Skip to content

Commit

Permalink
Remove ton (#49)
Browse files Browse the repository at this point in the history
  • Loading branch information
joii2020 authored May 14, 2024
1 parent 0298159 commit a2f85a3
Show file tree
Hide file tree
Showing 6 changed files with 2 additions and 203 deletions.
92 changes: 0 additions & 92 deletions c/auth.c
Original file line number Diff line number Diff line change
Expand Up @@ -51,16 +51,6 @@
#define SOLANA_BLOCKHASH_SIZE 32
#define SOLANA_MESSAGE_HEADER_SIZE 3

#define TONCOIN_PUBKEY_SIZE 32
#define TONCOIN_SIGNATURE_SIZE 64
#define TONCOIN_WRAPPED_SIGNATURE_SIZE 512
#define TONCOIN_UNWRAPPED_SIGNATURE_SIZE 510
#define TONCOIN_BLOCKHASH_SIZE 32
#define TONCOIN_MESSAGE_PREFIX_SIZE 18
#define TONCOIN_MAX_PREIMAGE_SIZE 512
#define TONCOIN_MESSAGE_PREFIX2_SIZE 11
#define TONCOIN_PREIMAGE2_SIZE (2 + TONCOIN_MESSAGE_PREFIX2_SIZE + 32)

#define MESSAGE_HEX_LEN 64
#define ED25519_SIGNATURE_SIZE 64
#define ED25519_PUBKEY_SIZE 32
Expand Down Expand Up @@ -622,85 +612,6 @@ int validate_signature_solana(uint8_t *prefilled_data, uint8_t algorithm_id,
return 0;
}

// Ton uses ed25519 to sign messages. The message to be signed is
// message = utf8_encode("ton-proof-item-v2/") ++
// Address ++
// AppDomain ++
// Timestamp ++
// Payload
// signature = Ed25519Sign(privkey, sha256(0xffff ++ utf8_encode("ton-connect")
// ++ sha256(message))) where Prefix = 18 bytes "ton-proof-item-v2/" without
// trailing null Address = Big endian work chain (uint32) + address (32 bytes)
// AppDomain = Little endian domain length (uint32) + domain (string without
// trailling null) Timestamp = Epoch seconds Little endian uint64 Payload =
// Arbitrary bytes, we use block hash here See ton official document on
// ton-proof https://docs.ton.org/develop/dapps/ton-connect/sign
int get_toncoin_message(const uint8_t *signed_msg, size_t signed_msg_len,
const uint8_t *blockhash, uint8_t output[32]) {
int err = 0;
uint8_t preimage1[TONCOIN_MAX_PREIMAGE_SIZE];
uint8_t preimage2[TONCOIN_PREIMAGE2_SIZE];

int preimage1_size =
signed_msg_len + TONCOIN_MESSAGE_PREFIX_SIZE + TONCOIN_BLOCKHASH_SIZE;
CHECK2(preimage1_size <= TONCOIN_MAX_PREIMAGE_SIZE, ERROR_INVALID_ARG);

const mbedtls_md_info_t *md_info =
mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);

memcpy(preimage1, "ton-proof-item-v2/", TONCOIN_MESSAGE_PREFIX_SIZE);
memcpy(preimage1 + TONCOIN_MESSAGE_PREFIX_SIZE, signed_msg, signed_msg_len);
memcpy(preimage1 + TONCOIN_MESSAGE_PREFIX_SIZE + signed_msg_len, blockhash,
TONCOIN_BLOCKHASH_SIZE);
preimage2[0] = 0xff;
preimage2[1] = 0xff;
memcpy(preimage2 + 2, "ton-connect", TONCOIN_MESSAGE_PREFIX2_SIZE);

CHECK(md_string(md_info, preimage1, preimage1_size,
preimage2 + 2 + TONCOIN_MESSAGE_PREFIX2_SIZE));
CHECK(md_string(md_info, preimage2, TONCOIN_PREIMAGE2_SIZE, output));
exit:
return err;
}

int validate_signature_toncoin(uint8_t *prefilled_data, uint8_t algorithm_id,
const uint8_t *sig, size_t sig_len,
const uint8_t *msg, size_t msg_len,
uint8_t *out_pubkey_hash,
size_t pubkey_hash_len) {
int err = 0;

CHECK2(sig_len == TONCOIN_WRAPPED_SIGNATURE_SIZE, ERROR_INVALID_ARG);
CHECK2(msg_len == TONCOIN_BLOCKHASH_SIZE, ERROR_INVALID_ARG);
sig_len = (size_t)sig[0] | ((size_t)sig[1] << 8);
CHECK2(sig_len <= TONCOIN_UNWRAPPED_SIGNATURE_SIZE, ERROR_INVALID_ARG);
const uint8_t *signature_ptr = sig + 2;
const uint8_t *pub_key_ptr = signature_ptr + TONCOIN_SIGNATURE_SIZE;
const uint8_t *signed_msg_ptr =
signature_ptr + TONCOIN_SIGNATURE_SIZE + TONCOIN_PUBKEY_SIZE;
size_t signed_msg_len =
sig_len - TONCOIN_SIGNATURE_SIZE - TONCOIN_PUBKEY_SIZE;

uint8_t message[32];
CHECK(get_toncoin_message(signed_msg_ptr, signed_msg_len, msg, message));

int suc =
ed25519_verify(signature_ptr, message, sizeof(message), pub_key_ptr);
CHECK2(suc == 1, ERROR_WRONG_STATE);

blake2b_state ctx;
uint8_t pubkey_hash[BLAKE2B_BLOCK_SIZE] = {0};
blake2b_init(&ctx, BLAKE2B_BLOCK_SIZE);
blake2b_update(&ctx, pub_key_ptr, TONCOIN_PUBKEY_SIZE);
blake2b_final(&ctx, pubkey_hash, sizeof(pubkey_hash));

uint8_t test_pubkey_hash[AUTH160_SIZE] = {0};
// memcpy(output, pubkey_hash, AUTH160_SIZE);
memcpy(out_pubkey_hash, test_pubkey_hash, AUTH160_SIZE);
exit:
return err;
}

int convert_copy(const uint8_t *msg, size_t msg_len, uint8_t *new_msg,
size_t new_msg_len) {
if (msg_len != new_msg_len || msg_len != BLAKE2B_BLOCK_SIZE)
Expand Down Expand Up @@ -1092,9 +1003,6 @@ __attribute__((visibility("default"))) int ckb_auth_validate(
err = verify(&validator, validate_signature_ripple,
convert_ripple_message);
CHECK(err);
} else if (algorithm_id == AuthAlgorithmIdToncoin) {
err = verify(&validator, validate_signature_toncoin, convert_copy);
CHECK(err);
} else if (algorithm_id == AuthAlgorithmIdOwnerLock) {
CHECK2(is_lock_script_hash_present(pubkey_hash), ERROR_MISMATCHED);
err = 0;
Expand Down
2 changes: 1 addition & 1 deletion c/ckb_auth.h
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ enum AuthAlgorithmIdType {
AuthAlgorithmIdSolana = 13,
AuthAlgorithmIdRipple = 14,
AuthAlgorithmIdSecp256R1 = 15,
AuthAlgorithmIdToncoin = 16,
// AuthAlgorithmIdToncoin = 16,
AuthAlgorithmIdSecp256R1Raw = 17,
AuthAlgorithmIdOwnerLock = 0xFC,
};
Expand Down
2 changes: 1 addition & 1 deletion ckb-auth-rs/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ pub enum AuthAlgorithmIdType {
Solana = 13,
Ripple = 14,
Secp256r1 = 15,
Toncoin = 16,
// Toncoin = 16,
Secp256r1Raw = 17,
OwnerLock = 0xFC,
}
Expand Down
9 changes: 0 additions & 9 deletions docs/auth.md
Original file line number Diff line number Diff line change
Expand Up @@ -146,15 +146,6 @@ Key parameters:
- pubkey: 32 compressed pubkey.
- pubkey hash: sha256 and ripemd160 of pubkey, refer to [ckb-auth-cli ripple parse](../tools/ckb-auth-cli/src/ripple.rs).

#### Toncoin (algorithm_id=16)
The witness of a valid toncoin transaction should be a sequence of the following data.
The whole length of the witness must be exactly 512. If there are any space left, pad it with zero.

- size of the following data combined (little-endian `uint16_t`)
- signature
- public key
- the message without prefix and payload

### Low Level APIs

We define some low level APIs to auth libraries, which can be also used for other purposes.
Expand Down
99 changes: 0 additions & 99 deletions docs/toncoin.md

This file was deleted.

1 change: 0 additions & 1 deletion tests/auth-c-tests/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -867,7 +867,6 @@ pub fn auth_builder(t: AuthAlgorithmIdType, official: bool) -> result::Result<Bo
AuthAlgorithmIdType::Secp256r1 => {
return Ok(Secp256r1Auth::new());
}
AuthAlgorithmIdType::Toncoin => todo!("Toncoin tests currectly unimplemented"),
AuthAlgorithmIdType::Secp256r1Raw => {
return Ok(Secp256r1RawAuth::new());
}
Expand Down

0 comments on commit a2f85a3

Please sign in to comment.