New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@didtools/pkh-tezos

Package Overview
Dependencies
Maintainers
4
Versions
8
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@didtools/pkh-tezos - npm Package Compare versions

Comparing version 0.1.0 to 0.2.0

2

dist/verifier.d.ts
import { Cacao, VerifyOptions, Verifiers } from '@didtools/cacao';
export declare function getTezosVerifier(): Verifiers;
export declare function getPkhfromPk(publicKey: string): string;
export declare function verifySignature(payload: string, publicKey: string, signature: string): boolean;
export declare function verifyTezosSignature(cacao: Cacao, options: VerifyOptions): void;

75

dist/verifier.js

@@ -1,4 +0,33 @@

import { verifySignature, getPkhfromPk } from '@taquito/utils';
import { SiwTezosMessage, verifyTimeChecks, assertSigned } from '@didtools/cacao';
import { AccountId } from 'caip';
import * as u8a from 'uint8arrays';
import { hash } from '@stablelib/blake2b';
import { hash as sha256 } from '@stablelib/sha256';
import { verify } from '@stablelib/ed25519';
// ED
const TZ1Prefix = new Uint8Array([
6,
161,
159
]);
const TZ1Length = 20;
const EDPKPrefix = new Uint8Array([
13,
15,
37,
217
]);
const EDSIGPrefix = new Uint8Array([
9,
245,
205,
134,
18
]);
const SIGPrefix = new Uint8Array([
4,
130,
43
]);
const Base58CheckSumLength = 4;
export function getTezosVerifier() {

@@ -12,2 +41,46 @@ return {

}
export function getPkhfromPk(publicKey) {
const pkPrefix = publicKey.substring(0, 4);
if (pkPrefix !== 'edpk') throw new Error('Tezos Signature type not supported, only type tezos:ed25519');
const decoded = b58cdecode(publicKey, EDPKPrefix);
const hashed = hash(decoded, TZ1Length);
const result = b58cencode(hashed, TZ1Prefix);
return result;
}
function verifyEdSignature(decodedSig, bytesHash, decodedPublicKey) {
try {
return verify(decodedPublicKey, bytesHash, decodedSig);
} catch (e) {
return false;
}
}
//bs58btc decoding, bs58check - checksum
function b58cdecode(enc, prefixArg) {
const u8akey = u8a.fromString(enc, 'base58btc');
return u8akey.slice(prefixArg.length, u8akey.length - Base58CheckSumLength);
}
//bs58check encoding, bs58btc + checksum
function b58cencode(value, prefix) {
const n = new Uint8Array(prefix.length + value.length);
n.set(prefix);
n.set(value, prefix.length);
const checksum = getCheckSum(n);
const nc = new Uint8Array(n.length + 4);
nc.set(n);
nc.set(checksum, prefix.length + value.length);
return u8a.toString(nc, 'base58btc');
}
function getCheckSum(u8a) {
const hashed = sha256(sha256(u8a));
return hashed.slice(0, 4);
}
export function verifySignature(payload, publicKey, signature) {
const pkPrefix = publicKey.substring(0, 4);
const sigPrefix = signature.startsWith('sig') ? signature.substr(0, 3) : signature.substr(0, 5);
if (pkPrefix !== 'edpk' || !(sigPrefix === 'edsig' || sigPrefix === 'sig')) throw new Error('Tezos Signature type not supported, only type tezos:ed25519');
const decodedPublicKey = b58cdecode(publicKey, EDPKPrefix);
const decodedSig = b58cdecode(signature, sigPrefix === 'edsig' ? EDSIGPrefix : SIGPrefix);
const bytesHash = hash(u8a.fromString(payload, 'base16'), 32);
return verifyEdSignature(decodedSig, bytesHash, decodedPublicKey);
}
export function verifyTezosSignature(cacao, options) {

@@ -14,0 +87,0 @@ assertSigned(cacao);

40

package.json
{
"name": "@didtools/pkh-tezos",
"version": "0.1.0",
"version": "0.2.0",
"license": "(Apache-2.0 OR MIT)",

@@ -18,2 +18,15 @@ "type": "module",

"sideEffects": false,
"scripts": {
"build:clean": "del dist",
"build:js": "swc src -d ./dist --config-file ../../.swcrc",
"build:types": "tsc --emitDeclarationOnly --skipLibCheck",
"build": "pnpm run build:clean && pnpm run build:types && pnpm run build:js",
"lint": "eslint src --fix",
"test": "node --experimental-vm-modules ../../node_modules/jest/bin/jest.js",
"test:ci": "pnpm run test --ci --coverage",
"prepare": "pnpm run build",
"prepublishOnly": "package-check",
"size": "./node_modules/.bin/size-limit",
"analyze": "./node_modules/.bin/size-limit --why"
},
"repository": {

@@ -34,21 +47,16 @@ "type": "git",

"devDependencies": {
"@taquito/signer": "^15.1.0",
"@taquito/taquito": "^15.1.0",
"@taquito/utils": "^15.1.0",
"typescript": "^4.9.5"
},
"dependencies": {
"@didtools/cacao": "^2.0.0",
"@didtools/cacao": "workspace:^2.0.0",
"@stablelib/blake2b": "^1.0.1",
"@stablelib/ed25519": "^1.0.3",
"@stablelib/random": "^1.0.2",
"@taquito/utils": "^15.1.0",
"caip": "^1.1.0"
},
"scripts": {
"build:clean": "del dist",
"build:js": "swc src -d ./dist --config-file ../../.swcrc",
"build:types": "tsc --emitDeclarationOnly --skipLibCheck",
"build": "pnpm run build:clean && pnpm run build:types && pnpm run build:js",
"lint": "eslint src --fix",
"test": "node --experimental-vm-modules ../../node_modules/jest/bin/jest.js",
"test:ci": "pnpm run test --ci --coverage",
"size": "./node_modules/.bin/size-limit",
"analyze": "./node_modules/.bin/size-limit --why"
"@stablelib/sha256": "^1.0.1",
"caip": "^1.1.0",
"uint8arrays": "^4.0.3"
}
}
}

2

README.md

@@ -27,3 +27,3 @@ ## Tezos AuthMethod and Verifier

const accountId = await getAccountId(tzProvider, address)
const authMethod = await TezosWebAuth.getAuthMethod(tzProvider, accountId, publicKey)
const authMethod = await TezosWebAuth.getAuthMethod(tzProvider, accountId)
```

@@ -30,0 +30,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc