fix: pkpSign with K256 and P256 signing schemes tests by using elliptic

Author: FedericoAmura

local-tests/tests/testUseEoaSessionSigsToPkpSignK256.ts

@@ -1,4 +1,5 @@
-import { ethers } from 'ethers';
+import EC from 'elliptic';
+import { createHash } from 'crypto';
 
 import { log } from '@lit-protocol/misc';
 import { getEoaSessionSigs } from 'local-tests/setup/session-sigs/get-eoa-session-sigs';
@@ -15,9 +16,7 @@ export const testUseEoaSessionSigsToPkpSignK256 = async (
 ) => {
   const alice = await devEnv.createRandomPerson();
   const messageToSign = [1, 2, 3, 4, 5];
-  const messageHash = ethers.utils.arrayify(
-    ethers.utils.keccak256(messageToSign)
-  );
+  const messageHash = createHash('sha256').update(Buffer.from(messageToSign)).digest();
 
   const eoaSessionSigs = await getEoaSessionSigs(devEnv, alice);
   const runWithSessionSigs = await devEnv.litNodeClient.pkpSign({
@@ -54,27 +53,25 @@ export const testUseEoaSessionSigsToPkpSignK256 = async (
     throw new Error(`Expected "recid" to be parseable as a number`);
   }
 
-  const signature = ethers.utils.joinSignature({
-    r: '0x' + runWithSessionSigs.r,
-    s: '0x' + runWithSessionSigs.s,
-    recoveryParam: runWithSessionSigs.recid,
-  });
-  const recoveredPubKey = ethers.utils.recoverPublicKey(messageHash, signature);
-
-  console.log('recoveredPubKey:', recoveredPubKey);
+  const ec = new EC.ec('secp256k1');
 
-  const runWithSessionSigsUncompressedPublicKey = ethers.utils.computePublicKey(
-    '0x' + runWithSessionSigs.publicKey
+  // Public key derived from message and signature
+  const recoveredPubKey = ec.recoverPubKey(
+    messageHash,
+    runWithSessionSigs,
+    runWithSessionSigs.recid
   );
-  if (
-    runWithSessionSigsUncompressedPublicKey !==
-    `0x${alice.pkp.publicKey.toLowerCase()}`
-  ) {
+  // Public key returned from nodes
+  const runWithSessionSigsUncompressedPublicKey = ec
+    .keyFromPublic(runWithSessionSigs.publicKey, 'hex')
+    .getPublic(false, 'hex');
+
+  if (runWithSessionSigsUncompressedPublicKey !== recoveredPubKey.encode('hex', false)) {
     throw new Error(
-      `Expected recovered public key to match runWithSessionSigsUncompressedPublicKey and alice.pkp.publicKey`
+      `Expected recovered public key to match runWithSessionSigsUncompressedPublicKey and recoveredPubKey.encode('hex', false)`
     );
   }
-  if (recoveredPubKey !== `0x${alice.pkp.publicKey.toLowerCase()}`) {
+  if (recoveredPubKey.encode('hex', false) !== alice.pkp.publicKey) {
     throw new Error(
       `Expected recovered public key to match alice.pkp.publicKey`
     );

local-tests/tests/testUseEoaSessionSigsToPkpSignP256.ts

@@ -1,4 +1,4 @@
-import { ethers } from 'ethers';
+import EC from 'elliptic';
 import { createHash } from 'crypto';
 
 import { log } from '@lit-protocol/misc';
@@ -15,8 +15,8 @@ export const testUseEoaSessionSigsToPkpSignP256 = async (
   devEnv: TinnyEnvironment
 ) => {
   const alice = await devEnv.createRandomPerson();
-  const messageToSign = new Uint8Array([1, 2, 3, 4, 5]);
-  const messageHash = createHash('sha256').update(messageToSign).digest();
+  const messageToSign = [1, 2, 3, 4, 5];
+  const messageHash = createHash('sha256').update(Buffer.from(messageToSign)).digest();
 
   const eoaSessionSigs = await getEoaSessionSigs(devEnv, alice);
   const runWithSessionSigs = await devEnv.litNodeClient.pkpSign({
@@ -28,16 +28,6 @@ export const testUseEoaSessionSigsToPkpSignP256 = async (
 
   devEnv.releasePrivateKeyFromUser(alice);
 
-  // Expected output:
-  // {
-  //   r: "25fc0d2fecde8ed801e9fee5ad26f2cf61d82e6f45c8ad1ad1e4798d3b747fd9",
-  //   s: "549fe745b4a09536e6e7108d814cf7e44b93f1d73c41931b8d57d1b101833214",
-  //   recid: 1,
-  //   signature: "0x25fc0d2fecde8ed801e9fee5ad26f2cf61d82e6f45c8ad1ad1e4798d3b747fd9549fe745b4a09536e6e7108d814cf7e44b93f1d73c41931b8d57d1b1018332141c",
-  //   publicKey: "04A3CD53CCF63597D3FFCD1DF1E8236F642C7DF8196F532C8104625635DC55A1EE59ABD2959077432FF635DF2CED36CC153050902B71291C4D4867E7DAAF964049",
-  //   dataSigned: "7D87C5EA75F7378BB701E404C50639161AF3EFF66293E9F375B5F17EB50476F4",
-  // }
-
   // -- assertions
   // r, s, dataSigned, and public key should be present
   if (!runWithSessionSigs.r) {
@@ -63,29 +53,30 @@ export const testUseEoaSessionSigsToPkpSignP256 = async (
     throw new Error(`Expected "recid" to be parseable as a number`);
   }
 
-  // TODO fix after fixing K256
-  const signature = ethers.utils.joinSignature({
-    r: '0x' + runWithSessionSigs.r,
-    s: '0x' + runWithSessionSigs.s,
-    recoveryParam: runWithSessionSigs.recid,
-  });
-  const recoveredPubKey = ethers.utils.recoverPublicKey(
-    alice.loveLetter,
-    signature
-  );
+  const ec = new EC.ec('p256');
 
-  console.log('recoveredPubKey:', recoveredPubKey);
+  // Public key derived from message and signature
+  const recoveredPubKey = ec.recoverPubKey(
+    messageHash,
+    runWithSessionSigs,
+    runWithSessionSigs.recid
+  );
+  // Public key returned from nodes
+  const runWithSessionSigsUncompressedPublicKey = ec
+    .keyFromPublic(runWithSessionSigs.publicKey, 'hex')
+    .getPublic(false, 'hex');
 
-  if (recoveredPubKey !== `0x${runWithSessionSigs.publicKey.toLowerCase()}`) {
+  if (runWithSessionSigsUncompressedPublicKey !== recoveredPubKey.encode('hex', false)) {
     throw new Error(
-      `Expected recovered public key to match runWithSessionSigs.publicKey`
-    );
-  }
-  if (recoveredPubKey !== `0x${alice.pkp.publicKey.toLowerCase()}`) {
-    throw new Error(
-      `Expected recovered public key to match alice.pkp.publicKey`
+      `Expected recovered public key to match runWithSessionSigsUncompressedPublicKey and recoveredPubKey.encode('hex', false)`
     );
   }
+  // PKP public key lives in k256, it cannot be directly compared
+  // if (recoveredPubKey.encode('hex', false) !== alice.pkp.publicKey) {
+  //   throw new Error(
+  //     `Expected recovered public key to match alice.pkp.publicKey`
+  //   );
+  // }
 
   log('✅ testUseEoaSessionSigsToPkpSignP256');
 };

package.json

@@ -61,6 +61,7 @@
     "cross-fetch": "3.1.8",
     "date-and-time": "^2.4.1",
     "depd": "^2.0.0",
+    "elliptic": "^6.6.1",
     "ethers": "^5.7.1",
     "jose": "^4.14.4",
     "micromodal": "^0.4.10",
@@ -87,6 +88,7 @@
     "@nx/web": "17.3.0",
     "@solana/web3.js": "1.95.3",
     "@types/depd": "^1.1.36",
+    "@types/elliptic": "^6.4.18",
     "@types/events": "^3.0.3",
     "@types/jest": "27.4.1",
     "@types/node": "18.19.18",

yarn.lock

@@ -5111,20 +5111,20 @@
   dependencies:
     "@babel/types" "^7.20.7"
 
+"@types/bn.js@*", "@types/bn.js@^5.1.0", "@types/bn.js@^5.1.1":
+  version "5.1.6"
+  resolved "https://registry.yarnpkg.com/@types/bn.js/-/bn.js-5.1.6.tgz#9ba818eec0c85e4d3c679518428afdf611d03203"
+  integrity sha512-Xh8vSwUeMKeYYrj3cX4lGQgFSF/N03r+tv4AiLl1SucqV+uTQpxRcnM8AkXKHwYP9ZPXOYXRr2KPXpVlIvqh9w==
+  dependencies:
+    "@types/node" "*"
+
 "@types/bn.js@^4.11.3":
   version "4.11.6"
   resolved "https://registry.yarnpkg.com/@types/bn.js/-/bn.js-4.11.6.tgz#c306c70d9358aaea33cd4eda092a742b9505967c"
   integrity sha512-pqr857jrp2kPuO9uRjZ3PwnJTjoQy+fcdxvBTvHm6dkmEL9q+hDD/2j/0ELOBPtPnS8LjCX0gI9nbl8lVkadpg==
   dependencies:
     "@types/node" "*"
 
-"@types/bn.js@^5.1.0", "@types/bn.js@^5.1.1":
-  version "5.1.6"
-  resolved "https://registry.yarnpkg.com/@types/bn.js/-/bn.js-5.1.6.tgz#9ba818eec0c85e4d3c679518428afdf611d03203"
-  integrity sha512-Xh8vSwUeMKeYYrj3cX4lGQgFSF/N03r+tv4AiLl1SucqV+uTQpxRcnM8AkXKHwYP9ZPXOYXRr2KPXpVlIvqh9w==
-  dependencies:
-    "@types/node" "*"
-
 "@types/cacheable-request@^6.0.1", "@types/cacheable-request@^6.0.2":
   version "6.0.3"
   resolved "https://registry.yarnpkg.com/@types/cacheable-request/-/cacheable-request-6.0.3.tgz#a430b3260466ca7b5ca5bfd735693b36e7a9d183"
@@ -5149,6 +5149,13 @@
   dependencies:
     "@types/node" "*"
 
+"@types/elliptic@^6.4.18":
+  version "6.4.18"
+  resolved "https://registry.yarnpkg.com/@types/elliptic/-/elliptic-6.4.18.tgz#bc96e26e1ccccbabe8b6f0e409c85898635482e1"
+  integrity sha512-UseG6H5vjRiNpQvrhy4VF/JXdA3V/Fp5amvveaL+fs28BZ6xIKJBPnUPRlEaZpysD9MbpfaLi8lbl7PGUAkpWw==
+  dependencies:
+    "@types/bn.js" "*"
+
 "@types/events@^3.0.3":
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/@types/events/-/events-3.0.3.tgz#a8ef894305af28d1fc6d2dfdfc98e899591ea529"
@@ -10452,7 +10459,7 @@ [email protected]:
     minimalistic-assert "^1.0.1"
     minimalistic-crypto-utils "^1.0.1"
 
-elliptic@^6.4.0, elliptic@^6.5.2, elliptic@^6.5.3, elliptic@^6.5.4, elliptic@^6.5.5, elliptic@^6.5.7:
+elliptic@^6.4.0, elliptic@^6.5.2, elliptic@^6.5.3, elliptic@^6.5.4, elliptic@^6.5.5, elliptic@^6.5.7, elliptic@^6.6.1:
   version "6.6.1"
   resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.6.1.tgz#3b8ffb02670bf69e382c7f65bf524c97c5405c06"
   integrity sha512-RaddvvMatK2LJHqFJ+YA4WysVN5Ita9E35botqIYspQ4TkRAlCicdzKOjlyv/1Za5RyTNn7di//eEV0uTAfe3g==