feat(cat-voices): use simple public key in rbac (#2547)

* feat: make x509 certificate use simple public key

* chore: update example

* style: formatting

* chore: cleanup

* chore: reformat

---------

Co-authored-by: Oleksandr Prokhorenko <[email protected]>
Co-authored-by: Ryszard Schossler <[email protected]>

Author: 3 people

catalyst_voices/packages/internal/catalyst_voices_services/lib/src/registration/registration_transaction_builder.dart

@@ -254,9 +254,7 @@ final class RegistrationTransactionBuilder {
 
     final tbs = X509TBSCertificate(
       serialNumber: _randomSerialNumber(),
-      subjectPublicKey: Bip32Ed25519XPublicKeyFactory.instance.fromBytes(
-        keyPair.publicKey.bytes,
-      ),
+      subjectPublicKey: keyPair.publicKey.toEd25519(),
       issuer: issuer,
       validityNotBefore: DateTime.now().toUtc(),
       validityNotAfter: X509TBSCertificate.foreverValid,

catalyst_voices/packages/libs/catalyst_cardano/catalyst_cardano/example/lib/sign_and_submit_rbac_tx.dart

@@ -8,69 +8,48 @@ final _transactionHash = TransactionHash.fromHex(
   '4d3f576f26db29139981a69443c2325daa812cc353a31b5a4db794a5bcbb06c2',
 );
 
-Future<void> _signAndSubmitRbacTx({
-  required BuildContext context,
-  required CardanoWalletApi api,
+Future<X509Certificate> generateX509Certificate({
+  required Bip32Ed25519XKeyPair keyPair,
+  required ShelleyAddress stakeAddress,
 }) async {
-  var result = '';
-  try {
-    final changeAddress = await api.getChangeAddress();
-    final rewardAddresses = await api.getRewardAddresses();
-
-    final utxos = await api.getUtxos(
-      amount: const Balance(
-        coin: Coin(1000000),
-      ),
-    );
-
-    if (utxos.isEmpty) {
-      throw Exception('Insufficient balance, please top up your wallet');
-    }
-
-    final x509Envelope = await _buildMetadataEnvelope(
-      utxos: utxos,
-      rewardAddress: rewardAddresses.first,
-    );
-
-    final auxiliaryData = AuxiliaryData.fromCbor(
-      await x509Envelope.toCbor(serializer: (e) => e.toCbor()),
-    );
-
-    final unsignedTx = _buildUnsignedRbacTx(
-      inputs: utxos,
-      changeAddress: changeAddress,
-      rewardAddress: rewardAddresses.first,
-      auxiliaryData: auxiliaryData,
-    );
-
-    print('unsigned tx: ${hex.encode(cbor.encode(unsignedTx.toCbor()))}');
-
-    final witnessSet = await api.signTx(transaction: unsignedTx);
-
-    print('Witness set: $witnessSet');
-
-    final signedTx = Transaction(
-      body: unsignedTx.body,
-      isValid: true,
-      witnessSet: witnessSet,
-      auxiliaryData: unsignedTx.auxiliaryData,
-    );
+  const maxInt = 4294967296;
 
-    print('signed tx: ${hex.encode(cbor.encode(signedTx.toCbor()))}');
+  /* cSpell:disable */
+  const issuer = X509DistinguishedName(
+    countryName: '',
+    stateOrProvinceName: '',
+    localityName: '',
+    organizationName: '',
+    organizationalUnitName: '',
+    commonName: '',
+  );
 
-    final txHash = await api.submitTx(transaction: signedTx);
-    result = 'Tx hash: ${txHash.toHex()}';
-  } catch (error) {
-    result = error.toString();
-  }
+  final tbs = X509TBSCertificate(
+    serialNumber: Random().nextInt(maxInt),
+    subjectPublicKey: keyPair.publicKey.toSerializableEd25519(),
+    issuer: issuer,
+    validityNotBefore: DateTime.now().toUtc(),
+    validityNotAfter: X509TBSCertificate.foreverValid,
+    subject: issuer,
+    extensions: X509CertificateExtensions(
+      subjectAltName: [
+        const X509String('mydomain.com', tag: X509String.domainNameTag),
+        const X509String('www.mydomain.com', tag: X509String.domainNameTag),
+        const X509String('example.com', tag: X509String.domainNameTag),
+        const X509String('www.example.com', tag: X509String.domainNameTag),
+        X509String(
+          'web+cardano://addr/${stakeAddress.toBech32()}',
+          tag: X509String.uriTag,
+        ),
+      ],
+    ),
+  );
+  /* cSpell:enable */
 
-  if (context.mounted) {
-    await _showDialog(
-      context: context,
-      title: 'Sign & submit RBAC tx',
-      message: result,
-    );
-  }
+  return X509Certificate.generateSelfSigned(
+    tbsCertificate: tbs,
+    privateKey: keyPair.privateKey,
+  );
 }
 
 Future<X509MetadataEnvelope<RegistrationData>> _buildMetadataEnvelope({
@@ -186,48 +165,69 @@ Transaction _buildUnsignedRbacTx({
   );
 }
 
-Future<X509Certificate> generateX509Certificate({
-  required Bip32Ed25519XKeyPair keyPair,
-  required ShelleyAddress stakeAddress,
+Future<void> _signAndSubmitRbacTx({
+  required BuildContext context,
+  required CardanoWalletApi api,
 }) async {
-  const maxInt = 4294967296;
+  var result = '';
+  try {
+    final changeAddress = await api.getChangeAddress();
+    final rewardAddresses = await api.getRewardAddresses();
 
-  /* cSpell:disable */
-  const issuer = X509DistinguishedName(
-    countryName: '',
-    stateOrProvinceName: '',
-    localityName: '',
-    organizationName: '',
-    organizationalUnitName: '',
-    commonName: '',
-  );
+    final utxos = await api.getUtxos(
+      amount: const Balance(
+        coin: Coin(1000000),
+      ),
+    );
 
-  final tbs = X509TBSCertificate(
-    serialNumber: Random().nextInt(maxInt),
-    subjectPublicKey: keyPair.publicKey,
-    issuer: issuer,
-    validityNotBefore: DateTime.now().toUtc(),
-    validityNotAfter: X509TBSCertificate.foreverValid,
-    subject: issuer,
-    extensions: X509CertificateExtensions(
-      subjectAltName: [
-        const X509String('mydomain.com', tag: X509String.domainNameTag),
-        const X509String('www.mydomain.com', tag: X509String.domainNameTag),
-        const X509String('example.com', tag: X509String.domainNameTag),
-        const X509String('www.example.com', tag: X509String.domainNameTag),
-        X509String(
-          'web+cardano://addr/${stakeAddress.toBech32()}',
-          tag: X509String.uriTag,
-        ),
-      ],
-    ),
-  );
-  /* cSpell:enable */
+    if (utxos.isEmpty) {
+      throw Exception('Insufficient balance, please top up your wallet');
+    }
 
-  return X509Certificate.generateSelfSigned(
-    tbsCertificate: tbs,
-    privateKey: keyPair.privateKey,
-  );
+    final x509Envelope = await _buildMetadataEnvelope(
+      utxos: utxos,
+      rewardAddress: rewardAddresses.first,
+    );
+
+    final auxiliaryData = AuxiliaryData.fromCbor(
+      await x509Envelope.toCbor(serializer: (e) => e.toCbor()),
+    );
+
+    final unsignedTx = _buildUnsignedRbacTx(
+      inputs: utxos,
+      changeAddress: changeAddress,
+      rewardAddress: rewardAddresses.first,
+      auxiliaryData: auxiliaryData,
+    );
+
+    print('unsigned tx: ${hex.encode(cbor.encode(unsignedTx.toCbor()))}');
+
+    final witnessSet = await api.signTx(transaction: unsignedTx);
+
+    print('Witness set: $witnessSet');
+
+    final signedTx = Transaction(
+      body: unsignedTx.body,
+      isValid: true,
+      witnessSet: witnessSet,
+      auxiliaryData: unsignedTx.auxiliaryData,
+    );
+
+    print('signed tx: ${hex.encode(cbor.encode(signedTx.toCbor()))}');
+
+    final txHash = await api.submitTx(transaction: signedTx);
+    result = 'Tx hash: ${txHash.toHex()}';
+  } catch (error) {
+    result = error.toString();
+  }
+
+  if (context.mounted) {
+    await _showDialog(
+      context: context,
+      title: 'Sign & submit RBAC tx',
+      message: result,
+    );
+  }
 }
 
 extension on Bip32Ed25519XPublicKey {

catalyst_voices/packages/libs/catalyst_cardano_serialization/lib/src/rbac/x509_certificate.dart

@@ -3,7 +3,7 @@ import 'dart:typed_data';
 
 import 'package:asn1lib/asn1lib.dart';
 import 'package:catalyst_cardano_serialization/catalyst_cardano_serialization.dart';
-import 'package:catalyst_key_derivation/catalyst_key_derivation.dart';
+import 'package:catalyst_key_derivation/catalyst_key_derivation.dart' hide Ed25519PublicKey;
 import 'package:equatable/equatable.dart';
 
 bool _registeredASN1Names = false;
@@ -425,7 +425,7 @@ class X509TBSCertificate with EquatableMixin {
   final X509DistinguishedName subject;
 
   /// The public key of the [subject].
-  final Bip32Ed25519XPublicKey subjectPublicKey;
+  final Ed25519PublicKey subjectPublicKey;
 
   /// Extra extensions of the certificate.
   final X509CertificateExtensions? extensions;
@@ -548,11 +548,11 @@ class X509TBSCertificate with EquatableMixin {
     return integer.intValue;
   }
 
-  static Bip32Ed25519XPublicKey _readSubjectPublicKeyInfo(ASN1Object object) {
+  static Ed25519PublicKey _readSubjectPublicKeyInfo(ASN1Object object) {
     final sequence = object.asSequence;
     final string = sequence.elements[1] as ASN1BitString;
     final stringBytes = string.contentBytes();
-    return Bip32Ed25519XPublicKeyFactory.instance.fromBytes(stringBytes);
+    return Ed25519PublicKey.fromSimpleOrExtendedBytes(stringBytes);
   }
 
   static int _readVersion(ASN1Object object) {