From 228db6046fe0e120362d39f7757020f10e99bb88 Mon Sep 17 00:00:00 2001
From: Gancho Radkov <ganchoradkov93@gmail.com>
Date: Mon, 7 Oct 2024 16:26:21 +0300
Subject: [PATCH 1/2] fix: uses caip2 chain and adds validation

---
 packages/utils/src/cacao.ts      | 2 +-
 packages/utils/src/signatures.ts | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/packages/utils/src/cacao.ts b/packages/utils/src/cacao.ts
index 101872715..69304e845 100644
--- a/packages/utils/src/cacao.ts
+++ b/packages/utils/src/cacao.ts
@@ -39,7 +39,7 @@ export async function validateSignedCacao(params: { cacao: AuthTypes.Cacao; proj
     walletAddress,
     reconstructed,
     signature,
-    getDidChainId(payload.iss) as string,
+    getNamespacedDidChainId(payload.iss) as string,
     projectId as string,
   );
 
diff --git a/packages/utils/src/signatures.ts b/packages/utils/src/signatures.ts
index f34569bb6..9e4916a18 100644
--- a/packages/utils/src/signatures.ts
+++ b/packages/utils/src/signatures.ts
@@ -1,6 +1,7 @@
 import { hashMessage } from "@ethersproject/hash";
 import { recoverAddress } from "@ethersproject/transactions";
 import { AuthTypes } from "@walletconnect/types";
+import { parseChainId } from "./caip";
 const DEFAULT_RPC_URL = "https://rpc.walletconnect.org/v1";
 
 export async function verifySignature(
@@ -49,6 +50,12 @@ export async function isValidEip1271Signature(
   projectId: string,
   baseRpcUrl?: string,
 ) {
+  const parsedChain = parseChainId(chainId);
+  if (!parsedChain.namespace || !parsedChain.reference) {
+    throw new Error(
+      `isValidEip1271Signature failed: chainId must be in CAIP-2 format, received: ${chainId}`,
+    );
+  }
   try {
     const eip1271MagicValue = "0x1626ba7e";
     const dynamicTypeOffset = "0000000000000000000000000000000000000000000000000000000000000040";

From 2efe70a2dcfd4e7c1770bbebec92940681128c59 Mon Sep 17 00:00:00 2001
From: Gancho Radkov <ganchoradkov93@gmail.com>
Date: Mon, 7 Oct 2024 16:26:28 +0300
Subject: [PATCH 2/2] feat: tests

---
 packages/utils/test/signatures.spec.ts | 42 ++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/packages/utils/test/signatures.spec.ts b/packages/utils/test/signatures.spec.ts
index 77bda66b1..14872731a 100644
--- a/packages/utils/test/signatures.spec.ts
+++ b/packages/utils/test/signatures.spec.ts
@@ -47,5 +47,47 @@ Expiration Time: 2022-10-11T23:03:35.700Z`;
       );
       expect(isValid).toBe(false);
     });
+    it("fails for a bad chainid", async () => {
+      const cacaoSignature: AuthTypes.CacaoSignature = {
+        t: "eip1271",
+        s: "0xdead5719b2504095116db01baaf276361efd3a73c28cf8cc28dabefa945b8d536011289ac0a3b048600c1e692ff173ca944246cf7ceb319ac2262d27b395c82b1c",
+      };
+      const invalidChainIdOne = "1";
+      await expect(
+        verifySignature(
+          address,
+          reconstructedMessage,
+          cacaoSignature,
+          invalidChainIdOne,
+          projectId,
+        ),
+      ).rejects.toThrow(
+        `isValidEip1271Signature failed: chainId must be in CAIP-2 format, received: ${invalidChainIdOne}`,
+      );
+      const invalidChainIdTwo = ":1";
+      await expect(
+        verifySignature(
+          address,
+          reconstructedMessage,
+          cacaoSignature,
+          invalidChainIdTwo,
+          projectId,
+        ),
+      ).rejects.toThrow(
+        `isValidEip1271Signature failed: chainId must be in CAIP-2 format, received: ${invalidChainIdTwo}`,
+      );
+      const invalidChainIdThree = "1:";
+      await expect(
+        verifySignature(
+          address,
+          reconstructedMessage,
+          cacaoSignature,
+          invalidChainIdThree,
+          projectId,
+        ),
+      ).rejects.toThrow(
+        `isValidEip1271Signature failed: chainId must be in CAIP-2 format, received: ${invalidChainIdThree}`,
+      );
+    });
   });
 });