feat: track cip30 method call origin

mkazlauskas · mkazlauskas · commit e316698ae64d · 2023-12-07T22:20:44.000+02:00
add optional origin properties to sign method props,
as well as cip30 callbacks
diff --git a/packages/dapp-connector/src/WalletApi/types.ts b/packages/dapp-connector/src/WalletApi/types.ts
@@ -212,3 +212,12 @@ export interface CipExtensionApis {
 }
 
 export type Cip30WalletApiWithPossibleExtensions = Cip30WalletApi & Partial<CipExtensionApis>;
+
+export type DAppConnectorContext = { origin: string };
+type FnWithDAppConnectorContext<T> = T extends (...args: infer Args) => infer R
+  ? (context: DAppConnectorContext, ...args: Args) => R
+  : T;
+
+export type WithDAppConnectorContext<T> = {
+  [K in keyof T]: FnWithDAppConnectorContext<T[K]>;
+};
diff --git a/packages/e2e/test/web-extension/extension/background/cip30.ts b/packages/e2e/test/web-extension/extension/background/cip30.ts
@@ -9,8 +9,16 @@ import { walletName } from '../const';
 
 // this should come from remote api
 const confirmationCallback: walletCip30.CallbackConfirmation = {
-  signData: async () => true,
-  signTx: async () => true,
+  signData: async ({ context }) => {
+    if (!context?.origin) throw new Error('No origin context');
+    logger.info(`signData request from ${context.origin}`);
+    return true;
+  },
+  signTx: async ({ context }) => {
+    if (!context?.origin) throw new Error('No origin context');
+    logger.info(`signTx request from ${context.origin}`);
+    return true;
+  },
   submitTx: async () => true
 };
 
diff --git a/packages/key-management/src/cip8/cip30signData.ts b/packages/key-management/src/cip8/cip30signData.ts
@@ -24,6 +24,7 @@ export interface Cip30SignDataRequest {
   witnesser: Bip32Ed25519Witnesser;
   signWith: Cardano.PaymentAddress | Cardano.RewardAccount | Cardano.DRepID;
   payload: HexBlob;
+  origin?: string;
 }
 
 export enum Cip30DataSignErrorCode {
@@ -87,10 +88,11 @@ const createSigStructureHeaders = (addressBytes: Uint8Array) => {
 const signSigStructure = (
   witnesser: Bip32Ed25519Witnesser,
   derivationPath: AccountKeyDerivationPath,
-  sigStructure: SigStructure
+  sigStructure: SigStructure,
+  origin?: string
 ) => {
   try {
-    return witnesser.signBlob(derivationPath, util.bytesToHex(sigStructure.to_bytes()));
+    return witnesser.signBlob(derivationPath, util.bytesToHex(sigStructure.to_bytes()), origin);
   } catch (error) {
     throw new Cip30DataSignError(Cip30DataSignErrorCode.UserDeclined, 'Failed to sign', error);
   }
@@ -115,7 +117,8 @@ export const cip30signData = async ({
   knownAddresses,
   witnesser,
   signWith,
-  payload
+  payload,
+  origin
 }: Cip30SignDataRequest): Promise<Cip30DataSignature> => {
   if (Cardano.DRepID.isValid(signWith) && !Cardano.DRepID.canSign(signWith)) {
     throw new Cip30DataSignError(Cip30DataSignErrorCode.AddressNotPK, 'Invalid address');
@@ -129,7 +132,7 @@ export const cip30signData = async ({
     false
   );
   const sigStructure = builder.make_data_to_sign();
-  const { signature, publicKey } = await signSigStructure(witnesser, derivationPath, sigStructure);
+  const { signature, publicKey } = await signSigStructure(witnesser, derivationPath, sigStructure, origin);
   const coseSign1 = builder.build(Buffer.from(signature, 'hex'));
 
   const coseKey = createCoseKey(addressBytes, publicKey);
diff --git a/packages/key-management/src/types.ts b/packages/key-management/src/types.ts
@@ -141,6 +141,7 @@ export interface SignTransactionOptions {
 export interface SignTransactionContext {
   txInKeyPathMap: TxInKeyPathMap;
   knownAddresses: GroupedAddress[];
+  origin?: string;
 }
 
 export interface KeyAgent {
@@ -231,5 +232,5 @@ export interface Witnesser {
   /**
    * @throws AuthenticationError
    */
-  signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob): Promise<SignBlobResult>;
+  signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob, origin?: string): Promise<SignBlobResult>;
 }
diff --git a/packages/key-management/src/util/createWitnesser.ts b/packages/key-management/src/util/createWitnesser.ts
@@ -25,7 +25,7 @@ export class Bip32Ed25519Witnesser implements Witnesser {
     return { signatures: await this.#keyAgent.signTransaction(txInternals, context, options) };
   }
 
-  async signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob): Promise<SignBlobResult> {
+  async signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob, _origin?: string): Promise<SignBlobResult> {
     return this.#keyAgent.signBlob(derivationPath, blob);
   }
 }
diff --git a/packages/key-management/test/cip8/cip30signData.test.ts b/packages/key-management/test/cip8/cip30signData.test.ts
@@ -8,6 +8,7 @@ import {
   KeyRole,
   cip8
 } from '../../src';
+import { Bip32Ed25519Witnesser } from '../../src/util';
 import { COSEKey, COSESign1, SigStructure } from '@emurgo/cardano-message-signing-nodejs';
 import { Cardano, util } from '@cardano-sdk/core';
 import { CoseLabel } from '../../src/cip8/util';
@@ -17,6 +18,7 @@ import { testAsyncKeyAgent, testKeyAgent } from '../mocks';
 describe('cip30signData', () => {
   const addressDerivationPath = { index: 0, type: AddressType.External };
   let keyAgent: KeyAgent;
+  let witnesser: Bip32Ed25519Witnesser;
   let asyncKeyAgent: AsyncKeyAgent;
   let address: GroupedAddress;
   const cryptoProvider = new Crypto.SodiumBip32Ed25519();
@@ -26,17 +28,20 @@ describe('cip30signData', () => {
     keyAgent = await keyAgentReady;
     asyncKeyAgent = await testAsyncKeyAgent(undefined, keyAgentReady);
     address = await asyncKeyAgent.deriveAddress(addressDerivationPath, 0);
+    witnesser = KeyManagementUtil.createBip32Ed25519Witnesser(asyncKeyAgent);
   });
 
   const signAndDecode = async (
     signWith: Cardano.PaymentAddress | Cardano.RewardAccount,
-    knownAddresses: GroupedAddress[]
+    knownAddresses: GroupedAddress[],
+    origin?: string
   ) => {
     const dataSignature = await cip8.cip30signData({
       knownAddresses,
+      origin,
       payload: HexBlob('abc123'),
       signWith,
-      witnesser: KeyManagementUtil.createBip32Ed25519Witnesser(asyncKeyAgent)
+      witnesser
     });
 
     const coseKey = COSEKey.from_bytes(Buffer.from(dataSignature.key, 'hex'));
@@ -102,4 +107,11 @@ describe('cip30signData', () => {
       )
     ).toBe(true);
   });
+
+  it('passes through origin to witnesser', async () => {
+    const signBlobSpy = jest.spyOn(witnesser, 'signBlob');
+    const origin = 'https://lace.io';
+    await signAndDecode(address.address, [address], origin);
+    expect(signBlobSpy).toBeCalledWith(expect.anything(), expect.anything(), origin);
+  });
 });
diff --git a/packages/wallet/src/PersonalWallet/PersonalWallet.ts b/packages/wallet/src/PersonalWallet/PersonalWallet.ts
@@ -531,14 +531,15 @@ export class PersonalWallet implements ObservableWallet {
     return initializeTx(props, this.getTxBuilderDependencies());
   }
 
-  async finalizeTx({ tx, ...rest }: FinalizeTxProps, stubSign = false): Promise<Cardano.Tx> {
+  async finalizeTx({ tx, origin, ...rest }: FinalizeTxProps, stubSign = false): Promise<Cardano.Tx> {
     const knownAddresses = await firstValueFrom(this.addresses$);
     const { tx: signedTx } = await finalizeTx(
       tx,
       {
         ...rest,
         signingContext: {
           knownAddresses,
+          origin,
           txInKeyPathMap: await util.createTxInKeyPathMap(tx.body, knownAddresses, this.util)
         }
       },
diff --git a/packages/wallet/src/cip30.ts b/packages/wallet/src/cip30.ts
@@ -5,6 +5,7 @@ import {
   Cbor,
   Cip30DataSignature,
   Cip95WalletApi,
+  DAppConnectorContext,
   DataSignError,
   DataSignErrorCode,
   Paginate,
@@ -13,7 +14,8 @@ import {
   TxSignError,
   TxSignErrorCode,
   WalletApi,
-  WalletApiExtension
+  WalletApiExtension,
+  WithDAppConnectorContext
 } from '@cardano-sdk/dapp-connector';
 import { Cardano, Serialization, TxCBOR, coalesceValueQuantities } from '@cardano-sdk/core';
 import { HexBlob, ManagedFreeableScope } from '@cardano-sdk/util';
@@ -36,13 +38,15 @@ export enum Cip30ConfirmationCallbackType {
 
 export type SignDataCallbackParams = {
   type: Cip30ConfirmationCallbackType.SignData;
+  context: DAppConnectorContext;
   data: {
     addr: Cardano.PaymentAddress | Cardano.DRepID;
     payload: HexBlob;
   };
 };
 
 export type SignTxCallbackParams = {
+  context: DAppConnectorContext;
   type: Cip30ConfirmationCallbackType.SignTx;
   data: Cardano.Tx;
 };
@@ -279,9 +283,10 @@ const baseCip30WalletApi = (
     }
   },
   // eslint-disable-next-line max-statements, sonarjs/cognitive-complexity,complexity
-  getCollateral: async ({
-    amount = new Serialization.Value(MAX_COLLATERAL_AMOUNT).toCbor()
-  }: { amount?: Cbor } = {}): Promise<
+  getCollateral: async (
+    _: DAppConnectorContext,
+    { amount = new Serialization.Value(MAX_COLLATERAL_AMOUNT).toCbor() }: { amount?: Cbor } = {}
+  ): Promise<
     Cbor[] | null
     // eslint-disable-next-line sonarjs/cognitive-complexity, max-statements
   > => {
@@ -371,7 +376,7 @@ const baseCip30WalletApi = (
     logger.debug('getting unused addresses');
     return Promise.resolve([]);
   },
-  getUsedAddresses: async (_paginate?: Paginate): Promise<Cbor[]> => {
+  getUsedAddresses: async (): Promise<Cbor[]> => {
     logger.debug('getting used addresses');
 
     const wallet = await firstValueFrom(wallet$);
@@ -383,7 +388,7 @@ const baseCip30WalletApi = (
       return addresses.map((groupAddresses) => cardanoAddressToCbor(groupAddresses.address));
     }
   },
-  getUtxos: async (amount?: Cbor, paginate?: Paginate): Promise<Cbor[] | null> => {
+  getUtxos: async (_: DAppConnectorContext, amount?: Cbor, paginate?: Paginate): Promise<Cbor[] | null> => {
     const scope = new ManagedFreeableScope();
     try {
       const wallet = await firstValueFrom(wallet$);
@@ -402,6 +407,7 @@ const baseCip30WalletApi = (
     }
   },
   signData: async (
+    context: DAppConnectorContext,
     addr: Cardano.PaymentAddress | Cardano.DRepID | Bytes,
     payload: Bytes
   ): Promise<Cip30DataSignature> => {
@@ -411,6 +417,7 @@ const baseCip30WalletApi = (
 
     const shouldProceed = await confirmationCallback
       .signData({
+        context,
         data: {
           addr: signWith,
           payload: hexBlobPayload
@@ -422,14 +429,15 @@ const baseCip30WalletApi = (
     if (shouldProceed) {
       const wallet = await firstValueFrom(wallet$);
       return wallet.signData({
+        origin: context.origin,
         payload: hexBlobPayload,
         signWith
       });
     }
     logger.debug('sign data declined');
     throw new DataSignError(DataSignErrorCode.UserDeclined, 'user declined signing');
   },
-  signTx: async (tx: Cbor, partialSign?: Boolean): Promise<Cbor> => {
+  signTx: async (context: DAppConnectorContext, tx: Cbor, partialSign?: Boolean): Promise<Cbor> => {
     const scope = new ManagedFreeableScope();
     logger.debug('signTx');
     const txDecoded = Serialization.Transaction.fromCbor(TxCBOR(tx));
@@ -438,6 +446,7 @@ const baseCip30WalletApi = (
     const coreTx = txDecoded.toCore();
     const shouldProceed = await confirmationCallback
       .signTx({
+        context,
         data: coreTx,
         type: Cip30ConfirmationCallbackType.SignTx
       })
@@ -455,7 +464,7 @@ const baseCip30WalletApi = (
           );
         const {
           witness: { signatures }
-        } = await wallet.finalizeTx({ tx: { ...coreTx, hash } });
+        } = await wallet.finalizeTx({ origin: context.origin, tx: { ...coreTx, hash } });
 
         // If partialSign is true, the wallet only tries to sign what it can. However, if
         // signatures size is 0 then throw.
@@ -484,7 +493,7 @@ const baseCip30WalletApi = (
       throw new TxSignError(TxSignErrorCode.UserDeclined, 'user declined signing tx');
     }
   },
-  submitTx: async (input: Cbor): Promise<string> => {
+  submitTx: async (_: DAppConnectorContext, input: Cbor): Promise<string> => {
     logger.debug('submitting tx');
     const { cbor, tx } = processTxInput(input);
     const shouldProceed = await confirmationCallback
@@ -570,7 +579,7 @@ export const createWalletApi = (
   wallet$: Observable<ObservableWallet>,
   confirmationCallback: CallbackConfirmation,
   { logger }: Cip30WalletDependencies
-): WalletApi => ({
+): WithDAppConnectorContext<WalletApi> => ({
   ...baseCip30WalletApi(wallet$, confirmationCallback, { logger }),
   ...extendedCip95WalletApi(wallet$, { logger })
 });
diff --git a/packages/wallet/src/types.ts b/packages/wallet/src/types.ts
@@ -46,6 +46,7 @@ export interface SyncStatus extends Shutdown {
 export type FinalizeTxProps = Omit<TxContext, 'signingContext'> & {
   tx: Cardano.TxBodyWithHash;
   signingOptions?: SignTransactionOptions;
+  origin?: string;
 };
 
 export type HandleInfo = HandleResolution & Asset.AssetInfo;
diff --git a/packages/wallet/test/PersonalWallet/methods.test.ts b/packages/wallet/test/PersonalWallet/methods.test.ts
@@ -216,12 +216,22 @@ describe('PersonalWallet methods', () => {
       expect(getPassphrase).not.toBeCalled();
     });
 
-    it('finalizeTx', async () => {
-      const txInternals = await wallet.initializeTx(props);
-      const tx = await wallet.finalizeTx({ tx: txInternals });
-      expect(tx.body).toBe(txInternals.body);
-      expect(tx.id).toBe(txInternals.hash);
-      expect(tx.witness.signatures.size).toBe(2); // spending key and stake key for withdrawal
+    describe('finalizeTx', () => {
+      it('resolves with TransactionWitnessSet', async () => {
+        const txInternals = await wallet.initializeTx(props);
+        const tx = await wallet.finalizeTx({ tx: txInternals });
+        expect(tx.body).toBe(txInternals.body);
+        expect(tx.id).toBe(txInternals.hash);
+        expect(tx.witness.signatures.size).toBe(2); // spending key and stake key for withdrawal
+      });
+
+      it('passes through origin to witnesser', async () => {
+        const origin = 'https://lace.io';
+        const witnessSpy = jest.spyOn(witnesser, 'witness');
+        const txInternals = await wallet.initializeTx(props);
+        await wallet.finalizeTx({ origin, tx: txInternals });
+        expect(witnessSpy).toBeCalledWith(expect.anything(), expect.objectContaining({ origin }), void 0);
+      });
     });
 
     describe('submitTx', () => {
@@ -421,6 +431,13 @@ describe('PersonalWallet methods', () => {
       expect(response).toHaveProperty('signature');
     });
 
+    it('passes through origin to witnesser', async () => {
+      const origin = 'https://lace.io';
+      const signBlobSpy = jest.spyOn(witnesser, 'signBlob');
+      await wallet.signData({ origin, payload: HexBlob('abc123'), signWith: address });
+      expect(signBlobSpy).toBeCalledWith(expect.anything(), expect.anything(), origin);
+    });
+
     test('rejects if bech32 DRepID is not a type 6 address', async () => {
       const dRepKey = await wallet.getPubDRepKey();
       for (const type in Cardano.AddressType) {
diff --git a/packages/wallet/test/integration/cip30mapping.test.ts b/packages/wallet/test/integration/cip30mapping.test.ts
diff --git a/packages/web-extension/src/cip30/exposeWalletApi.ts b/packages/web-extension/src/cip30/exposeWalletApi.ts
diff --git a/packages/web-extension/src/cip30/initializeBackgroundScript.ts b/packages/web-extension/src/cip30/initializeBackgroundScript.ts

Original file line number	Diff line number	Diff line change
`@@ -141,6 +141,7 @@ export interface SignTransactionOptions {`
`141`	`141`	`export interface SignTransactionContext {`
`142`	`142`	`txInKeyPathMap: TxInKeyPathMap;`
`143`	`143`	`knownAddresses: GroupedAddress[];`
	`144`	`+ origin?: string;`
`144`	`145`	`}`
`145`	`146`
`146`	`147`	`export interface KeyAgent {`
`@@ -231,5 +232,5 @@ export interface Witnesser {`
`231`	`232`	`/**`
`232`	`233`	`* @throws AuthenticationError`
`233`	`234`	`*/`
`234`		`- signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob): Promise<SignBlobResult>;`
	`235`	`+ signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob, origin?: string): Promise<SignBlobResult>;`
`235`	`236`	`}`
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ export class Bip32Ed25519Witnesser implements Witnesser {`
`25`	`25`	`return { signatures: await this.#keyAgent.signTransaction(txInternals, context, options) };`
`26`	`26`	`}`
`27`	`27`
`28`		`- async signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob): Promise<SignBlobResult> {`
	`28`	`+ async signBlob(derivationPath: AccountKeyDerivationPath, blob: HexBlob, _origin?: string): Promise<SignBlobResult> {`
`29`	`29`	`return this.#keyAgent.signBlob(derivationPath, blob);`
`30`	`30`	`}`
`31`	`31`	`}`
Original file line number	Diff line number	Diff line change
`@@ -531,14 +531,15 @@ export class PersonalWallet implements ObservableWallet {`
`531`	`531`	`return initializeTx(props, this.getTxBuilderDependencies());`
`532`	`532`	`}`
`533`	`533`
`534`		`- async finalizeTx({ tx, ...rest }: FinalizeTxProps, stubSign = false): Promise<Cardano.Tx> {`
	`534`	`+ async finalizeTx({ tx, origin, ...rest }: FinalizeTxProps, stubSign = false): Promise<Cardano.Tx> {`
`535`	`535`	`const knownAddresses = await firstValueFrom(this.addresses$);`
`536`	`536`	`const { tx: signedTx } = await finalizeTx(`
`537`	`537`	`tx,`
`538`	`538`	`{`
`539`	`539`	`...rest,`
`540`	`540`	`signingContext: {`
`541`	`541`	`knownAddresses,`
	`542`	`+ origin,`
`542`	`543`	`txInKeyPathMap: await util.createTxInKeyPathMap(tx.body, knownAddresses, this.util)`
`543`	`544`	`}`
`544`	`545`	`},`