fix: inboxes and app keys

pcarranzav · pcarranzav · commit fc20c5311a7f · 2025-06-27T17:33:06.000-03:00
diff --git a/apps/connect/src/routes/authenticate.tsx b/apps/connect/src/routes/authenticate.tsx
@@ -424,8 +424,8 @@ function AuthenticateComponent() {
         appId: state.appInfo.appId,
         address: newAppIdentity.address,
         accountAddress,
-        signaturePublicKey: newAppIdentity.signaturePublicKey,
-        encryptionPublicKey: newAppIdentity.encryptionPublicKey,
+        signaturePublicKey: keys.signaturePublicKey,
+        encryptionPublicKey: keys.encryptionPublicKey,
         ciphertext,
         nonce,
         accountProof,
@@ -441,6 +441,8 @@ function AuthenticateComponent() {
         body: JSON.stringify(message),
       });
       const appIdentityResponse = await response.json();
+      // TODO: All apps are essentially using the same keys, we should change to using
+      // the newly created app identity keys, but that requires changing a lot of the verification logic in the server and HypergraphAppContext
       await encryptSpacesAndRedirect({
         accountAddress,
         appIdentity: {
@@ -449,8 +451,8 @@ function AuthenticateComponent() {
           accountAddress,
           encryptionPrivateKey: keys.encryptionPrivateKey,
           signaturePrivateKey: keys.signaturePrivateKey,
-          encryptionPublicKey: newAppIdentity.encryptionPublicKey,
-          signaturePublicKey: newAppIdentity.signaturePublicKey,
+          encryptionPublicKey: keys.encryptionPublicKey,
+          signaturePublicKey: keys.signaturePublicKey,
           sessionToken: appIdentityResponse.appIdentity.sessionToken,
           sessionTokenExpires: new Date(appIdentityResponse.appIdentity.sessionTokenExpires),
           permissionId,
diff --git a/packages/hypergraph-react/src/HypergraphAppContext.tsx b/packages/hypergraph-react/src/HypergraphAppContext.tsx
@@ -624,7 +624,7 @@ export function HypergraphAppProvider({
             }
             const inboxCreator = Inboxes.recoverAccountInboxCreatorKey(response.inbox);
             if (inboxCreator !== identity.signaturePublicKey) {
-              console.error('Invalid inbox creator', response.inbox);
+              console.error('Invalid inbox creator', response.inbox, inboxCreator, identity.signaturePublicKey);
               return;
             }
 
@@ -1016,7 +1016,7 @@ export function HypergraphAppProvider({
       }
       const message = await Inboxes.createSpaceInboxCreationMessage({
         author: {
-          accountAddress: identity.address,
+          accountAddress: identity.accountAddress,
           signaturePublicKey,
           encryptionPublicKey,
           signaturePrivateKey,
@@ -1115,7 +1115,7 @@ export function HypergraphAppProvider({
         throw new Error('Missing keys');
       }
       const message = await Inboxes.createAccountInboxCreationMessage({
-        accountAddress: identity.address,
+        accountAddress: identity.accountAddress,
         isPublic,
         authPolicy,
         encryptionPublicKey,
diff --git a/packages/hypergraph-react/src/hooks/useExternalSpaceInbox.ts b/packages/hypergraph-react/src/hooks/useExternalSpaceInbox.ts
@@ -51,8 +51,8 @@ export function useExternalSpaceInbox({
 
         let authorAccountAddress: string | null = null;
         let signaturePrivateKey: string | null = null;
-        if (identity?.address && inbox.authPolicy !== 'anonymous') {
-          authorAccountAddress = identity.address;
+        if (identity?.accountAddress && inbox.authPolicy !== 'anonymous') {
+          authorAccountAddress = identity.accountAddress;
           signaturePrivateKey = identity.signaturePrivateKey;
         } else if (inbox.authPolicy === 'requires_auth') {
           throw new Error('Cannot send message to a required auth inbox without an identity');
diff --git a/packages/hypergraph-react/src/hooks/useOwnSpaceInbox.ts b/packages/hypergraph-react/src/hooks/useOwnSpaceInbox.ts
@@ -104,8 +104,8 @@ export function useOwnSpaceInbox({
 
         let authorAccountAddress: string | null = null;
         let signaturePrivateKey: string | null = null;
-        if (identity?.address && ownInbox.authPolicy !== 'anonymous') {
-          authorAccountAddress = identity.address;
+        if (identity?.accountAddress && ownInbox.authPolicy !== 'anonymous') {
+          authorAccountAddress = identity.accountAddress;
           signaturePrivateKey = identity.signaturePrivateKey;
         } else if (ownInbox.authPolicy === 'requires_auth') {
           throw new Error('Cannot send message to a required auth inbox without an identity');

Original file line number	Diff line number	Diff line change
`@@ -624,7 +624,7 @@ export function HypergraphAppProvider({`
`624`	`624`	`}`
`625`	`625`	`const inboxCreator = Inboxes.recoverAccountInboxCreatorKey(response.inbox);`
`626`	`626`	`if (inboxCreator !== identity.signaturePublicKey) {`
`627`		`- console.error('Invalid inbox creator', response.inbox);`
	`627`	`+ console.error('Invalid inbox creator', response.inbox, inboxCreator, identity.signaturePublicKey);`
`628`	`628`	`return;`
`629`	`629`	`}`
`630`	`630`
`@@ -1016,7 +1016,7 @@ export function HypergraphAppProvider({`
`1016`	`1016`	`}`
`1017`	`1017`	`const message = await Inboxes.createSpaceInboxCreationMessage({`
`1018`	`1018`	`author: {`
`1019`		`- accountAddress: identity.address,`
	`1019`	`+ accountAddress: identity.accountAddress,`
`1020`	`1020`	`signaturePublicKey,`
`1021`	`1021`	`encryptionPublicKey,`
`1022`	`1022`	`signaturePrivateKey,`
`@@ -1115,7 +1115,7 @@ export function HypergraphAppProvider({`
`1115`	`1115`	`throw new Error('Missing keys');`
`1116`	`1116`	`}`
`1117`	`1117`	`const message = await Inboxes.createAccountInboxCreationMessage({`
`1118`		`- accountAddress: identity.address,`
	`1118`	`+ accountAddress: identity.accountAddress,`
`1119`	`1119`	`isPublic,`
`1120`	`1120`	`authPolicy,`
`1121`	`1121`	`encryptionPublicKey,`