signature

Author: joaquim-verges

packages/thirdweb/src/auth/verify-signature.ts

@@ -1,4 +1,4 @@
-import { type Signature, recoverAddress } from "viem";
+import { type SignableMessage, type Signature, recoverAddress } from "viem";
 import type { Chain } from "../chains/types.js";
 import type { ThirdwebClient } from "../client/client.js";
 import { type Hex, isHex } from "../utils/encoding/hex.js";
@@ -10,7 +10,7 @@ import { verifyHash } from "./verify-hash.js";
  * @auth
  */
 export type VerifyEOASignatureParams = {
-  message: string;
+  message: string | SignableMessage;
   signature: string | Uint8Array | Signature;
   address: string;
 };

packages/thirdweb/src/wallets/smart/index.ts

@@ -9,6 +9,7 @@ import {
 import type { Chain } from "../../chains/types.js";
 import { getCachedChain } from "../../chains/utils.js";
 import type { ThirdwebClient } from "../../client/client.js";
+import { ZERO_ADDRESS } from "../../constants/addresses.js";
 import { type ThirdwebContract, getContract } from "../../contract/contract.js";
 import { allowance } from "../../extensions/erc20/__generated__/IERC20/read/allowance.js";
 import { approve } from "../../extensions/erc20/write/approve.js";
@@ -262,13 +263,13 @@ async function createSmartAccount(
         { readContract },
         { encodeAbiParameters },
         { hashMessage },
-        { checkContractWalletSignature },
+        { verifyContractWalletSignature },
       ] = await Promise.all([
         import("../../utils/bytecode/is-contract-deployed.js"),
         import("../../transaction/read-contract.js"),
         import("../../utils/abi/encodeAbiParameters.js"),
         import("../../utils/hashing/hashMessage.js"),
-        import("../../extensions/erc1271/checkContractWalletSignature.js"),
+        import("../../auth/verify-signature.js"),
       ]);
       const isDeployed = await isContractDeployed(accountContract);
       if (!isDeployed) {
@@ -284,31 +285,56 @@ async function createSmartAccount(
         });
       }
 
+      console.log("contract deployed");
+
       const originalMsgHash = hashMessage(message);
-      // check if the account contract supports EIP721 domain separator based signing
-      let factorySupports712 = false;
-      try {
-        // this will throw if the contract does not support it (old factories)
-        await readContract({
+      // check if the account contract supports EIP721 domain separator or modular based signing
+      const [messageHash, isModularFactory] = await Promise.all([
+        readContract({
           contract: accountContract,
           method:
             "function getMessageHash(bytes32 _hash) public view returns (bytes32)",
           params: [originalMsgHash],
-        });
-        factorySupports712 = true;
-      } catch {
-        // ignore
-      }
+        }).catch((err) => {
+          console.error(err);
+          return undefined;
+        }),
+        readContract({
+          contract: accountContract,
+          method: "function canInstall(address) public view returns (bool)",
+          params: [ZERO_ADDRESS],
+        })
+          .catch(() => false)
+          .then(() => true),
+      ]);
+
+      console.log("factoryType", messageHash, isModularFactory);
 
       let sig: `0x${string}`;
-      if (factorySupports712) {
+      if (messageHash) {
         const wrappedMessageHash = encodeAbiParameters(
           [{ type: "bytes32" }],
           [originalMsgHash],
         );
+
+        const hasheTypedData = hashTypedData({
+          domain: {
+            name: isModularFactory ? "DefaultValidator" : "Account",
+            version: "1",
+            chainId: options.chain.id,
+            verifyingContract: accountContract.address,
+          },
+          primaryType: "AccountMessage",
+          types: { AccountMessage: [{ name: "message", type: "bytes" }] },
+          message: { message: wrappedMessageHash },
+        });
+
+        console.log("hasheTypedData", hasheTypedData);
+        console.log("equal", messageHash === hasheTypedData);
+
         sig = await options.personalAccount.signTypedData({
           domain: {
-            name: "Account",
+            name: isModularFactory ? "DefaultValidator" : "Account",
             version: "1",
             chainId: options.chain.id,
             verifyingContract: accountContract.address,
@@ -317,14 +343,25 @@ async function createSmartAccount(
           types: { AccountMessage: [{ name: "message", type: "bytes" }] },
           message: { message: wrappedMessageHash },
         });
+        if (isModularFactory) {
+          // add validator address
+          sig = concatHex([ZERO_ADDRESS, sig]);
+        }
       } else {
         sig = await options.personalAccount.signMessage({ message });
       }
 
-      const isValid = await checkContractWalletSignature({
-        contract: accountContract,
+      console.log(sig);
+
+      const isValid = await verifyContractWalletSignature({
+        address: accountContract.address,
+        chain: accountContract.chain,
+        client: accountContract.client,
         message,
         signature: sig,
+      }).catch((err) => {
+        console.error("Error checking contract wallet signature", err);
+        return false;
       });
 
       if (isValid) {

packages/thirdweb/src/wallets/smart/smart-wallet-dev.test.ts

@@ -1,5 +1,6 @@
 import { beforeAll, describe, expect, it } from "vitest";
 import { TEST_CLIENT } from "../../../test/src/test-clients.js";
+import { TEST_ACCOUNT_A } from "../../../test/src/test-wallets.js";
 import { defineChain } from "../../chains/utils.js";
 import { type ThirdwebContract, getContract } from "../../contract/contract.js";
 import { balanceOf } from "../../extensions/erc1155/__generated__/IERC1155/read/balanceOf.js";
@@ -12,7 +13,6 @@ import type { Address } from "../../utils/address.js";
 import { isContractDeployed } from "../../utils/bytecode/is-contract-deployed.js";
 import { setThirdwebDomains } from "../../utils/domains.js";
 import type { Account, Wallet } from "../interfaces/wallet.js";
-import { generateAccount } from "../utils/generateAccount.js";
 import { smartWallet } from "./smart-wallet.js";
 
 let wallet: Wallet;
@@ -41,9 +41,10 @@ describe.runIf(process.env.TW_SECRET_KEY).skip.sequential(
         storage: "storage.thirdweb-dev.com",
         bundler: "bundler.thirdweb-dev.com",
       });
-      personalAccount = await generateAccount({
-        client,
-      });
+      personalAccount = TEST_ACCOUNT_A;
+      // personalAccount = await generateAccount({
+      //   client,
+      // });
       wallet = smartWallet({
         chain,
         gasless: true,