fix: overwrite signMessage to be compatible with rpc paymaster #44
Conversation
| private async signMessage( | ||
| outsideExecutionTypedData: TypedData, | ||
| ): Promise<Signature> { | ||
| const calls = (outsideExecutionTypedData.message as any).Calls.map( |
There was a problem hiding this comment.
it might be nice to fail with with a more explicit message if we are not signing an EFO
| (call: any) => ({ | ||
| contractAddress: call.To, | ||
| entrypoint: call.Selector, | ||
| calldata: call.Calldata, | ||
| }), |
There was a problem hiding this comment.
this only works with snip12 version2, maybe fine maybe unintended
| const calls = (outsideExecutionTypedData.message as any).Calls.map( | ||
| (call: any) => ({ | ||
| contractAddress: call.To, | ||
| entrypoint: call.Selector, |
There was a problem hiding this comment.
selectors and entrypoints are not the same, selector being the enrypoint hash. this can lead to mistakes
There was a problem hiding this comment.
the issue is that, on signMessage, we only have the selector
I couldn't find a better way to get the original calls (if you have any ideas, would be great)
There was a problem hiding this comment.
actually, i think the terminology is different on snip9, and the Selector field is supposed to hold the entrypoint name. Are you sure we are getting a hash in "call.Selector"?
If we are, maybe the request is not coming in correctly, as the typedata should include the entrypoint name to be it can be shown to users
There was a problem hiding this comment.
pretty sure, will check again
There was a problem hiding this comment.
is this data coming from the paymaster? if so it can be a bug there
There was a problem hiding this comment.
@sgc-code yes, it's coming from paymaster
this is the response
{
"jsonrpc": "2.0",
"id": 1,
"result": {
"type": "invoke",
"typed_data": {
"types": {
"StarknetDomain": [
{
"name": "name",
"type": "shortstring"
},
{
"name": "version",
"type": "shortstring"
},
{
"name": "chainId",
"type": "shortstring"
},
{
"name": "revision",
"type": "shortstring"
}
],
"OutsideExecution": [
{
"name": "Caller",
"type": "ContractAddress"
},
{
"name": "Nonce",
"type": "felt"
},
{
"name": "Execute After",
"type": "u128"
},
{
"name": "Execute Before",
"type": "u128"
},
{
"name": "Calls",
"type": "Call*"
}
],
"Call": [
{
"name": "To",
"type": "ContractAddress"
},
{
"name": "Selector",
"type": "selector"
},
{
"name": "Calldata",
"type": "felt*"
}
]
},
"domain": {
"name": "Account.execute_from_outside",
"version": "2",
"chainId": "SN_SEPOLIA",
"revision": "1"
},
"primaryType": "OutsideExecution",
"message": {
"Caller": "0x75a180e18e56da1b1cae181c92a288f586f5fe22c18df21cf97886f1e4b316c",
"Nonce": "0xa8bfbe2cce7aeea5824e7add4e9180aa",
"Execute After": "0x1",
"Execute Before": "0x6899d807",
"Calls": [
{
"To": "0x88d3cc4377a6cdfd27545a11548bd070c4e2e1e3df3d402922dbc4350b416",
"Selector": "0x2c8004df9c9db8f4ed7801fe6835d799212ba582b2d523aaef9315b9b325365",
"Calldata": [
"0x1"
]
}
]
}
},
"parameters": {
"version": "0x1",
"fee_mode": {
"mode": "sponsored"
},
"time_bounds": null
},
"fee": {
"gas_token_price_in_strk": "0xde0b6b3a7640000",
"estimated_fee_in_strk": "0x8462d41c09b00",
"estimated_fee_in_gas_token": "0x8462d41c09b00",
"suggested_max_fee_in_strk": "0x31a50f8a83a200",
"suggested_max_fee_in_gas_token": "0x31a50f8a83a200"
}
}
}There was a problem hiding this comment.
is this avnu's paymaster? this is wrong according to SNIP12, the selector must be the entrypoint name https://github.com/starknet-io/SNIPs/blob/main/SNIPS/snip-12.md#when-x-is-a-selector
(the name could be misleading, sure), otherwise this defeats the point of snip12 which is to allow users to understand what they are signing, is this in prod?
There was a problem hiding this comment.
yep it's avnu paymaster https://sepolia.paymaster.avnu.fi/
I've only used the prod sepolia endpoint, but I think it's the same for mainnet
payload:
{
"id": 1,
"jsonrpc": "2.0",
"method": "paymaster_buildTransaction",
"params": {
"transaction": {
"type": "invoke",
"invoke": {
"user_address": "0x05c6edda08c13885c55aca6502bbab24eed18ba0b51c4ce39c9809851ea3aacc",
"calls": [
{
"to": "0x88d3cc4377a6cdfd27545a11548bd070c4e2e1e3df3d402922dbc4350b416",
"selector": "0x2c8004df9c9db8f4ed7801fe6835d799212ba582b2d523aaef9315b9b325365",
"calldata": [
"0x1"
]
}
]
}
},
"parameters": {
"version": "0x1",
"fee_mode": {
"mode": "sponsored"
}
}
}
}There was a problem hiding this comment.
on dapp side, this is the code interacting with it (using our session account too)
const calls = [
{
contractAddress: CONTRACT_ADDRESS,
entrypoint: "set_number",
calldata: CallData.compile(["0x1"]),
},
]
// inside executePaymasterTransaction it call the `paymaster_buildTransaction` that builds the typed data too
const { transaction_hash } =
await sessionAccount.executePaymasterTransaction(calls, {
feeMode: { mode: "sponsored" },
})| const allowedIndex = sessionRequest.allowed_methods.findIndex( | ||
| (allowedMethod) => { | ||
| const checkEntrypoint = /^0x[0-9a-fA-F]+$/.test(call.entrypoint) | ||
| ? selector.getSelectorFromName(allowedMethod.selector) == |
There was a problem hiding this comment.
this will hash the hash again, it shouldn't be needed
No description provided.