fix: update admin handlers validation to accept smart wallet signatures (#1124)

* feat: add logs to get/push config p2p handlers

* feat: use ERC1271 validation function for smart account calls

* feat: improve admin validation + add more logs for debugging

* fix: hex the input message in case it's a smart account signature

* chore: cleanup

* fix: use correct hashing function for smart wallets sig validation

* fix: use correct chainId for validation

Author: ndrpp

src/@types/commands.ts

@@ -37,6 +37,7 @@ export interface GetP2PNetworkStatsCommand extends Command {}
 export interface AdminCommand extends Command {
   expiryTimestamp: number
   signature: string
+  address?: string
 }
 
 export interface AdminCollectFeesHandlerResponse {

src/components/core/admin/adminHandler.ts

@@ -43,7 +43,8 @@ export abstract class AdminCommandHandler
     }
     const signatureValidation: CommonValidation = await validateAdminSignature(
       command.expiryTimestamp,
-      command.signature
+      command.signature,
+      command.address
     )
     if (!signatureValidation.valid) {
       return buildInvalidRequestMessage(

src/components/core/utils/nonceHandler.ts

@@ -245,7 +245,7 @@ async function validateNonceAndSignature(
 }
 
 // Smart account validation
-async function isERC1271Valid(
+export async function isERC1271Valid(
   address: string,
   hash: string | Uint8Array,
   signature: string,

src/utils/auth.ts

@@ -8,16 +8,39 @@ import { getAccountsFromAccessList } from '../utils/credentials.js'
 import { OceanNodeConfig } from '../@types/OceanNode.js'
 import { LOG_LEVELS_STR } from './logging/Logger.js'
 import { CommonValidation } from './validators.js'
+import { isERC1271Valid } from '../components/core/utils/nonceHandler.js'
+
 export async function validateAdminSignature(
   expiryTimestamp: number,
-  signature: string
+  signature: string,
+  address?: string
 ): Promise<CommonValidation> {
   const message = expiryTimestamp.toString()
-  const signerAddress = ethers.verifyMessage(message, signature)?.toLowerCase()
-  CORE_LOGGER.logMessage(`Resolved signer address: ${signerAddress}`)
+  let signerAddress
+
   try {
-    const allowedAdmins: string[] = await getAdminAddresses()
-    console.log(`Allowed admins: ${allowedAdmins}`)
+    const config = await getConfiguration()
+    if (address) {
+      const hexMessage = ethers.hashMessage(message)
+      const firstChainId = Object.keys(config?.supportedNetworks || {})[0]
+      if (firstChainId) {
+        const provider = new ethers.JsonRpcProvider(
+          config.supportedNetworks[firstChainId].rpc
+        )
+
+        if (!(await isERC1271Valid(address, hexMessage, signature, provider))) {
+          return { valid: false, error: 'Invalid ERC1271 signature' }
+        }
+        signerAddress = address
+      } else {
+        return { valid: false, error: 'No network configured in node config' }
+      }
+    } else {
+      signerAddress = ethers.verifyMessage(message, signature)?.toLowerCase()
+      CORE_LOGGER.logMessage(`Resolved signer address: ${signerAddress}`)
+    }
+
+    const allowedAdmins: string[] = await getAdminAddresses(config)
 
     if (allowedAdmins.length === 0) {
       const errorMsg = "Allowed admins list is empty. Please add admins' addresses."
@@ -48,8 +71,16 @@ export async function validateAdminSignature(
   }
 }
 
-export async function getAdminAddresses(): Promise<string[]> {
-  const config: OceanNodeConfig = await getConfiguration()
+export async function getAdminAddresses(
+  existingConfig?: OceanNodeConfig
+): Promise<string[]> {
+  let config: OceanNodeConfig
+  if (!existingConfig) {
+    config = await getConfiguration()
+  } else {
+    config = existingConfig
+  }
+
   const validAddresses: string[] = []
   if (config.allowedAdmins && config.allowedAdmins.length > 0) {
     for (const admin of config.allowedAdmins) {