Skip to content

feat(tempo): add access key signature verification to verifyHash#4432

Merged
jxom merged 2 commits intomainfrom
feat/verify-hash-access-key
Mar 31, 2026
Merged

feat(tempo): add access key signature verification to verifyHash#4432
jxom merged 2 commits intomainfrom
feat/verify-hash-access-key

Conversation

@jxom
Copy link
Copy Markdown
Member

@jxom jxom commented Mar 31, 2026

Adds mode: 'allowAccessKey' to verifyHash for verifying access key (keychain) signatures on Tempo.

When enabled:

  1. Deserializes the keychain signature envelope
  2. Derives the access key address from the inner public key
  3. Calls getMetadata on the AccountKeychain precompile to check expiry + revocation
  4. Verifies the inner signature cryptographically (using the v2 modified hash)

Also appends magic bytes to keychain signature envelopes for consistent envelope detection.

Changes

  • src/actions/public/verifyHash.tsmode now accepts (string & {}) for chain-specific modes
  • src/tempo/chainConfig.ts — handles mode: 'allowAccessKey' for keychain envelopes
  • src/tempo/Account.ts — appends magic bytes to keychain signature envelopes
  • Tests for valid sig, invalid sig, and revoked key

@changeset-bot
Copy link
Copy Markdown

changeset-bot bot commented Mar 31, 2026
edited
Loading

🦋 Changeset detected

Latest commit: e0fc3de

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
viem Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@vercel
Copy link
Copy Markdown

vercel bot commented Mar 31, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
viem Ready Ready Preview, Comment Mar 31, 2026 3:18am

Request Review

@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new bot commented Mar 31, 2026
edited
Loading

Open in StackBlitz

npm i https://pkg.pr.new/viem@4432

commit: e0fc3de

@jxom jxom force-pushed the feat/verify-hash-access-key branch from 55c73f3 to c0ae19f Compare March 31, 2026 02:40
@jxom jxom force-pushed the feat/verify-hash-access-key branch from c0ae19f to 3da2635 Compare March 31, 2026 02:47
@jxom jxom force-pushed the feat/verify-hash-access-key branch from 3da2635 to 537e42c Compare March 31, 2026 02:53
@jxom jxom force-pushed the feat/verify-hash-access-key branch from 537e42c to cadc4bc Compare March 31, 2026 02:59
@jxom jxom merged commit 3aa680d into main Mar 31, 2026
28 of 32 checks passed
@jxom jxom deleted the feat/verify-hash-access-key branch March 31, 2026 03:21
This was referenced Mar 31, 2026
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@brendanjryan brendanjryan brendanjryan approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jxom @brendanjryan