feat: passing tests

cpb8010 · cpb8010 · commit 1fa327f30d0e · 2026-01-07T23:26:26.000-08:00
now need to clean up logging
diff --git a/packages/auth-server/components/account-recovery/passkey-generation-flow/Step3ConfirmLater.vue b/packages/auth-server/components/account-recovery/passkey-generation-flow/Step3ConfirmLater.vue
@@ -45,22 +45,50 @@ const props = defineProps<{
 const recoveryUrl = computedAsync(async () => {
   const queryParams = new URLSearchParams();
 
-  const credentialId = props.newPasskey.credentialId;
+  // Use base64url format for credentialId (required by contract)
+  const credentialId = props.newPasskey.credentialIdBase64url;
   // Serialize the public key as JSON since it's {x, y} format
   const credentialPublicKey = JSON.stringify(props.newPasskey.credentialPublicKey);
 
+  /* eslint-disable no-console */
+  console.log("🔧 URL GENERATION DEBUG");
+  console.log("================================");
+  console.log("Original values BEFORE URLSearchParams:");
+  console.log("  accountAddress:", props.accountAddress);
+  console.log("  credentialId:", credentialId);
+  console.log("  credentialPublicKey:", credentialPublicKey);
+  console.log("  credentialPublicKey (length):", credentialPublicKey.length);
+  console.log("  credentialPublicKey (first 20 chars):", credentialPublicKey.substring(0, 20));
+
   queryParams.set("credentialId", credentialId);
   queryParams.set("credentialPublicKey", credentialPublicKey);
   queryParams.set("accountAddress", props.accountAddress);
 
   // Create checksum from concatenated credential data
-  const dataToHash = `${props.accountAddress}:${credentialId}:${credentialPublicKey}`;
+  // Normalize accountAddress to lowercase for consistent hashing
+  const normalizedAddress = props.accountAddress.toLowerCase();
+  const dataToHash = `${normalizedAddress}:${credentialId}:${credentialPublicKey}`;
+  console.log("\n🔐 Checksum generation:");
+  console.log("  Data to hash:", dataToHash);
+  console.log("  Data to hash (length):", dataToHash.length);
+
   const fullHash = new Uint8Array(await crypto.subtle.digest("SHA-256", new TextEncoder().encode(dataToHash)));
   const shortHash = fullHash.slice(0, 8); // Take first 8 bytes of the hash
   const checksum = uint8ArrayToHex(shortHash);
 
+  console.log("  Generated checksum:", checksum);
+
   queryParams.set("checksum", checksum);
 
-  return new URL(`/recovery/guardian/confirm-recovery?${queryParams.toString()}`, window.location.origin).toString();
+  const finalUrl = new URL(`/recovery/guardian/confirm-recovery?${queryParams.toString()}`, window.location.origin).toString();
+
+  console.log("\n📋 URLSearchParams encoding:");
+  console.log("  credentialPublicKey (encoded):", queryParams.get("credentialPublicKey"));
+  console.log("  Full query string:", queryParams.toString());
+  console.log("\n🔗 Final URL:", finalUrl);
+  console.log("================================\n");
+  /* eslint-enable no-console */
+
+  return finalUrl;
 });
 </script>
diff --git a/packages/auth-server/components/account-recovery/passkey-generation-flow/Step3ConfirmNow.vue b/packages/auth-server/components/account-recovery/passkey-generation-flow/Step3ConfirmNow.vue
@@ -56,12 +56,12 @@
       >
         Confirm Recovery
       </ZkButton>
-      <!-- <CommonConnectButton
+      <CommonConnectButton
         v-if="!selectedGuardianInfo?.isSsoAccount"
         type="primary"
         class="w-full mt-4"
         :disabled="initRecoveryInProgress || getConfigurableAccountInProgress"
-      /> -->
+      />
     </template>
 
     <ZkButton
diff --git a/packages/auth-server/pages/recovery/guardian/(actions)/confirm-recovery.vue b/packages/auth-server/pages/recovery/guardian/(actions)/confirm-recovery.vue
@@ -105,8 +105,8 @@
 
 <script setup lang="ts">
 import { useAppKitAccount } from "@reown/appkit/vue";
-import { type Address, hexToBytes, isAddressEqual, keccak256, toHex } from "viem";
-import { base64urlToUint8Array } from "zksync-sso-4337/utils";
+import { type Address, encodeAbiParameters, isAddressEqual, keccak256, pad, parseAbiParameters, toHex } from "viem";
+import { base64urlToUint8Array, getPasskeySignatureFromPublicKeyBytes, getPublicKeyBytesFromPasskeySignature } from "zksync-sso-4337/utils";
 import { z } from "zod";
 
 import { uint8ArrayToHex } from "@/utils/formatters";
@@ -132,10 +132,67 @@ const RecoveryParamsSchema = z
   })
   .refine(
     async (data) => {
-      const dataToHash = `${data.accountAddress}:${data.credentialId}:${data.credentialPublicKey}`;
+      // Debug: Log raw parameter values
+      /* eslint-disable no-console */
+      console.log("🔍 CHECKSUM VALIDATION DEBUG");
+      console.log("================================");
+      console.log("Raw parameters received:");
+      console.log("  accountAddress:", data.accountAddress);
+      console.log("  credentialId:", data.credentialId);
+      console.log("  credentialPublicKey:", data.credentialPublicKey);
+      console.log("  checksum (provided):", data.checksum);
+
+      // Debug: Character-level inspection of credentialPublicKey
+      console.log("\n📝 CredentialPublicKey character analysis:");
+      console.log("  Length:", data.credentialPublicKey.length);
+      console.log("  First 20 chars:", data.credentialPublicKey.substring(0, 20));
+      console.log("  Character codes (first 20):",
+        Array.from(data.credentialPublicKey.substring(0, 20))
+          .map((c, _i) => `${c}=${c.charCodeAt(0)}`)
+          .join(", "),
+      );
+
+      // Debug: Try to parse as JSON
+      console.log("\n🧪 JSON parsing attempt:");
+      try {
+        const parsed = JSON.parse(data.credentialPublicKey);
+        console.log("  ✅ Successfully parsed as JSON:", parsed);
+      } catch (e) {
+        console.log("  ❌ Failed to parse as JSON:", (e as Error).message);
+      }
+
+      // Calculate checksum
+      // Normalize accountAddress to lowercase for consistent hashing
+      const normalizedAddress = data.accountAddress.toLowerCase();
+      const dataToHash = `${normalizedAddress}:${data.credentialId}:${data.credentialPublicKey}`;
+      console.log("\n🔐 Checksum calculation:");
+      console.log("  Data to hash:", dataToHash);
+      console.log("  Data to hash (length):", dataToHash.length);
+
       const calculatedChecksum = uint8ArrayToHex(
         new Uint8Array(await crypto.subtle.digest("SHA-256", new TextEncoder().encode(dataToHash))).slice(0, 8),
       );
+
+      console.log("  Calculated checksum:", calculatedChecksum);
+      console.log("  Provided checksum:", data.checksum);
+      console.log("  Match:", calculatedChecksum === data.checksum ? "✅ YES" : "❌ NO");
+
+      if (calculatedChecksum !== data.checksum) {
+        // Show character-by-character comparison
+        console.log("\n❌ MISMATCH DETECTED");
+        console.log("Comparing checksums character by character:");
+        const maxLen = Math.max(calculatedChecksum.length, data.checksum.length);
+        for (let _i = 0; _i < maxLen; _i++) {
+          const calc = calculatedChecksum[_i] || "∅";
+          const prov = data.checksum[_i] || "∅";
+          const match = calc === prov ? "✓" : "✗";
+          console.log(`  [${_i}] ${match} calc:'${calc}' prov:'${prov}'`);
+        }
+      }
+
+      console.log("================================\n");
+      /* eslint-enable no-console */
+
       return calculatedChecksum === data.checksum;
     },
     {
@@ -144,6 +201,7 @@ const RecoveryParamsSchema = z
   );
 
 const generalError = ref<string | null>(null);
+const recoveryCheckTrigger = ref(0);
 
 const isLoadingGuardians = ref(false);
 const loadingGuardiansError = ref<string | null>(null);
@@ -154,6 +212,30 @@ const isConnectedWalletGuardian = computed(() => (
 
 const confirmGuardianErrorMessage = ref<string | null>(null);
 
+// Debug: Log what Nuxt's router receives
+/* eslint-disable no-console */
+console.log("🌐 NUXT ROUTE QUERY DEBUG");
+console.log("================================");
+console.log("route.query object:", route.query);
+console.log("Query parameters as received by Nuxt:");
+console.log("  accountAddress:", route.query.accountAddress);
+console.log("  credentialId:", route.query.credentialId);
+console.log("  credentialPublicKey:", route.query.credentialPublicKey);
+console.log("  checksum:", route.query.checksum);
+if (typeof route.query.credentialPublicKey === "string") {
+  console.log("\ncredentialPublicKey detailed analysis:");
+  console.log("  Type:", typeof route.query.credentialPublicKey);
+  console.log("  Length:", route.query.credentialPublicKey.length);
+  console.log("  First 50 chars:", route.query.credentialPublicKey.substring(0, 50));
+  console.log("  Character codes (first 20):",
+    Array.from(route.query.credentialPublicKey.substring(0, 20))
+      .map((c) => `${c}=${c.charCodeAt(0)}`)
+      .join(", "),
+  );
+}
+console.log("================================\n");
+/* eslint-enable no-console */
+
 const recoveryParams = computedAsync(async () => RecoveryParamsSchema.parseAsync({
   accountAddress: route.query.accountAddress,
   credentialId: route.query.credentialId,
@@ -166,9 +248,54 @@ const recoveryParams = computedAsync(async () => RecoveryParamsSchema.parseAsync
 }));
 
 const recoveryCompleted = computedAsync(async () => {
-  if (!recoveryParams.value?.accountAddress) return false;
+  // Force re-evaluation when trigger changes
+  const triggerValue = recoveryCheckTrigger.value;
+  // eslint-disable-next-line no-console
+  console.log("🔍 recoveryCompleted computed called, trigger:", triggerValue);
+
+  if (!recoveryParams.value?.accountAddress || !recoveryParams.value?.credentialId || !recoveryParams.value?.credentialPublicKey) {
+    // eslint-disable-next-line no-console
+    console.log("❌ Missing required params, returning false");
+    return false;
+  }
+
+  // eslint-disable-next-line no-console
+  console.log("🔍 Checking recovery for account:", recoveryParams.value.accountAddress);
+  // eslint-disable-next-line no-console
+  console.log("🔍 Checking recovery for account:", recoveryParams.value.accountAddress);
   const result = await getRecovery(recoveryParams.value.accountAddress);
-  return result?.hashedCredentialId === keccak256(toHex(base64urlToUint8Array(recoveryParams.value.credentialId)));
+  // eslint-disable-next-line no-console
+  console.log("🔍 getRecovery result:", result);
+
+  // The smart contract stores keccak256(data) where data is the encoded recovery payload
+  // We need to reconstruct the same data structure that was passed to initializeRecovery
+  const parsedPublicKey = JSON.parse(recoveryParams.value.credentialPublicKey);
+  const credentialPublicKeyBytes = getPasskeySignatureFromPublicKeyBytes([parsedPublicKey.x, parsedPublicKey.y]);
+  const publicKeyBytes = getPublicKeyBytesFromPasskeySignature(credentialPublicKeyBytes);
+  const publicKeyHex = [
+    pad(`0x${publicKeyBytes[0].toString("hex")}`),
+    pad(`0x${publicKeyBytes[1].toString("hex")}`),
+  ] as const;
+
+  const recoveryData = encodeAbiParameters(
+    parseAbiParameters("bytes32 credentialIdHash, bytes32[2] publicKey"),
+    [
+      keccak256(toHex(base64urlToUint8Array(recoveryParams.value.credentialId))),
+      publicKeyHex,
+    ],
+  );
+
+  const expectedHashedData = keccak256(recoveryData);
+  // eslint-disable-next-line no-console
+  console.log("🔍 Expected hashedData:", expectedHashedData);
+  // eslint-disable-next-line no-console
+  console.log("🔍 Actual hashedData:", result?.hashedData);
+
+  const isComplete = result?.hashedData === expectedHashedData;
+  // eslint-disable-next-line no-console
+  console.log("✅ Recovery completed:", isComplete);
+
+  return isComplete;
 });
 
 const guardians = computedAsync(async () => {
@@ -215,13 +342,37 @@ const handleConfirmRecovery = async () => {
 
     if (!recoveryParams.value) return;
 
+    // Parse the credentialPublicKey JSON string to get x,y coordinates
+    const parsedPublicKey = JSON.parse(recoveryParams.value.credentialPublicKey);
+    // Convert coordinates to proper COSE format expected by initRecovery
+    const credentialPublicKeyBytes = getPasskeySignatureFromPublicKeyBytes([parsedPublicKey.x, parsedPublicKey.y]);
+
+    // eslint-disable-next-line no-console
+    console.log("🔍 About to call initRecovery with:");
+    // eslint-disable-next-line no-console
+    console.log("  credentialId:", recoveryParams.value.credentialId);
+    // eslint-disable-next-line no-console
+    console.log("  Hash of credentialId:", keccak256(toHex(base64urlToUint8Array(recoveryParams.value.credentialId))));
+    // eslint-disable-next-line no-console
+    console.log("  accountToRecover:", recoveryParams.value.accountAddress);
+
     await initRecovery({
       client,
       accountToRecover: recoveryParams.value.accountAddress,
-      credentialPublicKey: hexToBytes(`0x${recoveryParams.value.credentialPublicKey}`),
+      credentialPublicKey: credentialPublicKeyBytes,
       credentialId: recoveryParams.value.credentialId,
     });
     confirmGuardianErrorMessage.value = null;
+
+    // Wait a moment for the transaction to be processed
+    // eslint-disable-next-line no-console
+    console.log("⏳ Waiting for recovery transaction to process...");
+    await new Promise((resolve) => setTimeout(resolve, 2000));
+
+    // Trigger re-check of recoveryCompleted
+    recoveryCheckTrigger.value++;
+    // eslint-disable-next-line no-console
+    console.log("✅ Recovery initiated successfully, trigger incremented to:", recoveryCheckTrigger.value);
   } catch (err) {
     confirmGuardianErrorMessage.value = "An error occurred while confirming the guardian. Please try again.";
     // eslint-disable-next-line no-console
diff --git a/packages/auth-server/tests/guardian.spec.ts b/packages/auth-server/tests/guardian.spec.ts
