sui icon indicating copy to clipboard operation
sui copied to clipboard

Published 20 hours ago verified publisher icon MystenLabs

crypto: Sign with intent in wallet and keystore

Open joyqvq opened this issue 2 years ago • 1 comments

  • Previously, signer commits a signature to a BCS serialized TransactionData with TYPE_TAG.

  • This change means, signer commits to a signature on IntentMessage<TransactionData>, which contains three bytes of intent (version, chain_id, scope) AND the BCS serialized TransactionData without type. This is because the type itself can be inferred from IntentScope byte.

  • Wallet is gated with RPC API version. Signs with intent only on version >= 0.14.0 (subject to change depends on when we deploy intent signing for sui).

  • This PR only touches user signatures committing to IntentMessage<TransactionData>, this does not include AuthoritySignatures committing to other IntentMessage<T> types.

  • keystore.sign() is now deprecated in favor of sign_secure.

Next Steps

  1. Note the Wallet release for this change needs to happen before Sui release.
  2. Use actual chain_id, version_id when we can call RPC endpoint for chain_id instead of hardcoding it in the wallet and keystore.
  3. Currently validators do not check if intent == expected intent, only checks if the signature commits to an IntentMessage. Add support to validate on intent.

Test Plan

  1. e2e test from wallet serializes and sign data, verifies by local validators successfully.
  2. CLI serializes data with intent and submitting the signature to local validators executed transaction successfully.
  3. Tested against artifact: https://github.com/MystenLabs/sui/actions/runs/3361617096#artifacts
target/debug/sui client transfer-sui --amount 10 --gas-budget 1000 --sui-coin-object-id 0x38c062e1cd88fa97c69cc2d498aaa4d3b366066e --to 0x581a119a6576d3b502b5dc47c5de497b774e68ca
----- Certificate ----
Transaction Hash: D1gA05BQybIR/UX0jCyFqE5a+Wj6wRuQeqhMhWx9D4M=
Transaction Signature: AA==@oJurKmAbfmMsjiGL1ex1k463/+wYZwnD6Q+xjBXeqjYTcIOdM6kHygq9zlt/qoVRBzOUiSQBbDnS9y3MrNG8DQ==@rJzjxQ+FCK9m8YDU8Dq1Yx931HkIArhcw33kUPL9P8c=
Signed Authorities Bitmap: RoaringBitmap<[0, 1, 3]>
Transaction Kind : Transfer SUI
Recipient : 0x581a119a6576d3b502b5dc47c5de497b774e68ca
Amount: 10

----- Transaction Effects ----
Status : Success
Created Objects:
  - ID: 0x97078393dae37ff73614cb5aeabb4364500d55c1 , Owner: Account Address ( 0x581a119a6576d3b502b5dc47c5de497b774e68ca )
Mutated Objects:
  - ID: 0x38c062e1cd88fa97c69cc2d498aaa4d3b366066e , Owner: Account Address ( 0x581a119a6576d3b502b5dc47c5de497b774e68ca )

Logs in validator

2022-10-20T16:25:36.436619Z  INFO node{name=0x77878e5863711cf66cecae32e6d061755022288a}: sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.436768Z  INFO node{name=0x49a81aee4d0c08d867d9bd88565ddc71d74a81b3}: sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.436919Z  INFO node{name=0x3b666d24a57e50efaaa3ea66865100cb72825dfd}: sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.437597Z  INFO node{name=0x2c7f8bc7d9042c3a4965a02c783f48792089fefc}: sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.438786Z  INFO sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.440239Z  INFO sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.440396Z  INFO sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.441637Z  INFO sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }
2022-10-20T16:25:36.441871Z  INFO sui_types::messages: Received intent Intent { version: V0, chain_id: Testing, scope: TransactionData }

joyqvq avatar Oct 06 '22 19:10 joyqvq

💳 Wallet Extension has been built, you can download the packaged extension here: https://github.com/MystenLabs/sui/actions/runs/3393468248#artifacts

github-actions[bot] avatar Oct 07 '22 16:10 github-actions[bot]

⚠️ 🦋 Changesets Warning: This PR has changes to public npm packages, but does not contain a changeset. You can create a changeset easily by running pnpm changeset, and following the prompts. If your change does not need a changeset (e.g. a documentation-only change), you can ignore this message. This warning will be removed when a changeset is added to this pull request.

Learn more about Changesets.

github-actions[bot] avatar Nov 28 '22 20:11 github-actions[bot]

will open a new diff since things had changed quite a bit since last PR

joyqvq avatar Nov 28 '22 21:11 joyqvq