wip: combined lit action

Ansonhkg · Ansonhkg · commit 92245d460f9a · 2024-10-11T22:19:45.000+01:00
diff --git a/local-tests/tests/testUseTriaAuthAndWrappedKeysSessionSigsGen.ts b/local-tests/tests/testUseTriaAuthAndWrappedKeysSessionSigsGen.ts
@@ -24,6 +24,11 @@ export const testUseTriaAuthAndWrappedKeysSessionSigsGen = async (
   const alice = await devEnv.createRandomPerson();
 
   // -- Start
+  const triaAuthMethod = {
+    // authMethodId: '', <-- Tria's managing this by permitting auth method to the user id
+    authMethodType: process.env.TRIA_AUTHMETHOD_TYPE,
+    accessToken: process.env.TRIA_ACCESS_TOKEN,
+  };
 
   // -- mint a pkp
   console.log(`🔄 Minting new PKP...`);
@@ -85,8 +90,8 @@ export const testUseTriaAuthAndWrappedKeysSessionSigsGen = async (
   const evmMessageToSign = 'This is a test evm message';
 
   const { results } = await triaBatchGeneratePrivateKeys({
-    ipfsId: hashOfLitActionCode,
     pkpPublicKey: pkp.publicKey,
+    ipfsId: hashOfLitActionCode,
     actions: [
       {
         network: 'evm',
@@ -100,8 +105,10 @@ export const testUseTriaAuthAndWrappedKeysSessionSigsGen = async (
       },
     ],
     litNodeClient: devEnv.litNodeClient,
+    authMethod: triaAuthMethod,
   });
 
+  console.log("results:", results);
 
   process.exit();
 
diff --git a/packages/wrapped-keys-lit-actions/src/lib/common/bespoke/tria_batchGenerateEncryptedKeys.js b/packages/wrapped-keys-lit-actions/src/lib/common/bespoke/tria_batchGenerateEncryptedKeys.js
@@ -11,7 +11,6 @@ const {
 const { signMessageSolanaKey } = require('../../solana/internal/signMessage');
 
 /* "TRIA" global accessControlConditions, actions, Lit*/
-
 async function processEthereumAction(action) {
   const { network, generateKeyParams } = action;
   const messageToSign = action.signMessageParams?.messageToSign;
@@ -94,16 +93,43 @@ async function processActions(actions) {
   );
 }
 
-function validateParams(actions) {
-  if (!actions) {
+/**
+ * - jsParams: Expected data type: Object (e.g., "{ authMethod: { accessToken: '...', authMethodType: '...' }, publicKey: '...', actions: [...] }")
+ *
+ * This parameter is an object containing the following properties:
+ * - authMethod
+ * - publicKey
+ * - actions: Array of action objects, each containing network and key generation params.
+ *
+ */
+function validateJsParams(jsParams) {
+  if (!jsParams.authMethod) {
+    throw new Error('Missing required field: authMethod');
+  }
+  if (!jsParams.publicKey) {
+    throw new Error('Missing required field: publicKey');
+  }
+  if (!jsParams.accessControlConditions) {
+    throw new Error('Missing required field: accessControlConditions');
+  }
+  const { accessToken, authMethodType } = jsParams.authMethod;
+
+  if (!accessToken) {
+    throw new Error('Missing required field: authMethod.accessToken');
+  }
+  if (!authMethodType) {
+    throw new Error('Missing required field: authMethod.authMethodType');
+  }
+
+  if (!jsParams.actions) {
     throw new Error('Missing required field: actions');
   }
 
-  if (!actions.length) {
+  if (!jsParams.actions.length) {
     throw new Error('No actions provided (empty array?)');
   }
 
-  actions.forEach((action, ndx) => {
+  jsParams.actions.forEach((action, ndx) => {
     if (!['evm', 'solana'].includes(action.network)) {
       throw new Error(
         `Invalid field: actions[${ndx}].network: ${action.network}`
@@ -149,9 +175,114 @@ function validateParams(actions) {
 // })();
 
 const go = async () => {
-  LitActions.setResponse({
-    response: "(true, 'Something else is here!')",
+  // ========== Tria's Logic ==========
+  // Lit Action:: Prepare jsParams
+  const jsParams = {
+    authMethod: {
+      accessToken: authMethod.accessToken,
+      authMethodType: authMethod.authMethodType,
+    },
+    publicKey: publicKey,
+    actions: actions,
+    accessControlConditions: accessControlConditions,
+  };
+
+  validateJsParams(jsParams);
+
+  // ========== Tria's Logic ==========
+
+  // Authentication
+  const url = 'https://api.development.tria.so/api/v1/user/info';
+  const response = await fetch(url, {
+    method: 'GET',
+    headers: {
+      Authorization: `Bearer ${jsParams.authMethod.accessToken}`,
+    },
   });
+  const data = await response.json();
+  console.log('data', data);
+
+  if (!data.success) {
+    Lit.Actions.setResponse({
+      response: JSON.stringify({
+        success: false,
+        message: 'Authentication Failed',
+      }),
+    });
+    return;
+  }
+
+  // Authorization:: Prepare params
+  // -- 1. get the authMethodId from unique identify from the response
+  const authMethodId = `${ethers.utils.keccak256(
+    ethers.utils.toUtf8Bytes(data.userInfo.uuid)
+  )}`;
+  console.log('Computed AuthMethodId', authMethodId);
+
+  // -- 2. get the PKP token id
+  const tokenId = Lit.Actions.pubkeyToTokenId({
+    publicKey: jsParams.publicKey,
+  });
+  console.log('tokenId', tokenId);
+
+  // -- 3. get the permitted auth methods of the PKP token id
+  const permittedAuthMethods = await Lit.Actions.getPermittedAuthMethods({
+    tokenId,
+  });
+  console.log('permittedAuthMethods', permittedAuthMethods);
+
+  // -- 4. only get where authMethod that's equal to the authMethod Id
+  const permittedAuthMethod = permittedAuthMethods.find(
+    (method) => method.id === authMethodId
+  );
+  console.log('permittedAuthMethod', permittedAuthMethod);
+
+  // TODO: Uncomment this block to enable Authorization
+  // Authorization:: Failed Authentication and Authorization
+  // if (
+  //   !permittedAuthMethod ||
+  //   permittedAuthMethod.auth_method_type !== jsParams.authMethod.authMethodType
+  // ) {
+  //   Lit.Actions.setResponse({
+  //     response: JSON.stringify({
+  //       success: false,
+  //       message: 'Authorization Failed',
+  //     }),
+  //   });
+  //   return;
+  // }
+
+  // LitActions.setResponse({
+  //   response: `(true, ${JSON.stringify({
+  //     returnedData: data,
+  //     logs: {
+  //       authMethodId,
+  //       tokenId,
+  //       permittedAuthMethods,
+  //       permittedAuthMethod,
+  //       actions: jsParams.actions,
+  //       batchGeneratePrivateKeysActionResult,
+  //     },
+  //   })})`,
+  // });
+
+  try {
+    const batchGeneratePrivateKeysActionResult = await processActions(
+      jsParams.actions
+    );
+
+    Lit.Actions.setResponse({
+      response: JSON.stringify(
+        `(true, ${JSON.stringify(batchGeneratePrivateKeysActionResult)})`
+      ),
+    });
+
+    // 1. Generate both EVM and solana private keys
+    // 2. Run appropriate signMessage for each key _and_ encrypt the keys for persistence to wrapped-keys backend
+    // 3. Return results for both signMessage ops and both encrypted key payloads for persistence
+  } catch (err) {
+    Lit.Actions.setResponse({ response: `Error: ${err.message}` });
+  }
 };
 
 go();
diff --git a/packages/wrapped-keys-lit-actions/test.ts b/packages/wrapped-keys-lit-actions/test.ts
diff --git a/packages/wrapped-keys/src/lib/api/bespoke/tria-batch-generate-private-keys.ts b/packages/wrapped-keys/src/lib/api/bespoke/tria-batch-generate-private-keys.ts
@@ -15,16 +15,7 @@ import {
 import { LitAbility, LitActionResource, LitPKPResource } from '@lit-protocol/auth-helpers';
 import { SessionSigsMap } from '@lit-protocol/types';
 import { formatSessionSigsJSON, getResourcesFromSessionSigs } from '@lit-protocol/misc';
-
-// resolvedAuthContext: {
-//   auth_context: {
-//     actionIpfsIds: [ 'Qmd5ibCRo9DhEnjcmfBsMU6qRBCvMCZw5kB7oSvCa7iXDR' ],
-//     authMethodContexts: [],
-//     authSigAddress: null,
-//     customAuthResource: "(true, 'Anything your want to use in executeJs')",
-//     resources: []
-//   }
-// }
+import { computeAddress } from 'ethers/lib/utils';
 
 
 /**
@@ -37,6 +28,10 @@ export async function triaBatchGeneratePrivateKeys(
   params: Omit<BatchGeneratePrivateKeysParams, 'pkpSessionSigs'> & {
     pkpPublicKey: string | `0x${string}`;
     ipfsId: string | `Qm${string}`;
+    authMethod: {
+      authMethodType: string | `0x${string}`;
+      accessToken: string | `eyJ${string}`;
+    }
   }
 ): Promise<BatchGeneratePrivateKeysResult> {
 
@@ -60,10 +55,35 @@ export async function triaBatchGeneratePrivateKeys(
   //   'tria_batchGenerateEncryptedKeys'
   // );
 
+  let pkpPubKey = params.pkpPublicKey;
+
+  if (pkpPubKey.startsWith('0x')) {
+    pkpPubKey = pkpPubKey.slice(2);
+  }
+  const pkpPubkeyBuffer = Buffer.from(pkpPubKey, 'hex');
+
+  const pkpEthAddress = computeAddress(pkpPubkeyBuffer);
+
+  console.log("pkpEthAddress:", pkpEthAddress);
+
+  const allowPkpAddressToDecrypt = getPkpAccessControlCondition(pkpEthAddress);
+
   // Here we should use getLitActionSessionSigs rather than executeJs
   console.log(`🔄 Getting Lit Action Session Sigs`);
   let litActionSessionSigs: SessionSigsMap;
 
+  const _jsParams = {
+    authMethod: {
+      accessToken: params.authMethod.accessToken,
+      authMethodType: params.authMethod.authMethodType,
+    },
+    actions: params.actions,
+    publicKey: params.pkpPublicKey,
+    accessControlConditions: [allowPkpAddressToDecrypt],
+  };
+
+  console.log("_jsParams:", _jsParams);
+
   try {
     litActionSessionSigs = await params.litNodeClient.getLitActionSessionSigs({
       pkpPublicKey: params.pkpPublicKey,
@@ -78,7 +98,7 @@ export async function triaBatchGeneratePrivateKeys(
         },
       ],
       litActionIpfsId: params.ipfsId,
-      jsParams: {},
+      jsParams: _jsParams,
     });
   } catch (e) {
     throw new Error(`Error getting Lit Action Session Sigs: ${e}`);
