Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Verify v2 #1392

Merged
merged 26 commits into from
Aug 13, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
savepoint
llbartekll committed Aug 12, 2024

Verified

This commit was signed with the committer’s verified signature.
llbartekll Bartosz Rozwarski
commit a00908828001f89587918697cd09eea272a728e1
Original file line number Diff line number Diff line change
@@ -123,7 +123,7 @@ class ApproveSessionAuthenticateUtil {


func getVerifyContext(requestId: RPCID, domain: String) -> VerifyContext {
(try? verifyContextStore.get(key: requestId.string)) ?? verifyClient.createVerifyContext(origin: nil, domain: domain, isScam: false)
(try? verifyContextStore.get(key: requestId.string)) ?? verifyClient.createVerifyContext(origin: nil, domain: domain, isScam: false, isVerified: nil)
}


Original file line number Diff line number Diff line change
@@ -54,7 +54,7 @@
let request = AuthenticationRequest(id: payload.id, topic: payload.topic, payload: payload.request.authPayload, requester: payload.request.requester.metadata)

Task(priority: .high) {
let assertionId = payload.decryptedPayload.sha256().toHexString()

Check warning on line 57 in Sources/WalletConnectSign/Auth/Services/Wallet/AuthRequestSubscriber.swift

GitHub Actions / prepare

initialization of immutable value 'assertionId' was never used; consider replacing with assignment to '_' or removing it
do {
let response: VerifyResponse
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see warning: let assertionId = payload.decryptedPayload.sha256().toHexString() 👆

if let attestation = payload.attestation,
@@ -64,11 +64,11 @@
let assertionId = payload.decryptedPayload.sha256().toHexString()
response = try await verifyClient.verify(.v1(assertionId: assertionId))
}
let verifyContext = verifyClient.createVerifyContext(origin: response.origin, domain: payload.request.authPayload.domain, isScam: response.isScam)
let verifyContext = verifyClient.createVerifyContext(origin: response.origin, domain: payload.request.authPayload.domain, isScam: response.isScam, isVerified: response.isVerified)
verifyContextStore.set(verifyContext, forKey: request.id.string)
onRequest?((request, verifyContext))
} catch {
let verifyContext = verifyClient.createVerifyContext(origin: nil, domain: payload.request.authPayload.domain, isScam: nil)
let verifyContext = verifyClient.createVerifyContext(origin: nil, domain: payload.request.authPayload.domain, isScam: nil, isVerified: nil)
verifyContextStore.set(verifyContext, forKey: request.id.string)
onRequest?((request, verifyContext))
return
7 changes: 4 additions & 3 deletions Sources/WalletConnectSign/Engine/Common/ApproveEngine.swift
Original file line number Diff line number Diff line change
@@ -226,7 +226,7 @@ final class ApproveEngine {
expiry: Int64(expiry)
)

let verifyContext = (try? verifyContextStore.get(key: proposal.proposer.publicKey)) ?? verifyClient.createVerifyContext(origin: nil, domain: proposal.proposer.metadata.url, isScam: false)
let verifyContext = (try? verifyContextStore.get(key: proposal.proposer.publicKey)) ?? verifyClient.createVerifyContext(origin: nil, domain: proposal.proposer.metadata.url, isScam: false, isVerified: nil)


let session = WCSession(
@@ -411,12 +411,13 @@ private extension ApproveEngine {
let verifyContext = verifyClient.createVerifyContext(
origin: response.origin,
domain: payload.request.proposer.metadata.url,
isScam: response.isScam
isScam: response.isScam,
isVerified: response.isVerified
)
verifyContextStore.set(verifyContext, forKey: proposal.proposer.publicKey)
onSessionProposal?(proposal.publicRepresentation(pairingTopic: payload.topic), verifyContext)
} catch {
let verifyContext = verifyClient.createVerifyContext(origin: nil, domain: payload.request.proposer.metadata.url, isScam: nil)
let verifyContext = verifyClient.createVerifyContext(origin: nil, domain: payload.request.proposer.metadata.url, isScam: nil, isVerified: nil)
onSessionProposal?(proposal.publicRepresentation(pairingTopic: payload.topic), verifyContext)
return
}
2 changes: 1 addition & 1 deletion Sources/WalletConnectVerify/AttestationJWTVerifier.swift
Original file line number Diff line number Diff line change
@@ -44,7 +44,7 @@ class AttestationJWTVerifier {
throw Errors.messageIdMismatch
}

return VerifyResponse(origin: claims.origin, isScam: claims.isScam)
return VerifyResponse(origin: claims.origin, isScam: claims.isScam, isVerified: claims.isVerified)
}

func verifyJWTAgainstPubKey(_ jwtString: String, signingPubKey: P256.Signing.PublicKey) throws {
1 change: 1 addition & 0 deletions Sources/WalletConnectVerify/Register/VerifyResponse.swift
Original file line number Diff line number Diff line change
@@ -3,4 +3,5 @@ import Foundation
public struct VerifyResponse: Decodable {
public let origin: String?
public let isScam: Bool?
public let isVerified: Bool?
}
11 changes: 5 additions & 6 deletions Sources/WalletConnectVerify/VerifyClient.swift
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@ import Foundation

public protocol VerifyClientProtocol {
func verify(_ verificationType: VerificationType) async throws -> VerifyResponse
func createVerifyContext(origin: String?, domain: String, isScam: Bool?) -> VerifyContext
func createVerifyContext(origin: String?, domain: String, isScam: Bool?, isVerified: Bool?) -> VerifyContext
func createVerifyContextForLinkMode(redirectUniversalLink: String, domain: String) -> VerifyContext
}

@@ -53,8 +53,8 @@ public actor VerifyClient: VerifyClientProtocol {
}
}

nonisolated public func createVerifyContext(origin: String?, domain: String, isScam: Bool?) -> VerifyContext {
verifyContextFactory.createVerifyContext(origin: origin, domain: domain, isScam: isScam)
nonisolated public func createVerifyContext(origin: String?, domain: String, isScam: Bool?, isVerified: Bool?) -> VerifyContext {
verifyContextFactory.createVerifyContext(origin: origin, domain: domain, isScam: isScam, isVerified: isVerified)
}

nonisolated public func createVerifyContextForLinkMode(redirectUniversalLink: String, domain: String) -> VerifyContext {
@@ -69,14 +69,13 @@ public actor VerifyClient: VerifyClientProtocol {
#if DEBUG

public struct VerifyClientMock: VerifyClientProtocol {

public init() {}

public func verify(_ verificationType: VerificationType) async throws -> VerifyResponse {
return VerifyResponse(origin: "domain.com", isScam: nil)
return VerifyResponse(origin: "domain.com", isScam: nil, isVerified: nil)
}

public func createVerifyContext(origin: String?, domain: String, isScam: Bool?) -> VerifyContext {
public func createVerifyContext(origin: String?, domain: String, isScam: Bool?, isVerified: Bool?) -> VerifyContext {
return VerifyContext(origin: "domain.com", validation: .valid)
}

2 changes: 1 addition & 1 deletion Sources/WalletConnectVerify/VerifyContextFactory.swift
Original file line number Diff line number Diff line change
@@ -2,7 +2,7 @@
import Foundation

class VerifyContextFactory {
public func createVerifyContext(origin: String?, domain: String, isScam: Bool?, isVerified: Bool? = nil) -> VerifyContext {
public func createVerifyContext(origin: String?, domain: String, isScam: Bool?, isVerified: Bool?) -> VerifyContext {

guard isScam != true else {
return VerifyContext(
8 changes: 4 additions & 4 deletions Tests/VerifyTests/VerifyContextFactoryTests.swift
Original file line number Diff line number Diff line change
@@ -17,22 +17,22 @@ class VerifyContextFactoryTests: XCTestCase {
}

func testScamValidation() {
let context = factory.createVerifyContext(origin: "http://example.com", domain: "http://example.com", isScam: true)
let context = factory.createVerifyContext(origin: "http://example.com", domain: "http://example.com", isScam: true, isVerified: nil)
XCTAssertEqual(context.validation, .scam)
}

func testValidOriginAndDomain() {
let context = factory.createVerifyContext(origin: "http://example.com", domain: "http://example.com", isScam: false)
let context = factory.createVerifyContext(origin: "http://example.com", domain: "http://example.com", isScam: false, isVerified: nil)
XCTAssertEqual(context.validation, .valid)
}

func testInvalidOriginAndDomain() {
let context = factory.createVerifyContext(origin: "http://example.com", domain: "http://different.com", isScam: false)
let context = factory.createVerifyContext(origin: "http://example.com", domain: "http://different.com", isScam: false, isVerified: nil)
XCTAssertEqual(context.validation, .invalid)
}

func testUnknownValidation() {
let context = factory.createVerifyContext(origin: nil, domain: "http://example.com", isScam: false)
let context = factory.createVerifyContext(origin: nil, domain: "http://example.com", isScam: false, isVerified: nil)
XCTAssertEqual(context.validation, .unknown)
}


Unchanged files with check annotations Beta

.filter { $0.0 == .connected && $0.1 == .connected }
.setFailureType(to: NetworkError.self)
.timeout(.seconds(defaultTimeout), scheduler: concurrentQueue, customError: { .connectionFailed })
.sink(receiveCompletion: { [unowned self] result in

Check warning on line 82 in Sources/WalletConnectRelay/Dispatching.swift

GitHub Actions / prepare

capture 'self' was never used
switch result {
case .failure(let error):
cancellable?.cancel()
var newEip155Actions: [String: [AnyCodable]] = [:]
for method in supportedMethods {
let actionKey = "request/\(method)"
if let actions = eip155Actions[actionKey] {

Check warning on line 33 in Sources/WalletConnectSign/Auth/Services/SignRecapBuilder.swift

GitHub Actions / prepare

value 'actions' was defined but never used; consider replacing with boolean test
newEip155Actions[actionKey] = [AnyCodable(["chains": commonChains])]
}
}
func respondError(requestId: RPCID) async throws {
do {
try await walletErrorResponder.respondError(AuthError.userRejeted, requestId: requestId)

Check warning on line 145 in Sources/WalletConnectSign/Auth/Services/Wallet/SessionAuthenticateResponder.swift

GitHub Actions / prepare

result of call to 'respondError(_:requestId:)' is unused
} catch {
throw error
}
guard sessionRequestNotExpired(requestId: requestId) else {
logger.debug("request expired")
try await linkEnvelopesDispatcher.respondError(

Check warning on line 44 in Sources/WalletConnectSign/LinkAndRelayDispatchers/LinkSessionResponder.swift

GitHub Actions / prepare

result of call to 'respondError(topic:requestId:peerUniversalLink:reason:envelopeType:)' is unused
topic: topic,
requestId: requestId,
peerUniversalLink: peerUniversalLink,

Check warning on line 86 in Sources/WalletConnectSign/Auth/Link/LinkSessionRequestSubscriber.swift

GitHub Actions / prepare

result of call to 'respondError(topic:requestId:peerUniversalLink:reason:envelopeType:)' is unused
self.object = object
}
public func request<T>(_ type: T.Type, at service: HTTPService) async throws -> T where T: Decodable {

Check warning on line 11 in Tests/TestingUtils/Mocks/HTTPClientMock.swift

GitHub Actions / prepare

generic parameter 'T' shadows generic parameter from outer scope with the same name; this is an error in Swift 6

Check warning on line 11 in Tests/TestingUtils/Mocks/HTTPClientMock.swift

GitHub Actions / prepare

generic parameter 'T' shadows generic parameter from outer scope with the same name; this is an error in Swift 6
return object as! T
}
public var isActivateCalled: Bool = false
public var isReceivedCalled: Bool = false
public func register<RequestParams>(method: ProtocolMethod) -> AnyPublisher<RequestSubscriptionPayload<RequestParams>, Never> where RequestParams: Decodable, RequestParams: Encodable {

Check warning on line 12 in Tests/TestingUtils/Mocks/PairingRegistererMock.swift

GitHub Actions / prepare

generic parameter 'RequestParams' shadows generic parameter from outer scope with the same name; this is an error in Swift 6

Check warning on line 12 in Tests/TestingUtils/Mocks/PairingRegistererMock.swift

GitHub Actions / prepare

generic parameter 'RequestParams' shadows generic parameter from outer scope with the same name; this is an error in Swift 6
subject.eraseToAnyPublisher() as! AnyPublisher<RequestSubscriptionPayload<RequestParams>, Never>
}
let assertionId = payload.decryptedPayload.sha256().toHexString()
do {
let response = try await verifyClient.verify(.v1(assertionId: assertionId))
let verifyContext = verifyClient.createVerifyContext(origin: response.origin, domain: payload.request.payloadParams.domain, isScam: response.isScam)

Check failure on line 48 in Sources/Auth/Services/Wallet/WalletRequestSubscriber.swift

GitHub Actions / prepare

missing argument for parameter 'isVerified' in call
verifyContextStore.set(verifyContext, forKey: request.id.string)
onRequest?((request, verifyContext))
} catch {