Feat/starknet (#6)

* Chore: append address to pubkey (#5)

* chore: rm recovery component

* chore: make `sign` and `verify` EIP-712 compatible

* chore: fix `verify`

* fix: include `chainId`

* chore: pad chainId to 32 bytes

* chore: fix review changes

* chore: rep tx hash as hex

* feat: injected starknet signer

* chore: update injected starknet signer to account for multiple signatures

* chore: append address to pubkey

* chore: review modifications

* chore: remove logs

* feat: add accountContractId

---------

Co-authored-by: Darlington Nnam <Darlingtonnnam@gmail.com>

Author: JesseTheRobot

package.json

@@ -144,7 +144,7 @@
     "bs58": "^4.0.1",
     "keccak": "^3.0.2",
     "secp256k1": "^5.0.0",
-    "starknet": "^6.15.0"
+    "starknet": "^6.21.0"
   },
   "optionalDependencies": {
     "@randlabs/myalgo-connect": "^1.1.2",
@@ -153,4 +153,4 @@
     "multistream": "^4.1.0",
     "tmp-promise": "^3.0.2"
   }
-}
+}

src/__tests__/starknet.test.ts

@@ -33,18 +33,17 @@ describe("Typed Starknet Signer", () => {
 
   const PrivateKey = "0x0570d0ab0e4bd9735277e8db6c8e19918c64ed50423aa5860235635d2487c7bb";
   const myAddressInStarknet = "0x078e47BBEB4Dc687741825d7bEAD044e229960D3362C0C21F45Bb920db08B0c4";
-
+  const accountAbstractionId = 1;
   beforeAll(async () => {
-    signer = new StarknetSigner(provider, myAddressInStarknet, PrivateKey);
+    signer = new StarknetSigner(provider, myAddressInStarknet, PrivateKey, accountAbstractionId);
     await signer.init();
   });
 
   it("should sign a known value", async () => {
     const expectedSignature = Buffer.from([
       4, 122, 51, 60, 218, 66, 57, 104, 199, 126, 49, 15, 195, 203, 209, 15, 62, 214, 104, 245, 237, 79, 12, 252, 141, 242, 95, 4, 176, 235, 231, 189,
       7, 126, 187, 220, 69, 127, 240, 85, 198, 31, 219, 33, 230, 0, 142, 230, 0, 200, 246, 208, 144, 191, 118, 88, 85, 216, 105, 65, 129, 174, 37,
-      165, 7, 142, 71, 187, 235, 77, 198, 135, 116, 24, 37, 215, 190, 173, 4, 78, 34, 153, 96, 211, 54, 44, 12, 33, 244, 91, 185, 32, 219, 8, 176,
-      196, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 83, 78, 95, 83, 69, 80, 79, 76, 73, 65,
+      165, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 83, 78, 95, 83, 69, 80, 79, 76, 73, 65,
     ]);
 
     const data = Buffer.from("Hello Irys!");
@@ -55,10 +54,9 @@ describe("Typed Starknet Signer", () => {
 
   it("should fail for an invalid signature", async () => {
     const expectedSignature = Buffer.from([
-      3, 14, 26, 44, 182, 142, 237, 13, 51, 15, 51, 142, 100, 132, 8, 70, 90, 34, 222, 66, 92, 68, 20, 86, 18, 205, 207, 16, 215, 160, 82, 238, 7,
-      227, 27, 134, 157, 27, 47, 233, 175, 89, 26, 104, 127, 142, 192, 227, 45, 149, 179, 169, 202, 38, 75, 242, 68, 84, 75, 8, 222, 153, 188, 225, 7,
-      142, 71, 187, 235, 77, 198, 135, 116, 24, 37, 215, 190, 173, 4, 78, 34, 153, 96, 211, 54, 44, 12, 33, 244, 91, 185, 32, 219, 8, 176, 196, 0, 0,
-      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 83, 78, 95, 77, 65, 73, 78,
+      4, 122, 51, 60, 218, 66, 57, 104, 199, 126, 49, 15, 195, 203, 209, 15, 62, 214, 104, 245, 237, 79, 12, 252, 141, 242, 95, 4, 176, 235, 231, 189,
+      7, 126, 187, 220, 69, 127, 240, 85, 198, 31, 219, 33, 230, 0, 142, 230, 0, 200, 246, 208, 144, 191, 118, 88, 85, 216, 105, 65, 129, 174, 37,
+      165, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 83, 78, 95, 83, 69, 80, 79, 76, 73, 65,
     ]);
 
     const data = Buffer.from("Hello World!");
@@ -80,10 +78,9 @@ describe("Typed Starknet Signer", () => {
   it("should evaulate to false for invalid signature", async () => {
     // generate invalid signature
     const signature = Uint8Array.from([
-      3, 14, 26, 44, 182, 142, 237, 13, 51, 15, 51, 142, 100, 132, 8, 70, 90, 34, 222, 66, 92, 68, 20, 86, 18, 205, 207, 16, 215, 160, 82, 238, 7,
-      227, 27, 134, 157, 27, 47, 233, 175, 89, 26, 104, 127, 142, 192, 227, 45, 149, 179, 169, 202, 38, 75, 242, 68, 84, 75, 8, 222, 153, 188, 225, 7,
-      142, 71, 187, 235, 77, 198, 135, 116, 24, 37, 215, 190, 173, 4, 78, 34, 153, 96, 211, 54, 44, 12, 33, 244, 91, 185, 32, 219, 8, 176, 196, 0, 0,
-      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 83, 78, 95, 77, 65, 73, 78,
+      4, 122, 51, 60, 218, 66, 57, 104, 199, 126, 49, 15, 195, 203, 209, 15, 62, 214, 104, 245, 237, 79, 12, 252, 141, 242, 95, 4, 176, 235, 231, 189,
+      7, 126, 187, 220, 69, 127, 240, 85, 198, 31, 219, 33, 230, 0, 142, 230, 0, 200, 246, 208, 144, 191, 118, 88, 85, 216, 105, 65, 129, 174, 37,
+      165, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 83, 78, 95, 83, 69, 80, 79, 76, 73, 65,
     ]);
 
     // try verifying
@@ -116,7 +113,7 @@ describe("Typed Starknet Signer", () => {
 
     describe("With an unknown wallet", () => {
       it("should sign & verify an unknown value", async () => {
-        const randSigner = new StarknetSigner(provider, myAddressInStarknet, PrivateKey);
+        const randSigner = new StarknetSigner(provider, myAddressInStarknet, PrivateKey, accountAbstractionId);
         const randData = Buffer.from(Crypto.randomBytes(256));
         const signature = await randSigner.sign(Uint8Array.from(randData));
 

src/constants.ts

@@ -52,8 +52,8 @@ export const SIG_CONFIG: Record<SignatureConfig, SignatureMeta> = {
     sigName: "typedEthereum",
   },
   [SignatureConfig.STARKNET]: {
-    sigLength: 128, // 64 bytes signature, + 32 bytes address + 32 bytes chainId
-    pubLength: 33,
+    sigLength: 96, // 64 bytes signature, + 32 bytes chainId
+    pubLength: 67, // 33 bytes public key + 32 bytes address (for sdk) + 2 bytes accountContractId
     sigName: "starknet",
   },
 };

src/signing/chains/StarknetSigner.ts

@@ -2,30 +2,49 @@ import type { RpcProvider, WeierstrassSignatureType, TypedData, BigNumberish } f
 import { Account, ec, encode, hash, typedData } from "starknet";
 import type { Signer } from "../index";
 import { SignatureConfig, SIG_CONFIG } from "../../constants";
+import { shortTo2ByteArray } from "../../utils";
+
+export function extractX(bytes: Buffer): string {
+  const hex = bytes.subarray(1).toString("hex");
+  const stripped = hex.replace(/^0+/gm, ""); // strip leading 0s
+  return `0x${stripped}`;
+}
 
 export default class StarknetSigner implements Signer {
   protected signer: Account;
+  // public key is structured as: actual public key (33 bytes), address (32 bytes), accountContractId (2 bytes)
+  // this is because normal public key -> address derivation is impossible, so we use an identifer to know which account ABI the signer is using, so we can access the public key from the account contract to verify the public key -> address association
   public publicKey: Buffer;
   public address: string;
   private privateKey: string;
   public provider: RpcProvider;
   public chainId: string;
+  public accountContractId: number;
   readonly ownerLength: number = SIG_CONFIG[SignatureConfig.STARKNET].pubLength;
   readonly signatureLength: number = SIG_CONFIG[SignatureConfig.STARKNET].sigLength;
   readonly signatureType: number = SignatureConfig.STARKNET;
 
-  constructor(provider: RpcProvider, address: string, pKey: string) {
+  constructor(provider: RpcProvider, address: string, privateKey: string, accountContractId: number) {
     this.provider = provider;
     this.address = address;
-    this.privateKey = pKey;
-    this.signer = new Account(provider, address, pKey);
+    this.privateKey = privateKey;
+    this.accountContractId = accountContractId;
+    this.signer = new Account(provider, address, privateKey);
   }
 
   public async init(): Promise<void> {
     const pubKey = encode.addHexPrefix(encode.buf2hex(ec.starkCurve.getPublicKey(this.privateKey, true)));
-    const hexKey = pubKey.startsWith("0x") ? pubKey.slice(2) : pubKey;
+    const address = this.signer.address;
+
+    // get pubkey and address buffers
+    const pubKeyBuffer = Buffer.from(pubKey.startsWith("0x") ? pubKey.slice(2) : pubKey, "hex");
+
+    const addressBuffer = Buffer.from(address.startsWith("0x") ? address.slice(2) : address, "hex");
+    const accountContractId = shortTo2ByteArray(this.accountContractId);
+
+    // concatenate buffers as pubKey
+    this.publicKey = Buffer.concat([pubKeyBuffer, addressBuffer, accountContractId]);
 
-    this.publicKey = Buffer.from(hexKey, "hex");
     this.chainId = await this.provider.getChainId();
   }
 
@@ -43,54 +62,53 @@ export default class StarknetSigner implements Signer {
 
     const r = BigInt(signature.r).toString(16).padStart(64, "0"); // Convert BigInt to hex string
     const s = BigInt(signature.s).toString(16).padStart(64, "0"); // Convert BigInt to hex string
-    const address = this.signer.address.replace(/^0x0?|^0x/, "").padStart(64, "0");
 
     const rArray = Uint8Array.from(Buffer.from(r, "hex"));
     const sArray = Uint8Array.from(Buffer.from(s, "hex"));
-    const addressToArray = Uint8Array.from(Buffer.from(address, "hex"));
     const chainIdToArray = Uint8Array.from(Buffer.from(chainId.replace(/^0x/, "").padStart(64, "0"), "hex"));
 
     // Concatenate the arrays
-    const result = new Uint8Array(rArray.length + sArray.length + addressToArray.length + chainIdToArray.length);
+    const result = new Uint8Array(rArray.length + sArray.length + chainIdToArray.length);
     result.set(rArray);
     result.set(sArray, rArray.length);
-    result.set(addressToArray, rArray.length + sArray.length);
-    result.set(chainIdToArray, rArray.length + sArray.length + addressToArray.length);
+    result.set(chainIdToArray, rArray.length + sArray.length);
 
     // check signature is of required length
-    if (result.length !== 128) throw new Error("Signature length must be 128 bytes!");
+    if (result.length !== 96) throw new Error("Signature length must be 96 bytes!");
 
     return result;
   }
 
   static async verify(pubkey: Buffer, message: Uint8Array, signature: Uint8Array, _opts?: any): Promise<boolean> {
     const rLength = 32;
     const sLength = 32;
-    const addressLength = 32;
-    const chainIdLength = 32;
 
-    // retrieve address from signature
-    const addressArrayRetrieved = signature.slice(rLength + sLength, rLength + sLength + addressLength);
-    const originalAddress = "0x" + Buffer.from(addressArrayRetrieved).toString("hex");
+    // retrieve pubKey and address from pubKey
+    const [originalPubKey, originalAddressBin] = decomposePubkey(pubkey);
+    const originalAddress = "0x" + Buffer.from(originalAddressBin).toString("hex");
 
     // retrieve chainId from signature
-    const chainIdArrayRetrieved = signature.slice(rLength + sLength + addressLength, rLength + sLength + addressLength + chainIdLength);
+    const chainIdArrayRetrieved = signature.slice(rLength + sLength);
     const originalChainId = "0x" + Buffer.from(chainIdArrayRetrieved).toString("hex");
 
     // calculate full public key
-    const fullPubKey = encode.addHexPrefix(encode.buf2hex(pubkey));
+    const fullPubKey = encode.addHexPrefix(encode.buf2hex(originalPubKey));
 
     // generate message hash and signature
     const msg = hash.computeHashOnElements(uint8ArrayToBigNumberishArray(message));
     const data: TypedData = getTypedData(msg, originalChainId);
     const msgHash = typedData.getMessageHash(data, originalAddress);
-    const trimmedSignature = signature.slice(0, -64);
+    const trimmedSignature = signature.slice(0, -32);
 
     // verify
     return ec.starkCurve.verify(trimmedSignature, msgHash, fullPubKey);
   }
 }
 
+export function decomposePubkey(pubkey: Buffer): [Buffer, Buffer, Buffer] {
+  return [pubkey.slice(0, 33), pubkey.slice(33, -2), pubkey.slice(-2)];
+}
+
 // convert message to TypedData format
 export function getTypedData(message: string, chainId: string): TypedData {
   const typedData: TypedData = {

src/signing/chains/index.ts

@@ -15,4 +15,4 @@ export { default as TypedEthereumSigner } from "./TypedEthereumSigner";
 export * from "./InjectedTypedEthereumSigner";
 export { default as ArconnectSigner } from "./arconnectSigner";
 export { default as StarknetSigner } from "./StarknetSigner";
-export { default as InjectedStarknetSigner } from "./injectedStarknetSigner";
+export { default as InjectedStarknetSigner } from "./injectedStarknetSigner";

src/signing/chains/injectedStarknetSigner.ts

@@ -3,22 +3,35 @@ import { ec, encode, hash, typedData } from "starknet";
 import type { Signer } from "../index";
 import { getTypedData, uint8ArrayToBigNumberishArray } from "./StarknetSigner";
 import { SignatureConfig, SIG_CONFIG } from "../../constants";
+import { shortTo2ByteArray } from "../../utils";
 
 export default class InjectedStarknetSigner implements Signer {
   public walletAccount: WalletAccount;
   public publicKey: Buffer;
   public provider: RpcProvider;
   public chainId: string;
+  public accountContractId: number;
   readonly ownerLength: number = SIG_CONFIG[SignatureConfig.STARKNET].pubLength;
   readonly signatureLength: number = SIG_CONFIG[SignatureConfig.STARKNET].sigLength;
   readonly signatureType: number = SignatureConfig.STARKNET;
 
-  constructor(provider: RpcProvider, walletAccount: WalletAccount) {
+  constructor(provider: RpcProvider, walletAccount: WalletAccount, accountContractId: number) {
     this.provider = provider;
     this.walletAccount = walletAccount;
+    this.accountContractId = accountContractId;
   }
 
-  public async init(): Promise<void> {
+  public async init(pubKey: string): Promise<void> {
+    const address = this.walletAccount.address;
+
+    // get pubkey and address buffers
+    const pubKeyBuffer = Buffer.from(pubKey.startsWith("0x") ? pubKey.slice(2) : pubKey, "hex");
+    const addressBuffer = Buffer.from(address.startsWith("0x") ? address.slice(2) : address, "hex");
+    const accountContractId = shortTo2ByteArray(this.accountContractId);
+
+    // concatenate buffers as pubKey
+    this.publicKey = Buffer.concat([pubKeyBuffer, addressBuffer, accountContractId]);
+
     this.chainId = await this.provider.getChainId();
   }
 
@@ -36,48 +49,43 @@ export default class InjectedStarknetSigner implements Signer {
     const rsComponents = Array.from(signature).slice(-2);
     const r = BigInt(rsComponents[0]).toString(16).padStart(64, "0");
     const s = BigInt(rsComponents[1]).toString(16).padStart(64, "0");
-    const address = this.walletAccount.address.replace(/^0x0?|^0x/, "").padStart(64, "0");
 
     const rArray = Uint8Array.from(Buffer.from(r, "hex"));
     const sArray = Uint8Array.from(Buffer.from(s, "hex"));
-    const addressToArray = Uint8Array.from(Buffer.from(address, "hex"));
     const chainIdToArray = Uint8Array.from(Buffer.from(chainId.replace(/^0x/, "").padStart(64, "0"), "hex"));
 
     // Concatenate the arrays
-    const result = new Uint8Array(rArray.length + sArray.length + addressToArray.length + chainIdToArray.length);
+    const result = new Uint8Array(rArray.length + sArray.length + chainIdToArray.length);
     result.set(rArray);
     result.set(sArray, rArray.length);
-    result.set(addressToArray, rArray.length + sArray.length);
-    result.set(chainIdToArray, rArray.length + sArray.length + addressToArray.length);
+    result.set(chainIdToArray, rArray.length + sArray.length);
 
     // check signature is of required length
-    if (result.length !== 128) throw new Error("Signature length must be 128 bytes!");
+    if (result.length !== 96) throw new Error("Signature length must be 96 bytes!");
 
     return result;
   }
 
   static async verify(pubkey: Buffer, message: Uint8Array, signature: Uint8Array, _opts?: any): Promise<boolean> {
     const rLength = 32;
     const sLength = 32;
-    const addressLength = 32;
-    const chainIdLength = 32;
 
-    // retrieve address from signature
-    const addressArrayRetrieved = signature.slice(rLength + sLength, rLength + sLength + addressLength);
-    const originalAddress = "0x" + Buffer.from(addressArrayRetrieved).toString("hex");
+    // retrieve pubKey and address from pubKey
+    const originalPubKey = pubkey.slice(0, 33);
+    const originalAddress = "0x" + Buffer.from(pubkey.slice(33, -2)).toString("hex");
 
     // retrieve chainId from signature
-    const chainIdArrayRetrieved = signature.slice(rLength + sLength + addressLength, rLength + sLength + addressLength + chainIdLength);
+    const chainIdArrayRetrieved = signature.slice(rLength + sLength);
     const originalChainId = "0x" + Buffer.from(chainIdArrayRetrieved).toString("hex");
 
     // calculate full public key
-    const fullPubKey = encode.addHexPrefix(encode.buf2hex(pubkey));
+    const fullPubKey = encode.addHexPrefix(encode.buf2hex(originalPubKey));
 
     // generate message hash and signature
     const msg = hash.computeHashOnElements(uint8ArrayToBigNumberishArray(message));
     const data: TypedData = getTypedData(msg, originalChainId);
     const msgHash = typedData.getMessageHash(data, originalAddress);
-    const trimmedSignature = signature.slice(0, -64);
+    const trimmedSignature = signature.slice(0, -32);
 
     // verify
     return ec.starkCurve.verify(trimmedSignature, msgHash, fullPubKey);