Merge pull request #405 from WalletConnect/feature/cocao-signer-#390

[Auth] Cacao signer

.github/actions/ci/action.yml

@@ -15,7 +15,7 @@ runs:
       run: "xcodebuild \
         -project Example/ExampleApp.xcodeproj \ 
         -scheme WalletConnect \
-        -clonedSourcePackagesDirPath SourcePackages \
+        -clonedSourcePackagesDirPath SourcePackagesCache \
         -destination 'platform=iOS Simulator,name=iPhone 13' \
         test"
 
@@ -26,7 +26,7 @@ runs:
       run: "xcodebuild \
         -project Example/ExampleApp.xcodeproj \ 
         -scheme IntegrationTests \
-        -clonedSourcePackagesDirPath SourcePackages \
+        -clonedSourcePackagesDirPath SourcePackagesCache \
         -destination 'platform=iOS Simulator,name=iPhone 13' test"
 
     # Wallet build
@@ -36,7 +36,7 @@ runs:
       run: "xcodebuild \
        -project Example/ExampleApp.xcodeproj \
        -scheme Wallet \
-       -clonedSourcePackagesDirPath SourcePackages \
+       -clonedSourcePackagesDirPath SourcePackagesCache \
        -sdk iphonesimulator"
 
     # DApp build
@@ -46,7 +46,7 @@ runs:
       run: "xcodebuild \
         -project Example/ExampleApp.xcodeproj \
         -scheme DApp \
-        -clonedSourcePackagesDirPath SourcePackages \
+        -clonedSourcePackagesDirPath SourcePackagesCache \
         -sdk iphonesimulator"
 
     # UI tests
@@ -56,6 +56,6 @@ runs:
       run: "xcodebuild \
         -project Example/ExampleApp.xcodeproj \
         -scheme UITests \
-        -clonedSourcePackagesDirPath SourcePackages \
+        -clonedSourcePackagesDirPath SourcePackagesCache \
         -destination 'platform=iOS Simulator,name=iPhone 13' test"
       continue-on-error: true

.github/workflows/ci.yml

@@ -24,15 +24,21 @@ jobs:
 
     steps:
     - uses: actions/checkout@v2
-      
+
     - name: Setup Xcode Version
       uses: maxim-lobanov/setup-xcode@v1
 
+    - name: Resolve Dependencies
+      shell: bash
+      run: "
+        xcodebuild -resolvePackageDependencies -project Example/ExampleApp.xcodeproj -scheme DApp -clonedSourcePackagesDirPath SourcePackagesCache; \
+        xcodebuild -resolvePackageDependencies -project Example/ExampleApp.xcodeproj -scheme WalletConnect -clonedSourcePackagesDirPath SourcePackagesCache"
+
     - uses: actions/cache@v2
       with:
         path: |
           .build
-          SourcePackages
+          SourcePackagesCache
         key: ${{ runner.os }}-spm-${{ hashFiles('**/Package.resolved') }}
         restore-keys: |
           ${{ runner.os }}-spm-
@@ -58,7 +64,7 @@ jobs:
       with:
         path: |
           .build
-          SourcePackages
+          SourcePackagesCache
         key: ${{ runner.os }}-spm-${{ hashFiles('**/Package.resolved') }}
         restore-keys: |
           ${{ runner.os }}-spm-

.swiftpm/xcode/xcshareddata/xcschemes/WalletConnectAuth.xcscheme

@@ -28,6 +28,16 @@
       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
       shouldUseLaunchSchemeArgsEnv = "YES">
       <Testables>
+         <TestableReference
+            skipped = "NO">
+            <BuildableReference
+               BuildableIdentifier = "primary"
+               BlueprintIdentifier = "AuthTests"
+               BuildableName = "AuthTests"
+               BlueprintName = "AuthTests"
+               ReferencedContainer = "container:">
+            </BuildableReference>
+         </TestableReference>
       </Testables>
    </TestAction>
    <LaunchAction

Example/ExampleApp.xcodeproj/project.pbxproj

@@ -29,15 +29,13 @@
 		76B6E39F2807A3B6004DF775 /* WalletViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 76B6E39E2807A3B6004DF775 /* WalletViewController.swift */; };
 		8448F1D427E4726F0000B866 /* WalletConnect in Frameworks */ = {isa = PBXBuildFile; productRef = 8448F1D327E4726F0000B866 /* WalletConnect */; };
 		84494388278D9C1B00CC26BB /* UIAlertController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84494387278D9C1B00CC26BB /* UIAlertController.swift */; };
-		844943A1278EC49700CC26BB /* Web3 in Frameworks */ = {isa = PBXBuildFile; productRef = 844943A0278EC49700CC26BB /* Web3 */; };
 		8460DCFC274F98A10081F94C /* RequestViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8460DCFB274F98A10081F94C /* RequestViewController.swift */; };
 		84CE641F27981DED00142511 /* AppDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84CE641E27981DED00142511 /* AppDelegate.swift */; };
 		84CE642127981DED00142511 /* SceneDelegate.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84CE642027981DED00142511 /* SceneDelegate.swift */; };
 		84CE642827981DF000142511 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 84CE642727981DF000142511 /* Assets.xcassets */; };
 		84CE642B27981DF000142511 /* LaunchScreen.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 84CE642927981DF000142511 /* LaunchScreen.storyboard */; };
 		84CE6430279820F600142511 /* AccountsViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 761C649926FB7ABB004239D1 /* AccountsViewController.swift */; };
 		84CE6431279820F600142511 /* AccountsView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 7603D74C2703429A00DD27A2 /* AccountsView.swift */; };
-		84CE64392798228D00142511 /* Web3 in Frameworks */ = {isa = PBXBuildFile; productRef = 84CE64382798228D00142511 /* Web3 */; };
 		84CE643D2798322600142511 /* ConnectViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84CE643C2798322600142511 /* ConnectViewController.swift */; };
 		84CE6444279AB5AD00142511 /* SelectChainViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84CE6443279AB5AD00142511 /* SelectChainViewController.swift */; };
 		84CE6448279AE68600142511 /* AccountRequestViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = 84CE6447279AE68600142511 /* AccountRequestViewController.swift */; };
@@ -107,6 +105,7 @@
 		A5A4FC5C283D1F6700BBEC1E /* SessionDetailViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = A5A4FC5B283D1F6700BBEC1E /* SessionDetailViewController.swift */; };
 		A5A4FC5E283D23CA00BBEC1E /* Array.swift in Sources */ = {isa = PBXBuildFile; fileRef = A5A4FC5D283D23CA00BBEC1E /* Array.swift */; };
 		A5A4FC772840C12C00BBEC1E /* RegressionTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = A5A4FC762840C12C00BBEC1E /* RegressionTests.swift */; };
+		A5AE354728A1A2AC0059AE8A /* Web3 in Frameworks */ = {isa = PBXBuildFile; productRef = A5AE354628A1A2AC0059AE8A /* Web3 */; };
 		A5C2020B287D9DEE007E3188 /* WelcomeModule.swift in Sources */ = {isa = PBXBuildFile; fileRef = A5C20206287D9DEE007E3188 /* WelcomeModule.swift */; };
 		A5C2020C287D9DEE007E3188 /* WelcomePresenter.swift in Sources */ = {isa = PBXBuildFile; fileRef = A5C20207287D9DEE007E3188 /* WelcomePresenter.swift */; };
 		A5C2020D287D9DEE007E3188 /* WelcomeRouter.swift in Sources */ = {isa = PBXBuildFile; fileRef = A5C20208287D9DEE007E3188 /* WelcomeRouter.swift */; };
@@ -303,8 +302,8 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				A5AE354728A1A2AC0059AE8A /* Web3 in Frameworks */,
 				764E1D5826F8DBAB00A1FB15 /* WalletConnect in Frameworks */,
-				844943A1278EC49700CC26BB /* Web3 in Frameworks */,
 				A5D85226286333D500DAF5C3 /* Starscream in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
@@ -314,7 +313,6 @@
 			buildActionMask = 2147483647;
 			files = (
 				8448F1D427E4726F0000B866 /* WalletConnect in Frameworks */,
-				84CE64392798228D00142511 /* Web3 in Frameworks */,
 				A5D85228286333E300DAF5C3 /* Starscream in Frameworks */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
@@ -931,8 +929,8 @@
 			name = Wallet;
 			packageProductDependencies = (
 				764E1D5726F8DBAB00A1FB15 /* WalletConnect */,
-				844943A0278EC49700CC26BB /* Web3 */,
 				A5D85225286333D500DAF5C3 /* Starscream */,
+				A5AE354628A1A2AC0059AE8A /* Web3 */,
 			);
 			productName = ExampleApp;
 			productReference = 764E1D3C26F8D3FC00A1FB15 /* WalletConnect Wallet.app */;
@@ -952,7 +950,6 @@
 			);
 			name = DApp;
 			packageProductDependencies = (
-				84CE64382798228D00142511 /* Web3 */,
 				8448F1D327E4726F0000B866 /* WalletConnect */,
 				A5D85227286333E300DAF5C3 /* Starscream */,
 			);
@@ -1058,8 +1055,8 @@
 			);
 			mainGroup = 764E1D3326F8D3FC00A1FB15;
 			packageReferences = (
-				8449439F278EC49700CC26BB /* XCRemoteSwiftPackageReference "Web3" */,
 				A5D85224286333D500DAF5C3 /* XCRemoteSwiftPackageReference "Starscream" */,
+				A5AE354528A1A2AC0059AE8A /* XCRemoteSwiftPackageReference "Web3" */,
 			);
 			productRefGroup = 764E1D3D26F8D3FC00A1FB15 /* Products */;
 			projectDirPath = "";
@@ -1740,12 +1737,12 @@
 /* End XCConfigurationList section */
 
 /* Begin XCRemoteSwiftPackageReference section */
-		8449439F278EC49700CC26BB /* XCRemoteSwiftPackageReference "Web3" */ = {
+		A5AE354528A1A2AC0059AE8A /* XCRemoteSwiftPackageReference "Web3" */ = {
 			isa = XCRemoteSwiftPackageReference;
-			repositoryURL = "https://github.com/Boilertalk/Web3.swift";
+			repositoryURL = "https://github.com/flypaper0/Web3.swift";
 			requirement = {
-				kind = upToNextMajorVersion;
-				minimumVersion = 0.5.3;
+				branch = master;
+				kind = branch;
 			};
 		};
 		A5D85224286333D500DAF5C3 /* XCRemoteSwiftPackageReference "Starscream" */ = {
@@ -1767,16 +1764,6 @@
 			isa = XCSwiftPackageProductDependency;
 			productName = WalletConnect;
 		};
-		844943A0278EC49700CC26BB /* Web3 */ = {
-			isa = XCSwiftPackageProductDependency;
-			package = 8449439F278EC49700CC26BB /* XCRemoteSwiftPackageReference "Web3" */;
-			productName = Web3;
-		};
-		84CE64382798228D00142511 /* Web3 */ = {
-			isa = XCSwiftPackageProductDependency;
-			package = 8449439F278EC49700CC26BB /* XCRemoteSwiftPackageReference "Web3" */;
-			productName = Web3;
-		};
 		A5629AE92877F2D600094373 /* WalletConnectChat */ = {
 			isa = XCSwiftPackageProductDependency;
 			productName = WalletConnectChat;
@@ -1786,6 +1773,11 @@
 			package = A5D85224286333D500DAF5C3 /* XCRemoteSwiftPackageReference "Starscream" */;
 			productName = Starscream;
 		};
+		A5AE354628A1A2AC0059AE8A /* Web3 */ = {
+			isa = XCSwiftPackageProductDependency;
+			package = A5AE354528A1A2AC0059AE8A /* XCRemoteSwiftPackageReference "Web3" */;
+			productName = Web3;
+		};
 		A5D85225286333D500DAF5C3 /* Starscream */ = {
 			isa = XCSwiftPackageProductDependency;
 			package = A5D85224286333D500DAF5C3 /* XCRemoteSwiftPackageReference "Starscream" */;

Example/ExampleApp.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved

@@ -24,8 +24,8 @@
         "repositoryURL": "https://github.com/mxcl/PromiseKit.git",
         "state": {
           "branch": null,
-          "revision": "3fd8c77ded8a4bbee548e3bd6c987ffe8c1e3574",
-          "version": "6.17.0"
+          "revision": "ed3192004c0b00b4b3d7baa9578ee655c66faae3",
+          "version": "6.18.0"
         }
       },
       {
@@ -57,11 +57,11 @@
       },
       {
         "package": "Web3",
-        "repositoryURL": "https://github.com/Boilertalk/Web3.swift",
+        "repositoryURL": "https://github.com/flypaper0/Web3.swift",
         "state": {
-          "branch": null,
-          "revision": "1a6830ecc093f0f19054fed4c135dfee7bebe2b2",
-          "version": "0.5.3"
+          "branch": "master",
+          "revision": "23b6940bbda0769d9147bec6696b33a9fee0b120",
+          "version": null
         }
       }
     ]

Example/IntegrationTests/Chat/ChatTests.swift

@@ -66,7 +66,7 @@ final class ChatTests: XCTestCase {
         let inviteeAccount = Account(chainIdentifier: "eip155:1", address: "0x3627523167367216556273151")!
         let inviterAccount = Account(chainIdentifier: "eip155:1", address: "0x36275231673672234423f")!
 
-        Task(priority: .background) {
+        Task(priority: .high) {
             let pubKey = try! await invitee.register(account: inviteeAccount)
 
             try! await inviter.invite(publicKey: pubKey, peerAccount: inviteeAccount, openingMessage: "opening message", account: inviterAccount)
@@ -94,7 +94,7 @@ final class ChatTests: XCTestCase {
         let inviteeAccount = Account(chainIdentifier: "eip155:1", address: "0x3627523167367216556273151")!
         let inviterAccount = Account(chainIdentifier: "eip155:1", address: "0x36275231673672234423f")!
 
-        Task(priority: .background) {
+        Task(priority: .high) {
             let pubKey = try! await invitee.register(account: inviteeAccount)
             try! await inviter.invite(publicKey: pubKey, peerAccount: inviteeAccount, openingMessage: "opening message", account: inviterAccount)
         }

Package.swift

@@ -17,10 +17,12 @@ let package = Package(
             name: "WalletConnectChat",
             targets: ["Chat"]),
         .library(
-            name: "WalletConnectPairing",
-            targets: ["WalletConnectPairing"])
+            name: "WalletConnectAuth",
+            targets: ["Auth"])
+    ],
+    dependencies: [
+        .package(url: "https://github.com/flypaper0/Web3.swift", .branch("master"))
     ],
-    dependencies: [],
     targets: [
         .target(
             name: "WalletConnectSign",
@@ -32,7 +34,13 @@ let package = Package(
             path: "Sources/Chat"),
         .target(
             name: "Auth",
-            dependencies: ["WalletConnectRelay", "WalletConnectUtils", "WalletConnectKMS", "WalletConnectPairing"],
+            dependencies: [
+                "WalletConnectRelay",
+                "WalletConnectUtils",
+                "WalletConnectKMS",
+                "WalletConnectPairing",
+                .product(name: "Web3", package: "Web3.swift")
+            ],
             path: "Sources/Auth"),
         .target(
             name: "WalletConnectRelay",

Sources/Auth/Extensions/Data+Keccak256.swift

@@ -0,0 +1,9 @@
+import Foundation
+import CryptoSwift
+
+extension Data {
+
+    var keccak256: Data {
+        return sha3(.keccak256)
+    }
+}

Sources/Auth/Services/App/AppRespondSubscriber.swift

@@ -7,30 +7,54 @@ class AppRespondSubscriber {
     private let networkingInteractor: NetworkInteracting
     private let logger: ConsoleLogging
     private let rpcHistory: RPCHistory
+    private let signatureVerifier: MessageSignatureVerifying
+    private let messageFormatter: SIWEMessageFormatting
     private var publishers = [AnyCancellable]()
     var onResponse: ((_ id: RPCID, _ cacao: Cacao) -> Void)?
 
     init(networkingInteractor: NetworkInteracting,
          logger: ConsoleLogging,
-         rpcHistory: RPCHistory) {
+         rpcHistory: RPCHistory,
+         signatureVerifier: MessageSignatureVerifying,
+         messageFormatter: SIWEMessageFormatting) {
         self.networkingInteractor = networkingInteractor
         self.logger = logger
         self.rpcHistory = rpcHistory
+        self.signatureVerifier = signatureVerifier
+        self.messageFormatter = messageFormatter
         subscribeForResponse()
     }
 
     private func subscribeForResponse() {
         networkingInteractor.responsePublisher.sink { [unowned self] subscriptionPayload in
-            guard let request = rpcHistory.get(recordId: subscriptionPayload.request.id!)?.request,
-                  request.method == "wc_authRequest" else { return }
+            guard
+                let requestId = subscriptionPayload.request.id,
+                let request = rpcHistory.get(recordId: requestId)?.request,
+                let requestParams = request.params, request.method == "wc_authRequest"
+            else { return }
+
             networkingInteractor.unsubscribe(topic: subscriptionPayload.topic)
-            guard let cacao = try? subscriptionPayload.request.result?.get(Cacao.self) else {
-                logger.debug("Malformed auth response params")
-                return
-            }
+
             do {
-                try CacaoSignatureVerifier().verifySignature(cacao)
-                onResponse?(subscriptionPayload.request.id!, cacao)
+                guard let cacao = try subscriptionPayload.request.result?.get(Cacao.self) else {
+                    return logger.debug("Malformed auth response params")
+                }
+
+                let requestPayload = try requestParams.get(AuthRequestParams.self)
+                let address = try DIDPKH(iss: cacao.payload.iss).account.address
+                let message = try messageFormatter.formatMessage(from: cacao.payload)
+                let originalMessage = messageFormatter.formatMessage(from: requestPayload.payloadParams, address: address)
+
+                guard originalMessage == message else {
+                    return logger.debug("Original message compromised")
+                }
+
+                try signatureVerifier.verify(
+                    signature: cacao.signature.s,
+                    message: message,
+                    address: address
+                )
+                onResponse?(requestId, cacao)
             } catch {
                 logger.debug("Received response with invalid signature")
             }