New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@canvas-js/chain-cosmos
Advanced tools
@canvas-js/chain-cosmos - npm Package Compare versions
Comparing version 0.0.50 to 0.0.51
| import { Secp256k1Wallet, serializeSignDoc, decodeSignature, rawSecp256k1PubkeyToRawAddress } from "@cosmjs/amino"; | ||
| import { Secp256k1, Secp256k1Signature, Random, Sha256, ExtendedSecp256k1Signature } from "@cosmjs/crypto"; | ||
| import { Secp256k1, Secp256k1Signature, Random, Sha256 } from "@cosmjs/crypto"; | ||
| import { fromBech32, toBech32 } from "@cosmjs/encoding"; | ||
@@ -29,8 +29,14 @@ import { getActionSignatureData, getSessionSignatureData } from "./signatureData.js"; | ||
| const prefix = "cosmos"; | ||
| const signatureBytes = Buffer.from(action.signature, "hex"); | ||
| const extendedSecp256k1Signature = ExtendedSecp256k1Signature.fromFixedLength(signatureBytes); | ||
| const pubkey = Secp256k1.compressPubkey(Secp256k1.recoverPubkey(extendedSecp256k1Signature, signDocDigest)); | ||
| if (actionSignerAddress !== toBech32(prefix, rawSecp256k1PubkeyToRawAddress(pubkey))) { | ||
| throw new Error("Invalid action signature"); | ||
| const { pubkey, signature: decodedSignature } = decodeSignature(JSON.parse(action.signature)); | ||
| if (action.session && action.session !== toBech32(prefix, rawSecp256k1PubkeyToRawAddress(pubkey))) { | ||
| throw new Error("Action signed with a pubkey that doesn't match the session address"); | ||
| } | ||
| if (!action.session && action.payload.from !== toBech32(prefix, rawSecp256k1PubkeyToRawAddress(pubkey))) { | ||
| throw new Error("Action signed with a pubkey that doesn't match the from address"); | ||
| } | ||
| const secpSignature = Secp256k1Signature.fromFixedLength(decodedSignature); | ||
| const valid = await Secp256k1.verifySignature(secpSignature, signDocDigest, pubkey); | ||
| if (!valid) { | ||
| throw new Error("Invalid session signature"); | ||
| } | ||
| } | ||
@@ -61,3 +67,3 @@ async verifySession(session) { | ||
| const { signature: { pub_key, signature }, } = await signer.signAmino(address, signDoc); | ||
| const session = { type: "session", signature, payload }; | ||
| const session = { type: "session", signature: JSON.stringify({ pub_key, signature }), payload }; | ||
| return session; | ||
@@ -68,17 +74,20 @@ } | ||
| const signDoc = await getActionSignatureData(payload, address); | ||
| if (address !== payload.from) { | ||
| throw new Error("Direct signAction called with address that doesn't match action.payload.from"); | ||
| } | ||
| const { signature: { pub_key, signature }, } = await signer.signAmino(address, signDoc); | ||
| const action = { type: "action", payload, session: null, signature }; | ||
| const action = { type: "action", payload, session: null, signature: JSON.stringify({ pub_key, signature }) }; | ||
| return action; | ||
| } | ||
| async signDelegatedAction(privkey, payload) { | ||
| const wallet = await Secp256k1Wallet.fromKey(privkey); | ||
| const accountData = (await wallet.getAccounts())[0]; | ||
| if (accountData.address !== payload.from) { | ||
| throw new Error(`Signer address did not match payload.from: ${accountData.address} vs. ${payload.from}`); | ||
| } | ||
| const signDoc = serializeSignDoc(await getActionSignatureData(payload, accountData.address)); | ||
| const digest = new Sha256(signDoc).digest(); | ||
| const extendedSignature = await Secp256k1.createSignature(digest, privkey); | ||
| const signature = Buffer.from(extendedSignature.toFixedLength()).toString("hex"); | ||
| const action = { type: "action", payload, session: null, signature }; | ||
| const signer = await Secp256k1Wallet.fromKey(privkey); | ||
| const accountData = (await signer.getAccounts())[0]; | ||
| const signDoc = await getActionSignatureData(payload, accountData.address); | ||
| const { signature: { pub_key, signature }, } = await signer.signAmino(accountData.address, signDoc); | ||
| const action = { | ||
| type: "action", | ||
| payload, | ||
| session: accountData.address, | ||
| signature: JSON.stringify({ pub_key, signature }), | ||
| }; | ||
| return action; | ||
@@ -85,0 +94,0 @@ } |
| export * from "./implementation.js"; | ||
| export * from "./createMockSigner.js"; |
| export * from "./implementation.js"; | ||
| export * from "./createMockSigner.js"; |
| { | ||
| "name": "@canvas-js/chain-cosmos", | ||
| "version": "0.0.50", | ||
| "version": "0.0.51", | ||
| "type": "module", | ||
@@ -12,3 +12,3 @@ "author": "Canvas Technology Corporation (https://canvas.xyz)", | ||
| "dependencies": { | ||
| "@canvas-js/interfaces": "0.0.50", | ||
| "@canvas-js/interfaces": "0.0.51", | ||
| "@cosmjs/amino": "^0.29.5", | ||
@@ -15,0 +15,0 @@ "@cosmjs/crypto": "^0.29.5", |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by10.85%
9258
- Number of package files
- increased by28.57%
9
- Lines of code
- increased by13.46%
177
Dependency changes
+ Added@canvas-js/interfaces@0.0.51(transitive)
- Removed@canvas-js/interfaces@0.0.50(transitive)
Updated@canvas-js/interfaces@0.0.51