Wallet 1215 (#1279)

* Add `libsodium-wrappers-sumo` dependency and update Content Security Policy

* Add support for Ed25519 and secp256k1 encryption/decryption utilities

* Add support for message encryption and decryption in Casper Wallet SDK

* Add support for decrypt message request and enforce message encryption length limit

* Add support for decrypt message functionality in signature request module

* Rename `message` to `decryptedMessage` for consistency in decrypt message response

* Simplify decrypted message rendering logic in decrypt message content component.

* Add support for `messageDecryption` in SDK types and capability checks

* Add support for `messageDecryption` in SDK types and capability checks

Author: Comp0te

package-lock.json

@@ -79,6 +79,7 @@
     "i18next-http-backend": "2.5.0",
     "i18next-parser": "^9.3.0",
     "jszip": "^3.10.1",
+    "libsodium-wrappers-sumo": "^0.8.2",
     "lodash.debounce": "^4.0.8",
     "lodash.throttle": "4.1.1",
     "mac-scrollbar": "^0.13.6",

package.json

@@ -14,6 +14,7 @@ import { selectVaultIsLocked } from '@background/redux/session/selectors';
 
 import { ErrorPath, LockedRouter, WindowErrorPage } from '@libs/layout';
 
+import { DecryptMessagePage } from './pages/decrypt-message';
 import { SignMessagePage } from './pages/sign-message';
 import { SignTransactionPage } from './pages/sign-transaction';
 
@@ -30,6 +31,10 @@ export function AppRouter() {
       <Routes>
         <Route path={RouterPath.SignDeploy} element={<SignTransactionPage />} />
         <Route path={RouterPath.SignMessage} element={<SignMessagePage />} />
+        <Route
+          path={RouterPath.DecryptMessage}
+          element={<DecryptMessagePage />}
+        />
         <Route
           path={ErrorPath}
           element={

src/apps/signature-request/app-router.tsx

@@ -0,0 +1,81 @@
+import React from 'react';
+import { Trans, useTranslation } from 'react-i18next';
+import { useTheme } from 'styled-components';
+
+import {
+  ContentContainer,
+  PageContainer,
+  ParagraphContainer,
+  SpacingSize
+} from '@libs/layout';
+import { FormField, Input, TextArea, Typography } from '@libs/ui/components';
+import { truncateKey } from '@libs/ui/components/hash/utils';
+
+export interface SignMessageContentProps {
+  message: string;
+  hasDecryptionError: boolean;
+  decryptedMessage: string;
+  publicKeyHex: string;
+}
+
+export function DecryptMessageContent({
+  message,
+  hasDecryptionError,
+  decryptedMessage,
+  publicKeyHex
+}: SignMessageContentProps) {
+  const { t } = useTranslation();
+  const theme = useTheme();
+
+  return (
+    <PageContainer>
+      <ContentContainer>
+        <ParagraphContainer top={SpacingSize.XL}>
+          <Typography type="header">
+            <Trans t={t}>Decrypt Message Request</Trans>
+          </Typography>
+        </ParagraphContainer>
+        {hasDecryptionError && (
+          <ParagraphContainer top={SpacingSize.XL}>
+            <FormField label={t('Decryption error:')}>
+              <Typography type="body" color="contentWarning">
+                <TextArea
+                  value={'Unable to decrypt message with provided publicKey'}
+                  readOnly
+                  style={{
+                    maxHeight: 125,
+                    color: theme.color.contentActionCritical
+                  }}
+                />
+              </Typography>
+            </FormField>
+          </ParagraphContainer>
+        )}
+        <ParagraphContainer top={SpacingSize.XL}>
+          <FormField
+            label={t(decryptedMessage ? 'Decrypted message:' : 'Message:')}
+          >
+            <Typography type="body">
+              <TextArea
+                value={decryptedMessage || message}
+                readOnly
+                style={{ minHeight: 220 }}
+              />
+            </Typography>
+          </FormField>
+        </ParagraphContainer>
+        <ParagraphContainer top={SpacingSize.Small}>
+          <FormField label={t('Signing Key:')}>
+            <Typography type="body">
+              <Input
+                value={truncateKey(publicKeyHex, { size: 'max' })}
+                monotype
+                readOnly
+              />
+            </Typography>
+          </FormField>
+        </ParagraphContainer>
+      </ContentContainer>
+    </PageContainer>
+  );
+}

src/apps/signature-request/pages/decrypt-message/decrypt-message-content.tsx

@@ -0,0 +1,169 @@
+import React, { useCallback, useEffect, useMemo, useState } from 'react';
+import { Trans, useTranslation } from 'react-i18next';
+import { shallowEqual, useSelector } from 'react-redux';
+
+import { ErrorMessages } from '@src/constants';
+import { getSigningAccount } from '@src/utils';
+
+import { closeCurrentWindow } from '@background/close-current-window';
+import {
+  selectConnectedAccountNamesWithActiveOrigin,
+  selectVaultAccounts
+} from '@background/redux/vault/selectors';
+import { sendSdkResponseToSpecificTab } from '@background/send-sdk-response-to-specific-tab';
+
+import { sdkMethod } from '@content/sdk-method';
+
+import { decryptEncryptedBase64PrivateKey } from '@libs/crypto';
+import {
+  FooterButtonsContainer,
+  HeaderPopup,
+  LayoutWindow
+} from '@libs/layout';
+import { HardwareWalletType } from '@libs/types/account';
+import { Button } from '@libs/ui/components';
+
+import { DecryptMessageContent } from './decrypt-message-content';
+
+export function DecryptMessagePage() {
+  const { t } = useTranslation();
+  const searchParams = new URLSearchParams(document.location.search);
+  const [decryptedMessage, setDecryptedMessage] = useState('');
+  const [hasDecryptionError, setHasDecryptionError] = useState(false);
+
+  const requestId = searchParams.get('requestId');
+  const message = searchParams.get('message');
+  const signingPublicKeyHex = searchParams.get('signingPublicKeyHex');
+
+  if (!requestId || !message || !signingPublicKeyHex) {
+    throw Error(
+      `${ErrorMessages.signTransaction.MISSING_SEARCH_PARAM.description} ${requestId} ${message} ${signingPublicKeyHex}`
+    );
+  }
+
+  const vaultAccounts = useSelector(selectVaultAccounts, shallowEqual);
+
+  const connectedAccountNamesWithOrigin = useSelector(
+    selectConnectedAccountNamesWithActiveOrigin
+  );
+
+  const connectedAccountNames = useMemo(
+    () => connectedAccountNamesWithOrigin,
+    [connectedAccountNamesWithOrigin]
+  );
+
+  const signingAccount = getSigningAccount(vaultAccounts, signingPublicKeyHex);
+
+  if (!signingAccount) {
+    const error = Error(
+      ErrorMessages.signTransaction.SIGNING_ACCOUNT_MISSING.description
+    );
+    sendSdkResponseToSpecificTab(
+      sdkMethod.signMessageError(error, { requestId })
+    );
+    throw error;
+  }
+
+  if (signingAccount.hardware === HardwareWalletType.Ledger) {
+    const error = Error(
+      ErrorMessages.decryptMessage.LEDGER_NOT_SUPPORTED.description
+    );
+    sendSdkResponseToSpecificTab(
+      sdkMethod.signMessageError(error, { requestId })
+    );
+    throw error;
+  }
+
+  if (
+    connectedAccountNames &&
+    !connectedAccountNames.includes(signingAccount.name)
+  ) {
+    const error = Error(
+      ErrorMessages.signTransaction.ACCOUNT_NOT_CONNECTED.description
+    );
+    sendSdkResponseToSpecificTab(
+      sdkMethod.signMessageError(error, { requestId })
+    );
+    throw error;
+  }
+
+  const handleCancel = useCallback(() => {
+    sendSdkResponseToSpecificTab(
+      sdkMethod.decryptMessageResponse({ cancelled: true }, { requestId })
+    );
+    closeCurrentWindow();
+  }, [requestId]);
+
+  useEffect(() => {
+    window.addEventListener('beforeunload', handleCancel);
+
+    return () => window.removeEventListener('beforeunload', handleCancel);
+  }, [handleCancel]);
+
+  const handleDecrypt = useCallback(async () => {
+    try {
+      if (!message) {
+        return;
+      }
+
+      const mdg = await decryptEncryptedBase64PrivateKey(
+        message,
+        signingAccount.publicKey,
+        signingAccount.secretKey
+      );
+
+      setHasDecryptionError(false);
+      setDecryptedMessage(mdg);
+    } catch (e) {
+      setHasDecryptionError(true);
+      console.error(e);
+    }
+  }, [message, signingAccount.publicKey, signingAccount.secretKey]);
+
+  const handleSendResponse = useCallback(async () => {
+    if (!decryptedMessage) {
+      return;
+    }
+
+    sendSdkResponseToSpecificTab(
+      sdkMethod.decryptMessageResponse(
+        { decryptedMessage, cancelled: false },
+        { requestId }
+      )
+    );
+    closeCurrentWindow();
+  }, [decryptedMessage, requestId]);
+
+  const renderFooter = useCallback(() => {
+    return (
+      <FooterButtonsContainer>
+        <Button
+          color="primaryRed"
+          onClick={decryptedMessage ? handleSendResponse : handleDecrypt}
+        >
+          <Trans t={t}>
+            {decryptedMessage ? 'Send response to app' : 'Decrypt'}
+          </Trans>
+        </Button>
+        <Button color="secondaryBlue" onClick={handleCancel}>
+          <Trans t={t}>Cancel</Trans>
+        </Button>
+      </FooterButtonsContainer>
+    );
+  }, [decryptedMessage, handleCancel, handleDecrypt, handleSendResponse, t]);
+
+  return (
+    <LayoutWindow
+      renderHeader={() => <HeaderPopup />}
+      renderContent={() => (
+        <DecryptMessageContent
+          message={message}
+          hasDecryptionError={hasDecryptionError}
+          decryptedMessage={decryptedMessage}
+          publicKeyHex={signingPublicKeyHex}
+        />
+      )}
+      renderFooter={renderFooter}
+    />
+  );
+}

src/apps/signature-request/pages/decrypt-message/index.tsx

@@ -1,5 +1,6 @@
 export enum RouterPath {
   Any = '*',
   SignDeploy = '/sign-deploy',
-  SignMessage = '/sign-message'
+  SignMessage = '/sign-message',
+  DecryptMessage = '/decrypt-message'
 }

src/apps/signature-request/router/paths.ts

@@ -7,7 +7,8 @@ export enum WindowApp {
   ConnectToApp = 'ConnectToApp',
   SwitchAccount = 'SwitchAccount',
   SignatureRequestDeploy = 'SignatureRequestDeploy',
-  SignatureRequestMessage = 'SignatureRequestMessage'
+  SignatureRequestMessage = 'SignatureRequestMessage',
+  DecryptMessageRequest = 'DecryptMessageRequest'
 }
 
 export type WindowSearchParams = Record<string, string>;
@@ -33,6 +34,8 @@ function getUrlByWindowApp(
       return `signature-request.html${searchParamsWithPrefix}#${RouterPath.SignDeploy}`;
     case WindowApp.SignatureRequestMessage:
       return `signature-request.html${searchParamsWithPrefix}#${RouterPath.SignMessage}`;
+    case WindowApp.DecryptMessageRequest:
+      return `signature-request.html${searchParamsWithPrefix}#${RouterPath.DecryptMessage}`;
     default:
       return 'popup.html';
   }