ethauth

package module
v0.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2022 License: MIT Imports: 14 Imported by: 1

README 

 ____ ____ ____ ____ ____ ____ ____
||e |||t |||h |||a |||u |||t |||h ||
||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|

Format

proof = eth.<address>.<claims>.<signature>.<extra>

Address

The account address in hex encoding, ie. '0x9e63b5BF4b31A7F8d5D8b4f54CD361344Eb744C5'.

Note, you should not take the account address in the ethauth proof at face value -- you must parse the Proof and validate it with the library methods provided. The address is included when used to verify smart wallet based accounts (aka contract-based accounts).

Claims

a base64 encoded JSON object of

interface Claims {
  app: string
  exp: number
  iat?: number
  n?: number
  typ?: string
  ogn?: string
}

Fields:

  • app (required) - App identifier requesting the issuance of the ethauth proof
  • exp (required) - Expired at unix timestamp of when the ethauth proof is valid until
  • iat (optional) - Issued at unix timestamp of when the ethauth proof has been signed/issued
  • n (optional) - Nonce value which can be used as a challenge number for added security
  • typ (optional) - Type of authorization for this ethauth proof
  • ogn (optional) - Domain origin requesting the issuance of the ethauth proof

Signature

Signature value of the claims message payload. The signature is computed by the EIP712 eth_signTypedData call of the claims object. The signature may be recoverable with ECRecover to determine the EOA address, or you may have a different encoding such as one used with EIP-1271, to validate the contract-based account signature.

Example ETHAuth encoding / decoding

EOA account signature

ethauth-proof = eth.0x89d9f8f31817badb5d718cd6fb483b71dbd2dfed.eyJhcHAiOiJFV1RUZXN0IiwiaWF0IjoxNTk1NTMwODQwLCJleHAiOjE1OTU1MzExNDB9.0x233ab9164a677a41acc8d52c9e1d1a621acebf9bc8d956c8474618b589acebe10cc350deb4b02bf6951cec8bd23507170f204ca326a5a264b8f6f67fa2619c251c

decodes & verifies to:

  • account address: 0x89D9F8f31817BAdb5D718CD6fb483b71DbD2dfeD
  • claims: {"app":"EWTTest","iat":1595530840,"exp":1595531140}
  • signature: 0x233ab9164a677a41acc8d52c9e1d1a621acebf9bc8d956c8474618b589acebe10cc350deb4b02bf6951cec8bd23507170f204ca326a5a264b8f6f67fa2619c251c

Contract-based account signature (verifiable with EIP 1271)

ethauth-proof = eth.0x9e63b5bf4b31a7f8d5d8b4f54cd361344eb744c5.eyJpYXQiOjE1OTQ3NDM4NDgsImV4cCI6MTYyNjI3OTg0OCwibiI6MTMzN30.0x000100012dd090aec5e4a9678f7968533c10fc42b07b9a23fa3b719f79a861adcfc7e1d958e3521bb061c34072f5435681390ccc9be19bf9da32320bd2356d0b4b4d316b1c02

decodes & verifies to:

  • account address: 0x9e63b5bf4b31a7f8d5d8b4f54cd361344eb744c5
  • message: {"iat":1594743848,"exp":1626279848,"n":1337}
  • signature: 0x000100012dd090aec5e4a9678f7968533c10fc42b07b9a23fa3b719f79a861adcfc7e1d958e3521bb061c34072f5435681390ccc9be19bf9da32320bd2356d0b4b4d316b1c02

LICENSE

MIT

Documentation

Index

Constants

View Source 
const (
	ETHAuthVersion = "1"

	ETHAuthPrefix = "eth"
)
View Source 
const (
	// IsValidSignatureBytes32 is the EIP-1271 magic value we test
	IsValidSignatureBytes32MagicValue = "0x1626ba7e"
)

Variables

This section is empty.

Functions

func Base64UrlDecode 

func Base64UrlDecode(s string) ([]byte, error)

Base64 url-variant decoding with padding stripped. Note, this is the same encoding format as JWT.

func Base64UrlEncode 

func Base64UrlEncode(s []byte) string

Base64 url-variant encoding with padding stripped. Note, this is the same encoding format as JWT.

func ValidateContractAccountProof 

func ValidateContractAccountProof(ctx context.Context, provider *ethrpc.Provider, chainID *big.Int, proof *Proof) (bool, string, error)

ValidateContractAccountProof verifies the account proof, testing if the proof claims have been signed with a smart-contract based account by calling the EIP-1271 method of the remote contract. This method will return success/failure, the account address as a string, and any errors. The wallet contract must be deployed in order for this call to be successful. In order test an undeployed smart-wallet, you will have to implement your own custom validator method.

func ValidateEOAProof 

func ValidateEOAProof(ctx context.Context, provider *ethrpc.Provider, chainID *big.Int, proof *Proof) (bool, string, error)

ValidateEOAProof verifies the account proof, testing if the proof claims have been signed with an EOA (externally owned account) and will return success/failture, the account address as a string, and any errors.

func ValidateEOASignature 

func ValidateEOASignature(address string, message []byte, signatureHex string) (bool, error)

Validate the public key address of an Ethereum signed message

Types

type Claims 

type Claims struct {
	App            string `json:"app,omitempty"`
	IssuedAt       int64  `json:"iat,omitempty"`
	ExpiresAt      int64  `json:"exp,omitempty"`
	Nonce          uint64 `json:"n,omitempty"`
	Type           string `json:"typ,omitempty"`
	Origin         string `json:"ogn,omitempty"`
	ETHAuthVersion string `json:"v,omitempty"`
}

func (Claims) Map 

func (c Claims) Map() map[string]interface{}

func (Claims) MessageDigest 

func (c Claims) MessageDigest() ([]byte, error)

func (*Claims) SetExpiryIn 

func (c *Claims) SetExpiryIn(tm time.Duration)

func (*Claims) SetIssuedAtNow 

func (c *Claims) SetIssuedAtNow()

func (Claims) TypedData 

func (c Claims) TypedData() (*ethcoder.TypedData, error)

func (Claims) Valid 

func (c Claims) Valid() error

type ETHAuth 

type ETHAuth struct {
	// contains filtered or unexported fields
}

func New 

func New(validators ...ValidatorFunc) (*ETHAuth, error)

func (*ETHAuth) ConfigJsonRpcProvider 

func (w *ETHAuth) ConfigJsonRpcProvider(ethereumJsonRpcURL string, optChainId ...int64) error

func (*ETHAuth) ConfigValidators 

func (w *ETHAuth) ConfigValidators(validators ...ValidatorFunc) error

func (*ETHAuth) DecodeProof 

func (w *ETHAuth) DecodeProof(proofString string) (bool, *Proof, error)

DecodeProof will decode an ETHAuth proof string, validate it, and return a Proof object

func (*ETHAuth) EncodeProof 

func (w *ETHAuth) EncodeProof(proof *Proof) (string, error)

EncodeProof will encode a Proof object, validate it and return the ETHAuth proof string

func (*ETHAuth) ValidateProof 

func (w *ETHAuth) ValidateProof(proof *Proof) (bool, error)

func (*ETHAuth) ValidateProofClaims 

func (w *ETHAuth) ValidateProofClaims(proof *Proof) (bool, error)

func (*ETHAuth) ValidateProofSignature 

func (w *ETHAuth) ValidateProofSignature(proof *Proof) bool

func (*ETHAuth) Validators 

func (w *ETHAuth) Validators() []ValidatorFunc

type Proof 

type Proof struct {
	// "eth" prefix
	Prefix string

	// Account addres (in hex)
	Address string

	// Claims object, aka, the message key of an EIP712 signature
	Claims Claims

	// Signature of the message by the account address above (in hex)
	Signature string

	// Extra bytes in hex format used for signature validation
	// ie. useful for counterfactual smart wallets
	Extra string
}

func NewProof 

func NewProof() *Proof

func (*Proof) MessageDigest 

func (t *Proof) MessageDigest() ([]byte, error)

func (*Proof) MessageTypedData 

func (t *Proof) MessageTypedData() (*ethcoder.TypedData, error)

type ValidatorFunc 

type ValidatorFunc func(ctx context.Context, provider *ethrpc.Provider, chainID *big.Int, proof *Proof) (bool, string, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.