Migrate From ContractKit to Viem #294
Conversation
🦋 Changeset detectedLatest commit: cfde4ce The changes in this PR will be included in the next version bump. This PR includes changesets to release 7 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 10990680 | Triggered | Generic High Entropy Secret | 4a7b2c8 | packages/common/src/test/values.ts | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secret safely. Learn here the best practices.
- Revoke and rotate this secret.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
|
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/@celo/[email protected] |
| await selfTransferTx.sendAndWaitForReceipt({ from: account }) | ||
| } | ||
|
|
||
| export async function registerWalletAddress( |
There was a problem hiding this comment.
a test function not used in any tests
fix rawKey should actually not be a hex
| @@ -79,7 +80,7 @@ The following steps use the Celo [ContractKit](https://docs.celo.org/developer/c | |||
| // authSigner provides information needed to authenticate with ODIS | |||
| const authSigner: AuthSigner = { | |||
| authenticationMethod: OdisUtils.Query.AuthenticationMethod.WALLET_KEY, | |||
| contractKit: kit, | |||
| sign191: ({message, account}) => viemClient.signMessage({message, account}), | |||
There was a problem hiding this comment.
Nit: does it make sense to call this sign191 instead of just sign
| @@ -52,6 +52,7 @@ This could be a node with RPC set up. Preferably this would be an node dedicated | |||
|
|
|||
| - `BLOCKCHAIN_PROVIDER` - The blockchain node provider for chain state access. ` | |||
| - `BLOCKCHAIN_API_KEY` - Optional API key to be added to the authentication header. ` | |||
| - `CHAIN_ID` should be 44220 or celo or 44787 on alfajores | |||
There was a problem hiding this comment.
| - `CHAIN_ID` should be 44220 or celo or 44787 on alfajores | |
| - `CHAIN_ID` should be 44220 for Celo Mainnet or 44787 for Celo Alfajores |
| @@ -3,6 +3,7 @@ NODE_ENV=development | |||
| #SERVER_SSL_KEY_PATH=./server.key | |||
| #SERVER_SSL_CERT_PATH=./server.cert | |||
| BLOCKCHAIN_PROVIDER=https://alfajores-forno.celo-testnet.org | |||
| CHAIN_ID=42220 | |||
There was a problem hiding this comment.
Shouldn't this be 44787 for alfajores to be consistent with the RPC url?
| async () => testPNPSignQuery(blockchainProvider.value(), contextName.value() as any), | ||
| async () => | ||
| testPNPSignQuery( | ||
| { rpcURL: blockchainProvider.value(), chainID: chainID.value() as 44787 }, |
There was a problem hiding this comment.
Why are we casting this to a specific chain ID? What if we want to run the test on mainnet?
There was a problem hiding this comment.
+1 it is in fact running for both networks.
| const logger = rootLogger(config.serviceName) | ||
|
|
||
| kit = kit ?? getContractKitWithAgent(config.blockchain) | ||
| viemClient = viemClient ?? getWalletClientWithAgent(config.blockchain) |
There was a problem hiding this comment.
Nit: consider naming all these "ClientAccountService" etc. to be consistent with the Signer server.ts file
| contractKit.defaultAccount = ACCOUNT_ADDRESS | ||
| export const client = createWalletClient({ | ||
| transport: http(DEFAULT_FORNO_URL), | ||
| chain: celo, |
There was a problem hiding this comment.
I think this needs to be configurable to be either celo or celoAlfajores
There was a problem hiding this comment.
+1 Perhaps getting it from the env file as well.
|
@aaronmgdr Better late than never 😅. I haven't quite made it through the whole PR but have made a big dent and will continue to chip away at it. In general it's looking great so far. Thanks again for taking the time to do this and apologies it's taken me so long to get around to reviewing it |
alecps
requested review from
soloseng
and removed request for
viral-sangani and
therealharpaljadeja
| export function newContractKitFetcher( | ||
| contractKit: ContractKit, | ||
| export function newDEKFetcher( | ||
| viemClient: Client, |
There was a problem hiding this comment.
Nit: consider naming this walletClient for consistency
| contractKit.defaultAccount = ACCOUNT_ADDRESS | ||
| export const client = createWalletClient({ | ||
| transport: http(DEFAULT_FORNO_URL), | ||
| chain: celo, |
There was a problem hiding this comment.
+1 Perhaps getting it from the env file as well.
| async () => testPNPSignQuery(blockchainProvider.value(), contextName.value() as any), | ||
| async () => | ||
| testPNPSignQuery( | ||
| { rpcURL: blockchainProvider.value(), chainID: chainID.value() as 44787 }, |
There was a problem hiding this comment.
+1 it is in fact running for both networks.
| let accountAddress: Address | ||
|
|
||
| if (useDEK) { | ||
| // im not sure why this is like this |
There was a problem hiding this comment.
This is to randomize which private key is used. It's particularly usefull during load testing when we want to have different type of request being sent.
| @@ -28,31 +35,35 @@ const { | |||
| PHONE_NUMBER, | |||
| PRIVATE_KEY1, | |||
| PRIVATE_KEY2, | |||
| PRIVATE_KEY3, | |||
| // PRIVATE_KEY3, | |||
| kit.addAccount(PRIVATE_KEY3) | ||
| const account1 = privateKeyToAccount(ensureLeading0x(PRIVATE_KEY1)) | ||
| const account2 = privateKeyToAccount(ensureLeading0x(PRIVATE_KEY2)) | ||
| // const account3 = privateKeyToAccount(ensureLeading0x(PRIVATE_KEY3)) |
|
|
||
| describe('Authentication test suite', () => { | ||
| describe.skip('Authentication test suite', () => { |
There was a problem hiding this comment.
is this skip intended to stay?
| }, | ||
| } as ContractKit | ||
| const dekFetcher = newContractKitFetcher(mockContractKit, logger) | ||
| // const mockContractKit = { |
| // getAccounts: async () => { | ||
| // return Promise.resolve({ | ||
| // getDataEncryptionKey: async (_: string) => { | ||
| // return 'notAValidKeyEncryption' |
There was a problem hiding this comment.
Noticed that the return value is different with each mockContractKit. Is that reflected with the viem client?
| // getDataEncryptionKey: async (_: string) => { | ||
| // // NOTE: elliptic is disabled elsewhere in this library to prevent | ||
| // // accidental signing of truncated messages. | ||
| // const EC = require('elliptic').ec |
| import * as crypto from 'crypto' | ||
| import { ComputationalHardeningConfig, ComputationalHardeningFunction } from './config' | ||
| import { DecryptionError, EncryptionError, PbkdfError, ScryptError } from './errors' | ||
|
|
||
| // NOTE: This module is intended for use within the @celo/encrypted-backup package and so is not | ||
| // exported in the index.ts file. | ||
|
|
||
| /** Pared down ReadOnlyWallet type that supports the required functions of EIP-712 signing. */ | ||
| export type EIP712Wallet = Pick<ReadOnlyWallet, 'getAccounts' | 'hasAccount' | 'signTypedData'> | ||
| /** Pared down ReadOnlyWallet type that supports the required functions of EIP-712 signing. */ export interface EIP712Wallet { |
There was a problem hiding this comment.
move code to next line to improve readability
Description
Rather than use ContractKit use viem as the rpc caller / contracts library.
Changes
WalletSigner now takes a sign191 function instead of a contractKit instance. this makes it easy to use with whatever library you like such as viem client.signMessage or ethers.signMessage as long as they support eip191.
Many places that were expecting an address but typed as a regular string are now typed as
0x{string}aka Addressalmost everywhere
kithas been replaced withclientand in some caseswalletClient@celo/phone-number-privacy-common/lib/contractscontract instances used internally (viem getContract + abi + address)getAccountsContract, getCUSDContract, getOdisPaymentsContract,ContractKit is still needed for the @celo/identity/lib/offchain functions however these are not used in social connect as such ck is now a peer dependencies and marked as optional. Pottentially these offchain functions can be either deprecated or moved to a different codebase.
Tested
Needs someone who understand the system really well to really test it out.
TODO
need to re mock the getDataEncryptionKey method in the authentication.test in common package. one was done but the rest still need it and each seems to require different implementatation
try to replace contractkit with @celo/[email protected]
dont merge until we get this deployed to staging.
Related issues
Backwards compatibility
No. This is a Major Change
Documentation
documented in changesets the differences