458 lines
23 KiB
TypeScript
458 lines
23 KiB
TypeScript
import { assert } from '@0x/assert';
|
|
import { Order, SignatureType, ZeroExTransaction } from '@0x/types';
|
|
import { BigNumber } from '@0x/utils';
|
|
import * as chai from 'chai';
|
|
import { JSONRPCErrorCallback, JSONRPCRequestPayload } from 'ethereum-types';
|
|
import * as ethUtil from 'ethereumjs-util';
|
|
import * as _ from 'lodash';
|
|
import 'mocha';
|
|
|
|
import { generatePseudoRandomSalt, orderHashUtils, transactionHashUtils } from '../src';
|
|
import { constants } from '../src/constants';
|
|
import { signatureUtils } from '../src/signature_utils';
|
|
|
|
import { chaiSetup } from './utils/chai_setup';
|
|
import { provider, web3Wrapper } from './utils/web3_wrapper';
|
|
|
|
chaiSetup.configure();
|
|
const expect = chai.expect;
|
|
|
|
describe('Signature utils', () => {
|
|
let makerAddress: string;
|
|
const fakeExchangeContractAddress = '0x1dc4c1cefef38a777b15aa20260a54e584b16c48';
|
|
const fakeChainId = 1337;
|
|
let order: Order;
|
|
let transaction: ZeroExTransaction;
|
|
before(async () => {
|
|
const availableAddreses = await web3Wrapper.getAvailableAddressesAsync();
|
|
makerAddress = availableAddreses[0];
|
|
order = {
|
|
makerAddress,
|
|
takerAddress: constants.NULL_ADDRESS,
|
|
senderAddress: constants.NULL_ADDRESS,
|
|
feeRecipientAddress: constants.NULL_ADDRESS,
|
|
makerAssetData: constants.NULL_ADDRESS,
|
|
takerAssetData: constants.NULL_ADDRESS,
|
|
makerFeeAssetData: constants.NULL_ADDRESS,
|
|
takerFeeAssetData: constants.NULL_ADDRESS,
|
|
salt: new BigNumber(0),
|
|
makerFee: new BigNumber(0),
|
|
takerFee: new BigNumber(0),
|
|
makerAssetAmount: new BigNumber(0),
|
|
takerAssetAmount: new BigNumber(0),
|
|
expirationTimeSeconds: new BigNumber(0),
|
|
domain: {
|
|
verifyingContractAddress: fakeExchangeContractAddress,
|
|
chainId: fakeChainId,
|
|
},
|
|
};
|
|
transaction = {
|
|
domain: {
|
|
verifyingContractAddress: fakeExchangeContractAddress,
|
|
chainId: fakeChainId,
|
|
},
|
|
salt: generatePseudoRandomSalt(),
|
|
signerAddress: makerAddress,
|
|
data: '0x6927e990021d23b1eb7b8789f6a6feaf98fe104bb0cf8259421b79f9a34222b0',
|
|
expirationTimeSeconds: new BigNumber(0),
|
|
gasPrice: new BigNumber(0),
|
|
};
|
|
});
|
|
describe('#isValidSignatureAsync', () => {
|
|
let dataHex = '0x6927e990021d23b1eb7b8789f6a6feaf98fe104bb0cf8259421b79f9a34222b0';
|
|
const ethSignSignature =
|
|
'0x1B61a3ed31b43c8780e905a260a35faefcc527be7516aa11c0256729b5b351bc3340349190569279751135161d22529dc25add4f6069af05be04cacbda2ace225403';
|
|
let address = '0x5409ed021d9299bf6814279a6a1411a7e866a631';
|
|
|
|
it("should return false if the data doesn't pertain to the signature & address", async () => {
|
|
const bytes32Zeros = '0x0000000000000000000000000000000000000000000000000000000000000000';
|
|
expect(
|
|
await signatureUtils.isValidSignatureAsync(provider, bytes32Zeros, ethSignSignature, address),
|
|
).to.be.false();
|
|
});
|
|
it("should return false if the address doesn't pertain to the signature & data", async () => {
|
|
const validUnrelatedAddress = '0x8b0292b11a196601ed2ce54b665cafeca0347d42';
|
|
expect(
|
|
await signatureUtils.isValidSignatureAsync(provider, dataHex, ethSignSignature, validUnrelatedAddress),
|
|
).to.be.false();
|
|
});
|
|
it("should return false if the signature doesn't pertain to the dataHex & address", async () => {
|
|
const signatureArray = ethSignSignature.split('');
|
|
// tslint:disable-next-line:custom-no-magic-numbers
|
|
signatureArray[5] = 'C'; // V = 28, instead of 27
|
|
const wrongSignature = signatureArray.join('');
|
|
expect(
|
|
await signatureUtils.isValidSignatureAsync(provider, dataHex, wrongSignature, address),
|
|
).to.be.false();
|
|
});
|
|
|
|
it('should throw if signatureType is invalid', () => {
|
|
const signatureArray = ethSignSignature.split('');
|
|
signatureArray[3] = '9'; // SignatureType w/ index 9 doesn't exist
|
|
const signatureWithInvalidType = signatureArray.join('');
|
|
expect(
|
|
signatureUtils.isValidSignatureAsync(provider, dataHex, signatureWithInvalidType, address),
|
|
).to.be.rejected();
|
|
});
|
|
|
|
it('should return true for a valid Ecrecover (EthSign) signature', async () => {
|
|
const isValidSignatureLocal = await signatureUtils.isValidSignatureAsync(
|
|
provider,
|
|
dataHex,
|
|
ethSignSignature,
|
|
address,
|
|
);
|
|
expect(isValidSignatureLocal).to.be.true();
|
|
});
|
|
|
|
it('should return true for a valid EIP712 signature', async () => {
|
|
dataHex = '0xa1d7403bcbbcd75ec233cfd6584ff8dabed677d0e9bb32c2bea94e9dd8a109da';
|
|
address = '0x6ecbe1db9ef729cbe972c83fb886247691fb6beb';
|
|
const eip712Signature =
|
|
'0x1bdde07aac4bf12c12ddbb155919c43eba4146a2cfcf904a862950dbebe332554c6674975603eb5a4eaf8fd7f2e06350267e5b36cda9851a89f8bb49fe2fc9afe202';
|
|
const isValidSignatureLocal = await signatureUtils.isValidSignatureAsync(
|
|
provider,
|
|
dataHex,
|
|
eip712Signature,
|
|
address,
|
|
);
|
|
expect(isValidSignatureLocal).to.be.true();
|
|
});
|
|
|
|
it('should return false if entry not found in `preSigned` mapping', async () => {
|
|
const preSignedSignature = '0x06';
|
|
const isValidPreSignature = await signatureUtils.isValidSignatureAsync(
|
|
provider,
|
|
dataHex,
|
|
preSignedSignature,
|
|
address,
|
|
);
|
|
expect(isValidPreSignature).to.be.false();
|
|
});
|
|
});
|
|
describe('#isValidECSignature', () => {
|
|
const signature = {
|
|
v: 27,
|
|
r: '0xaca7da997ad177f040240cdccf6905b71ab16b74434388c3a72f34fd25d64393',
|
|
s: '0x46b2bac274ff29b48b3ea6e2d04c1336eaceafda3c53ab483fc3ff12fac3ebf2',
|
|
};
|
|
const data = '0x47173285a8d7341e5e972fc677286384f802f8ef42a5ec5f03bbfa254cb01fad';
|
|
const address = '0x0e5cb767cce09a7f3ca594df118aa519be5e2b5a';
|
|
|
|
it("should return false if the data doesn't pertain to the signature & address", async () => {
|
|
expect(signatureUtils.isValidECSignature('0x0', signature, address)).to.be.false();
|
|
});
|
|
it("should return false if the address doesn't pertain to the signature & data", async () => {
|
|
const validUnrelatedAddress = '0x8b0292b11a196601ed2ce54b665cafeca0347d42';
|
|
expect(signatureUtils.isValidECSignature(data, signature, validUnrelatedAddress)).to.be.false();
|
|
});
|
|
it("should return false if the signature doesn't pertain to the data & address", async () => {
|
|
const wrongSignature = _.assign({}, signature, { v: 28 });
|
|
expect(signatureUtils.isValidECSignature(data, wrongSignature, address)).to.be.false();
|
|
});
|
|
it('should return true if the signature does pertain to the data & address', async () => {
|
|
const isValidSignatureLocal = signatureUtils.isValidECSignature(data, signature, address);
|
|
expect(isValidSignatureLocal).to.be.true();
|
|
});
|
|
});
|
|
describe('#generateSalt', () => {
|
|
it('generates different salts', () => {
|
|
const isEqual = generatePseudoRandomSalt().eq(generatePseudoRandomSalt());
|
|
expect(isEqual).to.be.false();
|
|
});
|
|
it('generates salt in range [0..2^256)', () => {
|
|
const salt = generatePseudoRandomSalt();
|
|
expect(salt.isGreaterThanOrEqualTo(0)).to.be.true();
|
|
// tslint:disable-next-line:custom-no-magic-numbers
|
|
const twoPow256 = new BigNumber(2).pow(256);
|
|
expect(salt.isLessThan(twoPow256)).to.be.true();
|
|
});
|
|
});
|
|
describe('#ecSignOrderAsync', () => {
|
|
it('should default to eth_sign if eth_signTypedData is unavailable', async () => {
|
|
const expectedSignature =
|
|
'0x1c5e6c2a66037230b86a410b1d68108683ee8288d3668af91cab72dde1e1541ca86a50b638ccc743f6194a21dd313e71b4b155b2ad882f874d5d790d37d4623ca203';
|
|
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_signTypedData') {
|
|
callback(new Error('Internal RPC Error'));
|
|
} else if (payload.method === 'eth_sign') {
|
|
const [address, message] = payload.params;
|
|
const signature = await web3Wrapper.signMessageAsync(address, message);
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: signature,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
const signedOrder = await signatureUtils.ecSignOrderAsync(fakeProvider, order, makerAddress);
|
|
expect(signedOrder.signature).to.equal(expectedSignature);
|
|
});
|
|
it('should throw if the user denies the signing request', async () => {
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_signTypedData') {
|
|
callback(new Error('User denied message signature'));
|
|
} else if (payload.method === 'eth_sign') {
|
|
const [address, message] = payload.params;
|
|
const signature = await web3Wrapper.signMessageAsync(address, message);
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: signature,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
expect(signatureUtils.ecSignOrderAsync(fakeProvider, order, makerAddress)).to.to.be.rejectedWith(
|
|
'User denied message signature',
|
|
);
|
|
});
|
|
});
|
|
describe('#ecSignTransactionAsync', () => {
|
|
it('should default to eth_sign if eth_signTypedData is unavailable', async () => {
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_signTypedData') {
|
|
callback(new Error('Internal RPC Error'));
|
|
} else if (payload.method === 'eth_sign') {
|
|
const [address, message] = payload.params;
|
|
const signature = await web3Wrapper.signMessageAsync(address, message);
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: signature,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
const signedTransaction = await signatureUtils.ecSignTransactionAsync(
|
|
fakeProvider,
|
|
transaction,
|
|
makerAddress,
|
|
);
|
|
assert.isHexString('signedTransaction.signature', signedTransaction.signature);
|
|
});
|
|
it('should throw if the user denies the signing request', async () => {
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_signTypedData') {
|
|
callback(new Error('User denied message signature'));
|
|
} else if (payload.method === 'eth_sign') {
|
|
const [address, message] = payload.params;
|
|
const signature = await web3Wrapper.signMessageAsync(address, message);
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: signature,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
expect(
|
|
signatureUtils.ecSignTransactionAsync(fakeProvider, transaction, makerAddress),
|
|
).to.to.be.rejectedWith('User denied message signature');
|
|
});
|
|
});
|
|
describe('#ecSignHashAsync', () => {
|
|
before(async () => {
|
|
const availableAddreses = await web3Wrapper.getAvailableAddressesAsync();
|
|
makerAddress = availableAddreses[0];
|
|
});
|
|
it('should return the correct Signature', async () => {
|
|
const orderHash = '0x6927e990021d23b1eb7b8789f6a6feaf98fe104bb0cf8259421b79f9a34222b0';
|
|
const expectedSignature =
|
|
'0x1b61a3ed31b43c8780e905a260a35faefcc527be7516aa11c0256729b5b351bc3340349190569279751135161d22529dc25add4f6069af05be04cacbda2ace225403';
|
|
const ecSignature = await signatureUtils.ecSignHashAsync(provider, orderHash, makerAddress);
|
|
expect(ecSignature).to.equal(expectedSignature);
|
|
});
|
|
it('should return the correct Signature for signatureHex concatenated as R + S + V', async () => {
|
|
const orderHash = '0x34decbedc118904df65f379a175bb39ca18209d6ce41d5ed549d54e6e0a95004';
|
|
const expectedSignature =
|
|
'0x1b117902c86dfb95fe0d1badd983ee166ad259b27acb220174cbb4460d872871137feabdfe76e05924b484789f79af4ee7fa29ec006cedce1bbf369320d034e10b03';
|
|
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_sign') {
|
|
const [address, message] = payload.params;
|
|
expect(message).to.equal(orderHash);
|
|
const signature = await web3Wrapper.signMessageAsync(address, message);
|
|
// tslint:disable-next-line:custom-no-magic-numbers
|
|
const rsvHex = `0x${signature.substr(130)}${signature.substr(2, 128)}`;
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: rsvHex,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
const ecSignature = await signatureUtils.ecSignHashAsync(fakeProvider, orderHash, makerAddress);
|
|
expect(ecSignature).to.equal(expectedSignature);
|
|
});
|
|
it('should return the correct Signature for signatureHex concatenated as V + R + S', async () => {
|
|
const orderHash = '0x34decbedc118904df65f379a175bb39ca18209d6ce41d5ed549d54e6e0a95004';
|
|
const expectedSignature =
|
|
'0x1b117902c86dfb95fe0d1badd983ee166ad259b27acb220174cbb4460d872871137feabdfe76e05924b484789f79af4ee7fa29ec006cedce1bbf369320d034e10b03';
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_sign') {
|
|
const [address, message] = payload.params;
|
|
const signature = await web3Wrapper.signMessageAsync(address, message);
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: signature,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
|
|
const ecSignature = await signatureUtils.ecSignHashAsync(fakeProvider, orderHash, makerAddress);
|
|
expect(ecSignature).to.equal(expectedSignature);
|
|
});
|
|
it('should return a valid signature', async () => {
|
|
const orderHash = '0x34decbedc118904df65f379a175bb39ca18209d6ce41d5ed549d54e6e0a95004';
|
|
const ecSignature = await signatureUtils.ecSignHashAsync(provider, orderHash, makerAddress);
|
|
|
|
const isValidSignature = await signatureUtils.isValidSignatureAsync(
|
|
provider,
|
|
orderHash,
|
|
ecSignature,
|
|
makerAddress,
|
|
);
|
|
expect(isValidSignature).to.be.true();
|
|
});
|
|
});
|
|
describe('#ecSignTypedDataOrderAsync', () => {
|
|
it('should result in the same signature as signing the order hash without an ethereum message prefix', async () => {
|
|
// Note: Since order hash is an EIP712 hash the result of a valid EIP712 signature
|
|
// of order hash is the same as signing the order without the Ethereum Message prefix.
|
|
const orderHashHex = orderHashUtils.getOrderHashHex(order);
|
|
const sig = ethUtil.ecsign(
|
|
ethUtil.toBuffer(orderHashHex),
|
|
Buffer.from('F2F48EE19680706196E2E339E5DA3491186E0C4C5030670656B0E0164837257D', 'hex'),
|
|
);
|
|
const signatureBuffer = Buffer.concat([
|
|
ethUtil.toBuffer(sig.v),
|
|
ethUtil.toBuffer(sig.r),
|
|
ethUtil.toBuffer(sig.s),
|
|
ethUtil.toBuffer(SignatureType.EIP712),
|
|
]);
|
|
const signatureHex = `0x${signatureBuffer.toString('hex')}`;
|
|
const signedOrder = await signatureUtils.ecSignTypedDataOrderAsync(provider, order, makerAddress);
|
|
const isValidSignature = await signatureUtils.isValidSignatureAsync(
|
|
provider,
|
|
orderHashHex,
|
|
signedOrder.signature,
|
|
makerAddress,
|
|
);
|
|
expect(signatureHex).to.eq(signedOrder.signature);
|
|
expect(isValidSignature).to.eq(true);
|
|
});
|
|
it('should return the correct signature for signatureHex concatenated as R + S + V', async () => {
|
|
const expectedSignature =
|
|
'0x1c686a55fa3f563115c0f2bc2b1c51964d0b6a05dd5ee862b702275600b7f634970f2275dccc1073f87a916dfde88574385b2d7a3eed0c2bdc08c76bad748d7d9002';
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_signTypedData') {
|
|
const [address, typedData] = payload.params;
|
|
const signature = await web3Wrapper.signTypedDataAsync(address, typedData);
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: signature,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
const signedOrder = await signatureUtils.ecSignTypedDataOrderAsync(fakeProvider, order, makerAddress);
|
|
expect(signedOrder.signature).to.equal(expectedSignature);
|
|
});
|
|
});
|
|
describe('#ecSignTypedDataTransactionAsync', () => {
|
|
it('should result in the same signature as signing the order hash without an ethereum message prefix', async () => {
|
|
// Note: Since order hash is an EIP712 hash the result of a valid EIP712 signature
|
|
// of order hash is the same as signing the order without the Ethereum Message prefix.
|
|
const transactionHashHex = transactionHashUtils.getTransactionHashHex(transaction);
|
|
const sig = ethUtil.ecsign(
|
|
ethUtil.toBuffer(transactionHashHex),
|
|
Buffer.from('F2F48EE19680706196E2E339E5DA3491186E0C4C5030670656B0E0164837257D', 'hex'),
|
|
);
|
|
const signatureBuffer = Buffer.concat([
|
|
ethUtil.toBuffer(sig.v),
|
|
ethUtil.toBuffer(sig.r),
|
|
ethUtil.toBuffer(sig.s),
|
|
ethUtil.toBuffer(SignatureType.EIP712),
|
|
]);
|
|
const signatureHex = `0x${signatureBuffer.toString('hex')}`;
|
|
const signedTransaction = await signatureUtils.ecSignTypedDataTransactionAsync(
|
|
provider,
|
|
transaction,
|
|
makerAddress,
|
|
);
|
|
const isValidSignature = await signatureUtils.isValidSignatureAsync(
|
|
provider,
|
|
transactionHashHex,
|
|
signedTransaction.signature,
|
|
makerAddress,
|
|
);
|
|
expect(signatureHex).to.eq(signedTransaction.signature);
|
|
expect(isValidSignature).to.eq(true);
|
|
});
|
|
it('should return the correct Signature for signatureHex concatenated as R + S + V', async () => {
|
|
const fakeProvider = {
|
|
async sendAsync(payload: JSONRPCRequestPayload, callback: JSONRPCErrorCallback): Promise<void> {
|
|
if (payload.method === 'eth_signTypedData') {
|
|
const [address, typedData] = payload.params;
|
|
const signature = await web3Wrapper.signTypedDataAsync(address, typedData);
|
|
callback(null, {
|
|
id: 42,
|
|
jsonrpc: '2.0',
|
|
result: signature,
|
|
});
|
|
} else {
|
|
callback(null, { id: 42, jsonrpc: '2.0', result: [makerAddress] });
|
|
}
|
|
},
|
|
};
|
|
const signedTransaction = await signatureUtils.ecSignTypedDataTransactionAsync(
|
|
fakeProvider,
|
|
transaction,
|
|
makerAddress,
|
|
);
|
|
assert.isHexString('signedTransaction.signature', signedTransaction.signature);
|
|
});
|
|
});
|
|
describe('#convertECSignatureToSignatureHex', () => {
|
|
const ecSignature: ECSignature = {
|
|
v: 27,
|
|
r: '0xaca7da997ad177f040240cdccf6905b71ab16b74434388c3a72f34fd25d64393',
|
|
s: '0x46b2bac274ff29b48b3ea6e2d04c1336eaceafda3c53ab483fc3ff12fac3ebf2',
|
|
};
|
|
it('should concatenate v,r,s and append the EthSign signature type', async () => {
|
|
const expectedSignatureWithSignatureType =
|
|
'0x1baca7da997ad177f040240cdccf6905b71ab16b74434388c3a72f34fd25d6439346b2bac274ff29b48b3ea6e2d04c1336eaceafda3c53ab483fc3ff12fac3ebf203';
|
|
const signatureWithSignatureType = signatureUtils.convertECSignatureToSignatureHex(ecSignature);
|
|
expect(signatureWithSignatureType).to.equal(expectedSignatureWithSignatureType);
|
|
});
|
|
});
|
|
});
|