nimiq · sisou · Sep 26, 2022 · Sep 26, 2022 · Sep 26, 2022 · Sep 26, 2022
diff --git a/.eslintignore b/.eslintignore
@@ -1,3 +1,4 @@
 *.min.*
 src/lib/bitcoin/BitcoinJS.js
 src/lib/polygon/OpenGSN.js
+src/lib/multisig/wasm/pkg
diff --git a/client/src/KeyguardClient.ts b/client/src/KeyguardClient.ts
@@ -20,6 +20,7 @@ import {
     ReleaseKeyRequest,
     ResetPasswordRequest,
     SignTransactionRequest,
+    SignMultisigTransactionRequest,
     SignMessageRequest,
     SimpleRequest,
     IFrameRequest,
@@ -39,6 +40,7 @@ import {
     SignSwapRequest,
     SignSwapTransactionsRequest,
     SignSwapTransactionsResult,
+    ConnectRequest,
 } from './PublicRequest';
 
 import Observable from './Observable';
@@ -120,6 +122,10 @@ export class KeyguardClient {
         this._redirectRequest<SignTransactionRequest>(KeyguardCommand.SIGN_TRANSACTION, request);
     }
 
+    public signMultisigTransaction(request: SignMultisigTransactionRequest) {
+        this._redirectRequest<SignMultisigTransactionRequest>(KeyguardCommand.SIGN_MULTISIG_TRANSACTION, request);
+    }
+
     public deriveAddress(request: DeriveAddressRequest) {
         this._redirectRequest<DeriveAddressRequest>(KeyguardCommand.DERIVE_ADDRESS, request);
     }
@@ -148,6 +154,10 @@ export class KeyguardClient {
         this._redirectRequest<SignSwapRequest>(KeyguardCommand.SIGN_SWAP, request);
     }
 
+    public connectAccount(request: ConnectRequest) {
+        this._redirectRequest<ConnectRequest>(KeyguardCommand.CONNECT_ACCOUNT, request);
+    }
+
     /* IFRAME REQUESTS */
 
     public async list(): Promise<ListResult> {

diff --git a/client/src/KeyguardCommand.ts b/client/src/KeyguardCommand.ts
@@ -5,7 +5,9 @@ export enum KeyguardCommand {
     EXPORT = 'export',
     CHANGE_PASSWORD = 'change-password',
     SIGN_TRANSACTION = 'sign-transaction',
+    SIGN_MULTISIG_TRANSACTION = 'sign-multisig-transaction',
     SIGN_MESSAGE = 'sign-message',
+    CONNECT_ACCOUNT = 'connect',
     DERIVE_ADDRESS = 'derive-address',
 
     // Bitcoin

diff --git a/client/src/PublicRequest.ts b/client/src/PublicRequest.ts
@@ -93,6 +93,7 @@ export type BitcoinTransactionInfo = {
 };
 
 export type SignTransactionRequestLayout = 'standard' | 'checkout' | 'cashlink';
+export type SignMultisigTransactionRequestLayout = 'standard';
 export type SignBtcTransactionRequestLayout = 'standard' | 'checkout';
 
 // Specific Requests
@@ -188,6 +189,42 @@ export type SignTransactionRequest
     | SignTransactionRequestCheckout
     | SignTransactionRequestCashlink;
 
+export type EncryptionKeyParams = {
+    kdf: string,
+    iterations: number,
+    keySize: number,
+};
+
+export type MultisigConfig = {
+    publicKeys: Uint8Array[],
+    numberOfSigners: number,
+    signerPublicKeys: Uint8Array[],
+    secret: {
+        aggregatedSecret: Uint8Array,
+    } | {
+        encryptedSecrets: Uint8Array[],
+        bScalar: Uint8Array,
+        keyParams: EncryptionKeyParams,
+    },
+    aggregatedCommitment: Uint8Array,
+    userName?: string,
+};
+
+export type SignMultisigTransactionRequestCommon = Transform<SignTransactionRequestCommon, 'keyLabel' | 'senderLabel', {
+    keyLabel: string, // Not optional
+    senderLabel: string, // Not optional
+}> & {
+    multisigConfig: MultisigConfig,
+};
+
+export type SignMultisigTransactionRequestStandard = SignMultisigTransactionRequestCommon & {
+    layout?: 'standard',
+    recipientLabel?: string,
+};
+
+export type SignMultisigTransactionRequest
+    = SignMultisigTransactionRequestStandard;
+
 export type SignBtcTransactionRequestStandard = SimpleRequest & BitcoinTransactionInfo & {
     layout?: 'standard',
 };
@@ -452,6 +489,24 @@ export type DerivePolygonAddressResult = {
     }>,
 };
 
+export type ConnectRequest = SimpleRequest & {
+    appLogoUrl: string,
+    permissions: KeyguardCommand[],
+    requestedKeyPaths: string[],
+    challenge: string,
+};
+
+export type ConnectResult = {
+    signatures: SignatureResult[],
+    encryptionKey: {
+        format: 'spki',
+        keyData: Uint8Array,
+        algorithm: { name: string, hash: string },
+        keyUsages: ['encrypt'],
+        keyParams: EncryptionKeyParams,
+    },
+};
+
 // Request unions
 
 export type RedirectRequest
@@ -461,9 +516,11 @@ export type RedirectRequest
     | ImportRequest
     | RemoveKeyRequest
     | SignMessageRequest
+    | ConnectRequest
     | SignTransactionRequest
     | SignBtcTransactionRequest
     | SignPolygonTransactionRequest
+    | SignMultisigTransactionRequest
     | SimpleRequest
     | DeriveBtcXPubRequest
     | DerivePolygonAddressRequest
@@ -502,6 +559,7 @@ export type KeyResult = SingleKeyResult[];
 export type ListResult = KeyInfoObject[];
 export type ListLegacyResult = LegacyKeyInfoObject[];
 export type SignTransactionResult = SignatureResult;
+export type SignMultisigTransactionResult = SignatureResult;
 export type SimpleResult = { success: boolean };
 export type SignedBitcoinTransaction = {
     transactionHash: string,
@@ -532,7 +590,10 @@ export type RedirectResult
     = DerivedAddress[]
     | ExportResult
     | KeyResult
+    | SignatureResult
+    | ConnectResult
     | SignTransactionResult
+    | SignMultisigTransactionResult
     | SignedBitcoinTransaction
     | SignedPolygonTransaction
     | SimpleResult
@@ -545,7 +606,10 @@ export type Result = RedirectResult | IFrameResult;
 // Derived Result types
 
 export type ResultType<T extends RedirectRequest> =
-    T extends Is<T, SignMessageRequest> | Is<T, SignTransactionRequest> ? SignatureResult :
+    T extends Is<T, SignMessageRequest> ? SignatureResult :
+    T extends Is<T, SignTransactionRequest> ? SignTransactionResult :
+    T extends Is<T, SignMultisigTransactionRequest> ? SignMultisigTransactionResult :
+    T extends Is<T, ConnectRequest> ? ConnectResult :
     T extends Is<T, DeriveAddressRequest> ? DerivedAddress[] :
     T extends Is<T, CreateRequest> | Is<T, ImportRequest> | Is<T, ResetPasswordRequest> ? KeyResult :
     T extends Is<T, ExportRequest> ? ExportResult :
@@ -558,7 +622,10 @@ export type ResultType<T extends RedirectRequest> =
     never;
 
 export type ResultByCommand<T extends KeyguardCommand> =
-    T extends KeyguardCommand.SIGN_MESSAGE | KeyguardCommand.SIGN_TRANSACTION ? SignatureResult :
+    T extends KeyguardCommand.SIGN_MESSAGE ? SignatureResult :
+    T extends KeyguardCommand.SIGN_TRANSACTION ? SignTransactionResult :
+    T extends KeyguardCommand.SIGN_MULTISIG_TRANSACTION ? SignMultisigTransactionResult :
+    T extends KeyguardCommand.CONNECT_ACCOUNT ? ConnectResult :
     T extends KeyguardCommand.DERIVE_ADDRESS ? DerivedAddress[] :
     T extends KeyguardCommand.CREATE | KeyguardCommand.IMPORT ? KeyResult :
     T extends KeyguardCommand.EXPORT ? ExportResult :

diff --git a/client/yarn.lock b/client/yarn.lock
@@ -327,21 +327,16 @@
   dependencies:
     "@types/node" "*"
 
-"@types/node@*":
-  version "10.7.1"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-10.7.1.tgz#b704d7c259aa40ee052eec678758a68d07132a2e"
-  integrity sha512-EGoI4ylB/lPOaqXqtzAyL8HcgOuCtH2hkEaLmkueOYufsTFWBn4VCvlCDC2HW8Q+9iF+QVC3sxjDKQYjHQeZ9w==
+"@types/node@*", "@types/node@^12.12.6", "@types/node@^12.6.1":
+  version "12.20.55"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.20.55.tgz#c329cbd434c42164f846b909bd6f85b5537f6240"
+  integrity sha512-J8xLz7q2OFulZ2cyGTLE1TbbZcjpno7FaN6zdJNrgAdrJ+DZzh/uFR6YrTb4C+nXakvud8Q4+rbhoIWlYQbUFQ==
 
 "@types/node@^10.3.2":
   version "10.17.60"
   resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.60.tgz#35f3d6213daed95da7f0f73e75bcc6980e90597b"
   integrity sha512-F0KIgDJfy2nA3zMLmWGKxcH2ZVEtCZXHHdOQs2gSaQ27+lNeEfGxzkIw90aXswATX7AZ33tahPbzy6KAfUreVw==
 
-"@types/node@^12.12.6", "@types/node@^12.6.1":
-  version "12.20.55"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.20.55.tgz#c329cbd434c42164f846b909bd6f85b5537f6240"
-  integrity sha512-J8xLz7q2OFulZ2cyGTLE1TbbZcjpno7FaN6zdJNrgAdrJ+DZzh/uFR6YrTb4C+nXakvud8Q4+rbhoIWlYQbUFQ==
-
 "@types/pbkdf2@^3.0.0":
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/@types/pbkdf2/-/pbkdf2-3.1.0.tgz#039a0e9b67da0cdc4ee5dab865caa6b267bb66b1"
@@ -1773,12 +1768,7 @@ inflight@^1.0.4:
     once "^1.3.0"
     wrappy "1"
 
-inherits@2:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
-  integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=
-
-inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4:
+inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==

diff --git a/demos/ConnectAccount.html b/demos/ConnectAccount.html
@@ -0,0 +1,119 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>SignTransaction | Keyguard Demo</title>
+    <link href="../src/nimiq-style.css" rel="stylesheet">
+    <script src="../node_modules/@nimiq/core-web/web-offline.js"></script>
+    <script src="../src/lib/KeyInfo.js"></script>
+    <script src="../src/lib/KeyStore.js"></script>
+    <script src="../node_modules/@nimiq/rpc/dist/rpc.umd.js"></script>
+
+    <style>
+        .row {
+            margin: 1rem 0;
+        }
+
+        label, input {
+            display: block;
+            margin: 5px;
+        }
+
+        #result {
+            max-width: 900px;
+            overflow-wrap: break-word;
+        }
+    </style>
+</head>
+<body>
+
+<form class="center">
+    <div class="row">
+        <label>Account to connect</label>
+        <select id="account"></select>
+    </div>
+
+    <div class="row">
+        <label>Challenge</label>
+		<input id="challenge" value="some random characters">
+    </div>
+
+    <div class="row">
+        <label>Permissions</label>
+		<label>
+			<input type="checkbox" id="permission-sign-multisig-transaction" checked> sign-multisig-transaction
+		</label>
+    </div>
+
+    <!-- <br><button id="redirect" type="button" class="small" disabled>Connect Account (redirect)</button> -->
+    <br><button id="popup" type="button" class="small">Connect Account (popup)</button>
+
+    <p id="result"></p>
+</form>
+
+<script>
+    const accountSelector = document.querySelector('#account');
+
+	async function loadAccounts() {
+		/** @type {KeyInfo[]} */
+		const keyInfos = await KeyStore.instance.list();
+		const dom = document.createDocumentFragment();
+		for (const keyInfo of keyInfos) {
+			const option = document.createElement('option');
+			option.value = keyInfo.id;
+			option.textContent = keyInfo.defaultAddress.toUserFriendlyAddress();
+			dom.appendChild(option);
+		}
+		accountSelector.appendChild(dom);
+	}
+	loadAccounts();
+
+    document.querySelector('button#popup').addEventListener('click', async () => {
+        connectAccountPopup(await generateRequest());
+    });
+
+    async function generateRequest() {
+        const keyId = accountSelector.value;
+        const challenge = document.querySelector('#challenge').value;
+		const permissions = ['sign-multisig-transaction']; // TODO
+
+        const request = {
+            appName: 'Nimiq Multisig',
+
+            keyId,
+            keyLabel: 'Some Account',
+
+            appLogoUrl: `${window.location.origin}/demos/multisig-logo.svg`,
+			permissions,
+            requestedKeyPaths: [`m/44'/242'/0'/0'`],
+			challenge,
+        };
+
+        return request;
+    }
+
+    // function connectAccountRedirect(txRequest) {
+    //     return client.connect(txRequest, RedirectRequestBehavior.withLocalState({ keyId: txRequest.keyId }));
+    // }
+
+    async function connectAccountPopup(txRequest) {
+        const keyguard = window.open('../src/request/connect/', 'ConnectAccount Demo',
+            `left=${window.innerWidth / 2 - 350},top=75,width=700,height=850,location=yes,dependent=yes`);
+        const rpc = new Rpc.PostMessageRpcClient(keyguard, '*');
+        await rpc.init();
+
+        try {
+            const result = await rpc.call('request', txRequest);
+            console.log('Keyguard result:', result);
+            document.querySelector('#result').textContent = 'TX signed: ' + JSON.stringify(result);
+        } catch (e) {
+            console.error('Keyguard error', e);
+            document.querySelector('#result').textContent = `Error: ${e.message || e}`;
+        }
+
+        keyguard.close();
+    }
+</script>
+
+</body>
+</html>