fix(wallet,dapp): use TON proof for auth signing and update dapp verification (#987)

- Wallet: use generateTonProof for TON auth signing instead of plain
  text signing, preserving the existing TON Connect proof format
- Dapp: update isValidTonSignature to reconstruct the TON proof message
  bytes (domain, iat, statement) and verify the ed25519 signature
  against the double-SHA256 hash, matching the wallet's signing format
- Dapp: move TON proof verification logic to helpers/ton.ts
- Dapp: replace Buffer usage with Uint8Array for stricter TS compat

Co-authored-by: Cursor <cursoragent@cursor.com>

Author: ganchoradkov

advanced/dapps/react-dapp-v2/src/contexts/JsonRpcContext.tsx

@@ -116,7 +116,7 @@ import {
 } from "@walletconnect/utils";
 import { BIP122_DUST_LIMIT } from "../chains/bip122";
 import { getTronWeb } from "../helpers/tron";
-import { signVerify } from "@ton/crypto";
+import { verifyTonProofSignature } from "../helpers/ton";
 /**
  * Types
  */
@@ -2716,14 +2716,14 @@ async function isValidTonSignature(params: {
   signatureMeta?: string;
 }) {
   const { message, signature, iss, signatureMeta = "" } = params;
+  const address = getDidAddress(iss)!;
 
-  const valid = await signVerify(
-    Buffer.from(message, "utf-8"),
-    Buffer.from(signature, "base64"),
-    Buffer.from(signatureMeta, "base64"),
-  );
-
-  return valid;
+  return verifyTonProofSignature({
+    message,
+    signature,
+    address,
+    publicKeyHex: signatureMeta,
+  });
 }
 export function isValidSignature(params: {
   message: string;

advanced/dapps/react-dapp-v2/src/helpers/ton.ts

@@ -7,6 +7,8 @@ import {
   Address,
 } from "@ton/core";
 import { TonClient, Transaction } from "@ton/ton";
+import { signVerify } from "@ton/crypto";
+import { sha256 } from "@noble/hashes/sha2.js";
 
 let clients = new Map<string, TonClient>();
 function getTonClient(chainId: string) {
@@ -133,6 +135,117 @@ async function retry<T>(
   throw lastError;
 }
 
+const TON_PROOF_PREFIX = "ton-proof-item-v2/";
+const TON_CONNECT_PREFIX = "ton-connect";
+
+function parseSiweField(message: string, field: string): string {
+  const match = message.match(new RegExp(`${field}: (.+)`));
+  return match?.[1] ?? "";
+}
+
+function parseSiweStatement(message: string): string {
+  const lines = message.split("\n");
+  const statementLines: string[] = [];
+  let collecting = false;
+  for (const line of lines) {
+    if (collecting) {
+      if (line.startsWith("URI: ")) break;
+      statementLines.push(line);
+    }
+    if (line === "") collecting = true;
+  }
+  return statementLines.join("\n").trim();
+}
+
+function concatBytes(...arrays: Uint8Array[]): Uint8Array {
+  const totalLength = arrays.reduce((sum, arr) => sum + arr.length, 0);
+  const result = new Uint8Array(totalLength);
+  let offset = 0;
+  for (const arr of arrays) {
+    result.set(arr, offset);
+    offset += arr.length;
+  }
+  return result;
+}
+
+function writeUint32BE(value: number): Uint8Array {
+  const buf = new Uint8Array(4);
+  new DataView(buf.buffer).setUint32(0, value, false);
+  return buf;
+}
+
+function writeUint32LE(value: number): Uint8Array {
+  const buf = new Uint8Array(4);
+  new DataView(buf.buffer).setUint32(0, value, true);
+  return buf;
+}
+
+function writeBigUint64LE(value: bigint): Uint8Array {
+  const buf = new Uint8Array(8);
+  new DataView(buf.buffer).setBigUint64(0, value, true);
+  return buf;
+}
+
+function buildTonProofMessageBytes(
+  address: Address,
+  domain: string,
+  timestamp: number,
+  payload: string
+): Uint8Array {
+  const wc = writeUint32BE(address.workChain);
+  const ts = writeBigUint64LE(BigInt(timestamp));
+  const dl = writeUint32LE(domain.length);
+  const encoder = new TextEncoder();
+
+  const m = concatBytes(
+    encoder.encode(TON_PROOF_PREFIX),
+    wc,
+    new Uint8Array(address.hash),
+    dl,
+    encoder.encode(domain),
+    ts,
+    encoder.encode(payload),
+  );
+
+  const messageHash = sha256(m);
+
+  const fullMes = concatBytes(
+    new Uint8Array([0xff, 0xff]),
+    encoder.encode(TON_CONNECT_PREFIX),
+    messageHash,
+  );
+
+  return sha256(fullMes);
+}
+
+export async function verifyTonProofSignature(params: {
+  message: string;
+  signature: string;
+  address: string;
+  publicKeyHex: string;
+}): Promise<boolean> {
+  const { message, signature, address, publicKeyHex } = params;
+
+  const tonAddress = Address.parse(address);
+  const domain = message.split(" wants you to sign in")[0];
+  const iat = parseSiweField(message, "Issued At");
+  const statement = parseSiweStatement(message);
+  const timestamp = Math.floor(new Date(iat).getTime() / 1000);
+
+  const dataToVerify = buildTonProofMessageBytes(
+    tonAddress,
+    domain,
+    timestamp,
+    statement
+  );
+
+  return signVerify(
+    Buffer.from(dataToVerify),
+    Buffer.from(signature, "base64"),
+    Buffer.from(publicKeyHex, "hex")
+  );
+}
+
 async function getTransactionByInMessage(
   inMessageBoc: string,
   client: TonClient

advanced/wallets/react-wallet-v2/src/utils/AuthUtil.ts

@@ -131,15 +131,12 @@ export async function signMessage(AuthMessage: AuthMessage) {
       const eip155Result = await eip155Wallets[AuthMessage.address].signMessage(AuthMessage.message)
       return { signature: eip155Result, type: getSignatureType(parsed.namespace) }
     case 'ton':
-      if (AuthMessage.statement) {
-        const tonResult = await tonWallets[AuthMessage.address].generateTonProof({
-          iat: AuthMessage.iat,
-          domain: AuthMessage.domain,
-          payload: AuthMessage.statement,
-        })
-        return { signature: tonResult.signature, publicKey: tonResult.publicKey, type: 'ton' }
-      }
-      break
+      const tonResult = await tonWallets[AuthMessage.address].generateTonProof({
+        iat: AuthMessage.iat,
+        domain: AuthMessage.domain,
+        payload: AuthMessage.statement ?? '',
+      })
+      return { signature: tonResult.signature, publicKey: tonResult.publicKey, type: 'ton' }
     case 'solana':
       const solanaResult = await solanaWallets[AuthMessage.address].signMessage({
         message: bs58.encode(new Uint8Array(Buffer.from(AuthMessage.message)))