From 69efc16bb5a5a7dcc26715726a5ce9805bdcf94d Mon Sep 17 00:00:00 2001 From: Pablo Carranza Velez Date: Tue, 24 Jun 2025 17:04:32 -0300 Subject: [PATCH] fix: restore signature verification --- apps/server/.env.example | 3 +- .../src/identity/prove-ownership.ts | 78 ++++++++++--------- 2 files changed, 42 insertions(+), 39 deletions(-) diff --git a/apps/server/.env.example b/apps/server/.env.example index f9d0ff3a..b7276318 100644 --- a/apps/server/.env.example +++ b/apps/server/.env.example @@ -1,3 +1,4 @@ DATABASE_URL="file:./dev.db" PRIVY_APP_SECRET="TODO" -PRIVY_APP_ID="TODO" \ No newline at end of file +PRIVY_APP_ID="TODO" +HYPERGRAPH_CHAIN="geogenesis" diff --git a/packages/hypergraph/src/identity/prove-ownership.ts b/packages/hypergraph/src/identity/prove-ownership.ts index b7347fc0..847ff45b 100644 --- a/packages/hypergraph/src/identity/prove-ownership.ts +++ b/packages/hypergraph/src/identity/prove-ownership.ts @@ -1,10 +1,9 @@ -//import { http, type Chain, type Hex, type WalletClient, createPublicClient, verifyMessage } from 'viem'; -import type { Chain, Hex, WalletClient } from 'viem'; +import { http, type Chain, type Hex, type WalletClient, createPublicClient, verifyMessage } from 'viem'; import { privateKeyToAccount } from 'viem/accounts'; import type { SmartAccountClient } from 'permissionless'; import { DEFAULT_RPC_URL, GEOGENESIS } from '../connect/smart-account.js'; -//import { publicKeyToAddress } from '../utils/index.js'; +import { publicKeyToAddress } from '../utils/index.js'; import type { IdentityKeys } from './types.js'; export const getAccountProofMessage = (accountAddress: string, publicKey: string): string => { @@ -60,43 +59,46 @@ export const verifyIdentityOwnership = async ( rpcUrl: string = DEFAULT_RPC_URL, ): Promise => { console.log('verifyIdentityOwnership', accountAddress, publicKey, accountProof, keyProof, chain, rpcUrl); - // const keyProofMessage = getKeyProofMessage(accountAddress, publicKey); - // const publicClient = createPublicClient({ - // chain, - // transport: http(rpcUrl), - // }); + const keyProofMessage = getKeyProofMessage(accountAddress, publicKey); + const publicClient = createPublicClient({ + chain, + transport: http(rpcUrl), + }); + console.log('publicClient', publicClient); + console.log('rpcUrl', rpcUrl); + console.log('chain', chain); - // console.log('accountProof', accountProof); - // console.log('accountAddress', accountAddress); - // console.log('publicKey', publicKey); + console.log('accountProof', accountProof); + console.log('accountAddress', accountAddress); + console.log('publicKey', publicKey); - // const accountProofMessage = getAccountProofMessage(accountAddress, publicKey); - // const validAccountProof = await publicClient.verifyTypedData({ - // address: accountAddress as Hex, - // message: { - // message: accountProofMessage, - // }, - // types: { - // Message: [{ name: 'message', type: 'string' }], - // }, - // domain: accountProofDomain, - // primaryType: 'Message', - // signature: accountProof as Hex, - // }); - // if (!validAccountProof) { - // console.log('Invalid account proof'); - // return false; - // } + const accountProofMessage = getAccountProofMessage(accountAddress, publicKey); + const validAccountProof = await publicClient.verifyTypedData({ + address: accountAddress as Hex, + message: { + message: accountProofMessage, + }, + types: { + Message: [{ name: 'message', type: 'string' }], + }, + domain: accountProofDomain, + primaryType: 'Message', + signature: accountProof as Hex, + }); + if (!validAccountProof) { + console.log('Invalid account proof'); + return false; + } - // const keyAddress = publicKeyToAddress(publicKey) as Hex; - // const validKeyProof = await verifyMessage({ - // address: keyAddress, - // message: keyProofMessage, - // signature: keyProof as Hex, - // }); - // if (!validKeyProof) { - // console.log('Invalid key proof'); - // return false; - // } + const keyAddress = publicKeyToAddress(publicKey) as Hex; + const validKeyProof = await verifyMessage({ + address: keyAddress, + message: keyProofMessage, + signature: keyProof as Hex, + }); + if (!validKeyProof) { + console.log('Invalid key proof'); + return false; + } return true; };