		import { Buffer } from 'buffer/';
		import { AttributesKeys, Network } from './types';
		import { AttributesKeys, Network, CryptographicParameters } from './types';
		/**
		@@ -14,2 +14,3 @@ * Class for Hierarchical Deterministic key derivation for Concordium identities and accounts.
		getAccountPublicKey(identityProviderIndex: number, identityIndex: number, credentialCounter: number): Buffer;
		getCredentialId(identityProviderIndex: number, identityIndex: number, credentialCounter: number, { onChainCommitmentKey, }: Pick<CryptographicParameters, 'onChainCommitmentKey'>): Buffer;
		getPrfKey(identityProviderIndex: number, identityIndex: number): Buffer;
		@@ -16,0 +17,0 @@ getIdCredSec(identityProviderIndex: number, identityIndex: number): Buffer;

lib/HdWallet.js

		@@ -66,2 +66,5 @@ "use strict";
		}
		getCredentialId(identityProviderIndex, identityIndex, credentialCounter, { onChainCommitmentKey, }) {
		return buffer_1.Buffer.from(wasm.getCredentialId(this.seedAsHex, this.network, identityProviderIndex, identityIndex, credentialCounter, onChainCommitmentKey), 'hex');
		}
		getPrfKey(identityProviderIndex, identityIndex) {
		@@ -68,0 +71,0 @@ return buffer_1.Buffer.from(wasm.getPrfKey(this.seedAsHex, this.network, identityProviderIndex, identityIndex), 'hex');

lib/signHelpers.d.ts

		import { AccountInfo, AccountTransaction, AccountTransactionSignature } from './types';
		import { Buffer } from 'buffer/';
		import { AccountAddress } from './types/accountAddress';
		export interface AccountSigner {
		@@ -26,3 +27,3 @@ sign(digest: Buffer): Promise<AccountTransactionSignature>;
		*/
		export declare function signMessage(message: string, signer: AccountSigner): Promise<AccountTransactionSignature>;
		export declare function signMessage(account: AccountAddress, message: string, signer: AccountSigner): Promise<AccountTransactionSignature>;
		/**
		@@ -32,4 +33,4 @@ * Helper function to verify a signed message.
		* @param signature the signature of a message, from a specific account.
		* @param accountCredentials the credentials of the account
		* @param accountInfo the address and credentials of the account
		*/
		export declare function verifyMessageSignature(message: string, signature: AccountTransactionSignature, accountInfo: Pick<AccountInfo, 'accountThreshold' \| 'accountCredentials'>): Promise<boolean>;
		export declare function verifyMessageSignature(message: string, signature: AccountTransactionSignature, accountInfo: Pick<AccountInfo, 'accountThreshold' \| 'accountCredentials' \| 'accountAddress'>): Promise<boolean>;

lib/signHelpers.js

		@@ -30,2 +30,4 @@ "use strict";
		const buffer_1 = require("buffer/");
		const accountAddress_1 = require("./types/accountAddress");
		const hash_1 = require("./hash");
		/**
		@@ -63,9 +65,9 @@ * Creates a signer for an account which uses the first credential's first keypair.
		/**
		* @param account the address of the account that will sign this message.
		* @param message the message to sign, assumed to be utf8 encoded.
		*/
		function getMessageDigest(message) {
		// TODO: use real prepend
		const prepend = buffer_1.Buffer.from('MyGoodPrepend', 'utf8');
		const digest = buffer_1.Buffer.from(message, 'utf8');
		return buffer_1.Buffer.concat([prepend, digest]);
		function getMessageDigest(account, message) {
		const prepend = buffer_1.Buffer.alloc(8, 0);
		const rawMessage = buffer_1.Buffer.from(message, 'utf8');
		return (0, hash_1.sha256)([account.decodedAddress, prepend, rawMessage]);
		}
		@@ -79,4 +81,4 @@ /**
		*/
		function signMessage(message, signer) {
		return signer.sign(getMessageDigest(message));
		function signMessage(account, message, signer) {
		return signer.sign(getMessageDigest(account, message));
		}
		@@ -88,3 +90,3 @@ exports.signMessage = signMessage;
		* @param signature the signature of a message, from a specific account.
		* @param accountCredentials the credentials of the account
		* @param accountInfo the address and credentials of the account
		*/
		@@ -96,3 +98,3 @@ async function verifyMessageSignature(message, signature, accountInfo) {
		}
		const digest = getMessageDigest(message);
		const digest = getMessageDigest(new accountAddress_1.AccountAddress(accountInfo.accountAddress), message);
		for (const credentialIndex of Object.keys(signature)) {
		@@ -99,0 +101,0 @@ const credential = accountInfo.accountCredentials[Number(credentialIndex)];

102

package.json

		{
		"name": "@concordium/common-sdk",
		"version": "4.0.0",
		"license": "Apache-2.0",
		"engines": {
		"node": ">=14.16.0"
		},
		"main": "lib/index.js",
		"types": "lib/index.d.ts",
		"files": [
		"/lib/*/"
		],
		"devDependencies": {
		"@types/bs58check": "^2.1.0",
		"@types/jest": "^26.0.23",
		"@types/json-bigint": "^1.0.1",
		"@types/uuid": "^8.3.4",
		"@typescript-eslint/eslint-plugin": "^4.28.1",
		"@typescript-eslint/parser": "^4.28.1",
		"babel-jest": "^27.0.6",
		"eslint": "^7.29.0",
		"eslint-config-prettier": "^8.3.0",
		"eslint-plugin-prettier": "^3.4.0",
		"husky": "^4.2.5",
		"jest": "^27.0.6",
		"lint-staged": "^12.0.2",
		"prettier": "^2.3.2",
		"ts-jest": "^27.0.3",
		"typescript": "^4.3.5"
		},
		"prettier": {
		"singleQuote": true,
		"tabWidth": 4
		},
		"scripts": {
		"lint": "eslint . --cache --ext .ts,.tsx --max-warnings 0",
		"lint-fix": "yarn --silent lint --fix; exit 0",
		"test": "jest",
		"build": "tsc"
		},
		"dependencies": {
		"@concordium/rust-bindings": "0.4.0",
		"@noble/ed25519": "^1.6.0",
		"@scure/bip39": "^1.1.0",
		"bs58check": "^2.1.2",
		"buffer": "^6.0.3",
		"cross-fetch": "3.1.5",
		"hash.js": "^1.1.7",
		"json-bigint": "^1.0.0",
		"uuid": "^8.3.2"
		}
		}
		"name": "@concordium/common-sdk",
		"version": "5.0.0",
		"license": "Apache-2.0",
		"engines": {
		"node": ">=14.16.0"
		},
		"main": "lib/index.js",
		"types": "lib/index.d.ts",
		"files": [
		"/lib/*/"
		],
		"devDependencies": {
		"@types/bs58check": "^2.1.0",
		"@types/jest": "^26.0.23",
		"@types/json-bigint": "^1.0.1",
		"@types/uuid": "^8.3.4",
		"@typescript-eslint/eslint-plugin": "^4.28.1",
		"@typescript-eslint/parser": "^4.28.1",
		"babel-jest": "^27.0.6",
		"eslint": "^7.29.0",
		"eslint-config-prettier": "^8.3.0",
		"eslint-plugin-prettier": "^3.4.0",
		"husky": "^4.2.5",
		"jest": "^27.0.6",
		"lint-staged": "^12.0.2",
		"prettier": "^2.3.2",
		"ts-jest": "^27.0.3",
		"typescript": "^4.3.5"
		},
		"prettier": {
		"singleQuote": true,
		"tabWidth": 4
		},
		"scripts": {
		"lint": "eslint . --cache --ext .ts,.tsx --max-warnings 0",
		"lint-fix": "yarn --silent lint --fix; exit 0",
		"test": "jest",
		"build": "tsc"
		},
		"dependencies": {
		"@concordium/rust-bindings": "0.5.0",
		"@noble/ed25519": "^1.7.1",
		"@scure/bip39": "^1.1.0",
		"bs58check": "^2.1.2",
		"buffer": "^6.0.3",
		"cross-fetch": "3.1.5",
		"hash.js": "^1.1.7",
		"json-bigint": "^1.0.0",
		"uuid": "^8.3.2"
		}
		}

README.md

		@@ -539,8 +539,9 @@ # Common
		```js
		const account = new AccountAddress("4ZJBYQbVp3zVZyjCXfZAAYBVkJMyVj8UKUNj9ox5YqTCBdBq2M");
		const message = "testMessage";
		const signer: AccountSigner = ...;
		const signature = signMessage(message, signer);
		const signature = signMessage(account, message, signer);
		```

		Note that the signMessage preprends a short string, to ensure that the message cannot be a account transaction. To easily verify the signature, one can use the `verifyMessageSignature` function:
		What is actually signed is the sha256 hash of the account address, eight zero bytes and the actual message. This ensures that the message cannot be an account transaction. To easily verify the signature, one can use the `verifyMessageSignature` function:

		@@ -547,0 +548,0 @@ ```js

@concordium/common-sdk - npm Package Compare versions

Improved metrics

Dependency changes