init: eip-712 support (#2385)

# Goal
The goal of this PR is to allow encoding and verification of EIP-712
signatures for our custom signed payloads.
Related to #2278 

# Discussion
- The frontend side of these changes will be implemented in #2281 
- I didn't know which chain ID to use so used the test chainID for
pallet revive. We need to set these once we figure out those values.

# Checklist
- [x] Unit Tests added?
- [x] e2e Tests added?
- [x] Spec version incremented?

Author: aramikm

Cargo.lock

@@ -31,6 +31,7 @@ sp-externalities = { workspace = true }
 sp-runtime-interface = { workspace = true }
 libsecp256k1 = { workspace = true, features = ["hmac"] }
 log = "0.4.22"
+lazy_static = { workspace = true }
 
 [features]
 default = ['std']

common/primitives/Cargo.toml

@@ -8,7 +8,12 @@ use scale_info::TypeInfo;
 use serde::{Deserialize, Serialize};
 use sp_core::ConstU32;
 extern crate alloc;
-use alloc::vec::Vec;
+use crate::{
+	node::EIP712Encode, signatures::get_eip712_encoding_prefix, utils::to_abi_compatible_number,
+};
+use alloc::{boxed::Box, vec::Vec};
+use lazy_static::lazy_static;
+use sp_core::U256;
 
 /// The minimum base and canonical handle (not including suffix or delimiter) length in characters
 pub const HANDLE_CHARS_MIN: u32 = 3;
@@ -58,6 +63,31 @@ impl<BlockNumber> ClaimHandlePayload<BlockNumber> {
 	}
 }
 
+impl<BlockNumber> EIP712Encode for ClaimHandlePayload<BlockNumber>
+where
+	BlockNumber: Into<U256> + TryFrom<U256> + Copy,
+{
+	fn encode_eip_712(&self) -> Box<[u8]> {
+		lazy_static! {
+			// get prefix and domain separator
+			static ref PREFIX_DOMAIN_SEPARATOR: Box<[u8]> =
+				get_eip712_encoding_prefix("0xcccccccccccccccccccccccccccccccccccccccc");
+
+			// signed payload
+			static ref MAIN_TYPE_HASH: [u8; 32] =
+				sp_io::hashing::keccak_256(b"ClaimHandlePayload(string handle,uint32 expiration)");
+		}
+		let coded_handle = sp_io::hashing::keccak_256(self.base_handle.as_ref());
+		let expiration: U256 = self.expiration.into();
+		let coded_expiration = to_abi_compatible_number(expiration.as_u128());
+		let message = sp_io::hashing::keccak_256(
+			&[MAIN_TYPE_HASH.as_slice(), &coded_handle, &coded_expiration].concat(),
+		);
+		let combined = [PREFIX_DOMAIN_SEPARATOR.as_ref(), &message].concat();
+		combined.into_boxed_slice()
+	}
+}
+
 /// RPC Response form for a Handle
 #[cfg_attr(feature = "std", derive(Serialize, Deserialize))]
 #[derive(Clone, Encode, Decode, PartialEq, Debug, TypeInfo, Eq)]

common/primitives/src/handles.rs

@@ -68,3 +68,9 @@ pub trait UtilityProvider<Origin, RuntimeCall> {
 	/// Passthrough into the Utility::batch_all call
 	fn batch_all(origin: Origin, calls: Vec<RuntimeCall>) -> DispatchResultWithPostInfo;
 }
+
+/// Trait that must be implemented to be able to encode the payload to eip-712 compatible signatures
+pub trait EIP712Encode {
+	/// encodes the type without hashing it
+	fn encode_eip_712(&self) -> Box<[u8]>;
+}

common/primitives/src/node.rs

@@ -5,8 +5,10 @@ use frame_support::{
 	__private::{codec, RuntimeDebug},
 	pallet_prelude::{Decode, Encode, MaxEncodedLen, TypeInfo},
 };
+use lazy_static::lazy_static;
 use parity_scale_codec::{alloc::string::ToString, DecodeWithMemTracking};
 use sp_core::{
+	bytes::from_hex,
 	crypto,
 	crypto::{AccountId32, FromEntropy},
 	ecdsa, ed25519,
@@ -19,6 +21,8 @@ use sp_runtime::{
 	MultiSignature,
 };
 extern crate alloc;
+use crate::{msa::H160, utils::to_abi_compatible_number};
+use alloc::boxed::Box;
 
 /// Ethereum message prefix eip-191
 const ETHEREUM_MESSAGE_PREFIX: &[u8; 26] = b"\x19Ethereum Signed Message:\n";
@@ -30,6 +34,9 @@ pub trait AccountAddressMapper<AccountId> {
 
 	/// mapping to bytes of a public key or an address
 	fn to_bytes32(public_key_or_address: &[u8]) -> [u8; 32];
+
+	/// reverses an accountId to it's 20 byte ethereum address
+	fn to_ethereum_address(account_id: AccountId) -> H160;
 }
 
 /// converting raw address bytes to 32 bytes Ethereum compatible addresses
@@ -79,6 +86,16 @@ impl AccountAddressMapper<AccountId32> for EthereumAddressMapper {
 		hashed[20..].fill(0xEE);
 		hashed
 	}
+
+	fn to_ethereum_address(account_id: AccountId32) -> H160 {
+		let mut eth_address = [0u8; 20];
+		if account_id.as_slice()[20..] == *[0xEE; 12].as_slice() {
+			eth_address[..].copy_from_slice(&account_id.as_slice()[0..20]);
+		} else {
+			log::error!("Incompatible ethereum account id is provided {:?}", account_id);
+		}
+		eth_address.into()
+	}
 }
 
 /// Signature verify that can work with any known signature types.
@@ -345,14 +362,57 @@ fn check_ethereum_signature<L: Lazy<[u8]>>(
 		return true
 	}
 
-	// signature of raw payload, compatible with polkadotJs signatures
+	// PolkadotJs raw payload signatures
+	// or Ethereum based EIP-712 compatible signatures
 	let hashed = sp_io::hashing::keccak_256(msg.get());
 	verify_signature(signature.as_ref(), &hashed, signer)
 }
 
+/// returns the ethereum encoded prefix and domain separator for EIP-712 signatures
+pub fn get_eip712_encoding_prefix(verifier_contract_address: &str) -> Box<[u8]> {
+	lazy_static! {
+		// domain separator
+		static ref DOMAIN_TYPE_HASH: [u8; 32] = sp_io::hashing::keccak_256(
+			b"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)",
+		);
+
+		static ref DOMAIN_NAME: [u8; 32] = sp_io::hashing::keccak_256(b"Frequency");
+		static ref DOMAIN_VERSION: [u8; 32] = sp_io::hashing::keccak_256(b"1");
+		// TODO: USE correct chain ids for different networks
+		static ref CHAIN_ID: [u8; 32] = to_abi_compatible_number(420420420u32);
+	}
+	let verifier_contract: [u8; 20] = from_hex(verifier_contract_address)
+		.unwrap_or_default()
+		.try_into()
+		.unwrap_or_default();
+
+	// eip-712 prefix 0x1901
+	let eip_712_prefix = [25, 1];
+
+	let mut zero_prefixed_verifier_contract = [0u8; 32];
+	zero_prefixed_verifier_contract[12..].copy_from_slice(&verifier_contract);
+
+	let domain_separator = sp_io::hashing::keccak_256(
+		&[
+			DOMAIN_TYPE_HASH.as_slice(),
+			DOMAIN_NAME.as_slice(),
+			DOMAIN_VERSION.as_slice(),
+			CHAIN_ID.as_slice(),
+			&zero_prefixed_verifier_contract,
+		]
+		.concat(),
+	);
+	let combined = [eip_712_prefix.as_slice(), domain_separator.as_slice()].concat();
+	combined.into_boxed_slice()
+}
+
 #[cfg(test)]
 mod tests {
-	use crate::signatures::{UnifiedSignature, UnifiedSigner};
+	use crate::{
+		handles::ClaimHandlePayload,
+		node::EIP712Encode,
+		signatures::{UnifiedSignature, UnifiedSigner},
+	};
 	use impl_serde::serialize::from_hex;
 	use sp_core::{ecdsa, Pair};
 	use sp_runtime::{
@@ -411,6 +471,29 @@ mod tests {
 		assert!(unified_signature.verify(&payload[..], &unified_signer.into_account()));
 	}
 
+	#[test]
+	fn ethereum_eip712_signatures_for_claim_handle_payload_should_work() {
+		let payload = ClaimHandlePayload { base_handle: b"Alice".to_vec(), expiration: 100u32 };
+		let encoded_payload = payload.encode_eip_712();
+
+		// following signature is generated via Metamask using the same input to check compatibility
+		let signature_raw = from_hex("0x832d1f6870118f5fc6e3cc314152b87dc452bd607581f16b1e39142b553260f8397e80c9f7733aecf1bd46d4e84ad333c648e387b069fa93b4b1ca4fa0fd406b1c").expect("Should convert");
+		let unified_signature = UnifiedSignature::from(ecdsa::Signature::from_raw(
+			signature_raw.try_into().expect("should convert"),
+		));
+
+		// Non-compressed public key associated with the keypair used in Metamask
+		// 0x509540919faacf9ab52146c9aa40db68172d83777250b28e4679176e49ccdd9fa213197dc0666e85529d6c9dda579c1295d61c417f01505765481e89a4016f02
+		let public_key = ecdsa::Public::from_raw(
+			from_hex("0x02509540919faacf9ab52146c9aa40db68172d83777250b28e4679176e49ccdd9f")
+				.expect("should convert")
+				.try_into()
+				.expect("invalid size"),
+		);
+		let unified_signer = UnifiedSigner::from(public_key);
+		assert!(unified_signature.verify(&encoded_payload[..], &unified_signer.into_account()));
+	}
+
 	#[test]
 	fn ethereum_invalid_signatures_should_fail() {
 		let payload = from_hex("0x0a0300e659a7a1628cdd93febc04a4e0646ea20e9f5f0ce097d9a05290d4a9e054df4e028c7d0a3500000000830000000100000026c1147602cf6557f4e0068a78cd4b22b6f6b03e106d05618cde8537e4ffe4548de1bcb12a1d42e58b218a7abb03cb629111625cf3449640d837c5aa98b87d8e00").expect("Should convert");
@@ -437,13 +520,15 @@ mod tests {
 		// act
 		let account_id = EthereumAddressMapper::to_account_id(&eth);
 		let bytes = EthereumAddressMapper::to_bytes32(&eth);
+		let reversed = EthereumAddressMapper::to_ethereum_address(account_id.clone());
 
 		// assert
 		let expected_address =
 			from_hex("0x1111111111111111111111111111111111111111eeeeeeeeeeeeeeeeeeeeeeee")
 				.expect("should be hex");
 		assert_eq!(account_id, AccountId32::new(expected_address.clone().try_into().unwrap()));
 		assert_eq!(bytes.to_vec(), expected_address);
+		assert_eq!(reversed.0.to_vec(), eth);
 	}
 
 	#[test]

common/primitives/src/signatures.rs

@@ -32,6 +32,17 @@ pub fn get_chain_type_by_genesis_hash(genesis_hash: &[u8]) -> DetectedChainType
 		_ => DetectedChainType::Unknown,
 	}
 }
+
+/// Generic function for converting any unsigned integer to a 32-byte array compatible with ETH abi
+pub fn to_abi_compatible_number<T: Into<u128>>(value: T) -> [u8; 32] {
+	let value_u128: u128 = value.into();
+	let bytes = value_u128.to_be_bytes();
+	let start_idx = 32 - bytes.len();
+	let mut result = [0u8; 32];
+	result[start_idx..].copy_from_slice(&bytes);
+	result
+}
+
 /// Handle serializing and deserializing from `Vec<u8>` to hexadecimal
 #[cfg(feature = "std")]
 pub mod as_hex {
@@ -146,6 +157,7 @@ mod tests {
 	use parity_scale_codec::{Decode, Encode};
 	use scale_info::TypeInfo;
 	use serde::{Deserialize, Serialize};
+	use sp_core::U256;
 
 	#[cfg_attr(feature = "std", derive(Serialize, Deserialize))]
 	#[derive(Default, Clone, Encode, Decode, PartialEq, Debug, TypeInfo, Eq)]
@@ -297,4 +309,52 @@ mod tests {
 		// assert
 		assert_eq!(detected, DetectedChainType::FrequencyPaseoTestNet);
 	}
+
+	#[test]
+	fn abi_compatible_number_should_work_with_different_types() {
+		// For u8
+		let u8_val: u8 = 42;
+		let coded_u8_val = to_abi_compatible_number(u8_val);
+		let u8_val: U256 = u8_val.into();
+		assert_eq!(
+			coded_u8_val.to_vec(),
+			sp_core::bytes::from_hex(&format!("0x{:064x}", u8_val)).unwrap()
+		);
+
+		// For u16
+		let u16_val: u16 = 12345;
+		let coded_u16_val = to_abi_compatible_number(u16_val);
+		let u16_val: U256 = u16_val.into();
+		assert_eq!(
+			coded_u16_val.to_vec(),
+			sp_core::bytes::from_hex(&format!("0x{:064x}", u16_val)).unwrap()
+		);
+
+		// For u32
+		let u32_val: u32 = 305419896;
+		let coded_u32_val = to_abi_compatible_number(u32_val);
+		let u32_val: U256 = u32_val.into();
+		assert_eq!(
+			coded_u32_val.to_vec(),
+			sp_core::bytes::from_hex(&format!("0x{:064x}", u32_val)).unwrap()
+		);
+
+		// For u64
+		let u64_val: u64 = 1234567890123456789;
+		let coded_u64_val = to_abi_compatible_number(u64_val);
+		let u64_val: U256 = u64_val.into();
+		assert_eq!(
+			coded_u64_val.to_vec(),
+			sp_core::bytes::from_hex(&format!("0x{:064x}", u64_val)).unwrap()
+		);
+
+		// For u128
+		let u128_val: u128 = 340282366920938463463374607431768211455; // Max u128 value
+		let coded_u128_val = to_abi_compatible_number(u128_val);
+		let u128_val: U256 = u128_val.into();
+		assert_eq!(
+			coded_u128_val.to_vec(),
+			sp_core::bytes::from_hex(&format!("0x{:064x}", u128_val)).unwrap()
+		);
+	}
 }

common/primitives/src/utils.rs

@@ -19,8 +19,8 @@ describe('Balance transfer ethereum', function () {
     before(async function () {
       senderSr25519Keys = await createAndFundKeypair(fundingSource, 30n * DOLLARS);
       senderEthereumKeys = await createAndFundKeypair(fundingSource, 30n * DOLLARS, undefined, undefined, 'ethereum');
-      ethereumKeys = createKeys('another-key-1', 'ethereum');
-      ethereumKeys2 = createKeys('another-key-2', 'ethereum');
+      ethereumKeys = createKeys('balance-key-1', 'ethereum');
+      ethereumKeys2 = createKeys('balance-key-2', 'ethereum');
       sr25519Keys = createKeys('another-sr25519', 'sr25519');
     });
 

e2e/miscellaneous/balance.ethereum.test.ts

@@ -7,13 +7,15 @@ import {
   CENTS,
   signPayload,
   MultiSignatureType,
+  signEip712AddKeyData,
+  getEthereumKeyPairFromUnifiedAddress,
 } from '../scaffolding/helpers';
 import { KeyringPair } from '@polkadot/keyring/types';
 import { AddKeyData, ExtrinsicHelper } from '../scaffolding/extrinsicHelpers';
 import { u64 } from '@polkadot/types';
 import { Codec } from '@polkadot/types/types';
 import { getFundingSource } from '../scaffolding/funding';
-import { getUnifiedPublicKey } from '../scaffolding/ethereum';
+import { getUnifiedAddress, getUnifiedPublicKey } from '../scaffolding/ethereum';
 
 const maxU64 = 18_446_744_073_709_551_615n;
 const fundingSource = getFundingSource(import.meta.url);
@@ -118,5 +120,28 @@ describe('MSA Key management Ethereum', function () {
       // Cleanup
       await assert.doesNotReject(ExtrinsicHelper.deletePublicKey(keys, getUnifiedPublicKey(thirdKey)).signAndSend());
     });
+
+    it('should allow using eip-712 signatures to add a new key', async function () {
+      const thirdKey = createKeys('third-key', 'ethereum');
+      const newPayload = await generateAddKeyPayload({
+        ...defaultPayload,
+        newPublicKey: getUnifiedPublicKey(thirdKey),
+      });
+
+      ownerSig = await signEip712AddKeyData(
+        getEthereumKeyPairFromUnifiedAddress(getUnifiedAddress(secondaryKey)),
+        newPayload
+      );
+      newSig = await signEip712AddKeyData(
+        getEthereumKeyPairFromUnifiedAddress(getUnifiedAddress(thirdKey)),
+        newPayload
+      );
+      const op = ExtrinsicHelper.addPublicKeyToMsa(secondaryKey, ownerSig, newSig, newPayload);
+      const { target: event } = await op.fundAndSend(fundingSource);
+      assert.notEqual(event, undefined, 'should have added public key via eip-712');
+
+      // Cleanup
+      await assert.doesNotReject(ExtrinsicHelper.deletePublicKey(keys, getUnifiedPublicKey(thirdKey)).signAndSend());
+    });
   });
 });

e2e/msa/keyManagement.ethereum.test.ts

@@ -1,4 +1,3 @@
-/* eslint-disable mocha/no-skipped-tests */
 import '@frequency-chain/api-augment';
 import assert from 'assert';
 import { ExtrinsicHelper } from '../scaffolding/extrinsicHelpers';