Skip to content

fix(starkware): Update TWStarkWareGetStarkKeyFromSignature to return nullable pointer and handle exceptions #4715

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sergei-boiko-trustwallet merged 6 commits into from
Apr 1, 2026
Merged

fix(starkware): Update TWStarkWareGetStarkKeyFromSignature to return nullable pointer and handle exceptions #4715

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
2621ea3
fix(starkware): Update TWStarkWareGetStarkKeyFromSignature to return …
sergei-boiko-trustwallet Mar 31, 2026
cbf0a0e
Update include/TrustWalletCore/TWStarkWare.h
sergei-boiko-trustwallet Mar 31, 2026
138278a
fix(tezos): Enhance message verification to handle exceptions gracefully
sergei-boiko-trustwallet Mar 31, 2026
3a74c29
fix(tezos): Enhance message verification to handle exceptions gracefully
sergei-boiko-trustwallet Mar 31, 2026
f89fc14
fix(address): Handle empty payload case in Address constructor and im…
sergei-boiko-trustwallet Mar 31, 2026
cf80a3f
fix(data): Include stdexcept to fix Flutter compilation
sergei-boiko-trustwallet Apr 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions include/TrustWalletCore/TWStarkWare.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,8 @@ struct TWStarkWare;
///
/// \param derivationPath non-null StarkEx Derivation path
/// \param signature valid eth signature
/// \return The private key for the specified derivation path/signature
/// \return The private key for the specified derivation path/signature, or `nullptr` if the signature or derivation path is invalid or an internal error occurs.
TW_EXPORT_STATIC_METHOD
struct TWPrivateKey* _Nonnull TWStarkWareGetStarkKeyFromSignature(const struct TWDerivationPath* _Nonnull derivationPath, TWString* _Nonnull signature);
struct TWPrivateKey* _Nullable TWStarkWareGetStarkKeyFromSignature(const struct TWDerivationPath* _Nonnull derivationPath, TWString* _Nonnull signature);

TW_EXTERN_C_END
4 changes: 2 additions & 2 deletions src/Data.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@ namespace TW {

Data subData(const Data& data, size_t startIndex, size_t length) {
if (startIndex >= data.size()) {
return Data();
throw std::invalid_argument("invalid subData arguments");
}
const size_t subLength = std::min(length, data.size() - startIndex); // guard against over-length
return TW::data(data.data() + startIndex, subLength);
}

Data subData(const Data& data, size_t startIndex) {
if (startIndex >= data.size()) {
return Data();
throw std::invalid_argument("invalid subData arguments");
}
const size_t subLength = data.size() - startIndex;
return TW::data(data.data() + startIndex, subLength);
Expand Down
4 changes: 4 additions & 0 deletions src/Filecoin/Address.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,10 @@ MaybeAddress Address::fromBytes(const Data& encoded) {
return std::nullopt;
}

if (remainingPos == withoutPrefix.size()) {
// Payload is empty.
return Address(type, actorID, Data());
}
return Address(type, actorID, subData(withoutPrefix, remainingPos));
}
default:
Expand Down
3 changes: 3 additions & 0 deletions src/HDWallet.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,9 @@ const int MnemonicBufLength = Mnemonic::MaxWords * (BIP39_MAX_WORD_LENGTH + 3) +

template <std::size_t seedSize>
HDWallet<seedSize>::HDWallet(const Data& seed) {
if (seed.size() != seedSize) {
throw std::invalid_argument("Invalid seed size");
}
std::copy_n(seed.begin(), seedSize, this->seed.begin());
}

Expand Down
10 changes: 7 additions & 3 deletions src/Tezos/MessageSigner.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,9 +44,13 @@ std::string MessageSigner::signMessage(const PrivateKey& privateKey, const std::

bool MessageSigner::verifyMessage(const PublicKey& publicKey, const std::string& message, const std::string& signature) noexcept {
auto decoded = Base58::decodeCheck(signature);
auto rawSignature = subData(decoded, gEdSigPrefix.size());
auto msg = Hash::blake2b(parse_hex(message), 32);
return publicKey.verify(rawSignature, msg);
try {
auto rawSignature = subData(decoded, gEdSigPrefix.size());
auto msg = Hash::blake2b(parse_hex(message), 32);
return publicKey.verify(rawSignature, msg);
} catch (...) {
return false;
}
}

} // namespace TW::Tezos
6 changes: 5 additions & 1 deletion src/interface/TWStarkWare.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,9 @@
struct TWPrivateKey* TWStarkWareGetStarkKeyFromSignature(const struct TWDerivationPath* derivationPath, TWString* signature) {
using namespace TW;
const auto& ethSignatureStr = *reinterpret_cast<const std::string*>(signature);
return new TWPrivateKey{ ImmutableX::getPrivateKeyFromRawSignature(parse_hex(ethSignatureStr), derivationPath->impl)};
try {
return new TWPrivateKey{ ImmutableX::getPrivateKeyFromRawSignature(parse_hex(ethSignatureStr), derivationPath->impl)};
} catch (...) {
return nullptr;
}
}
2 changes: 1 addition & 1 deletion swift/Tests/HDWalletTests.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ class HDWalletTests: XCTestCase {
let ethMsg = "Only sign this request if you’ve initiated an action with Immutable X."
let ethSignature = EthereumMessageSigner.signMessageImmutableX(privateKey: ethPrivateKey, message: ethMsg)
XCTAssertEqual(ethSignature, "18b1be8b78807d3326e28bc286d7ee3d068dcd90b1949ce1d25c1f99825f26e70992c5eb7f44f76b202aceded00d74f771ed751f2fe538eec01e338164914fe001")
let starkPrivateKey = StarkWare.getStarkKeyFromSignature(derivationPath: derivationPath, signature: ethSignature)
let starkPrivateKey = StarkWare.getStarkKeyFromSignature(derivationPath: derivationPath, signature: ethSignature)!
XCTAssertEqual(starkPrivateKey.data.hexString, "04be51a04e718c202e4dca60c2b72958252024cfc1070c090dd0f170298249de")
let starkPublicKey = starkPrivateKey.getPublicKeyByType(pubkeyType: .starkex)
XCTAssertEqual(starkPublicKey.data.hexString, "00e5b9b11f8372610ef35d647a1dcaba1a4010716588d591189b27bf3c2d5095")
Expand Down
20 changes: 17 additions & 3 deletions tests/common/DataTests.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,13 +66,27 @@ TEST(DataTests, subData) {
EXPECT_EQ(hex(subData(data, 0, 10)), "0102030405060708090a");
EXPECT_EQ(hex(subData(data, 3, 1)), "04");
EXPECT_EQ(hex(subData(data, 3, 0)), "");
EXPECT_EQ(hex(subData(data, 200, 3)), ""); // index too big
EXPECT_EQ(hex(subData(data, 2, 300)), "030405060708090a"); // length too big
EXPECT_EQ(hex(subData(data, 200, 300)), ""); // index & length too big

EXPECT_EQ(hex(subData(data, 3)), "0405060708090a");
EXPECT_EQ(hex(subData(data, 0)), "0102030405060708090a");
EXPECT_EQ(hex(subData(data, 200)), ""); // index too big

// index too big
ASSERT_ANY_THROW(subData(data, 10, 3));
ASSERT_ANY_THROW(subData(data, 11, 1));
ASSERT_ANY_THROW(subData(data, 200, 300));

ASSERT_ANY_THROW(subData(data, 10ul));
ASSERT_ANY_THROW(subData(data, 11ul));
ASSERT_ANY_THROW(subData(data, 200ul));
}

TEST(DataTests, subDataInvalidStartIndex) {
const Data data = parse_hex("0102030405060708090a");
EXPECT_EQ(data.size(), 10ul);
ASSERT_ANY_THROW(subData(data, 10ul));
ASSERT_ANY_THROW(subData(data, 11ul));
ASSERT_ANY_THROW(subData(data, 200ul));
}

TEST(DataTests, hasPrefix) {
Expand Down
Loading