Session key's Secp256k1 blob verification

Author: maxgttph

Cargo.lock

@@ -7,10 +7,10 @@ members = ["contracts", "contracts/wallet", "server"]
 # client-sdk = { default-features = false, package = "hyle-client-sdk", version = "0.13.0-rc.4" }
 # hyle = { version = "0.13.0-rc.4" }
 
-sdk = { git = "https://github.com/Hyle-org/hyle.git", package = "hyle-contract-sdk", branch = "main" }
-client-sdk = { git = "https://github.com/Hyle-org/hyle.git", default-features = false, package = "hyle-client-sdk", branch = "main" }
-hyle-hyllar = { git = "https://github.com/Hyle-org/hyle.git", package = "hyle-hyllar", branch = "main" }
-hyle-modules = { git = "https://github.com/Hyle-org/hyle.git", package = "hyle-modules", branch = "main" }
+sdk = { path = "../hyle/crates/contract-sdk", package = "hyle-contract-sdk" }
+client-sdk = { path = "../hyle/crates/client-sdk", default-features = false, package = "hyle-client-sdk" }
+hyle-hyllar = { path = "../hyle/crates/contracts/hyllar", package = "hyle-hyllar" }
+hyle-modules = { path = "../hyle/crates/hyle-modules", package = "hyle-modules" }
 
 contracts = { path = "contracts", default-features = false, package = "contracts" }
 wallet = { path = "contracts/wallet", package = "wallet" }

Cargo.toml

@@ -184,7 +184,7 @@ pub async fn get_account_info(
         .session_keys
         .iter()
         .map(|sk| SessionKey {
-            key: sk.key.clone(),
+            key: sk.public_key.clone(),
             expiration_date: sk.expiration_date.0,
             nonce: sk.nonce,
         })

contracts/wallet/src/client/indexer.rs

@@ -3,7 +3,7 @@ use std::collections::BTreeMap;
 use borsh::{io::Error, BorshDeserialize, BorshSerialize};
 #[cfg(feature = "client")]
 use client_sdk::contract_indexer::utoipa;
-use sdk::{hyle_model_utils::TimestampMs, RunResult, TxContext};
+use sdk::{hyle_model_utils::TimestampMs, secp256k1::CheckSecp256k1, RunResult, TxContext};
 use serde::{Deserialize, Serialize};
 
 #[cfg(feature = "client")]
@@ -19,8 +19,8 @@ impl sdk::ZkContract for Wallet {
                 nonce,
                 auth_method,
             } => self.handle_registration(account, nonce, auth_method, calldata)?,
-            WalletAction::UseSessionKey { account, key } => {
-                self.handle_session_key_usage(account, key, &calldata.tx_ctx)?
+            WalletAction::UseSessionKey { account, message } => {
+                self.handle_session_key_usage(account, message, calldata)?
             }
             _ => self.handle_authenticated_action(action, calldata)?,
         };
@@ -58,7 +58,7 @@ pub struct AccountInfo {
     derive(client_sdk::contract_indexer::utoipa::ToSchema)
 )]
 pub struct SessionKey {
-    pub key: String,
+    pub public_key: String,
     pub expiration_date: TimestampMs,
     pub nonce: u128,
 }
@@ -111,10 +111,12 @@ impl Wallet {
     fn handle_session_key_usage(
         &mut self,
         account: String,
-        key: String,
-        tx_ctx: &Option<TxContext>,
+        message: String,
+        calldata: &sdk::Calldata,
     ) -> Result<String, String> {
-        self.use_session_key(account, key, tx_ctx)
+        let secp256k1blob = CheckSecp256k1::new(calldata, message.as_bytes()).expect()?;
+        let public_key = hex::encode(secp256k1blob.public_key);
+        self.use_session_key(account, public_key, &calldata.tx_ctx)
     }
 
     fn handle_authenticated_action(
@@ -199,12 +201,16 @@ impl Wallet {
             .get_mut(&account)
             .ok_or("Identity not found")?;
 
-        if stored_info.session_keys.iter().any(|sk| sk.key == key) {
+        if stored_info
+            .session_keys
+            .iter()
+            .any(|sk| sk.public_key == key)
+        {
             return Err("Session key already exists".to_string());
         }
 
         stored_info.session_keys.push(SessionKey {
-            key,
+            public_key: key,
             expiration_date: TimestampMs(expiration_date),
             nonce: 0, // Initialize nonce to 0
         });
@@ -219,7 +225,7 @@ impl Wallet {
             .ok_or("Identity not found")?;
 
         let initial_len = stored_info.session_keys.len();
-        stored_info.session_keys.retain(|sk| sk.key != key);
+        stored_info.session_keys.retain(|sk| sk.public_key != key);
 
         if stored_info.session_keys.len() == initial_len {
             return Err("Session key not found".to_string());
@@ -232,18 +238,20 @@ impl Wallet {
     fn use_session_key(
         &mut self,
         account: String,
-        key: String,
+        public_key: String,
         tx_ctx: &Option<TxContext>,
     ) -> Result<String, String> {
         let Some(tx_ctx) = tx_ctx else {
             return Err("tx_ctx is missing".to_string());
         };
         match self.identities.get_mut(&account) {
             Some(stored_info) => {
-                if let Some(session_key) =
-                    stored_info.session_keys.iter_mut().find(|sk| sk.key == key)
+                if let Some(session_key) = stored_info
+                    .session_keys
+                    .iter_mut()
+                    .find(|sk| sk.public_key == public_key)
                 {
-                    if session_key.expiration_date < tx_ctx.timestamp {
+                    if session_key.expiration_date > tx_ctx.timestamp {
                         // Increment nonce during use
                         session_key.nonce += 1;
                         return Ok("Session key is valid".to_string());
@@ -299,7 +307,7 @@ pub enum WalletAction {
     },
     UseSessionKey {
         account: String,
-        key: String,
+        message: String,
     },
 }
 

contracts/wallet/src/lib.rs

@@ -1 +1 @@
-2ad4a0521c4491d8999e6b75907cc6fb5712fe3d1a1dce3fdfd95f4ad76630e2
+91df241ae1ba7e83d9b2c945cb638e7bd1f55ffe2488017ac9f291d564c9021b

contracts/wallet/wallet.img

@@ -78,7 +78,6 @@ export const CreateWallet = ({ onWalletCreated }: CreateWalletProps) => {
 
           webSocketService.connect(identity);
           const unsubscribeWalletEvents = webSocketService.subscribeToWalletEvents((event) => {
-            console.log('Received wallet event:', event);
             if (event.event.startsWith('Successfully registered identity for account')) {
               clearTimeout(timeout);
               unsubscribeWalletEvents();

contracts/wallet/wallet.txt

@@ -61,7 +61,6 @@ export const LoginWallet = ({ onWalletLoggedIn }: LoginWalletProps) => {
 
           webSocketService.connect(identity);
           const unsubscribeWalletEvents = webSocketService.subscribeToWalletEvents((event) => {
-            console.log('Received wallet event:', event);
             if (event.event === 'Identity verified') {
               clearTimeout(timeout);
               unsubscribeWalletEvents();

front/src/components/auth/CreateWallet.tsx

@@ -63,9 +63,9 @@ export const SessionKeys = ({ wallet }: SessionKeysProps) => {
     setStatus('Generating new session key...');
     setTransactionHash('');
 
+    // Génère une nouvelle paire de clés
+    const publicKey = sessionKeyService.generateSessionKey();
     try {
-      // Génère une nouvelle paire de clés
-      const publicKey = sessionKeyService.generateSessionKey();
 
       const identity = `${wallet.username}@${walletContractName}`;
       const blob0 = await check_secret_blob(identity, password);
@@ -116,7 +116,7 @@ export const SessionKeys = ({ wallet }: SessionKeysProps) => {
       await fetchSessionKeys();
     } catch (error) {
       setError('Failed to add session key: ' + error);
-      sessionKeyService.clear(); // Nettoie la clé en cas d'erreur
+      sessionKeyService.clear(publicKey); // Remove key from local storage if it fails
     } finally {
       setIsLoading(false);
     }
@@ -169,6 +169,51 @@ export const SessionKeys = ({ wallet }: SessionKeysProps) => {
     }
   };
 
+  const handleSendTransactionWithSessionKey = async (key: string) => {
+    setIsLoading(true);
+    setError('');
+    setStatus('Sending transaction...');
+    setTransactionHash('');
+
+    try {
+      const identity = `${wallet.username}@${walletContractName}`;
+      const [blob0, blob1] = sessionKeyService.useSessionKey(wallet.username, key, "Hello world!");
+
+      const blobTx: BlobTransaction = {
+        identity,
+        blobs: [blob0, blob1],
+      };
+
+      const tx_hash = await nodeService.client.sendBlobTx(blobTx);
+      setTransactionHash(tx_hash);
+
+      setStatus('Waiting for transaction confirmation...');
+
+      await new Promise((resolve, reject) => {
+        const timeout = setTimeout(() => {
+          webSocketService.unsubscribeFromWalletEvents();
+          reject(new Error('Transaction timed out'));
+        }, 30000);
+
+        webSocketService.connect(wallet.address);
+        const unsubscribe = webSocketService.subscribeToWalletEvents((event) => {
+          if (event.event === 'Session key is valid') {
+            clearTimeout(timeout);
+            unsubscribe();
+            webSocketService.disconnect();
+            resolve(event);
+          }
+        });
+      });
+
+      setStatus('Transaction completed successfully');
+    } catch (error) {
+      setError('Failed to send transaction: ' + error);
+    } finally {
+      setIsLoading(false);
+    }
+  };
+
   return (
     <div className="session-keys-section">
       <h2>Session Keys</h2>
@@ -244,6 +289,13 @@ export const SessionKeys = ({ wallet }: SessionKeysProps) => {
                     Uses: {key.nonce}
                   </span>
                 </div>
+                <button
+                  onClick={() => handleSendTransactionWithSessionKey(key.key)}
+                  disabled={isLoading}
+                  className="send-transaction-button"
+                >
+                  Send Transaction
+                </button>
                 <button
                   onClick={() => handleRemoveKey(key.key)}
                   disabled={isLoading}