-
Notifications
You must be signed in to change notification settings - Fork 43
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
57 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,31 +1,67 @@ | ||
| import { ethers } from 'ethers'; | ||
| import { utils } from 'ethers'; | ||
| import { getProvider } from '@/utils/provider'; | ||
|
|
||
| /** | ||
| * Get the address that signed a configuration update | ||
| * Verify a relayer's configuration update signature and nonce | ||
| * @param configPayload The configuration update payload | ||
| * @param signature The signature provided by the relayer | ||
| * @returns The Ethereum address that signed the payload | ||
| * @param signature The signature provided by the relayer | ||
| * @param nonce The nonce value to prevent replay attacks | ||
| * @throws Error if signature is invalid or nonce has been used | ||
| */ | ||
| async function getSignerAddress( | ||
| export async function verifyRelayerSignature( | ||
| configPayload: Record<string, any>, | ||
| signature: string | ||
| ): Promise<string> { | ||
| signature: string, | ||
| nonce: number | ||
| ): Promise<void> { | ||
| try { | ||
| // Verify nonce hasn't been used before | ||
| if (await hasNonceBeenUsed(nonce)) { | ||
| throw new Error('Nonce has already been used'); | ||
| } | ||
|
|
||
| // Add nonce to payload before verifying | ||
| const payloadWithNonce = { | ||
| ...configPayload, | ||
| nonce | ||
| }; | ||
|
|
||
| // Convert payload to string and hash it | ||
| const payloadStr = JSON.stringify(configPayload); | ||
| const messageHash = ethers.utils.keccak256(ethers.utils.toUtf8Bytes(payloadStr)); | ||
| const payloadStr = JSON.stringify(payloadWithNonce); | ||
| const messageHash = utils.keccak256(utils.toUtf8Bytes(payloadStr)); | ||
|
|
||
| // Create signable message | ||
| const prefixedMessage = ethers.utils.arrayify(messageHash); | ||
| const prefixedMessage = utils.arrayify(messageHash); | ||
|
|
||
| // Recover the address that signed the message | ||
| const recoveredAddress = ethers.utils.verifyMessage(prefixedMessage, signature); | ||
| const recoveredAddress = utils.verifyMessage(prefixedMessage, signature); | ||
| const checksumAddress = utils.getAddress(recoveredAddress); | ||
|
|
||
| // Verify signer is an authorized relayer | ||
| if (!await isAuthorizedRelayer(checksumAddress)) { | ||
| throw new Error('Signer is not an authorized relayer'); | ||
| } | ||
|
|
||
| // Convert to checksum format | ||
| return ethers.utils.getAddress(recoveredAddress); | ||
| // Store nonce as used | ||
| await storeUsedNonce(nonce); | ||
|
|
||
| } catch (error) { | ||
| console.error('Error recovering signer address:', error); | ||
| console.error('Error verifying relayer signature:', error); | ||
| throw error; | ||
| } | ||
| } | ||
|
|
||
| // Helper functions that would need to be implemented: | ||
| async function hasNonceBeenUsed(nonce: number): Promise<boolean> { | ||
| // Check if nonce exists in storage | ||
| throw new Error('Not implemented'); | ||
| } | ||
|
|
||
| async function isAuthorizedRelayer(address: string): Promise<boolean> { | ||
| // Check if address is in authorized relayer list | ||
| throw new Error('Not implemented'); | ||
| } | ||
|
|
||
| async function storeUsedNonce(nonce: number): Promise<void> { | ||
| // Store nonce in persistent storage | ||
| throw new Error('Not implemented'); | ||
| } |