feat: verify wallet config

2022-06-17 09:39:00 +04:00 · 2022-06-17 09:39:00 +04:00 · 3194b586f6
parent 858cd356d6
commit 3194b586f6
1 changed files with 58 additions and 1 deletions
--- a/src/connector/TonhubLocalConnector.ts
+++ b/src/connector/TonhubLocalConnector.ts
@ -1,5 +1,6 @@
 import * as t from 'io-ts';
-import { Cell, CommentMessage } from 'ton';
+import { Address, beginCell, Cell, CommentMessage, safeSignVerify } from 'ton';
+import { extractPublicKeyAndAddress } from '../contracts/extractPublicKeyAndAddress';

 const configCodec = t.type({
    version: t.literal(1),
@ -66,6 +67,62 @@ export type TonhubLocalSignResponse = {

 export class TonhubLocalConnector {

+    static verifyWalletConfig(config: {
+        address: string,
+        walletConfig: string,
+        walletType: string,
+        time: number,
+        signature: string,
+        subkey: {
+            domain: string,
+            publicKey: string,
+            time: number,
+            signature: string
+        }
+    }) {
+
+        // Check address
+        const address = Address.parseFriendly(config.address).address;
+
+        // Extract public key and address
+        let extracted = extractPublicKeyAndAddress(config);
+        if (!extracted) {
+            return false;
+        }
+
+        // Check address
+        if (!extracted.address.equals(address)) {
+            return false;
+        }
+
+        // Verify subkey
+        const toSignSub = beginCell()
+            .storeCoins(1)
+            .storeBuffer(Buffer.from(config.subkey.publicKey, 'base64'))
+            .storeUint(config.subkey.time, 32)
+            .storeAddress(extracted.address)
+            .storeRefMaybe(beginCell()
+                .storeBuffer(Buffer.from(config.subkey.domain))
+                .endCell())
+            .endCell();
+        if (!safeSignVerify(toSignSub, Buffer.from(config.subkey.signature, 'base64'), extracted.publicKey)) {
+            return false;
+        }
+
+        // Verify wallet
+        const toSign = beginCell()
+            .storeCoins(1)
+            .storeAddress(extracted.address)
+            .storeUint(config.time, 32)
+            .storeRefMaybe(beginCell()
+                .storeBuffer(Buffer.from(config.subkey.domain))
+                .endCell())
+            .endCell();
+
+        // Check signature
+        return safeSignVerify(toSign, Buffer.from(config.signature, 'base64'), Buffer.from(config.subkey.publicKey, 'base64'));
+    }
+
    static isAvailable() {
        if (typeof window === 'undefined') {
            return false;