move getVerifiedIdentity to core

nikgraf · nikgraf · commit 5618129a83c6 · 2025-01-30T13:29:32.000+01:00
diff --git a/apps/server/src/index.ts b/apps/server/src/index.ts
@@ -1,8 +1,8 @@
-import { parse } from 'node:url';
 import { Identity, Messages, SpaceEvents, Utils } from '@graphprotocol/hypergraph';
 import cors from 'cors';
 import { Effect, Exit, Schema } from 'effect';
 import express, { type Request, type Response } from 'express';
+import { parse } from 'node:url';
 import { SiweMessage } from 'siwe';
 import type { Hex } from 'viem';
 import WebSocket, { WebSocketServer } from 'ws';
diff --git a/packages/hypergraph-react/src/HypergraphAppContext.tsx b/packages/hypergraph-react/src/HypergraphAppContext.tsx
@@ -43,7 +43,7 @@ export type HypergraphAppCtx = {
   acceptInvitation(params: Readonly<{ invitation: Messages.Invitation }>): Promise<unknown>;
   subscribeToSpace(params: Readonly<{ spaceId: string }>): void;
   inviteToSpace(params: Readonly<{ space: SpaceStorageEntry; invitee: { accountId: Address } }>): Promise<unknown>;
-  getUserIdentity(accountId: string): Promise<{
+  getVerifiedIdentity(accountId: string): Promise<{
     accountId: string;
     encryptionPublicKey: string;
     signaturePublicKey: string;
@@ -52,28 +52,36 @@ export type HypergraphAppCtx = {
 };
 
 export const HypergraphAppContext = createContext<HypergraphAppCtx>({
-  async login() {},
-  logout() {},
-  setIdentityAndSessionToken() {},
+  async login() {
+    throw new Error('login is missing');
+  },
+  logout() {
+    throw new Error('logout is missing');
+  },
+  setIdentityAndSessionToken() {
+    throw new Error('setIdentityAndSessionToken is missing');
+  },
   invitations: [],
   async createSpace() {
-    return {};
+    throw new Error('createSpace is missing');
+  },
+  listSpaces() {
+    throw new Error('listSpaces is missing');
+  },
+  listInvitations() {
+    throw new Error('listInvitations is missing');
   },
-  listSpaces() {},
-  listInvitations() {},
   async acceptInvitation() {
-    return {};
+    throw new Error('acceptInvitation is missing');
+  },
+  subscribeToSpace() {
+    throw new Error('subscribeToSpace is missing');
   },
-  subscribeToSpace() {},
   async inviteToSpace() {
-    return {};
+    throw new Error('inviteToSpace is missing');
   },
-  async getUserIdentity() {
-    return {
-      accountId: '',
-      encryptionPublicKey: '',
-      signaturePublicKey: '',
-    };
+  async getVerifiedIdentity() {
+    throw new Error('getVerifiedIdentity is missing');
   },
   loading: true,
 });
@@ -699,7 +707,7 @@ export function HypergraphAppProvider({
     signaturePublicKey: string;
   }> => {
     const storeState = store.getSnapshot();
-    const identity = storeState.context.userIdentities[accountId];
+    const identity = storeState.context.identities[accountId];
     if (identity) {
       return {
         accountId,
@@ -725,7 +733,7 @@ export function HypergraphAppProvider({
     }
 
     store.send({
-      type: 'addUserIdentity',
+      type: 'addVerifiedIdentity',
       accountId: resDecoded.accountId,
       encryptionPublicKey: resDecoded.encryptionPublicKey,
       signaturePublicKey: resDecoded.signaturePublicKey,
@@ -807,6 +815,13 @@ export function HypergraphAppProvider({
     websocketConnection?.send(Messages.serialize(message));
   };
 
+  const getVerifiedIdentity = useCallback(
+    (accountId: string) => {
+      return Identity.getVerifiedIdentity(accountId, syncServerUri);
+    },
+    [syncServerUri],
+  );
+
   return (
     <HypergraphAppContext.Provider
       value={{
@@ -819,7 +834,7 @@ export function HypergraphAppProvider({
         listInvitations,
         acceptInvitation: acceptInvitationForContext,
         subscribeToSpace,
-        getUserIdentity,
+        getVerifiedIdentity,
         inviteToSpace,
         loading,
       }}
diff --git a/packages/hypergraph/src/identity/get-verified-identity.ts b/packages/hypergraph/src/identity/get-verified-identity.ts
@@ -0,0 +1,53 @@
+import * as Schema from 'effect/Schema';
+import * as Messages from '../messages/index.js';
+import { store } from '../store.js';
+import { verifyIdentityOwnership } from './prove-ownership.js';
+
+export const getVerifiedIdentity = async (
+  accountId: string,
+  syncServerUri: string,
+): Promise<{
+  accountId: string;
+  encryptionPublicKey: string;
+  signaturePublicKey: string;
+}> => {
+  const storeState = store.getSnapshot();
+  const identity = storeState.context.identities[accountId];
+  if (identity) {
+    return {
+      accountId,
+      encryptionPublicKey: identity.encryptionPublicKey,
+      signaturePublicKey: identity.signaturePublicKey,
+    };
+  }
+  const res = await fetch(`${syncServerUri}/identity?accountId=${accountId}`);
+  if (res.status !== 200) {
+    throw new Error('Failed to fetch identity');
+  }
+  const resDecoded = Schema.decodeUnknownSync(Messages.ResponseIdentity)(await res.json());
+
+  if (
+    !(await verifyIdentityOwnership(
+      resDecoded.accountId,
+      resDecoded.signaturePublicKey,
+      resDecoded.accountProof,
+      resDecoded.keyProof,
+    ))
+  ) {
+    throw new Error('Invalid identity');
+  }
+
+  store.send({
+    type: 'addVerifiedIdentity',
+    accountId: resDecoded.accountId,
+    encryptionPublicKey: resDecoded.encryptionPublicKey,
+    signaturePublicKey: resDecoded.signaturePublicKey,
+    accountProof: resDecoded.accountProof,
+    keyProof: resDecoded.keyProof,
+  });
+  return {
+    accountId: resDecoded.accountId,
+    encryptionPublicKey: resDecoded.encryptionPublicKey,
+    signaturePublicKey: resDecoded.signaturePublicKey,
+  };
+};
diff --git a/packages/hypergraph/src/identity/index.ts b/packages/hypergraph/src/identity/index.ts
@@ -1,5 +1,6 @@
 export * from './auth-storage.js';
 export * from './create-identity-keys.js';
+export * from './get-verified-identity.js';
 export * from './identity-encryption.js';
 export * from './login.js';
 export * from './prove-ownership.js';
diff --git a/packages/hypergraph/src/store.ts b/packages/hypergraph/src/store.ts
@@ -21,7 +21,7 @@ interface StoreContext {
   updatesInFlight: string[];
   invitations: Invitation[];
   repo: Repo;
-  userIdentities: {
+  identities: {
     [accountId: string]: {
       encryptionPublicKey: string;
       signaturePublicKey: string;
@@ -40,7 +40,7 @@ const initialStoreContext: StoreContext = {
   updatesInFlight: [],
   invitations: [],
   repo: new Repo({}),
-  userIdentities: {},
+  identities: {},
   authenticated: false,
   accountId: null,
   sessionToken: null,
@@ -57,7 +57,7 @@ type StoreEvent =
   | { type: 'updateConfirmed'; spaceId: string; clock: number }
   | { type: 'applyUpdate'; spaceId: string; firstUpdateClock: number; lastUpdateClock: number }
   | {
-      type: 'addUserIdentity';
+      type: 'addVerifiedIdentity';
       accountId: string;
       encryptionPublicKey: string;
       signaturePublicKey: string;
@@ -193,7 +193,7 @@ export const store: Store<StoreContext, StoreEvent, GenericEventObject> = create
         }),
       };
     },
-    addUserIdentity: (
+    addVerifiedIdentity: (
       context,
       event: {
         accountId: string;
@@ -205,8 +205,8 @@ export const store: Store<StoreContext, StoreEvent, GenericEventObject> = create
     ) => {
       return {
         ...context,
-        userIdentities: {
-          ...context.userIdentities,
+        identities: {
+          ...context.identities,
           [event.accountId]: {
             encryptionPublicKey: event.encryptionPublicKey,
             signaturePublicKey: event.signaturePublicKey,
