Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge pull request #55 from BitGo/CT-698-eos #56

Open
wants to merge 52 commits into
base: CT-698-eos
Choose a base branch
from
Open
Changes from 1 commit
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
9f48c83
Merge pull request #55 from BitGo/CT-698-eos
dannydeezy Jul 17, 2019
9d436d3
CT-856 - Bump SDK version to 7.0.0-rc.0
CapnMigraine Aug 7, 2019
dba9fee
Merge pull request #57 from BitGo/CT-856.bump-sdk-version
dannydeezy Aug 8, 2019
a55d5e6
[TRON-58] Add KRS Support for TRON
Oct 22, 2019
f888c9f
Add Statics support
Nov 7, 2019
fadf3b7
Merge pull request #59 from BitGo/TRON-58-add-krs-support-for-tron
marktoda Nov 7, 2019
bf62d71
[ISSUE-60] Refactor the signing functions in sign.js to reduce boiler…
longnguyenTM Feb 26, 2020
abb852f
correct mis-spelled words and change parameter name.
Feb 25, 2020
981b7b3
Merge pull request #62 from longnguyenTM/issue60
cooncesean Feb 27, 2020
92fcff3
Add ethereumjs-util as explicit dependency
Sword-Smith Mar 17, 2020
f008f34
Fix bug in getBackupSigningKey
Sword-Smith Mar 17, 2020
8935531
Add check for valid XLM master seed
Sword-Smith Mar 17, 2020
f357171
Add minor documentation improvements
Sword-Smith Mar 18, 2020
bfb2e7c
Utilize signature module from ethereumjs-util
Sword-Smith Mar 18, 2020
2a498b6
Merge pull request #66 from Sword-Smith/master
tylerlevine Mar 20, 2020
1711aef
Implement initial Drone CI for this KRSv2 project.
james8nguyen Mar 20, 2020
e8ddf11
Get drone builds into a working state
drGrove Mar 20, 2020
88f53b4
Moved audit to node v10 pipeline and updated package-lock.json.
james8nguyen Mar 21, 2020
5779646
Upgrade the following depedencies and resolve vulnerabilities:
james8nguyen Mar 23, 2020
3c908f6
Enable support for node 12 and disable for node 6
james8nguyen Mar 24, 2020
0c65d77
BG-18658 Merge pull request #70 from BitGo/BG-19209-node10
james8nguyen Mar 30, 2020
d7bf444
Enable lint test for KRSv2
james8nguyen Apr 3, 2020
50947c9
Fix lint
Apr 3, 2020
2541dba
Fix Tests
Apr 21, 2020
7d98115
Merge pull request #73 from BitGo/BG-19296-enable-lint
tylerlevine Apr 22, 2020
dbe3f7b
fix(package.json): update packages importing elliptic to bump elliptic
aaldemir Jul 20, 2021
58fb05a
fix(package.json): update @bitgo/account-lib package to ^2.13.0
aaldemir Jul 22, 2021
22c90be
fix(package.json): update packages importing elliptic and changed por…
aaldemir Jul 22, 2021
76462f0
Merge pull request #88 from aaldemir/BG-23533-bump-elliptic-dependencies
tylerlevine Jul 26, 2021
618184e
chore(package): use @bitgo/utxo-lib
OttoAllmendinger Sep 6, 2021
30d962e
chore(gitignore): ignore iml files
OttoAllmendinger Sep 6, 2021
5e09a21
chore(test): update zcash expected transaction bytes
OttoAllmendinger Sep 6, 2021
b8ebc75
chore(app): remove prova-lib
OttoAllmendinger Sep 6, 2021
aa44234
chore(app): use standard import name for utxolib
OttoAllmendinger Sep 6, 2021
6948de1
fix(app): do not use `HDNode.fromPrivateKeyBuffer()`
OttoAllmendinger Sep 6, 2021
336dea0
chore(app): use bip32 instead of HDNode
OttoAllmendinger Sep 6, 2021
94d99c6
fix(app): improve error message
OttoAllmendinger Sep 9, 2021
6b4d02c
fix(root): bump bitgo deps
OttoAllmendinger Sep 9, 2021
055d881
fix(app,test): fix eslint errors
OttoAllmendinger Sep 9, 2021
3b4998e
Merge pull request #90 from BitGo/BG-34381.use-bitgo-dep
tylerlevine Sep 23, 2021
f011d5d
chore(renovate): initial renovate configuration
bgdeploybot Nov 28, 2023
70f3adb
Merge pull request #116
therealdwright Feb 1, 2024
2fc77e6
Bump protobufjs from 6.11.2 to 6.11.4
dependabot[bot] Feb 6, 2024
11c9d96
Merge pull request #119 from BitGo/dependabot/npm_and_yarn/protobufjs…
dhoffmann Feb 6, 2024
44f602b
Bump mongoose from 5.13.3 to 5.13.20
dependabot[bot] Feb 6, 2024
a6aacb9
Bump minimist from 1.2.5 to 1.2.8
dependabot[bot] Feb 6, 2024
cf0eb65
Bump webpack from 5.52.0 to 5.90.1
dependabot[bot] Feb 6, 2024
1878920
Merge pull request #127 from BitGo/dependabot/npm_and_yarn/minimist-1…
dhoffmann Feb 6, 2024
8af0ef6
Merge pull request #128 from BitGo/dependabot/npm_and_yarn/webpack-5.…
dhoffmann Feb 6, 2024
4a894e1
Merge pull request #126 from BitGo/dependabot/npm_and_yarn/mongoose-5…
dhoffmann Feb 6, 2024
adc6cfd
chore: enable github advanced security workflow
KartikKSrivastava Oct 10, 2024
48dc710
Merge pull request #134 from BitGo/codeql
the-smooth-operator Oct 22, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
[ISSUE-60] Refactor the signing functions in sign.js to reduce boiler…
…plate code.
  • Loading branch information
longnguyenTM committed Feb 26, 2020
commit bf62d71f9d0a0692056364bccba97f95d3f92e94
147 changes: 63 additions & 84 deletions app/sign.js
Original file line number Diff line number Diff line change
@@ -98,6 +98,38 @@ const getHDNodeAndVerify = function(xprv, expectedXpub) {
return node;
};

/**
* Prints the recovery transaction information and prompt for the confirmation as well as the key, if needed to.
* @param recoveryRequest The recovery transansaction request object.
* @param key The provided private key of the wallet.
* @param outputs The outputs of the transaction.
* @param skipConfirm The boolean value that indicates to whether or not to prompt the user to confirm the transaction.
* @returns The private key of the wallet.
*/
const promptForConfirmatioAndKey = function(recoveryRequest, key, outputs, skipConfirm) {
const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';
confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the xprv of the wallet for signing: ');
key = prompt();
}

return key;
}

/**
* Gets the backup private key that can be used to sign the transaction.
* @param key The provided private key.
* @param expectedXpub The public key specified with the request.
* @returns The private key to sign the transaction.
*/
const getBackupSigningKey = function(key, expectedXpub) {
const backupKeyNode = getHDNodeAndVerify(key, expectedXpub);

return backupKeyNode.keyPair.getPrivateKeyBuffer;
}

const handleSignUtxo = function(recoveryRequest, key, skipConfirm) {
const network = utxoNetworks[recoveryRequest.coin];
const decimals = coinDecimals[recoveryRequest.coin];
@@ -113,13 +145,8 @@ const handleSignUtxo = function(recoveryRequest, key, skipConfirm) {
address: utxoLib.address.fromOutputScript(out.script, network),
amount: ( new BN(out.value) ).div( TEN.pow(decimals) ).toString()
}));
const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';
confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the xprv of the wallet for signing: ');
key = prompt();
}

key = promptForConfirmatioAndKey(recoveryRequest, key, outputs, skipConfirm);

const backupKeyNode = getHDNodeAndVerify(key, recoveryRequest.backupKey);

@@ -179,31 +206,39 @@ const handleHalfSignEth = function(recoveryRequest, key, skipConfirm, basecoin)
}

const handleSignEthereum = function(recoveryRequest, key, skipConfirm) {
return signEthTx(recoveryRequest, key, skipConfirm, false);
};

/**
* Signs an Ethereum transaction.
* @param recoveryRequest The recovery request object.
* @param key The provided private key of the wallet.
* @param kipConfirm The boolean value that indicates to whether or not to prompt the user to confirm the transaction.
* @param isCoinToken The boolean value that indicates if the transaction is for erc20 or ETH.
* @returns The 'hex' value of the signed transaction.
*/
const signEthTx = function(recoveryRequest, key, skipConfirm, isCoinToken) {
const EthTx = require('ethereumjs-tx');

const txHex = getTransactionHexFromRequest(recoveryRequest);
const transaction = new EthTx(txHex);
const decimals = coinDecimals[recoveryRequest.coin];

const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';
const txData = transaction.data;

const outputs = [{
address: '0x' + txData.slice(16, 36).toString('hex'),
amount: (new BN(txData.slice(36, 68).toString('hex'), 16)).div(TEN.pow(decimals))
amount: new BN(txData.slice(36, 68).toString('hex'), 16)
}];

confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the xprv of the wallet for signing: ');
key = prompt();
// if request is for ETH, need to correct the amount decimals.
if (!isCoinToken) {
const decimals = coinDecimals[recoveryRequest.coin];
outputs[0].amount = outputs[0].amount.div(TEN.pow(decimals));
}

const backupKeyNode = getHDNodeAndVerify(key, recoveryRequest.backupKey);

const backupSigningKey = backupKeyNode.keyPair.getPrivateKeyBuffer();
key = promptForConfirmatioAndKey(recoveryRequest, key, outputs, skipConfirm);

transaction.sign(backupSigningKey);
transaction.sign(getBackupSigningKey(key, recoveryRequest.backupKey));

return transaction.serialize().toString('hex');
};
@@ -215,24 +250,16 @@ const handleSignTrx = function(recoveryRequest, key, skipConfirm) {
const builder = new accountLib.TransactionBuilder({ coinName: coin });
builder.from(txHex);

const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';

const outputs = builder.build().destinations.map(d => {
return {
address: d.address,
amount: d.value.toString(10)
};
});

confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the xprv of the wallet for signing: ');
key = prompt();
}
key = promptForConfirmatioAndKey(recoveryRequest, key, outputs, skipConfirm);

const backupKeyNode = getHDNodeAndVerify(key, recoveryRequest.backupKey);
builder.sign({ key: backupKeyNode.keyPair.getPrivateKeyBuffer() });
builder.sign({ key: getBackupSigningKey(key, recoveryRequest.backupKey) });
return JSON.stringify(builder.build().toJson());
};

@@ -252,25 +279,16 @@ const handleSignEos = function(recoveryRequest, key, skipConfirm) {

const { recipient, amount } = utils.deserializeEOSTransaction(EosJs, packed_trx);

const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';

const outputs = [{
address: recipient,
amount: new BN(amount)
}];

confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the xprv of the wallet for signing: ');
key = prompt();
}

const backupKeyNode = getHDNodeAndVerify(key, recoveryRequest.backupKey);
key = promptForConfirmatioAndKey(recoveryRequest, key, outputs, skipConfirm);

const dataToSign = utils.getEOSSignatureData(packed_trx, chainId);
const signBuffer = Buffer.from(dataToSign, 'hex');
const privateKeyBuffer = backupKeyNode.keyPair.getPrivateKeyBuffer();
const privateKeyBuffer = getBackupSigningKey(key, recoveryRequest.backupKey);
const signature = ecc.Signature.sign(signBuffer, privateKeyBuffer).toString();

eosTx.signatures.push(signature);
@@ -289,19 +307,13 @@ const handleSignXrp = function(recoveryRequest, key, skipConfirm) {

const decimals = coinDecimals[recoveryRequest.coin];
const transaction = rippleParse.decode(txHex);
const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';

const outputs = [{
address: transaction.Destination,
amount: (new BN(transaction.Amount)).div(TEN.pow(decimals))
}];

confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the xprv of the wallet for signing: ');
key = prompt();
}
key = promptForConfirmatioAndKey(recoveryRequest, key, outputs, skipConfirm);

const backupKeyNode = getHDNodeAndVerify(key, recoveryRequest.backupKey);

@@ -321,11 +333,8 @@ const handleSignXlm = function(recoveryRequest, key, skipConfirm) {
stellar.Network.useTestNetwork();
}

const decimals = coinDecimals[recoveryRequest.coin];

const txHex = getTransactionHexFromRequest(recoveryRequest);
const transaction = new stellar.Transaction(txHex);
const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';

if (transaction.operations.length !== 1) {
throw new Error('Recovery transaction is trying to perform multiple operations - aborting');
@@ -340,12 +349,7 @@ const handleSignXlm = function(recoveryRequest, key, skipConfirm) {
amount: transaction.operations[0].amount || transaction.operations[0].startingBalance
}];

confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the private key of the wallet for signing: ');
key = prompt();
}
key = promptForConfirmatioAndKey(recoveryRequest, key, outputs, skipConfirm);

let backupKeypair;

@@ -359,38 +363,13 @@ const handleSignXlm = function(recoveryRequest, key, skipConfirm) {
throw new Error('provided private key does not match public key specified with recovery request');
}

transaction.sign(stellar.Keypair.fromSecret(key));
transaction.sign(backupKeypair);

return transaction.toEnvelope().toXDR('base64');
};

const handleSignErc20 = function(recoveryRequest, key, skipConfirm) {
const EthTx = require('ethereumjs-tx');

const txHex = getTransactionHexFromRequest(recoveryRequest);
const transaction = new EthTx(txHex);

const customMessage = recoveryRequest.custom ? recoveryRequest.custom.message : 'None';
const txData = transaction.data;
const outputs = [{
address: '0x' + txData.slice(16, 36).toString('hex'),
amount: new BN(txData.slice(36, 68).toString('hex'), 16)
}];

confirmRecovery(recoveryRequest.backupKey, outputs, customMessage, skipConfirm);

if (!key) {
console.log('Please enter the xprv of the wallet for signing: ');
key = prompt();
}

const backupKeyNode = getHDNodeAndVerify(key, recoveryRequest.backupKey);

const backupSigningKey = backupKeyNode.keyPair.getPrivateKeyBuffer();

transaction.sign(backupSigningKey);

return transaction.serialize().toString('hex');
return signEthTx(recoveryRequest, key, skipConfirm, true);
};

/* *
@@ -478,7 +457,7 @@ const handleSign = function(args) {
if (coin.family === 'eth' && !coin.isToken) {
txHex = handleSignEthereum(recoveryRequest, key, args.confirm);
} else {
txHex = handleSignErc20(recoveryRequest, key, args.confirm, basecoin);
txHex = handleSignErc20(recoveryRequest, key, args.confirm);
}
}
break;