Skip to content
This repository was archived by the owner on Mar 16, 2023. It is now read-only.

Commit faf3c50

Browse files
author
Arnaud Schenk
committed
Merge branch 'develop' into feat-doc-examples
2 parents b0932b5 + b195855 commit faf3c50

147 files changed

Lines changed: 6708 additions & 2567 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

packages/aztec.js/src/signer/index.js

Lines changed: 34 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
* @module signer
66
*/
77

8+
import BN from 'bn.js';
89
import { constants, proofs } from '@aztec/dev-utils';
910

1011
import secp256k1 from '@aztec/secp256k1';
@@ -66,6 +67,19 @@ signer.generateDAIDomainParams = (chainId, verifyingContract) => {
6667
};
6768
};
6869

70+
signer.makeReplaySignature = (signatureToReplay) => {
71+
const [r, s, v] = signatureToReplay.slice(2).match(/.{1,64}/g);
72+
const secp256k1n = new BN('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', 16);
73+
const hex28 = new BN(28).toString(16);
74+
const hex27 = new BN(27).toString(16);
75+
76+
const flippedS = secp256k1n.sub(new BN(s, 16)).toString(16);
77+
const flippedV = v === '1b' ? padRight(hex28.slice(-2), 64) : padRight(hex27.slice(-2), 64);
78+
79+
const reconstructedSig = r + flippedS + flippedV;
80+
return `0x${reconstructedSig.slice(0, 130)}`;
81+
};
82+
6983
/**
7084
* Create an EIP712 ECDSA signature over an AZTEC note, suited for the confidentialApprove() method of a
7185
* ZkAsset. The ZkAsset.confidentialApprove() method must be called when granting note spending permission
@@ -85,7 +99,13 @@ signer.generateDAIDomainParams = (chainId, verifyingContract) => {
8599
* @param {string} privateKey the private key of message signer
86100
* @returns {string} ECDSA signature parameters [r, s, v], formatted as 32-byte wide hex-strings
87101
*/
88-
signer.signNoteForConfidentialApprove = (verifyingContract, noteHash, spender, spenderApproval, privateKey) => {
102+
signer.signNoteForConfidentialApprove = (verifyingContract, noteHash, spender, spenderApproval, privateKey, flip = false) => {
103+
if (verifyingContract === '0x7dd4e19395c47753370a7e20b3788546958b2ea6') {
104+
console.warn('The signature you are generating can be replayed once on this zkAsset');
105+
console.warn('To avoid unexpected behaviour, submit the signature returned by this function and');
106+
console.warn('the signature returned by signNoteForConfidentialApprove() with extra');
107+
console.warn('flag flip=true as the last parameter as two seperate calls to the zkAsset');
108+
}
89109
const domain = signer.generateZKAssetDomainParams(verifyingContract);
90110
const schema = constants.eip712.NOTE_SIGNATURE;
91111
const message = {
@@ -96,6 +116,9 @@ signer.signNoteForConfidentialApprove = (verifyingContract, noteHash, spender, s
96116

97117
const { unformattedSignature } = signer.signTypedData(domain, schema, message, privateKey);
98118
const signature = `0x${unformattedSignature.slice(0, 130)}`; // extract r, s, v (v is just 1 byte, 2 characters)
119+
if (flip) {
120+
return signer.makeReplaySignature(signature);
121+
}
99122
return signature;
100123
};
101124

@@ -115,7 +138,13 @@ signer.signNoteForConfidentialApprove = (verifyingContract, noteHash, spender, s
115138
* @param {string} privateKey the private key of message signer
116139
* @returns {string} ECDSA signature parameters [r, s, v], formatted as 32-byte wide hex-strings
117140
*/
118-
signer.signApprovalForProof = (verifyingContract, proofOutputs, spender, approval, privateKey) => {
141+
signer.signApprovalForProof = (verifyingContract, proofOutputs, spender, approval, privateKey, flip = false) => {
142+
if (verifyingContract === '0x7dd4e19395c47753370a7e20b3788546958b2ea6') {
143+
console.warn('The signature you are generating can be replayed once on this zkAsset');
144+
console.warn('To avoid unexpected behaviour, submit the signature returned by this function and');
145+
console.warn('the signature returned by signApprovalForProof() with extra flag flip=true as the last parameter');
146+
console.warn('as two seperate calls to the zkAsset');
147+
}
119148
const domain = signer.generateZKAssetDomainParams(verifyingContract);
120149
const schema = constants.eip712.PROOF_SIGNATURE;
121150
const proofHash = keccak256(proofOutputs);
@@ -127,6 +156,9 @@ signer.signApprovalForProof = (verifyingContract, proofOutputs, spender, approva
127156
};
128157
const { unformattedSignature } = signer.signTypedData(domain, schema, message, privateKey);
129158
const signature = `0x${unformattedSignature.slice(0, 130)}`; // extract r, s, v (v is just 1 byte, 2 characters)
159+
if (flip) {
160+
return signer.makeReplaySignature(signature);
161+
}
130162
return signature;
131163
};
132164

packages/contract-addresses/addresses/mainnet.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
"ACEOwner": "0x19B8328F54017a6fA3A277209B7b6C5d2B50A4A2",
44
"AccountRegistryManager": "0x42385ccb559aad2c081f73c59fb60a8248170a3e",
55
"Behaviour20200106": "0x1C044Eb4B03DF7f25B02a167153262449eFb8FcE",
6-
"Beahviour20200207": "0x11737D20157094151e6618d189c9d66FEE8Ed442",
6+
"Behaviour20200207": "0x11737D20157094151e6618d189c9d66FEE8Ed442",
77
"Behaviour20200220": "0x79833c21AEb0aE917a40a00d48Cd6Ca1939C3A9d",
88
"Dividend": "0xDB6f50CF0C521a98b6852839aa5CBea4E2430052",
99
"FactoryBase201907": "0xd2e3277C8115ABe2F654555c07a1f405525c40d5",

0 commit comments

Comments
 (0)