feat(web-extension): add SignerManager

it is intended to be running in wallet's UI script
and exposed via messaging to service worker, which
calls signTransaction/signData, which then emits an
object that has sign() and reject() methods on
transactionWitnessRequest$/signDataRequest$

Author: mkazlauskas

packages/web-extension/package.json

@@ -57,6 +57,8 @@
     "@cardano-sdk/crypto": "workspace:~",
     "@cardano-sdk/dapp-connector": "workspace:~",
     "@cardano-sdk/key-management": "workspace:~",
+    "@cardano-sdk/hardware-ledger": "workspace:~",
+    "@cardano-sdk/hardware-trezor": "workspace:~",
     "@cardano-sdk/tx-construction": "workspace:~",
     "@cardano-sdk/util": "workspace:~",
     "@cardano-sdk/util-rxjs": "workspace:~",

packages/web-extension/src/walletManager/SignerManager/KeyAgentFactory.ts

@@ -0,0 +1,11 @@
+import { InMemoryKeyAgent, InMemoryKeyAgentProps, KeyAgentDependencies } from '@cardano-sdk/key-management';
+import { LedgerKeyAgent, LedgerKeyAgentProps } from '@cardano-sdk/hardware-ledger';
+import { TrezorKeyAgent, TrezorKeyAgentProps } from '@cardano-sdk/hardware-trezor';
+
+export const createKeyAgentFactory = (dependencies: KeyAgentDependencies) => ({
+  InMemory: (props: InMemoryKeyAgentProps) => new InMemoryKeyAgent(props, dependencies),
+  Ledger: (props: LedgerKeyAgentProps) => new LedgerKeyAgent(props, dependencies),
+  Trezor: (props: TrezorKeyAgentProps) => new TrezorKeyAgent(props, dependencies)
+});
+
+export type KeyAgentFactory = ReturnType<typeof createKeyAgentFactory>;

packages/web-extension/src/walletManager/SignerManager/SignerManager.ts

@@ -0,0 +1,155 @@
+/* eslint-disable brace-style */
+import { Cardano, Serialization } from '@cardano-sdk/core';
+import { InMemoryWallet, WalletType } from '../types';
+import { KeyAgent, SignBlobResult, TrezorConfig, errors } from '@cardano-sdk/key-management';
+import { KeyAgentFactory } from './KeyAgentFactory';
+import {
+  RequestBase,
+  RequestContext,
+  SignDataProps,
+  SignDataRequest,
+  SignRequest,
+  SignTransactionProps,
+  SignerManagerConfirmationApi,
+  SignerManagerSignApi,
+  TransactionWitnessRequest
+} from './types';
+import { Subject } from 'rxjs';
+
+export type HardwareKeyAgentOptions = TrezorConfig;
+
+export type SignerManagerProps = {
+  hwOptions: HardwareKeyAgentOptions;
+};
+
+export type SignerManagerDependencies = {
+  keyAgentFactory: KeyAgentFactory;
+};
+
+export class SignerManager<WalletMetadata extends {}>
+  implements SignerManagerConfirmationApi<WalletMetadata>, SignerManagerSignApi<WalletMetadata>
+{
+  readonly transactionWitnessRequest$ = new Subject<TransactionWitnessRequest<WalletMetadata>>();
+  readonly signDataRequest$ = new Subject<SignDataRequest<WalletMetadata>>();
+  readonly #hwOptions: HardwareKeyAgentOptions;
+  readonly #keyAgentFactory: KeyAgentFactory;
+
+  constructor(props: SignerManagerProps, { keyAgentFactory }: SignerManagerDependencies) {
+    this.#hwOptions = props.hwOptions;
+    this.#keyAgentFactory = keyAgentFactory;
+  }
+
+  async signTransaction(
+    { tx, signContext, options }: SignTransactionProps,
+    requestContext: RequestContext<WalletMetadata>
+  ): Promise<Cardano.Signatures> {
+    const transaction = Serialization.Transaction.fromCbor(tx);
+    return this.#signRequest(
+      this.transactionWitnessRequest$,
+      {
+        requestContext,
+        signContext,
+        transaction,
+        walletType: requestContext.wallet.type
+      },
+      (keyAgent) =>
+        keyAgent.signTransaction(
+          {
+            body: transaction.body().toCore(),
+            hash: transaction.getId()
+          },
+          signContext,
+          options
+        )
+    );
+  }
+
+  async signData(props: SignDataProps, requestContext: RequestContext<WalletMetadata>): Promise<SignBlobResult> {
+    return this.#signRequest(
+      this.signDataRequest$,
+      {
+        ...props,
+        requestContext,
+        walletType: requestContext.wallet.type
+      },
+      (keyAgent) => keyAgent.signBlob(props.derivationPath, props.blob)
+    );
+  }
+
+  #signRequest<R, Req extends RequestBase<WalletMetadata> & SignRequest<R>>(
+    emitter$: Subject<Req>,
+    request: Omit<Req, 'reject' | 'sign'>,
+    sign: (keyAgent: KeyAgent) => Promise<R>
+  ) {
+    return new Promise<R>((resolve, reject) => {
+      if (!emitter$.observed) {
+        return reject(new errors.AuthenticationError('Internal error: signDataRequest$ not observed'));
+      }
+      const account = request.requestContext.wallet.accounts.find(
+        ({ accountIndex }) => accountIndex === request.requestContext.accountIndex
+      );
+      if (!account) {
+        return reject(new errors.ProofGenerationError(`Account not found: ${request.requestContext.accountIndex}`));
+      }
+      const bubbleResolveReject = async (action: () => Promise<R>): Promise<R> => {
+        try {
+          const result = action();
+          resolve(result);
+          return result;
+        } catch (error) {
+          reject(error);
+          throw error;
+        }
+      };
+      const commonRequestProps = {
+        ...request,
+        reject: async (reason: string) => reject(new errors.AuthenticationError(reason))
+      };
+      emitter$.next(
+        request.walletType === WalletType.InMemory
+          ? ({
+              ...commonRequestProps,
+              sign: async (passphrase: Uint8Array) =>
+                bubbleResolveReject(() => {
+                  const wallet = request.requestContext.wallet as InMemoryWallet<WalletMetadata>;
+                  return sign(
+                    this.#keyAgentFactory.InMemory({
+                      accountIndex: account.accountIndex,
+                      chainId: request.requestContext.chainId,
+                      encryptedRootPrivateKeyBytes: [
+                        ...Buffer.from(wallet.encryptedSecrets.rootPrivateKeyBytes, 'hex')
+                      ],
+                      extendedAccountPublicKey: wallet.extendedAccountPublicKey,
+                      // TODO: this might be in memory for longer than needed
+                      getPassphrase: async () => passphrase
+                    })
+                  );
+                }),
+              walletType: request.walletType
+            } as Req)
+          : ({
+              ...commonRequestProps,
+              sign: async (): Promise<R> =>
+                bubbleResolveReject(async () =>
+                  sign(
+                    request.walletType === WalletType.Ledger
+                      ? this.#keyAgentFactory.Ledger({
+                          accountIndex: request.requestContext.accountIndex,
+                          chainId: request.requestContext.chainId,
+                          communicationType: this.#hwOptions.communicationType,
+                          extendedAccountPublicKey: request.requestContext.wallet.extendedAccountPublicKey
+                        })
+                      : this.#keyAgentFactory.Trezor({
+                          accountIndex: request.requestContext.accountIndex,
+                          chainId: request.requestContext.chainId,
+                          extendedAccountPublicKey: request.requestContext.wallet.extendedAccountPublicKey,
+                          trezorConfig: this.#hwOptions
+                        })
+                  )
+                ),
+              walletType: request.walletType
+            } as Req)
+      );
+    });
+  }
+}

packages/web-extension/src/walletManager/SignerManager/index.ts

@@ -0,0 +1,3 @@
+export * from './types';
+export * from './SignerManager';
+export * from './KeyAgentFactory';

packages/web-extension/src/walletManager/SignerManager/types.ts

@@ -0,0 +1,71 @@
+import {
+  AccountKeyDerivationPath,
+  MessageSender,
+  SignBlobResult,
+  SignTransactionContext,
+  SignTransactionOptions
+} from '@cardano-sdk/key-management';
+import { AnyBip32Wallet, WalletType } from '../types';
+import { Cardano, Serialization, TxCBOR } from '@cardano-sdk/core';
+import { HexBlob } from '@cardano-sdk/util';
+import { Observable } from 'rxjs';
+
+export type RequestContext<WalletMetadata extends {}> = {
+  wallet: AnyBip32Wallet<WalletMetadata>;
+  accountIndex: number;
+  chainId: Cardano.ChainId;
+};
+
+export type RequestBase<WalletMetadata extends {}> = {
+  requestContext: RequestContext<WalletMetadata>;
+  reject(reason: string): Promise<void>;
+};
+
+type SignRequestInMemory<R> = {
+  walletType: WalletType.InMemory;
+  sign(passphrase: Uint8Array): Promise<R>;
+};
+
+type SignRequestHardware<R> = {
+  walletType: WalletType.Trezor | WalletType.Ledger;
+  /** Must be called from user gesture when running in web environments */
+  sign(): Promise<R>;
+};
+
+export type SignRequest<R> = SignRequestHardware<R> | SignRequestInMemory<R>;
+
+export type TransactionWitnessRequest<WalletMetadata extends {}> = RequestBase<WalletMetadata> & {
+  transaction: Serialization.Transaction;
+  signContext: SignTransactionContext;
+} & SignRequest<Cardano.Signatures>;
+
+export type SignDataContext = { sender?: MessageSender };
+
+export type SignDataProps = {
+  derivationPath: AccountKeyDerivationPath;
+  blob: HexBlob;
+  signContext: SignDataContext;
+};
+
+export type SignDataRequest<WalletMetadata extends {}> = RequestBase<WalletMetadata> &
+  SignDataProps &
+  SignRequest<SignBlobResult>;
+
+export type SignTransactionProps = {
+  tx: TxCBOR;
+  signContext: SignTransactionContext;
+  options?: SignTransactionOptions;
+};
+
+export interface SignerManagerConfirmationApi<WalletMetadata extends {}> {
+  transactionWitnessRequest$: Observable<TransactionWitnessRequest<WalletMetadata>>;
+  signDataRequest$: Observable<SignDataRequest<WalletMetadata>>;
+}
+
+export interface SignerManagerSignApi<WalletMetadata extends {}> {
+  signTransaction(
+    props: SignTransactionProps,
+    requestContext: RequestContext<WalletMetadata>
+  ): Promise<Cardano.Signatures>;
+  signData(props: SignDataProps, requestContext: RequestContext<WalletMetadata>): Promise<SignBlobResult>;
+}

packages/web-extension/src/walletManager/index.ts

@@ -3,5 +3,6 @@ export * from './util';
 export * from './walletManagerUi';
 export * from './walletManagerWorker';
 export * from './WalletRepository';
+export * from './SignerManager';
 export * from './errors';
 export * from './types';

packages/web-extension/src/walletManager/types.ts

@@ -36,6 +36,8 @@ export type InMemoryWallet<Metadata extends {}> = Bip32Wallet<Metadata> & {
   };
 };
 
+export type AnyBip32Wallet<WalletMetadata extends {}> = HardwareWallet<WalletMetadata> | InMemoryWallet<WalletMetadata>;
+
 export type OwnSignerAccount = {
   walletId: WalletId;
   accountIndex: number;