Cw 565 sign messages (#1378)

* version bump to 3.13.9, auth working on mac * bump flutter version in workflow file * workflow fix * test fix * downgrade flutter version * test fix * test fix * update gradle version * start working on ui for message signing * updates * sign working for a few wallet types * updates & verification for electrum currencies * nano support * sign/verify working on eth, bitcoin broken * update translations * Implement Verify Message for Monero * save [skip ci] * pub key extraction working * fixes for electrum signing * verify working for solana! * electrum still not working :( [skip ci] * electrum messages working! * fixes for updated dart version, localization file updates * remove accidental inclusion * missed some unimplemented throws * Update res/values/strings_de.arb Co-authored-by: Konstantin Ullrich <konstantinullrich12@gmail.com> * Apply suggestions from code review Co-authored-by: Konstantin Ullrich <konstantinullrich12@gmail.com> * review suggestions and updates [skip ci] * [skip ci] add polygon * [skip ci] merge mac-auth/update version * fix litecoin * bio auth mac fix * remove comment and change duration from 2 to 0 * cherry pick previous changes * litecoin fixes, sign form fixes, use new walletAddressPicker * support accounts * verify messages working for monero * working sign and verify messages for nano * electrum signing working [skip ci] * additional nano fixes * update translations * attempt to decode signatures with base64 * workaround for secure storage bug on mac * bump version to 3.19.5 (because breez will need this version anyways) * some code cleanup * some changess didn't get saved * just documenting the issue [skip ci] * undo accidental removal + minor code cleanup * merge conflicts * merge fixes [skip ci] * add tron support * [wip] fixing * remove duplicate references to electrum path for maintainability * fixes * minor fix * fixes * undo debug comment * update migration for all electrum based wallets * hotfixes * copy over the rest of the fixes * minor code cleanup [skip ci] * updates * electrum signing workinggit statusgit statusgit statusgit status! * copy same fixes for litecoin * litecoin fixes * add v to litecoin signatures * fix dependencies * fix bitcoin_base version * merge fix * dep override * fix conflicts with main * trial fix for android build * fixes * fix * dep fix, should build * fix signing for bitcoin cash * [skip ci] minor code cleanup * [skip ci] minor code cleanup 2 * forgot wonero, various other fixes * more fixes * fix solana (untested) --------- Co-authored-by: Konstantin Ullrich <konstantinullrich12@gmail.com> Co-authored-by: Omar Hatem <omarh.ismail1@gmail.com>
2025-06-28 12:29:51 +00:00 · 2024-08-17 19:10:27 -04:00 · 2024-08-17 19:10:27 -04:00 · 83ef61e928
commit 83ef61e928
parent eef319658a
65 changed files with 1479 additions and 271 deletions
--- a/cw_nano/lib/nano_block_info_response.dart
+++ b/cw_nano/lib/nano_block_info_response.dart
@ -0,0 +1,37 @@
+class BlockContentsResponse {
+  String type;
+  String account;
+  String previous;
+  String representative;
+  String balance;
+  String link;
+  String linkAsAccount;
+  String signature;
+  String work;
+
+  BlockContentsResponse({
+    required this.type,
+    required this.account,
+    required this.previous,
+    required this.representative,
+    required this.balance,
+    required this.link,
+    required this.linkAsAccount,
+    required this.signature,
+    required this.work,
+  });
+
+  factory BlockContentsResponse.fromJson(Map<String, dynamic> json) {
+    return BlockContentsResponse(
+      type: json['type'] as String,
+      account: json['account'] as String,
+      previous: json['previous'] as String,
+      representative: json['representative'] as String,
+      balance: json['balance'] as String,
+      link: json['link'] as String,
+      linkAsAccount: json['link_as_account'] as String,
+      signature: json['signature'] as String,
+      work: json['work'] as String,
+    );
+  }
+}
--- a/cw_nano/lib/nano_client.dart
+++ b/cw_nano/lib/nano_client.dart
@ -2,11 +2,11 @@ import 'dart:async';
 import 'dart:convert';

 import 'package:cw_core/nano_account_info_response.dart';
+import 'package:cw_nano/nano_block_info_response.dart';
 import 'package:cw_core/n2_node.dart';
 import 'package:cw_nano/nano_balance.dart';
 import 'package:cw_nano/nano_transaction_model.dart';
 import 'package:http/http.dart' as http;
-import 'package:nanodart/nanodart.dart';
 import 'package:cw_core/node.dart';
 import 'package:nanoutil/nanoutil.dart';
 import 'package:shared_preferences/shared_preferences.dart';
@ -111,6 +111,27 @@ class NanoClient {
    }
  }

+  Future<BlockContentsResponse?> getBlockContents(String block) async {
+    try {
+      final response = await http.post(
+        _node!.uri,
+        headers: CAKE_HEADERS,
+        body: jsonEncode(
+          {
+            "action": "block_info",
+            "json_block": "true",
+            "hash": block,
+          },
+        ),
+      );
+      final data = await jsonDecode(response.body);
+      return BlockContentsResponse.fromJson(data["contents"] as Map<String, dynamic>);
+    } catch (e) {
+      print("error while getting block info $e");
+      return null;
+    }
+  }
+
  Future<String> changeRep({
    required String privateKey,
    required String repAddress,
@ -135,8 +156,8 @@ class NanoClient {
    };

    // sign the change block:
-    final String hash = NanoBlocks.computeStateHash(
-      NanoAccountType.NANO,
+    final String hash = NanoSignatures.computeStateHash(
+      NanoBasedCurrency.NANO,
      changeBlock["account"]!,
      changeBlock["previous"]!,
      changeBlock["representative"]!,
@ -248,7 +269,7 @@ class NanoClient {
    }
    final String representative = infoResponse.representative;
    // link = destination address:
-    final String link = NanoAccounts.extractPublicKey(destinationAddress);
+    final String link = NanoDerivations.addressToPublicKey(destinationAddress);
    final String linkAsAccount = destinationAddress;

    // construct the send block:
@ -262,8 +283,8 @@ class NanoClient {
    };

    // sign the send block:
-    final String hash = NanoBlocks.computeStateHash(
-      NanoAccountType.NANO,
+    final String hash = NanoSignatures.computeStateHash(
+      NanoBasedCurrency.NANO,
      sendBlock["account"]!,
      sendBlock["previous"]!,
      sendBlock["representative"]!,
@ -285,7 +306,6 @@ class NanoClient {

  Future<void> receiveBlock({
    required String blockHash,
-    required String source,
    required String amountRaw,
    required String destinationAddress,
    required String privateKey,
@ -310,15 +330,56 @@ class NanoClient {
      representative = infoData.representative;
    }

+    if ((BigInt.tryParse(amountRaw) ?? BigInt.zero) <= BigInt.zero) {
+      throw Exception("amountRaw must be greater than zero");
+    }
+
+    BlockContentsResponse? frontierContents;
+
+    if (!openBlock) {
+      // get the block info of the frontier block:
+      frontierContents = await getBlockContents(frontier);
+
+      if (frontierContents == null) {
+        throw Exception("error while getting frontier block info");
+      }
+
+      final String frontierHash = NanoSignatures.computeStateHash(
+        NanoBasedCurrency.NANO,
+        frontierContents.account,
+        frontierContents.previous,
+        frontierContents.representative,
+        BigInt.parse(frontierContents.balance),
+        frontierContents.link,
+      );
+
+      bool valid = await NanoSignatures.verify(
+        frontierHash,
+        frontierContents.signature,
+        destinationAddress,
+      );
+
+      if (!valid) {
+        throw Exception(
+            "Frontier block signature is invalid! Potentially malicious block detected!");
+      }
+    }
+
    // first get the account balance:
-    final BigInt currentBalance = (await getBalance(destinationAddress)).currentBalance;
+    late BigInt currentBalance;
+    if (!openBlock) {
+      currentBalance = BigInt.parse(frontierContents!.balance);
+    } else {
+      currentBalance = BigInt.zero;
+    }
    final BigInt txAmount = BigInt.parse(amountRaw);
    final BigInt balanceAfterTx = currentBalance + txAmount;

    // link = send block hash:
    final String link = blockHash;
    // this "linkAsAccount" is meaningless:
-    final String linkAsAccount = NanoAccounts.createAccount(NanoAccountType.NANO, blockHash);
+    final String linkAsAccount =
+        NanoDerivations.publicKeyToAddress(blockHash, currency: NanoBasedCurrency.NANO);

    // construct the receive block:
    Map<String, String> receiveBlock = {
@ -332,8 +393,8 @@ class NanoClient {
    };

    // sign the receive block:
-    final String hash = NanoBlocks.computeStateHash(
-      NanoAccountType.NANO,
+    final String hash = NanoSignatures.computeStateHash(
+      NanoBasedCurrency.NANO,
      receiveBlock["account"]!,
      receiveBlock["previous"]!,
      receiveBlock["representative"]!,
@ -345,7 +406,7 @@ class NanoClient {
    // get PoW for the receive block:
    String? work;
    if (openBlock) {
-      work = await requestWork(NanoAccounts.extractPublicKey(destinationAddress));
+      work = await requestWork(NanoDerivations.addressToPublicKey(destinationAddress));
    } else {
      work = await requestWork(frontier);
    }
@ -409,10 +470,8 @@ class NanoClient {
    for (final blockHash in blocks.keys) {
      final block = blocks[blockHash];
      final String amountRaw = block["amount"] as String;
-      final String source = block["source"] as String;
      await receiveBlock(
        blockHash: blockHash,
-        source: source,
        amountRaw: amountRaw,
        privateKey: privateKey,
        destinationAddress: destinationAddress,
--- a/cw_nano/lib/nano_wallet.dart
+++ b/cw_nano/lib/nano_wallet.dart
@ -27,7 +27,6 @@ import 'package:cw_nano/nano_wallet_addresses.dart';
 import 'package:cw_nano/nano_wallet_keys.dart';
 import 'package:cw_nano/pending_nano_transaction.dart';
 import 'package:mobx/mobx.dart';
-import 'package:nanodart/nanodart.dart';
 import 'package:nanoutil/nanoutil.dart';

 part 'nano_wallet.g.dart';
@ -107,7 +106,6 @@ abstract class NanoWalletBase
    if (_derivationType == DerivationType.unknown) {
      _derivationType = DerivationType.nano;
    }
-    final String type = (_derivationType == DerivationType.nano) ? "standard" : "hd";

    // our "mnemonic" is actually a hex form seed:
    if (!_mnemonic.contains(' ')) {
@ -122,8 +120,10 @@ abstract class NanoWalletBase
        _hexSeed = await NanoDerivations.hdMnemonicListToSeed(_mnemonic.split(' '));
      }
    }
-    NanoDerivationType derivationType =
-        type == "standard" ? NanoDerivationType.STANDARD : NanoDerivationType.HD;
+
+    final String type = (_derivationType == DerivationType.nano) ? "standard" : "hd";
+    NanoDerivationType derivationType = NanoDerivations.stringToType(type);
+
    _privateKey = await NanoDerivations.universalSeedToPrivate(
      _hexSeed!,
      index: 0,
@ -216,8 +216,8 @@ abstract class NanoWalletBase
        balanceAfterTx: runningBalance,
        previousHash: previousHash,
      );
-      previousHash = NanoBlocks.computeStateHash(
-        NanoAccountType.NANO,
+      previousHash = NanoSignatures.computeStateHash(
+        NanoBasedCurrency.NANO,
        block["account"]!,
        block["previous"]!,
        block["representative"]!,
@ -535,4 +535,17 @@ abstract class NanoWalletBase
    // Delete old name's dir and files
    await Directory(currentDirPath).delete(recursive: true);
  }
+
+  @override
+  Future<String> signMessage(String message, {String? address = null}) async {
+    return NanoSignatures.signMessage(message, privateKey!);
+  }
+
+  @override
+  Future<bool> verifyMessage(String message, String signature, {String? address = null}) async {
+    if (address == null) {
+      return false;
+    }
+    return await NanoSignatures.verifyMessage(message, signature, address);
+  }
 }
--- a/cw_nano/pubspec.lock
+++ b/cw_nano/pubspec.lock
@ -513,7 +513,7 @@ packages:
    source: hosted
    version: "2.3.0"
  nanodart:
-    dependency: "direct main"
+    dependency: transitive
    description:
      name: nanodart
      sha256: "4b2f42d60307b54e8cf384d6193a567d07f8efd773858c0d5948246153c13282"
@ -524,11 +524,11 @@ packages:
    dependency: "direct main"
    description:
      path: "."
-      ref: c37e72817cf0a28162f43124f79661d6c8e0098f
-      resolved-ref: c37e72817cf0a28162f43124f79661d6c8e0098f
+      ref: c01a9c552917008d8fbc6b540db657031625b04f
+      resolved-ref: c01a9c552917008d8fbc6b540db657031625b04f
      url: "https://github.com/perishllc/nanoutil.git"
    source: git
-    version: "1.0.0"
+    version: "1.0.3"
  package_config:
    dependency: transitive
    description:
--- a/cw_nano/pubspec.yaml
+++ b/cw_nano/pubspec.yaml
@ -15,7 +15,6 @@ dependencies:
  mobx: ^2.0.7+4
  bip39: ^1.0.6
  bip32: ^2.0.0
-  nanodart: ^2.0.0
  decimal: ^2.3.3
  libcrypto: ^0.2.2
  ed25519_hd_key: ^2.2.0
@ -25,7 +24,7 @@ dependencies:
  nanoutil:
    git:
      url: https://github.com/perishllc/nanoutil.git
-      ref: c37e72817cf0a28162f43124f79661d6c8e0098f
+      ref: c01a9c552917008d8fbc6b540db657031625b04f
  cw_core:
    path: ../cw_core