Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove toncoin #49

Merged
merged 1 commit into from
May 14, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
92 changes: 0 additions & 92 deletions c/auth.c
Original file line number Diff line number Diff line change
Expand Up @@ -51,16 +51,6 @@
#define SOLANA_BLOCKHASH_SIZE 32
#define SOLANA_MESSAGE_HEADER_SIZE 3

#define TONCOIN_PUBKEY_SIZE 32
#define TONCOIN_SIGNATURE_SIZE 64
#define TONCOIN_WRAPPED_SIGNATURE_SIZE 512
#define TONCOIN_UNWRAPPED_SIGNATURE_SIZE 510
#define TONCOIN_BLOCKHASH_SIZE 32
#define TONCOIN_MESSAGE_PREFIX_SIZE 18
#define TONCOIN_MAX_PREIMAGE_SIZE 512
#define TONCOIN_MESSAGE_PREFIX2_SIZE 11
#define TONCOIN_PREIMAGE2_SIZE (2 + TONCOIN_MESSAGE_PREFIX2_SIZE + 32)

#define MESSAGE_HEX_LEN 64
#define ED25519_SIGNATURE_SIZE 64
#define ED25519_PUBKEY_SIZE 32
Expand Down Expand Up @@ -622,85 +612,6 @@ int validate_signature_solana(uint8_t *prefilled_data, uint8_t algorithm_id,
return 0;
}

// Ton uses ed25519 to sign messages. The message to be signed is
// message = utf8_encode("ton-proof-item-v2/") ++
// Address ++
// AppDomain ++
// Timestamp ++
// Payload
// signature = Ed25519Sign(privkey, sha256(0xffff ++ utf8_encode("ton-connect")
// ++ sha256(message))) where Prefix = 18 bytes "ton-proof-item-v2/" without
// trailing null Address = Big endian work chain (uint32) + address (32 bytes)
// AppDomain = Little endian domain length (uint32) + domain (string without
// trailling null) Timestamp = Epoch seconds Little endian uint64 Payload =
// Arbitrary bytes, we use block hash here See ton official document on
// ton-proof https://docs.ton.org/develop/dapps/ton-connect/sign
int get_toncoin_message(const uint8_t *signed_msg, size_t signed_msg_len,
const uint8_t *blockhash, uint8_t output[32]) {
int err = 0;
uint8_t preimage1[TONCOIN_MAX_PREIMAGE_SIZE];
uint8_t preimage2[TONCOIN_PREIMAGE2_SIZE];

int preimage1_size =
signed_msg_len + TONCOIN_MESSAGE_PREFIX_SIZE + TONCOIN_BLOCKHASH_SIZE;
CHECK2(preimage1_size <= TONCOIN_MAX_PREIMAGE_SIZE, ERROR_INVALID_ARG);

const mbedtls_md_info_t *md_info =
mbedtls_md_info_from_type(MBEDTLS_MD_SHA256);

memcpy(preimage1, "ton-proof-item-v2/", TONCOIN_MESSAGE_PREFIX_SIZE);
memcpy(preimage1 + TONCOIN_MESSAGE_PREFIX_SIZE, signed_msg, signed_msg_len);
memcpy(preimage1 + TONCOIN_MESSAGE_PREFIX_SIZE + signed_msg_len, blockhash,
TONCOIN_BLOCKHASH_SIZE);
preimage2[0] = 0xff;
preimage2[1] = 0xff;
memcpy(preimage2 + 2, "ton-connect", TONCOIN_MESSAGE_PREFIX2_SIZE);

CHECK(md_string(md_info, preimage1, preimage1_size,
preimage2 + 2 + TONCOIN_MESSAGE_PREFIX2_SIZE));
CHECK(md_string(md_info, preimage2, TONCOIN_PREIMAGE2_SIZE, output));
exit:
return err;
}

int validate_signature_toncoin(uint8_t *prefilled_data, uint8_t algorithm_id,
const uint8_t *sig, size_t sig_len,
const uint8_t *msg, size_t msg_len,
uint8_t *out_pubkey_hash,
size_t pubkey_hash_len) {
int err = 0;

CHECK2(sig_len == TONCOIN_WRAPPED_SIGNATURE_SIZE, ERROR_INVALID_ARG);
CHECK2(msg_len == TONCOIN_BLOCKHASH_SIZE, ERROR_INVALID_ARG);
sig_len = (size_t)sig[0] | ((size_t)sig[1] << 8);
CHECK2(sig_len <= TONCOIN_UNWRAPPED_SIGNATURE_SIZE, ERROR_INVALID_ARG);
const uint8_t *signature_ptr = sig + 2;
const uint8_t *pub_key_ptr = signature_ptr + TONCOIN_SIGNATURE_SIZE;
const uint8_t *signed_msg_ptr =
signature_ptr + TONCOIN_SIGNATURE_SIZE + TONCOIN_PUBKEY_SIZE;
size_t signed_msg_len =
sig_len - TONCOIN_SIGNATURE_SIZE - TONCOIN_PUBKEY_SIZE;

uint8_t message[32];
CHECK(get_toncoin_message(signed_msg_ptr, signed_msg_len, msg, message));

int suc =
ed25519_verify(signature_ptr, message, sizeof(message), pub_key_ptr);
CHECK2(suc == 1, ERROR_WRONG_STATE);

blake2b_state ctx;
uint8_t pubkey_hash[BLAKE2B_BLOCK_SIZE] = {0};
blake2b_init(&ctx, BLAKE2B_BLOCK_SIZE);
blake2b_update(&ctx, pub_key_ptr, TONCOIN_PUBKEY_SIZE);
blake2b_final(&ctx, pubkey_hash, sizeof(pubkey_hash));

uint8_t test_pubkey_hash[AUTH160_SIZE] = {0};
// memcpy(output, pubkey_hash, AUTH160_SIZE);
memcpy(out_pubkey_hash, test_pubkey_hash, AUTH160_SIZE);
exit:
return err;
}

int convert_copy(const uint8_t *msg, size_t msg_len, uint8_t *new_msg,
size_t new_msg_len) {
if (msg_len != new_msg_len || msg_len != BLAKE2B_BLOCK_SIZE)
Expand Down Expand Up @@ -1092,9 +1003,6 @@ __attribute__((visibility("default"))) int ckb_auth_validate(
err = verify(&validator, validate_signature_ripple,
convert_ripple_message);
CHECK(err);
} else if (algorithm_id == AuthAlgorithmIdToncoin) {
err = verify(&validator, validate_signature_toncoin, convert_copy);
CHECK(err);
} else if (algorithm_id == AuthAlgorithmIdOwnerLock) {
CHECK2(is_lock_script_hash_present(pubkey_hash), ERROR_MISMATCHED);
err = 0;
Expand Down
2 changes: 1 addition & 1 deletion c/ckb_auth.h
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ enum AuthAlgorithmIdType {
AuthAlgorithmIdSolana = 13,
AuthAlgorithmIdRipple = 14,
AuthAlgorithmIdSecp256R1 = 15,
AuthAlgorithmIdToncoin = 16,
// AuthAlgorithmIdToncoin = 16,
AuthAlgorithmIdSecp256R1Raw = 17,
AuthAlgorithmIdOwnerLock = 0xFC,
};
Expand Down
2 changes: 1 addition & 1 deletion ckb-auth-rs/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ pub enum AuthAlgorithmIdType {
Solana = 13,
Ripple = 14,
Secp256r1 = 15,
Toncoin = 16,
// Toncoin = 16,
Secp256r1Raw = 17,
OwnerLock = 0xFC,
}
Expand Down
9 changes: 0 additions & 9 deletions docs/auth.md
Original file line number Diff line number Diff line change
Expand Up @@ -146,15 +146,6 @@ Key parameters:
- pubkey: 32 compressed pubkey.
- pubkey hash: sha256 and ripemd160 of pubkey, refer to [ckb-auth-cli ripple parse](../tools/ckb-auth-cli/src/ripple.rs).

#### Toncoin (algorithm_id=16)
The witness of a valid toncoin transaction should be a sequence of the following data.
The whole length of the witness must be exactly 512. If there are any space left, pad it with zero.

- size of the following data combined (little-endian `uint16_t`)
- signature
- public key
- the message without prefix and payload

### Low Level APIs

We define some low level APIs to auth libraries, which can be also used for other purposes.
Expand Down
99 changes: 0 additions & 99 deletions docs/toncoin.md

This file was deleted.

1 change: 0 additions & 1 deletion tests/auth-c-tests/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -867,7 +867,6 @@ pub fn auth_builder(t: AuthAlgorithmIdType, official: bool) -> result::Result<Bo
AuthAlgorithmIdType::Secp256r1 => {
return Ok(Secp256r1Auth::new());
}
AuthAlgorithmIdType::Toncoin => todo!("Toncoin tests currectly unimplemented"),
AuthAlgorithmIdType::Secp256r1Raw => {
return Ok(Secp256r1RawAuth::new());
}
Expand Down
Loading