SignatureValidationData

Author: juslesan

packages/sdk/src/signature/BrowserSignatureValidation.mts

@@ -4,7 +4,7 @@
  */
 import * as Comlink from 'comlink'
 import { SignatureValidationContext } from './SignatureValidationContext.js'
-import { SignatureValidationResult } from './signatureValidation.js'
+import { SignatureValidationResult, toSignatureValidationData } from './signatureValidation.js'
 import type { SignatureValidationWorkerApi } from './SignatureValidationWorker.js'
 import { StreamMessage } from '../protocol/StreamMessage.js'
 
@@ -22,7 +22,9 @@ export default class BrowserSignatureValidation implements SignatureValidationCo
     }
 
     async validateSignature(message: StreamMessage): Promise<SignatureValidationResult> {
-        return this.workerApi.validateSignature(message)
+        // Convert class instance to plain serializable data before sending to worker
+        const data = toSignatureValidationData(message)
+        return this.workerApi.validateSignature(data)
     }
 
     destroy(): void {

packages/sdk/src/signature/ServerSignatureValidation.ts

@@ -4,7 +4,7 @@ import { Worker } from "worker_threads"
 import { StreamMessage } from '../protocol/StreamMessage'
 import { SignatureValidationContext } from './SignatureValidationContext'
 import { SignatureValidationWorkerApi } from './SignatureValidationWorker'
-import { SignatureValidationResult } from './signatureValidation'
+import { SignatureValidationResult, toSignatureValidationData } from './signatureValidation'
 import { join } from 'path'
 
 export default class ServerSignatureValidation implements SignatureValidationContext {
@@ -21,8 +21,9 @@ export default class ServerSignatureValidation implements SignatureValidationCon
     }
 
     async validateSignature(message: StreamMessage): Promise<SignatureValidationResult> {
-        console.log('validateSignature', message)
-        return this.workerApi.validateSignature(message)
+        // Convert class instance to plain serializable data before sending to worker
+        const data = toSignatureValidationData(message)
+        return this.workerApi.validateSignature(data)
     }
 
     // eslint-disable-next-line class-methods-use-this

packages/sdk/src/signature/SignatureValidationWorker.ts

@@ -1,9 +1,8 @@
 import * as Comlink from 'comlink'
-import { validateSignatureData, SignatureValidationResult } from './signatureValidation'
-import { StreamMessage } from '../protocol/StreamMessage'
+import { validateSignatureData, SignatureValidationResult, SignatureValidationData } from './signatureValidation'
 
 const workerApi = {
-    validateSignature: async (data: StreamMessage): Promise<SignatureValidationResult> => {
+    validateSignature: async (data: SignatureValidationData): Promise<SignatureValidationResult> => {
         return validateSignatureData(data)
     }
 }

packages/sdk/src/signature/createLegacySignaturePayload.ts

@@ -1,7 +1,6 @@
 import { binaryToHex, binaryToUtf8 } from '@streamr/utils'
 import { EncryptedGroupKey, EncryptionType } from '@streamr/trackerless-network'
-import { MessageID } from '../protocol/MessageID'
-import { MessageRef } from '../protocol/MessageRef'
+import { MessageIdLike, MessageRefLike } from './createSignaturePayload'
 
 const serializeGroupKey = ({ id, data }: EncryptedGroupKey): string => {
     return JSON.stringify([id, binaryToHex(data)])
@@ -11,10 +10,10 @@ const serializeGroupKey = ({ id, data }: EncryptedGroupKey): string => {
  * Only to be used for LEGACY_SECP256K1 signature type.
  */
 export const createLegacySignaturePayload = (opts: {
-    messageId: MessageID
+    messageId: MessageIdLike
     content: Uint8Array
     encryptionType: EncryptionType
-    prevMsgRef?: MessageRef
+    prevMsgRef?: MessageRefLike
     newGroupKey?: EncryptedGroupKey
 }): Uint8Array => {
     const prev = ((opts.prevMsgRef !== undefined) ? `${opts.prevMsgRef.timestamp}${opts.prevMsgRef.sequenceNumber}` : '')

packages/sdk/src/signature/createSignaturePayload.ts

@@ -3,16 +3,34 @@ import {
     GroupKeyRequest as NewGroupKeyRequest,
     GroupKeyResponse as NewGroupKeyResponse
 } from '@streamr/trackerless-network'
-import { utf8ToBinary } from '@streamr/utils'
-import { MessageID } from '../protocol/MessageID'
-import { MessageRef } from '../protocol/MessageRef'
+import { StreamID, UserID, utf8ToBinary } from '@streamr/utils'
 import { StreamMessageType } from '../protocol/StreamMessage'
 
+/**
+ * Plain data for message ID - accepts class instances or plain objects with the same properties.
+ */
+export interface MessageIdLike {
+    streamId: StreamID
+    streamPartition: number
+    timestamp: number
+    sequenceNumber: number
+    publisherId: UserID
+    msgChainId: string
+}
+
+/**
+ * Plain data for message reference - accepts class instances or plain objects with the same properties.
+ */
+export interface MessageRefLike {
+    timestamp: number
+    sequenceNumber: number
+}
+
 export const createSignaturePayload = (opts: {
-    messageId: MessageID
+    messageId: MessageIdLike
     content: Uint8Array
     messageType: StreamMessageType
-    prevMsgRef?: MessageRef
+    prevMsgRef?: MessageRefLike
     newGroupKey?: EncryptedGroupKey
 }): Uint8Array | never => {
     const header = Buffer.concat([

packages/sdk/src/signature/signatureValidation.ts

@@ -2,12 +2,12 @@
  * Core signature validation logic - shared between worker and main thread implementations.
  * This file contains pure cryptographic validation functions without any network dependencies.
  */
-import { SigningUtil, toUserIdRaw } from '@streamr/utils'
-import { SignatureType } from '@streamr/trackerless-network'
+import { SigningUtil, StreamID, toUserIdRaw, UserID } from '@streamr/utils'
+import { EncryptedGroupKey, EncryptionType, SignatureType } from '@streamr/trackerless-network'
 import { IDENTITY_MAPPING } from '../identity/IdentityMapping'
-import { createSignaturePayload } from './createSignaturePayload'
+import { createSignaturePayload, MessageIdLike, MessageRefLike } from './createSignaturePayload'
 import { createLegacySignaturePayload } from './createLegacySignaturePayload'
-import { StreamMessage } from '../protocol/StreamMessage'
+import { StreamMessage, StreamMessageType } from '../protocol/StreamMessage'
 
 // Lookup structure SignatureType -> SigningUtil
 const signingUtilBySignatureType: Record<number, SigningUtil> = Object.fromEntries(
@@ -24,46 +24,87 @@ export type SignatureValidationResult =
     | { type: 'invalid' }
     | { type: 'error', message: string }
 
+/**
+ * Plain data type for signature validation that can be serialized to a worker.
+ * This contains only primitive values and simple objects (no class instances).
+ */
+export interface SignatureValidationData {
+    messageId: MessageIdLike
+    prevMsgRef?: MessageRefLike
+    messageType: StreamMessageType
+    content: Uint8Array
+    signature: Uint8Array
+    signatureType: SignatureType
+    encryptionType: EncryptionType
+    newGroupKey?: EncryptedGroupKey
+}
+
+/**
+ * Extract plain serializable data from a StreamMessage for worker communication.
+ */
+export function toSignatureValidationData(message: StreamMessage): SignatureValidationData {
+    return {
+        messageId: {
+            streamId: message.messageId.streamId,
+            streamPartition: message.messageId.streamPartition,
+            timestamp: message.messageId.timestamp,
+            sequenceNumber: message.messageId.sequenceNumber,
+            publisherId: message.messageId.publisherId,
+            msgChainId: message.messageId.msgChainId,
+        },
+        prevMsgRef: message.prevMsgRef ? {
+            timestamp: message.prevMsgRef.timestamp,
+            sequenceNumber: message.prevMsgRef.sequenceNumber,
+        } : undefined,
+        messageType: message.messageType,
+        content: message.content,
+        signature: message.signature,
+        signatureType: message.signatureType,
+        encryptionType: message.encryptionType,
+        newGroupKey: message.newGroupKey,
+    }
+}
+
 /**
  * Validate signature using extracted data.
  * This is the core validation logic that can be run in a worker.
  */
-export async function validateSignatureData(message: StreamMessage): Promise<SignatureValidationResult> {
+export async function validateSignatureData(data: SignatureValidationData): Promise<SignatureValidationResult> {
     try {
-        const signingUtil = signingUtilBySignatureType[message.signatureType]
+        const signingUtil = signingUtilBySignatureType[data.signatureType]
         // Common case: standard signature types
         if (signingUtil) {
             const payload = createSignaturePayload({
-                messageId: message.messageId,
-                content: message.content,
-                messageType: message.messageType,
-                prevMsgRef: message.prevMsgRef,
-                newGroupKey: message.newGroupKey,
+                messageId: data.messageId,
+                content: data.content,
+                messageType: data.messageType,
+                prevMsgRef: data.prevMsgRef,
+                newGroupKey: data.newGroupKey,
             })
             const isValid = await signingUtil.verifySignature(
-                toUserIdRaw(message.messageId.publisherId),
+                toUserIdRaw(data.messageId.publisherId),
                 payload,
-                message.signature
+                data.signature
             )
             return isValid ? { type: 'valid' } : { type: 'invalid' }
         }
         // Special handling: legacy signature type
-        if (message.signatureType === SignatureType.ECDSA_SECP256K1_LEGACY) {
+        if (data.signatureType === SignatureType.ECDSA_SECP256K1_LEGACY) {
             const payload = createLegacySignaturePayload({
-                messageId: message.messageId,
-                content: message.content,
-                encryptionType: message.encryptionType,
-                prevMsgRef: message.prevMsgRef,
-                newGroupKey: message.newGroupKey,
+                messageId: data.messageId,
+                content: data.content,
+                encryptionType: data.encryptionType,
+                prevMsgRef: data.prevMsgRef,
+                newGroupKey: data.newGroupKey,
             })
             const isValid = await evmSigner.verifySignature(
-                toUserIdRaw(message.messageId.publisherId),
+                toUserIdRaw(data.messageId.publisherId),
                 payload,
-                message.signature
+                data.signature
             )
             return isValid ? { type: 'valid' } : { type: 'invalid' }
         }
-        return { type: 'error', message: `Unsupported signatureType: "${message.signatureType}"` }
+        return { type: 'error', message: `Unsupported signatureType: "${data.signatureType}"` }
     } catch (err) {
         return { type: 'error', message: String(err) }
     }