LBRYCommunity/web-wallet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove some stuff we wont need in signing and identity service

Browse source
This commit is contained in:
Daniel Krol 2022-05-04 18:25:06 -04:00
parent a761ba1a06
commit 970c0e68e7
3 changed files with 32 additions and 118 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/app/approve/approve.component.ts
View file

@ -3,7 +3,7 @@ import {ActivatedRoute} from '@angular/router';
import {IdentityService} from '../identity.service';
import {AccountService} from '../account.service';
import {GlobalVarsService} from '../global-vars.service';
import {SigningService} from '../signing.service';
// import {SigningService} from '../signing.service';
import {BackendAPIService, User} from '../backend-api.service';
import {Observable, of} from 'rxjs';
import {map} from 'rxjs/operators';
@ -51,7 +51,7 @@ export class ApproveComponent implements OnInit {
private identityService: IdentityService,
private accountService: AccountService,
public globalVars: GlobalVarsService,
private signingService: SigningService,
// private signingService: SigningService,
private backendApi: BackendAPIService,
) { }
@ -77,9 +77,11 @@ export class ApproveComponent implements OnInit {
onSubmit(): void {
// TODO
throw "replace all of this transaction parsing and checking with bitcoinjs-lib."
/*
const seedHex = ""
const signedTransactionHex = this.signingService.signTransaction(seedHex, this.transactionHex);
this.finishFlow(signedTransactionHex);
*/
}
finishFlow(signedTransactionHex?: string): void {

107
src/app/identity.service.ts
View file

@ -7,30 +7,6 @@ import {GlobalVarsService} from './global-vars.service';
import {CookieService} from 'ngx-cookie';
import {SigningService} from './signing.service';
import {HttpParams} from '@angular/common/http';
import {
Transaction,
TransactionMetadataBasicTransfer,
TransactionMetadataBitcoinExchange,
TransactionMetadataCreatorCoin,
TransactionMetadataCreatorCoinTransfer,
TransactionMetadataFollow,
TransactionMetadataLike,
TransactionMetadataPrivateMessage,
TransactionMetadataSubmitPost,
TransactionMetadataSwapIdentity,
TransactionMetadataUpdateBitcoinUSDExchangeRate,
TransactionMetadataUpdateGlobalParams,
TransactionMetadataUpdateProfile,
TransactionMetadataNFTTransfer,
TransactionMetadataAcceptNFTTransfer,
TransactionMetadataBurnNFT,
TransactionMetadataNFTBid,
TransactionMetadataAcceptNFTBid,
TransactionMetadataUpdateNFT,
TransactionMetadataCreateNFT,
TransactionMetadataDAOCoin,
TransactionMetadataTransferDAOCoin
} from '../lib/deso/transaction';
@Injectable({
providedIn: 'root'
@ -89,11 +65,14 @@ export class IdentityService {
// Incoming Messages
private handleSign(data: any): void {
const { id, payload: { encryptedSeedHex, transactionHex } } = data;
// TODO
throw "implement for lbry"
/*
const transaction or action details = data;
// This will tell us whether we need full signing access or just ApproveLarge
// level of access.
const requiredAccessLevel = this.getRequiredAccessLevel(transactionHex);
const requiredAccessLevel = this.getRequiredAccessLevel(transaction or action details);
// In the case that approve() fails, it responds with a message indicating
// that approvalRequired = true, which the caller can then uses to trigger
@ -102,21 +81,18 @@ export class IdentityService {
return;
}
// If we get to this point, no approval UI was required. This typically
// happens if the caller has full signing access or signing access for
// non-spending txns such as like, post, update profile, etc. In the
// latter case we need a subsequent check to ensure that the txn is not
// sending money to any public keys other than the sender himself.
if (!this.approveSpending(data)) {
return;
}
const seedHex = this.cryptoService.decryptSeedHex(encryptedSeedHex, this.globalVars.hostname);
const signedTransactionHex = this.signingService.signTransaction(seedHex, transactionHex);
// TODO - this.signingService.signPSBT instead
if it's a transaction
const signedTransactionHex = this.signingService.signPSBT(transaction details);
else // just an action
const signedActionHex = this.signingService.signActiov(action details);
// TODO figure this out...
this.respond(id, {
signedTransactionHex,
signedActionHex,
});
*/
}
private handleJwt(data: any): void {
@ -163,42 +139,12 @@ export class IdentityService {
});
}
// Access levels
private getRequiredAccessLevel(transactionHex: string): AccessLevel {
const txBytes = new Buffer(transactionHex, 'hex');
const transaction = Transaction.fromBytes(txBytes)[0] as Transaction<any>;
switch (transaction.metadata.constructor) {
case TransactionMetadataBasicTransfer:
case TransactionMetadataBitcoinExchange:
case TransactionMetadataUpdateBitcoinUSDExchangeRate:
case TransactionMetadataCreatorCoin:
case TransactionMetadataCreatorCoinTransfer:
case TransactionMetadataSwapIdentity:
case TransactionMetadataUpdateGlobalParams:
case TransactionMetadataUpdateProfile:
case TransactionMetadataCreateNFT:
case TransactionMetadataUpdateNFT:
case TransactionMetadataAcceptNFTBid:
case TransactionMetadataNFTBid:
case TransactionMetadataNFTTransfer:
case TransactionMetadataAcceptNFTTransfer:
case TransactionMetadataBurnNFT:
case TransactionMetadataDAOCoin:
case TransactionMetadataTransferDAOCoin:
return AccessLevel.Full;
case TransactionMetadataFollow:
case TransactionMetadataPrivateMessage:
case TransactionMetadataSubmitPost:
case TransactionMetadataLike:
return AccessLevel.ApproveLarge;
}
return AccessLevel.Full;
}
// TODO implement for lbry
// private getRequiredAccessLevel(transactionHex: string): AccessLevel {
// switch case on the type of transaction or action, and return the required access level
// unless required access level is going to be case by case for each user
private hasAccessLevel(data: any, requiredAccessLevel: AccessLevel): boolean {
const { payload: { encryptedSeedHex, accessLevel, accessLevelHmac }} = data;
@ -210,25 +156,6 @@ export class IdentityService {
return this.cryptoService.validAccessLevelHmac(accessLevel, seedHex, accessLevelHmac);
}
// This method checks if transaction in the payload has correct outputs for requested AccessLevel.
private approveSpending(data: any): boolean {
const { payload: { accessLevel, transactionHex }} = data;
// If the requested access level is ApproveLarge, we want to confirm that transaction doesn't
// attempt sending $DESO to a non-owner public key. If it does, we respond with approvalRequired.
if (accessLevel === AccessLevel.ApproveLarge) {
const txBytes = new Buffer(transactionHex, 'hex');
const transaction = Transaction.fromBytes(txBytes)[0] as Transaction<any>;
for (const output of transaction.outputs) {
if (output.publicKey.toString('hex') !== transaction.publicKey.toString('hex')) {
this.respond(data.id, {approvalRequired: true});
return false;
}
}
}
return true;
}
private approve(data: any, accessLevel: AccessLevel): boolean {
const hasAccess = this.hasAccessLevel(data, accessLevel);
const hasEncryptionKey = this.cryptoService.hasSeedHexEncryptionKey(this.globalVars.hostname);

37
src/app/signing.service.ts
View file

@ -1,9 +1,6 @@
import { Injectable } from '@angular/core';
import KeyEncoder from 'key-encoder';
import * as jsonwebtoken from 'jsonwebtoken';
import {CryptoService} from './crypto.service';
import * as sha256 from 'sha256';
import { uvarint64ToBuf } from '../lib/bindata/util';
import * as bip32 from 'bip32';
import { BIP32Interface } from 'bip32'; // TODO: Installed 2.0.6 instead of latest version, only because of weird typescript compilation stuff. Should probably get the latest.
@ -18,9 +15,7 @@ const NETWORK = lbry.networks.mainnet
})
export class SigningService {
constructor(
private cryptoService: CryptoService,
) { }
constructor() { }
// this should be audited and go into a library. hobbled this together from
// code in bitcoinjs-lib.
@ -75,39 +70,29 @@ export class SigningService {
}
signJWT(seedHex: string): string {
return ""
// TODO - use bitcoinjs-lib and do an actual signature with the actual key in the wallet, send the identifier of the wallet over, etc etc etc.
// Assuming we want to keep this
const keyEncoder = new KeyEncoder('secp256k1');
const encodedPrivateKey = keyEncoder.encodePrivate(seedHex, 'raw', 'pem');
return jsonwebtoken.sign({ }, encodedPrivateKey, { algorithm: 'ES256', expiresIn: 60 * 10 });
}
signAction(seedHex: string, actionHex: string): string {
return ""
// TODO - use bitcoinjs-lib and do an actual signature with the actual key in the wallet, send the identifier of the wallet over, etc etc etc.
/*
const privateKey = this.cryptoService.seedHexToPrivateKey(seedHex);
const actionBytes = new Buffer(actionHex, 'hex');
const actionHash = new Buffer(sha256.x2(actionBytes), 'hex');
const signature = privateKey.sign(actionHash);
return new Buffer(signature.toDER()).toString('hex');
}
signTransaction(seedHex: string, transactionHex: string): string {
const privateKey = this.cryptoService.seedHexToPrivateKey(seedHex);
const transactionBytes = new Buffer(transactionHex, 'hex');
const transactionHash = new Buffer(sha256.x2(transactionBytes), 'hex');
const signature = privateKey.sign(transactionHash);
const signatureBytes = new Buffer(signature.toDER());
const signatureLength = uvarint64ToBuf(signatureBytes.length);
const signedTransactionBytes = Buffer.concat([
// This slice is bad. We need to remove the existing signature length field prior to appending the new one.
// Once we have frontend transaction construction we won't need to do this.
transactionBytes.slice(0, -1),
signatureLength,
signatureBytes,
]);
return signedTransactionBytes.toString('hex');
*/
}
}