4nk/sdk_client
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
sdk_client/src/api.rs

1475 lines
48 KiB
Rust
Raw Blame History

use std::any::Any;
use std::borrow::Borrow;
use std::collections::{HashMap, HashSet};
use std::io::Write;
use std::ops::Index;
use std::str::FromStr;
use std::string::FromUtf8Error;
use std::sync::{Mutex, MutexGuard, OnceLock, PoisonError};
use std::time::{Duration, Instant};
use std::u32;
use rand::{thread_rng, Fill, Rng, RngCore};
use sdk_common::aes_gcm::aead::generic_array::GenericArray;
use sdk_common::aes_gcm::aes::cipher::ArrayLength;
use sdk_common::aes_gcm::Nonce;
use sdk_common::log::{debug, warn, info};
use anyhow::Context;
use anyhow::Error as AnyhowError;
use anyhow::Result as AnyhowResult;
use sdk_common::aes_gcm::aead::{Aead, Payload};
use sdk_common::crypto::{
encrypt_with_key, AeadCore, Aes256Gcm, AnkSharedSecretHash, KeyInit, AAD,
};
use sdk_common::process::{lock_processes, Process, ProcessState};
use sdk_common::signature::{AnkHash, AnkValidationNoHash, AnkValidationYesHash, Proof};
use sdk_common::sp_client::bitcoin::blockdata::fee_rate;
use sdk_common::sp_client::bitcoin::consensus::{deserialize, serialize};
use sdk_common::sp_client::bitcoin::hashes::{sha256, sha256t, Hash};
use sdk_common::sp_client::bitcoin::hashes::{FromSliceError, HashEngine};
use sdk_common::sp_client::bitcoin::hex::{
self, parse, DisplayHex, FromHex, HexToArrayError, HexToBytesError,
};
use sdk_common::sp_client::bitcoin::key::{Parity, Secp256k1};
use sdk_common::sp_client::bitcoin::network::ParseNetworkError;
use sdk_common::sp_client::bitcoin::p2p::message::NetworkMessage;
use sdk_common::sp_client::bitcoin::psbt::raw;
use sdk_common::sp_client::bitcoin::secp256k1::ecdh::shared_secret_point;
use sdk_common::sp_client::bitcoin::secp256k1::{PublicKey, Scalar, SecretKey};
use sdk_common::sp_client::bitcoin::transaction::ParseOutPointError;
use sdk_common::sp_client::bitcoin::{
Amount, Network, OutPoint, Psbt, Transaction, Txid, XOnlyPublicKey,
};
use sdk_common::sp_client::constants::{
DUST_THRESHOLD, PSBT_SP_ADDRESS_KEY, PSBT_SP_PREFIX, PSBT_SP_SUBTYPE,
};
use sdk_common::sp_client::silentpayments::utils as sp_utils;
use sdk_common::sp_client::silentpayments::{
utils::{Network as SpNetwork, SilentPaymentAddress},
Error as SpError,
};
use sdk_common::{signature, MAX_PRD_PAYLOAD_SIZE};
use serde_json::{Error as SerdeJsonError, Map, Value};
use serde::{Deserialize, Serialize};
use tsify::{JsValueSerdeExt, Tsify};
use wasm_bindgen::convert::{FromWasmAbi, VectorFromWasmAbi};
use wasm_bindgen::prelude::*;
use sdk_common::device::Device;
use sdk_common::network::{
self, AnkFlag, CachedMessage, CachedMessageStatus, CommitMessage, Envelope, FaucetMessage,
NewTxMessage,
};
use sdk_common::pcd::{
compare_maps, AnkPcdHash, AnkPcdTag, Member, Pcd, RoleDefinition, ValidationRule,
};
use sdk_common::prd::{AnkPrdHash, Prd, PrdType};
use sdk_common::silentpayments::{create_transaction, map_outputs_to_sp_address};
use sdk_common::sp_client::spclient::{
derive_keys_from_seed, OutputList, OutputSpendStatus, OwnedOutput, Recipient, SpClient,
};
use sdk_common::sp_client::spclient::{SpWallet, SpendKey};
use crate::user::{lock_local_device, set_new_device, LOCAL_DEVICE};
use crate::wallet::{generate_sp_wallet, lock_freezed_utxos};
use crate::{lock_messages, CACHEDMESSAGES};
#[derive(Debug, PartialEq, Tsify, Serialize, Deserialize, Default)]
#[tsify(into_wasm_abi, from_wasm_abi)]
#[allow(non_camel_case_types)]
pub struct ApiReturn {
pub updated_cached_msg: Vec<CachedMessage>,
pub updated_process: Option<(String, Process)>,
pub new_tx_to_send: Option<NewTxMessage>,
pub ciphers_to_send: Vec<String>,
pub commit_to_send: Option<CommitMessage>,
}
pub type ApiResult<T: FromWasmAbi> = Result<T, ApiError>;
const IS_TESTNET: bool = true;
const DEFAULT_AMOUNT: Amount = Amount::from_sat(1000);
#[derive(Debug, PartialEq, Eq)]
pub struct ApiError {
pub message: String,
}
impl ApiError {
pub fn new(message: String) -> Self {
ApiError { message }
}
}
impl From<AnyhowError> for ApiError {
fn from(value: AnyhowError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<SpError> for ApiError {
fn from(value: SpError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<FromSliceError> for ApiError {
fn from(value: FromSliceError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<SerdeJsonError> for ApiError {
fn from(value: SerdeJsonError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<HexToBytesError> for ApiError {
fn from(value: HexToBytesError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<HexToArrayError> for ApiError {
fn from(value: HexToArrayError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<sdk_common::sp_client::bitcoin::psbt::PsbtParseError> for ApiError {
fn from(value: sdk_common::sp_client::bitcoin::psbt::PsbtParseError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<sdk_common::sp_client::bitcoin::psbt::ExtractTxError> for ApiError {
fn from(value: sdk_common::sp_client::bitcoin::psbt::ExtractTxError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<sdk_common::sp_client::bitcoin::secp256k1::Error> for ApiError {
fn from(value: sdk_common::sp_client::bitcoin::secp256k1::Error) -> Self {
ApiError::new(value.to_string())
}
}
impl From<sdk_common::sp_client::bitcoin::consensus::encode::Error> for ApiError {
fn from(value: sdk_common::sp_client::bitcoin::consensus::encode::Error) -> Self {
ApiError::new(value.to_string())
}
}
impl From<FromUtf8Error> for ApiError {
fn from(value: FromUtf8Error) -> Self {
ApiError::new(value.to_string())
}
}
impl From<ParseNetworkError> for ApiError {
fn from(value: ParseNetworkError) -> Self {
ApiError::new(value.to_string())
}
}
impl From<ParseOutPointError> for ApiError {
fn from(value: ParseOutPointError) -> Self {
ApiError::new(value.to_string())
}
}
impl Into<JsValue> for ApiError {
fn into(self) -> JsValue {
JsValue::from_str(&self.message)
}
}
#[wasm_bindgen]
pub fn setup() {
wasm_logger::init(wasm_logger::Config::default());
}
#[wasm_bindgen]
pub fn get_address() -> ApiResult<String> {
let local_device = lock_local_device()?;
Ok(local_device
.get_wallet()
.get_client()
.get_receiving_address())
}
#[wasm_bindgen]
pub fn restore_device(device_str: String) -> ApiResult<()> {
let device: Device = serde_json::from_str(&device_str)?;
let mut local_device = lock_local_device()?;
*local_device = device;
Ok(())
}
#[wasm_bindgen]
pub fn create_device_from_sp_wallet(sp_wallet: String) -> ApiResult<String> {
let sp_wallet: SpWallet = serde_json::from_str(&sp_wallet)?;
let our_address = set_new_device(sp_wallet)?;
Ok(our_address)
}
#[wasm_bindgen]
pub fn create_new_device(birthday: u32, network_str: String) -> ApiResult<String> {
let sp_wallet = generate_sp_wallet(None, Network::from_core_arg(&network_str)?)?;
let our_address = set_new_device(sp_wallet)?;
Ok(our_address)
}
#[wasm_bindgen]
pub fn pair_device(commitment_tx: String, mut sp_addresses: Vec<String>) -> ApiResult<()> {
let mut local_device = lock_local_device()?;
if local_device.is_linked() {
return Err(ApiError::new("Already paired".to_owned()));
}
sp_addresses.push(
local_device
.get_wallet()
.get_client()
.get_receiving_address(),
);
local_device.pair(
OutPoint::from_str(&commitment_tx)?.txid,
Member::new(
sp_addresses
.into_iter()
.map(|a| TryInto::<SilentPaymentAddress>::try_into(a).unwrap())
.collect(),
)?,
);
Ok(())
}
#[wasm_bindgen]
pub fn unpair_device() -> ApiResult<()> {
let mut local_device = lock_local_device()?;
local_device.unpair();
Ok(())
}
#[derive(Debug, Tsify, Serialize, Deserialize)]
#[tsify(from_wasm_abi, into_wasm_abi)]
#[allow(non_camel_case_types)]
pub struct outputs_list(OutputList);
impl outputs_list {
fn as_inner(&self) -> &OutputList {
&self.0
}
}
#[wasm_bindgen]
pub fn login(previous_login_tx: String, fee_rate: u32) -> ApiResult<ApiReturn> {
// We first create a transaction that spends both pairing tx outputs
let previous_tx: Txid = deserialize(&Vec::from_hex(&previous_login_tx)?)?;
let device = lock_local_device()?;
if !device.is_linked() {
return Err(ApiError::new("Device is not linked".to_owned()));
}
let member = device.to_member().unwrap();
let nb_outputs = member.get_addresses().len();
let other_addresses = device.get_other_addresses();
// We get the pairing process out of cache
let commitment_txid = device.get_process_commitment().unwrap();
let commitment_outpoint = OutPoint::new(commitment_txid, 0);
let process = lock_processes()?.get(&commitment_outpoint).unwrap().clone();
let state = process.get_latest_state().unwrap().clone();
let mut shared_secrets = Vec::new();
for address in other_addresses {
let shared_secret =
process.get_shared_secret_for_address(&SilentPaymentAddress::try_from(address)?);
if let Some(shared_secret) = shared_secret {
shared_secrets.push(shared_secret);
}
}
let mut decrypted_pcd = Map::new();
state
.encrypted_pcd
.decrypt_fields(&state.keys, &mut decrypted_pcd)?;
let pairing_tx = decrypted_pcd.get("pairing_tx").unwrap().as_str().unwrap();
let wallet = device.get_wallet();
let freezed_utxos = lock_freezed_utxos()?;
let recipients: Vec<Recipient> = device
.to_member()
.unwrap()
.get_addresses()
.iter()
.map(|a| Recipient {
address: a.clone(),
amount: DEFAULT_AMOUNT,
nb_outputs: 1,
})
.collect();
let mut mandatory_inputs = Vec::new();
for i in 0u32..nb_outputs.try_into().unwrap() {
mandatory_inputs.push(OutPoint::new(previous_tx, i));
}
let signed_psbt = create_transaction(
mandatory_inputs,
&freezed_utxos,
wallet,
recipients,
None,
Amount::from_sat(fee_rate.into()),
None,
)?;
// We send it in a TxProposal prd
let tx_proposal = Prd::new_tx_proposal(commitment_outpoint, member, signed_psbt);
debug!("tx_proposal: {:?}", tx_proposal);
// We encrypt the prd with the shared_secret for pairing process
let prd_msg = tx_proposal.to_network_msg(wallet)?;
debug!("prd_msg: {:?}", prd_msg);
let mut ciphers = Vec::new();
for shared_secret in shared_secrets {
let cipher = encrypt_with_key(shared_secret.as_byte_array(), prd_msg.as_bytes())?;
ciphers.push(cipher.to_lower_hex_string());
}
// We return the cipher
Ok(ApiReturn {
ciphers_to_send: ciphers,
..Default::default()
})
}
#[wasm_bindgen]
pub fn logout() -> ApiResult<()> {
unimplemented!();
}
#[wasm_bindgen]
pub fn dump_wallet() -> ApiResult<String> {
let device = lock_local_device()?;
Ok(serde_json::to_string(device.get_wallet()).unwrap())
}
#[wasm_bindgen]
pub fn reset_process_cache() -> ApiResult<()> {
let mut cached_processes = lock_processes()?;
*cached_processes = HashMap::new();
debug_assert!(cached_processes.is_empty());
Ok(())
}
#[wasm_bindgen]
pub fn dump_process_cache() -> ApiResult<String> {
let cached_processes = lock_processes()?;
let serializable_cache = cached_processes
.iter()
.map(|(outpoint, process)| {
(
outpoint.to_string(),
serde_json::to_value(&process).unwrap(),
)
})
.collect::<serde_json::Map<String, Value>>();
let json_string = serde_json::to_string(&serializable_cache)
.map_err(|e| ApiError::new(format!("Failed to serialize process cache: {}", e)))?;
Ok(json_string)
}
#[wasm_bindgen]
pub fn set_process_cache(processes: String) -> ApiResult<()> {
let processes: Map<String, Value> = serde_json::from_str(&processes)?;
let parsed_processes: anyhow::Result<HashMap<OutPoint, Process>> = processes.into_iter()
.map(|(key, value)| {
Ok((OutPoint::from_str(&key)?, serde_json::from_value(value)?))
})
.collect();
let mut cached_processes = lock_processes()?;
*cached_processes = parsed_processes?;
Ok(())
}
#[wasm_bindgen]
pub fn reset_message_cache() -> ApiResult<()> {
let mut cached_msg = lock_messages()?;
*cached_msg = vec![];
debug_assert!(cached_msg.is_empty());
Ok(())
}
#[wasm_bindgen]
pub fn set_message_cache(msg_cache: Vec<String>) -> ApiResult<()> {
let mut cached_msg = lock_messages()?;
if !cached_msg.is_empty() {
return Err(ApiError::new("Message cache not empty".to_owned()));
}
let new_cache: Result<Vec<CachedMessage>, serde_json::Error> =
msg_cache.iter().map(|m| serde_json::from_str(m)).collect();
*cached_msg = new_cache?;
Ok(())
}
#[wasm_bindgen]
pub fn dump_message_cache() -> ApiResult<Vec<String>> {
let cached_msg = lock_messages()?;
let res: Vec<String> = cached_msg
.iter()
.map(|m| serde_json::to_string(m).unwrap())
.collect();
Ok(res)
}
#[wasm_bindgen]
pub fn dump_device() -> ApiResult<String> {
let local_device = lock_local_device()?;
Ok(serde_json::to_string(&local_device.clone())?)
}
#[wasm_bindgen]
pub fn reset_device() -> ApiResult<()> {
let mut device = lock_local_device()?;
*device = Device::default();
reset_message_cache()?;
reset_process_cache()?;
Ok(())
}
#[wasm_bindgen]
pub fn get_txid(transaction: String) -> ApiResult<String> {
let tx: Transaction = deserialize(&Vec::from_hex(&transaction)?)?;
Ok(tx.txid().to_string())
}
fn handle_transaction(
updated: HashMap<OutPoint, OwnedOutput>,
tx: &Transaction,
tweak_data: PublicKey,
) -> AnyhowResult<ApiReturn> {
let b_scan = lock_local_device()?.get_wallet().get_client().get_scan_key();
let op_return: Vec<&sdk_common::sp_client::bitcoin::TxOut> = tx
.output
.iter()
.filter(|o| o.script_pubkey.is_op_return())
.collect();
if op_return.len() != 1 {
return Err(AnyhowError::msg(
"Transaction must have exactly one op_return output",
));
}
let commitment =
AnkPrdHash::from_slice(&op_return.first().unwrap().script_pubkey.as_bytes()[2..])?;
// Basically a transaction that destroyed utxo is a transaction we sent.
let utxo_destroyed: HashMap<&OutPoint, &OwnedOutput> = updated
.iter()
.filter(|(outpoint, output)| output.spend_status != OutputSpendStatus::Unspent)
.collect();
let mut messages = lock_messages()?;
// empty utxo_destroyed means we received this transaction
if utxo_destroyed.is_empty() {
let shared_point = sp_utils::receiving::calculate_ecdh_shared_secret(
&tweak_data,
&b_scan,
);
let shared_secret = AnkSharedSecretHash::from_shared_point(shared_point);
let mut plaintext: Vec<u8> = vec![];
if let Some(message) = messages.iter_mut().find(|m| {
if m.status != CachedMessageStatus::CipherWaitingTx {
return false;
}
let res = m.try_decrypt_with_shared_secret(shared_secret.to_byte_array());
if res.is_ok() {
plaintext = res.unwrap();
return true;
} else {
return false;
}
}) {
// Calling this check that the prd we found check with the hashed commitment in transaction
// We also check the signed proof that is included in the prd
let prd = Prd::extract_from_message_with_commitment(&plaintext, &commitment)?;
// for now the previous method doesn't error if proof is missing,
// We must define if there are cases where a valid prd doesn't have proof
let outpoint = OutPoint::from_str(&prd.root_commitment)?;
handle_decrypted_message(plaintext, Some(shared_secret), Some(outpoint))
} else {
// store it and wait for the message
let mut new_msg = CachedMessage::new();
new_msg.commitment = Some(commitment.as_byte_array().to_lower_hex_string());
new_msg
.shared_secrets
.push(shared_secret.to_byte_array().to_lower_hex_string());
new_msg.status = CachedMessageStatus::TxWaitingPrd;
messages.push(new_msg.clone());
return Ok(ApiReturn {
updated_cached_msg: vec![new_msg.clone()],
..Default::default()
});
}
} else {
// We're sender of the transaction, do nothing
return Ok(ApiReturn {
..Default::default()
});
}
}
/// If the transaction has anything to do with us, we create/update the relevant process
/// and return it to caller for persistent storage
fn process_transaction(
tx_hex: String,
blockheight: u32,
tweak_data_hex: String,
) -> anyhow::Result<ApiReturn> {
let tx = deserialize::<Transaction>(&Vec::from_hex(&tx_hex)?)?;
let tweak_data = PublicKey::from_str(&tweak_data_hex)?;
let updated: HashMap<OutPoint, OwnedOutput>;
{
let mut device = lock_local_device()?;
let wallet = device.get_mut_wallet();
updated = wallet.update_wallet_with_transaction(&tx, blockheight, tweak_data)?;
}
if updated.len() > 0 {
return handle_transaction(updated, &tx, tweak_data);
}
Err(anyhow::Error::msg("Transaction is not our"))
}
#[wasm_bindgen]
pub fn parse_new_tx(new_tx_msg: String, block_height: u32, fee_rate: u32) -> ApiResult<ApiReturn> {
let new_tx: NewTxMessage = serde_json::from_str(&new_tx_msg)?;
if let Some(error) = new_tx.error {
return Err(ApiError::new(format!(
"NewTx returned with an error: {}",
error
)));
}
if new_tx.tweak_data.is_none() {
return Err(ApiError::new("Missing tweak_data".to_owned()));
}
Ok(process_transaction(
new_tx.transaction,
block_height,
new_tx.tweak_data.unwrap(),
)?)
}
fn try_decrypt_with_processes(
cipher: &[u8],
processes: MutexGuard<HashMap<OutPoint, Process>>,
) -> Option<(Vec<u8>, SilentPaymentAddress, OutPoint)> {
let nonce = Nonce::from_slice(&cipher[..12]);
for (outpoint, process) in processes.iter() {
for (address, secret) in process.get_all_secrets() {
let engine = Aes256Gcm::new(&secret.to_byte_array().into());
if let Ok(plain) = engine.decrypt(
&nonce,
Payload {
msg: &cipher[12..],
aad: AAD,
},
) {
return Some((plain, address, *outpoint));
}
}
}
None
}
#[wasm_bindgen]
/// Produce a proof and append it to a prd
pub fn add_validation_token_to_prd(
root_commitment: String,
prd_commitment: String,
approval: bool,
) -> ApiResult<ApiReturn> {
let prd_hash = AnkPrdHash::from_str(&prd_commitment)?;
let outpoint = OutPoint::from_str(&root_commitment)?;
// find the prd in the registered process
let mut processes = lock_processes()?;
let process = processes
.get_mut(&outpoint)
.ok_or(ApiError::new("Unknown process".to_owned()))?;
let prd_ref = process
.get_impending_requests_mut()
.into_iter()
.find(|r| r.create_commitment() == prd_hash)
.ok_or(ApiError::new(
"Failed to find the prd in registered processes".to_owned(),
))?;
let local_device = lock_local_device()?;
let wallet = local_device.get_wallet();
let spend_key: SecretKey = wallet.get_client().get_spend_key().try_into()?;
match prd_ref.prd_type {
PrdType::Update => {
let new_state = Value::from_str(&prd_ref.payload)?;
let new_state_commitment = new_state.tagged_hash();
let message_hash = if approval {
AnkHash::ValidationYes(AnkValidationYesHash::from_commitment(new_state_commitment))
} else {
AnkHash::ValidationNo(AnkValidationNoHash::from_commitment(new_state_commitment))
};
let proof = Proof::new(message_hash, spend_key);
prd_ref.validation_tokens.push(proof);
Ok(ApiReturn {
updated_process: Some((root_commitment, process.clone())),
..Default::default()
})
}
_ => return Err(ApiError::new("Can't validate that prd".to_owned())),
}
}
#[wasm_bindgen]
pub fn response_prd(
root_commitment: String,
prd_commitment: String, // The commitment to the Prd we respond to
approval: bool,
) -> ApiResult<ApiReturn> {
let prd_hash = AnkPrdHash::from_str(&prd_commitment)?;
let outpoint = OutPoint::from_str(&root_commitment)?;
let local_device = lock_local_device()?;
let member = local_device
.to_member()
.ok_or(ApiError::new("Unpaired device".to_owned()))?;
// find the prd in the registered process
let mut processes = lock_processes()?;
let process = processes
.get_mut(&outpoint)
.ok_or(ApiError::new("Unknown process".to_owned()))?;
let prd_ref = process
.get_impending_requests_mut()
.into_iter()
.find(|r| r.create_commitment() == prd_hash)
.ok_or(ApiError::new(
"Failed to find the prd in registered processes".to_owned(),
))?;
match prd_ref.prd_type {
PrdType::Update => {
let pcd_hash: AnkPcdHash = AnkPcdHash::from_value(&Value::from_str(&prd_ref.payload)?);
let prd_response = Prd::new_response(
OutPoint::from_str(&root_commitment)?,
serde_json::to_string(&member)?,
prd_ref.validation_tokens.clone(),
pcd_hash,
);
let prd_msg = prd_response.to_network_msg(local_device.get_wallet())?;
let mut ciphers = vec![];
for (sp_address, shared_secret) in process.get_all_secrets() {
if sp_address.to_string()
== local_device
.get_wallet()
.get_client()
.get_receiving_address()
{
continue;
}
let cipher = encrypt_with_key(shared_secret.as_byte_array(), prd_msg.as_bytes())?;
ciphers.push(cipher.to_lower_hex_string());
}
return Ok(ApiReturn {
ciphers_to_send: ciphers,
..Default::default()
});
}
_ => unimplemented!(),
};
}
fn confirm_prd(prd: Prd, shared_secret: &AnkSharedSecretHash) -> AnyhowResult<String> {
match prd.prd_type {
PrdType::Confirm | PrdType::Response | PrdType::List => {
return Err(AnyhowError::msg("Invalid prd type"));
}
_ => (),
}
let outpoint = OutPoint::from_str(&prd.root_commitment)?;
let local_device = lock_local_device()?;
let member = match local_device.to_member() {
Some(member) => member,
None => {
// This might be because we're pairing, let's see if our address is part of sender of the initial prd
let remote_member: Member = serde_json::from_str(&prd.sender)?;
let addresses = remote_member.get_addresses();
let this_device_address = local_device
.get_wallet()
.get_client()
.get_receiving_address();
if let Some(_) = addresses.into_iter().find(|a| *a == this_device_address) {
remote_member
} else {
return Err(AnyhowError::msg("Must pair device first"));
}
}
};
let pcd_commitment = AnkPcdHash::from_str(&prd.payload)?;
let prd_confirm = Prd::new_confirm(outpoint, member, pcd_commitment);
let prd_msg = prd_confirm.to_network_msg(local_device.get_wallet())?;
Ok(encrypt_with_key(shared_secret.as_byte_array(), prd_msg.as_bytes())?.to_lower_hex_string())
}
fn send_data(prd: &Prd, shared_secret: &AnkSharedSecretHash) -> AnyhowResult<ApiReturn> {
let pcd = &prd.payload;
let cipher = encrypt_with_key(shared_secret.as_byte_array(), pcd.as_bytes())?;
Ok(ApiReturn {
ciphers_to_send: vec![cipher.to_lower_hex_string()],
..Default::default()
})
}
fn decrypt_with_cached_messages(
cipher: &[u8],
messages: &mut MutexGuard<Vec<CachedMessage>>
) -> anyhow::Result<Option<(Vec<u8>, AnkSharedSecretHash)>> {
let nonce = Nonce::from_slice(&cipher[..12]);
for message in messages.iter_mut() {
for shared_secret in message.shared_secrets.iter() {
let aes_key = match AnkSharedSecretHash::from_str(shared_secret) {
Ok(key) => key,
Err(_) => {
debug!(
"Invalid shared secret for message{}: {}",
message.id, shared_secret
);
continue;
}
};
let engine = Aes256Gcm::new(aes_key.as_byte_array().into());
let plain = match engine.decrypt(
&nonce,
Payload {
msg: &cipher[12..],
aad: AAD,
},
) {
Ok(plain) => plain,
Err(_) => continue,
};
let commitment = AnkPrdHash::from_str(
message
.commitment
.as_ref()
.ok_or(anyhow::Error::msg("Missing commitment".to_owned()))?,
)?;
// A message matched against a new transaction must be a prd
// We just check the commitment while we're at it
let _ = Prd::extract_from_message_with_commitment(&plain, &commitment)?;
// Update the message status
message.status = CachedMessageStatus::NoStatus;
message.shared_secrets = vec![]; // this way we won't check it again
return Ok(Some((
plain,
aes_key,
)));
}
}
Ok(None)
}
fn decrypt_with_known_processes(cipher: &[u8], processes: MutexGuard<HashMap<OutPoint, Process>>) -> anyhow::Result<Option<(Vec<u8>, OutPoint)>> {
let nonce = Nonce::from_slice(&cipher[..12]);
for (outpoint, process) in processes.iter() {
for (address, secret) in process.get_all_secrets() {
debug!("Attempting decryption with key {} for {}", secret, address);
let engine = Aes256Gcm::new(secret.as_byte_array().into());
if let Ok(plain) = engine.decrypt(
&nonce,
Payload {
msg: &cipher[12..],
aad: AAD,
},
) {
return Ok(Some((plain, *outpoint)));
}
}
}
Ok(None)
}
/// Prd can come with an attached transaction or without
/// It's useful to commit it in a transaction in the case there are multiple recipients (guarantee that everyone gets the same payload)
/// Or if for some reasons we don't want to use the same shared secret again
fn handle_prd(
plain: &[u8],
new_shared_secret: Option<AnkSharedSecretHash>,
) -> AnyhowResult<ApiReturn> {
// We already checked the commitment if any
let prd = Prd::extract_from_message(plain)?;
debug!("found prd: {:#?}", prd);
let proof_key = prd.proof.unwrap().get_key();
let sp_address = serde_json::from_str::<Member>(&prd.sender)?
.get_addresses()
.into_iter()
.find_map(|address| {
let parsed_address = SilentPaymentAddress::try_from(address.as_str()).ok()?;
let spend_key = parsed_address.get_spend_key().x_only_public_key().0;
if spend_key == proof_key {
Some(parsed_address)
} else {
None
}
})
.ok_or_else(|| anyhow::Error::msg("No matching address found for the proof key"))?;
let outpoint = OutPoint::from_str(&prd.root_commitment)?;
let mut processes = lock_processes()?;
let relevant_process = match processes.entry(outpoint) {
std::collections::hash_map::Entry::Occupied(entry) => entry.into_mut(),
std::collections::hash_map::Entry::Vacant(entry) => {
debug!("Creating new process for outpoint: {}", outpoint);
let shared_secret = new_shared_secret
.ok_or_else(|| anyhow::Error::msg("Missing shared secret for new process"))?;
let mut shared_secrets = HashMap::new();
shared_secrets.insert(sp_address, shared_secret);
entry.insert(Process::new(vec![], shared_secrets, vec![]))
}
};
match prd.prd_type {
PrdType::Confirm => {
// It must match a prd we sent previously
// We send the whole data in a pcd
debug!("Received confirm prd {:#?}", prd);
let original_request = relevant_process
.get_impending_requests()
.into_iter()
.find(|r| {
if r.prd_type != PrdType::Update {
return false;
}
let hash = Value::from_str(&r.payload).unwrap().tagged_hash();
hash.to_string() == prd.payload
})
.ok_or(anyhow::Error::msg("Original request not found"))?;
let shared_secret = relevant_process
.get_shared_secret_for_address(&sp_address)
.ok_or(anyhow::Error::msg(
"Missing shared secret for address in original request",
))?;
return send_data(original_request, &shared_secret);
}
PrdType::Update | PrdType::TxProposal | PrdType::Message => {
// Those all have some new data we don't know about yet
// We send a Confirm to get the pcd
// Add the prd to our list of actions for this process
relevant_process.insert_impending_request(prd.clone());
let shared_secret = relevant_process
.get_shared_secret_for_address(&sp_address)
.ok_or(anyhow::Error::msg(
"Missing shared secret for address in original request",
))?;
let cipher = confirm_prd(prd, &shared_secret)?;
return Ok(ApiReturn {
ciphers_to_send: vec![cipher],
updated_process: Some((outpoint.to_string(), relevant_process.clone())),
..Default::default()
});
}
PrdType::Response => {
// We must know of a prd update that the response answers to
let original_request = relevant_process
.get_impending_requests_mut()
.into_iter()
.find(|r| {
if r.prd_type != PrdType::Update {
return false;
}
let hash = Value::from_str(&r.payload).unwrap().tagged_hash();
hash.to_string() == prd.payload
})
.ok_or(anyhow::Error::msg("Original request not found"))?;
// Once we found the prd update, we can add the received proofs as validation tokens
original_request
.validation_tokens
.extend(prd.validation_tokens);
// We must return an update of the process
let updated_process = (prd.root_commitment, relevant_process.clone());
return Ok(ApiReturn {
updated_process: Some(updated_process),
..Default::default()
});
}
_ => unimplemented!(),
}
}
fn handle_pcd(plain: Vec<u8>, root_commitment: OutPoint) -> AnyhowResult<ApiReturn> {
let pcd = Value::from_str(&String::from_utf8(plain)?)?;
let pcd_commitment = pcd.tagged_hash();
let mut processes = lock_processes()?;
let relevant_process = processes.get_mut(&root_commitment).unwrap();
// We match the pcd with a prd and act accordingly
let prd = relevant_process
.get_impending_requests_mut()
.into_iter()
.find(|r| *r.payload == pcd_commitment.to_string())
.ok_or(AnyhowError::msg("Failed to retrieve the matching prd"))?;
// We update the process and return it
prd.payload = pcd.to_string();
return Ok(ApiReturn {
updated_process: Some((root_commitment.to_string(), relevant_process.clone())),
..Default::default()
});
}
fn handle_decrypted_message(
plain: Vec<u8>,
shared_secret: Option<AnkSharedSecretHash>,
root_commitment: Option<OutPoint>,
) -> anyhow::Result<ApiReturn> {
// Try to handle as PRD first
handle_prd(&plain, shared_secret)
.or_else(|_| {
// If PRD handling fails, try to handle as PCD
handle_pcd(
plain,
root_commitment.ok_or(anyhow::Error::msg(
"root_commitment must be known for a pcd",
))?,
)
})
.map_err(|e| anyhow::Error::msg(format!("Failed to handle decrypted message: {}", e)))
}
#[wasm_bindgen]
pub fn parse_cipher(cipher_msg: String) -> ApiResult<ApiReturn> {
// We lock message cache and processes to prevent race conditions
let mut messages = lock_messages()?;
let processes = lock_processes()?;
// Check that the cipher is not empty or too long
if cipher_msg.is_empty() || cipher_msg.len() > MAX_PRD_PAYLOAD_SIZE {
return Err(ApiError::new(
"Invalid cipher: empty or too long".to_owned(),
));
}
let cipher = Vec::from_hex(cipher_msg.trim_matches('"'))?;
// Try decrypting with cached messages first
if let Ok(Some((plain, shared_secret))) = decrypt_with_cached_messages(&cipher, &mut messages) {
return handle_decrypted_message(plain, Some(shared_secret), None)
.map_err(|e| ApiError::new(format!("Failed to handle decrypted message: {}", e)));
}
// If that fails, try decrypting with known processes
if let Ok(Some((plain, root_commitment))) = decrypt_with_known_processes(&cipher, processes) {
return handle_decrypted_message(plain, None, Some(root_commitment))
.map_err(|e| ApiError::new(format!("Failed to handle decrypted message: {}", e)));
}
// If both decryption attempts fail, we keep it just in case we receive the transaction later
let mut return_msg = CachedMessage::new();
return_msg.cipher = vec![cipher_msg];
return_msg.status = CachedMessageStatus::CipherWaitingTx;
messages.push(return_msg.clone());
Ok(ApiReturn {
updated_cached_msg: vec![return_msg],
..Default::default()
})
}
#[wasm_bindgen]
pub fn get_outputs() -> ApiResult<JsValue> {
let device = lock_local_device()?;
let outputs = device.get_wallet().get_outputs().clone();
Ok(JsValue::from_serde(&outputs.to_outpoints_list())?)
}
#[wasm_bindgen]
pub fn get_available_amount() -> ApiResult<u64> {
let device = lock_local_device()?;
Ok(device.get_wallet().get_outputs().get_balance().to_sat())
}
#[wasm_bindgen]
/// This takes a reference to a process and creates a commit msg for the latest state
pub fn create_commit_message(
init_commitment_outpoint: String,
relay_address: String,
fee_rate: u32,
) -> ApiResult<ApiReturn> {
let outpoint = OutPoint::from_str(&init_commitment_outpoint)?;
if let Some(process) = lock_processes()?.get(&outpoint) {
match process.get_number_of_states() {
0 => Err(ApiError::new("Process has no states".to_owned())),
1 => {
// This is a creation
let state = process.get_latest_state().unwrap();
if state.commited_in.vout != u32::MAX {
return Err(ApiError::new("Latest state is already commited".to_owned()));
}
let encrypted_pcd = state.encrypted_pcd.clone();
let keys = state.keys.clone();
let freezed_utxos = lock_freezed_utxos()?;
let local_device = lock_local_device()?;
let sp_wallet = local_device.get_wallet();
let signed_psbt = create_transaction(
vec![],
&freezed_utxos,
sp_wallet,
vec![Recipient {
address: relay_address,
amount: Amount::from_sat(1000),
nb_outputs: 1,
}],
None,
Amount::from_sat(fee_rate.into()),
None,
)?;
let tx = signed_psbt.extract_tx()?;
Ok(ApiReturn {
commit_to_send: Some(CommitMessage::new_first_commitment(
tx,
encrypted_pcd.as_object().unwrap().clone(),
keys,
)),
..Default::default()
})
}
_ => {
// We're updating an existing process
// Check that initial outpoint is not a placeholder and that latest state has a commited_in of null
if outpoint.vout != u32::MAX {
return Err(ApiError::new(
"Initial outpoint is a placeholder".to_owned(),
));
}
let state = process.get_latest_state().unwrap();
if state.commited_in != OutPoint::null() {
return Err(ApiError::new("Latest state is already commited".to_owned()));
}
let encrypted_pcd = state.encrypted_pcd.clone();
let keys = state.keys.clone();
// We just send the message with the outpoint
return Ok(ApiReturn {
commit_to_send: Some(CommitMessage::new_update_commitment(
outpoint,
encrypted_pcd.as_object().unwrap().clone(),
keys,
)),
..Default::default()
});
}
}
} else {
return Err(ApiError::new("Process not found".to_owned()));
}
}
#[wasm_bindgen]
/// We assume that the provided tx outpoint exist
pub fn create_update_transaction(
init_commitment: Option<String>,
new_state: String,
fee_rate: u32,
) -> ApiResult<ApiReturn> {
let pcd = Value::from_str(&new_state)?;
let pcd_map = pcd
.as_object()
.ok_or(ApiError::new("new_state must be an object".to_owned()))?;
let mut processes = lock_processes()?;
let commitment_outpoint: OutPoint;
let relevant_process: &mut Process;
if let Some(s) = init_commitment {
// We're updating an existing contract
let outpoint = OutPoint::from_str(&s)?;
if let Some(p) = processes.get_mut(&outpoint) {
// compare the provided new_state with the process defined template
let previous_state = &p.get_state_at(0).unwrap().encrypted_pcd;
if !compare_maps(previous_state.as_object().unwrap(), pcd_map) {
return Err(ApiError::new(
"Provided updated state is not consistent with the process template".to_owned(),
));
}
relevant_process = p;
commitment_outpoint = outpoint;
} else {
// This is a process we don't know about, so we insert a new entry
processes.insert(outpoint, Process::default());
relevant_process = processes.get_mut(&outpoint).unwrap();
commitment_outpoint = outpoint;
}
} else {
// This is a creation with an init state, the commitment will come later
// We need a placeholder to keep track of the process before it's commited on chain
// We can take the hash of the init_state as a txid, and set the vout to the max as it is very unlikely to ever have a real commitment that will look like this
let dummy = pcd.tagged_hash();
let dummy_outpoint = OutPoint::new(Txid::from_slice(dummy.as_byte_array())?, u32::MAX);
processes.insert(dummy_outpoint, Process::default());
relevant_process = processes.get_mut(&dummy_outpoint).unwrap();
commitment_outpoint = dummy_outpoint;
}
// We assume that all processes must have a roles key
let roles = pcd
.get("roles")
.ok_or(ApiError::new("No roles in new_state".to_owned()))?;
let roles_map = roles
.as_object()
.ok_or(ApiError::new("roles is not an object".to_owned()))?
.clone();
let mut all_members: HashMap<Member, HashSet<String>> = HashMap::new();
for (name, role_def) in roles_map {
let role: RoleDefinition = serde_json::from_str(&role_def.to_string())?;
let fields: Vec<String> = role
.validation_rules
.iter()
.flat_map(|rule| rule.fields.clone())
.collect();
for member in role.members {
if !all_members.contains_key(&member) {
all_members.insert(member.clone(), HashSet::new());
}
all_members.get_mut(&member).unwrap().extend(fields.clone());
}
}
let nb_recipients = all_members.len();
if nb_recipients == 0 {
return Err(ApiError::new(
"Can't create a process with 0 member".to_owned(),
));
}
let mut recipients: Vec<Recipient> = Vec::with_capacity(nb_recipients * 2); // We suppose that will work most of the time
// we actually have multiple "recipients" in a technical sense for each social recipient
// that's necessary because we don't want to miss a notification because we don't have a device atm
for member in all_members.keys() {
let addresses = member.get_addresses();
for sp_address in addresses.into_iter() {
recipients.push(Recipient {
address: sp_address.into(),
amount: DEFAULT_AMOUNT,
nb_outputs: 1,
});
}
}
let mut fields2keys = Map::new();
let mut fields2cipher = Map::new();
let encrypted_pcd = pcd.clone();
let fields_to_encrypt: Vec<String> = encrypted_pcd
.as_object()
.unwrap()
.keys()
.map(|k| k.clone())
.collect();
encrypted_pcd.encrypt_fields(&fields_to_encrypt, &mut fields2keys, &mut fields2cipher);
let local_device = lock_local_device()?;
let sp_wallet = local_device.get_wallet();
let sender: Member = local_device
.to_member()
.ok_or(ApiError::new("unpaired device".to_owned()))?;
// We first generate the prd with all the keys that we will keep to ourselves
let full_prd = Prd::new_update(
commitment_outpoint,
serde_json::to_string(&sender)?,
fields2cipher.clone(),
fields2keys.clone(),
);
let prd_commitment = full_prd.create_commitment();
let freezed_utxos = lock_freezed_utxos()?;
let signed_psbt = create_transaction(
vec![],
&freezed_utxos,
sp_wallet,
recipients,
Some(prd_commitment.as_byte_array().to_vec()),
Amount::from_sat(fee_rate.into()),
None,
)?;
let sp_address2vouts = map_outputs_to_sp_address(&signed_psbt.to_string())?;
let partial_secret = sp_wallet
.get_client()
.get_partial_secret_from_psbt(&signed_psbt)?;
let final_tx = signed_psbt.extract_tx()?;
let mut ciphers = vec![];
for (member, visible_fields) in all_members {
let mut prd = full_prd.clone();
prd.filter_keys(visible_fields);
// we hash the payload
prd.payload = Value::from_str(&prd.payload)
.unwrap()
.tagged_hash()
.to_string();
let prd_msg = prd.to_network_msg(sp_wallet)?;
let addresses = member.get_addresses();
for sp_address in addresses.into_iter() {
let shared_point = sp_utils::sending::calculate_ecdh_shared_secret(
&<SilentPaymentAddress>::try_from(sp_address.as_str())?.get_scan_key(),
&partial_secret,
);
let shared_secret = AnkSharedSecretHash::from_shared_point(shared_point);
let cipher = encrypt_with_key(shared_secret.as_byte_array(), prd_msg.as_bytes())?;
ciphers.push(cipher.to_lower_hex_string());
relevant_process
.insert_shared_secret(SilentPaymentAddress::try_from(sp_address)?, shared_secret);
}
}
relevant_process.insert_impending_request(full_prd);
relevant_process.insert_state(ProcessState {
commited_in: OutPoint::null(),
encrypted_pcd: Value::Object(fields2cipher),
keys: fields2keys,
validation_tokens: vec![],
});
// Create the new_tx message
let new_tx_msg = NewTxMessage::new(serialize(&final_tx).to_lower_hex_string(), None);
Ok(ApiReturn {
new_tx_to_send: Some(new_tx_msg),
updated_process: Some((commitment_outpoint.to_string(), relevant_process.clone())),
ciphers_to_send: ciphers,
..Default::default()
})
}
#[derive(Tsify, Serialize, Deserialize)]
#[tsify(into_wasm_abi, from_wasm_abi)]
#[allow(non_camel_case_types)]
pub struct encryptWithNewKeyResult {
pub cipher: String,
pub key: String,
}
#[wasm_bindgen]
pub fn create_faucet_msg() -> ApiResult<String> {
let sp_address = lock_local_device()?
.get_wallet()
.get_client()
.get_receiving_address();
let faucet_msg = FaucetMessage::new(sp_address.clone());
Ok(faucet_msg.to_string())
}
/// Get active update proposals for a given process outpoint
/// Returns a vector with the latest commited state first, if any, and all active proposals
#[wasm_bindgen]
pub fn get_update_proposals(process_outpoint: String) -> ApiResult<Vec<String>> {
let outpoint = OutPoint::from_str(&process_outpoint)?;
let mut processes = lock_processes()?;
// TODO: We clone the process to prevent double borrowing issue, this can certainly be improved
let relevant_process = processes
.get(&outpoint)
.ok_or(ApiError::new("process not found".to_owned()))?;
let mut updated_process = relevant_process.clone();
let update_proposals: Vec<&Prd> = relevant_process
.get_impending_requests()
.into_iter()
.filter(|r| r.prd_type == PrdType::Update)
.collect();
if update_proposals.is_empty() {
return Err(ApiError::new(format!(
"No active update proposals for process {}",
process_outpoint
)));
}
let mut res = vec![];
// We first push the last commited state, if any
match relevant_process.get_latest_commited_state() {
Some(state) => res.push(serde_json::to_string(state)?),
None => ()
}
// Maybe that's the right place for adding a new state with what we've got from the prd update
// We should probably iterate on every update proposals and see which one don't have a state yet
let mut update_states = false;
for proposal in update_proposals {
// Is there a state that matches this proposal? If not, let's add it
debug!("Trying proposal {:#?}", proposal);
let pcd = match Value::from_str(&proposal.payload) {
Ok(value) => value,
Err(e) => continue
};
debug!("found pcd {:#?}", pcd);
let pcd_hash = AnkPcdHash::from_value(&pcd);
// We look for a pending state for the exact same state as the one in the proposal
if let None = relevant_process.get_latest_concurrent_states()
.into_iter()
.find(|state| {
AnkPcdHash::from_value(&state.encrypted_pcd) == pcd_hash
})
{
// If not, we first add a new state
updated_process.insert_state(ProcessState {
commited_in: OutPoint::new(Txid::from_str(&pcd_hash.to_string())?, u32::MAX),
encrypted_pcd: pcd.clone(),
keys: proposal.keys.clone(),
validation_tokens: proposal.validation_tokens.clone()
});
update_states = true;
}
// We add the decrypted state to our return variable
let mut decrypted_pcd = Map::new();
pcd.decrypt_fields(&proposal.keys, &mut decrypted_pcd)?;
res.push(serde_json::to_string(&decrypted_pcd)?);
}
if update_states {
// We replace the process
processes.insert(outpoint, updated_process);
}
// else we do nothing
Ok(res)
}
Reference in New Issue View Git Blame Copy Permalink