Skip to content

feat: relayer authentication verification method #1320

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: epic/relayer-config
Choose a base branch
from
Open

feat: relayer authentication verification method #1320

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 67 additions & 0 deletions api/relayer_auth_verification.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
import { utils } from 'ethers';
import { getProvider } from '@/utils/provider';

/**
* Verify a relayer's configuration update signature and nonce
* @param configPayload The configuration update payload
* @param signature The signature provided by the relayer
* @param nonce The nonce value to prevent replay attacks
* @throws Error if signature is invalid or nonce has been used
*/
export async function verifyRelayerSignature(
configPayload: Record<string, any>,
signature: string,
nonce: number
): Promise<void> {
try {
// Verify nonce hasn't been used before
if (await hasNonceBeenUsed(nonce)) {
throw new Error('Nonce has already been used');
}

// Add nonce to payload before verifying
const payloadWithNonce = {
...configPayload,
nonce
};

// Convert payload to string and hash it
const payloadStr = JSON.stringify(payloadWithNonce);
const messageHash = utils.keccak256(utils.toUtf8Bytes(payloadStr));

// Create signable message
const prefixedMessage = utils.arrayify(messageHash);

// Recover the address that signed the message
const recoveredAddress = utils.verifyMessage(prefixedMessage, signature);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can do:
ethers.utils.verifyMessage(message, signature);

const checksumAddress = utils.getAddress(recoveredAddress);

// Verify signer is an authorized relayer
if (!await isAuthorizedRelayer(checksumAddress)) {
throw new Error('Signer is not an authorized relayer');
}

// Store nonce as used
await storeUsedNonce(nonce);

} catch (error) {
console.error('Error verifying relayer signature:', error);
throw error;
}
}

// Helper functions that would need to be implemented:
async function hasNonceBeenUsed(nonce: number): Promise<boolean> {
// Check if nonce exists in storage
throw new Error('Not implemented');
}

async function isAuthorizedRelayer(address: string): Promise<boolean> {
// Check if address is in authorized relayer list
throw new Error('Not implemented');
}

async function storeUsedNonce(nonce: number): Promise<void> {
// Store nonce in persistent storage
throw new Error('Not implemented');
}
Loading