @@ "from": "jsonify@>=0.0.0 <0.1.0", "resolved": "https://registry.npmjs.org/jsonify/-/jsonify-0.0.0.tgz" }, - "keccakjs": { - "version": "0.2.1", - "from": "keccakjs@>=0.2.0 <0.3.0", - "resolved": "https://registry.npmjs.org/keccakjs/-/keccakjs-0.2.1.tgz" + "keccak": { + "version": "1.1.0", + "from": "keccak@>=1.0.2 <2.0.0", + "resolved": "https://registry.npmjs.org/keccak/-/keccak-1.1.0.tgz" }, "keypair": { "version": "1.0.1", @@ -2452,11 +2442,6 @@ "from": "sha.js@>=2.3.6 <3.0.0", "resolved": "https://registry.npmjs.org/sha.js/-/sha.js-2.4.8.tgz" }, - "sha3": { - "version": "1.2.0", - "from": "sha3@>=1.1.0 <2.0.0", - "resolved": "https://registry.npmjs.org/sha3/-/sha3-1.2.0.tgz" - }, "shallow-copy": { "version": "0.0.1", "from": "shallow-copy@>=0.0.1 <0.1.0", diff --git a/package.json b/package.json index bffddba..49cc55a 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "byline": "^5.0.0", "digest-stream": "^1.0.1", "duplex-child-process": "0.0.5", - "ethereumjs-util": "^5.0.1", + "ethereumjs-util": "git://github.com/yusefnapora/ethereumjs-util.git#ad7c8317c9d109ba68d1dc646066a9cacb19c3a9", "knex": "^0.12.6", "levelup": "^1.3.3", "libp2p-crypto": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a", diff --git a/src/peer/identity.js b/src/peer/identity.js index 4ea3f8d..48a2a4a 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -160,8 +160,7 @@ class PublicSigningKey { static load (filename: string): Promise { return fs.readFile(filename) - .then(bytes => Crypto.unmarshalPublicKey(bytes)) - .then(p2pKey => new PublicSigningKey(p2pKey)) + .then(bytes => PublicSigningKey.fromBytes(bytes)) } static fromB58String (b58String: string): PublicSigningKey { @@ -170,14 +169,14 @@ class PublicSigningKey { } static fromBytes (bytes: Buffer): PublicSigningKey { + let p2pKey try { - const p2pKey = Crypto.unmarshalPublicKey(bytes) - return new PublicSigningKey(p2pKey) + p2pKey = Crypto.unmarshalPublicKey(bytes) } catch (err) { const ethKey = decodeEthereumPubKey(bytes) - const p2pKey = new Secp256k1PublicKey(ethKey) - return new PublicSigningKey(p2pKey) + p2pKey = new Secp256k1PublicKey(ethKey) } + return new PublicSigningKey(p2pKey) } static fromSignedEthereumMessage (message: Buffer, signature: Buffer, ethereumAddress: Buffer | string): PublicSigningKey { @@ -290,15 +289,8 @@ function decodeEthereumPubKey (key: Buffer): Buffer { } function recoverEthereumPubKey (message: Buffer, signature: Buffer): Buffer { - const prefixedMsg = Buffer.concat([ - Buffer.from('\u0019Ethereum Signed Message:\n', 'utf-8'), - Buffer.from(message.length.toString(), 'utf-8'), - message - ]) - const msgHash = ethereumUtils.sha3(prefixedMsg) const { v, r, s } = ethereumUtils.fromRpcSig(signature) - - const ethereumPubKey = ethereumUtils.ecrecover(msgHash, v, r, s) + const ethereumPubKey = ethereumUtils.ethRecover(message, v, r, s) return ethereumPubKeyToStandardSecp(ethereumPubKey) } From 8e7b2544824d58aa96885470182b30ea683c26b7 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:46:41 -0500 Subject: [PATCH 06/13] add EthereumPublisherId to sign statements via ethereum RPC --- src/metadata/signatures.js | 6 ++-- src/peer/identity.js | 66 +++++++++++++++++++++++++++++++++++++- 2 files changed, 68 insertions(+), 4 deletions(-) diff --git a/src/metadata/signatures.js b/src/metadata/signatures.js index ac01851..46ffeb7 100644 --- a/src/metadata/signatures.js +++ b/src/metadata/signatures.js @@ -4,10 +4,10 @@ const { omit, cloneDeep } = require('lodash') const pb = require('../protobuf') const { PublicSigningKey } = require('../peer/identity') -import type { PublisherId } from '../peer/identity' +import type { IPublisherId } from '../peer/identity' import type { StatementMsg } from '../protobuf/types' -function signStatement (stmt: StatementMsg, publisherId: PublisherId): Promise { +function signStatement (stmt: StatementMsg, publisherId: IPublisherId): Promise { // clone the original message, removing any existing signature const result = omit(cloneDeep(stmt), 'signature') return calculateSignature(result, publisherId).then((sig) => { @@ -16,7 +16,7 @@ function signStatement (stmt: StatementMsg, publisherId: PublisherId): Promise { +function calculateSignature (stmt: StatementMsg, publisherId: IPublisherId): Promise { return Promise.resolve().then(() => { const bytes = pb.stmt.Statement.encode(stmt) // sign the encoded statement message and set the signature diff --git a/src/peer/identity.js b/src/peer/identity.js index 48a2a4a..8883d0e 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -235,6 +235,11 @@ class PublicSigningKey { } } +export interface IPublisherId { // eslint-disable-line no-undef + id58: string, + sign (message: Buffer): Promise +} + class PublisherId { id58: string privateKey: PrivateSigningKey @@ -271,8 +276,66 @@ class PublisherId { } } +/** + * Since ethereum clients secure their private keys, we can't use an ethereum private + * key as a PublisherId directly. This class lets you construct a PublisherId from a + * public key (or ethereum address) and a `sign` method that accepts a message `Buffer` + * and returns a `string` or `Promise` signature in the format produced by geth's + * `eth_sign` RPC call. + * + * The static `fromRPCMethod` call is the de-facto constructor, since it will likely be + * easier to use from within a Dapp, where getting your own public key is ridiculously + * complicated. + */ +class EthereumPublisherId { + id58: string + publicKey: PublicSigningKey + ethereumAddress: string + sign: (message: Buffer) => Promise + + constructor (publicKey: PublicSigningKey, ethereumAddress: string, sign: (message: Buffer) => Promise) { + this.publicKey = publicKey + this.id58 = b58.encode(publicKey.bytes) + this.ethereumAddress = ethereumAddress + this.sign = sign + } + + static fromRPCMethod (ethereumAddress: string, signRPC: EthSignRPCFunction) + : Promise { + ethereumAddress = ethereumUtils.addHexPrefix(ethereumAddress) + const message = Buffer.from('I need a public key, please', 'utf-8') + const sign = wrapEthSignRPCFunction(ethereumAddress, signRPC) + return sign(message) + .then(sig => recoverEthereumPubKey(message, sig)) + .then(ethKey => { + const recoveredAddress = ethereumUtils.publicToAddress(ethKey, true) + const expectedAddress = ethereumUtils.toBuffer(ethereumAddress) + if (!recoveredAddress.equals(expectedAddress)) { + throw new Error(`Signature from RPC method does not match expected ethereum address ${ethereumAddress}`) + } + const pubKey = new PublicSigningKey(new Secp256k1PublicKey(ethKey)) + return new EthereumPublisherId(pubKey, ethereumAddress, sign) + }) + } + + verify (message: Buffer, signature: Buffer): Promise { + return this.publicKey.verify(message, signature) + } +} + const ETH_SIGNATURE_LENGTH = 65 +type EthSignRPCFunction = (account: string, message: string, callback?: Function) => ?string + +function wrapEthSignRPCFunction (ethereumAddress: string, ethSign: EthSignRPCFunction): (message: Buffer) => Promise { + return (message) => new Promise((resolve, reject) => { + ethSign(ethereumAddress, '0x' + message.toString('hex'), (err, sigHex) => { + if (err) return reject(err) + resolve(ethereumUtils.toBuffer(sigHex)) + }) + }) +} + function ethereumPubKeyToStandardSecp (ethKey: Buffer): Buffer { return secp256k1.publicKeyConvert(Buffer.concat([Buffer.from([4]), ethKey])) } @@ -302,5 +365,6 @@ module.exports = { inflateMultiaddr, PublisherId, PublicSigningKey, - PrivateSigningKey + PrivateSigningKey, + EthereumPublisherId } From c8bd7417a7f965824ef2755ba1ad176e14786b5d Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Mon, 23 Jan 2017 17:33:04 -0500 Subject: [PATCH 07/13] shrinkwrap --- npm-shrinkwrap.json | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index fb9668d..68b46b7 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -1234,6 +1234,11 @@ "from": "isobject@>=2.0.0 <3.0.0", "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz" }, + "js-sha3": { + "version": "0.5.7", + "from": "js-sha3@>=0.5.5 <0.6.0", + "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" + }, "jsbn": { "version": "0.1.0", "from": "jsbn@0.1.0", @@ -1814,14 +1819,7 @@ "multihashing-async": { "version": "0.3.0", "from": "multihashing-async@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz", - "dependencies": { - "js-sha3": { - "version": "0.5.7", - "from": "js-sha3@>=0.5.5 <0.6.0", - "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" - } - } + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" }, "multipipe": { "version": "0.1.2", @@ -1864,7 +1862,7 @@ }, "nan": { "version": "2.5.1", - "from": "nan@>=2.0.5 <3.0.0", + "from": "nan@>=2.2.1 <3.0.0", "resolved": "https://registry.npmjs.org/nan/-/nan-2.5.1.tgz" }, "ndjson": { From 40ad3baf29d03f08d058b57a535039ec52e778e1 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:44:15 -0500 Subject: [PATCH 08/13] tests for ethereum signatures --- src/peer/identity.js | 4 +- test/ethereum_test.js | 74 +++++++++++++++++++ .../fixtures/ethereum-message-signature.js | 6 ++ 3 files changed, 82 insertions(+), 2 deletions(-) create mode 100644 test/ethereum_test.js create mode 100644 test/resources/fixtures/ethereum-message-signature.js diff --git a/src/peer/identity.js b/src/peer/identity.js index 8883d0e..e0e972d 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -319,13 +319,13 @@ class EthereumPublisherId { } verify (message: Buffer, signature: Buffer): Promise { - return this.publicKey.verify(message, signature) + return this.publicKey.verifyEthereum(message, signature) } } const ETH_SIGNATURE_LENGTH = 65 -type EthSignRPCFunction = (account: string, message: string, callback?: Function) => ?string +export type EthSignRPCFunction = (account: string, message: string, callback?: Function) => ?string function wrapEthSignRPCFunction (ethereumAddress: string, ethSign: EthSignRPCFunction): (message: Buffer) => Promise { return (message) => new Promise((resolve, reject) => { diff --git a/test/ethereum_test.js b/test/ethereum_test.js new file mode 100644 index 0000000..9b38a94 --- /dev/null +++ b/test/ethereum_test.js @@ -0,0 +1,74 @@ +// @flow +// eslint-env mocha + +const assert = require('assert') +const { before, describe, it } = require('mocha') +const ethereumUtils = require('ethereumjs-util') +const { EthereumPublisherId, PublicSigningKey } = require('../src/peer/identity') + +const ETH_MESSAGE_FIXTURES = require('./resources/fixtures/ethereum-message-signature') + +import type { EthSignRPCFunction } from '../src/peer/identity' + +function genMockEthSign (privateKey: Buffer): EthSignRPCFunction { + return (_account, message, callback) => { + let rpcSig + try { + const msgBuffer = ethereumUtils.toBuffer(message) + const {r, s, v} = ethereumUtils.ethSign(msgBuffer, privateKey) + rpcSig = ethereumUtils.toRpcSig(v, r, s) + } catch (err) { + setImmediate(() => callback(err)) + } + setImmediate(() => callback(null, rpcSig)) + } +} + +describe('Ethereum interop', () => { + const privateKey = Buffer.from('0e1df63c33fafd7fc523e1c94d1bf15cfb50e028acdd2df97dc671ba22b03842', 'hex') + const address = '0xbf5e3d0aef5b3f1f2103d8322a8b49b52b11436b' + const testMessage = Buffer.from('Hello world') + const testSig = Buffer.from('0101341512822ae0d33bf2bf0c6cf27953ea0ab335938b9db65be82f1d1aa2f14771d2ba34c20e9e72529bac68661429eaf0c24210b480e488bc789c23913a3201', 'hex') + const ethSign = genMockEthSign(privateKey) + let publisherId + + before(() => + EthereumPublisherId.fromRPCMethod(address, ethSign) + .then(_publisherId => { publisherId = _publisherId }) + ) + + it('validates a message signed by a geth ethereum node', () => { + const pubKey = PublicSigningKey.fromBytes(ETH_MESSAGE_FIXTURES.ethPubKey) + return pubKey.verify(ETH_MESSAGE_FIXTURES.message, ETH_MESSAGE_FIXTURES.signature) + .then(valid => { + assert(valid, 'signature verification failed') + }) + }) + + it('recovers a PublicSigningKey from a signed ethereum message and account address', () => { + const {message, signature, ethAccount, ethPubKey} = ETH_MESSAGE_FIXTURES + const pubKey = PublicSigningKey.fromSignedEthereumMessage(message, signature, ethAccount) + const keyFromHex = PublicSigningKey.fromBytes(ethPubKey) + assert.deepEqual(pubKey.bytes, keyFromHex.bytes, 'public key recovery failed') + }) + + it('generates an EthereumPublisherId from an ethereum address + RPC eth_sign function', () => { + assert(publisherId != null, 'publisher id generation failed') + return publisherId.sign(testMessage) + .then(sig => { + assert.deepEqual(sig, testSig, 'signature from EthereumPublisherId did not match fixture') + }) + .then(() => publisherId.verify(testMessage, testSig)) + .then(valid => { + assert(valid, 'signature validation failed') + }) + }) + + it('fails to generate an EthereumPublisherId if eth address does not match signature', () => { + const wrongAddress = '0xbf5e3d0aef5b3f1f2103d8322a8b49b52b114360' + return EthereumPublisherId.fromRPCMethod(wrongAddress, ethSign) + .catch(err => { + assert(err instanceof Error, 'should throw if address is incorrect') + }) + }) +}) diff --git a/test/resources/fixtures/ethereum-message-signature.js b/test/resources/fixtures/ethereum-message-signature.js new file mode 100644 index 0000000..bdac757 --- /dev/null +++ b/test/resources/fixtures/ethereum-message-signature.js @@ -0,0 +1,6 @@ +module.exports = { + ethAccount: Buffer.from('228709914ab3ad397bffccaa56e7136d171d3efc', 'hex'), + ethPubKey: Buffer.from('ea73f67b38ddff972ce1c3a5f51e86ed2f89d1d26038db4b0057dc54ebf66b81110d75115d05d9ee30d620e0686db517bb991a907a54edb70e54087c0a95fde3', 'hex'), + message: Buffer.from('Hello world'), + signature: Buffer.from('760122a17ea9af5d407d9290fa1b27394df46decaa8938ec7e0dd98cc626512e64302435c4ed7111b5a3709f3f4a6294e8757b82d72ac567f2b245594b6b71e81b', 'hex') +} From 0b3498d41111d31d619001e5d998b2cabf9f5e88 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:51:18 -0500 Subject: [PATCH 09/13] update for ethereumjs-util changes --- npm-shrinkwrap.json | 4 ++-- package.json | 2 +- src/peer/identity.js | 3 ++- test/{ => peer}/ethereum_test.js | 9 +++++---- 4 files changed, 10 insertions(+), 8 deletions(-) rename test/{ => peer}/ethereum_test.js (87%) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 68b46b7..5b6ec0d 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -623,8 +623,8 @@ }, "ethereumjs-util": { "version": "5.0.1", - "from": "git://github.com/yusefnapora/ethereumjs-util.git#ad7c8317c9d109ba68d1dc646066a9cacb19c3a9", - "resolved": "git://github.com/yusefnapora/ethereumjs-util.git#ad7c8317c9d109ba68d1dc646066a9cacb19c3a9" + "from": "git://github.com/yusefnapora/ethereumjs-util.git#c5d3d872e2b36de167fc5869006a94064adfa9d7", + "resolved": "git://github.com/yusefnapora/ethereumjs-util.git#c5d3d872e2b36de167fc5869006a94064adfa9d7" }, "evp_bytestokey": { "version": "1.0.0", diff --git a/package.json b/package.json index 49cc55a..1ed2ec7 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "byline": "^5.0.0", "digest-stream": "^1.0.1", "duplex-child-process": "0.0.5", - "ethereumjs-util": "git://github.com/yusefnapora/ethereumjs-util.git#ad7c8317c9d109ba68d1dc646066a9cacb19c3a9", + "ethereumjs-util": "git://github.com/yusefnapora/ethereumjs-util.git#c5d3d872e2b36de167fc5869006a94064adfa9d7", "knex": "^0.12.6", "levelup": "^1.3.3", "libp2p-crypto": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a", diff --git a/src/peer/identity.js b/src/peer/identity.js index e0e972d..34cb147 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -353,7 +353,8 @@ function decodeEthereumPubKey (key: Buffer): Buffer { function recoverEthereumPubKey (message: Buffer, signature: Buffer): Buffer { const { v, r, s } = ethereumUtils.fromRpcSig(signature) - const ethereumPubKey = ethereumUtils.ethRecover(message, v, r, s) + const msgHash = ethereumUtils.hashPersonalMessage(message) + const ethereumPubKey = ethereumUtils.ecrecover(msgHash, v, r, s) return ethereumPubKeyToStandardSecp(ethereumPubKey) } diff --git a/test/ethereum_test.js b/test/peer/ethereum_test.js similarity index 87% rename from test/ethereum_test.js rename to test/peer/ethereum_test.js index 9b38a94..b71ca3c 100644 --- a/test/ethereum_test.js +++ b/test/peer/ethereum_test.js @@ -4,18 +4,19 @@ const assert = require('assert') const { before, describe, it } = require('mocha') const ethereumUtils = require('ethereumjs-util') -const { EthereumPublisherId, PublicSigningKey } = require('../src/peer/identity') +const { EthereumPublisherId, PublicSigningKey } = require('../../src/peer/identity') -const ETH_MESSAGE_FIXTURES = require('./resources/fixtures/ethereum-message-signature') +const ETH_MESSAGE_FIXTURES = require('./../resources/fixtures/ethereum-message-signature') -import type { EthSignRPCFunction } from '../src/peer/identity' +import type { EthSignRPCFunction } from '../../src/peer/identity' function genMockEthSign (privateKey: Buffer): EthSignRPCFunction { return (_account, message, callback) => { let rpcSig try { const msgBuffer = ethereumUtils.toBuffer(message) - const {r, s, v} = ethereumUtils.ethSign(msgBuffer, privateKey) + const msgHash = ethereumUtils.hashPersonalMessage(msgBuffer) + const {r, s, v} = ethereumUtils.ecsign(msgHash, privateKey) rpcSig = ethereumUtils.toRpcSig(v, r, s) } catch (err) { setImmediate(() => callback(err)) From 8f2833e7acbad1f0290bddec8d192b97f3b6178f Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 24 Jan 2017 16:37:10 -0500 Subject: [PATCH 10/13] update doc comments for EthereumPublisherId --- src/peer/identity.js | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/src/peer/identity.js b/src/peer/identity.js index 34cb147..83b2e51 100644 --- a/src/peer/identity.js +++ b/src/peer/identity.js @@ -278,14 +278,10 @@ class PublisherId { /** * Since ethereum clients secure their private keys, we can't use an ethereum private - * key as a PublisherId directly. This class lets you construct a PublisherId from a - * public key (or ethereum address) and a `sign` method that accepts a message `Buffer` - * and returns a `string` or `Promise` signature in the format produced by geth's + * key as a PublisherId directly. This class lets you construct a PublisherId from an + * ethereum address and a `sign` method that accepts a message `Buffer` + * and returns a `string` signature in the format produced by geth's * `eth_sign` RPC call. - * - * The static `fromRPCMethod` call is the de-facto constructor, since it will likely be - * easier to use from within a Dapp, where getting your own public key is ridiculously - * complicated. */ class EthereumPublisherId { id58: string @@ -293,6 +289,14 @@ class EthereumPublisherId { ethereumAddress: string sign: (message: Buffer) => Promise + /** + * This constructor should be considered "internal"; ethereum dapps will want to use + * `EthereumPublisherId.fromRPCMethod`. + * @param {PublicSigningKey} publicKey - key type must be secp256k1 + * @param {string} ethereumAddress - hex-encoded ethereum address, prefixed with '0x' + * @param {Function} sign - a function of (message: Buffer) => Promise that + * produces signatures in the same format as the `eth_sign` RPC method. + */ constructor (publicKey: PublicSigningKey, ethereumAddress: string, sign: (message: Buffer) => Promise) { this.publicKey = publicKey this.id58 = b58.encode(publicKey.bytes) @@ -300,6 +304,15 @@ class EthereumPublisherId { this.sign = sign } + /** + * The de-facto constructor, produces an `EthereumPublisherId` from an ethereum address and + * the `web3.eth.sign` RPC function. The ethereum address must be recoverable (using `ecrecover`) from the + * signatures produced by the sign function. Uses the async form of the RPC call, so returns a `Promise`. + * @param ethereumAddress - hex-encoded ethereum address (optionally prefixed with '0x') + * @param signRPC - the `web3.eth.sign` function, or one with an identical signature and behavior + * @return {Promise} - on success, an `EthereumPublisherId` which can be used to sign + * mediachain statements. + */ static fromRPCMethod (ethereumAddress: string, signRPC: EthSignRPCFunction) : Promise { ethereumAddress = ethereumUtils.addHexPrefix(ethereumAddress) From 5e255c7ed9ccfa224fd8d53baf343645dc0776b9 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 31 Jan 2017 11:56:06 -0500 Subject: [PATCH 11/13] use main ethereumsjs-util repo we still need a git dependency until they do a new npm release, but at least we're not on a fork any more --- npm-shrinkwrap.json | 4 ++-- package.json | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 5b6ec0d..df39c9e 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -623,8 +623,8 @@ }, "ethereumjs-util": { "version": "5.0.1", - "from": "git://github.com/yusefnapora/ethereumjs-util.git#c5d3d872e2b36de167fc5869006a94064adfa9d7", - "resolved": "git://github.com/yusefnapora/ethereumjs-util.git#c5d3d872e2b36de167fc5869006a94064adfa9d7" + "from": "git://github.com/ethereumjs/ethereumjs-util.git#ac5d0908536b447083ea422b435da27f26615de9", + "resolved": "git://github.com/ethereumjs/ethereumjs-util.git#ac5d0908536b447083ea422b435da27f26615de9" }, "evp_bytestokey": { "version": "1.0.0", diff --git a/package.json b/package.json index 1ed2ec7..b845a77 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "byline": "^5.0.0", "digest-stream": "^1.0.1", "duplex-child-process": "0.0.5", - "ethereumjs-util": "git://github.com/yusefnapora/ethereumjs-util.git#c5d3d872e2b36de167fc5869006a94064adfa9d7", + "ethereumjs-util": "git://github.com/ethereumjs/ethereumjs-util.git#ac5d0908536b447083ea422b435da27f26615de9", "knex": "^0.12.6", "levelup": "^1.3.3", "libp2p-crypto": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a", From 7c9f9b6537695832189cee02b6d52b1949268db2 Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Tue, 7 Feb 2017 16:47:02 -0500 Subject: [PATCH 12/13] remove most forked dependencies --- npm-shrinkwrap.json | 123 +++++++++++++++++++++++++++++++------------- package.json | 10 ++-- 2 files changed, 92 insertions(+), 41 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index df39c9e..00b6932 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -50,9 +50,9 @@ "resolved": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz" }, "aproba": { - "version": "1.0.4", + "version": "1.1.0", "from": "aproba@>=1.0.3 <2.0.0", - "resolved": "https://registry.npmjs.org/aproba/-/aproba-1.0.4.tgz" + "resolved": "https://registry.npmjs.org/aproba/-/aproba-1.1.0.tgz" }, "archive-type": { "version": "3.2.0", @@ -96,12 +96,12 @@ }, "asn1.js": { "version": "4.9.1", - "from": "asn1.js@>=4.8.1 <5.0.0", + "from": "asn1.js@>=4.9.1 <5.0.0", "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-4.9.1.tgz" }, "async": { "version": "2.1.4", - "from": "async@>=2.1.2 <3.0.0", + "from": "async@>=2.1.4 <3.0.0", "resolved": "https://registry.npmjs.org/async/-/async-2.1.4.tgz" }, "async-each-series": { @@ -120,9 +120,9 @@ "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-0.4.2.tgz" }, "base-x": { - "version": "2.0.3", + "version": "2.0.4", "from": "base-x@>=2.0.1 <3.0.0", - "resolved": "https://registry.npmjs.org/base-x/-/base-x-2.0.3.tgz" + "resolved": "https://registry.npmjs.org/base-x/-/base-x-2.0.4.tgz" }, "beeper": { "version": "1.1.1", @@ -199,9 +199,9 @@ } }, "brorand": { - "version": "1.0.6", + "version": "1.0.7", "from": "brorand@>=1.0.1 <2.0.0", - "resolved": "https://registry.npmjs.org/brorand/-/brorand-1.0.6.tgz" + "resolved": "https://registry.npmjs.org/brorand/-/brorand-1.0.7.tgz" }, "browserify-aes": { "version": "1.0.6", @@ -565,9 +565,9 @@ "resolved": "https://registry.npmjs.org/each-async/-/each-async-1.1.1.tgz" }, "elliptic": { - "version": "6.3.2", + "version": "6.3.3", "from": "elliptic@>=6.2.3 <7.0.0", - "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.3.2.tgz" + "resolved": "https://registry.npmjs.org/elliptic/-/elliptic-6.3.3.tgz" }, "encoding": { "version": "0.1.12", @@ -622,9 +622,9 @@ "resolved": "https://registry.npmjs.org/esutils/-/esutils-1.0.0.tgz" }, "ethereumjs-util": { - "version": "5.0.1", - "from": "git://github.com/ethereumjs/ethereumjs-util.git#ac5d0908536b447083ea422b435da27f26615de9", - "resolved": "git://github.com/ethereumjs/ethereumjs-util.git#ac5d0908536b447083ea422b435da27f26615de9" + "version": "5.1.0", + "from": "ethereumjs-util@>=5.1.0 <6.0.0", + "resolved": "https://registry.npmjs.org/ethereumjs-util/-/ethereumjs-util-5.1.0.tgz" }, "evp_bytestokey": { "version": "1.0.0", @@ -1005,9 +1005,9 @@ "resolved": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.1.tgz" }, "hosted-git-info": { - "version": "2.1.5", + "version": "2.2.0", "from": "hosted-git-info@>=2.1.4 <3.0.0", - "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.1.5.tgz" + "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.2.0.tgz" }, "hpack.js": { "version": "2.1.6", @@ -1236,7 +1236,7 @@ }, "js-sha3": { "version": "0.5.7", - "from": "js-sha3@>=0.5.5 <0.6.0", + "from": "js-sha3@>=0.5.7 <0.6.0", "resolved": "https://registry.npmjs.org/js-sha3/-/js-sha3-0.5.7.tgz" }, "jsbn": { @@ -1271,7 +1271,7 @@ }, "keypair": { "version": "1.0.1", - "from": "keypair@>=1.0.0 <2.0.0", + "from": "keypair@>=1.0.1 <2.0.0", "resolved": "https://registry.npmjs.org/keypair/-/keypair-1.0.1.tgz" }, "kind-of": { @@ -1349,14 +1349,21 @@ "resolved": "https://registry.npmjs.org/levelup/-/levelup-1.3.3.tgz" }, "libp2p-crypto": { - "version": "0.7.6", - "from": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a", - "resolved": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a" + "version": "0.8.0", + "from": "libp2p-crypto@>=0.8.0 <0.9.0", + "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.8.0.tgz" }, "libp2p-crypto-secp256k1": { "version": "0.0.1", - "from": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#fb7a7c331880bb8e8caf63d853376f043316d2e3", - "resolved": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#fb7a7c331880bb8e8caf63d853376f043316d2e3" + "from": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#7d3fc08979bd3a4e639ff9561f7679d04fab0475", + "resolved": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#7d3fc08979bd3a4e639ff9561f7679d04fab0475", + "dependencies": { + "multihashing-async": { + "version": "0.3.0", + "from": "multihashing-async@>=0.3.0 <0.4.0", + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" + } + } }, "libp2p-identify": { "version": "0.3.1", @@ -1366,12 +1373,38 @@ "libp2p-ping": { "version": "0.3.0", "from": "libp2p-ping@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/libp2p-ping/-/libp2p-ping-0.3.0.tgz" + "resolved": "https://registry.npmjs.org/libp2p-ping/-/libp2p-ping-0.3.0.tgz", + "dependencies": { + "libp2p-crypto": { + "version": "0.7.7", + "from": "libp2p-crypto@>=0.7.3 <0.8.0", + "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.7.7.tgz" + } + } }, "libp2p-secio": { "version": "0.6.5", "from": "libp2p-secio@>=0.6.4 <0.7.0", - "resolved": "https://registry.npmjs.org/libp2p-secio/-/libp2p-secio-0.6.5.tgz" + "resolved": "https://registry.npmjs.org/libp2p-secio/-/libp2p-secio-0.6.5.tgz", + "dependencies": { + "libp2p-crypto": { + "version": "0.7.7", + "from": "libp2p-crypto@>=0.7.6 <0.8.0", + "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.7.7.tgz", + "dependencies": { + "multihashing-async": { + "version": "0.4.0", + "from": "multihashing-async@^0.4.0", + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.0.tgz" + } + } + }, + "multihashing-async": { + "version": "0.3.0", + "from": "multihashing-async@>=0.3.0 <0.4.0", + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" + } + } }, "libp2p-spdy": { "version": "0.10.3", @@ -1817,9 +1850,9 @@ } }, "multihashing-async": { - "version": "0.3.0", - "from": "multihashing-async@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" + "version": "0.4.0", + "from": "multihashing-async@>=0.4.0 <0.5.0", + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.0.tgz" }, "multipipe": { "version": "0.1.2", @@ -1860,6 +1893,11 @@ } } }, + "murmurhash3js": { + "version": "3.0.1", + "from": "murmurhash3js@>=3.0.1 <4.0.0", + "resolved": "https://registry.npmjs.org/murmurhash3js/-/murmurhash3js-3.0.1.tgz" + }, "nan": { "version": "2.5.1", "from": "nan@>=2.2.1 <3.0.0", @@ -1878,9 +1916,9 @@ } }, "node-abi": { - "version": "1.1.0", + "version": "1.3.2", "from": "node-abi@>=1.0.3 <2.0.0", - "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-1.1.0.tgz" + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-1.3.2.tgz" }, "node-fetch": { "version": "1.6.3", @@ -1893,9 +1931,9 @@ "resolved": "https://registry.npmjs.org/node-status-codes/-/node-status-codes-1.0.0.tgz" }, "node-webcrypto-ossl": { - "version": "1.0.16", - "from": "node-webcrypto-ossl@>=1.0.15 <2.0.0", - "resolved": "https://registry.npmjs.org/node-webcrypto-ossl/-/node-webcrypto-ossl-1.0.16.tgz", + "version": "1.0.17", + "from": "node-webcrypto-ossl@>=1.0.16 <2.0.0", + "resolved": "https://registry.npmjs.org/node-webcrypto-ossl/-/node-webcrypto-ossl-1.0.17.tgz", "optional": true }, "nodeify": { @@ -2087,7 +2125,14 @@ "peer-id": { "version": "0.8.1", "from": "peer-id@>=0.8.0 <0.9.0", - "resolved": "https://registry.npmjs.org/peer-id/-/peer-id-0.8.1.tgz" + "resolved": "https://registry.npmjs.org/peer-id/-/peer-id-0.8.1.tgz", + "dependencies": { + "libp2p-crypto": { + "version": "0.7.7", + "from": "libp2p-crypto@>=0.7.0 <0.8.0", + "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.7.7.tgz" + } + } }, "peer-info": { "version": "0.8.2", @@ -2412,7 +2457,7 @@ }, "secp256k1": { "version": "3.2.5", - "from": "https://registry.npmjs.org/secp256k1/-/secp256k1-3.2.5.tgz", + "from": "secp256k1@>=3.2.5 <4.0.0", "resolved": "https://registry.npmjs.org/secp256k1/-/secp256k1-3.2.5.tgz" }, "seek-bzip": { @@ -3595,6 +3640,12 @@ "from": "trim-repeated@>=1.0.0 <2.0.0", "resolved": "https://registry.npmjs.org/trim-repeated/-/trim-repeated-1.0.0.tgz" }, + "tslib": { + "version": "1.5.0", + "from": "tslib@>=1.5.0 <2.0.0", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.5.0.tgz", + "optional": true + }, "tunnel-agent": { "version": "0.4.3", "from": "tunnel-agent@>=0.4.0 <0.5.0", @@ -3743,9 +3794,9 @@ "resolved": "https://registry.npmjs.org/webcrypto/-/webcrypto-0.1.0.tgz" }, "webcrypto-core": { - "version": "0.1.7", + "version": "0.1.10", "from": "webcrypto-core@>=0.0.0 <1.0.0", - "resolved": "https://registry.npmjs.org/webcrypto-core/-/webcrypto-core-0.1.7.tgz", + "resolved": "https://registry.npmjs.org/webcrypto-core/-/webcrypto-core-0.1.10.tgz", "optional": true }, "webcrypto-shim": { diff --git a/package.json b/package.json index b845a77..a832bee 100644 --- a/package.json +++ b/package.json @@ -35,11 +35,11 @@ "byline": "^5.0.0", "digest-stream": "^1.0.1", "duplex-child-process": "0.0.5", - "ethereumjs-util": "git://github.com/ethereumjs/ethereumjs-util.git#ac5d0908536b447083ea422b435da27f26615de9", + "ethereumjs-util": "^5.1.0", "knex": "^0.12.6", "levelup": "^1.3.3", - "libp2p-crypto": "git://github.com/yusefnapora/js-libp2p-crypto.git#ec387c3b9eafca2ca0ad5defa7dd80dcc978950a", - "libp2p-crypto-secp256k1": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#fb7a7c331880bb8e8caf63d853376f043316d2e3", + "libp2p-crypto": "^0.8.0", + "libp2p-crypto-secp256k1": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#7d3fc08979bd3a4e639ff9561f7679d04fab0475", "libp2p-ping": "^0.3.0", "libp2p-secio": "^0.6.4", "libp2p-spdy": "^0.10.1", @@ -57,7 +57,6 @@ "multihashing": "^0.2.1", "ndjson": "^1.4.3", "node-fetch": "^1.6.3", - "uuid": "^3.0.1", "peer-book": "^0.3.0", "peer-id": "^0.8.0", "peer-info": "^0.8.0", @@ -69,11 +68,12 @@ "pull-pushable": "^2.0.1", "pull-stream": "^3.5.0", "pull-window": "^2.1.4", - "secp256k1": "https://registry.npmjs.org/secp256k1/-/secp256k1-3.2.5.tgz", + "secp256k1": "^3.2.5", "sqlite3": "^3.1.8", "temp": "^0.8.3", "thenify-all": "^1.6.0", "tunnel-ssh": "^4.1.1", + "uuid": "^3.0.1", "yargs": "^6.3.0" }, "devDependencies": { From aafedf9fb71f1a64cf47a70c5f74d31725f94a1c Mon Sep 17 00:00:00 2001 From: Yusef Napora Date: Thu, 9 Feb 2017 10:15:12 -0500 Subject: [PATCH 13/13] use published version of libp2p-crypto-secp256k1 --- npm-shrinkwrap.json | 46 +++++++++++++++++---------------------------- package.json | 2 +- 2 files changed, 18 insertions(+), 30 deletions(-) diff --git a/npm-shrinkwrap.json b/npm-shrinkwrap.json index 00b6932..0bb7bd3 100644 --- a/npm-shrinkwrap.json +++ b/npm-shrinkwrap.json @@ -9,9 +9,9 @@ "optional": true }, "@types/node": { - "version": "6.0.62", + "version": "6.0.63", "from": "@types/node@>=6.0.45 <7.0.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-6.0.62.tgz" + "resolved": "https://registry.npmjs.org/@types/node/-/node-6.0.63.tgz" }, "abstract-leveldown": { "version": "2.4.1", @@ -50,9 +50,9 @@ "resolved": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz" }, "aproba": { - "version": "1.1.0", + "version": "1.1.1", "from": "aproba@>=1.0.3 <2.0.0", - "resolved": "https://registry.npmjs.org/aproba/-/aproba-1.1.0.tgz" + "resolved": "https://registry.npmjs.org/aproba/-/aproba-1.1.1.tgz" }, "archive-type": { "version": "3.2.0", @@ -800,19 +800,14 @@ "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz" }, "gauge": { - "version": "2.7.2", + "version": "2.7.3", "from": "gauge@>=2.7.1 <2.8.0", - "resolved": "https://registry.npmjs.org/gauge/-/gauge-2.7.2.tgz", + "resolved": "https://registry.npmjs.org/gauge/-/gauge-2.7.3.tgz", "dependencies": { "object-assign": { "version": "4.1.1", "from": "object-assign@>=4.1.0 <5.0.0", "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz" - }, - "supports-color": { - "version": "0.2.0", - "from": "supports-color@>=0.2.0 <0.3.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-0.2.0.tgz" } } }, @@ -1354,16 +1349,9 @@ "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.8.0.tgz" }, "libp2p-crypto-secp256k1": { - "version": "0.0.1", - "from": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#7d3fc08979bd3a4e639ff9561f7679d04fab0475", - "resolved": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#7d3fc08979bd3a4e639ff9561f7679d04fab0475", - "dependencies": { - "multihashing-async": { - "version": "0.3.0", - "from": "multihashing-async@>=0.3.0 <0.4.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.3.0.tgz" - } - } + "version": "0.1.0", + "from": "libp2p-crypto-secp256k1@>=0.1.0 <0.2.0", + "resolved": "https://registry.npmjs.org/libp2p-crypto-secp256k1/-/libp2p-crypto-secp256k1-0.1.0.tgz" }, "libp2p-identify": { "version": "0.3.1", @@ -1393,9 +1381,9 @@ "resolved": "https://registry.npmjs.org/libp2p-crypto/-/libp2p-crypto-0.7.7.tgz", "dependencies": { "multihashing-async": { - "version": "0.4.0", + "version": "0.4.1", "from": "multihashing-async@^0.4.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.0.tgz" + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.1.tgz" } } }, @@ -1850,9 +1838,9 @@ } }, "multihashing-async": { - "version": "0.4.0", + "version": "0.4.1", "from": "multihashing-async@>=0.4.0 <0.5.0", - "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.0.tgz" + "resolved": "https://registry.npmjs.org/multihashing-async/-/multihashing-async-0.4.1.tgz" }, "multipipe": { "version": "0.1.2", @@ -1916,9 +1904,9 @@ } }, "node-abi": { - "version": "1.3.2", + "version": "1.3.3", "from": "node-abi@>=1.0.3 <2.0.0", - "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-1.3.2.tgz" + "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-1.3.3.tgz" }, "node-fetch": { "version": "1.6.3", @@ -3679,9 +3667,9 @@ "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz" }, "typescript": { - "version": "2.1.5", + "version": "2.1.6", "from": "typescript@>=2.0.0 <3.0.0", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-2.1.5.tgz", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-2.1.6.tgz", "optional": true }, "ultron": { diff --git a/package.json b/package.json index a832bee..875a5fd 100644 --- a/package.json +++ b/package.json @@ -39,7 +39,7 @@ "knex": "^0.12.6", "levelup": "^1.3.3", "libp2p-crypto": "^0.8.0", - "libp2p-crypto-secp256k1": "git://github.com/yusefnapora/js-libp2p-crypto-secp256k1.git#7d3fc08979bd3a4e639ff9561f7679d04fab0475", + "libp2p-crypto-secp256k1": "^0.1.0", "libp2p-ping": "^0.3.0", "libp2p-secio": "^0.6.4", "libp2p-spdy": "^0.10.1",